/srv/irclogs.ubuntu.com/2011/11/18/#ubuntu-server.txt

=== luciano_ is now known as ssh-ninja
Daviey	zul: So we need to add, log_host=,log_port= to the kernel command line for the default preseed.	00:03
zul	hallyn: running it now	00:03
zul	Daviey: why?	00:03
Daviey	zul: To add logging of the instal back to rsyslog.	00:04
zul	Daviey: okies	00:05
adam_g	roaksoax: ping	00:06
Daviey	zul / roaksoax: Does cobbler in precise work?	00:06
zul	i dont see why not....whats wrong?	00:07
adam_g	Daviey: ive just finished fixing packaging bugs enough to get all of orchestra installed, im about to test an all-precise setup	00:07
Daviey	adam_g: in the lab?	00:08
adam_g	zul: the last cobbler upload was broke	00:08
zul	adam_g: well crap..	00:08
adam_g	Daviey: no	00:08
Daviey	adam_g: Would it be a PITA for you to do that?	00:08
adam_g	zul: but it got fixed today bug #891527	00:09
uvirtbot	Launchpad bug 891527 in cobbler "cobblerd fails to start: NoSectionError" [High,Fix released] https://launchpad.net/bugs/891527	00:09
Daviey	I'd quite like to develop on that tomorrow, based on your setup :)	00:09
adam_g	Daviey: none of the fixes are uploaded yet	00:09
zul	adam_g: ah yeah	00:09
adam_g	roaksoax: i just pushed changes to lp:orchestra with fixes to get it going with squid3	00:10
Daviey	adam_g: \o/	00:10
adam_g	Daviey: squid3 is blocked until fix for bug #891445 is merged + uploaded	00:11
uvirtbot	Launchpad bug 891445 in squid3 "package squid3 3.1.15-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Confirmed] https://launchpad.net/bugs/891445	00:11
adam_g	Daviey: but yeah, i'd like to get it going in the lab asap	00:11
Daviey	adam_g: Are you likely going to be able to get it online before you finish for the day?	00:13
Daviey	I'd like to crack on tomorrow where you leave off, you see.	00:13
adam_g	Daviey: on which? the new lab ?	00:14
Daviey	adam_g: legacy	00:14
adam_g	Daviey: hmm thats all still on oneiric, i'd need to try to get the current orchestra setup dist-upgrade'd and all	00:15
Daviey	adam_g: If it's not viable, don't worry.	00:15
adam_g	Daviey: ill see what i can get going	00:16
Daviey	adam_g: Great, thanks	00:16
roaksoax	adam_g: i fixed the last cobbler ... at least the upload I did in the morning should have	00:16
roaksoax	adam_g: and ok, i'll review your changes and release new orchestra	00:17
roaksoax	jamespage: still around?	00:17
adam_g	roaksoax: yeah, cobbler fixed	00:17
roaksoax	adam_g: cool	00:21
roaksoax	rbasak: ping	00:21
roaksoax	adam_g: btw.. have you tried to pxe boot a pandaboard lately?	00:22
adam_g	roaksoax: me? no	00:22
bkerensa	so much talk of pandaboards.... I need to get one	00:22
Daviey	roaksoax: have concerns?	00:28
roaksoax	Daviey: yeah can't pxe boot oneiric	00:29
Daviey	!	00:29
Daviey	roaksoax: Is that a last minute regression?	00:29
roaksoax	Daviey: idk, I haven't tried to pxe boot, just did a clean cobbler install	00:30
roaksoax	don't really think its cobbler/tftp	00:30
roaksoax	but gonna have to check that first	00:30
roaksoax	rebooting	00:31
Daviey	roaksoax: Great!	00:31
Daviey	roaksoax: Okay, regarding our conversation yesterday.. I was going to make the default preseed include http://pb.daviey.com/NIao/ , which is default (ie, machines that cobbler doesn't yet know about)	00:32
Daviey	it seemed you disagreed that the default preseed was the correct location?	00:32
zul	hallyn: fails at "test_CVE_2010_2237_2238 (__main__.LibvirtTestCVEs)"	00:32
roaksoax	Daviey: false alarm, seemed to be something with the tftp server	00:35
Daviey	Oh good. :)	00:37
* roaksoax looks		00:39
roaksoax	Daviey: right	00:40
roaksoax	Daviey: so, if you set a default preseed, every distro you import, which creates a profile, wwill default to that preseed	00:40
roaksoax	Daviey: so whwat I was saying is that instead of using a defualt preseed we should use a default profile	00:41
zul	unless you change the source :)	00:41
Daviey	roaksoax: Hmm, currently the default one is a Ubuntu preseed anyway, right?	00:41
Daviey	to do an /install/	00:41
zul	Daviey: really that preseed should be in orchestra	00:41
Daviey	zul: cobbler-enlist isn't directly part of orchestra, but part of the default iso.	00:42
roaksoax	Daviey: so for example. 1. machine pxe boots. 2. doesn't find 01-<mac-address> cause there's no cobbler system added. 3. launches PXE Menu 4. runs default profile (which points to default preseed) 5. add's itself to cobbler system ....	00:42
Daviey	roaksoax: Okay, do you know where that needs to be added as a patch, or do i need to investigate?	00:43
roaksoax	Daviey: let me check	00:43
twb	Grr, why does slapd build-conflicts against icu	00:44
Daviey	build-conflicts?	00:44
Daviey	roaksoax / zul / smoser: Would one of you mind reviewing and uploading bug 874981.. i made a mistake in my last comment, the descriptions are correct. I am too tired to do so now.	00:45
uvirtbot	Launchpad bug 874981 in mcollective "Please merge/sync mcollective from debian wheezy" [High,Fix committed] https://launchpad.net/bugs/874981	00:45
roaksoax	Daviey: so we need to set the pxe_default_profile somewhere dont remember where exactly	00:48
Daviey	adam_g: have you touched cobbler-enlsit? If so, can you push to bzr.. tomorrow i plan to add auto hostname default of hostname based on mac address.. and would rather not rebase.	00:51
Daviey	roaksoax: I know where that is..	00:52
Daviey	one moment	00:52
roaksoax	Daviey: yeah it is in a pxe template	00:52
roaksoax	Daviey: but I think we need to add a system named "default"	00:52
Daviey	roaksoax: currently we are doing:	00:53
Daviey	# if no kickstart is specified to profile add, use this template	00:53
Daviey	-default_kickstart: /var/lib/cobbler/kickstarts/default.ks	00:53
Daviey	+default_kickstart: /var/lib/cobbler/kickstarts/ubuntu-server.preseed	00:53
roaksoax	Daviey: right and I think it should stay like that	00:53
roaksoax	Daviey: that's just a sample preseed that every imported distros (that creates a profile) should be pointing to	00:54
Daviey	roaksoax: Hmm, that isn't tftp:default file, is it?	00:54
adam_g	Daviey: the last change i made is still pending in MP	00:55
adam_g	https://code.launchpad.net/~gandelman-a/ubuntu/precise/cobbler-enlist/868492/+merge/80642	00:55
adam_g	before doing much else, i'd prefer to get that merged and come to consensus as to how the tools going to be used	00:55
Daviey	adam_g: I suck, will merge that tomorrow.	00:56
roaksoax	Daviey: but, when a machine tries to PXE boot, and there's no system added for that machine's MAC address. a PXE menu is provided. So we can default to a default profile	00:56
Daviey	roaksoax: Yeah, i don't think we want a menu, do we?	00:57
adam_g	Daviey: creating a hostname based of mac address perhaps shouldn't even be handled in cobbler-enlist, especially if we're going to be quering mac addr's outside cobbler-enlist, anyway. i think ti'd be better to generate the hostname elsewhere and pass it in as a parameter, perhaps via '-n / --name' which already exists	00:57
roaksoax	Daviey: that's why I'm saying it should default to a default profiule that points to your preseed file	00:57
Daviey	adam_g: http://pad.daviey.com/orchestra-boot , is what i captured from last night.. but that could ALLLLLL change.. (input welcome)	00:58
roaksoax	Daviey: ok	01:01
roaksoax	Daviey: so I did this:	01:01
roaksoax	Daviey: 1. created a profile that points to your preseed file for orchestra-boot	01:01
Daviey	adam_g: Where do you think the hostname should be generated? In Cobbler or on the node?	01:01
Daviey	using the first mac address seemed to make sense as a unique key, do you have another idea?	01:01
roaksoax	Daviey: 2. added a default system that uses the orchestra-boot-profile	01:01
Daviey	adam_g: Why does it make sense to move the mac address generation logic outside cobbler-enlist tool?	01:02
roaksoax	Daviey: 3. every time a system tries to PXE boot and does not find its 01-<NAC> in the tftp server, then it will use the default profile	01:02
roaksoax	Daviey: sudo cobbler system edit --name default --profile=orchestra-boot-profile && sudo cobbler sync	01:02
roaksoax	Daviey: is the hostname gonna be generated based on the MAC?	01:02
Daviey	roaksoax: What do we need to do to make that as part of the default install?	01:03
Daviey	roaksoax: That seemed to make sense, do you have other ideas?	01:03
adam_g	Daviey: because if we're going to be using another tool to gather details about the system, gathering the mac address will surely move outside of cobbler-enlist as well?	01:03
roaksoax	Daviey: no the mac usage for hostname generation is good, though, we cannot use it until after we already know the system within cobbler, which means after enlisting it	01:03
roaksoax	Daviey: and about the profile adding, we can just do that in postinst	01:04
Daviey	roaksoax: I was thinking BA:DD:CO:FF:EE -> "badcoffee" as the hostname	01:04
Daviey	adam_g: makes sense.	01:04
roaksoax	Daviey: yeah sounds reasonable	01:04
Daviey	roaksoax: Hmm, cobbler would not be generating the hostname - the node will do it and post home, as part of the enlistment	01:05
adam_g	Daviey: i think the more we can keep out of cobbler-enlist and passed in as input the better	01:05
roaksoax	Daviey: and I can make cobbler create the default profile that points to the orchestra-boot preseed, or I can make orchestra do that instead of cobbler	01:05
Daviey	adam_g: works for me	01:05
roaksoax	Daviey: better yet then, but I was thinking it in the way as it is with ec2 where it is the provider that assigns the hostname	01:05
roaksoax	Daviey: not the vm itself	01:05
Daviey	roaksoax: Where do you think it sits best?	01:06
roaksoax	Daviey: so I was thinking that maybe orchestra should assign a hostname	01:06
roaksoax	Daviey: presonally, I like it on the orchestra side cause we can do whatever we want there and just preseed it	01:06
roaksoax	Daviey: and we can easily modify	01:06
Daviey	roaksoax: Well the node knows the data, and cobbler/orchestra does not.. So it seems logical to generate it there and post it home.	01:06
roaksoax	Daviey: sure we can do it in either way	01:07
roaksoax	Daviey: as long as a system gets registered with hostname, mac, etc, etc and works with juju out of the box	01:07
roaksoax	it shouldn't really matter	01:07
Daviey	roaksoax: My thought was it's a preseed option "cobbler-enlist/auto-hostname true"	01:07
roaksoax	Daviey: sounds good	01:08
roaksoax	Daviey: though, in reality, administrators will wnat to name their systems	01:08
Daviey	(but you could also preseed cobbler-enlist/hostname string foobar)	01:08
Daviey	roaksoax: I'm not sure they'll care TBH.. I know most networks tend to have a naming scheme, but do people /really/ care?	01:09
roaksoax	Daviey: right, that's fine, but if you preseed, then how do we find out the hostnem for that particular system?>	01:09
Daviey	if it does the right thing out of the box, with cloud mentality and juju abstraction, it seems to be something we should worry about	01:09
Daviey	(note, people don't seem to care for setting hostnames in ec2)	01:10
twb	Daviey: because they forgot to set up /etc/hosts properly?	01:10
roaksoax	Daviey: right, but from the physical node point of view I believe it does care	01:10
roaksoax	Daviey: err they do care, because a naming system just come from the basic idea of inventory	01:11
roaksoax	Daviey: data center certification	01:11
roaksoax	Daviey: etc etc	01:11
roaksoax	Daviey: so I believe administrators tend to identify servers by their statically assigned hostname rather than a randomly generated one	01:11
dork	absolutely	01:12
roaksoax	i.e. all machines are named, tagged, under the inventory, etc etc	01:12
Daviey	roaksoax: Well yes, but what is the difference between calling servers after different types of plants and a random set of strings which is a mac address.	01:13
Daviey	We could default to dhcp assinged hostnames, but if unset - use the mac address?	01:13
roaksoax	Daviey: right, but the assignment of naming scheme comes way before the deployment	01:13
Daviey	This allows people to set the hostnames following a naming scheme if they want to, but fall back to mac address.	01:13
roaksoax	Daviey: you first design the data center, assign naming scheme, do the cable tagging, do the graphs, then you deploy the systems using the defined naming schemes	01:14
roaksoax	Daviey: that';s for both, machines and network devices	01:14
twb	Daviey: using something based on IP or mac is common, if you're an ISP	01:14
adam_g	hmph. cobbler on precise apparently cannot import oneiric or precise isos.	01:14
twb	like 4-3-2-1.stupid-domestic-customer.isp.net	01:14
roaksoax	twb: right, but that's for costumers, not for servers	01:15
dork	Daviey: as far as ISP like networks go the naming conventiion is super critical in resolving issues expeditiously	01:15
roaksoax	twb: servers have their own naming scheme	01:16
roaksoax	as well as routers/switches/etc	01:16
twb	roaksoax: but aren't they basically instances of an SOE	01:16
twb	roaksoax: they don't really have individual identity	01:16
Daviey	twb: heh	01:17
roaksoax	twb: in my experience, both servers and network devices are identified by a name in their design documents and that name is used as hostname	01:18
roaksoax	that's what I have seen	01:18
Daviey	So.. does defaulting to hostnames from dhcp, then falling back to macaddress based auto address make sense?	01:18
twb	I think in our prisons (where we force the SOE desktops to have names), the prison staff usually name them after their asset tracking number	01:18
twb	roaksoax: I thought we were talking EC2	01:19
Daviey	If people want to use their naming scheme, they can - by dhcpd'ing it	01:19
Daviey	twb: no, bare metal	01:19
twb	roaksoax: obviously for conventional servers, I agree with you	01:19
roaksoax	Daviey: right, dhcping it means that a cobbler system needs to know the hostname	01:19
roaksoax	twb: ;)	01:19
Daviey	roaksoax: depends if they are using the orchestra provided dhcpd or a legacy seperate one, right?	01:20
roaksoax	Daviey: right	01:20
Daviey	If they care that much about hostnames, they'd probably have a seperate dhcpd - right?	01:20
roaksoax	Daviey: but, IIRC we still need to know some information in cobbler (regardless of whether we are managing dhcp or not), since the hostname is passed to the kernel parameters	01:21
roaksoax	Daviey: we saw issues by not doing so	01:21
roaksoax	Daviey: so we fixed that, as it was a default behaviour	01:21
roaksoax	Daviey: and we also have to consider that juju addresses to the machines based on the hostname that is also the defined name of a system	01:23
twb	Just name each host in the /24 after the element number of the last octet	01:25
twb	e.g. unununium -> 1.2.3.111	01:25
Daviey	roaksoax: Erm. the minimal cobbler-enlist boot sends the hostname back to cobbler, this is either one THAT boot got back from dhcp or one generated from mac address	01:26
Daviey	if required, (which it should not be!), we can provide a null kernel param which is ignored on the enlistment boot	01:26
Daviey	twb: are you being serious? :)	01:26
twb	I tried that at work (as CNAMEs, not the canonical names)	01:27
adam_g	roaksoax: have you got a few min?	01:27
twb	But <boss> said it was not allowed because it was too hard to remember elements	01:27
roaksoax	Daviey: so if no hostname is obtained by dhcp, then one should be generated and sent back to cobbler	01:27
roaksoax	Daviey: then we should also provide a tool for adminsitrators to easily change the hostnames	01:27
twb	We only own a /24 so it would've fit neatly	01:27
roaksoax	Daviey: so they can provide a list of ip(or mac) with its matching hostname, and that should edit all the systems	01:28
roaksoax	adam_g: shoot	01:28
roaksoax	Daviey: but I thi nk is best if we discuss it further tomorrow as my brain doesn't wanna work anymore	01:28
roaksoax	:)	01:28
Daviey	roaksoax: it's 1:28 AM for me here.. my brain fell out of my ear some hours ago.	01:28
adam_g	roaksoax: im giving orchestra + cobbler a shot on precise, and importing oneiric and precise as distros seems to succeed, but nothing ends up in cobblers database. wondering if you knew of any recent changes that might affect that?	01:29
roaksoax	adam_g: what do you mean that nothing ends in cobbler databasE?	01:29
roaksoax	Daviey: he	01:30
roaksoax	heh	01:30
* Daviey EOF's the day.. Speak tomorrow chaps, have fun.		01:30
roaksoax	Daviey: have a good one	01:30
roaksoax	adam_g: as in no profile is availabel?	01:30
adam_g	roaksoax: as in, import returns 0 with no errors but 'cobbler distro list' shows nothing	01:31
adam_g	http://paste.ubuntu.com/741823/	01:31
roaksoax	adam_g: uuhmm interesting.. and yes... the change might be because we have a new cobbler in ubuntu that might be broken?	01:31
adam_g	lol	01:31
roaksoax	adam_g: cobbler import --name="oneiric-i386" --path=/mnt/oneiric --breed=ubuntu --os-version=oneiric<SPACE SHOULD GO HERE>--arch=i386	01:32
roaksoax	adam_g: TRy that again :)	01:32
roaksoax	adam_g: the log doesn't really import anything apparently	01:32
adam_g	roaksoax: bad paste, but same thing	01:32
roaksoax	adam_g: well I guess that new upstream release doesn't import :)	01:32
adam_g	orchestra-import-isos imports everything up until natty	01:32
adam_g	it does import, just not oneiric or precise	01:32
roaksoax	adam_g: ahhh then I know what the problem is	01:33
adam_g	roaksoax: see! thats why i asked you :)	01:33
roaksoax	adam_g: show /var/log/cobbler/cobbler.log	01:33
roaksoax	adam_g: or at least I presume what might be going wrong	01:33
adam_g	roaksoax: dah, ya.. oneiric and precise are missing from the list valid breeds	01:35
roaksoax	adam_g: yeah	01:35
roaksoax	adam_g: trying to fix that now	01:35
adam_g	roaksoax: cool thankya	01:35
adam_g	roaksoax: modules/manage_import_debian_ubuntu.py contains the two. im doing this on santol if you'd like to poke at it too	01:37
roaksoax	adam_g: modify /usr/share/pyshared/cobbler/codes.py and look for the line "ubuntu" and add the missing codes	01:40
roaksoax	adam_g: and stop/start cobbler	01:40
roaksoax	and should work	01:40
* Daviey raises his head.. adam_g / roaksoax: if you edit anything in-place on santol, can you document it please? (as in, editing files directly)		01:41
roaksoax	adam_g: fix uploaded	01:41
roaksoax	Daviey: go sleep geeez	01:41
roaksoax	Daviey: hehe no worries the fix is coming :)	01:42
Daviey	\o/	01:42
* roaksoax yay!! pandaboard operational!!!		01:42
adam_g	Daviey: im importing a bunch of debs manually to install while bug fixes are pending upload. id like to tear down and rebuild from scratch with everythig from the archive once its sorted	01:44
roaksoax	alright	01:44
roaksoax	im off	01:44
roaksoax	have a good one	01:44
roaksoax	adam_g: if you find any more bugs just pm me or file them and assign them to me	01:44
adam_g	roaksoax: thanks	01:45
adam_g	roaksoax: did orchestra get uploaded with those changes?	01:45
roaksoax	adam_g: not yet	01:46
roaksoax	will do early morning tomorrow	01:46
adam_g	thanks andres	01:47
hallyn	zul: is that the only fail you get? with a fresh precise install?	01:47
zul	not fresh install but yes thats the only fail i get...oh nm	01:48
zul	gimme a sec	01:48
hallyn	ok	01:49
zul	http://paste.ubuntu.com/741833/	01:49
hallyn	that looks more like mine	01:51
hallyn	feh i'll look again in the morning. i'm fed up :)	01:52
hallyn	zul: lemme know if you have any ideas	01:54
adam_g	Daviey: looks like the log_host, log_port already get set for all profiles imported via orchestra-import-isos, pointing to the orchestra server	02:26
roaksoax	adam_g yes they do	03:01
adam_g	roaksoax: any reasons off the top of your head why clients get a 404 when trying to grab their preseed?	03:01
adam_g	roaksoax: the default kickstart (ubuntu.preseed) gets assigned for all profiles and nodes and the file is there	03:02
roaksoax	adam_g uhmmm i eill.have.to check is tjat in the lab?	03:04
adam_g	roaksoax: that is, 404 from http://$orchestra_host/cblr/svc/op/ks/system/$client_host	03:05
adam_g	roaksoax: its in the lab, yeah but just confirmed the same here on VMs	03:05
roaksoax	adam_g: let me check	03:07
roaksoax	adam_g: what lab machine?	03:07
adam_g	roaksoax: santol is the orchestra server	03:07
adam_g	roaksoax: sapodilla is the last box booted with a 404 (its still sitting in the installer)	03:07
roaksoax	adam_g: there seems to be an error in the template	03:08
roaksoax	adam_g: is the logging server installed?	03:08
adam_g	roaksoax: i haven't installed it, only the prov. server	03:10
roaksoax	adam_g: good catch then	03:10
adam_g	roaksoax: which template?	03:10
roaksoax	adam_g: trying to figure it out	03:11
roaksoax	adam_g: the preseed that is using is orchestra.preseed	03:13
roaksoax	adam_g: and since the logging server the module is failing to open the orchestra-ca key	03:14
roaksoax	adam_g: I will fix that tomorrow	03:14
roaksoax	adam_g: but you should be able to deploy now	03:14
adam_g	roaksoax: what did you do? i'm doing the same here in VMs	03:14
roaksoax	adam_g: orchestra.preseed coment with ##$SNIPPET('orchestra_rsyslog_obtain_keys')	03:15
roaksoax	adam_g: use two ## to comment	03:15
adam_g	roaksoax: great, thanks	03:18
roaksoax	adam_g: i will fix that in orchestra tomorrow	03:19
RoAkSoAx	wtg	03:21
RoAkSoAx	wtf	03:21
=== RoAkSoAx is now known as roaksoax
=== roaksoax is now known as andreserl
=== andreserl is now known as roaksoax
roaksoax	adam_g: btw we will have to check that the changes you made to orchestra's squid conf won't break package installation	03:23
adam_g	roaksoax: installing right now with those changes in place	03:25
roaksoax	adam_g: cool	03:25
roaksoax	adam_g: anyways im off	03:25
roaksoax	just let me know if you find any other issue	03:25
roaksoax	ttl	03:26
adam_g	roaksoax: most of them are now handled internally automatically by squid3, and no longre needed, so it should be okay	03:26
adam_g	cya	03:26
twb	Ugh, anybody remember how to get a shell in an openvz guest	04:06
twb	I thought "vzctl enter" but can't see that	04:06
twb	vzctl exec 101 /bin/bash works but only as a dumb term	04:06
twb	UGH, "vzctl enter" is valid, it just isn't mentioned in --help	04:09
koolhead17	hi all	04:10
Zanzacar	I am trying to follow this tutorial http://ve3emb.wordpress.com/2010/10/03/d-link-dwa-125-on-linux-ubuntu-10-04/ but I can uncompress the .bz2 file does anyone have any recommendations?	04:33
Zanzacar	I tried using tar xvjf but that was making everything into one large file and not a directory of files which I thought was odd	04:34
twb	Zanzacar: are you on lucid?	04:39
Zanzacar	twb: No I am on 11.10	04:41
twb	Maybe follow a guide for that, then	04:41
twb	The driver's probably pre-installed in current releases	04:42
=== CrazyGir_ is now known as CrazyGir
ipl31	anyone have any experience with Orchestra and multi NIC servers?	07:23
_ruben	!feisty	08:38
ubottu	Ubuntu 7.04 (Feisty Fawn) was the sixth release of Ubuntu. End Of Life: October 19th, 2008. See !eol and !upgrade for more details.	08:38
koolhead17	_ruben, wa00	08:42
koolhead17	lynxman, hola	08:42
_ruben	koolhead17: was looking for the eol date, not running it myself or anything ;)	09:01
koolhead17	_ruben, I was kind of surprised :)	09:02
lynxman	koolhead17: hello :)	09:51
koolhead17	lynxman, i can just laugh at my foolishness!! Am yet to go home, slept in office last nyt. :D	09:53
koolhead17	but am happy to report few bugs and ask few questions as well :D	09:56
tero	how can I change eth2 to eth0 ?	12:09
patdk-lap	edit udev	12:12
patdk-lap	/etc/udev/rules.d/70-persistent-net.rules	12:13
tero	uuu thanx! :)	12:21
KHendrik	Good morning	12:21
tero	ok my home server is finnaly done :)	12:22
KHendrik	RoyK, I have one question for you I think I now understand why you prefer setting up an array on the whole drive instead of just a partition but why do you want to seperate Data and System and where do you draw the line for that	12:23
KHendrik	tero, nice what's your setup?	12:24
tero	KHendrik it is actualy funny	12:30
tero	I used and old laptop :D	12:30
tero	my friend give me an hp dv6000 laptop with broken screen	12:31
tero	and i mod it to be used as a server	12:31
tero	i even have 2 network cards (one pc-card) so it is used as a softare router	12:32
KHendrik	tero yeah thats kindof funny	12:33
Daviey	rbasak: Do you know what happend with bug 858878? It seemed zul uploaded one of your patches, but it's not clear to me if the other was also included/	12:36
uvirtbot	Launchpad bug 858878 in cobbler "lack of csrf protection in cobbler-web" [High,Triaged] https://launchpad.net/bugs/858878	12:36
Daviey	https://launchpad.net/ubuntu/precise/+source/cobbler/2.2.2-0ubuntu1	12:36
zul	it got applied upstream	12:37
Daviey	zul: fancy updating the bug then? :)	12:37
zul	sure lemme have breakfast first	12:37
zul	just woke up	12:37
Daviey	ah, cool :)	12:37
=== KHendrik is now known as KHendrik\|afk
zul	jdstrand: dont want to be a pain in the ass but can you review python-keystoneclient please	13:26
jdstrand	zul: this is going to require a security team audit, and I can assign it to myself, but it won't be completed today	13:28
zul	jdstrand: ok....why is it going to need a security team audit	13:29
hallyn	jdstrand, zul, qa_regression_testing is in fact bugged by some recent change in precise	13:29
hallyn	I redo the steps to create a testuser by hand, and then I can't connect to qemu:///session though I can to qemu:///system	13:29
jdstrand	zul: it is a deamon running on the network used for authentication	13:29
zul	jdstrand: afaik its just a client	13:29
hallyn	(I'll keep looking, just mentioning it in case it rings a bell)	13:30
jdstrand	that is a security sensitive piece of software	13:30
zul	jdstrand: ok	13:31
jdstrand	http://docs.openstack.org/diablo/openstack-identity/admin/content/what-is.html - there is a lot going on there	13:31
hallyn	hm, nm. i did that wrong.	13:31
zul	jdstrand: blah ok ;)	13:32
tero	em... I have an philosophical question :) what is the "corret" first username when you install ubuntu server since ubuntu does not have root?	13:33
tero	or what do you guys have?	13:33
jdstrand	hallyn: I recommend you use 'sudo ./test-libvirt.py setup-all'. you might logout and back in, but that shouldn't be necessary	13:33
ersi	tero: there is no 'correct' first username	13:39
ersi	Or well, it's the username of the admin	13:39
hallyn	AHA	13:44
hallyn	qemu without kvm is not working	13:45
pmatulis	tero: on a server i typically create user 'ubuntu' during the install, he will have superuser rights via the sudo command (by automatically being made a member of the 'admin' group)	14:05
raubvogel	Which user does subversion expects to be?	14:20
raubvogel	s/expects/expect/ I am getting coffee	14:20
zul	jdstrand: er...we might be getting keystone and python-keystoneclient mixed up, kestone is the one getting the MIR, python-keystoneclient is a new binary for universe (although it will be getting a MIR eventually)	14:26
hallyn	zul, jdstrand, Daviey: question on qemu-kvm. The new behavior (as of precise) is that if you want un-accelerated qemu, you have to add 'accel=tcg' to the machine specification. It has its advantages... do we want t oleave it like that, or patch around that?	14:29
hallyn	(it is the reason why qa-regression-testing of libvirt has been failing)	14:29
hallyn	if we patch around it, we'll be doing that forever	14:30
zul	what is the disadvantages/advantages of it	14:30
jamespage	roaksoax: around? I have a powernap question	14:31
hallyn	zul, advantage is that the people who ignore warnings about kvm not being configured right and then complain that kvm is slow, now get a harder (clearer) failure	14:31
hallyn	zul, second advantage is simply that we don't have to patch in perpetuity :)	14:31
kirkland	jamespage: perhaps i can help, if roaksoax is not around yet	14:31
zul	i like that advantage :)	14:31
hallyn	disadvantage, I don't know how many tools are going to be breaking as a result	14:31
jamespage	kirkland: pm	14:32
=== jrwr\|offline is now known as jrwr
jdstrand	hallyn: it should be easy enough to update qrt-- detect in setup if we have accel capabilities, then add the necessary arguments. I can't speak to libvirt's handling of it though, but I'm guessing the package you're merging can handle it	14:34
hallyn	jdstrand, so you're ok with sticking with the new qemu-kvm behavior?	14:35
hallyn	I'll do an update for qa-regression-testing then	14:35
jdstrand	hallyn: I am, yes. in general people should be using libvirt with qemu-kvm in Ubuntu. that said, things like testdrive could break	14:37
hallyn	jdstrand, ok, thanks	14:37
jdstrand	hallyn: you may want your tech lead to weigh in though (I am but one opinion :)	14:37
hallyn	jdstrand, Daviey is mia :)	14:38
jdstrand	well, I guess he can weigh after the fact :P	14:38
jdstrand	kirkland: see backscroll. could testdrive break there?	14:38
jdstrand	kirkland: and hello! :)	14:38
jdstrand	kirkland: and anything other than testdrive that might break	14:39
hallyn	jdstrand, testdrive would only break for ppl using it without kvm - which would be painfully slow so i have doubts ppl do it :)	14:39
kirkland	jdstrand: hmm, what's changing in kvm?	14:46
g0bl1n	AWS with Ubuntu Server. I created a new user (in a secure shell), and created a new key in the AWS console. Can't login with that user. Any hint ?	14:47
kirkland	hallyn: testdrive support virtualbox, for people without kvm	14:47
hallyn	kirkland, have you tried out testdrive on uptodate precise?	14:48
jdstrand	kirkland: 08:29 < hallyn> zul, jdstrand, Daviey: question on qemu-kvm. The new behavior (as of precise) is that if you want un-accelerated qemu, you have to add 'accel=tcg' to the machine specification. It has its advantages... do we want t oleave it like that, or patch around that?	14:48
kirkland	hallyn: i have not	14:50
jcook_5xdata	How can I tell if may server has been hack and sending email? i received this http://pastebin.com/SRX7fumt look at the header info. I am running failtoban	14:50
hallyn	kirkland, ok, tbh i have and it worked fine :)	14:50
kirkland	jdstrand: i think I'm okay okay with that change in behavior	14:50
smoser	jdstrand, so if you do not have kvm support in hardware and do not add that flag, what happens ?	14:50
kirkland	jdstrand: very, very few people, if anyone, uses unaccelerated qemu for i386/amd64 ubuntu	14:51
jdstrand	heh, people keep asking me-- I don't know :P	14:51
hallyn	qemu refuses to run	14:51
jdstrand	hallyn: ^	14:51
hallyn	smoser, ^	14:51
smoser	i think thats a bug.	14:51
smoser	you will break people.	14:51
jdstrand	well, upstream chose to do this	14:51
hallyn	smoser, the argument from qemu-kvm ppl is that most of the ppl that will break is the ones who are complaining that they ahve kvm support but it's slow	14:51
smoser	so is there a way to say "just do it" that does not lose hardware acceleration if possible ?	14:53
smoser	ie, does 'accel=tcg' turn it off if it could have used it?	14:53
hallyn	turn what off?	14:53
smoser	hardware acceleration	14:53
hallyn	-machine pc,accel=tcg will let it work	14:53
hallyn	-machine pc,accel=kvm,tcg	14:53
smoser	well at least it is possible.	14:54
smoser	it will break things.	14:54
hallyn	except that doesn't work for me, hm	14:54
smoser	and really, the number of people who are comlaining about "it is slow" surely is becomming less and less.	14:54
hallyn	ah,	14:54
hallyn	-machine pc,accel=kvm:tcg	14:54
hallyn	anyway, a patch to default to tcg if kvm is not available shouldn't be too bad, but it's an unwelcome delta	14:56
hallyn	comment on bug 892050 if you are so inclined :)	14:57
uvirtbot	Launchpad bug 892050 in qemu-kvm "qemu refused to run without acceleration" [Medium,In progress] https://launchpad.net/bugs/892050	14:57
smoser	i just know that i have explicitly used 'kvm' knowing there was no hardware acceleration	14:57
smoser	they also do this in devstack	14:58
roaksoax	jamespage: i'm here now	14:58
jamespage	roaksoax: kirkland got me sorted - I needed to quickly disabled CPU power management with powernap for the test lab installs	14:58
roaksoax	jamespage: ok cool	14:59
kirkland	roaksoax: yeah, the cpu offlining thing seems to be causing more trouble	14:59
roaksoax	kirkland: yeah	14:59
roaksoax	kirkland: i think i will just ship it disabled by default	14:59
roaksoax	and SRU that	14:59
kirkland	roaksoax: not a bad idea	14:59
roaksoax	kirkland: but I wanna figure out why	15:00
kirkland	roaksoax: yeah, we ran into the same problem with the 64-way system we used for the openstack demo	15:00
kirkland	roaksoax: you'll need to work with the kernel team on that	15:00
roaksoax	kirkland: maybe offlining to 1 single CPU is the cause, and rather we should offline to ~4 if its a 16 CPU core?	15:00
roaksoax	kirkland: cause we offline CPU's and reduce the frequency	15:01
roaksoax	kirkland: and I'm changing back the default values to 300 for absent seconds and 30 for grace period	15:01
kirkland	roaksoax: okay	15:01
kirkland	roaksoax: i liked 30/6	15:02
kirkland	roaksoax: but whatever :-)	15:02
roaksoax	kirkland: yeah but doing so means that powernap is likely to send the server to powersave mode when important things are happening	15:03
roaksoax	kirkland: i.e. jamespage problem on which cloud init was running and 30 secs after it entered to powersave	15:03
kirkland	roaksoax: if so, then you're not monitoring the right things	15:03
roaksoax	kirkland: and boom it exploded :)	15:03
kirkland	roaksoax: then you need to monitor that	15:03
kirkland	roaksoax: and make sure that things don't explode	15:03
kirkland	roaksoax: personally, i like the agressive timings, especially on my laptop	15:04
roaksoax	kirkland: yeah I guess we should handle that in profiles	15:04
roaksoax	kirkland: so a juju powernap profile to deal with that	15:05
matrix3000	damn, i would love to figure out how to do cloud processing	15:08
matrix3000	one of these days	15:08
hallyn	jdstrand, smoser, well feh, i'll have to either patch libvirt or qemu, at any rate. patching libvirt is more useful in that that fix will be needed upstream eventually. But patching qemu will mean i don't halso have to fix 100 other tools built on qemu.	15:13
jdstrand	hallyn: another thing to think about-- for the lts, it might make sense to have this delta, and then remove it in 12.10. it will allow smoothe upgrades for lucid to precise and let any bugs in libvirt/qemu chake out	15:16
jdstrand	shake	15:16
zul	heads up...im going to be starting to switch the init scripts for swift to upstart	15:18
hallyn	jdstrand, that sounds reasonable	15:21
hallyn	Daviey, ^ i think i will go with jdstrand's suggestion. patch qemu-kvm to keep tcg as a default until 12.10	15:21
Daviey	hallyn: sounds good	15:28
hallyn	kewl	15:29
hallyn	thanks	15:29
Daviey	hallyn: I don't think the inverse gives us much gain, does it?	15:29
hallyn	what do you mean?	15:29
Daviey	hallyn: if qemu is patched, we don't get an extra benefit.. do we?	15:36
hallyn	well, "benefit" of tools not breaking during LTS	15:36
mtaylor	Daviey: what's the tool you wrote to inject machine info into orchestra/cobbler?	15:43
mtaylor	Daviey: the discovery thing?	15:43
Daviey	mtaylor: cobbler-enlist	15:46
RoyK	KHendrik\|afk: for a number of reasons, you can't boot from a RAID-5, nor can you install grub on a disk without a partition table, you don't want to touch your data in case of a reinstall, you generally want the data Somewhere Else	15:46
Daviey	mtaylor: I've lost the seed information to do it hands free, but it's based on:	15:47
Daviey	mtaylor: http://pb.daviey.com/NIao/	15:47
Daviey	it can be used standalone aswell.	15:48
mtaylor	Daviey: awesome. thanks. I'm going to pimp it a little bit at LinuxCon Brazil today	15:48
ikonia	mtaylor: where is linuxcon brazil	15:50
ikonia	I'm in Brazail now and would be interested in seeing it	15:51
hallyn	all right, dirty deed is done. qemu-kvm pushed	15:51
mtaylor	ikonia: Sao Paulo - expo center norte - I'm speaking in an hour, so I doubt you'd be able to make it here in time with traffic	15:51
Daviey	mtaylor: interesting, is it being filmed?	15:52
mtaylor	Daviey: not that I know of	15:55
hallyn	ahs3, answer came in - xml files are under same copyright as the rest of netcf. so i think the package i posted yesterday is ... dare i say ... done :)	16:06
ahs3	hallyn: okey dokey. could you please add a copy of the emails somewhere to the docs part of the package, just so we've got it written down somewhere?	16:13
hallyn	docs part?	16:14
hallyn	as in debian/README?	16:14
ahs3	right. that, or somewhere in the copyright info, or in /usr/share/docs/netcf somewhere...just don't want to lose the discussion	16:15
hallyn	ahs3, so http://paste.ubuntu.com/742378/ as debian/README.debian is ok?	16:17
ahs3	hallyn: yup, that'll do	16:18
hallyn	awesome, thx	16:19
hallyn	ahs3, http://people.canonical.com/~serge/netcf-0.1.9-package-v3.tar.gz	16:22
RoyK	http://blog.laptopmag.com/usb-stick-contains-dual-core-computer-turns-any-screen-into-an-android-station	16:24
ahs3	hallyn: thx. i'll take a look	16:25
kpettit	What's a good simple monitoring tool? Nagios was the last one I've used but I hated dealing with all the config files for only a dozen or so sites/services. Any recommendations?	16:25
RoyK	kpettit: imho nagios/icinga (a fork) is still good for that, and with templated configs, it doesn't take too long to set it up	16:27
* RoyK uses icinga for that		16:27
kpettit	ok, cool I'll take a look. Some templates would help	16:27
kpettit	is zabbix any good?	16:28
RoyK	kpettit: never tried it...	16:30
* RoyK tests		16:30
kpettit	me neither. Better the devil you know I guess	16:30
=== KHendrik\|afk is now known as KHendrik
jcastro	SpamapS: when are you planning to attend scale, should I plan for being there thursday night?	16:38
RoyK	damn - oneiric VMs won't shutdown properly - that is - they shut down ok, but never turn themselves off	16:51
SpamapS	jcastro: All 3 days, since its in my backyard. :)	17:00
patdk-wk	royk, apci issues?	17:00
patdk-wk	I have that issue randomly with windows vm's on qemu/kvm	17:00
patdk-wk	seems like the longer uptime, the more often it won't shutdown	17:00
SpamapS	jcastro: I think it will be easier for you if you come out Thursday night.	17:02
RoyK	patdk-wk: acpi, perhaps...	17:02
RoyK	patdk-wk: I've seen the same on physical hardware as well	17:03
patdk-wk	hardly see it on physical hardware, most of the time it's my fault there :)	17:03
matrix3000	RoyK?	17:36
matrix3000	RoyK: I never had that issue, and I am running about 4 of them 11.10 servers and 11.10 desktop installs	17:36
matrix3000	RoyK: on ESXi and Vmware Workstation	17:37
=== someone is now known as Guest16563
Guest16563	hello, how to set which map can user access at ftp?	17:55
Guest16563	with vsftpd	17:55
Guest16563	any1?	17:56
Guest16563	hello	17:56
irv	no luck :(	17:56
Guest16563	lol :D	17:56
Guest16563	geeks don't have time for newbies, right? :D	17:57
irv	whoops	17:57
tero	hi guys. Any suggetions on a cheap vps that runs ubuntu server?	17:57
WeissWaschbaer	my cron is not working "1 16 * * * /root/backup.sh &>> /var/log/backup.log"	18:01
jMCg	WeissWaschbaer: what'd you mean it's not working?	18:11
WeissWaschbaer	jMCg: the log file is still empty after 2 days, work when i use the same command manually	18:14
jMCg	WeissWaschbaer: you are aware of the fact that cron executes things in a very restricted environment?	18:14
Skaag	anyone remembers what the sshd package was called back in 9.10?	18:24
Myrtti	Skaag: openssh-server? it is pulled by dependencies if you just install ssh IIRC	18:26
Skaag	cool, trying	18:27
Myrtti	but then of course 9.10 has been EOL for quite some time	18:27
zul	lynxman: swift upstart got in thanks..	18:42
lynxman	zul: \o/	18:43
WeissWaschbaer	jMCg: no im not	19:05
aljosa	i've upgraded to 11.10 and postgres is now 9.1, 8.4 data seems still available. is there a safe (or maybe documented) way to use pg_upgradecluster	19:12
aljosa	to upgrade 8.4 data for 9.1?	19:12
jMCg	WeissWaschbaer: read up on that in cron's man pages. Also read up on stream redirection, I think you're doing that wrong.	19:17
adam_g	roaksoax: ping	19:30
* negronjl out to lunch		19:34
boxybrown	hey guys, do any services update /etc/hosts at startup?	19:36
boxybrown	I have some machines running ubuntu-desktop, and they aren't returning hostname -f correctly	19:37
boxybrown	i'm starting to suspect its the Avahi crap causing this, because my headless ubuntu servers dont have this problem	19:37
roaksoax	adam_g: pong	19:39
adam_g	roaksoax: thoughts on bug #891950? theres some options in there that are likely going to be need to be tweaked after import-isos is run. should we point people to the web interface? or come up with some way for people to easily update cobbler profiles/systems based on a config?	19:41
uvirtbot	Launchpad bug 891950 in orchestra "Configuration in /etc/orchestra/import_isos unused" [Undecided,New] https://launchpad.net/bugs/891950	19:41
boxybrown	anybody?	19:42
roaksoax	adam_g: I don't think that it should be tweaked after import-isos is run that's why we provide defaults	19:42
roaksoax	adam_g: in case an administrator wants to change the behaviour, then it should edit the file	19:43
roaksoax	adam_g: and put the options they want	19:43
roaksoax	adam_g: setting the defaults in orchestra-import-isos is just a failsafe in case the config file hasn't been tweaked	19:44
roaksoax	manually	19:44
adam_g	roaksoax: the defaults we use dont' come from that config file, they are hard-coded in the script, which is run immeditely after the pkg is installed. unless someone drops a custom config file there before installing, theres no way to edit and update the settings after-the-fact	19:44
roaksoax	adam_g: right but that's the thing the intention of that config file is to make awareness that new options can be placed	19:44
roaksoax	adam_g: it is not to set the defaults	19:44
roaksoax	adam_g: if someone wnat's to change from default behaviour then they should edit the file	19:44
roaksoax	adam_g: though, even though no option is set in the file, then the orchestra-import-isos should still provide defaults as failsafe	19:45
roaksoax	and that's what we are doing	19:45
adam_g	roaksoax: its broken workflow	19:45
roaksoax	adam_g: i don't see it as a broken workflow	19:45
adam_g	if i edit the config file, there is no way of getting those changes reflected in cobblers profiles unless i remove all current profiles and re-import with the new settings in the config file	19:46
adam_g	theres no wa of updating profiles based on the config file	19:46
roaksoax	adam_g: well, then the config file is not broken, the update process is the one broken	19:46
adam_g	roaksoax: yes, its a broken workflow	19:46
adam_g	of course the config files not broken, its never being used	19:46
roaksoax	adam_g: right, but not caused by the config file	19:47
adam_g	so my question	19:47
adam_g	if i've installed orchestra nd the import script has run for the first time	19:47
adam_g	and all of my distros are imported and profiles configured, but i want to change the default kernel parameters for a given profile.. do i go to the web interface/cobbler CLI to do that, or do i eidt the config and re-run the import script with an '--update' flag..	19:48
adam_g	currently i either need to edit cobbler manually, or remove all the initially imported distros, edit config, and re-run import	19:48
roaksoax	adam_g: well that's up to the administrator, either modify manually all the profiles or edit the config and update the profiules	19:49
roaksoax	adam_g: which doesn't mean re-running the import	19:49
roaksoax	adam_g: cause it would make no sense to import everything again	19:50
adam_g	exactly	19:50
roaksoax	so what might be broken there is that there's no update process	19:50
roaksoax	so either provide a new binary	19:50
adam_g	my point, exactly	19:50
roaksoax	that only updates profile options	19:50
roaksoax	or make orchestra-import-isos update the profiles without	19:50
roaksoax	importing anything	19:50
adam_g	ya	19:51
roaksoax	adam_g: so I think it would be best to use a orchestra-import-isos --update	19:52
adam_g	roaksoax: +1, i'd favor an --update-profiles flag or something, but i'd rather being doing that in python directly via cobbler api rather than wrapping the cobbler CLI in shell	19:53
adam_g	Daviey: ^	19:53
roaksoax	adam_g: or orchestra-import-isos --update-profiles	19:53
roaksoax	yeah	19:53
roaksoax	exaclty	19:53
roaksoax	adam_g: the problem using the API is that we would need authentication	19:54
roaksoax	adam_g: the idea of orchestra-import-isos is to run on the orchestra system itself	19:54
roaksoax	adam_g: with simple sudo access	19:54
adam_g	roaksoax: well, i meant using the same local API that the cobbler cli uses	19:54
roaksoax	adam_g: I personally don't see the point of doing so because you would be "re-writting" this that the cobbler command already does	19:55
zul	adam_g: +1 from me	19:56
adam_g	roaksoax: i could be wrong but i thought the CLI basically does local xmlrpc to the API server on 127.0.0.1, which is authenticated	19:56
roaksoax	adam_g: right, so you sudo sudo cobbler system add etc etc	19:56
roaksoax	adam_g: if you do that using the local API, you haven to create the methods to add	19:56
roaksoax	delete	19:56
roaksoax	edit	19:56
roaksoax	etc etc	19:56
roaksoax	which means rewriting cobbler commands	19:57
roaksoax	on a simple script	19:57
roaksoax	that doesn't need it	19:57
* Daviey catchs up		19:57
adam_g	roaksoax: those methods are all implemented on the other end, hence xmlrpc	19:57
roaksoax	adam_g: right, but if you want to rewrite it in python	19:59
roaksoax	adam_g: instead of doing sudo cobbler profile edit --etc etc etc	19:59
roaksoax	adam_g: then you would do:	19:59
roaksoax	self.url_cobbler_api = utils.local_get_cobbler_api_url() self.url_cobbler_xmlrpc = utils.local_get_cobbler_xmlrpc_url()	20:00
Daviey	adam_g: Do you just want to check viability. It sounds seem cleaner to do it via the api, and it's something we could push upstream aswell.	20:00
roaksoax	and etc etc	20:00
Daviey	There doesn't seem to be a need for it to be orchestra centric, with my understanding?	20:00
roaksoax	Daviey: it is a method that imports orchestra iso and makes some configurations for juju	20:00
Daviey	ah	20:00
Daviey	roaksoax: Do you think it makes sense for adam_g to sniff viability of doing it via the API?	20:01
Daviey	If it starts to smell more complicated than it needs to be, we revert to the shell wrapper?	20:02
adam_g	Daviey: there's going to be instances where i want to modify the orchestra-specific configuration bits of cobbler system/profile configuration. most of it is stored in a config file at /etc/orchestra/import-isos but there is no way to update cobbler based on the config file (after the initial import has run) my question is basically how do we enable that? push people to cobbler's webui/cli, or create/expand our tooling to do it orchestra-specific	20:02
Daviey	adam_g: Is it something which needs addressing early in the cycle?	20:03
adam_g	it sounds like we need an upgrade path, so yeah.. shell or python? looking at dump of 'cobbler profile dumpvars --name=oneiric-x86_64', i'd much rather acccess that via python than awk/sed/grep	20:03
boxybrown	guys, making hostname -f work properly?	20:03
boxybrown	any tips?	20:03
boxybrown	it works fine out of the box on my ubuntu-server installs that don't have any desktop	20:04
Daviey	Yeha, I think we should try to avoid hacky awk/sed/grep scripts.	20:04
roaksoax	adam_g: the intention of orchetra-import-isos is not to handle specific profiles	20:04
roaksoax	adam_g: so if you wanna do something with a specific profile/distro/system, then its best to use cobbler cli itself	20:05
roaksoax	adam_g: my point being is	20:05
adam_g	roaksoax: i know, thats why im wondering if we 1, create new tooling for this or 2, just push people to cobbler webui/cli	20:05
roaksoax	adam_g: 2	20:05
adam_g	roaksoax: since you assigned the bug to youself, i was wondering what you're thoughts were	20:05
roaksoax	adam_g: the import_isos config file is for whenever we import the isos and we assign some values we want into all the profiles	20:06
Daviey	what is the bug #?	20:06
roaksoax	adam_g: so as agreed the idea is to use --update-profiles which will update the profile options in case the config file is updated	20:07
hallyn	zul, with the new fixed qemu-kvm, precise with current libvirt just gives me two failures:	20:07
hallyn	Test virt-install --location ... FAIL	20:07
hallyn	Test CVE-2010-2237 and CVE-2010-2238 ... FAIL	20:07
uvirtbot	hallyn: Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing stores without referring to the user-defined main disk format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2237)	20:07
uvirtbot	hallyn: Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2238)	20:07
hallyn	zul, when you get a chance can you re-test on your precise image?	20:07
roaksoax	adam_g: i.e. changed the management classes for juju from ubuntu-juju-available and ubuntu-juju-acquired	20:07
adam_g	Daviey: last night, after installing orhcestra and registering a number of systems, i realized serial port needed to be redirected via kopts. theres a config file that has the defaults, i would have liked to modify that and run an update script rather than sifting through cobbler dumpvars myself	20:07
Daviey	ahh, i understand the requirement a bit better now.	20:07
roaksoax	adam_g: so that should update only the profiles	20:08
roaksoax	adam_g: if you wanna update spepcific profiles, then you need to do it manually	20:08
Daviey	roaksoax: for this to be acheieved in an automagic way, what would you propose?	20:08
roaksoax	adam_g:and for that you use cobbler web/cli	20:08
adam_g	Daviey: bug #891950	20:08
uvirtbot	Launchpad bug 891950 in orchestra "Configuration in /etc/orchestra/import_isos unused" [Undecided,New] https://launchpad.net/bugs/891950	20:08
zul	hallyn: yeah	20:08
Daviey	ta	20:09
roaksoax	Daviey: again there's no automatic way to do things, if you want to add a kopts to a specific profile, then you do it manually, if you want to add it to all profiles, then you edit the config and we do orchestra-import-isos --update-profiles	20:09
hallyn	zul, awesome	20:09
adam_g	roaksoax: so, just a quick loop over all profiles and resets the various config parameters based on whats in the file	20:09
adam_g	?	20:09
roaksoax	adam_g: yeah	20:09
roaksoax	adam_g: there's no need to create new tools when we do have the tools for data	20:09
roaksoax	for that*	20:10
roaksoax	adam_g: and maybe extend it in a way on which you can specify a list of profiles you want updated, rather than all of them	20:11
roaksoax	adam_g: but if it's just for 1 or 2 it makes no sense to have new toolset	20:11
roaksoax	when cobbler has its own tool set	20:11
adam_g	roaksoax: what we have now does a decent job of installing and bootstrapping the initial environment, but i predict we'll need more	20:11
roaksoax	adam_g: right, but that's administrator specific	20:12
roaksoax	adam_g: we only need to care about installation and providing an initial environment	20:12
roaksoax	adam_g: if administrators have their own hw requirenments and need to modify specific stuff for each profile/system, they have cobbler for that	20:12
adam_g	we'll see about that :)	20:12
roaksoax	adam_g: I think that orchestra-import-isos + config file, should be used only for initial configuration	20:13
roaksoax	adam_g: if you want to provide further configuration or costumization, it makes no sense to provide our own orchestra toolset	20:14
roaksoax	when there's already a cobbler toolset	20:14
adam_g	zul: thanks for the squid3 upload, you're the man-bomb	20:14
roaksoax	adam_g: so you want to update a specific profile with new settings in import_isos, we can do that with orchestra-import-isos --update-profiles profile1,profile2	20:14
roaksoax	adam_g: but if you want to make changes to profile1 and then make different changes in profile2	20:15
roaksoax	then makes no sense to use import_isos, does it?	20:15
roaksoax	because there wont be a import_isos config file for each of the profiles	20:15
roaksoax	but it will be just 1	20:15
roaksoax	that will and should work for all	20:15
roaksoax	if you wanna change behaviour of all, then modify import_isos and update the changes	20:15
roaksoax	if you want to mkae change A to profile1, then use cobbler cli/web	20:16
adam_g	i'd argue it doesn't make sense to use import_isos to modify existing profiles, but im just being difficult. it just occured to me, that if we disable automatically running import-isos during package installation (which we agreed at UDS), it would give people a chacne to customize the config before the initial import	20:16
roaksoax	if oyu want to make change B to profile2, use cobbler cli/web	20:16
roaksoax	adam_g: we agreed at UDS to set a debconf question to decided whether to import isos automatically or not	20:17
roaksoax	adam_g: but in any case, if you wanna provide debconf questions for each option and setup the environment on installation we can do that aswell	20:17
adam_g	roaksoax: a simple run now: yes or no? should suffice, i'd think	20:18
roaksoax	adam_g: yeah	20:18
roaksoax	adam_g: that simple question is all that we need	20:18
roaksoax	adam_g: but even so, i think we would still need to provide the --update-profiles	20:18
adam_g	ya	20:18
roaksoax	adam_g: to handle the case that administrator selected Yes, but later, they wanna change something in all profiles and "reconfigure"	20:18
roaksoax	adam_g: alright then, I guess we are in agreement	20:19
arrrghhh	hey all. can anyone help me setup guest access to my ubuntu server?	20:19
arrrghhh	i just want the user to be able to ssh in, and run make.	20:19
arrrghhh	i guess a chroot jail? i'm a noob to this, and don't want this guy to be able to blow up the server. he's trustworthy, but i want to cover my bases if possible.	20:20
roaksoax	adam_g: bug #892328	20:21
uvirtbot	Launchpad bug 892328 in orchestra "debconf question to run orchestra-import-isos or not during installation" [Medium,Confirmed] https://launchpad.net/bugs/892328	20:21
adam_g	roaksoax: sweet	20:22
roaksoax	awesome then	20:22
arrrghhh	ok, chroot might be a little overkill	20:25
arrrghhh	it appears if i create a new user, by default they only have write access to their home and /tmp	20:25
arrrghhh	everything else is just read	20:25
greppy	arrrghhh: yes, that is normal behavior for most linux/unix boxes.	20:27
=== erichammond1 is now known as erichammond
jodlajodla	hello	20:42
jodlajodla	can anyone help me with some settings for vftpd?	20:43
jodlajodla	hello, i have some questions for vftpd -> how to limit users to only one directory and give them permissions for uploading file in this directory?	20:44
virusuy	jodlajodla: you should use vftpd + chroot	20:56
virusuy	take a look at this how-to http://www.cyberciti.biz/tips/vsftp-chroot-users-limit-to-only-their-home-directory.html	20:56
arrrghhh	can anyone help me troubleshoot this additional user access?	21:01
arrrghhh	trying to setup ssh for him	21:02
arrrghhh	where do i look?	21:07
arrrghhh	he ran -vvv, it doesn't seem like the negotiation is happening	21:07
arrrghhh	i have nothing in auth.log, syslog or messages	21:07
boxybrown	guys	21:10
boxybrown	is there any way to set the fqdn	21:10
boxybrown	when network-manager is installed	21:10
uvirtbot	New bug: #891867 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/891867	21:11
uvirtbot	New bug: #890272 in nova (main) "FTBFS nova when in /usr/src" [Undecided,New] https://launchpad.net/bugs/890272	21:12
uvirtbot	New bug: #891709 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/891709	21:12
uvirtbot	New bug: #892296 in bind9 (main) "package bind9 1:9.7.3.dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/892296	21:14
uvirtbot	New bug: #891445 in squid3 (main) "package squid3 3.1.15-1ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Fix released] https://launchpad.net/bugs/891445	21:16
uvirtbot	New bug: #892332 in ntp (main) "ntp apparmor profile insufficient ipv6 rights" [Undecided,New] https://launchpad.net/bugs/892332	21:16
=== skrewler_ is now known as skrewler
virusuy	arrrghhh: but he can reach the server ?	21:40
virusuy	or not even ask for password ?	21:40
arrrghhh	virusuy, i got him in	21:41
arrrghhh	i enabled password auth	21:41
arrrghhh	but i'd like to fix it	21:41
arrrghhh	so he uses keys	21:41
virusuy	arrrghhh: allright then,	21:42
virusuy	did you copy his pub key ?	21:42
arrrghhh	do you know where i can look to see why his key was failing?	21:42
arrrghhh	yes	21:42
arrrghhh	to .ssh/authorized_keys2	21:42
arrrghhh	i don't know why there's 2...	21:42
arrrghhh	but whatever.	21:42
arrrghhh	i also removed his username@box on the end of the key	21:42
arrrghhh	so it's just ssh-rsa and the key - is that OK?	21:42
arrrghhh	(that's how my other key was)	21:42
virusuy	uhmmm	21:43
virusuy	what about if he use ssh-copy-id command ?	21:43
virusuy	that command helps you to install her publig key in your server	21:44
arrrghhh	ah right	21:44
arrrghhh	i'll have him try	21:44
virusuy	first, take a look at ssh-copy-id's manpage	21:45
virusuy	its quite simple	21:45
arrrghhh	er	21:45
arrrghhh	should i do it, or should he?	21:45
virusuy	he	21:45
arrrghhh	i'm assuming he should	21:45
virusuy	indeed	21:45
arrrghhh	does he have access to do that tho?	21:45
virusuy	he'll install her public key in your server, right ?	21:45
arrrghhh	i guess i can chmod the authorized_keys2 file	21:45
arrrghhh	i assume so.	21:46
* arrrghhh is a ssh-keys noob		21:46
virusuy	if he can log in with user and password	21:46
arrrghhh	i feel like every time i do this i have to relearn it lol	21:46
virusuy	then, he can execute ssh-copy-id	21:46
arrrghhh	ok	21:46
virusuy	arrrghhh: isn't easy at first , but then it's really easy	21:46
arrrghhh	lol	21:46
arrrghhh	i've... nvm	21:47
uvirtbot	New bug: #892050 in qemu-kvm (main) "qemu refused to run without acceleration" [Medium,Fix released] https://launchpad.net/bugs/892050	21:49
uvirtbot	New bug: #891933 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/891933	21:51
uvirtbot	New bug: #892001 in cobbler (universe) "debian/copyright not lintian clean" [Undecided,New] https://launchpad.net/bugs/892001	21:52
virusuy	arrrghhh: did it work ?	21:54
arrrghhh	sorry haven't tried it yet	21:54
virusuy	arrrghhh: aahh ok :-)	21:56
arrrghhh	virusuy, this seems too simple	22:03
arrrghhh	ssh-copy-id <username>@<host>	22:03
arrrghhh	that's it?	22:03
arrrghhh	lol	22:03
virusuy	yes, you also can use -i to indicate wich key will copy	22:03
arrrghhh	right	22:03
=== skrewler_ is now known as skrewler
arrrghhh	virusuy, he's in	22:23
virusuy	arrrghhh: :-)	22:24
arrrghhh	i have re-disabled password auth, and still good	22:24
arrrghhh	thanks!	22:24
virusuy	arrrghhh: you're welcome !	22:24
uvirtbot	New bug: #891977 in cobbler (universe) "cobbler-web package still contain traces of Ubuntu branding" [Undecided,New] https://launchpad.net/bugs/891977	22:31
matrix3000	anyone here using 11.10 and orchestra that could give me some tips	22:55
matrix3000	http://cloud.ubuntu.com/2011/10/getting-started-with-ubuntu-orchestra-servers-in-concert/	22:55
matrix3000	i was reading that but had questions on how exactly to setup my own cloud	22:56
matrix3000	and how it works	22:56
uvirtbot	New bug: #891334 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.1 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/891334	22:58
adam_g	matrix3000: this might be of more help: http://cloud.ubuntu.com/2011/10/ubuntu-cloud-deployment-with-orchestra-and-juju/	23:03
uvirtbot	New bug: #891938 in openldap (main) "package slapd 2.4.25-1.1ubuntu4.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/891938	23:13
irvee	what would be a good VM server to install on my ubuntu server that would allow me to control/view the vms from a win 7 machine?	23:39
irvee	10.04	23:43
Daviey	zul: Can you update status of bug 858878, please - thanks.	23:53
uvirtbot	Launchpad bug 858878 in cobbler "lack of csrf protection in cobbler-web" [High,Triaged] https://launchpad.net/bugs/858878	23:53

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!