RoyKpatdk-lap: I know, and it's not easily configurable, and it's not globally configurable00:07
RoyKseems to me either lucid has some stone age version of pastebinit, or it should be fixed up a bit00:08
patdk-laphmm, lucid normally does00:09
patdk-lapif work lets up some, I need to submit a crapload of bug reports00:09
patdk-lapfor things like that00:10
patdk-lapmytop needs a small patch to make it mysql 5.0+ compatable00:10
patdk-lapand other things like that00:10
patdk-laphave them all pushed out to my ppa00:10
patdk-lapso all patches are already in place, just need to track it all down and submit them00:10
RoyKseems a lot has happened between pastebinit 1.1 and 1.2, and that 1.0 perhaps should have been named 0.1 :P00:18
=== jtgh is now known as jh8i
=== jason is now known as Guest62563
arooni-mobileonce i set up a /etc/init.d script; how do i give it "life" i.e.. make it so it gets run on every startUP?03:18
=== jrwr is now known as jrwr|offline
smwarooni-mobile, I like to use sys-rc-conf03:32
=== jason is now known as Guest38588
=== Guest38588 is now known as jasef
philipballew_How hard would it be to set up a vpn server through ssh remotely?06:23
=== jason is now known as Guest19072
=== lenios__ is now known as lenios_
args[0]I just installed darkstat on my ubuntu VPS, this is my first time using it.. read on some forums that this daemon saves charts and data on web pages and can be accessed by localhost:666 , how can i access it if im not on the system and using it as VPS? myIP:666 doesn't work. thanks07:28
greppyargs[0]: you could setup an ssh port forward to see it.07:43
=== jason is now known as Guest74183
=== smb` is now known as smb
kklimondaphilipballew: hmm, it should be doable but rather risky08:18
=== mendel__ is now known as mendel_
sattu94Hi, I am trying to install Ubuntu 10.04 LTS Server to on a virtual RAID1 drive created using two 1TB HDDs. during the Installation when it tries to detect disks, it says that it has found some RAID devices, and asks if I want to activate them. After selecting 'Yes'. It Scans all the devices but only shows the 'sdc', which is the pendrive through which the installation is taking place. I dont see an option to partition the virtual RAID1 drive.09:05
sattu94It is an Intel Rack Server, SR26UR09:06
sattu94It is an Intel Rack Server, SR2600UR09:06
_rubenwhat is virtual raid1 .. you mean fakeraid or so? .. if so, i suggest disabling the raid features in the bios and use plain software raid09:19
sattu94_ruben: yea, i guess i'll do that.09:22
_rubensattu94: in most cases software raid will perform way better than fakeraid, and is better to manage as well09:23
sattu94_ruben: Thank You.09:25
alex88hi guys10:48
alex88i've a nfs where are stored some images to be processed, i want to have multiple machine that process these images, which can be scaled to increase the processing power, how should i implement the queue? i was thinking to use a mysql table with polling and use locks to prevent multiple istances work on same image10:48
Jeeves_Is it just me, or does upstart render /etc/init.d/networking useless12:02
Jeeves_A restart of the service does not deconfigure any interfaces12:02
Jeeves_It just runs ifup -a12:02
Jeeves_But no ifdown anywhere12:02
Jeeves_bug #89018912:10
uvirtbotLaunchpad bug 890189 in upstart "`restart networking` does not deconfigure an interface" [Undecided,New] https://launchpad.net/bugs/89018912:10
=== Guest74183 is now known as jasef
eagles0513875_hey guys i am having some issues trying to compile some source code for libreoffice12:46
eagles0513875_i get an error saying a cups dev file isn't installed when it is actually installed.12:46
eagles0513875_does anyone have any ideas what the issues might be12:47
nusclyeagles0513875_: a version mismatch between cups12:51
eagles0513875_nuscly: i don't think so as it seems others i have asked don't seem to have this issue12:54
nusclyeagles0513875_: perhaps it's a dependancies of cups12:55
=== smb` is now known as smb
eagles0513875_nuscly: the missing dev file that the source code is telling me I'm missing is installed12:56
nusclyeagles0513875_: find the code that detect the version to understand the problem12:58
eagles0513875_there isn't much code in this bash script :( to tell me what the issue is13:01
hallynSpamapS, what is the deal with this annoying /lib/init/failsafe.conf?13:10
Davieymorning hallyn o/13:10
hallynDaviey, hey13:10
hallynoh, i see what's going on.  i have a dummy br0 being defined, and failsafe.conf gets uppity about it not being on the net13:12
TREllisDaviey: o/13:27
Davieyhey TREllis13:27
DavieyTREllis: silly question, but is ifupdown-extra required?13:30
TREllisDaviey: er, required? don't think so. if so, epic fail as I don't have that installed13:30
TREllisifenslave was the only thing I grabbed13:31
DavieyTREllis: I have NFI, sorry.13:31
DavieyTREllis: The system boots, but you have no networking right?13:31
DavieyTREllis: if so, can you restart networking using serial console, and see if it works correctly?13:31
Daviey(and provide dmesg output?)13:32
TREllisDaviey: https://help.ubuntu.com/community/UbuntuBonding has no mention of ifupdown-extras, so don't think it's required13:32
TREllisDaviey: restarting has no affect, but starting the bonding manually works13:32
TREllisDaviey: I have hundreds of these " bonding: bond0: Warning: Found an uninitialized port" as mentioned in public bug lp#88942313:33
TREllisDaviey: but let me grab a proper dmesg13:33
DavieyTREllis: seen, bug 482419 ? I wonder if that regression has bene re-introduced13:35
uvirtbotLaunchpad bug 482419 in ifenslave-2.6 "802.3ad interface bonding fails if started too early" [Medium,Fix released] https://launchpad.net/bugs/48241913:35
DavieyTREllis: *certain* that restarting networking doesn't fix it?13:35
TREllisDaviey: yeah saw that, fix released tho?13:36
DavieyTREllis: yeah, wondered iof it had been re-introduced13:37
TREllisDaviey: ah ok13:37
TREllisDaviey: let me try some tests13:37
DavieyTREllis: did you see comment #69 btw?13:39
DavieyTREllis: yes, so the patch from that Fix Released has been dropped13:41
DavieyHowever, it does have a "early_setup_master" addition, which i guess should have mitigated it.13:42
DavieyTREllis: It would be interesting to see if moving setup_master, directly under add_master solves the issue.13:43
TREllisDaviey: confused now13:46
TREllisDaviey: early_setup_master is a interfaces file option?13:46
DavieyTREllis: no, sorry.. it's in a pre-up script.13:47
DavieyTREllis: hold fire, let me create a patch13:47
DavieyTREllis: $ wget http://pb.daviey.com/tt12/ -O - | sudo patch /etc/network/if-pre-up.d/ifenslave13:52
_rubeni ran into that very bug last week .. the only "reliable" workaround was doing it all "by hand", as in: up modprobe bonding... up ip link.. up ifenslave.. etc13:54
Daviey_ruben: on oneiric?13:54
zulgood morning13:56
_rubenDaviey: the patch you mentioned worked properly like once out of 10 reboots13:56
_rubenDaviey: what could've been playing a part in it was the fact that the 3 interfaces participating in the bond didn't have any link (staging setup)13:57
DavieyWell it seems to be known that it might not work properly with upstart. :/14:00
Daviey_ruben: TREllis is currently trying the Debian experimental current version on Oneiric14:00
Daviey(and i just prepaired that patch against Oneiric archive, doh.. hope it still applied.)14:01
uvirtbotNew bug: #890219 in apache2 (main) "suexec-custom is not working correctly: only reading the www-data user config file." [Undecided,New] https://launchpad.net/bugs/89021914:01
uvirtbotNew bug: #890230 in samba (main) "package winbind (not installed) failed to install/upgrade: il sottoprocesso vecchio script di pre-removal ha restituito lo stato di errore 128" [Undecided,New] https://launchpad.net/bugs/89023014:01
TREllisDaviey: I've got side tracked a bit, should be able to test it a little later :)14:03
DavieyTREllis: slacker. :)14:03
TREllisDaviey: lol14:03
DavieyTREllis: I bet you are busy watching The Return of Frank James.14:04
zuloh crap....i have a dead fish in the office14:05
jasefWait... is it a pet fish?14:06
jasefCause if so, not omnomnom14:06
* koolhead17 is awake finally14:13
jamespagemorning all14:18
irviehave to move my backup server to another room so i want to do any updates at this time so i only have to reboot it once14:20
irviealready did an apt-get update and upgrade14:20
irvieanything else i should check? i believe it's 10.04 server14:20
koolhead17irvie, sounds good. cat /etc/lsb-release will tell you about ubuntu server version you are uing :)14:30
irvieyep, 10.04.3 LTS14:36
irvieso now i can just shutdown and power it back upa nd everything shoudl be good14:36
irviehopefully :p14:37
irvie 10:04:09 up 245 days,  1:29,  2 users,  load average: 0.00, 0.00, 0.0014:37
irviehow can i see the link speed on my NIC?14:38
irvielolz RX bytes:9414931995665 (9.4 TB)  TX bytes:220667948142 (220.6 GB)14:38
_rubenirvie: depending on the driver, there might be some hints in the output of dmesg, ethtool should be able to tell it as well14:46
patdk-wkirvie, use ethtool or mii-diag14:49
patdk-wkhmm, mii-diag is reporting wrong results for me, but ethtool is correct14:51
uvirtbotNew bug: #453747 in samba "Wrong folder size on folder in smb shares" [Low,Triaged] https://launchpad.net/bugs/45374715:05
SpamapShallyn: /lib/init/failsafe.conf? Is that new in precise?15:32
SpamapShallyn: or you mean /etc/init/failsafe.conf ?15:33
hallynSpamapS: it's on oneiric15:33
hallynit was making my netbook wait 2 minutes at boot, just bc i had 'auto br0' in /etc/network/interfaces but no connection at boot15:33
hallynwell, it's not that simple, of course.  it's just the failsafe, so somethign else is waiting.  runlevel 2 is waitin gon a net connection?15:34
hallynSpamapS: you wrote it, at any rate :)15:34
SpamapShallyn: yes15:36
SpamapS/etc/init/failsafe.conf then, yes I wrote it and smoser and I put together the changes to /etc/network/if-up.d/upstart to make static-network-up work, which is what is waited on in rc-sysinit now15:37
SpamapShallyn: if you had read the release notes, you would have known that all 'auto' interfaces will be waited on :)15:37
irviekoolhead17, migration successful :]15:37
hallynSpamapS: that's assenine15:37
hallynSpamapS: there are auto devices that are not meant to be 'up'15:38
hallynor put another way,15:38
SpamapSthats what network manager is for15:38
hallynyou say 'up', but br0 was up - but plymouth couldn't ping15:38
hallynnetwork manager is not usable if you dont' use gnome15:38
hallynand some peopel don't15:38
SpamapSTo quote the occupy folks.. you are, the 1% ;)15:38
hallynSpamapS: i know it's solving a problem, and don't have a better solution, we don't need to discuss it right now :)15:39
SpamapSI have a solution for you 1%'ers for 12.0415:39
hallynSpamapS: but i'd like to talk about it sometime15:39
hallynhow will it solve it?15:39
SpamapSWe will create another group, auto-nowait15:39
hallyni'm happy with that solution15:39
hallynok.  i'll probably reinstall the netbookt from scratch (half lucid, half 12.04) so that's fine with me15:40
kirklandmorning folks15:40
hallynmorning kirkland15:40
SpamapSYou can work around it right now by just changing /etc/rc-sysinit to not wait for static-network-up15:40
hallynnice cloudy morning for ya?15:40
koolhead17irvie,  :D15:41
koolhead17lynxman, hellos15:41
hallynSpamapS: for now i worked around it by getting rid of the auto br0 :)  that was itself just a test af ew months ago anyway15:41
kirkland<Kiall> 18:00:27> ubuntu seems to be pushing byobu over tmux .. <-----  byobu is sort of a compliment, or enhancement layer on either screen or tmux15:41
=== matrix30001 is now known as Matrix
=== Matrix is now known as Matrix3000
kirklandKiall> 18:00:58> Kinda getting used to byobu .. Its enabled by default on all the EC2/UEC/Cloud images now...15:41
kirklandKiall: unfortunately, that's being removed in an SRU very soon15:42
SpamapShallyn: AHA!15:42
hallynkirkland: paul t. is giving me hope of an improved dvtm so i don't need byobu-tmux for the inside-a-screen splitting :)15:42
hallyn(see planet.u.c. from friday i think)15:43
SpamapSoi.. my sup index just went over 100,000 messages15:43
* SpamapS should delete more15:43
kirklandhallyn: heh, byobu/tmux couldn't hold your attention, huh?15:43
hallynSpamapS: 0 inbox :)15:43
SpamapSI have 0 inbox all the time!15:44
SpamapSsince in sup, you just "archive" what you don't want to deal with now. :)15:44
hallynkirkland: it's great for somet hings, but i prefer dvtm's tiling behavior15:44
kirklandhallyn: cool, i'm installing dvtm now15:44
SpamapSbut right now... having shunned email for 3.5 days.. I'm looking at 2000 inbox15:44
hallynbut it doesn't do backscrolling so i dont' use it all that much15:44
kirklandhallyn: does dvtm replace gnome-terminal, or byobu/tmux?15:45
hallynkirkland: uh what?  it doesn't replace anything, it enhacnes :)15:45
hallynkirkland: i use dvtm inside screen inside gnone-terminal or xterm or st15:45
hallyn(except i don't)15:46
kirklandhallyn: neat, i'll have to play with it15:46
hallynkirkland: you may hate it.  it depends on what you're used to i think.  But it's ideal behavior for me.15:46
zulDaviey: ping15:47
hallynkirkland: hae you ever used dwm?15:47
kirklandhallyn: nope15:47
hallynkirkland: cool then i'll be especially interested in what yout hink of dvtm :)15:48
zulDaviey: so python-passlib made it into the archive i think we should revist doing an SRU for keystone with the port change16:04
Davieyzul: \o/16:05
zulDaviey: so i take it you agree? :)16:06
Davieyzul: well if keystone doesn't currently work, changing the default port will not break systems16:06
zulDaviey: yeah that will make it easier16:06
=== mendel__ is now known as mendel_
zapotaha good network monitoring tool that shows realtime bandwidth stats per application16:29
zapotahdoes the server distro ship with one or which one do you recommend16:30
RoyKzapotah: dunno about any tool for that, but I guess you could configure munin to do it with some iptables tweaks16:34
RoyKzapotah: that'll be for incoming connections, though, dunno for outgoing, but I guess it should be possible16:35
zapotahhoping for an easy solution16:41
zapotahlike top for cpu and mem usage16:41
RoyKzapotah: network is a bit more tricky16:41
RoyKzapotah: try asking on #munin - someone has probably done that already16:44
just-a-visitorzapotah: There is iftop, but it is per-connection not per process.16:45
RoyKor iptraf16:46
just-a-visitorYes, that is what I was looking for... but still they are based on packets.16:47
RoyKjust-a-visitor: you can do stuff like iptables [...] --uid-owner to add counters per uid or gid, but I don't think there's an easy way to monitor network usage per process16:50
RoyKzapotah: nethogs, perhaps16:52
just-a-visitorRoyK: Cool, I did not know about it. Thanks!16:59
zapotahnethogs shows tcp only apparently17:02
zapotahid need to monitor mainly udp traffic17:02
RoyKjust-a-visitor: you might want to try to build 0.8.0 from source - http://sourceforge.net/projects/nethogs/files/17:08
RoyKzapotah: sorry, that was for you ^^17:08
just-a-visitorRoyK: Btw, I am also looking at it right now. :)17:09
hallynstgraber: gah, something went wonky with the last lxc push, bc my branch stacked on the precise udd branch now won't fetch17:14
zapotahill have to look at this later... so tired after 48hrs and no sleep x.x17:25
zapotahnot making any progress17:25
DavieySpamapS: Your cobbler branch, are you uploading that to precise soonly?17:33
Davieyrbasak has based a branch on yours, that would be good to co-upload.17:33
SpamapSmy branch?17:49
SpamapSDaviey: refresh my memory, its been eons :p17:50
DavieySpamapS: ^^17:51
DavieySpamapS: Do you want to rebase your branch to current precise, and review + sponsor rbasak's changes at the same time?18:03
Davieyit seems to be an entire security upload, so i guess we should see about prepairing a -security upload aswell.18:04
Daviey(for oneiric)18:05
Davieyzul: Are you planning a cobbler new upstream version upload soonly?18:08
zulDaviey: yeah18:09
zul2.2.2 is suppose to be out soon18:09
Davieyzul: When are you planning a snapshot?18:09
zulmy arm can be twisted for tomorrow18:09
SpamapSDaviey: indeed.. ugh.. ok, just now finishing with the monday morning flood of email.. will look at this next.18:09
SpamapSrbasak: where are your proposed cobbler changes?18:09
Davieyzul: well can you talk to SpamapS and rbasak, about if they should base their branch on current or tommorrow's18:10
rbasakSpamapS: https://code.launchpad.net/~racb/ubuntu/oneiric/cobbler/858878_858883/+merge/8199618:10
SpamapSAwesome sauce would be if zul just pulled in my changes and rbasak's changes ;)18:10
zulyes that would be awesome :)18:11
zulSpamapS:  where are your changes18:11
Davieyzul: see rbasak's branch, it includes SpamapS..  (but needs rebasing.)18:11
zulSpamapS: nm found it18:11
zulSpamapS: we should probably do an SRU as well18:12
Davieyzul: rbasak & SpamapS's changes are all -security.18:12
SpamapSargh.. 2 hours of inbox clearing has produced 96 more threads to deal with18:12
zulDaviey: ah good...the csrf stuff should already made it in18:12
DavieySpamapS: You need something like, http://pastebin.com/ALiL1ksn on your Maildir.18:13
DavieyI find it makes my mail processing much faster18:13
patdk-wkpeople still use maildir?18:13
Davieypatdk-wk: what do you use?18:14
zulDaviey:  i have a secretary for processing email ;)18:14
lynxmanzul: what's her name?18:14
patdk-wkit's just hell to backup all the inodes maildir uses :(18:14
adam_gDaviey: lol18:14
zullynxman: big bertha18:15
Davieypatdk-wk: wait, you really think mdbox is more mainstream than *either* maildir or mbox?18:15
patdk-wkmainstream? no :)18:15
patdk-wkbut aren't you cutting edge? :)18:16
Davieypatdk-wk: no. :)18:16
rbasak"Note that with dbox the Index files actually contain significant data which is held nowhere else."18:17
Davieypatdk-wk: well i have 15857 inodes left.. so that'll last until the end of the week.18:17
rbasakSo why are they called Index files then?18:17
patdk-wkrbasak, cause they are kept in the path the index files where kept in before?18:18
Davieymail is one of the last tennents on one of my hardy xen servers that i really CBA to touch.18:19
patdk-wkI redo mine often, the last hardy xen guest I have to move though is mail also, exchange 2007 :(18:20
Daviey<-- courier18:21
patdk-wkI oviously use dovecot for most things :)18:21
patdk-wkhmm, 400megs of indexs, and 3gigs of email (compressed)18:22
patdk-wkthe indexs would only be about 100megs if it wasn't for the search databases18:22
Davieypatdk-wk: What do you use for searching mail?18:22
patdk-wkor you could use doveadm18:22
Igorui'm trying to compile a PHP extension, but it suddenly dies when the compiling process gets to line "config.status: executing libtool commands". any idea about how to track this problem? :(18:34
* mdeslaur is looking for someone to steal his puppet merge18:36
mdeslauroh, wait, it's a sync...forget it18:37
potatoeIs there a way to flag certain processes to be higher priority or lower priority when the system is swapping ? ( ie, process mysqld should never be swapped, process joe-bin should be swapped first when there is not enough memory )18:44
kyconquersI'm trying to stress test a few different configurations of mail servers, does anyone have any recommendations for good applications or libraries to use?18:46
Igorui'm trying to compile a PHP extension, but it suddenly dies when the compiling process gets to line "config.status: executing libtool commands". any idea about how to track this problem? :(18:59
Davieyadam_g: Do you want to discuss cobbler-enroll?19:30
* zul perks his ears up19:31
adam_gDaviey: sure19:33
Davieysmoser: here?19:33
Davieyadam_g, smoser, zul, roaksoax: Right..19:35
DavieyFat image vs (ab)using d-i19:35
Davieylets get this cracked out.19:35
zulim all ear19:35
zulears even19:35
kyconquersCan anyone recommend a library or application for stress testing an email server?19:36
Davieyadam_g, smoser, zul, roaksoax http://pad.ubuntu.com/OrchestraDiscoveryBloatedVsDI19:36
DavieyJust so the topic is clear, this will mean moving away from the DI cobbler-enlist we currently have, to something probably python based in a fat image19:37
Davieywho is mynameisjonas?19:38
DavieyUsing my own etherpad server allows me to ban people who annoy me :)19:40
smoserwhy would this thing be python?19:43
adam_gif all we're talking about is system hardware discovery and reporting (to cobbler?), we could accomplish that by 1, extending cobbler to store that data. 2, writing some shell to gather the info. 3, extending cobbler-enlist to post it19:45
adam_ghonestly, the facts that ship with facter related to this don't do anything that couldn't be rewritten in shell19:45
Davieyzul: ?19:47
zuldoesnt matter to me really python or something else19:48
Davieyzul: can you comment on, "   - (We will need to do that anyway) "19:48
zulDaviey: ah i mean we are going to have to add the security bits anyways19:48
Davieyzul: on the pad please :)19:50
ResistanceDaviey:  i'm curious why you posted the etherpad link if you want only specific people to read it :P19:51
smoserDATA LOSS!19:54
DavieyResistance: that is not the case, but i want those that are inputting data to identify themselves.19:54
Resistancei see.19:54
Davieysmoser: blame jamespage19:54
zulbut jamespage is awesome19:55
smosergood thing htat iddn't happen at UDS.19:55
jamespageDATA LOSS == 'User Error'19:55
smoserif this was written in go, it would have rocked.19:55
Davieyit's a feature, called garbage collection, right jamespage ?19:55
zulsmoser: hehe19:55
jamespage'User Error' == 'Smoser Error'19:55
ResistanceDaviey:  so i suppose that random users who want to lurk the data are kicked? ;P19:56
jamespageDaviey: well I guess most things smoser writes are garbage so you might be right :-)19:56
smoserthis is all quite true19:56
DavieyResistance: no.. not at all19:56
ResistanceDaviey:  so if I were interested in lurking the data, i wouldnt be kicked when i attempted to lurk?  ;P19:57
smoserjamespage, enable chat on etherhpad on ubuntu.com19:57
adam_gis the plan to extend cobbler to store the hw data we gather at first boot?19:57
zuladam_g: yes19:57
adam_gcan we add the pad what we plan on gathering and storing?19:58
DavieyResistance: no.19:58
adam_gOops! A server error occured. It's been logged.19:59
adam_gjamespage: ^ ?!19:59
zuladam_g:  i dont see why not19:59
smoserat least the error has been loged19:59
smoserwe may have lost all your data19:59
smoserbut we logged an error19:59
adam_gsmoser: you want to email support@etherpad.com or shall i ?19:59
DavieyResistance: although, i'm always apprehensive of those that hide their id.20:00
smoserdo you think they can restore the data ?20:00
jamespageI think that would be your best course of action20:00
ResistanceDaviey:  true.  Granted, my etherpad ID is still in there from UDS... shows up as Resistance (irc) or EvilResistance (irc)20:00
zuladam_g:  macaddr, cpu, cpu_core, arch, nics, mem, etc, etc20:00
Resistancebecause i remoted in for UDS :P20:00
DavieyResistance: were you at UDS?20:01
ResistanceDaviey:  no i remoted in20:01
adam_gzul: etc etc is what im interested in getting down. :) to see if theres antyhing we can't get from  /proc and /sys20:01
DavieyResistance: is this something which interests you?20:01
* Resistance wishes he was at UDS though20:01
ResistanceDaviey:  no, but i was just curious what you'd do ;P20:01
Resistanceand i agree with you, people hiding their IDs are evil20:02
Davieyadam_g: I think everything can be grokked from /proc, /sys or parsing dmesg20:02
zuladam_g: right....problem is we have to to take arm into account as well20:02
Davieyzul: arm exposes all 3 of those data entry points :)20:02
smoserDaviey, of course, its all easy.20:02
zulDaviey: not if we want to use dmi info ;)20:03
smoser i was actually just thinking that using /bin/sh seems like overkill to me for reading through /proc /sys and such.20:03
adam_gDaviey: zul if thats what we need to do, we can depend on some shell scripts to aggregate all of that information somewhere, and cobbler-enlist to post it back to orchestra20:03
smoseri was thinking i'd re-write a library of C functions like strlen and strdup and such20:03
smoserand then use that20:03
zuladam_g: yeah that sounds simple enought20:03
zulsmoser: bleah20:03
smoserit can't be that hard to re-invent things, can it?20:04
Davieysmoser: we don't have that many options, really.20:06
smoserso, reading data about the system from /proc /sys, "should" be easy20:07
adam_ghow about: shell to gather system information, dump it in a file or directory, preseeded cobbler-enlist runs with an option to read its arguments from that file, posts back the information thats there20:07
smoserthe fact is that things arent ever easy20:07
Davieysmoser: I'm not saying easy, but for the limited data we require.. not overly hard to do in shell.20:08
smoseryou will find that what you get is not consistent or complete across systems by different manufacturors20:08
smoserand then you'll start to account for those things20:08
smoserand then you'll realize that facter (or other tools) already did those things20:08
smoserand thats why they exist20:08
Davieysmoser: okay, i think we need to review the "other tools"20:09
smoserand then you'll decide that it wa20:09
Davieyfacter really can't be an option, due to being ruby - which we have in neither d-i env or too much to put in a fat image20:09
smoseri'm largely just guessing. it may be that the kernel magically makes everything easy20:10
smoserbut i really doubt it.20:10
Davieysmoser: well parsing text files is almost as bad as screenscraping, i see that20:10
adam_gquickly peaking at facter.. its designed to be portable among different OS's. but for its linux purposes, its just parsing the standard places (/proc/cpuinfo, /proc/meminfo, etc)20:10
Davieyit's not like i can say cpu = kernel.give-me-metric("cpu"), and get reliable output.20:11
smoserwell, you can parse all that garbage on the server side if you want20:11
smoserwhich  makes it easier20:11
DavieyThere is a python fork of facter, but that was less than clean20:11
Daviey(we don't have python in d-i env either)20:11
zulhdt-project.org but uses dmi info20:11
Davieysmoser: post a blob back, and parse it in python via cobbler?20:12
Davieyzul: we ruled out hdt for being the worst of both worlds, no?20:12
zulDaviey: yeah but do we really need dmi info20:12
Davieyzul: don't think so20:13
smoserthat is what i was suggesting, yes.20:13
zulthen i think it should be back on the table20:13
smoseressentially: tar -C /sys cvzf - . | post-to-cobbler20:13
Davieysmoser: well, we are modifying the api regardless.. so either way works for me20:13
Davieyit does seem somehow cleaner to post params, rather than a blob.. but shrug20:14
Davieyzul: but what advantage?20:14
zulDaviey: that it already parses the information already?20:14
Davieyzul: it gives us the worst of both worlds.20:15
DavieyIt's C, so speed of development is slower than Python.20:15
DavieyIt requires writes for tftp, so insecure.20:15
Davieywe could extend the fake cobbler tftpd service for this.20:15
Davieybut it seems we have neither the free enviroment of d-i, or the fat image benefits.20:16
adam_glooking at facter some more, theres no reason why its linux-specific (or ubuntu-specific) functionality couldnt be easily reproduced easily in shell. im interested in lookin at other solutions as well, but i suspect its all the same20:16
zulDaviey: gotcha20:17
Davieyadam_g: the python fork just parsed those files, looked hacky20:17
Davieysmoser: why do you feel posting back a blob is better than individual calls?20:18
Davieyand parsing in the client?20:18
adam_gDaviey: im not sure what other / better ways there are20:18
smoserwell if the client is d-i, then the parsing that stuff is just going to be more painful than it would be on the other side.20:20
smoserif collecting the data is simply just grabbing some directories, then just grab those, and parse on the server where you have some sane programming language.20:20
smoseryou may even be able to trick facter into thinking that it is looking at that data20:21
smoseror somehow otherwise hijack stuff.20:21
Davieyadam_g: I think it is the best way, but my memory of the python fork was done hacky.20:22
smoserwell, clearly, re-implementing it in sh is not going to be hacky!20:22
Davieysmoser: so, parsing in python will be safer than parsing in busybox shell, is your thought?20:22
adam_gi agree with smoser that parsing macaddr's out of 'ip addr list' is easier in python (or other)20:23
smoseri've parsed macaddrs out of ip addr before20:23
Davieyadam_g: the reason i wrote the mac address stuff in C was to avoid doing it in sh.20:24
DavieyThat is done.. so not a concern.. the other parts have similar concerns?20:24
adam_gDaviey: if we standardize on something (shell, python on the server-side, whatever) i'd like to use that for macaddrs (instead of ioctl) as well as everything20:25
DavieyI agree with that.20:25
DavieyI am leaning towards it being easier to grok this data in shell, than add a parser component to cobbler.20:26
zuloh hell yes20:26
zulim afraid of adding bloat to cobbler as well20:27
Davieysmoser: are you still leaning towards fat image vs d-i ab(using)?20:28
smoserhow would it be easier to grock this data in shell than add a parser compenent to cobbler?20:29
smoseryou're posting this somewhere20:30
smoserthe thing that takes the post can store the whole blob and then parse it in python20:30
smoserthe d-i abusing is really going to basically depend upon everything you want being available via /proc or /sys. anything more complex than that is going to get difficult.20:31
smoserie, like getting dmi, or some other bits.20:31
adam_gwhich is why we should create a definitive list of everything we need to gather, to see what is easily available and what is not20:33
adam_gzul: are you planning on upstreaming cobblers hw inventory stuff?20:35
Davieysmoser: grocking in shell is a standalone script, integrating this in cobbler will require more thought to make sure the workflow is followed20:35
Davieyzul has shown that adding simple single fields is pretty straightforward.20:35
smoserif you can add a simple single field20:36
smoserthen you add one that is "sysinfo-dump"20:37
smoseryou store in that a hex dump of what you got20:37
smoserthen you additionally populate whatever other fields you were going to add anyway20:37
zulits easy for a single field probably a bit more work to store the sysinfo-dump20:37
smoserits 1 field20:37
smoseris there something particularly difficult about the string s-y-s-i-n-f-o ?20:37
zulparsing the info and storing them on how cobbler stores them20:38
smosercobbler has some entry point to which "field" is posted.  you just handle that field (sysinfo-dump) by populating it and others.20:38
smoserbut maybe i'm missing something.20:38
zulsmoser: cobbler only has the ability to store a single field afaik20:39
smoser<Daviey> zul has shown that adding simple single fields is pretty straightforward20:39
zulsmoser: i dont think it has the ability to store large chunks of info20:39
smoseri'm only proposing adding a single field.20:40
smoseri dont really care.20:40
* adam_g lunch20:43
Davieyi walk away for 2 mins, and it falls apart :)20:45
Davieysmoser: are you suggesting that the sysinfo is stored as a blob long term, and cobbler internals parse it on demand.. or parse it when first posted back?20:46
smoseri was suggesting you store it long term just because there is no reason to throw it away20:46
smoserbut it would clearly not make sense to parse it on demand if it doesnt change20:46
Davieysmoser: so when object foo is called, if it = None, it parses it and inserts it?20:48
Davieysmoser: i missed your reply stating if you were still in the fat image, or d-i abusing camp.. did you comment?20:48
smoseri was just suggesting the time when it is posted back, you go thorugh and update all the dpenedent fields and store it.20:48
smoseri think that you're going to end up re-examining "fat image" either sooner or later.20:49
smoserbut i dont know which.20:49
smoseri think the first thin gyou should do is decide what you wan tto collect, as adam_g suggested.20:49
smoserif you can get all that from /proc and /sys then it makes sense for the moment to go with that.20:50
DavieySo... Disk quantity and size, number of cpu cores, memory, arch .. i'm not sure there is anything else we /need/ is there?20:55
smoseri dont knwo. people have mentioned dmi info.20:56
smoserwhat is the stated goal of this exercise ?20:56
smoserto be able to categorize a machine into some bucket similar to 'm1.small' 'm1.large' and the like ?20:57
Davieysmoser: So the data can be manipulated to make decisions how how to install the boxes.20:57
Davieysmoser: yeah, basically.20:57
Davieybut i don't think it can be abstracted so closely to ec2 style strings.20:57
smoserwell, fwiw, amount of disk is almost certainly insufficient for actually classifying stuff.20:57
smoseri'd suspect that you care more about the speed or reliability of disk than the size20:58
smoseror at least sometimes you do20:58
Davieysmoser: it's really for determining if the machine has lots of storage or not.20:58
Daviey10G vs 10TB. :)20:58
smoserbut thats almost certainly not enough informatoin20:58
smoserisn't it?20:58
Davieysmoser: I think it's /enough/ for 12.04.. agree?20:58
smoserwell, it depends.20:59
smosermaybe it is.20:59
smoserbut if my goal is to let juju take control and dynamically decide whihc is a node and which is a api server or volume server, it sprobably not enough info20:59
smoserwouldn't you need to know much more about what its connections are?21:00
smoseri guess that'd be hard to get anyway21:00
Davieysmoser: I think that is a >12.04 target really.21:01
zulit all depends on what info you want and how you store it21:01
Davieywell yes.21:01
Davieyroaksoax: Currently we have an admin user where we give out the creds freely.  What do you think about adding a user flag, which makes it so the user can only add/edit the same mac machine?21:05
Davieyperhaps the password for the user would be the mac address?21:05
roaksoaxDaviey: From my point of view cobbler's user password should be set on install21:34
roaksoaxDaviey: maybe orchestra can then handle the creation of another user21:34
roaksoaxDaviey: cause, the password for cobbler user is encrypted so it is not publicly available to anyone21:34
roaksoaxis it?21:34
Davieyroaksoax: yes, but for a remote enlistment service we need to give it away like free beer.21:44
Davieywhich, as you can understand, is less than cool21:44
roaksoaxDaviey: right, well cobbler has a feature on which you can add owners to certain stuff, i.e. add an owner for a system21:46
roaksoaxbut that system I believe has to be added first21:46
roaksoaxDaviey: now, when registering remotely, we need to provide admin/user password in order to, obviously, add a new system21:47
Davieyroaksoax: yes, but i was wondering about extending to have a user setting that only allows it to add/edit it's own mac addresses21:48
Davieynot entirely secure, but /better/ than what we have atm21:48
DavieyUnless you have a better plan?21:48
roaksoaxDaviey: afaik, you need the administrator user/pass (cobbler) to add systems, but you can have owners of the system that can only edit values within systems for example21:48
roaksoaxDaviey: from cobbler wiki: "If you want to control which users/groups can create objects, this will probably require modifying the python authz_ownership implementation slightly -- see the "Customization" section for more details. I am open to proposals on what this may require, though in general, it's important to remember the purpose of the ownership module is to help the users perform the tasks they need to do -- if they are being annoying an21:49
roaksoaxDaviey: https://fedorahosted.org/cobbler/wiki/AuthorizationWithOwnership21:49
roaksoaxDaviey: so what you are looking for is just an authentication module that allows adding systems only?21:51
Davieyroaksoax: are you following what i am saying?21:52
Davieyreally yes, a module that only allows adding/removing of their own system21:53
DavieyHaving 100000's of users isn't a good idea21:53
smoserDaviey, so above, i think that we should go forward with d-i scraping of /proc and /sys21:54
smoser * get a list of all the data we want to have21:54
roaksoaxDaviey: right, but if you add a user that can add/remove their own sytem, is having 1 user per syustem, which isn't good idea as you say21:54
smoser * start some little script to collect it21:54
smosermy leaning towards collecting a ton of info and saving it off to the server was because we're almost certain to throw away useful information when we grab it in /proc or /sys in shell21:55
smoserbut if we throw it all to the server it is at least there later for subsequent re-examination and improvement.21:55
Davieysmoser: it's probably harder for us to SRU the client component.21:56
=== skrewler_ is now known as skrewler
Daviey[Dmeaning overposting is /better/21:56
roaksoaxDaviey: i personally don't see the point of adding a user that can add/remove its own system cause that would mean 1 user per system21:57
Davieyroaksoax: I was wondering about a virtual user, where the password is the mac address or something?22:04
roaksoaxDaviey: but then it is a passwordless user then... cause... if it is gonna use its mac address (which cobbler does not know about), then it is the same as not authenticating at all22:11
lynxmanDaviey: roaksoax: smoser: hey guys, question for you, I have a broadcom USB 2.0 controller on a server and Oneiric doesn't detect any disks I connect to it (used to work in CentOS 5), doing lsusb shows the controller root hub being present, thoughts?22:17
roaksoaxlynxman: maybe there's no drivers for it22:18
roaksoaxbroadcoms were always a PITA22:18
lynxmanroaksoax: yeah it's confusing because it shows up both in lspci and lsusb22:19
roaksoaxlynxman: yeah that's it most likely... i have always find problems with broadcoms22:19
lynxmanroaksoax: darn :/22:20
roaksoaxDaviey: what probably makes more sense is to have a user that can only add/remove system but can't access anything else22:22
roaksoaxDaviey: i.e. orchestra user22:22
adam_groaksoax: currently, cobbler-enlist makes creates a new system and then modifies it (to set its mac, name, profile, etc) not sure what that means for access control22:22
roaksoaxadam_g: yeah basically cobbler has 2 modules, authentication, and authorization22:24
roaksoaxadam_g: by default we use authentication is based on users on a config file22:26
roaksoaxand authorization is all users have access to everything22:26
Davieywhere did lynxman go?!22:27
roaksoaxadam_g: there's another module on which allows the definition of owners/groups bu that's only to edit things22:28
roaksoaxsuch as systems22:28
lynxmanDaviey: here o/22:28
roaksoaxadam_g: now, if we wanted to create a user that can *only* add systems, then, we would need to write a new authorization module22:28
lynxmanDaviey: still trying to solve this usb thing :)22:28
Davieylynxman: dmesg | pastebinit , pls :)22:28
lynxmanDaviey: yessir22:28
lynxmanDaviey: http://paste.ubuntu.com/738683/22:30
lynxmanDaviey: http://paste.ubuntu.com/738684/22:30
Davieylynxman: hmm22:33
Davieynothing interesting22:33
lynxmanDaviey: yeah, no clues at all except the disks not being detected22:34
lynxmanDaviey: which is annoying, used to work in centos5, and those are my backups22:34
Davieylynxman: odd that ssh and apport exit non zero22:36
lynxmanDaviey: it was first boot, didn't reboot the machine again since its syncing glusterfs22:37
lynxmanDaviey: I should before going prod tomorrow...22:38
zulDaviey: nak on the macaddr passwd23:05
uvirtbotNew bug: #890465 in puppet (main) "init script should cleanup environment" [Undecided,New] https://launchpad.net/bugs/89046523:10
Davieyzul: negativity isn't that helpful, counter a suggestion with a better one :)23:15
zulDaviey: if i only had one :)23:15
roaksoaxDaviey: 1 user that can only add systems23:16
Davieyroaksoax: just add, or edit aswell?23:17
roaksoaxDaviey: add/edit/remove23:17
Davieyroaksoax: is that secure?23:17
roaksoaxDaviey: well we would have to write our own authorization module...23:18
roaksoaxDaviey: secure as in the user won't have access to anything else within cobbler but it is the same approach as using the cobbler user23:18
Davieyroaksoax: I'd like that to be a plan B... If we can come up with a better (secure) solution, i'd be overjoyed.23:24
roaksoaxDaviey: ok23:27
Davieyroaksoax: If we think what UEC did.. The central server published it's ssh public key (discovered via avahi)), which the node added as an authorized_key, allowing the server to ssh TO the client to $do-stuff.23:37
DavieyThis wasn't ideal, but more secure than what we currently have.23:37
kirklandjcastro: ping23:41
kirklandjcastro: i'm releasing a byobu with a feature you requested :-)  I thought you might like to test it out23:42
roaksoaxDaviey: right, in this case we have a slightly different escenario as we are doing things over the API and doing it autmoatically, or manually, they both require user/password authentication, which is, in turn same level of security on both cases (auto registration/manual registration)23:50
Davieyroaksoax: aye, but in the old scenario - a node couldn't fiddle with other nodes central registration.23:51
roaksoaxDaviey: right, but we can make this special user to only *add* systems and not allow it to edit/remove23:52
Davieyroaksoax: but as adam_g said, we add a base profile, then edit it.23:53
roaksoaxDaviey: right, but isn't it better to add the profile with all the required information?23:54
roaksoaxDaviey: cause, how will this work. Are we having a bloated image PXE booted?23:54
roaksoaxDaviey: cuase, from my point of view, the "registration" process should already provide all the details we want to gather23:56
roaksoaxand should do in one step23:56
roaksoaxwe can still have 1 user per system with password its mac address and as user its hostname23:57
roaksoaxbut even so, the admin will hve to add the system first, and then assign the ownership23:57
Davieyroaksoax: I might be mistaken, but i believe it has to be a multi-stage API process.23:58
roaksoaxDaviey: well I guess that will depend on how we are registering the system23:59
roaksoaxin the first place23:59
roaksoaxcaus eif we use a bloated image then we can just acess the API once23:59
roaksoaxand that;s it23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!