luis__ | algun canal de server en español | 00:06 |
---|---|---|
twb | !es | 00:08 |
ubottu | En la mayoría de canales de Ubuntu se habla sólo en inglés. Si busca ayuda en español o charlar entra en el canal #ubuntu-es. Escribe "/join #ubuntu-es" (sin comillas) y dale a enter. | 00:08 |
twb | siento, solo #ubuntu-es, no hay #ubuntu-server-es | 00:10 |
twb | OK WTF. So someone "helpfully" renamed the printer's DHCP name. So I stop cups, go into printers.conf and change the ipp://gibberish URL to ipp://mfd, and start cups | 00:37 |
twb | lpstat -t says cups can't connect to "gibberish" since <time of initial outage> | 00:38 |
twb | What, cups, are you too stupid to even try connecting to printers when you first start?! Graah! | 00:38 |
twb | Solved by stopping cups again and deleting from its "config" file some state variables that ought to be in /var/ somewhere. | 00:43 |
twb | Incidentally, cancel(1) is a STUPIDLY AMBIGUOUS name to be reserved for printing | 00:44 |
uvirtbot | New bug: #900558 in open-vm-tools (multiverse) "open-vm-dkms 2011.07.19-450511-0ubuntu2: open-vm-tools kernel module failed to build (dup-of: 900555)" [Undecided,New] https://launchpad.net/bugs/900558 | 01:26 |
uvirtbot | New bug: #900553 in keystone (universe) "Any user can manage the keystone database via keystone-manage" [Undecided,New] https://launchpad.net/bugs/900553 | 01:27 |
jehoshua02 | Hey guys, any troubleshooting tips for an "unable to read font" error? Here's my research so far: https://gist.github.com/1436020#file_rubyforge_install_faq.md | 01:30 |
twb | jehoshua02: error from what? | 01:34 |
twb | Oh, redmine | 01:38 |
jehoshua02 | "unable to read font" is an ambiguous message. Gives no indication of why. | 01:40 |
twb | Looks like libmagick is having trouble reading a specific pfb | 01:41 |
twb | Maybe libmagick can't speak pfb in the first place? | 01:41 |
twb | You need to find libmagick people and ask them about this line: Magick::ImageMagickError (unable to read font `/opt/redmine/common/share/ghostscript/fonts/n019003l.pfb' @ annotate.c/RenderFreetype/1043: `(null)'): | 01:41 |
* jehoshua02 Hmm... libmagick people... where are you? | 01:42 | |
twb | Probably there is a channel like #imagemagick | 01:57 |
=== bladernr_ is now known as bladernr_afk | ||
Resistance | anyone here willing to review my HOW-TO posts on my blog for setting up nginx on Ubuntu? I only need general input, i've got my nginx contacts reviewing the content for accuracy. https://blog.trekweb.org/categories/ubuntu/nginx/ <-- if you'd be so kind :) | 05:56 |
twb | php5 isn't nginx | 05:56 |
Resistance | twb: true, but the tutorial specifically goes into configuring nginx to work with php5 | 05:58 |
Resistance | (for the nginx people, basically, since i work with their support channel here on freenode) | 05:59 |
Resistance | ignoring relevancy, the question is content and understandability :P | 05:59 |
Resistance | (you'd be surprised how many people try to set up nginx to use fastcgi, which doesnt work at all :/) | 06:01 |
Resistance | s/at all/at all without some PHP handler, and the preferred one for Debian based systems is php5-fpm/ | 06:02 |
user | good morning! | 06:06 |
user | i have the following problem: after upgrade from natty to oneiric cron sends me the following mail: | 06:07 |
user | PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626+lfs/sqlite.so' - /usr/lib/php5/20090626+lfs/sqlite.so: cannot open shared object file: No such file or directory in Unknown on line 0 | 06:07 |
user | i think its because libsqlite.so is missing from php5-sqlite. in oneiric it only contains libsqlite3.so | 06:08 |
SpamapS | user: sqlite is deprecated | 06:14 |
SpamapS | user: you should be using sqlite3 | 06:14 |
SpamapS | Resistance: /var/fpm is not FHS compliant... | 06:16 |
Resistance | SpamapS: then provide a suggestion | 06:17 |
Resistance | or a replacement | 06:17 |
SpamapS | Resistance: /var/lib/php5-fpm would be more appropriate | 06:17 |
Resistance | for the socket? | 06:17 |
SpamapS | Resistance: or /srv/www | 06:17 |
SpamapS | actually for a socket | 06:17 |
SpamapS | /var/run/php5-fpm | 06:17 |
Resistance | i'll fix that now | 06:18 |
Resistance | SpamapS: i assume /var/run/php5-fpm doesn't exist by default...? | 06:18 |
Resistance | or does it? | 06:18 |
SpamapS | doesn't it usually listen there already? | 06:18 |
Resistance | nope, by default it uses a TCP listener last time i checked | 06:18 |
* Resistance will triple-check | 06:18 | |
SpamapS | ahh | 06:18 |
* SpamapS uses php5-fpm but does not change the defaults. :) | 06:19 | |
Resistance | :P | 06:19 |
user | yes i know that, but package roundcube depends on sqlite afaik | 06:19 |
user | roundcube is now disfunctional after the upgrade | 06:19 |
Resistance | the nginx people actually prefer the use of sockets over TCP | 06:19 |
Resistance | unless the PHP stuff is off-site :P | 06:19 |
Resistance | SpamapS: i assume php5-fpm would be the socket's name? | 06:19 |
SpamapS | user: maybe fix roundcube then. ;) | 06:20 |
SpamapS | Resistance: php5-fpm.sock would be more obvious... | 06:20 |
Resistance | that's what i was considering using in the thing | 06:20 |
Resistance | rather than just php5-fpm in /var/run | 06:20 |
SpamapS | Resistance: if it has a pid file too.. then /var/run/php5-fpm/php5-fpm.sock might even be better | 06:20 |
SpamapS | then you can put the pid file in /var/run/php5-fpm/php5-fpm.pid | 06:21 |
SpamapS | Resistance: maybe submit a bug report suggesting that php5-fpm listen on a standard socket too. | 06:21 |
Resistance | :P | 06:21 |
Resistance | SpamapS: meh, cba to file a bug just now | 06:21 |
Resistance | SpamapS: on another note, i'm not even sure ***WHERE*** the pid is stored | 06:21 |
Resistance | since i leave the pid stuff at its default | 06:21 |
SpamapS | PIDFILE=/var/run/php5-fpm.pid | 06:22 |
Resistance | is that the default? | 06:22 |
SpamapS | yes | 06:22 |
Resistance | then i'm just going to leave that :P | 06:22 |
Resistance | the nginx+php5-fpm post should be updated now | 06:23 |
Resistance | SpamapS: i assume i'd file it against the source package? | 06:23 |
SpamapS | Resistance: https://launchpad.net/ubuntu/+source/php5/+filebug | 06:24 |
Resistance | that's what i thought, thanks | 06:24 |
* Resistance knows those links well, since he's trying to backport php 5.3.8 to natty/oneiric within a PPA :P | 06:24 | |
Resistance | SpamapS: bug #900620 if you're interested in tracking it | 06:28 |
uvirtbot | Launchpad bug 900620 in php5 "Possible Bug: php5-fpm does not listen on a socket by default" [Undecided,New] https://launchpad.net/bugs/900620 | 06:28 |
Resistance | SpamapS: other than those inconsistencies, which i have attempted to fix, any other suggestions on the blog posts? | 06:28 |
uvirtbot | New bug: #900620 in php5 (main) "Possible Bug: php5-fpm does not listen on a socket by default" [Undecided,New] https://launchpad.net/bugs/900620 | 06:36 |
Resistance | lool | 06:36 |
twb | SpamapS: probably /run by now | 06:46 |
SpamapS | twb: Until 12.04 is out, I suggest people use /var/run so their instructions work on 10.04 | 06:49 |
SpamapS | *packages* must start using /run | 06:49 |
SpamapS | Resistance: one stupid niggle.. not a real problem. You shouldn't show PHP code examples with the worthless PHP close tag ?> ... just causes problems | 06:50 |
twb | 11.10 didn't have /run ? | 06:50 |
SpamapS | twb: 11.10 has /run | 06:50 |
SpamapS | its the first release to have /run | 06:50 |
twb | k | 06:50 |
Resistance | SpamapS: bleh, you're impossible to please :P | 06:51 |
SpamapS | Resistance: I'm quite happy, the post looks great. Its just bad form. ;) | 06:51 |
Resistance | SpamapS: what would you recommend i put in place of that code? (btw, I usually code in strict PHP, including all closing tags :P) | 06:51 |
SpamapS | Resistance: just delete the third line | 06:51 |
Resistance | ok | 06:51 |
SpamapS | <? phpinfo(); | 06:51 |
Resistance | *reloads the connection* | 06:51 |
SpamapS | actually <?php phpinfo(); | 06:51 |
SpamapS | who needs 2 lines right? | 06:51 |
twb | strict php is no php :P | 06:52 |
Resistance | :P | 06:52 |
Resistance | SpamapS: better? | 06:52 |
SpamapS | Resistance: purty | 06:53 |
Resistance | :P | 06:53 |
Resistance | okay, well i'm headed to bed | 06:53 |
Resistance | i've got to be up at 06:45 and its almost 02:00 | 06:53 |
=== Guest86932 is now known as kklimonda | ||
=== kklimonda is now known as Guest35546 | ||
=== Guest35546 is now known as kklimonda | ||
aarcane | So I'm curious about running Ubuntu Server in a virtual environment. I have a setup that would lend itsself well to either using disk images or to using exposed filesystems. Both are equally simple to configure and deploy. The question, for my environment, is which is better performant ? has anyone done a side-by-side comparison ? | 07:41 |
auston | Hi, I have my server running 2 NICs with forwarding function but trying to configure firewall using iptables from chain FORWARD but failed. When I use DROP command, the client is not able to connect to internet even exception was made for port 80. | 08:07 |
auston | If I excluded the DROP from the FORWARD, the client is able to access the internet. | 08:08 |
=== smb` is now known as smb | ||
dckirba | hello all, how are you doing? | 08:30 |
=== himcesjf1 is now known as himcesjf | ||
dckirba | Does anyone have a moment to spare? Need help configuring jabber2d on the local office server | 08:30 |
ikonia | what's up ? | 08:31 |
lynxman | morning o/ | 09:02 |
koolhead11 | hi all | 09:41 |
lynxman | hey koolhead11 o/ | 09:47 |
koolhead11 | hello lynxman :) | 09:48 |
uvirtbot | New bug: #900662 in etckeeper (main) "Please merge etckeeper 0.57 (main) from Debian testing (main) " [Undecided,New] https://launchpad.net/bugs/900662 | 09:53 |
matti | Guys. | 10:07 |
matti | Is there a way to force installer to swap order of drives / contollers it will "install" -- so to speak? | 10:07 |
* matti is trying to find something... | 10:08 | |
Myrtti | matti: what do you mean by swapping the order? | 10:10 |
matti | Myrtti: I want my sdb -> sda, as my 3Ware should be my boot contoller :) | 10:11 |
matti | Myrtti: To be honest, this is puzzling me. As grub is failing to install from the installer on my 60 TB array that is using GPT partition table on sda. | 10:12 |
matti | Myrtti: Which is not a boot contoller anyway. | 10:12 |
matti | Myrtti: It seems that despite the setting in BIOS and ROM load-order set, kernel and/or installer loads drivers in an alphabetical order. | 10:12 |
Myrtti | right, well I was going to suggest changing the settings in BIOS but oh well | 10:14 |
Myrtti | you're ahead of me already | 10:14 |
matti | :) | 10:14 |
matti | Trying to automate this is a pure nightmare. | 10:14 |
Ursinha | gooooood morning | 10:20 |
Daviey | matti: Hmm, you can make sdb the install disk? | 10:26 |
Daviey | isn't that enough? | 10:26 |
Daviey | If you depend on sda always being sda, you are probably doing it wrong :) | 10:26 |
ersi | Wouldn't GUID's be the preferred way here? | 10:27 |
matti | Daviey: I don't care. | 10:30 |
matti | Daviey: But try to convince grub-installer from the installer to install itself correctly on GPT. | 10:31 |
matti | Daviey: If you do that, then I will kiss you. | 10:31 |
matti | Daviey: :) | 10:31 |
matti | Daviey: Oh, and fix Debian 6 for me along the way, as it has the same problems (no surprise here). | 10:32 |
matti | ;] | 10:32 |
matti | Meh ;) | 10:38 |
Daviey | matti: Hmm, I don't have much experience with GPT TBH.. But i thought that was all resolved in Oneiric? | 10:45 |
Daviey | Are you using Lucid? | 10:45 |
ikonia | I've still hit a few issues with gpt on 11.10 | 10:46 |
ikonia | it's much much better, but not %100 | 10:46 |
matti | Daviey: 10.04 | 10:50 |
matti | Daviey: Ubuntu 10.04 and Debian 6 -- either/or ;] | 10:50 |
notlistening | Hi all, I have a 3G USB modem that I want to use with 11.10. It has dual mass storage and modem capabilities. When I use it on the desktop these are both available however on server only the scsi storage is accessible can anyone make some suggestions of what i need to do to get the ttyUSB interface to register? | 10:52 |
notlistening | I have manually load usbserial and option modules and installed usb_modeswitch | 10:54 |
notlistening | there seems to be little to no documentation on this :| | 10:54 |
notlistening | I solved the problem, you must delay the usb-storage module from loading :P | 11:44 |
* koolhead11 is sleepy | 11:49 | |
koolhead11 | smoser: aroun? | 11:51 |
koolhead11 | d | 11:51 |
lool | zul: Hey, there's an issue with squid3/squid: the squid source package is still in Ubuntu but fails to upload because the squid3 source package provides a "squid" binary package with a higher version | 12:33 |
lool | zul: In Debian, there's the squid binary package from the squid source package and the squid3 binary package from the squid3 source package, do they plan to drop squid 2 eventually? | 12:33 |
lool | zul: I don't think we can upload squid 2 in Ubuntu anymore because of this, so we'd rather remove and blacklist it from Debian imports, unless we can think of a way that the sources and binaries would be mostly similar between Debian and Ubuntu | 12:34 |
zul | lool: thats fine with me | 12:46 |
lool | zul: Ok | 12:46 |
zul | lool: since squid3 is in main | 12:46 |
RodrigoJimmy | Greetings my friends! I'd like to personalize the boot and installer process of ubuntu server. Change boot menu options, set default idiom, set default partition schema, and so on. What's the best way? Changing iso contents em regererate ISO by mkisofs or genisofs? or change debian-cd and debian-installer packages to do this? Or neither? | 12:58 |
uvirtbot | New bug: #900741 in squid (universe) "Remove and blacklist squid" [Undecided,New] https://launchpad.net/bugs/900741 | 13:06 |
=== himcesjf1 is now known as himcesjf | ||
caribou | quick question : is vmbuilder still actively supported ? | 13:43 |
smoser | koolhead11, here now. | 13:48 |
smoser | well, koolhead11 http://paste.ubuntu.com/760635/ "worked for me" | 13:48 |
koolhead11 | smoser: you had time to test it sir? | 13:48 |
* koolhead11 checks | 13:49 | |
koolhead11 | smoser: let me give it a try :) | 13:50 |
smoser | koolhead11, i suspect it wont work for you, but if it does, then you should see what is different in the 2 paths that you had success versus failure with. | 14:00 |
smoser | there may be a bug in openstack using your image due to something else | 14:00 |
smoser | but your issue there is with openstack, not really resolvable in a guest. | 14:00 |
koolhead11 | smoser: :( hmm | 14:00 |
koolhead11 | it means am not able to run my modified cloud image in openstack. | 14:01 |
koolhead11 | let me give one more try!! :P | 14:02 |
Daviey | *sigh*, LP is Read Only. | 14:02 |
zul | wohoo...party party time | 14:03 |
soren | It's been pretty screwed for a while. | 14:03 |
soren | librarian has been giving me 503's for at least half an hour. | 14:03 |
smoser | koolhead11, well, give the above a try, as it worke dfor me. | 14:03 |
smoser | soren, launchpad works fine for me. you must have not been nice to it. | 14:03 |
koolhead11 | zul: sirr!! :P | 14:04 |
soren | smoser: lies | 14:04 |
Daviey | soren: I think i saw that your account was special cased for a badride() | 14:04 |
soren | :( | 14:05 |
zul | soren: maybe its trying to tell you something | 14:06 |
soren | zul: When have I been known to listen to anything? | 14:06 |
zul | soren: heh | 14:08 |
pmatulis | was showing my 4yr-old son my green Openstack t-shirt, he repeated "opensnack". good name change? | 14:10 |
caribou | Re: my vmbuilder question, I'm able to reproduce this bug https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/531599 | 14:10 |
uvirtbot | Launchpad bug 531599 in vm-builder "device mappings for partitions not removed after build using --raw, leading to filesystem corruption" [Undecided,Confirmed] | 14:10 |
caribou | which generates FS corruption | 14:10 |
* Daviey forks pmatulis open snack.. *yum* | 14:10 | |
pmatulis | he he | 14:11 |
caribou | pmatulis: how about openbar? | 14:11 |
pmatulis | caribou: :) | 14:12 |
koolhead11 | open beer | 14:17 |
patdk-wk | is openbar covered by gpl? | 14:19 |
koolhead11 | zul: i need that keystone pkg to gain some confidence and get back to openstack voyage!! :D | 14:20 |
zul | https://launchpad.net/~zulcss/+archive/openstack-sru-updates | 14:21 |
zul | koolhead11: ^^^ | 14:21 |
koolhead11 | zul: " oneiric main " /o.0\ | 14:23 |
=== bladernr_afk is now known as bladernr_ | ||
mboeru | hello | 14:57 |
mboeru | can anyone help me with some problems regarding kickseed partman RAID creation? | 14:58 |
mboeru | so no one? :( | 15:01 |
koolhead11 | lynxman: around? | 15:08 |
koolhead11 | what was that thing 4 automatic deployment of instances on virtualbox | 15:08 |
Daviey | smoser: Have you tried cobbler-devenv recently, and more so - against cobbler/ | 15:10 |
Daviey | ? | 15:10 |
Daviey | err, against juju | 15:10 |
smoser | Daviey, no. its on the list of things to do. | 15:12 |
smoser | related question | 15:12 |
smoser | hallyn, | 15:12 |
hallyn | smoser: hold on, quick reboot, audio troubles while trying to do a call | 15:13 |
smoser | we were considering juju deploy of openstack on desktop. where juju would use the local [lxc] provider. and we'd install openstack. assuming you could get that to work, then i'd think you'd want lxc as the libvirt-type for openstack. | 15:13 |
smoser | sorry, had typed that and didn't want to lose it. i'll replay if you ask nicely. | 15:14 |
smoser | will there be issues in openstack nova running in an lxc container providing an lxc instances ? | 15:14 |
mboeru | can anyone help me with some problems regarding kickstart / preseed partman RAID creation on ubuntu 10.04.3 ? | 15:18 |
hallyn | smoser: hm, there might be due to NFS in particular | 15:18 |
smoser | i'm' almost insulted. | 15:19 |
smoser | why would i use nfs ? | 15:19 |
hallyn | well nfs was a proxy for any in-kernel network filesystem | 15:19 |
smoser | oh... ok. yeah, the guests could potentially use nfs. | 15:20 |
smoser | i'm not heartbroken if that is broken. | 15:20 |
hallyn | should work then | 15:20 |
smoser | hm... | 15:23 |
smoser | i'm thinking of tother tings that might get in the way | 15:23 |
smoser | the nova-compute lxc isntance is going to attempt to do routing via ip tables | 15:23 |
smoser | and multiple compute nodes [containers] woudlb e wanting to use the same ports. | 15:24 |
lynxman | koolhead11: hey :) | 15:27 |
lynxman | koolhead11: vagrant! | 15:27 |
hallyn | iptables are per container | 15:27 |
hallyn | smoser: so if the nova-compute instance will always look like the 'parent' of the things it fires off it might work | 15:28 |
hallyn | smoser: but you might want to use a container without its own netns | 15:29 |
smoser | hallyn, the nova-compute will use libvirt to launch instances | 15:30 |
hallyn | smoser: using virsh to what it calls localhost? | 15:31 |
smoser | yes, probably. | 15:31 |
smoser | well, not virsh | 15:32 |
smoser | python-libvirt | 15:32 |
hallyn | well then it might be fine - hte iptables rules it creates will affect the default libvirt network it creates, used by its lxc clients... *should* work | 15:32 |
hallyn | be cool to see | 15:32 |
smoser | ok. then one other question | 15:32 |
smoser | i sohlud be able to do this with kvm as the nova-launched guests also | 15:33 |
smoser | right? | 15:33 |
hallyn | yes, so long as you give the nova-compute container access to /dev/kvm | 15:33 |
Daviey | Ursinha: Are you chairing? | 15:57 |
Ursinha | again? | 15:57 |
Ursinha | Daviey: I guess smoser was volunteered | 15:57 |
Ursinha | :P | 15:57 |
Daviey | Ursinha: i'm looking at the agenda, which has you next :) | 15:58 |
smoser | did you do last week Ursinha ? | 15:58 |
Ursinha | smoser: yes | 15:58 |
smoser | if you did, then i will reluctantly do this. | 15:58 |
smoser | suck | 15:58 |
Ursinha | lol | 15:58 |
Ursinha | I can chair again | 15:58 |
SpamapS | Ursinha: if you forget to update the list, you have to chair again. ;) | 15:59 |
hallyn | i think this is called hazing | 15:59 |
SpamapS | smoser: the agenda is empty, so.. should go quickly. :) | 15:59 |
smoser | k. | 16:00 |
smoser | here we go | 16:00 |
smoser | #start-meeting Ubuntu Server Team Meeting | 16:00 |
smoser | #startmeeting Ubuntu Server Team Meeting | 16:00 |
smoser | ugh. | 16:00 |
lynxman | smoser: wrong channel | 16:00 |
RoAkSoAx | lol | 16:00 |
lynxman | smoser: points smoser to #ubuntu-meeting | 16:01 |
Ursinha | smoser: http://paste.ubuntu.com/761745/ | 16:01 |
marshall | hey ubuntu-server | 16:15 |
marshall | I notice that byobu is installed on oneiric server by default. it looks sort of useful, but it seems to mess things up when I do `clear` or cmd+k (clear shortcut). Has anybody else had this issue? | 16:22 |
kpettit | is there a simple DNS server that is somehting like a etc/hosts file. Trying to do local home network dns and don't really want to mess with BIND for something simple like that | 16:22 |
uvirtbot | New bug: #893134 in swift (main) "swauth required for auth in diablo" [Undecided,Fix released] https://launchpad.net/bugs/893134 | 16:22 |
smoser | kirkland, ^ see marshall | 16:26 |
kirkland | marshall: what kind of things mess up when you do clear? | 16:28 |
kirkland | marshall: i do "clear" all the time | 16:28 |
broder | hey guys - i can't stick around atm, but if anyone here is affiliated with openstack, could you see if your keystone packaging should have a vcs-bzr tag on it or something? i saw lp:~gandelman-a/ubuntu/precise/keystone/900553 in the sponsorship queue, and it seemed like maybe it should be going against lp:~openstack-ubuntu-packagers/keystone/ubuntu or something | 16:29 |
smoser | adam_g, zul ^ | 16:30 |
smoser | broder is probably correct | 16:30 |
zul | broder: will have a look | 16:31 |
marshall | kirkland: sometimes it puts the cursor somewhere weird on the screen, and the top line of byobu sometimes disappears. I dunno, it's kind of flickery after a `clear`. | 16:31 |
adam_g | zul: what is the workflow for packaging updates? update the ~openstack-ubuntu-packagers/$foo branch first, then propose a merge into ubuntu from there, or the other way? it seems like its different for each subproject | 16:35 |
zul | adam_g: propose against ~ubuntu-server-dev/<project>/essex and then propose against ~openstack-ubuntu-packagers/<project>/ubuntu | 16:36 |
adam_g | zul: i thought ~ubuntu-server-dev was stable/oneiric/backport branch? | 16:37 |
SpamapS | Fixes have to hit precise before they'll be allowed into oneiric | 16:37 |
zul | nope its for essex as well, ill write something up | 16:37 |
SpamapS | So it akes sense that you'd do essex first | 16:37 |
adam_g | zul: i dont follow | 16:38 |
zul | adam_g: for oneirc/stable diablo there is packaging branches called lp:~ubuntu-server-dev/<project>/diablo | 16:38 |
zul | for precise its lp:~ubuntu-server-dev/<project>/essex | 16:39 |
zul | or am i on crack | 16:40 |
adam_g | zul: ok | 16:40 |
zul | adam_g: ill sync up the branches today | 16:41 |
adam_g | cool | 16:41 |
rbasak | Daviey: OK, SRU for cobbler csrf? | 16:42 |
Daviey | rbasak: Yes, so it's exactly the same, except - the pocket is oneiric-security | 16:43 |
Daviey | And only the ~ubuntu-security team can sponsor it. | 16:44 |
Daviey | They also prefer a richer changelog message, one moment | 16:44 |
rbasak | Daviey: and I'll focus only on this one vulnerability? There were a few others too IIRC, but not sure if I can bundle multiple fixes into one SRU? | 16:44 |
rbasak | (or if the others are even justified to be SRU'd) | 16:45 |
Daviey | rbasak: https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation | 16:45 |
Daviey | rbasak: probably best to speak to the security team, but depending on confidence, you can double up | 16:45 |
rbasak | OK, thanks | 16:46 |
koolhead11 | zul: keystone failed to install, let me pastebin | 16:50 |
koolhead11 | zul: http://paste.ubuntu.com/761806/ | 16:52 |
Ursinha | Daviey: hello :) | 16:53 |
zul | koolhead11: cool thanks ill take a look | 16:53 |
allowoverride | koolhead11: looks like you need to execute as sudo | 16:53 |
Daviey | hey Ursinha | 16:53 |
allowoverride | perms denied on /keystone.log | 16:53 |
Ursinha | Daviey: I'd like to have your feedback about this diagram: http://ubuntuone.com/5OxEIhPUuxdAfVS5N4YO44 | 16:54 |
koolhead11 | allowoverride: i am using with sudo :D | 16:54 |
Daviey | looking | 16:54 |
Ursinha | Daviey: can you tell me if I'm missing something that server team would be doing? | 16:54 |
Ursinha | thanks :) | 16:54 |
* koolhead11 leaves 4 home. laters | 16:55 | |
Daviey | ttfn koolhead11 | 16:55 |
Daviey | Ursinha: what is this based on, and who follows it so far? | 16:56 |
Daviey | (who authored it?) | 16:56 |
Ursinha | Daviey: I did | 16:56 |
Ursinha | Daviey: this is what I could infer by how launchpad behaves today plus the triage guide | 16:57 |
Ursinha | server triage guide | 16:57 |
Daviey | Ursinha: right, but where is the bot? :) | 16:57 |
Ursinha | Daviey: the one that marks bugs as confirmed? | 16:57 |
Ursinha | when a bug has a duplicate launchpad marks the bugtask as confirmed | 16:57 |
Ursinha | afaik | 16:57 |
Daviey | ahh | 16:57 |
Daviey | Sorry, i thought it was something more exciting :) | 16:58 |
Ursinha | I'll clarify that :) | 16:58 |
Ursinha | lol | 16:58 |
Ursinha | sorry | 16:58 |
Daviey | Ursinha: I think it is pretty complete, but also idealistic :) | 16:58 |
Ursinha | so, let me know how it works today or what would be a less idealistic approach, please :) | 16:59 |
Ursinha | Daviey: I have the .dia file, want it? | 16:59 |
Daviey | Ursinha: I wish i had a plotter, so i could print it out and put it on my bedroom wall :) | 17:00 |
Daviey | Ursinha: I think you have it covered, but let me think about it? | 17:00 |
Ursinha | Daviey: I drew it in an A3 sheet :) than converted to dia :P | 17:01 |
Ursinha | Daviey: yes, can I ping you later about that? | 17:01 |
Daviey | cool | 17:02 |
=== bitmonk_ is now known as bitmonk | ||
hsmod | anyone know how i can load megaraid_sas driver when i pxe boot a livecd? | 17:25 |
hsmod | (on either natty or maverick) | 17:25 |
jandrusk | For Juju you need to have an Amazon EC2 account and storage setup, right? | 17:26 |
jandrusk | Nevermind. Already found it on CharmSchool. | 17:39 |
hsmod | anyone know how i can load megaraid_sas driver when i pxe boot a livecd? | 18:09 |
hallyn | jjohansen: should 'rw' apparmor rights to a file that is a unix socket suffice for bind? | 18:20 |
jjohansen | hallyn: yes | 18:20 |
hallyn | jjohansen: thanks. (then i'm flummoxed :) | 18:20 |
jjohansen | hallyn: what is happening? | 18:21 |
mboeru | can anyone help me with a preseed problem, I'm trying to provision a server with 2 500G hdds and software RAID, but can't figure it out | 18:21 |
hallyn | i'm testing tunnelled migration - my patch works in lucid and precise, but in maverick i'm getting: | 18:21 |
hallyn | ind(unix:/var/run/libvirt/qemu/qemu.tunnelmigrate.dest.cdboot): Permission denied | 18:21 |
jjohansen | hallyn: hrmm, are there any log messages? | 18:22 |
hallyn | "/var/run/libvirt/**/*.tunnelmigrate.dest.cdboot" rw is in the *.files | 18:22 |
hallyn | jjohansen: that msg is in the libvirt log | 18:22 |
jjohansen | hallyn: anything in dmesg? | 18:23 |
hallyn | nope | 18:23 |
hallyn | flummoxed | 18:23 |
jjohansen | hrmm | 18:24 |
hallyn | this is going to be the slowest sru i've ever had. 2 days so far, not halfway done | 18:24 |
jjohansen | hallyn: stick audit in front of the apparmor rule. | 18:25 |
jjohansen | audit /var/run/libvirt/**/*.tunnelmigrate.dest.cdboot" rw | 18:25 |
jjohansen | apparmor will log every time it sees a file matching that, whether its allowing it or not | 18:25 |
jjohansen | that should help narrow down whether apparmor thinks its seeing it | 18:26 |
hallyn | jjohansen: ok - that rule gets generated on each migration on the fly, so i need to rebuild real quick | 18:29 |
jjohansen | hallyn: if you know where the profile file is, you can edit it by hand and reload it with | 18:30 |
jjohansen | sudo apparmor_parser -r <file> | 18:30 |
hallyn | jjohansen: i can't bc it gets recreated when i retry migration | 18:33 |
hallyn | jjohansen: hm, still nothing in dmesg! maybe the libvirt apparmor security driver code is screwy | 18:35 |
jjohansen | hallyn: maybe, jdstrand would have a better handle on that part than me | 18:37 |
jdstrand | hallyn: for testing, you can edit /etc/apparmor.d/libvirt/libvirt-<uuid> | 18:38 |
hallyn | jdstrand: but that gets overwritten when i do virsh migrate again | 18:39 |
jdstrand | hallyn: it is created on first run of the vm, but is persitent thereafter (it is the .files file that is updated every time) | 18:39 |
jdstrand | hmm | 18:39 |
jdstrand | migrate-- I guess that makes sense cause it is supposed to be a 'new' vm | 18:40 |
hallyn | and yeah, the .xml doesn't actually stick around (nothing in virsh list --all) so i can't restart it even if i thought htat would still try to access that pipe | 18:40 |
jdstrand | hallyn: you can also disable the apparmor driver in /etc/libvirt/qemu.conf by setting 'security_driver = "none"' and restarting libvirt | 18:41 |
hallyn | I don't know, I"m at a loss. maybe i messed up something else | 18:41 |
hallyn | still get that failure! | 18:42 |
jdstrand | hallyn: you can also edit /etc/apparmor.d/abstractions/libvirt-qemu on the host getting denials. that applies to all vms | 18:43 |
jdstrand | hallyn: if you want to make sure you have disabled the apparmor driver, examine the output of 'virsh capabilities' and/or 'virsh dominfo <vm>' | 18:45 |
hallyn | what should virsh capabilities tell me? | 18:45 |
hallyn | (/proc/`pidof libvirtd`/attr/current still says enforcing) | 18:45 |
jdstrand | in the <host> section if a security driver is enabled, you should see: | 18:46 |
jdstrand | <secmodel> | 18:46 |
jdstrand | <model>apparmor</model> | 18:46 |
jdstrand | <doi>0</doi> | 18:46 |
jdstrand | </secmodel> | 18:46 |
jdstrand | hallyn: that is because the you didn't unload the profile for libvirtd | 18:46 |
jdstrand | hallyn: but you don't need to | 18:47 |
jdstrand | (unless there is a bug, which there was one at one time) | 18:47 |
zul | hallyn: have you seen this? "libvirtError: internal error cannot create rule since ebtables tool is missing." | 18:47 |
hallyn | jdstrand: ah, i see. yeah, it's turned off now. and i still get that denial | 18:47 |
jdstrand | hallyn: wait, what? you get an apparmor denial with the driver disabled? | 18:48 |
hallyn | zul: i haven't. on precise? | 18:48 |
hallyn | jdstrand: yyyyyp | 18:48 |
zul | hallyn: yep | 18:48 |
hallyn | put a u in there | 18:48 |
jdstrand | hallyn: well, is the machine still running? libvirt won't unconfine a vm | 18:49 |
jdstrand | hallyn: it just won't start a vm confined | 18:49 |
hallyn | zul: ebtables should be moved from recommends to depends? | 18:49 |
hallyn | jdstrand: the vm is running on host1. host2 is where i try to migrate it to, and it has unconvined libvirt now | 18:49 |
zul | hallyn: it seems other people are having the same issue: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/684088 | 18:50 |
uvirtbot | Launchpad bug 684088 in libvirt "libvirt should detect the presence of tools at use-time rather than at start-time" [Low,Triaged] | 18:50 |
jdstrand | hallyn: on host1, what is the output of 'aa-status'? | 18:50 |
hallyn | zul: patch welcome for that :) | 18:50 |
jdstrand | hallyn: err, host2 | 18:50 |
zul | hallyn: yeah yeah :) | 18:50 |
hallyn | jdstrand: it shows libvirtd profile and process in enforce mode | 18:51 |
jdstrand | hallyn: can you paste the output? | 18:51 |
hallyn | zul: you agree ebtables should be depends? | 18:51 |
zul | hallyn: yeah but i already have ebtables installed | 18:52 |
hallyn | jdstrand: http://pastebin.com/K5MuHYvK | 18:52 |
hallyn | zul: restart libvirt-bin :) making it depends will prevent it in the future. i'm not writing a patch to do check-at-use! | 18:53 |
jdstrand | hallyn: can you paste the output of virsh capabilities n host2? | 18:53 |
hallyn | http://pastebin.com/baf2mkzM | 18:53 |
jdstrand | that pastebin is annoying with its captchas :P | 18:54 |
jdstrand | hmm | 18:54 |
hallyn | jdstrand: as i said to jjohansen, this works fine on lucid and precise, it's only failing on maverick. | 18:54 |
hallyn | making me wonderer whether my setup is bad | 18:54 |
jdstrand | hallyn: can you try to do a migrate after doing this on host2: sudo apaprmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd | 18:54 |
hallyn | (that or it's a temp regression in the code) | 18:54 |
zul | hallyn: restarted it and still get the same problem | 18:54 |
jdstrand | hallyn: I typoed that command | 18:55 |
hallyn | zul: that's a problem | 18:55 |
zul | hallyn: yeah lemme try something first | 18:55 |
hallyn | jdstrand: i think it's an nfs issue, actually. i think the log msg is bogus, and it's actually dying trying to chown the disk img | 18:58 |
hallyn | cause | 18:58 |
hallyn | -rw-r--r-- 1 4294967294 4294967294 1073741824 2011-12-06 17:58 cdboot.img | 18:58 |
hallyn | doesn't look right | 18:58 |
jdstrand | huh | 18:58 |
jdstrand | libvirt's error reporting sometimes stinks | 18:58 |
jdstrand | hallyn: this is the type of thing I was talking about when I recommended VIRT_WARN last week | 18:59 |
hallyn | i put VIRT_WARN in that patch. that patch isn't in mav | 18:59 |
jdstrand | hallyn: no, I know that | 18:59 |
hallyn | ok :) | 18:59 |
jdstrand | hallyn: I am saying this is precisely the *type* of thing that happens | 19:00 |
hallyn | sigh, yeah. | 19:00 |
hallyn | so i wonder if this is a bug in maverick's nfs | 19:00 |
hallyn | uid/gid isn't *supposed* to come through as -1 is it? | 19:01 |
hallyn | trying a rebuild with VIR_WARN at that line | 19:02 |
=== smoser_ is now known as smoser | ||
hallyn | i shouldve said only lucid sru for this... who is gonna do this on maverick? | 19:03 |
Shaboom | try mozilla firefox on linux, preferably linux , and linux ubuntu if possible for best results: http://baby.cn.yahoo.com/pic/ | 19:04 |
* patdk-wk is scared | 19:12 | |
hallyn | zul: is that a pretty safe normal assumption? that i can do a fix only for lucid and oneiric, bc noone will move from lucid to maverick or natty for servers right now? | 19:13 |
patdk-wk | no sane person :) | 19:13 |
zul | hallyn: i think so | 19:13 |
hallyn | phew | 19:14 |
zul | i think most people would be waiting for the next LTS | 19:14 |
* patdk-wk is waiting for 12.04.2 | 19:14 | |
patdk-wk | normally by then I have had enough time to test and start moving :) | 19:14 |
zul | hallyn: with the libvirt ebtables im horribly out of date...ill try it again after the update is finish | 19:15 |
hallyn | ok | 19:16 |
SpamapS | koolhead17: whenever you are ready we can chat about bug 875262 | 19:19 |
uvirtbot | Launchpad bug 875262 in php5 "PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626+lfs/sqlite.so'" [High,Confirmed] https://launchpad.net/bugs/875262 | 19:19 |
koolhead17 | SpamapS: in 20 mins :) | 19:20 |
incorrect | are there other authentication systems i can use with windows that don't involve me setting up samba? | 19:27 |
SpamapS | incorrect: at one time, I know stock kerberos 5 + ldap worked .. but not very well.. with windows XP and 2000 | 19:40 |
incorrect | or an easy way to get samba doing domain log ins | 19:42 |
uvirtbot | New bug: #900889 in apache2 (main) "Php5 Application Segmentation Fault After Upgrade from 9.04 to 10.04, 10.10. or 11.10" [Undecided,New] https://launchpad.net/bugs/900889 | 19:43 |
zul | hallyn: false alarm | 19:47 |
hallyn | phew | 19:47 |
zul | sorry to work up your blood pressure | 19:49 |
=== claude2 is now known as jonathandee | ||
=== jonathandee is now known as claude2 | ||
adam_g | zul: https://code.launchpad.net/~gandelman-a/ubuntu/precise/keystone/lp900553/+merge/84663 | 20:10 |
adam_g | zul: should i also send proposals with the changes that were merged directly into the nova and glance ubuntu packages this week, or do you want to do that? | 20:11 |
zul | adam_g: no ill take care of it | 20:11 |
adam_g | k | 20:11 |
* lukstr waves | 20:20 | |
lukstr | I have a fun kerberos question | 20:20 |
lukstr | after running sudo auth-client-config -a -p kerberos_example I can't log in at all. In a guest session I can get tickets just fine but anything PAM seems extremely unhappy | 20:21 |
zul | hallyn: nope was still able to reproduce it | 20:32 |
lukstr | is there any _proper_ way to setup kerberos with PAM for 11.10? | 20:34 |
hallyn | jdstrand: hm, i don't think i'll try maverick again, but on oneiric i observe that 'mount -o nfsvers=3' works better (than using v4, the default). now i can chown, as can libvirtd | 20:43 |
jdstrand | interesting. so it is the DAC driver | 20:44 |
jdstrand | they are always fiddling with nfs for the selinux bits | 20:44 |
hallyn | pain | 20:44 |
hallyn | worked fine under precise though with v4 | 20:44 |
jdstrand | weird | 20:46 |
hallyn | zul: can you open a bug or post pastebin with reproduction instructions? | 20:47 |
jdstrand | yeah, I wouldn't worry about maverick-- it is eol in 4 months | 20:47 |
jdstrand | natty is... *shrug*. seems too late for it too | 20:47 |
hallyn | lukstr: not something i've worked with, sorry. | 20:47 |
hallyn | jdstrand: i just might weep for joy | 20:48 |
jdstrand | heh | 20:48 |
hallyn | finally done with that | 20:48 |
hallyn | now just a little qemu one to do :) | 20:48 |
jdstrand | :) | 20:48 |
hallyn | ooh! qemu-kvm-1.0 has been tagged | 20:49 |
jdstrand | hallyn: iirc, they fiddled a bit with usb2 for that. that would be awesome, but I don't know how far along it is | 20:50 |
hallyn | they already had with the 0.15 in precise, and i think that's to blame for the uhcd/ehci not being there | 20:51 |
hallyn | haven't gone and asked on #qemu yet though | 20:51 |
jdstrand | hallyn: interesting-- I didn't know it was fully working | 20:51 |
hallyn | oh i dont' knwo that it is | 20:51 |
zul | hallyn: i just added more info to the bug that was open | 20:59 |
hallyn | zul: sounds like openstack should depend on ebtables :) | 21:04 |
zul | hallyn: right but i have ebtables installed thats the point | 21:05 |
hallyn | zul: unless you're saying you've stopped and started libvirt-bin, that bug is unlikely to get addressed (upstream bug is being ignored). Why not avoid it altogether? | 21:06 |
zul | erm.. | 21:06 |
hallyn | eh, maybe i'm wrong, and it has been addressed upstream | 21:07 |
hallyn | zul: you know i'm not trying to be difficult :) | 21:11 |
zul | hallyn: sure i heard that one before | 21:11 |
zul | :) | 21:11 |
hallyn | while : ; do euca-describe-instances | awk '{ print $2 }' | grep "^i-" | xargs euca-terminate-instances; done isn't getting me very far | 21:16 |
Faint | Hi, I know this is #ubuntu-server, but nothing I say is sent in #httpd, so I am asking here because I am running Ubuntu Server 11. Any help would be appreciated. I am having a problem where when I start Apache, it stays up for a minute then turns off. I have the only two lines it gives me in apache's error.log right here: | 21:33 |
Faint | http://pastebin.com/vX201fQ6 | 21:34 |
Daviey | hallyn: http://pb.daviey.com/euca/ is smoser's | 21:34 |
hallyn | Daviey: that hurts the eyes :) | 21:36 |
smoser | http://paste.ubuntu.com/762099/ is my current | 21:37 |
Cant_Winn | Hello everyone | 21:40 |
Faint | So does anyone know what the problem is with my Apache? I have searched all over only to find answers that don't work | 21:40 |
Cant_Winn | I have a small question; Has any one here ever setup, or tried setting up iFolder on Ubuntu 10.04 LTS server? | 21:41 |
Daviey | hallyn: more than, http://pb.daviey.com/KfaI/ | 21:41 |
Daviey | ? | 21:41 |
hallyn | Daviey: i find that easier to read | 21:41 |
Daviey | golly, it's crap :) | 21:42 |
RoyK | Faint: I'd try starting the apache process in the foreground | 21:44 |
RoyK | fahadsadah: is this 11.10 or 11.04? | 21:45 |
fahadsadah | RoyK: It's 9.45 here | 21:45 |
RoyK | fahadsadah: sorry, that was meant for faint, who just left :P | 21:45 |
fahadsadah | Don't worry, I'm just screwing with you :p | 21:45 |
Cant_Winn | Anyone attempted iFolder before? | 21:46 |
=== skrewler_ is now known as skrewler | ||
Daviey | RoAkSoAx: What do you think about, NUT integration in Cobbler (replace fence-agents) ? | 22:04 |
=== nonsenso_ is now known as nonsenso | ||
soren | smoser: Does cloud-init get ged anything when provisioning new machines with orchestra? | 22:06 |
=== shirgall is now known as jrp-afk | ||
soren | smoser: *get fed | 22:06 |
RoAkSoAx | Daviey: didn't I send you the response to you? | 22:06 |
RoAkSoAx | Daviey: i think it should not be a replacement, but rather a support | 22:06 |
RoAkSoAx | Daviey: give me a sec to explain to you the idea that I discussed with arnaud about it | 22:07 |
Daviey | RoAkSoAx: If you are on the case, great :) | 22:07 |
Daviey | RoAkSoAx: But i thought the WI listed as 'replace' would interest you | 22:07 |
RoAkSoAx | Daviey: basically, I told Arnaud that I don't think we should replace but rather, make NUT as an option. i.e. Right now the cobbler server needs access to any power device in order to be able to manage them. If cobbler does not have direct access (like in our lab), but if we do have it to a NUT server, then it would be cool if cobbler can just tell the NUT server "power on outlet for machine XYZ, that I don't have direct access to" | 22:09 |
RoAkSoAx | but the NUT server does | 22:09 |
smoser | soren, yes. | 22:10 |
smoser | but not much of importance other than in juju i think | 22:10 |
smoser | RoAkSoAx, would konw also | 22:10 |
ellipsis_ | Hey, I've got a really low spec computer I was thinking of turning into a server. However it has no harddrive. Can I boot ubuntu server edition from a usb stick and will it lag/use up all the ram? (all I need to do is host a little php, but I can't seem to find any good free hosts) | 22:11 |
smoser | ellipsis_, you can probably manage to do that, yes. | 22:18 |
smoser | it will jsut have slow IO from the usb disk. | 22:18 |
adam_g | Daviey: just filed #900977, will sort out in a few | 22:26 |
soren | smoser: How does it work? | 22:30 |
RoAkSoAx | soren: basically, juju passes a ks_arg to cobbler with the user-data for cloud init in base64. Then, we have a python function that is imported by cheetah via the kickstart templating feature that recieves that BASE64 User Data from the cobbler ks_arg/variable, and creates a late_command that decodes the base64 and execute the code creating the user-data file | 22:36 |
ellipsis_ | smoser, Thanks, but I mean my server has like 500mb of ram. Can I fit the OS into ram without it constantly needing to use swap? | 22:40 |
soren | RoAkSoAx: Ok, so the user-data equivalent is passed embedded in the preseed file? | 22:58 |
RoAkSoAx | soren: yes | 22:59 |
soren | RoAkSoAx: Lovely, thanks. | 22:59 |
allowoverride | whats the command to list ops in irc room? | 23:05 |
allowoverride | thanks | 23:05 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!