| alex- | What is more secure, root account, su - or sudo ? | 00:05 |
|---|---|---|
| yakster | anyone here ever heard of webtester5? | 00:44 |
| yakster | does anyone know of a software that is a testing engine, fast and easy to setup? | 00:47 |
| === FridgeBoX is now known as zz_FridgeBoX | ||
| === sixstringsg|away is now known as sixstringsg | ||
| === sixstringsg is now known as sixstringsg|away | ||
| === sixstringsg|away is now known as sixstringsg | ||
| arrrghhh | hey guys. i am looking at doing RAID via mdadm, raid5 for one set of drives and raid1 for the other set. would LVM also be an advantage here, or is it kinda redundant? | 05:30 |
| qman__ | if you want to put multiple volumes on said arrays, or spread a volume across multiple arrays, it would be useful | 05:32 |
| qman__ | otherwise it's not necessary, though not detrimental either | 05:32 |
| arrrghhh | hrm | 05:32 |
| arrrghhh | i guess i might as well | 05:32 |
| arrrghhh | i don't have much experience with either | 05:32 |
| arrrghhh | i have a bit with RAID | 05:32 |
| arrrghhh | 0 with LVM | 05:33 |
| qman__ | I didn't on mine because I had only singular purposes in mind | 05:33 |
| qman__ | personal preference, but I don't like to upgrade too many times without starting fresh | 05:33 |
| arrrghhh | ditto | 05:33 |
| qman__ | so it's an excuse to redo if I hit a limitation without it | 05:33 |
| arrrghhh | pretty much every time i have to rethink hdd space, i reinstall the OS | 05:34 |
| arrrghhh | and i don't have any RAID right now, and i'm thinking it's time. | 05:34 |
| qman__ | my current file server is at its limit, nearing the ext3 size limits and (I assume) getting fragmented | 05:36 |
| qman__ | so the next upgrade cycle is total revamp | 05:36 |
| twb | qman__: you know that "5% reserved for root user" of ext? | 05:38 |
| twb | qman__: that is used to prevent fragmentation from happening | 05:38 |
| qman__ | yeah, but I'm experiencing performance problems | 05:38 |
| twb | qman__: so if you turned it off, or filled the fs as root, you WILL get MUCH more fragmentation than normal | 05:38 |
| twb | e2fsck will report the fragmentation level also | 05:38 |
| qman__ | didn't do either of those, but I did expand the filesystem | 05:38 |
| qman__ | originally ~5TB, now 8.2TB | 05:39 |
| qman__ | plus I have some flaws in my design | 05:39 |
| qman__ | active torrent data shouldn't be on the main storage array | 05:40 |
| twb | Recommend you put it off until 12.04 when ext large blocks will be around | 05:40 |
| qman__ | and before it was expanded, the filesystem was over 97% (user) full | 05:40 |
| arrrghhh | brtfs or whatever ready for 12.04? | 05:41 |
| twb | https://lwn.net/Articles/469805/ | 05:41 |
| twb | arrrghhh: no | 05:41 |
| twb | arrrghhh: give it another 8 years or so | 05:41 |
| arrrghhh | didn't think so. | 05:41 |
| arrrghhh | 8 years, lol | 05:41 |
| twb | arrrghhh: well, a decade is a reasonable amount of time for a filesystem to go from dev to stable state | 05:42 |
| twb | btrfs has had about 2 already, so 8 left | 05:42 |
| arrrghhh | oh, i thought it was more mature for some reason | 05:42 |
| qman__ | yeah, summer will probably be upgrade time | 05:43 |
| qman__ | before then I need to actually get a backup system | 05:43 |
| qman__ | flying fast and loose here | 05:43 |
| qman__ | though the majority of my data is not that important | 05:43 |
| qman__ | I did lose it all once and it was a major inconvenience | 05:44 |
| arrrghhh | lol | 05:44 |
| arrrghhh | i could imagine that would be inconvenient. | 05:44 |
| twb | When I lose all my data I'm usually limping for about a week | 05:44 |
| qman__ | once drive prices stabilize I'll get some sort of backups going | 05:45 |
| twb | Anything truly important will be published and mirrored by other people | 05:45 |
| qman__ | and when 12.04 gets all the major bugs worked out I'll work on upgrading the system | 05:45 |
| arrrghhh | qman__, yea.. i forgot about that and went to best buy to get a hdd with a gift card from xmas. ended up getting another ps3 controller lol | 05:45 |
| qman__ | it'll be a while before they get back down where they were | 05:46 |
| qman__ | but they should at least even out and get less extreme pretty soon, once the panic wears off | 05:46 |
| arrrghhh | qman__, i'm going to try to hold off for a year... we'll see if i can make it. | 05:47 |
| arrrghhh | scary how high prices have gone | 05:47 |
| qman__ | it's not even a little consistent right now | 05:47 |
| qman__ | certain drives are up 300, 400% | 05:47 |
| qman__ | others are only up slightly | 05:47 |
| arrrghhh | lol | 05:48 |
| arrrghhh | server-grade disks are definitely higher | 05:48 |
| arrrghhh | data centers are hoarding | 05:48 |
| twb | http://paste.debian.net/151503/ | 05:52 |
| twb | That's the local "folding table in front of a warehouse" parts vendor; they don't have any SAS tho | 05:53 |
| === sixstringsg is now known as sixstringsg|away | ||
| koolhead17 | hi all | 06:36 |
| kaushal | Hi | 07:13 |
| koolhead17 | supp kaushal | 07:30 |
| jasonmchristos | How do I enable 2 factor authentication on ubuntu after installing libpam-rsa? Seems I tried editing the configs but it doesnt seem to be using the rsa key to login. Any help appreciated. | 07:41 |
| koolhead17 | jasonmchristos: did you restart service after the edit? | 07:42 |
| jasonmchristos | koolhead17: restarted the whole computer to login but just see the normal password prompt | 07:47 |
| twb | jasonmchristos: any particular reason you're using rsa and not (say) due or monkeysphere? | 07:47 |
| twb | s/due/duo/ | 07:47 |
| twb | egrep -v '^[[:space:]]*(#|$)' /etc/pam.d/* | pastebinit | 07:48 |
| jasonmchristos | twb: i dont know what those are | 07:48 |
| henkjan_ | jasonmchristos: check duosecurity.com | 07:50 |
| twb | Note that I am not endorsing any of those three | 07:50 |
| twb | I'm asking because maybe you just picked libpam_rsa because it was the first google hit | 07:51 |
| henkjan_ | jasonmchristos: 2 factor authentication with pust notification to your mobile | 07:51 |
| === henkjan_ is now known as henkjan | ||
| twb | henkjan_: well, that's one of the things it can do | 07:51 |
| henkjan | dialing/passwords in sms | 07:52 |
| henkjan | al for free (10 users) | 07:52 |
| twb | Here I have actually deployed OTPW which uses one-time passwords (something you have) prefix with a normal password (something you know) | 07:52 |
| twb | So technically that's multifactor auth, and pretty cheap and easy too | 07:52 |
| jasonmchristos | twb: https://docs.google.com/document/d/1PNuv2UyAZB6zC1NwxToxInLVh1CLS49KRwAwoIV4wUo/edit | 07:53 |
| twb | That yields no content: http://paste.debian.net/ | 07:53 |
| twb | Gah, stupid pastebin script | 07:54 |
| jasonmchristos | All of that sounds interesting but let me start with something basic | 07:54 |
| twb | jasonmchristos: that URL redirects about 20 times and eventually takes me to https://accounts.google.com/ServiceLogin?service=wise&passive=1209600&continue=https://docs.google.com/document/d/1PNuv2UyAZB6zC1NwxToxInLVh1CLS49KRwAwoIV4wUo/edit?pref%3D2%26pli%3D1&followup=https://docs.google.com/document/d/1PNuv2UyAZB6zC1NwxToxInLVh1CLS49KRwAwoIV4wUo/edit?pref%3D2%26pli%3D1 | 07:54 |
| twb | I am not going to log into google to read a pastebin. | 07:55 |
| jasonmchristos | twb: try now https://docs.google.com/document/d/1PNuv2UyAZB6zC1NwxToxInLVh1CLS49KRwAwoIV4wUo/edit | 07:55 |
| twb | https://accounts.google.com/ServiceLogin?service=wise&passive=1209600&continue=https://docs.google.com/document/d/1PNuv2UyAZB6zC1NwxToxInLVh1CLS49KRwAwoIV4wUo/edit?pref%3D2%26pli%3D1&followup=https://docs.google.com/document/d/1PNuv2UyAZB6zC1NwxToxInLVh1CLS49KRwAwoIV4wUo/edit?pref%3D2%26pli%3D1 | 07:56 |
| twb | I think that's the same URL it redirect me to | 07:56 |
| jasonmchristos | oops | 07:56 |
| twb | It probably requires javascript or something | 07:56 |
| jasonmchristos | https://docs.google.com/document/d/1PNuv2UyAZB6zC1NwxToxInLVh1CLS49KRwAwoIV4wUo/edit | 07:56 |
| twb | jasonmchristos: same behaviour | 07:57 |
| twb | Try paste.debian.net | 07:57 |
| jasonmchristos | ok hold on | 07:57 |
| jasonmchristos | i just want to be able to remove it after you look | 07:57 |
| twb | Tough | 07:57 |
| twb | If your security infrastructure relies on secrecy then you are fucked | 07:58 |
| jasonmchristos | http://paste.debian.net/hidden/167c294b/ | 07:59 |
| jasonmchristos | twb: well im working on it thats why i'm here | 07:59 |
| twb | jasonmchristos: apparently that URL you sent works OK in a GUI browser, so it is just that google docs doesn't provide even read access to traditional browsers | 08:00 |
| jasonmchristos | its all designed with chrome inmind | 08:00 |
| twb | Now I guess the service you mainly care about is sshd? | 08:01 |
| jasonmchristos | no | 08:01 |
| jasonmchristos | pam | 08:01 |
| twb | Hmm, no ssh there, so I guess gdm? | 08:01 |
| jasonmchristos | local | 08:01 |
| jasonmchristos | gdm and tty | 08:01 |
| twb | OK, "tty" is called the login service | 08:01 |
| twb | But e.g. you don't care about using pam_rsa to auth cups printing atm | 08:01 |
| twb | OK, did you manually add the pam_rsa.so line to login? | 08:02 |
| jasonmchristos | lets see what i added | 08:03 |
| twb | This is where I tell you about etckeeper for future reference | 08:03 |
| twb | jasonmchristos: while you're there, tell me what ubuntu release you're running (lsb_release -a) and if you have an /usr/share/pam-configs/ and what's in it. Also cf. pam-auth-update(8) | 08:05 |
| twb | pam is a bitch to get right, don't expect this to be a cake walk | 08:05 |
| jasonmchristos | twb: i added auth sufficient pam_rsa.so debug | 08:07 |
| jasonmchristos | auth sufficient pam_stack.so service=system-auth | 08:07 |
| twb | PROBABLY what you want to end up with is an entry in /usr/share/pam-configs. During testing you only want to affect login, so what you want to do is go into /etc/pam.d/login and replace @include common-auth with the contents of /etc/pam.d/common-auth, and then extend that to include pam_rsa.so | 08:09 |
| jasonmchristos | ok I am going to clean up my desk and come back to this saving what you have told me shofar | 08:10 |
| jasonmchristos | thanks for the help twb | 08:10 |
| jasonmchristos | auth sufficient pam_rsa.so debug | 08:10 |
| jasonmchristos | auth sufficient pam_rsa.so debug[A[A | 08:10 |
| twb | Jokes on him, I'm going to the pub, mua haha | 08:15 |
| similian | anyone here using a public brigde concept with kvm on 10.04 | 09:29 |
| similian | i used the pbulic guide but i cannot ping my vms from my lan | 09:29 |
| similian | my vms can ping my lan though | 09:29 |
| similian | but not the gateway | 09:29 |
| similian | an I ran out of clues | 09:30 |
| similian | I basically wanted to let my vm access my LAN directly (192.168.20.x) | 09:31 |
| similian | I can provide any config files you need | 09:31 |
| similian | but its basically just the public guide | 09:31 |
| similian | strange thing is if i ping my Lan Client with my vm I will be able to ping it afterwards | 09:33 |
| similian | there seems to be a routing issue | 09:33 |
| similian | I wonder what needs to be change in the br0 config | 09:34 |
| CasmoNL | similian, I set up a VM with VBox, and I can access my whole lan from within that VM, without changing configs. o_O | 09:40 |
| similian | I use kvm | 09:41 |
| similian | yeah its strage | 09:41 |
| similian | strange i mean | 09:41 |
| similian | I just wondered if there is a clue | 09:41 |
| similian | do you have static ip config? on your vm? | 09:44 |
| similian | but vbox is different from kvm :/ | 09:44 |
| CasmoNL | similian, yeah, I have a static IP in my VBox VM, and I was planning on using kvm first, but it failed, so I ended up with VBox, and I like it so far. :P | 10:27 |
| stgraber | hallyn: working on the MIR for cgroup-lite? | 11:09 |
| stgraber | hallyn: just saw you adding it as a Depends of libvirt-bin so it now needs to be promoted to main | 11:09 |
| stgraber | hallyn: which will at least guarantee it's part of the ubuntu-server package set :) | 11:10 |
| hallyn | stgraber: d'oh! would making it recommends bypass that? | 11:10 |
| stgraber | hallyn: yeah but that'd be bad | 11:11 |
| hallyn | stgraber: confounded | 11:11 |
| stgraber | hallyn: as we install recommends by default, it'd install it when installing libvirt post-install but not when installing it from a media | 11:11 |
| hallyn | interesting, didn't know that happened | 11:11 |
| hallyn | stgraber: so i guess i have to yank it from depends while I file mir | 11:12 |
| hallyn | stgraber: pushing revert of that bit now | 11:17 |
| stgraber | hallyn: thanks. I don't think the MIR will be hard to get, especially as long as we only promote cgroup-lite and not cgroup-bin | 11:20 |
| stgraber | (you can still depends on cgroup-lite | cgroup-bin with only cgroup-lite being in main, so we'd only need cgroup-lite to be promoted) | 11:21 |
| stgraber | hallyn: btw, I got a few more reports of people (wgrant being one of them) having broken suspend/resume because of cgroup-bin (first suspend/resume works, second doesn't) | 11:22 |
| stgraber | not sure what we should be doing about it, but cgroup-bin seems to generally be a very bad idea, wondering if we shouldn't completely drop it and transition to cgroup-lite | 11:22 |
| hallyn | stgraber: d'oh, i just pushed the revert. | 11:22 |
| hallyn | yes, i've been thinking same | 11:22 |
| hallyn | i don't know if anyone out there is using some 'enterprise' junk that rquires it though | 11:23 |
| hallyn | stgraber: I suppose at some point someone may ask why we don't just have mountall mount cgroups | 11:34 |
| hallyn | (the answer might be some gibberish about wanting more flexibility for customization) | 11:34 |
| hallyn | bug 913728 | 11:35 |
| uvirtbot | Launchpad bug 913728 in libcgroup "[MIR] cgroup-lite" [Undecided,New] https://launchpad.net/bugs/913728 | 11:35 |
| uvirtbot | New bug: #913727 in lxc (main) "lxc grabs 10.0.0.0/8 by default" [Medium,New] https://launchpad.net/bugs/913727 | 11:36 |
| stgraber | hallyn: you probably want to subscribe the mir team to that bug | 11:39 |
| hallyn | right :) thanks | 11:40 |
| uvirtbot | New bug: #913728 in libcgroup (universe) "[MIR] cgroup-lite" [Undecided,New] https://launchpad.net/bugs/913728 | 11:41 |
| hallyn | stgraber: (yeah, i saw the cgroup-bin suspend/remove confirm) | 11:51 |
| abhinavmehta | if I'm having both boot loader installed eg. LILO & GRUB, and I want to know, which boot loader I'm using…how to find ? | 12:00 |
| abhinavmehta | ..its a os-instance running at some cloud-provider..so how to find this..? | 12:00 |
| uvirtbot | New bug: #913739 in nova (main) "nova-objectstore logrotate script uses 'dpkg-vendor'" [Undecided,New] https://launchpad.net/bugs/913739 | 12:17 |
| similian | how can i debug bridgin? | 12:38 |
| mooboo | guten morgen! ich habe sein sehr schlimmes und großes problem mit meinem raid server vielleicht kann mir ja jemand helfen! ich habe alles hier zusammengefasst http://debianforum.de/forum/viewtopic.php?f=9&t=133772&p=861136#p861136 vielleicht hat ja einer von euch den perfekten plan. | 12:46 |
| RoyK | !english | 12:49 |
| ubottu | The #ubuntu, #kubuntu and #xubuntu channels are English only. For a complete list of channels in other languages, please visit https://wiki.ubuntu.com/IRC/ChannelList | 12:49 |
| RoyK | !german | 12:49 |
| ubottu | In den meisten Ubuntu-Kanälen wird nur Englisch gesprochen. Für deutschsprachige Hilfe besuche bitte #ubuntu-de, #kubuntu-de, #edubuntu-de oder #ubuntu-at. Einfach "/join #ubuntu-de" eingeben. Danke für Dein Verständnis! | 12:49 |
| RoyK | !deutsch | 12:56 |
| ubottu | In den meisten Ubuntu-Kanälen wird nur Englisch gesprochen. Für deutschsprachige Hilfe besuche bitte #ubuntu-de, #kubuntu-de, #edubuntu-de oder #ubuntu-at. Einfach "/join #ubuntu-de" eingeben. Danke für Dein Verständnis! | 12:56 |
| RoyK | !中文 | 12:57 |
| RoyK | :) | 12:57 |
| === lili is now known as oolala | ||
| === oolala is now known as lala | ||
| === jdstrand1 is now known as jdstrand | ||
| stgraber | hallyn: hey, just talking with doko about the MIR. It'd be easier if cgroup-lite was a separate source package. | 13:59 |
| stgraber | hallyn: that way we can promote the cgroup-lite source package to main without any risk of also promoting cgroup-bin | 13:59 |
| stgraber | hallyn: and can then potentially drop the cgroup-bin source completely if we think we don't want it in Ubuntu | 13:59 |
| hallyn | stgraber: that'd be fine with me. | 14:03 |
| stgraber | hallyn: can you prepare the new source? | 14:04 |
| === bladernr_afk is now known as bladernr_ | ||
| hallyn | I can give it a shot. | 14:14 |
| hallyn | stgraber: do I start a new changelog, or copy the libcgroup one in? | 14:18 |
| stgraber | hallyn: I'd go with a new changelog to avoid some confusion | 14:20 |
| stgraber | hallyn: just make sure the initial version is slightly higher to the current cgroup-bin version, otherwise the upgrade won't work | 14:20 |
| soren | This is weird. I grabbed http://cloud-images.ubuntu.com/releases/oneiric/release/ubuntu-11.10-server-cloudimg-amd64-disk1.img and I'm trying to run it in KVM, but it's just hanging after grub. | 14:21 |
| utlemming | soren: agreed, that is wierd | 14:22 |
| utlemming | oh...wait, maybe not | 14:22 |
| kirkland | SpamapS: hallyn: what do you think about the suggestion in https://bugs.launchpad.net/bugs/910341 ? | 14:22 |
| uvirtbot | Launchpad bug 910341 in ecryptfs-utils "ecryptfs-(u-)mount-private should emit an upstart event" [Wishlist,Incomplete] | 14:22 |
| utlemming | soren: do you get any text after grub at all? | 14:22 |
| utlemming | soren: try the daily | 14:23 |
| soren | utlemming: This is the released Oneiric image. | 14:23 |
| soren | Surely that should work? | 14:23 |
| utlemming | soren: that is a bug that got fixed | 14:24 |
| utlemming | soren: we are currently testing the latest daily and plan on releasing that ASAP | 14:24 |
| SpamapS | kirkland: Why not emit a 'mounted' event just like mountall does? | 14:25 |
| soren | utlemming: The oneiric images haven't worked since release? I could have sworn I've used them. | 14:25 |
| utlemming | soren: what is happening is there was a bug with the last released image where the metal kernel got installed | 14:25 |
| utlemming | soren: no, it was a regression between the initial release image and the last update | 14:25 |
| soren | utlemming: This is the released image. | 14:26 |
| utlemming | the daily that built yesterday looks good so far, so I am ~95% sure we'll be kicking that out | 14:26 |
| soren | utlemming: ...and no, there's no text after grub. Not even "booting linux" or anything. | 14:26 |
| utlemming | yes, that's a match | 14:26 |
| utlemming | the "release" is a symlink to the latest image, not the initial release | 14:26 |
| soren | Oh, wait.. | 14:26 |
| soren | eep! | 14:27 |
| soren | Why, oh why? | 14:27 |
| utlemming | soren: the tests will finish in about 15 minutes and I can tell you whether the latest daily will become a release | 14:28 |
| soren | utlemming: Is that intentional? | 14:28 |
| utlemming | the release or the bug? :) | 14:28 |
| soren | The fact that /release doesn't contain what was released. | 14:28 |
| soren | ...but rather an update. | 14:28 |
| utlemming | the release methodology is intentional, although I am unsure as the reason for doing it | 14:29 |
| hallyn | stgraber: well I figure I"ll just call it "1.0", where libcgroup is at 0.37.1 :) | 14:29 |
| soren | utlemming: Did a release manager sign off on that? | 14:29 |
| stgraber | hallyn: sounds good | 14:29 |
| utlemming | soren: I don't know...do me a favor and file a bug against that | 14:31 |
| utlemming | soren: we're sprinting and incidently I have a meeting with the release manager tomorrow to talk about images | 14:31 |
| soren | utlemming: What would I file that bug against? | 14:31 |
| utlemming | I'll raise that question with her tomorrow, but looking at it I agree with the concern | 14:31 |
| utlemming | Ubuntu and then assign it to me | 14:31 |
| utlemming | I am thinking there should be a "release" and a "latest" | 14:32 |
| soren | All I care about is that "release" never ever changes. | 14:32 |
| soren | :) | 14:32 |
| === bladernr_ is now known as bladernr_afk | ||
| utlemming | well, we do have that... | 14:32 |
| soren | Where? | 14:33 |
| utlemming | http://cloud-images.ubuntu.com/releases/oneiric/release-20111011/ | 14:33 |
| utlemming | release is a symlink to the .../release-20111205/ | 14:34 |
| hallyn | kirkland: there are upstart jobs requiring a homedir to be mounted? | 14:34 |
| soren | utlemming: Right, so "release" did change. | 14:34 |
| utlemming | yup. What is unclear, and probably uncommunicated is that "release" is a symlink to release-<most recent>. And I agree that we are abusing the term "release" here. | 14:36 |
| === bladernr_afk is now known as bladernr_ | ||
| hallyn | stgraber: http://people.canonical.com/~serge/cgroup-lite-1.0-package.tar.gz | 14:37 |
| soren | Right. I'm almost entirely sure that everywhere else, /release is never ever changed. | 14:38 |
| soren | utlemming: ^ | 14:38 |
| stgraber | hallyn: hmm, empty orig tarball, that looks wrong | 14:38 |
| hallyn | stgraber: is any sort of breaks/replaces needed? | 14:38 |
| hallyn | well, i can move debian/scripts/* to ./... | 14:39 |
| stgraber | hallyn: make it a native package | 14:39 |
| === bladernr_ is now known as bladernr_afk | ||
| * hallyn googles | 14:40 | |
| stgraber | hallyn: oh, it's already a native package but still has an orig tarball, interesting :) | 14:40 |
| stgraber | hallyn: ok, wait for a few minutes, poking at it ;) | 14:40 |
| hallyn | ok, will keep looking at ($*&%(*&$% xserver-xorg-qxl meanwhile | 14:41 |
| === bladernr_afk is now known as bladernr_ | ||
| stgraber | hallyn: http://www.stgraber.org/download/cgroup-lite.tar.gz | 14:44 |
| hallyn | stgraber: do you just create that by hand, or is there a dh_make toggle you can use? | 14:47 |
| stgraber | hallyn: don't know, never used dh_make :) | 14:48 |
| hallyn | stgraber: seems to be working, thanks :) | 14:49 |
| hallyn | stgraber: lintian complains about standards versions, but other than that it looks good | 14:53 |
| Tribaal | hi stgraber, BTW :) | 15:03 |
| hallyn | stgraber: any objection to having the lxc-ubuntu template clear /var/cache/lxc/$release if it's more than a week old? | 15:07 |
| hallyn | (or we could have it chroot apt-get dist-upgrade, but that's scarier, not as reliable) | 15:08 |
| zeknox | I have a laptop running 10.04.3 LTS that will only show lo for an interface when running ifconfig -a, it was just working the other day, not it is not, I have looked at /etc/network/interfaces and validated auto eth0 is in the file | 15:26 |
| zeknox | I'm missing my interfaces for eth0 and wlan0 | 15:29 |
| soren | zeknox: "ifconfig -a" also shows unconfigured interfaces, so all interfaces should be there regardless of whether they're in /etc/network/interfaces. It's either a driver or a hardware problem. | 15:31 |
| zeknox | soren: yeah ifconfig -a only shows lo interface | 15:31 |
| zeknox | soren: was working just last week | 15:31 |
| gary_poster | hallyn or SpamapS, are either or both of you here at the platform sprint and available to talk a bit about lxc-start-ephemeral? | 15:44 |
| stgraber | Tribaal: hey! | 15:48 |
| stgraber | hallyn: I'm fine with having it cleaned when it's > 1 week old | 15:48 |
| hallyn | gary_poster: yes and yes | 15:48 |
| hallyn | stgraber: ok | 15:48 |
| stgraber | hallyn: though I think rbasak said it was taking a lot of time to build new template on ARM, so maybe try to see if we can solve that before forcing the template to be rebuilt | 15:48 |
| zeknox | I just booted to a boot disc (backtrack 5) and my eth0 interface will come up so I know it is not hardware issues | 15:49 |
| gary_poster | hallyn, awesome, thanks. when would work for you? It might be good to introduce you to the squad working with lxc anyway, so I might try pulling you over into a launchpad roon | 15:49 |
| gary_poster | m | 15:49 |
| zeknox | is there an easy way to reinstall networking? | 15:49 |
| hallyn | stgraber: good point - he's going to test and let me know :) | 15:50 |
| hallyn | stgraber: rbasak's answer is he wants a separate lxc-download split out of lxc-create | 15:55 |
| stgraber | hallyn: k | 15:56 |
| hallyn | so we might be by to bug you at some point :) | 15:56 |
| hallyn | stgraber: how long will you be there yet? | 16:01 |
| hallyn | gary_poster: tomorrow perhaps | 16:17 |
| uvirtbot | New bug: #913857 in ntp (main) "ntp-keygen documentation lists options that ntp-keygen does not support" [Undecided,New] https://launchpad.net/bugs/913857 | 16:18 |
| gary_poster | hallyn, great, thanks. which room are you working in? | 16:18 |
| hallyn | gary_poster: Dery | 16:19 |
| gary_poster | cool thanks | 16:19 |
| === sixstringsg|away is now known as sixstringsg | ||
| eutheria | is it esc to get the lucid grub boot menu? | 16:41 |
| === sixstringsg is now known as sixstringsg|away | ||
| zeknox | soren: my system ended up doing a kernel update, so I needed to reinstall network drivers from source | 16:49 |
| zeknox | soren: problem solved, thanks for your help | 16:49 |
| uvirtbot | New bug: #913878 in netty (universe) "should run test suite on package build" [Medium,Confirmed] https://launchpad.net/bugs/913878 | 16:51 |
| uvirtbot | New bug: #913877 in lxc (main) "lxc-create fails: cp: will not create hard link..." [High,Triaged] https://launchpad.net/bugs/913877 | 16:56 |
| hallyn | stgraber: so regarding the console issue in lxc on precise, | 16:57 |
| hallyn | stgraber: it appears to be similar to smoser's libvir-lxc problem after all | 16:57 |
| hallyn | stgraber: if you do lxc-console -n <container> and log in on its /dev/tty1, and ls /dev/pts, you see an empty dir | 16:58 |
| hallyn | so something somwehre along the way is doing an extra mount -t devpts -o newinstance | 16:58 |
| hallyn | haha, and yes, confirmed, /dev/tty1 in the container was using /dev/pts/3 on the host | 17:04 |
| stgraber | hallyn: well, the "not getting a console after lxc-start" is definitely caused by the new getty as just copying the old binary makes the login prompt show up again | 17:08 |
| hallyn | stgraber: and then does /dev/console show itslef as 136:0, and ls /dev/pts shows '0 ptmx' ? | 17:09 |
| stgraber | hallyn: /dev/console is 136:14 here, /dev/pts contains 28 entries | 17:12 |
| hallyn | uh, the same 28 entries as your host? | 17:12 |
| hallyn | oh, i guess that's ok | 17:12 |
| hallyn | nm, makes sense. | 17:13 |
| stgraber | nope, I have 17 on the host | 17:13 |
| hallyn | odd | 17:13 |
| hallyn | you haven't yet trakced down the getty regression I assume? | 17:13 |
| === bladernr_ is now known as bladernr_afk | ||
| stgraber | nope, I mentioned it to lamont but that didn't ring a bell, so will have to go through the upstream git to figure out what changed | 17:14 |
| hallyn | all right i'm gonna go clear my head so i can decide what to focus on tonight :) | 17:14 |
| hallyn | ttyl | 17:15 |
| stgraber | ok, bye | 17:15 |
| === bladernr_afk is now known as bladernr_ | ||
| === sixstringsg|away is now known as sixstringsg | ||
| pmatulis | SpamapS: re bug #818177 , confirm that -proposed needs to be enabled during install to perform the verfication... | 17:38 |
| uvirtbot | Launchpad bug 818177 in udev "boot failures as /dev is not transferred to /root (because 'udevadm exit' times out waiting for a deadlocked worker)" [High,Fix committed] https://launchpad.net/bugs/818177 | 17:38 |
| === cloakable_ is now known as cloakable | ||
| === sixstringsg is now known as sixstringsg|away | ||
| === bladernr_ is now known as bladernr_afk | ||
| === sixstringsg|away is now known as sixstringsg | ||
| uvirtbot | New bug: #913935 in ipsec-tools (main) "racoon segfaults when flusing SPD" [Undecided,New] https://launchpad.net/bugs/913935 | 19:26 |
| === andreas__ is now known as ahasenack | ||
| Taymon | Hi. I'm running Oneiric server and am trying to configure a bridge on top of a bonded interface. My /etc/network/interfaces is at http://paste.ubuntu.com/798553/; I suspect I'm doing something wrong but don't know what. | 19:41 |
| hallyn | stgraber: all right, got the console working. not pretty though | 20:12 |
| uvirtbot | New bug: #913948 in krb5 (main) "package libgssrpc4 1.8.1+dfsg-2ubuntu0.10 failed to install/upgrade: erreur lors de l'écriture de « <sortie standard> »: Succès" [Undecided,New] https://launchpad.net/bugs/913948 | 20:16 |
| === sixstringsg is now known as sixstringsg|away | ||
| === koolhead17 is now known as koolhead17|zzZZ | ||
| hallyn | stgraber: bug 913952 | 20:19 |
| uvirtbot | Launchpad bug 913952 in util-linux "no console on precise containers" [Undecided,New] https://launchpad.net/bugs/913952 | 20:19 |
| uvirtbot | New bug: #913952 in util-linux (main) "no console on precise containers" [Undecided,New] https://launchpad.net/bugs/913952 | 20:26 |
| hallyn | rbasak: since we are upgrading each container on lxc-create anyway, I think we can punt the wiping of /var/cache/lxc/$release/rootfs-$arch when it is past $LXC_INTERVAL. Deal with that when we introduce lxc-download-image in p+1. | 20:40 |
| stgraber | hallyn: cool, thanks for tracking that down | 20:52 |
| stgraber | hallyn: does that change also explain the terminal being reset/cleared when running lxc-console on a precise system? | 20:52 |
| stgraber | hallyn: (as in, on a precise container, works as it used to for an oneiric container) | 20:53 |
| treyisrad | anyone running ZFS on their ubuntu machine? would you reccomend it over mdadm? | 21:12 |
| RoyK | treyisrad: I have zfs on several machines, but not with linux | 21:13 |
| RoyK | treyisrad: zfs is far better in some respects, namely safety, with checksumming of all data, and in that it has a very lightweight compression | 21:14 |
| RoyK | mdadm is more flexible, though | 21:14 |
| === bastidra1or is now known as bastidrazor | ||
| treyisrad | RoyK: ah, well i'm looking to move over my raid array, since i've had quite a few problems with corruption. (recently lost around 20% of my data, lost all of it a few months back) | 21:14 |
| treyisrad | I hear zfs is fairly good in that respect. | 21:15 |
| RoyK | zfs checks its data and metadata in a way few other filesystems do | 21:15 |
| RoyK | 'cept perhaps btrfs, but that's not stable yet, and gods know when it'll be | 21:15 |
| === JanC_ is now known as JanC | ||
| treyisrad | last time i looked into it, zfs on linux was still a bit iffy, but it seems to be mostly stable now. | 21:17 |
| RoyK | treyisrad: but zfs natively on linux is nothing I would recommend - too immature to me | 21:17 |
| * RoyK sticks to solaris/openindiana for zfs | 21:17 | |
| RoyK | openindiana works well - I have some 350TB worth of storage on that platform | 21:18 |
| treyisrad | well, my luck with mdadm/xfs has been terrible, so my standards are pretty low :P | 21:18 |
| RoyK | I'd recommend ext4 over xfs any day | 21:18 |
| hallyn | straber: made a few more changes to cgroup-lite (including doko-recommended): http://people.canonical.com/~serge/cgroup-lite.tar.gz | 21:19 |
| JanC | treyisrad: you shouldn't use XFS without a UPS though :P | 21:24 |
| RoyK | s/without a UPS// | 21:25 |
| treyisrad | JanC: no kidding. learned the hard way. | 21:25 |
| JanC | someone I know used it on a laptop, then learned running out of battery with XFS wasn 't really fun :P | 21:25 |
| RoyK | really, it doesn't survive that? | 21:26 |
| JanC | RoyK: same issues as with ext4 really (especially early ext4) | 21:27 |
| JanC | I'm sure you remember all the "ext4 truncated my data files" bugs ;) | 21:28 |
| RoyK | oops... no - don't remember those | 21:29 |
| RoyK | but then, I kept to ext3 for quite some time | 21:29 |
| JanC | which is partially the application's fault, maybe, but still annoying if it happens to you | 21:29 |
| axisys | what would be a good ldap server / easy to manage on ubuntu server? | 21:29 |
| JanC | RoyK: even ext3 can show that behaviour, if you tune it to wait long before writing data to disk | 21:30 |
| RoyK | axisys: good, openldap; easy to manage, no idea | 21:30 |
| axisys | how about apache ds ? | 21:31 |
| JanC | "easy to manage" sounds more like a UI client thing | 21:31 |
| === sixstringsg|away is now known as sixstringsg | ||
| axisys | JanC: someone mentioned phpldapadmin | 21:35 |
| JanC | I'd say it also depends on what you need to integrate with | 21:36 |
| axisys | mainly authentication | 21:37 |
| axisys | and probably some authorization based on group membership | 21:38 |
| RoyK | axisys: openldap is probably the most used out there | 21:39 |
| JanC | so openldap is probably the most-used LDAP server | 21:41 |
| JanC | not sure what the best / most-used LDAP admin is though | 21:41 |
| JanC | but for simple authentication use, most tools should work, I assume? | 21:42 |
| JanC | I mean, if no Windows AD support is needed, etc. ;) | 21:43 |
| axisys | JanC: would be nice if we could interface with corporate AD .. then I will have to use likewise.. it gets complicated | 21:44 |
| patdk-lap | I use the java ldapbrowser | 21:44 |
| patdk-lap | heh? I don't use likewise, and my ubuntu server can interface fully with AD | 21:45 |
| patdk-lap | I just can't stand likewise way | 21:45 |
| JanC | well, AD is just an LDAP server, so in theory you could use it without likewise | 21:45 |
| axisys | patdk-lap, JanC : is that right.. | 21:46 |
| JanC | likewise (and other similar tools) just implement knowledge about how MS stores stuff in their LDAP server... | 21:46 |
| JanC | and how to apply those settings to a linux system | 21:47 |
| patdk-lap | I pull email addresses out of AD and use them for postfix | 21:47 |
| === bladernr_afk is now known as bladernr_ | ||
| soren | smoser: Say I want to write a custom cloud-init handler for something (to be able to do something declaratively rather than imperatively). If I -- using cloud-config or whatever -- add a PPA and install a handler from there... Is there any way I can use that handler in that same cloud-init run? | 21:49 |
| axisys | patdk-lap: do you use pam to authenticate with AD ? | 21:50 |
| JanC | patdk-lap: which means you had to "reverse engineer" the way AD stores those in LDAP, I guess (or someone else did it for you) | 21:50 |
| patdk-lap | janc, ya, it's easy, except for aliases | 21:51 |
| patdk-lap | axisys, yep, I go though pam | 21:51 |
| hallyn | stgraber: oh, sorry, didn't see yoru responses. (my screen is too small to do irc as i usually do, but i don't really want to change for just this week) | 21:51 |
| hallyn | stgraber: I didn't bother tracking down the reset. I assumed the new getty code just thinks its being clever | 21:52 |
| JanC | i guess "likewise" & co. earn their money so that companies don't have to reverse-engineer.. | 21:52 |
| JanC | IIRC Samba 4 has some AD integration too, not sure how far that goes | 21:53 |
| stgraber | hallyn: yeah, I can live with that, it's just weird to see it behave differently with two different containers :) | 21:58 |
| hallyn | stgraber: upstream commit e85281a8ac887a35a78f4b43e4755a44aecc2fb7 | 21:58 |
| hallyn | we can add '--noclear' to not clear the screen. new feature. | 21:58 |
| hallyn | feature we were all clamoring for, i know... | 21:59 |
| smoser | soren, you could accomplish it | 22:10 |
| smoser | but not as pretty as i think you'd like. | 22:10 |
| smoser | if you add the ppa, that gets added in "cloud-config" stage, which is after user-data is processed. | 22:10 |
| smoser | so you would'nt get the chance to be included in the processing if you were adding this package on boot. | 22:11 |
| smoser | but you could have it lay down a script in /var/lib/cloud/scripts/per-boot/ via that package | 22:12 |
| smoser | and it would get run at "final" (essentially rc.local) time. | 22:12 |
| mgw | is there a way to prioritize dhcp option 121 (classless-static-routes)? That is, if a client gets multiple leases and there's a conflict in the routing — how is it resolved? | 22:23 |
| soren | smoser: Are the things in cloud-config acted upon in the order given in the file? | 22:26 |
| soren | smoser: Or do you iterate through scripts that in turn look for specific keys and then act on them? | 22:26 |
| smoser | they're acted on in order in /etc/cloud/cloud.cfg | 22:27 |
| soren | :( | 22:27 |
| soren | Ok. | 22:27 |
| smoser | and you can/could re-define any of those lists in a user-data | 22:27 |
| smoser | soren, were you wanting to install a part-handler ? or a cloud-config script ? | 22:28 |
| soren | smoser: So if I add a new cc_blah module (by way of a package installed from a new ppa) and add that to the cloud_config_modules.. | 22:28 |
| soren | smoser: I don't know, really. | 22:28 |
| smoser | yeah. you should be able to get yours invoked then. | 22:29 |
| soren | smoser: I'm only just now beginning to understand that there's a difference :) | 22:29 |
| smoser | but you can't at this point just append to the existing list | 22:29 |
| smoser | you have to re-define it | 22:29 |
| soren | Ok. | 22:29 |
| smoser | i had thought about allowing some sort of yaml extension like: | 22:29 |
| smoser | cloud_config_modules+: | 22:30 |
| smoser | - sorens_uber_module | 22:30 |
| soren | To be honest, this is not something I actually need to do. It was just a thought experiment, so don't spend a lot of time on it. | 22:30 |
| smoser | or | 22:30 |
| smoser | cloud_config_modules-: | 22:30 |
| smoser | - grub-dpkg | 22:30 |
| soren | That would be pretty neat. | 22:31 |
| soren | Anyways, thanks. I need to run now. | 22:31 |
| soren | Enjoy Budapest. | 22:31 |
| === lili is now known as oolala | ||
| === bicranial_ is now known as bicranial | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!