| === Lcawte is now known as Lcawte|Away | ||
| gmr- | Hey there, having a hard time trying to clean up an old ldap install on a box and perform a new, clean one. I've done the apt-get remove slapd (and related things) did an rm -rf /etc/ldap & /var/lib/ldap. Now when I install slapd none of the schema files get created in /etc/ldap/schema. | 00:16 |
|---|---|---|
| gmr- | Any suggestions? | 00:16 |
| pmatulis | gmr-: may require 'purge' with apt | 00:25 |
| gmr- | pmatulis: thanks, will try | 00:29 |
| itguru | I'm getting an unable to write to temporary file error 13 on a linux box, and I googled around, and it suppose to be permssions issue, but other mysql databases on the same instance are running fine - this seems like a red herring error, any ideas? | 01:09 |
| itguru | http://pastebin.com/ZjgBFxwX - Usually, when I've faced this error in the past it's been permissions, but other databases are running okay, and it's got me confused. This is being thown up by a php based website | 01:09 |
| === micahg_ is now known as micahg | ||
| ilovemesomeubunt | If I set up 2 factor Auth on SSHd should I also still set up something like fail2ban? | 02:01 |
| qman__ | brute force attempts will happen regardless of the authentication you use | 02:03 |
| qman__ | so, setting up some method of limiting it (fail2ban or -m recent) is a good idea | 02:03 |
| qman__ | if nothing else, to stop log cluttert | 02:03 |
| ilovemesomeubunt | qman__, Oh, ok. Figured it might. I will setup fial2band | 02:03 |
| qman__ | in my case, my shell server was disk thrashing from all the hits and it was annoying, so I set up iptables -m recent | 02:05 |
| === fenris is now known as Guest45833 | ||
| === Guest45833 is now known as ejat | ||
| _godhelpme | from a shell how do i see what user accounts are on my system | 04:28 |
| twb | getent passwd | 04:29 |
| _godhelpme | thanks | 04:31 |
| pehden | Whats up | 05:11 |
| pehden | is there ever going to be a time where ubuntu would have repos for ispconfig? | 05:12 |
| qman__ | that's more a question for the ispconfig people | 05:13 |
| qman__ | whether or not they're going to package and maintain it, and submit it | 05:13 |
| twb | Packaging is not normally done by upstream (because upstream is usually incompetent) | 05:14 |
| twb | However, it's apparently a "hosting control panel", so the same caveats as webmin probably apply | 05:14 |
| pehden | i would have considered it something like webmin | 05:14 |
| pehden | or packed like phpmyadmin really | 05:15 |
| twb | We encourage sysadmins to learn how to manage the system properly, via the CLI | 05:15 |
| pehden | i know that but it would have been of interest | 05:15 |
| pehden | know webmin was left behind and no longer supported | 05:16 |
| twb | ispconfig is not currently packaged for ubuntu or debian. You could file a Request for Package (RFP) to Debian's bug tracker, where it will probably be ignored for years because no one likes it. | 05:16 |
| pehden | but ispconfig has been very well maintained. | 05:16 |
| twb | pehden: that is your opinion. | 05:16 |
| pehden | its a php based install system | 05:17 |
| twb | IMO PHP is an automatic fail. | 05:17 |
| twb | http://wiki.debian.org/HostingControlPanels is a summary of FOSS WHCPs. | 05:17 |
| pehden | the top ones on there are non-freware | 05:20 |
| pehden | *freeware | 05:20 |
| qman__ | it's alphabetical | 05:23 |
| twb | qman__: I think he's referring to the opening paragraph which mentions cpanel and plesk | 05:23 |
| qman__ | ah | 05:24 |
| qman__ | I use plesk at work, it's meh | 05:24 |
| twb | pehden: as I said, I do not endose any WHCP -- I discourage their use. | 05:24 |
| qman__ | a bunch of random software precariously stitched together | 05:24 |
| twb | <stupid customer> I started babysitting today, is running cpanel | 05:28 |
| twb | And they refuse to give out ssh access, but they want kerberized SSO in their apache, which is not using TLS *at all* | 05:28 |
| qman__ | of course we do run it on a windows VPS, so maybe it's better on linux, but I honestly don't think it would be | 05:28 |
| twb | Stupid bloody monkeys | 05:28 |
| === fenris is now known as Guest67783 | ||
| herald | I've got a question about Iptables and routing, could someone give me a hand? | 06:23 |
| twb | Don't ask to ask unless you're prepared to ask to ask to ask. | 06:24 |
| herald | I am so prepared | 06:24 |
| herald | OK so I'm using comcast and they don't allow you to bridge their cable modem. Essentially, I have to use one of the IPs in my static IP block to give to my router, and then the public DMZ has the rest of the IPs. My question is, how to I handle routing and set gateways for that? I'd have like 4 different gateways or something | 06:26 |
| herald | The cable modem and the public DMZ are the same logical network, but are split between two different NICs | 06:27 |
| herald | Do I set up a static route for the single IP on the one NIC and let the routing tables take care of the rest? | 06:27 |
| twb | herald: replace the cable modem with one you control | 06:29 |
| === smb` is now known as smb | ||
| Daviey | jamespage: around? | 09:12 |
| jamespage | Daviey, yep | 09:12 |
| Daviey | jamespage: Great :) | 09:12 |
| Daviey | jamespage: One adam_g has polished being able to run preicse and oneiric on the ci lab, fast... Are you ready to be able to suck in stable/diablo on oneiric proposed branches? | 09:13 |
| Daviey | That should read "Once adam_g" | 09:18 |
| * Daviey wonders if jamespage is still there? | 09:23 | |
| jamespage | Daviey: yes - sorry - just helping someone with something else | 09:24 |
| jamespage | give me 5 mins | 09:24 |
| Daviey | jamespage: ok, sure | 09:25 |
| koolhead11 | hi all | 09:30 |
| jamespage | Daviey: I've not tested it for a while but it should not be to much effort. | 09:39 |
| Daviey | jamespage: yeah, there seems to be a jenkins plugin for gerrit proposed changes. | 09:52 |
| * jamespage re-reads | 09:52 | |
| Daviey | jamespage: was it you that setup the reprepro part? | 09:52 |
| jamespage | can you clarify "suck in stable/diablo on oneiric proposed branches"? | 09:52 |
| jamespage | Daviey: I did setup reprepro | 09:53 |
| Daviey | jamespage: sorry, someone proposes an 'upstream SRU' if you like, i'd like to pre-validate it before review via jenkins | 09:53 |
| Daviey | so, a pre-commit test | 09:53 |
| Daviey | or pre-merge test | 09:53 |
| jamespage | merge in bzr or git upstream? | 09:54 |
| Daviey | jamespage: git upstream | 09:54 |
| jamespage | Daviey: well in that case I change "I've not tested it for a while but it should not be to much effort." | 09:54 |
| Daviey | heh, thanks | 09:55 |
| jamespage | to "I need to catchup with mtaylor as they do some of this alread" | 09:55 |
| jamespage | to "I need to catchup with mtaylor as they do some of this already" | 09:55 |
| jamespage | I expect that will need some infrastructure changes as well | 09:55 |
| jamespage | as I suspect we ONLY have access to github.com | 09:55 |
| Daviey | jamespage: no, we have ssh | 09:56 |
| Daviey | jamespage: we'll talk iab about it | 09:56 |
| jamespage | Daviey: OK | 09:56 |
| Daviey | jamespage: sorry, i was supposed to have a call starting now, but cannot find the other person.. | 10:03 |
| Daviey | so, $ ssh davewalker@review.openstack.org -p29418 gerrit query --format=JSON status:open status:open project:openstack/nova branch:stable/diablo | 10:03 |
| Daviey | {"type":"stats","rowCount":0,"runTimeMilliseconds":6} | 10:03 |
| Daviey | It seems to be handled already with, https://wiki.jenkins-ci.org/display/JENKINS/Gerrit+Plugin | 10:04 |
| Womkes | I use Jenkins + Gerrit | 10:07 |
| Womkes | works well | 10:07 |
| jamespage | Daviey: OK so you want to pickup proposed merges from gerrit; pull them into the lab with the current packaging for stable? | 10:29 |
| jamespage | build; deploy and test? | 10:29 |
| lynxman | morning o/ | 10:42 |
| jamespage | morning lynxman | 10:43 |
| Mez | Ok, I'm in a bit of a pickle here. Ubuntu Lucid. It supports sslv2. However, I need to disable this for PCI. However, doing so means that external servers that are attempting to use an ssl23 socket to open a connection to us fail... | 10:47 |
| greppy | How many external servers are you talking about? | 10:50 |
| greppy | Mez: are they using sslv2 because that's all they can use, or because it is available. | 10:51 |
| Daviey | jamespage: yep | 10:53 |
| Mez | greppy - I'm not sure. I basically changed the code to use SSlv3 instead of sslv23 .. | 10:53 |
| Mez | this caused wget to fail aswell. | 10:53 |
| Daviey | Mez: this is on pound? | 10:54 |
| greppy | Mez: what if you specify for wget to use v3? | 10:54 |
| Mez | Daviey: yes. | 10:55 |
| Daviey | Mez: do you have the patch you used handy? | 10:55 |
| Mez | greppy: I don't know (didn't know I could do that). | 10:55 |
| Mez | Daviey ... er... yes. | 10:55 |
| greppy | http://blog.zenone.org/2009/03/pci-compliance-disable-sslv2-and-weak.html | 10:55 |
| greppy | that may help | 10:55 |
| Mez | greppy: not really. | 10:55 |
| Daviey | greppy: he's using a whizzy load balancer, not apache | 10:55 |
| Mez | I tried connecting via openssl s_client and that wouldnt connect unless I specified -ssl3 | 10:56 |
| Daviey | I hear the debian maintainer for pound is a real ass BTW :) | 10:56 |
| Mez | however, the problem is that Paypal IPN notifications were failing. | 10:56 |
| Daviey | Mez: whee is the patch? | 10:56 |
| Mez | wheee! | 10:56 |
| greppy | Daviey: yeah, but it has commands for testing what is going on. | 10:56 |
| Mez | just finding it. | 10:56 |
| Mez | (as it's hiding in LP) | 10:56 |
| Mez | https://launchpad.net/~mez/+archive/mez-mf/+files/pound_2.5-1.1~lucid2.debian.tar.gz | 10:56 |
| Daviey | greppy: right, i think i threw them to mez last week. | 10:57 |
| Mez | Daviey: yeah. | 10:57 |
| greppy | ah | 10:57 |
| Mez | Daviey: see debian/patches/disable_sslv2_server.patch | 10:57 |
| Mez | or I can pastebin it if need be. | 10:57 |
| greppy | I do good to remember what I read in here from day to day, much less a week ago :) I mean, hopefully, I have slept since then, which means /tmp got cleared :) | 10:58 |
| Mez | It was somewhere else. | 10:58 |
| uvirtbot | New bug: #923676 in dovecot (main) "/usr/lib/dovecot/deliver: invalid option -- 'n'" [Undecided,Triaged] https://launchpad.net/bugs/923676 | 11:01 |
| Daviey | Mez: crikey, https://launchpadlibrarian.net/91198061/pound_2.5-1~lucid1_2.5-1.1~lucid1.diff.gz ? | 11:01 |
| Daviey | greppy: yes, sorry - it was even on a different irc network :) | 11:01 |
| greppy | ha! | 11:01 |
| Mez | Daviey: ?? ? | 11:03 |
| Mez | that's also a patch from debian. | 11:04 |
| Daviey | ah | 11:05 |
| * Mez sighs | 11:08 | |
| Daviey | Mez: found it? | 11:09 |
| Mez | nope. | 11:11 |
| Mez | (found what?) | 11:11 |
| Daviey | Mez: right, what is happening? | 11:12 |
| Daviey | what is openssl reporting, with the patch applied? | 11:12 |
| Mez | handshake failed. | 11:12 |
| Mez | (I don't have a specific test environment for that at the moment, as I had to roll back the change) | 11:13 |
| Daviey | Mez: I haven't grokked the code, but what does http://pb.daviey.com/napC/ do ? | 11:14 |
| Mez | That was never actually applied. | 11:15 |
| Daviey | ug? | 11:15 |
| Daviey | uh? | 11:15 |
| Mez | ~lucid1 - I forgot to add it to series XD | 11:15 |
| Mez | but that code *would* if it had been applied, change from using anb SSLv23 (version 2 and 3) socket to just use a v3 socket | 11:16 |
| Daviey | Mez: neat, but there are two other references to SSLv23 config.c .. which the pastebin i just pushed includes | 11:16 |
| Mez | Daviey: ok. the 2 _client_method() are for outgoing connections (when it connects to the backend) Not for incoming. | 11:17 |
| therve | Mez, iirc, v23 also supports TLSv1, but v3 only support SSL3 | 11:19 |
| therve | Mez, you should use SSL options instead to disable SSLv2 | 11:19 |
| Mez | therve: yeah, am starting to think that myself. | 11:19 |
| therve | and http://www.openssl.org/docs/ssl/SSL_CTX_new.html agrees | 11:20 |
| therve | SSL_CTX_set_options(res->ctx, SSL_OP_NO_SSLv2) should do the trick | 11:21 |
| * Mez puts new version of pound to ftp-master | 11:24 | |
| Daviey | Mez: erm, why not test it first? :) | 11:24 |
| smb | Daviey, stgraber fyi, I thought I file bug 923685 to document this. Maybe more of an observation but probably this is not so uncommon as a setup. | 11:24 |
| uvirtbot | Launchpad bug 923685 in resolvconf "New resolver package overwrites manually created resolv.conf on server" [Undecided,New] https://launchpad.net/bugs/923685 | 11:24 |
| Mez | Daviey: simultaneous development. | 11:24 |
| Mez | The new version of pound is without the SSL changes. | 11:25 |
| Mez | the ssl changes are for a local copy. | 11:25 |
| Daviey | Mez: You've just uploaded something, to Debian? | 11:25 |
| Mez | yes. | 11:25 |
| Daviey | Mez: Was this something, pound? | 11:25 |
| Mez | while we've been talking, I've been doing a build of a point update for debian. | 11:25 |
| Mez | yes. | 11:26 |
| Daviey | smb: Stop finding problems, find solutions :P | 11:26 |
| Daviey | oh | 11:26 |
| smb | Daviey, Hey I need to find the problems first. :) | 11:26 |
| Mez | Daviey: why'd you ask? | 11:27 |
| Daviey | smb: You are looking at this wrong, lets find the solutions - then the problems. :) | 11:27 |
| Daviey | Mez: Just wondered. | 11:27 |
| Mez | Daviey: there's a new point release of pound, thought I'd update unstable while I'm there fiddling wtih pound anyways (and yes, I tested it!) | 11:28 |
| Daviey | smb: confirming you are using static ip, not dhcp? | 11:28 |
| Daviey | smb: and the nameservers where just /dropped/ not replaced? | 11:29 |
| smb | Daviey, I do use a static IP, yes | 11:29 |
| Daviey | Mez: heh | 11:29 |
| smb | Daviey, And not, resolv.conf was _empty_ | 11:29 |
| Mez | Now the question is... | 11:29 |
| Daviey | smb: That is less than ideal | 11:29 |
| Mez | Do I make this change regarding sslv2 into a config option ... or do I just keep it in our local copy ? | 11:29 |
| Daviey | Mez: speak with upstream? | 11:30 |
| smb | Daviey, Could be a tat annoying. Though ssh connections probably still work. Just nothing looking for a dns name from withing the server. | 11:30 |
| smb | *tad | 11:30 |
| Mez | Daviey: upstream are very... weird... | 11:31 |
| Mez | Sometimes they'll be happy to do anything and everything to help | 11:31 |
| Mez | sometimes they just ... go silent... and you never get a response. | 11:31 |
| Daviey | smb: Hmm, ssh fails if it couldn't resolve itself... but i guess it can through /etc/hosts | 11:31 |
| smb | Right, there is the hostname defined mapped to loopback | 11:32 |
| Daviey | Mez: .. and you choose to use this software? :) | 11:32 |
| Mez | Daviey: I sorta got forced into it. | 11:33 |
| Mez | $random_manager stuck a pin in the internet and chose to use pound. | 11:34 |
| Mez | Therefore I became debian maintainer. | 11:34 |
| Daviey | ahh | 11:36 |
| Mez | (had to fix a couple of bugs we needed fixing, so I MIA'd the old maintainer, and hijacked. | 11:37 |
| Mez | Oh, by the way... I noticed a bit of a problem the other day regarding the TCP stack in Linux with use of reverse proxies. | 11:42 |
| Mez | What's the HZ of the kernel set to for Ubuntu server? | 11:42 |
| andol | Mez: Well, not sure if there are different values for different version, but "grep CONFIG_HZ /boot/config-*" should tell you. | 11:50 |
| sattu94 | Hi, does the 64-bit server cd load a 32bit kernel or a 64 bit one to carry out the installation? | 12:13 |
| henkjan_ | sattu94: 64bit | 12:14 |
| sattu94 | Okay, thank you. | 12:15 |
| uvirtbot | New bug: #923699 in php5 (main) "Compiling PHP 5 fails due to missing suhosin_patch.c" [Undecided,New] https://launchpad.net/bugs/923699 | 12:26 |
| Mez | Daviey: thoughts? | 12:48 |
| Mez | http://pb.daviey.com/v8So/ | 12:48 |
| Mez | ffs, somehow some of it's got caught in the anti_beast patch | 12:51 |
| Mez | http://pb.daviey.com/MRJt/ | 12:54 |
| Daviey | Mez: if it compiles, ship it/. | 13:10 |
| Mez | lol. | 13:10 |
| Mez | Daviey: unfortunately, it doesn't compile for Lucid (due to another patch) | 13:10 |
| Mez | quilt pop -a | 13:12 |
| Mez | So I'm just poking that into the old pound manually | 13:13 |
| Daviey | oh | 13:14 |
| Vivek | Hi | 13:17 |
| Vivek | I am getting Dropbox LAN sync Discovery Protocol messages in my tcpdump output. | 13:19 |
| Vivek | Is there Dropbox inbuilt into Orchestra/ | 13:19 |
| Vivek | ? | 13:19 |
| Vivek | Also In the directory /var/log/orchestra/ryslog I am getting dhcp requests from my eth0 when during orchestra configuration, I had configured it to only serve dhcp I.P Addresses via eth1 | 13:22 |
| === Ursinha` is now known as Ursinha | ||
| === fjlacoste is now known as flacoste | ||
| Daviey | therve: Hey, can i ask what testing you have done against your proposed fix for bug 913464? | 13:57 |
| uvirtbot | Launchpad bug 913464 in rabbitmq-server "rabbit creates new PAM session" [Medium,New] https://launchpad.net/bugs/913464 | 13:57 |
| therve | Daviey, I used the changed init on my oneiric and precise machines | 13:58 |
| Mez | btw, thanks for the info earlier therve | 13:58 |
| therve | Mez, you're welcome | 13:58 |
| therve | Daviey, rabbit is not reported in the list of connected users anymore, and my machines shutdown properly | 13:58 |
| Daviey | therve: nice, but do we lose the ability to log? shutdown_log ? | 13:59 |
| therve | Daviey, yeah I don't know about those | 13:59 |
| Daviey | therve: /me ponders. | 14:01 |
| therve | Daviey, shutdown_log seems to be filled as usual | 14:01 |
| therve | after some local testing | 14:01 |
| Daviey | therve: cool | 14:02 |
| roaksoax | Daviey: some peer review please>? https://launchpad.net/~andreserl/+archive/ppa | 14:05 |
| Daviey | roaksoax: looking | 14:05 |
| Daviey | therve: uploaded | 14:05 |
| therve | sweet! thanks | 14:06 |
| Daviey | therve: no, thanks to you! | 14:06 |
| Daviey | bigjools: Are you in a psotion to test oops-*, txaws packages? | 14:07 |
| Daviey | position* | 14:07 |
| stgraber | smb: thanks for the bug report. So that was a regular d-i install and you didn't get the dns- fields in /etc/network/interfaces? that'd be the actual bug as netcfg is supposed to add them and we confirmed last week that it did | 14:09 |
| smb | stgraber, Well some d-i install for oneiric and then the install does succeed in dhcp usage. which I change later | 14:10 |
| smb | Then upgraded | 14:10 |
| smb | (so completely "normal" usecase :-P) | 14:11 |
| smoser | hallyn, 2 things | 14:11 |
| smoser | a.) -root.tar.gz now available at https://cloud-images.ubuntu.com/server/precise/current/ | 14:11 |
| Daviey | roaksoax: We normally try to put the debian/* under the same licence as upstream right? | 14:11 |
| Daviey | here we have LGPL-3 and GPL-2+ | 14:11 |
| stgraber | smb: ah right, so that was a dhcp install that you then turned into static when we didn't have resolvconf | 14:11 |
| smoser | b.) i use lxc-is-container at http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/cloudinit/util.py (islxc method) | 14:11 |
| Daviey | roaksoax: Also, isn't * under Canonical Ltd copyright? | 14:12 |
| hallyn | smoser: ok, so if i rename that, how hard is that for you to handle? | 14:12 |
| smb | stgraber, Right. As I updated the report, I am not sure I ignored some warning in the file. But it used to work that way. | 14:13 |
| stgraber | smb: not exactly sure what we can do in that case. We might be able to show a debconf prompt if we detect that case and ask the user to configured /etc/network/interfaces with the DNS based on /etc/resolvconf/resolv.conf.d/original | 14:13 |
| stgraber | smb: not converting to a symlink based on /etc/network/interfaces and /etc/resolv.conf content is a bit tricky as we also have to deal with Network Manager and some other ways of configuring networking (like thin clients/netboot system doing dhcp from the initrd) | 14:14 |
| stgraber | smb: I'll update the bug with these thoughts | 14:14 |
| hallyn | smoser: great, i'll hopefully work on the ubucloud template today (though nuking lxcguest takes precedence) | 14:14 |
| smb | stgraber, Hm yeah. Yes, best have things in there. | 14:15 |
| === bladernr_afk is now known as bladernr_ | ||
| smoser | hallyn, i can easily re-name, why, i wonder? | 14:15 |
| hallyn | smoser: anyway, https://code.launchpad.net/~serge-hallyn/ubuntu/precise/upstart/upstart-containers is where i was renaming lxc-is-container | 14:15 |
| hallyn | bc "running-in-container" sounded nicer than "lxc-is-container" | 14:16 |
| hallyn | esp if it ships in upstart | 14:16 |
| Daviey | roaksoax: I thought we were supposed to be using Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ , in debian/copyright now ? | 14:18 |
| uvirtbot | New bug: #923744 in samba (main) "smbclient messaging not responding to control-D" [Undecided,New] https://launchpad.net/bugs/923744 | 14:25 |
| hallyn | stgraber: so for lxccontainer.conf in upstart, you were suggesting making it "start on container and stopped rc RUNLEVEL=[2345]" ? | 14:29 |
| stgraber | hallyn: yep | 14:32 |
| hallyn | ok, refreshing my tree and will test a bit | 14:32 |
| stgraber | hallyn: so we don't end up copy/pasting the pre-start bit that checks the environment | 14:32 |
| stgraber | hallyn: did you have a chance to talk about these changes with jodh? | 14:33 |
| hallyn | right. thanks. | 14:33 |
| hallyn | no, i mentioned them at the rally, | 14:33 |
| roaksoax | Daviey: looking | 14:33 |
| hallyn | but he hasn't really taken a look yet that i know of | 14:33 |
| hallyn | i'll ping him once i've tested extensively (esp on non-container0 | 14:33 |
| roaksoax | Daviey: webside does not exist | 14:34 |
| stgraber | hallyn: ok. I'm guessing getting the console job and container job in the package should be fine, I'm mostly interested in his opinion about the is-container command (mostly whether we should have it in debian/, as part of the upstream code (which you did last I checked the branch) or in some other package) | 14:35 |
| Daviey | roaksoax: right, and currently the one in there doesn't... http://pb.daviey.com/Vb72/ | 14:35 |
| Daviey | roaksoax: http://lists.debian.org/debian-mentors/2012/01/msg00191.html | 14:36 |
| roaksoax | Daviey: E: python-oops-datedir-repo: copyright-contains-dh_make-todo-boilerplate | 14:37 |
| roaksoax | Daviey: that one is because I didn't uplad the last version fixing that | 14:37 |
| roaksoax | :P | 14:37 |
| Daviey | roaksoax: it does | 14:37 |
| hallyn | stgraber: yeah, if it all works i'll send him a merge request, so he can comment there for posterity and i'll update to whatever he prefers :) | 14:37 |
| Daviey | roaksoax: dave@voodoo:/tmp/review/oops-datedir-repo-0.0.15$ tail -n2 debian/copyright | 14:37 |
| Daviey | # Please also look if there are files or directories which have a | 14:37 |
| Daviey | # different copyright/license attached and list them here. | 14:37 |
| Daviey | ahh | 14:37 |
| hallyn | (i like the public record showing what a dumbass i am :) | 14:38 |
| hallyn | (that's why i'm on lkml) | 14:38 |
| roaksoax | Daviey: yeah didn't strip that part in the PPA but its stripped on the actual package to upload to the archives | 14:38 |
| Daviey | hallyn: lol | 14:39 |
| roaksoax | lynxman: you mean using something likie githubredir? | 14:45 |
| roaksoax | lynxman: http://githubredir.debian.net/ | 14:45 |
| lynxman | roaksoax: yeah, but it's a repo not in github :) | 14:45 |
| lynxman | roaksoax: that's why | 14:45 |
| roaksoax | lynxman: ah well if you can't get it then nevermind... is not that we *have* to have it, but it's rather desirable | 14:46 |
| lynxman | roaksoax: just wanted to make sure I didn't miss anything :) | 14:46 |
| roaksoax | lynxman: ;) | 14:46 |
| tgardner | so, my precise orchestra server is borken this morning after weekend updates. none of the clients can parse the mirror bits correctly. anyone seen something like this yet ? | 14:48 |
| hallyn | stgraber: mountall has the support we need for containers, right? | 14:51 |
| roaksoax | tgardner: could you please pastebinit? | 14:51 |
| tgardner | roaksoax, this is a real bare metal machine, so I don't think I'll be able to get a log. lemme mess with it. | 14:52 |
| tgardner | roaksoax, this was in the server log: http://pastebin.com/CiT6naSK | 14:57 |
| stgraber | hallyn: yes | 14:57 |
| tgardner | roaksoax, I've gotta bolt. appt cross town in 30 minutes. | 14:57 |
| tgardner | roaksoax, p.s. - I've verified that the mirror is behaving correctly. | 14:58 |
| roaksoax | tgardner: so make sure squid is running correctly on the orchestra server | 14:58 |
| tgardner | roaksoax, how does one do that? This orchestra server was updated and rebooted just this morning. | 14:59 |
| roaksoax | tgardner: your orchestra server is in oneiric or in precise? | 14:59 |
| tgardner | roaksoax, precise | 14:59 |
| tgardner | dogfooding, you know | 14:59 |
| roaksoax | tgardner: to my knowledge there haswn | 15:00 |
| roaksoax | t been any updates to orchestra itseellf | 15:00 |
| roaksoax | tgardner: but maybe something got broken in the squid cache due to being using precise as the problems we were experiencing with it | 15:00 |
| tgardner | roaksoax, ok, I'll deal with it when I get back from my appt. | 15:01 |
| roaksoax | tgardner: just check if squid is running in the orchestra server and if not, start it manually | 15:01 |
| smb | roaksoax, actually I see similar things after upgrading the mini-isos on a oneiric cobbler and after removing the orchestra proxy line | 15:01 |
| === tgardner is now known as tgardner-afk | ||
| roaksoax | smb: do you have any accesible machine I can get my hands on? | 15:02 |
| roaksoax | ls | 15:02 |
| smb | roaksoax, Err accessible for me but that is not open to public as its in my home office. :) | 15:03 |
| smb | roaksoax, Just from the the history of things, installations used to work but had a message coming up telling be modules could not be loaded because kernel and module versions were out of sync. Then smoser pointed me at the tip for cobbler-ubuntu-import and after fixing the problem of having an import of ubuntu-alternates (possibly pointlessly because a different seedfile would have helped) the latest version worked. And since then installatio | 15:10 |
| smb | ns of precise fail | 15:10 |
| smb | Even when disabling the proxy line in the snippet | 15:10 |
| smoser | hm... | 15:11 |
| smoser | why do installations fail now? | 15:11 |
| smb | My guess was that something in the mini-iso is wrong. Basically as for tgardner-afk it told me archive.ubuntu.com does not support precise | 15:12 |
| === eagles0513875_ is now known as eagles0513875 | ||
| zul | any objections for me to merge the new squid3 from debian? | 15:23 |
| mtaylor | jamespage: what's up? | 15:26 |
| jamespage | hey mtaylor | 15:27 |
| jamespage | so.... | 15:27 |
| jamespage | mtaylor: now that we have regular testing of OpenStack trunk on Ubuntu precise on hardware.... | 15:27 |
| === Lcawte|Away is now known as Lcawte | ||
| mtaylor | (these are things that make me happy) | 15:28 |
| jamespage | Daviey wants us to start looking at testing proposed merges for stable/diablo from gerrit on the same infrastructure | 15:28 |
| mtaylor | jamespage: SO... there's two different ways we can go about this | 15:29 |
| mtaylor | jamespage: one is that we could move your jenkins jobs to the openstack jenkins (giving you access to edit them of course) and trigger them when we trigger everything else | 15:30 |
| mtaylor | jamespage: the other is that you could work how smokestack is working right now - in that anyone is free to read the gerrit event stream, do things and to vote on code reviews | 15:31 |
| mtaylor | jamespage: so you could just install the gerrit trigger plugin (you'll want our version for now until our changes get upstreamed) | 15:32 |
| mtaylor | on your jenkins, and configure your jobs to trigger on gerrit events from the openstack gerrit | 15:32 |
| Daviey | jamespage: isn't that what i said? :) | 15:37 |
| mtaylor | jamespage: https://github.com/jeblair/gerrit-trigger-plugin/tree/trigger-on-comment-added | 15:37 |
| jamespage | Daviey: maybe :-) | 15:37 |
| mtaylor | jamespage: if you go the gerrit trigger plugin route, you want to grab that branch of that repo and use it | 15:38 |
| jamespage | mtaylor: so that adds feature to trigger on certain comments being added to gerrit | 15:38 |
| Daviey | mtaylor: Does that plugin support - NOT commenting on the upstream gerrit, just sending a mail for now.. | 15:38 |
| mtaylor | jamespage: yeah- those changes are going to be upstreamed, we've just been working on getting approval to submit them | 15:38 |
| jamespage | mtaylor, ack | 15:39 |
| Daviey | mtaylor: don't want to add whitenoise until it's stable | 15:39 |
| mtaylor | Daviey: yes | 15:39 |
| mtaylor | Daviey: there's a flag in the job config to run in "silent mode" | 15:39 |
| jamespage | mtaylor, so are you triggering smokestack for proposals against stable as well? | 15:39 |
| Daviey | mtaylor: nice. | 15:39 |
| mtaylor | jamespage: I actually don't do anything with smokestack - smokestack simply reads the ssh events stream from gerrit and runs jobs when it sees patchset uploaded events | 15:40 |
| Daviey | jamespage: does the openstack lp bot user have an ssh key on lp? | 15:40 |
| Daviey | which seems to be what the gettit plugin wraps | 15:40 |
| jamespage | Daviey: yes its does | 15:40 |
| mtaylor | yup | 15:40 |
| Daviey | jamespage: $ ssh davewalker@review.openstack.org -p29418 gerrit query --format=JSON status:open status:open project:openstack/openstack-manuals branch:stable/diablo | 15:41 |
| Daviey | {"project":"openstack/openstack-manuals","branch":"stable/diablo","topic":"bug/904792","id":"Ied4d4507dff95ec076e4d358b3751b70cf7713dc","number":"3139","subject":"Fix bug #904792","owner":{"name":"Razique Mahroua","email":"razique.mahroua@gmail.com","username":"razique"},"url":"https://review.openstack.org/3139","lastUpdated":1327759482,"sortKey":"001ab00c00000c43","open":true,"status":"NEW"} | 15:41 |
| uvirtbot | Launchpad bug 904792 in openstack-manuals "Cleanup on nova-manage commands" [Medium,In progress] https://launchpad.net/bugs/904792 | 15:41 |
| Daviey | {"type":"stats","rowCount":1,"runTimeMilliseconds":9} | 15:41 |
| Daviey | oops | 15:41 |
| jamespage | Daviey: nice | 15:42 |
| mtaylor | https://review.openstack.org/Documentation/cmd-stream-events.html | 15:42 |
| mtaylor | is actually the interface that gerrit-trigger-plugin and smokestack consume | 15:42 |
| * Daviey winders why review.openstack.org http(s) always sucks for me | 15:43 | |
| mtaylor | hrm - does it? | 15:43 |
| mtaylor | I'd love to know more about that | 15:43 |
| zul | jamespage: the only problem with smokestack is we can get it to use the packaging | 15:43 |
| zul | rather than pip | 15:43 |
| Daviey | mtaylor: constantly times out for me, i often have to refresh | 15:44 |
| mtaylor | Daviey: weird! that's no good | 15:44 |
| Daviey | Browser reported, Error 15 (net::ERR_SOCKET_NOT_CONNECTED): Unknown error. | 15:44 |
| Daviey | mtaylor: I assume we can request permisson to mark 'Verified' field in the future? | 15:46 |
| mtaylor | Daviey: we'll have to figure out what that looks like - certainly voting is an easy thing | 15:47 |
| mtaylor | Daviey: the implications of having a second jenkins involved directly in gating rather than consolidating gating-level jobs into the openstack jenkins is something I think we'll have to discuss more | 15:48 |
| Daviey | mtaylor: it's just words i suppose, but i see the Verify field as 'Does not break', 'voting' as the branch has been looked at and 'Approved' as the final push" | 15:49 |
| Daviey | mtaylor: Is Verified used as gating currently? | 15:49 |
| mtaylor | Daviey: yes. kind of | 15:50 |
| mtaylor | Daviey: the gating jobs are the ones that respond back with Verified, and then they also send the submit signal to tell gerrit to do the merge | 15:51 |
| Daviey | ahhhh | 15:51 |
| Daviey | i see | 15:51 |
| Daviey | in which case +-1 does make more sense. | 15:52 |
| mtaylor | Daviey: I'm not sure what having a second system vote Verified or not Verified would do from a UI perspective (in terms of it being clear what state something should be in) | 15:52 |
| Daviey | thanks | 15:52 |
| mtaylor | sure thing! | 15:52 |
| mtaylor | it's certainly an interested question to think about though - I hadn't really thought about having a potential second jenkins involved before now | 15:52 |
| mtaylor | since we'd mainly been thinking in terms of vendor-supplied testing infrastructure being done via the openstack jenkins | 15:53 |
| mtaylor | so it's something I'm enjoying thinking about :) | 15:53 |
| Daviey | mtaylor: I'm not comfortable at gating on our development focus, but for stable/ on a stable Ubuntu release - is a concept i'd like to explore. | 16:00 |
| Daviey | But first, we need to just comment i think - to see how we are doing, Infra stability wise. | 16:00 |
| mtaylor | Daviey: ++ | 16:04 |
| jamespage | Daviey: sounds sensible to me | 16:05 |
| === bladernr_ is now known as bladernr_afk | ||
| lynxman | hallyn: ping | 16:11 |
| hallyn | lynxman: . | 16:11 |
| lynxman | hallyn: hey, I'm building a new ipxe package, but there's a small issue with the roms that we separate for qemu, we're now building "most" roms instead of all so some of the ones you chose don't build | 16:12 |
| lynxman | hallyn: before I go into a crusade to manually build them in an override, wanted to know which ones did you really need :) | 16:12 |
| lynxman | hallyn: missing ones ne2k_isa.rom and virtio-net.rom | 16:13 |
| hallyn | lynxman: certainly virtio-net is needed | 16:13 |
| lynxman | hallyn: kinda imagined so *darn* | 16:13 |
| lynxman | hallyn: alright then :) | 16:13 |
| hallyn | lynxman: is it broken upstream? | 16:14 |
| lynxman | hallyn: doing allbaseroms was neither desired nor recommended by upstream | 16:14 |
| lynxman | hallyn: I'll find a way, no worries | 16:14 |
| === bladernr_afk is now known as bladernr_ | ||
| hallyn | lynxman: great, thanks | 16:15 |
| uvirtbot | New bug: #923817 in nova (main) "nova-network fails due to absence of policy.json" [Undecided,New] https://launchpad.net/bugs/923817 | 17:13 |
| endzYme | Hi all, is there a specific channel for orchestra/juju? | 17:21 |
| === tgardner-afk is now known as tgardner | ||
| SpamapS | endzYme: #juju | 17:46 |
| JanC | anybody here ever heard about CUBRID: http://www.cubrid.org/ ? | 17:47 |
| onre | nope | 17:48 |
| onre | apparently it's quite popular in south korea | 17:48 |
| onre | interesting! | 17:48 |
| JanC | seems like they have Ubuntu PPAs & such | 17:49 |
| JanC | and a GUI DBMS manager | 17:50 |
| endzYme | SpamapS: Thanks! | 17:55 |
| onre | JanC, yes, and apparently it's not yet another mysql fork | 17:57 |
| Daviey | zul: + changelog_detail='No change rebuild.' | 17:58 |
| Daviey | + mv dist/horizon-2012.1.tar.gz ../tarball/horizon_2012.1+git201201301257.orig.tar.gz | 17:58 |
| Daviey | mv: cannot stat `dist/horizon-2012.1.tar.gz': No such file or directory | 17:58 |
| Daviey | Sending e-mails to: james.page@ubuntu.com | 17:58 |
| zul | Daviey: errrgh | 17:59 |
| smoser | adam_g, ping | 18:05 |
| JanC | onre: http://www.cubrid.org/cubrid_click_counter --> quite interesting feature (although I prefer the alternative "WITH INCREMENT FOR" syntax) | 18:10 |
| adam_g | smoser: pong | 18:10 |
| smoser | https://code.launchpad.net/~smoser/+junk/juju-deployer-concurrent/ | 18:10 |
| smoser | adam_g, ^ for merge to juju-deployer | 18:10 |
| adam_g | smoser: oh, nice. | 18:11 |
| onre | JanC, indeed. also, looking at "architecture" section of docs, looks like cubrid actually HAS an architecture. someone DESIGNED it. :) | 18:11 |
| onre | JanC, thank you once again, this is probably the most interesting software news in a year or so :p | 18:11 |
| JanC | the funny thing is that I rather accidentally ended up on that project | 18:12 |
| JanC | wow: http://www.cubrid.org/concat_different_row_columns | 18:14 |
| smoser | adam_g, i was poking at 'jstack' again, and thought i'd get over to your code as much as possible, just to reduce my own invention and or bugs | 18:15 |
| adam_g | smoser: cool, thanks. id like to rewrite that deployer at some point.. actually, i want to add more concurrency when deploying services.. which is what i thought you were proposing, by that name :) | 18:22 |
| ilovemesomeubunt | I'm setting up a game server and wanted to know if I should add the user that is gonna run the game to admin group or use a seperate user for that? | 18:25 |
| ilovemesomeubunt | Should I add the account to the admin group or visudo them? | 18:26 |
| smoser | adam_g, more concurrency? | 18:26 |
| JanC | onre: apparently the company behind this DBMS operates the most popular search engine, most popular internet portal & most popular gaming portal in South Korea -- I guess they know how to stress test a database ;) | 18:27 |
| adam_g | smoser: using threads during the 'juju deploy' stage. juju commands against ec2 take a loong time | 18:28 |
| onre | JanC, yes, i already installed it... now testing whether my hobby project agrees to run on top of it | 18:30 |
| smoser | adam_g, ah. | 18:30 |
| onre | JanC, because this pretty much addresses the problem i'm having, especially if join performance with indexes is better than mysql 5.5 | 18:30 |
| JanC | onre: I don't really have performance issues right now, but still good to know alternatives exist | 18:31 |
| ilovemesomeubunt | Anyone good with security questions? | 18:32 |
| onre | JanC, indeed. it's been "mysql or postgres" for so long :p | 18:32 |
| JanC | onre: there are several other DBMS actually ;) | 18:32 |
| JanC | even open source | 18:32 |
| smoser | adam_g, yeah, this gets me to being able to use your code without just destroying the local provider | 18:32 |
| smoser | (or at least doing so more definitively) | 18:33 |
| onre | JanC, indeed, but i haven't really seen many that would have made it even so far that i actually bothered to install and see whether they work. also i have some sort of problem with mysql forks | 18:33 |
| adam_g | smoser: so have you gotten any further than all services reaching started? | 18:34 |
| onre | JanC, whereas looking at cubrid, the way they've handled things like HA and backups looks very appealing if it manages to do even half of the stuff it promises. :p | 18:34 |
| JanC | ilovemesomeubunt: you can create a special group and change sudoers to let users in that group run only the exact commands to start the game servers | 18:34 |
| JanC | onre: I'm not sure drizzle is really a MySQL fork, and there is also FirebirdSQL | 18:35 |
| JanC | and there are some SQL servers written in Java, Python, etc. ;) | 18:35 |
| onre | JanC, drizzle was forked in 2008 | 18:36 |
| SpamapS | Drizzle is *absolutely* a mysql fork | 18:36 |
| SpamapS | <-- drizzle dev | 18:36 |
| ilovemesomeubunt | JanC, so it is a bad idea to add that user to admin group? | 18:36 |
| JanC | SpamapS: but it doesn't look like mysql right now? ;) | 18:36 |
| SpamapS | It speaks the mysql protocol | 18:37 |
| SpamapS | and uses InnoDB as its core storage engine | 18:37 |
| SpamapS | its SQL dialect is 99.9% compatible.. except where MySQL's SQL was broken headed | 18:37 |
| JanC | and it's split up into something more modular? | 18:37 |
| SpamapS | JanC: the ones that aren't forks, that people call forks, are percona and mariadb. Those are derivative branches.. they share code back and forth... so the're not really forks. | 18:38 |
| SpamapS | JanC: the only real reason to use drizzle is its very powerful plugin system.. feels more like Apache that way | 18:38 |
| JanC | well, they are much more close forks indeed | 18:38 |
| ilovemesomeubunt | JanC, should that user be able to SSH in? | 18:38 |
| SpamapS | JanC: with Oracle not maintaining the community version as closely, they're probably going to become true forks soon. | 18:39 |
| ilovemesomeubunt | or run sudo? | 18:39 |
| SpamapS | My only problem with CUBRID is it sounds like its more efficient than MYSQL.. but since it works differently, you won't be able to tap the massive amount of wisdom and knowledge available around running large mysql installations. | 18:41 |
| JanC | SpamapS: this CUBRID DBMS promises to have a MySQL compatibility interface too, might be interesting ☺ | 18:41 |
| JanC | true | 18:41 |
| JanC | SpamapS: unless you know Korean ;) | 18:41 |
| JanC | seems like it is very popular there | 18:41 |
| onre | SpamapS, and additionally, no irc channel :( | 18:47 |
| JanC | onre: yeah, guess that isn't so popular over there or something | 18:48 |
| onre | most likely. | 18:48 |
| onre | i think i'll try it out anyway. looks like it has quite comprehensive documentation. | 18:48 |
| JanC | seems like their migration toolkit has lots of tools to move from MySQL | 18:50 |
| freifahrt | hi, i'm trying to set up a virtual machine on 11.10 and it seems to have problems to find cacert.pem. any suggestions?# | 18:50 |
| JanC | I also wonder how they compare to Postgres (which they don't really mention) | 18:51 |
| stgraber | hallyn: wow, I think I just spent 5 minutes looking at containers shutting down and rebooting properly (the utmp stuff was broken for me somehow) ;) | 18:54 |
| hallyn | stgraber: meaning 5 mins of debugging, or 5 mins of it working? | 18:55 |
| hallyn | (i dont' seem to have the new kernel yet) | 18:55 |
| stgraber | hallyn: just 5 minutes of enjoying it working ;) | 18:58 |
| stgraber | hallyn: the -meta was uploaded over the weekend, so if you do your updates + reboot you should have it now | 18:58 |
| hallyn | yay | 18:58 |
| koolhead17 | hi all | 19:01 |
| alket | Hi, i just installed Ubuntu Server 11.10 but when I rebooted after install it doesnt start, just a black screen ? I reinstalled twice | 19:01 |
| kirkland | alket: try hitting ctrl-alt-f2 | 19:02 |
| kirkland | alket: when you're at that black screen | 19:02 |
| alket | wow, thank you kirkland | 19:03 |
| alket | what was wrong though, technicaly ? | 19:03 |
| hallyn | kirkland: say, why is my lucid server always wanting to update for byobu? i haven't been checking the changelogs - security fixes, or features? | 19:03 |
| kirkland | alket: hmm, not sure; something wrong with your tty or switching | 19:03 |
| alket | ok, thank you | 19:03 |
| kirkland | hallyn: you're probably following the ppa:byobu/ppa | 19:04 |
| kirkland | hallyn: which is trunk, and it's a combination of bug fixes and features | 19:04 |
| hallyn | yeah i think that was the only way to get byobu-tmux. i guess i need a byobu-stable/ppa :-) | 19:04 |
| kirkland | hallyn: you're essentially tracking head, which is nice of you :-) | 19:04 |
| hallyn | i forgot i was doing that actually :) | 19:04 |
| kirkland | hallyn: there haven't been any major or security fixes in a long time | 19:04 |
| kirkland | hallyn: is it more or less stable for you? | 19:05 |
| hallyn | oh yeah | 19:05 |
| kirkland | hallyn: if so, keep following trunk and keep getting the goodnesses :-) | 19:05 |
| hallyn | i have long-running byobu-tmux session for irc | 19:05 |
| kirkland | hallyn: and tell me as soon as I do something wrong | 19:05 |
| hallyn | will do :) | 19:05 |
| hallyn | hey, you should wait for the light before crossing the street | 19:05 |
| hallyn | (big brother, just trying to help) | 19:05 |
| smoser | adam_g, ping | 19:16 |
| smoser | http://paste.ubuntu.com/822936/ <--- thats a keystone charm fail | 19:17 |
| SpamapS | smoser: http://i22.photobucket.com/albums/b317/bwftex/keystone-cops-prop-hupmobile.jpg <-- thats a keystone cops fail | 19:22 |
| smoser | thanks, SpamapS http://youtu.be/5atPYaxX0lM | 19:23 |
| adam_g | smoser: on a call atm | 19:24 |
| bobweaver | Has anyone installed magneto on there servers ? I can not seem to get it to install It will not connect to the database | 19:28 |
| Faint | How can I prevent DDoS attacks against my Ubuntu server? | 19:46 |
| Pici | Nothing. | 19:46 |
| Pici | er, You can't. | 19:46 |
| Faint | How can I slow them down? I've seen people do it before | 19:47 |
| Pici | What sort of 'attacks' do you mean exactly? Just requesting pages? or login attempts? | 19:48 |
| Faint | Requesting pages | 19:48 |
| Faint | Pinging port 80 mainly. | 19:49 |
| Pici | Snort might help you to protect yourself against that. | 19:52 |
| patdk-wk | a real ddos? or just a dos from a few ip's? | 19:59 |
| Faint | patdk-wk: Anything, I want to be prepared. | 20:01 |
| patdk-wk | it's impossible to prepare for anything | 20:01 |
| Faint | patdk-wk: Fine, then from a few IPs | 20:01 |
| patdk-wk | except to have more resources than the other | 20:01 |
| patdk-wk | http://pastebin.com/D6urZggy | 20:01 |
| patdk-wk | something like that | 20:02 |
| adam_g | smoser: update the keystone charm to the latest rev and you should be good | 20:03 |
| adam_g | smoser: that should have gotten updated when e3 went out, my bad. | 20:04 |
| smoser | yeeah. i just was seeing tha tnow. | 20:06 |
| smoser | adam_g, so, isn't the jenkins testing using this/ | 20:06 |
| smoser | ? | 20:06 |
| smoser | and i dont think you pushed your changes | 20:07 |
| adam_g | smoser: its using forked charms in https://code.launchpad.net/~openstack-ubuntu-testing that are customized to the lab, and also kept up to date with changes in trunk that affect deployment | 20:08 |
| adam_g | sec | 20:08 |
| adam_g | smoser: lp:~charmers/charms/precise/keystone/trunk | 20:08 |
| adam_g | smoser: ill give you a new deployments.cfg, one sec | 20:09 |
| smoser | yeah. | 20:09 |
| adam_g | smoser: http://paste.ubuntu.com/822988/ | 20:10 |
| adam_g | smoser: those have the correct charm branches now. dashboard + volume are still in my branch pending merge into the charm store. the openstack-precise-ec2 deploymen is what i use to get it going on ec2 using whats in the ubuntu archive. openstack-ubuntu-testing will deploy the same with packages from the CI PPA, which lag behind trunk by some hours depending on how backed up the builders are | 20:12 |
| smoser | adam_g, k. so you want to commit that example cfg to your junk branch? | 20:12 |
| jhobbs | How closely will current precise package versions match what ends up in the precise release? | 20:20 |
| smoser | jhobbs, it depends on the package | 20:22 |
| smoser | over the entire archive "probably pretty close" | 20:22 |
| smoser | but... | 20:23 |
| jhobbs | ok | 20:23 |
| jhobbs | i guess you could always bump a package to pick up a high priority bug fix, even late in the release schedule | 20:23 |
| adam_g | smoser: done | 20:23 |
| mp_ | hello all. what's the thing with client/server keys. i'm trying to install a virtual machine on 11.10 and it asks for a cacert.pem. can't find anything about it in the serverguide for libvirtd. help appreciated. | 20:25 |
| ChmEarl | apt-get install ca-certificates | 20:28 |
| mgw | I'm working with puppet (puppet apply) and need to read files relative to $confdir — e.g., something like puppet:////files/foo/bar to read /etc/puppet/files/foo/bar | 20:29 |
| mp_ | >"can't access client key in /etc/pki/CA/cacert.pem.... file not found" | 20:30 |
| mp_ | ca-certificates has been installed | 20:30 |
| mp_ | *was installed | 20:31 |
| mp_ | i made my own cert now and put it in /usr/share/ca-certificates, didn't work. made that pki directory and put my cert in there, now he wants a client certificate | 20:32 |
| mp_ | which ubuntu documentation explains setting up a vm? | 20:34 |
| mgw | mp_: this might get you started — http://linux.die.net/man/1/virsh | 20:35 |
| mp_ | mgw: thanks a lot | 20:36 |
| mgw | mp_: np | 20:36 |
| mp_ | that's the manpage | 20:37 |
| mgw | mp_: this too | 20:37 |
| mgw | http://libvirt.org/ | 20:37 |
| elfurbe | Anyone have any experience debugging dkms builds? I'm having an issue building a module, it's telling me that it failed to build, but when I issue the make command myself, the .ko is definitely right where I told it to look in the dkms.conf | 20:37 |
| mp_ | mgw: are you kidding me? | 20:38 |
| mgw | mp_: what do you mean? | 20:38 |
| mp_ | the ubuntu documentation does not work as is | 20:38 |
| mgw | https://help.ubuntu.com/8.04/serverguide/C/virtualization.html doesn't work? What in particular? | 20:39 |
| mp_ | it's a 11.10 server | 20:40 |
| mp_ | let me look into that | 20:40 |
| mgw | https://help.ubuntu.com/11.10/serverguide/C/libvirt.html | 20:40 |
| mp_ | that's the one | 20:40 |
| mgw | it doesn't work? | 20:41 |
| mp_ | where are certificates mentioned? | 20:41 |
| mgw | Are you wanting to set up certs on the host machine or on a vm you already have running? | 20:42 |
| elfurbe | Ha, comedy overlook-the-obvious update, I used "BUILD_MODULE_LOCATION" instead of BUILT_MODULE_LOCATION in the dkms,conf | 20:43 |
| mp_ | i have the server as a host and tried to set up vms | 20:43 |
| elfurbe | Clever lad, me | 20:43 |
| mp_ | which did not work out as expected | 20:43 |
| hallyn | smoser: so checkign one more time, are you ok with switching from 'lxc-is-container' to 'running-in-container'? | 20:43 |
| hallyn | stgraber: ^ have an opinion/preference? | 20:44 |
| smoser | i can adjust, hallyn, but i don't relaly understand why | 20:44 |
| smoser | and i think nomrally when people did somethign like that they'd use a symlink for comnpatibility | 20:44 |
| smoser | but i leave it up to you | 20:44 |
| hallyn | maybe i should leave it | 20:45 |
| hallyn | ok i'll leave it :) | 20:50 |
| stgraber | hallyn: I'd love to see something a bit generic like running-in-container that'd return the container type (lxc, libvirt-lxc, openvz-ve, vserver) and return 0 if it's a container or 1 if it's not | 20:52 |
| stgraber | (I can contribute the logic for the other container types as I already have it in some configuration management probes here) | 20:52 |
| hallyn | stgraber: instead of lxc-is-container, or in addition? | 20:52 |
| stgraber | hallyn: I'd prefer to have one is-container that'd return 0 or 1 depending if it's a container or not and return the name of the technology if it's a container | 20:53 |
| hallyn | stgraber: https://code.launchpad.net/~serge-hallyn/ubuntu/precise/upstart/upstart-containers/ is what i have now. it works both on hosts and containers. do you want to update (and rename if you like) lxc-is-container, then propose merge? | 20:53 |
| stgraber | hallyn: so that'd be instead of lxc-is-container | 20:53 |
| hallyn | stgraber: btw, container with lxcguest removed booted with that upstart :) | 20:53 |
| stgraber | hallyn: ok, I'm rushing some LTSP changes now that I want in for alpha2. I'll have a look at the branch once I'm done and propose something that'd work for me (then we can check that I won't break some other use cases in the process ;)) | 20:54 |
| hallyn | stgraber: great | 20:55 |
| smoser | stgraber, if you're testing general boot of lxc without lxcguest | 20:56 |
| smoser | try removing it from cloud-images and testin | 20:56 |
| smoser | (also may want dpkg-reconfigure cloud-init) | 20:56 |
| smoser | i guess i can test easily enough, thogh. | 20:57 |
| smoser | SpamapS, ping | 20:58 |
| smoser | never mind. | 20:58 |
| SpamapS | smoser: pong, never matter | 20:59 |
| smoser | SpamapS, the query was regarding archive.buntu.com entry in /etc/hosts | 20:59 |
| smoser | which at first i thought would not affect 'apt-get install' from inside a juju container | 21:00 |
| smoser | but now i'm thinking it will becaues those apt-gets will reference an outside-the-container apt-cacher-ng | 21:00 |
| SpamapS | smoser: yep | 21:03 |
| hallyn | stgraber: (oops, i mungled the rename of running-in-container, so just re-renamed it and pushed so it will build) | 21:04 |
| hallyn | biab | 21:04 |
| smoser | adam_g, ping | 21:42 |
| === bladernr_ is now known as bladernr_afk | ||
| adam_g | smoser: pong | 22:02 |
| SpamapS | LISA '12 CFP is open.. San Diego is nice in December.... :) | 22:05 |
| SpamapS | jcastro: ** | 22:05 |
| SpamapS | robbiew: ^^ | 22:06 |
| robbiew | yep...got the email | 22:06 |
| nOStahl | hey guys, I left home without my ubuntu server cd | 22:06 |
| nOStahl | and the tower cant boot off usb-zip or usb-fdd hrmm | 22:07 |
| nOStahl | the tower has ubuntu 10.10 on it right now desktop | 22:07 |
| nOStahl | what options do I have to re-install ubuntu 11.10 server over it | 22:07 |
| JanC | nOStahl: upgrade and remove all desktop packages? ;) | 22:10 |
| JanC | nOStahl: also, does it support USB-MS ? | 22:11 |
| nOStahl | no option for usb-ms | 22:11 |
| nOStahl | if it has usb-zip or fdd It may be a flag problem on the flash drive? | 22:11 |
| JanC | nOStahl: you can also use debootstrap to bootstrap any Debian/Ubuntu distro | 22:13 |
| nOStahl | whats that? | 22:14 |
| nOStahl | got a link | 22:14 |
| adam_g | Daviey: https://bugs.launchpad.net/nova/+bug/900925, so that kind of validation must have gotten lost since diablo | 22:19 |
| uvirtbot | Launchpad bug 900925 in nova "create key pair gets a name which is longer than 256" [Medium,Fix committed] | 22:19 |
| Daviey | adam_g: ffs, is just on ec2 api aswell? | 22:23 |
| adam_g | Daviey: no, i believe it was in the common key pair controller, but its fixed now.. | 22:25 |
| nOStahl | heh figured out easy way. | 22:27 |
| nOStahl | make small 1 gig partition on the hd | 22:27 |
| nOStahl | from recovery mode | 22:27 |
| nOStahl | and then boot into ubuntu on the machine and use unetbootin to setup that partition with the installer iso :) | 22:27 |
| nOStahl | then when all done merge the partition back into the main partition etc. | 22:28 |
| Daviey | adam_g: yeah, i had an ec2 unit test against that... | 22:28 |
| Daviey | but just tested the api functions. | 22:28 |
| Daviey | adam_g: is https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-openstack-charms accurate? | 22:52 |
| adam_g | Daviey: in terms of my WI? yeah, just submitted nova-volume to the charm store today. it seems the ceph+glance WI needs to be postponed | 22:54 |
| adam_g | Daviey: "nova-cloud-controller - Split into charms after Juju supports multiple units on a machine (or colocation)" maybe BLOCKED until that support lands in juju | 22:55 |
| uvirtbot | New bug: #924002 in autofs5 (main) "[Lucid] dbg package symbols are not provided for latest autofs packages" [Undecided,New] https://launchpad.net/bugs/924002 | 22:56 |
| Daviey | adam_g: can you update that please? | 22:58 |
| Daviey | (thanks) | 22:58 |
| === koolhead17 is now known as koolhead17|zzZZ | ||
| starscream | hi! people | 23:59 |
| starscream | I need to help | 23:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!
