/srv/irclogs.ubuntu.com/2011/12/22/#ubuntu-server.txt

uvirtbotNew bug: #907518 in keystone "swift proxy cannot start when configured to use keystone" [Undecided,Triaged] https://launchpad.net/bugs/90751800:01
smoserm_3, do the SRU stuff.  ie, write justification and everything00:59
smoserand if you wanted, you could foward a debdiff to the debian bug that is there.00:59
m_3smoser: cool, thanks!01:01
* m_3 looking up "SRUs for dummies"01:02
smoserm_3, ping me when you have justifcation done and I can do the upload to oneiric-proposed if there is no oneelse around.01:02
smoseri'm gonna mostly be out till budapest though so you might want to look for someone else.01:02
smosergood work on getting that fixed though01:02
m_3thanks, yeah it's been a ghost-town around here01:02
m_3I've got a ppa with it fixed for oneiric, so there's no particular hurry01:03
m_3have a great break man... see you in budapest01:03
smoserwell, the archive is 100% broken for that package, so that is pretty bad.01:08
* SpamapS will +1 it right into oneiric-proposed :)01:23
=== sixstringsg|away is now known as sixstringsg
PerfMwoooooooooooo01:40
PerfMI love ubuntu!01:40
ZanzacarJust curious if anyone could answer this for me. I can sftp into my server through the terminal and through filezilla. Through the terminal I transfer at 11mbps through filezilla I transfer at 8-9mbps.01:50
Zanzacardoes anyone know why that would be?01:50
qman__probably a math error in one program or the other01:50
Zanzacarso one isnt actually slower then the other then?01:51
qman__not likely, they could also be negotiating different encryption sets, or filezilla could be measuring actual file throughput while the other program is measuring total connection throughput01:51
qman__lots of reasons those numbers can be different01:51
Zanzacargotcha sounds good.01:52
qman__the only real way to measure would be to download the same large file and time it01:52
PerfMI do01:52
PerfMZanzacar, glad we could help ^_^01:52
ZanzacarI am going to test it out and see if there is any differences01:52
qman__also, IIRC, filezilla displays the average over the whole connection01:53
qman__the other program may be measuring the current rate instead01:54
Zanzacarit is just sftp over the terminal01:54
PerfMpangolin, HI!01:55
PerfMpangolin, sorry for the ping!01:55
m_3smoser SpamapS: I think I have everything for an SRU on bug #85486601:58
uvirtbotLaunchpad bug 854866 in ganglia "some ganglia packages won't install because of useradd" [High,Confirmed] https://launchpad.net/bugs/85486601:58
* m_3 sure hope that all works :)01:59
smoserm_3,  just copy your comment to a section in the description02:00
smoserother than that, loooks good.02:00
m_3smoser: smoser ok, did that02:01
twbZanzacar: most likely case is one is measuring megabytes (1000) and one is measuring mibibytes (1024)02:02
twbZanzacar: it could also be scp vs. sftp -- the former has slightly less overhead.02:02
smoserm_3, ok. i just uploaded to oneiric-proposed.02:10
smoserthen, it needs an SRU admin (SpamapS or pitti) to approve it into -proposed02:10
smoserthe one change from the oneiric is (as you stated) the version number.02:10
smoser3.1.7-2ubuntu0.1 is what i used, which is < anything in precise02:11
smoserfollowing the chart at https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update%20the%20packaging02:11
m_3smoser: ok, thanks02:15
=== sixstringsg is now known as sixstringsg|away
smoser:q02:37
=== twister004_ is now known as twister004
axisyshttp://pastebin.com/RMpM2bdA <-- x2270 m2 sees only one disk.. any idea what I can do short from rebooting the server03:00
axisystons of error like this http://pastebin.com/319gGafB for sdb03:01
uvirtbotNew bug: #907620 in openldap (main) "package slapd 2.4.21-0ubuntu5.6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/90762003:31
axisysduring boot I saw both disks03:32
axisyshttp://pastebin.com/25STEpin <-- from /var/log/dmesg03:33
axisysbut now only one03:33
axisysthey both are internal disk03:33
axisysi wonder if my co-worker broke sdb while attaching it to raid103:33
axisys(parted) p03:34
axisysError: /dev/sdb: unrecognised disk label03:34
axisyssmartctl --all /dev/sdb -T permissive says03:36
axisysSMART Health Status: OK03:36
axisysrebooted the system04:22
axisysnow I can see sdb04:23
=== lifeless_ is now known as lifeless
=== bladernr_ is now known as bladernr_afk
twister004hi guys... how can I automate reverse ssh on my ubuntu server?... I need to connect to this box using reverse ssh.... can I use a script at bootup?.. I tried this but it doesn't work09:24
uvirtbotNew bug: #907686 in squid3 (main) "CVE-2010-0308: DoS (assertion failure) via a crafted DNS packet that only contains header in lucid series" [Undecided,In progress] https://launchpad.net/bugs/90768609:26
uvirtbotNew bug: #907687 in squid3 (main) "CVE-2010-0639: DoS (NULL pointer dereference and daemon crash) via     crafted packets to the HTCP port" [Undecided,In progress] https://launchpad.net/bugs/90768709:26
Jeeves_twister004: You can create some ssh keys09:31
Jeeves_and create an upstart script for it09:31
twister004Jeeves_: ahem... how do I do that :D09:31
Jeeves_twister004: ssh-keygen -t rsa on the box behind nat09:36
Jeeves_Don't enter a passphrase09:36
Jeeves_vi /etc/init/rssh.conf09:37
twister004Jeeves_... I did that... I want to know how I can automate this tunnel... how it can be auto-established upon reboot09:37
Jeeves_exec ssh -i $homedir/.ssh/id_rsa09:37
twister004??09:37
Jeeves_Create an upstart job09:37
Jeeves_That will run ssh09:37
Jeeves_ /etc/init/udev.conf can be used as basic script09:39
twister004Jeeves_.. how do I create an upstart Job?.. I created a .sh file with 'autossh' running... and edited crontab.... @reboot /usr/local/bin/script.sh09:39
uvirtbotNew bug: #907690 in squid3 (main) "CVE-2011-3205: DoS (memory corruption and daemon restart) or remote Gopher servers." [Undecided,In progress] https://launchpad.net/bugs/90769009:39
Jeeves_replace exec udevd --daemon with 'ssh -i $path_to_id_rsa $remoteuser@$remotebox'09:39
Jeeves_remove the 'expect fork' file09:39
Jeeves_s/file/line09:40
twister004Jeeves_.. could you start from the beginning... I lost you somtime back09:40
Jeeves_cp /etc/init/udev.conf /etc/init/rssh.conf09:40
Jeeves_vi /etc/init/rssh.conf09:40
Jeeves_replace exec udevd --daemon with 'ssh -i $path_to_id_rsa $remoteuser@$remotebox'09:41
Jeeves_remove the 'expect fork' line09:41
Jeeves_That should work, I think09:41
twister004Jeeves_... /etc/init/rssh.conf doesnt exist09:42
Jeeves_Indeed09:42
Jeeves_If you didn't do 'cp /etc/init/udev.conf /etc/init/rssh.conf', it won't exist09:43
twister004Jeeves_... $path_to_id_rsa should be the path to authorized_keys file correct?09:44
Jeeves_No09:44
Jeeves_id_rsa09:44
twister004Jeeves_... isn't id_rsa the local key?09:45
Jeeves_Yes09:45
Jeeves_And the ssh client on the local machine must use that specific keys09:45
Jeeves_the authorized_keys on $remotebox should have the line in id_rsa.pub in it09:45
twister004Jeeves_... I lost you there... what about passwordless ssh?09:46
Jeeves_That's what the keys are for09:47
Jeeves_You create a ssh key09:47
Jeeves_you end up with two files09:47
twister004yes09:47
Jeeves_id_rsa and id_rsa.pub09:47
Jeeves_the .pub file is the public key09:47
Jeeves_You copy/paste the contents into authorized_keys on any remote box you want09:48
twister004yes09:48
twister004yes09:48
Jeeves_id_rsa will be used by the local client to connect to the remote server09:48
Jeeves_if the remote server can verify the local key with the public key09:48
Jeeves_You are granted access09:48
twister004Jeeves_.. but then what should be edited in the id_rsa.pub file?09:49
twister004Jeeves_... in the rssh.conf file... is the following command correct?.. 'ssh -i /root/.ssh/ root@remote_hostname''09:50
Jeeves_Nothing should be edited in the .pub file09:51
Jeeves_I never said that :)09:51
Jeeves_-i should be /root/.ssh/id_rsa09:51
twister004ohk... so.. then... after the reboot of the source, the tunnel will be established... and how to I connect to to the source from the destination?09:52
Jeeves_http://www.howtoforge.com/reverse-ssh-tunneling09:53
twister004Jeeves_... I followed that same link and did it manually... I dont know how to automate the process09:54
Jeeves_twister004: You could think about combining my comments with the link you read09:55
twister004Jeeves_.. so instead of the command u specified, I just enter the command from the link?09:56
Jeeves_Combine the two, yes09:56
twister004Here goes nothing... commencing reboot :)09:58
Jeeves_You don't need to reboot09:58
twister004?09:58
Jeeves_You can also type 'start rssh'09:58
twister004Jeeves_... I want to test it during bootup09:59
twister004coz the machine is going to be moved behind a firewall, and we wont have access to it09:59
twister004it doesn't work... and when I do a 'start rssh'... it gives me the following error - 'start: Unknown job: rssh'10:01
twister004Jeeves_.. any inputs?10:04
Jeeves_Oh10:08
Jeeves_Ehm10:08
twister004did I do something wrong?10:08
Jeeves_No, something needs to be refreshed10:09
Jeeves_initctl reload-configuration10:10
twister004wat's tjat?10:10
Jeeves_That tells upstart that there is a new file, iirc10:10
twister004it didnt work10:10
twister004still the same10:10
Jeeves_the file is called /etc/init/rssh.conf, right?10:11
twister004yes10:11
Jeeves_Works for me10:12
twister004huh/10:13
Jeeves_If I copy /etc/init/udev.conf to /etc/init/rssh.conf10:13
twister004?10:13
Jeeves_I can run 'start rssh' without any issues10:13
twister004I did that10:13
twister004let me do it again10:13
twister004it didnt work10:15
Jeeves_can you pastebin the command 'cat /etc/init/rssh.conf' ?10:16
twister004Jeeves_.. here you go : http://pastebin.com/hnxNAKYK10:17
Jeeves_http://pastebin.com/C8yJMNBE10:18
Jeeves_That might work better10:18
Jeeves_http://pastebin.com/diff.php?i=C8yJMNBE10:18
Wolfsherzhello, when i created a ssh-key on my laptop, and copied the public part to the servers ~/.ssh directory the login via key works. will i be able to put my private key to my other machine or do i need to create a new key to connect with it?10:18
Jeeves_Wolfsherz: Private key can be transferred10:19
WolfsherzJeeves_: ok, but the public key has the computers user@hostname in it. is that a problem when connecting with the private key from another host?10:19
Jeeves_no10:19
Jeeves_That's just a comment10:20
andolWolfsherz: You can copy your private key to the other machine, but really it is better/safer solution to create a new private key on the other machine.10:20
Wolfsherzandol: why is it safer do to so?10:20
WolfsherzJeeves_: thank you10:20
twister004Jeeves_.. ok.. the 'start rssh' worked... thanks!... but how do I connect back from the other side?10:20
Jeeves_twister004: You said you read that page on howtoforge :)10:21
andolWolfsherz: In case you lose on of the computers, you can more easily revoke that public key.10:21
andols/on/one/10:21
twister004Jeeves_... I did... and I tried 'ssh localhost -19999'... it refuses the connection10:21
Jeeves_twister004: I'd try -p 1999910:22
Wolfsherzandol: i have to paste that other pubkey to authorized_keys too then, right?10:22
Jeeves_And check if the ssh connection is really up10:22
twister004Jeeves_.. oops I typed it correctly... it doesn't work10:22
andolWolfsherz: Yes10:22
twister004Jeeves_... using ps?10:22
Jeeves_twister004: And where is autossh located?10:22
Wolfsherzandol: and to revoke a public key i just remove that key from authorized_keys, or is there another way?10:23
andolWolfsherz: exactly10:23
Wolfsherzandol: great, thank you10:23
twister004Jeeves_... I installed autossh10:24
Jeeves_Ah, ok.10:24
twister004it's under /usr/bin10:24
Jeeves_No clue what that is10:24
Jeeves_replace 'autossh' with '/usr/bin/ssh'10:24
twister004Jeeves_.. ok10:25
twister004Jeeves_... 'ps -ef | grep ssh' shows the process10:25
Jeeves_ok10:26
twister004Jeeves_... so, for some reason, the ssh is not working?.. even though the process is running in the background10:26
Jeeves_twister004: I can't see that from here, can I?10:27
Jeeves_Check if the proces you see still is the same10:27
twister004Jeeves_.. ill send u the output10:27
Jeeves_Check if the command is actually working by executing it yourselve10:28
twister004Jeeves_... it worked!!10:29
twister004you're awesome!!!!10:29
twister004Jeeves_.. will it autorun at bootup?10:29
Jeeves_it should, probably10:29
Jeeves_You might need to change 'start on'10:29
twister004Jeeves_.. what's that :(10:30
twister004Jeeves_.. actually, it stopped workin again... please see the pastebin contents... it's the output of 'ps -ef | grep ssh' 'http://pastebin.com/a6zDRFgt'10:33
twister004Jeeves_ it works now... sorry!10:34
twister004Jeeves_... however, it doesn't run at bootup.... please advise how I need to modify 'start on'10:37
Jeeves_set 'start on' to 'networking', I think10:38
twister004Jeeves_.. how do I do that... is that a command?10:38
Jeeves_grmbl10:38
Jeeves_Read the file /etc/init/rssh.conf10:38
twister004Jeeves_... sorry!... I changed it, but it still doesnt work on bootup10:45
koolhead11hi all10:56
Jeeves_twister004: No clue then11:00
l456Is 12.04 going to ship with ruby 1.9.1 ??11:55
l456Rails needs 1.9.2 and the latest stable is 1.9.3, it will be a major pain if it ships with 1.9.1 which few (if any) Ruby devs use...11:57
pmatulis1.9.3.012:53
=== Lcawte|Away is now known as Lcawte
uvirtbotNew bug: #907816 in apache2 (main) "libapache2-mod-php5 forgets timezone definition after some time" [Undecided,New] https://launchpad.net/bugs/90781616:28
=== sixstringsg is now known as sixstringsg|afk
pmatulisquiet here today16:43
* genii-around makes more coffee16:45
enricheddidk y but i got booted and banned from the ubuntu channel...16:50
Picienrichedd: Please use #ubuntu-ops if you'd like to get that resolevd.16:51
enricheddty16:53
uvirtbotNew bug: #907828 in openvpn (main) "tun-based VPNs using the "subnet" topology are wrongly sending ICMP redirects" [Undecided,New] https://launchpad.net/bugs/90782816:55
rbasakrobbiew: I've been poking the debian experimental version of openmpi today. It FTBFS on armel. I'm just trying a rebuild of 1.4.x to check its not my environment16:55
rbasak(but also it failed on Debian)16:56
rbasakhttps://buildd.debian.org/status/package.php?p=openmpi&suite=experimental16:56
robbiewrbasak: cool...well if it's crap, then this will be an easy blueprint :)16:56
robbiewwe have some time, given the package is in universe16:56
rbasakrobbiew: hopefully won't be too hard to fix :)16:56
smoserRoAkSoAx, pushed cobbler update with that fix from yesterday and 2 more to cobbler-ubuntu-import17:13
PedroGomesHi, I have two Ubuntu server installations with the same sudoers file, being that one as a root login and the other not.17:31
PedroGomesNow I have a user X, and in the sudoers I have "X ALL = NOPASSWD: /usr/sbin/puppetca" on both machines.17:31
PedroGomesIf I run the command puppetca with user X without sudo or pass on one of the machines it works, on the other I need sudo. What is the difference?17:31
genii-around"being that one has a root login"17:36
PedroGomesgenii-around: thats the difference? in the machine with a root login I have to use always the sudo command ?17:39
genii-aroundPedroGomes: The other way around, likely.17:44
genii-aroundIf you're logged on as root, any command you issue automatically has the elevated rights that the sudo command is supposed to be used for.17:45
PedroGomesgenii-around: thanks, but I already found my error after an half a day…17:45
PedroGomesI forget to add the user to the group that owns most of the folders affected by the command17:46
smoserhallyn, did you read the bug ?17:52
smoseri described how i triggered it.17:52
hallynsmoser: you said "i ran an instance".18:02
smoserinside devstack18:02
smoserdid you try that ?18:02
smoserwith that image?18:02
smoser/var/lib/tftpboot/pxelinux.cfg/01-00-16-3e-3e-aa-0318:02
smoserRoAkSoAx, ^ how do i make cobbler udpate that file18:03
hallynI don't know what devstack is.  Is it a wrapper around euca-build-iamge?18:03
Davieysmoser: change a setting in cobbler, like "netboot enabled"18:03
Davieyhallyn: devstack is the current fav' flavour for setting up a development openstack cloud18:04
hallynif you're gonna use your little codewords than don't get snarky when i ask for detailed reproduction steps18:04
Davieywith all the different componets18:04
smoserhallyn, only because i like you, i'll give you alink18:04
hallynyay!18:04
smoserhttp://lmgtfy.com/?q=devstack18:05
smoserDaviey, i want it to fix all of that garbage18:05
hallyni'll get to that next year then18:06
smoserhallyn, and i'll give you a user-data scrript for Canonistack. just a minute.18:06
adam_gsmoser: i think 'cobbler sync' will regenerate those tftp files as well as dnsmasq, dhcp, etc18:06
smoserthats what i wanted18:06
smosergracias adam_g18:06
hallynbe back tomorrow for a sponsors gig.  out.18:06
=== sixstringsg|afk is now known as sixstringsg
=== sixstringsg is now known as sixstringsg|noms
uvirtbotNew bug: #907873 in samba (main) "smbd crashed with SIGABRT in close_file()" [Undecided,New] https://launchpad.net/bugs/90787319:01
gondoianyone know where I can find more information on this, like when it will be "removed":19:35
gondoihttp://www.omgubuntu.co.uk/2011/12/java-to-be-removed-from-ubuntu-uninstalled-from-user-machines/19:35
=== sixstringsg|noms is now known as sixstringsg
mdeslaurgondoi: the browser plugin has already been disabled. We haven't decided yet when the other packages will be removed from the archive.19:39
mdeslaurgondoi: is there anything else you would like to know?19:39
gondoimdeslaur: okay, well i was thinking more in the terms of a server that is running apps with it19:40
gondoii.e. tomcat and such19:40
mdeslaurgondoi: I'd suggest trying to migrate to either openjdk or to oracle's java sometime in january19:40
gondoii work at a hosting provider and I am trying to figure out the impact for our customers19:41
gondoiokay19:41
gondoithank you mdeslaur19:41
mdeslaurgondoi: you're welcome19:41
=== sixstringsg is now known as sixstringsg|afk
=== dendro-afk is now known as dendrobates
=== dendrobates is now known as dendro-afk
uvirtbotNew bug: #907905 in php5 (main) "php5-cli scripts not running in background, stays stopped." [Undecided,New] https://launchpad.net/bugs/90790520:26
Wolfsherzhello, i have got a serious problem after fiddling with ssh-keys on my server. i can not connect anymore with the error: ssh_exchange_identification: Connection closed by remote host20:43
Wolfsherzi already booted the server in rescue mode to delete the authorized_keys in my home-directory. i also removed the private and public key on my machine at home.20:44
smoserok server people, RoAkSoAx adam_g SpamapS .20:53
smoseri'm almost EOY20:53
smoserbut i just pushed to lp:~orchestra/orchestra/odev20:53
smoserits largely a work in progress, but i'm sure that each of you, if wanted could get it going20:54
* kirkland waves at smoser 20:54
=== Lcawte is now known as Lcawte|Away
smoser(cobbler-devenv -> odev)20:54
smoserhola crypto people20:54
EvilResistanceWolfsherz:  can you do ssh -vv (that's two v's)?  that'll tell you why its being closed at the remote host.20:55
WolfsherzEvilResistance: I dont think that is possible as i can not connect to that server anymore. I can only boot a rescue-system20:57
Wolfsherzi get a lot of these: http://paste.ubuntu.com/779112/21:06
Wolfsherzin /var/log/auth.log21:06
Wolfsherzthis is my /etc/ssh/sshd_config http://paste.ubuntu.com/779121/21:11
=== alaing is now known as funkmonk
=== sixstringsg|afk is now known as sixstringsg
=== sixstringsg is now known as sixstringsg|afk
yakstercan someone please help me with some syntax22:24
yaksterI can't get stab to mount my NAS hdd, I can do it manual, but not fstab22:25
yakstersudo mount -t cifs //192.168.1.129/GoFlex\ Home\ Public/ /media/GoFlex -o username=matthew,password=4546413,iocharset=utf8,file_mode=0777,dir_mode=077722:25
yaksterthat works fine22:25
yakster/192.168.1.129/GoFlex\ Home\ Public/ /media/GoFlex cifs username=matthew,password=4546413,iocharset=utf8,file_mode=0777,dir_mode=0777 0 022:26
yaksterand that cases /home to not mount….22:26
yakster???22:32
=== sixstringsg|rdlB is now known as sixstringsg
=== sixstringsg is now known as sixstringsg|afk
erichammondyakster: What errors are you getting on the attempt to mount the cifs with /etc/fstab ?23:01
yakstererror line 13… line 13 is the //192 line23:16
yaksterline 13 is stab is bad23:18
=== erichammond1 is now known as erichammond
=== erichammond1 is now known as erichammond
=== EvilResistance is now known as Resistance
sixstringsg|afkIs it possible on a dedicated server that I do not have physical access to to increase the size of the / partition?23:40
uvirtbotNew bug: #907945 in nova "Enabling keystone caching  results in type errors in middleware" [Undecided,New] https://launchpad.net/bugs/90794523:41
ikoniasixstringsg|afk: if it's not under lvm control, no23:46
sixstringsg|afkCan I symlink it to part of another partition to increase it?23:47
sixstringsg|afkIt's 10Gb right now, I don't know how big it should be honestly.23:47
ikoniano23:47
sixstringsg|afkOr if I can clean some stuff out.23:47
=== sixstringsg|afk is now known as sixstringsg
yakstercan someone help me out with some stab syntax?23:47
ikoniasixstringsg: you can symlink dir's - but you still can't change it's size23:47
yaksterfstab syntax23:48
ikoniasixstringsg: you certainly can clean stuff out23:48
yakster/192.168.1.129/GoFlex\ Home\ Public/ /media/GoFlex cifs username=matthew,password=4546413,iocharset=utf8,file_mode=0777,dir_mode=0777 0 023:48
sixstringsgikonia, suggestions on what to clean?23:48
ikoniasixstringsg: depends on your machine and what you're not using23:48
ikoniasixstringsg: what other seperate mount points you have too23:48
sixstringsgAll I have are / /home and swap.23:49
ikoniasixstringsg: ok, so look at creating new partitions for things like var, mount that on a new partition and reboot, same for /tmp23:49
ikoniasixstringsg: look at what you are using software wise, open the package manager and clear down things you don't need/want23:50
ikoniajust apply a logical common sense approach23:50
sixstringsgOk, thanks.23:50
uvirtbotNew bug: #907952 in munin (main) "Unnecessary log message when listing local services" [Undecided,New] https://launchpad.net/bugs/90795223:50
yaksterdoes anyone know why a bad line in stab will cause /home to not mount?23:51
ikoniayakster: if the lines are wrong, they can't be used23:52
ikoniait's that simple,23:53

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!