/srv/irclogs.ubuntu.com/2012/02/11/#ubuntu-server.txt

hallyn	stgraber: ido, but can't right now. will try it later tonight or tomorrow	00:04
stgraber	hallyn: ok, thanks	00:05
hallyn	(if you want to push now, i won't mind...) thanks, ttyl	00:05
josephoenix	Hello all	00:09
josephoenix	I'm running a bunch of per-user PHP5-FPM pools and for some reason they're dying at irregular intervals.	00:10
josephoenix	I don't see anything around that time in syslog	00:10
josephoenix	Any ideas? :\	00:10
SpamapS	josephoenix: what release of Ubuntu / PHP5 ?	00:10
josephoenix	php5-fpm is 5.3.6-13ubuntu3.5	00:13
josephoenix	Ubuntu 11.10	00:13
josephoenix	Hmmm it was at 6:30 am and there's a cron job running around then.. gonna look into that.	00:16
josephoenix	Nope, the user crons are only @reboot and @monthly	00:18
SpamapS	josephoenix: perhaps there is a bug in php5-fpm .. I'd start logging stderr/stdout.	00:19
SpamapS	josephoenix: also if you haven't disabled core files, try to see if there are any core files from segfaults	00:19
josephoenix	It's about 20 different instances of php5-fpm with a worker or two each that all disappeared around the same time	00:19
josephoenix	If core files are enabled by default, I should be able to get to them. Where do they live, again?	00:21
josephoenix	(Nothing in the php5-fpm log, though there might have been something written to stderr I don't know about)	00:23
hayer	I got a disk that fdisk -l says "system: linux" - how can i make it NTFS? mkfs.ntfs -q /dev/sdb1 dosnt seem to work - it just hangs	00:34
cfc__	ohh cool	00:59
cfc__	there is a server support	00:59
WinstonSmith	ls -al	01:01
WinstonSmith	ah sry	01:01
cfc__	hello all i need help with updateing drivers for my Ethernet card but do not know the command to do this why this is, its cuz i have installed the server on my laptop then transferd it to my desctop since my desktop was unable to load the instalation	01:01
cfc__	thats how you update l?s-al	01:11
cfc__	is here ppl or is this chat dead???	01:13
Daviey	Pushing to ~ubuntu-server-dev/nova/essex/ without review, as it's blocking CI	01:15
uvirtbot	New bug: #929127 in nova "linux_net.ensure_metadata_ip() fails on precise" [High,Fix committed] https://launchpad.net/bugs/929127	01:21
cfc__	hello all i need help with updateing drivers for my Ethernet card but do not know the command to do this why this is, its cuz i have installed the server on my laptop then transferd it to my desctop since my desktop was unable to load the instalation	01:23
exvito	Looking for help on unexpected soft RAID behaviour after replacing failed disk in RAID1 device.	01:32
exvito	1. Disk failed. 2. Power down. 3. Replace disk. 4. Power up with degraded array. 5. fdisk. 6. mdadm -add. 7. Array syncs. 8 /proc/mdstat looks good. 9. Reboot. 10. Back to degraded array!!	01:34
exvito	...any hint? :)	01:34
=== mathiaz_ is now known as mathiaz
jetole_	Hey guys, this isn't ubuntu specific but this seemed like a good place to ask. I'm a systems engineer in a growing firm and I wanted to know, whats the best way to handle passwords more then one person should have where you can't have seperate passwords like, for example, most our machines use openLDAP for single sign on but then there is a the root password which, as we're expanding I feel I now need to share	01:49
jetole_	like I imagine there is some software someone wants to recommend as a central web based password store or well, I'm jumping to conclusions but I'm sure there is some best practices industry accepted method of doing this	01:50
jetole_	btw, I mention root in the event a machine doesn't connect to the net and someone needs to go to the data center and manually configure it	01:51
=== jetole_ is now known as jetole
cwillu_at_work	jetole, well, given physical access you typically have root anyway	01:53
jetole	cwillu_at_work: so bob the admin I work with needs to go the data center and log in to server42 to find out why it's not connecting to the net and needs the root password. How does he get that root password and where is it stored?	01:54
cwillu_at_work	he has physical access?	01:55
jetole	sure	01:55
jetole	bob and server42 are hypothetical but I'm trying to find a methodology to apply to our real world situation	01:56
cwillu_at_work	(sorry, sec)	01:56
jetole	maybe he needs access to switch12 which doesn't support radius or multiple users	01:56
cwillu_at_work	jetole, how do you secure physical access?	01:56
cwillu_at_work	(i.e., why can't they just reboot, and bring up the recovery console?)	01:57
jetole	cwillu_at_work: well the data center which is one of the largest in the world takes care of that. Our cabinet is locked and the keys never leave the site. We provide ACL's to the data center of whom has access to what	01:57
cwillu_at_work	jetole, then why not just let that be your local auth?	01:58
cwillu_at_work	i.e., console user has root privileges	01:58
jetole	cwillu_at_work: well in most cases they can though I think ubuntu 10.04 which is our primary OS has password issues with boot into single user more (I think, not positive) but then what about switch12 for example	01:58
cwillu_at_work	single user mode will permit a root login without password, it's just a config option	01:58
jetole	cwillu_at_work: I'm sure there has to be lots of other circumstances I can't think of at the moment to make this a legitimate question. no?	01:59
cwillu_at_work	switch12 is another matter, but I fail to see how this really relates to that :p	01:59
jetole	cwillu_at_work: well the question is how do I store passwords where it's not an individual users password	01:59
jetole	I guess I just feel, and maybe I'm mistaken but, I feel, some things need to be shared but I need to implement some form of ACL as to who has access to those things	02:02
cwillu_at_work	one approach would be to have a audited and secure database of server root passwords	02:02
cwillu_at_work	index cards in envelops in a vault, for instance :p	02:02
jetole	cwillu_at_work: I considered that and was part of the conclusion I jumped to but if so, I hope someone has already designed a package to manage this	02:02
jetole	ha	02:02
cwillu_at_work	you could also do that plus an otp system	02:03
jetole	a little too 18th century for my taste at index cards in vault	02:03
jetole	otp?	02:03
cwillu_at_work	one-time-password	02:03
cwillu_at_work	either a pregenerated list which have to be used in order (thereby making it obvious from an audit standpoint), or any number of more sophisticated approaches	02:03
cwillu_at_work	the list approach has the benefit of being quite practical with index cards	02:04
jetole	hmmm. Don't know how I would do that. I know ssh has a mechanism for that but don't know how that would be applied to a physical system or then again other objects like I know we have a few switches this would apply to	02:04
cwillu_at_work	(and don't scoff at that, index cards still work when the password server blows up	02:04
jetole	hmmm. good point at list and auditing	02:04
jetole	well another big project is we're eliminating all single points of failure	02:04
jetole	HA throughout the house	02:05
jetole	but I like it as far as auditing is concerned	02:05
cwillu_at_work	just remember that physical access == root access	02:05
jetole	also, can you think of another good room for me to ask about this in?	02:05
cwillu_at_work	the most you can do is encrypt the data such that one _has_ to be there with a password to unlock it	02:06
jetole	cwillu_at_work: yeah I know. It's not all nessecarily physical access. Last night I had to give another engineer the windows admin password so he could log into a system that wasn't playing well with active directory and fix that and the system was actually a VM	02:06
cwillu_at_work	not off-hand; lots of random technical channels' -offtopic channels have knowledgeable people though	02:06
jetole	cwillu_at_work: nah. That level of access isn't really a concern of mine at the moment	02:07
cwillu_at_work	jetole, in which case, access to the host is root to the vm :p	02:07
jetole	cwillu_at_work: I'd still like to find a means to manage these passwords if I can	02:07
jetole	I shouldn't be the only guy where I work to know the root and windows admin passwords	02:08
jetole	though it would be a nice level of job security	02:08
cwillu_at_work	so don't be the only guy	02:08
cwillu_at_work	give the boss an sealed envelop with the root password in it	02:08
jetole	cwillu_at_work: thats the point	02:08
cwillu_at_work	don't make it complicated	02:08
jetole	cwillu_at_work: and if I choose to use a different root password on every host and we have a new host about twice a month?	02:09
cwillu_at_work	jetole, I'll leave that as an exercise... :/	02:09
jetole	hehe. Thanks	02:09
cwillu_at_work	(hint: stationary is cheap)	02:09
jetole	well you have been helpful because you put auditing in a new light	02:10
jetole	I probably use paper more then anyone I work with but it is cumbersome in many applications	02:10
jetole	on another note	02:10
jetole	and speaking of auditing...	02:10
cwillu_at_work	I live and die by my index cards :p	02:11
cwillu_at_work	4x6 <3	02:11
cwillu_at_work	(unruled)	02:11
jetole	what are some good means to audit actions on Linux servers? I was thinking perhaps prohibit shells through sudo (which is a one step configuration since we use sudo through LDAP) and have ldap email all commands	02:11
cwillu_at_work	hmm, I should actually get some printed up as a business card come to think of it	02:11
cwillu_at_work	jetole, that's a tough game to win	02:12
* jetole has a 6x8 notepad in front of him now and pretty much at all times when sitting at a desk		02:12
jetole	cwillu_at_work: yeah I figured at tough game to win	02:12
cwillu_at_work	logging of all privilege-related stuff to a remote box is a start	02:12
jetole	I looked at, I think the package is auditd but it's a nightmare to decipher and still prone to manipulation	02:13
cfc__	hello all i need help with updateing drivers for my Ethernet card but do not know the command to do this why this is, its cuz i have installed the server on my laptop then transferd it to my desctop since my desktop was unable to load the instalation	02:13
cwillu_at_work	and then providing sufficient infrastructure that people don't feel the need to circumvent the rules to get work done	02:13
jetole	cwillu_at_work: logging to remote box how?	02:13
cwillu_at_work	(if people use the hole they found every day because it's the only way to do foo, you've lost)	02:13
jetole	cwillu_at_work: well let's assume I trust everyone I work with. What are your thoughts on how to log this?	02:14
cwillu_at_work	jetole, rsyslog and company can all write to remote daemons	02:14
jetole	for every command as the command is run?	02:14
cwillu_at_work	no, but that's not really the point	02:14
jetole	oh	02:14
cwillu_at_work	(I'm gonna have to run momentarily)	02:14
jetole	:-(	02:14
jetole	cwillu_at_work: thanks for the help	02:14
cwillu_at_work	have you looked at what gets logged to /var/log/auth.log in the default config?	02:15
jetole	occasionally	02:15
* jetole takes a look now		02:15
cwillu_at_work	you should probably have a good look :p	02:15
jetole	cwillu_at_work: not much	02:15
cwillu_at_work	the important thing is that somebody doing something nefarious or illadvised can't do it without making at least one noteworthy log entry	02:16
jetole	cwillu_at_work: on my home 10.04 desktop I see a log of pam session opened stuff, some RSA stuff involving ssh(d)	02:16
cwillu_at_work	gotta run	02:16
jetole	have fun	02:16
jetole	thanks again	02:16
cwillu_at_work	gonna have to understand that stuff if you want a hope of implementing this :p	02:16
jetole	cwillu_at_work: well yeah. I was asking what it is I need to understand	02:16
cwillu_at_work	jetole, rsyslog and related is a start ;p	02:17
jetole	cfc__: drivers are all kernel modules. You can view them with lsmod, remove them with rmmod, load them with modprobe and install a specific one that has the same name as a known modprobe one but in a different directory by using insmod	02:18
jetole	cwillu_at_work: again, thanks again	02:18
jetole	;-)	02:18
jetole	cfc__: also have a look at /etc/modprobe.d	02:18
diuneigh	Could I get the assistance of an experienced Ubuntu user? To make a long story short Ubuntu crashed and now I cannot access my encrypted drive. Thank you.	02:22
jetole	diuneigh: why and how?	02:23
jetole	errors? console messages? etc?	02:23
diuneigh	•jetole• long story...1) installed playonlinux 2) it crashed while trying to get a game to work 3)when I rebooted it would not login and just loop back to the login screen. 4) I googled some solutions and tried them with a console Alt-f2 mode 5) after attempting to fix that problem I was unable to access my encrypted home dir. that is where I am now.. any ideas?	02:23
jetole	diuneigh: this is #ubuntu-server. Try joining the room #ubuntu	02:24
diuneigh	I already did. they suggested I try you as well.	02:24
jetole	diuneigh: your question sound very, very off-topic	02:24
jetole	diuneigh: then they were wrong	02:24
jetole	diuneigh: as the name of the room suggests, this is a room about ubuntu running on a server	02:24
jetole	diuneigh: I'm going to join #ubuntu now and see if I can help you there so let's follow up in that room but don't ask questions in the wrong room even if someone suggests you do	02:25
* jetole will continue this conversation in #ubuntu		02:25
diuneigh	•jetole• thanks...	02:25
diuneigh	•jetole• I am already in that room..	02:26
hallyn	stgraber: d'oh, lxc-delete should delete any symlink in /etc/lxc/auto/	02:47
stgraber	hallyn: it should indeed...	02:48
hallyn	i'm just gonna file that as a low prio bug right now	02:50
mgw	smoser: ping	02:51
hallyn	stgraber: ruh roh - useradd: group 'admin' does not exist	02:56
hallyn	(creating an oneiric container)	02:56
stgraber	oh, that's interesting ...	02:56
stgraber	what's creating the admin group on oneiric then?	02:56
mgw	anybody know why http://x.x.x.x/cblr/svc/op/nopxe/system/foo would be failing to disable pxe boot on system foo?	02:57
mgw	when I wget that url (with my cobbler IP) I get back the content 'false' and netboot is still enabled	02:57
hallyn	stgraber: no idea :)	02:58
stgraber	hallyn: ok, will add a groupadd --system admin \|\| true to the template	03:01
hallyn	soudns good	03:06
hallyn	stgraber: oh. so, you don't set root:root pwd at all any more?	03:07
stgraber	right	03:07
hallyn	didn't expect that :) probably for the best, though	03:07
stgraber	the ubuntu way, one account with sudo rights	03:08
stgraber	I guess that's what the cloud images do too	03:08
stgraber	hallyn: empty lxc.devttydir != missing lxc.devttydir :(	03:09
stgraber	hallyn: so the Oneiric container fails with: lxc-start: File exists - failed to create symlink for console	03:09
hallyn	stgraber: all right then i'll need to update the patch. that's not for tonight	03:10
hallyn	i'm trying to get the kernel patch out the door	03:10
stgraber	hallyn: I have a patched template that will work with the current patch though (simply commenting the line)	03:12
stgraber	hallyn: ok, the patched template works fine. I'll just try and make the default login/password more visible or I'm sure we'll get bug reports	03:15
hallyn	so you'd want to push the package as is and send the patch fix later?	03:15
hallyn	really it should be a one-line fix	03:15
hallyn	stgraber: no wait,	03:17
hallyn	stgraber: apparently we just need to use group 'sudo' everywehre?	03:17
stgraber	I'm not completely sure how far back that worked and I know command-not-found and some others only started looking for 'sudo' in Precise	03:18
stgraber	so we really should be using sudo only from Precise and use admin for previous releases	03:18
hallyn	but admin doesn't exist in previous releases	03:19
hallyn	so i end up with a lucid container where i can't sudo	03:20
stgraber	no, the template I currently have will create the group if it doesn't exist	03:20
hallyn	oh. sorry. misunderstood	03:21
hallyn	all right, kernel patch away. SO isn't here glaring at me yet so lemme try see about fixing the patch fixed too for empty lxc.devttydir. if id isappear, i'll send it monday	03:21
hallyn	stgraber: http://people.canonical.com/~serge/0040-consoles-into-devlxc.patch you just need the two new lines in confile.c from that patch	03:28
hallyn	(though it also adds DEP3 (or is it DEP5?) tags)	03:28
stgraber	hallyn: http://paste.ubuntu.com/837376/	03:29
hallyn	looks good	03:30
stgraber	hallyn: http://paste.ubuntu.com/837379/	03:32
stgraber	hallyn: anything else or should I do a test build of that, confirm it works for oneiric and precise and then upload?	03:32
hallyn	stgraber: unless you want to add the removng of /etc/lxc/auto/ symlinks on delete, i say push	03:33
hallyn	(maybe test a lucid container too...)	03:34
hallyn	btw the symlink removing could get murky... depending on how admins behave	03:34
stgraber	hallyn: right, I guess it's not too bad in most cases because a devtmpfs is usually mounted on /dev, so even if they move their container back on a physical machine it should still work (or the case where you boot your VM in a container, then boot it back in kvm)	03:39
stgraber	though it might be worth trying to cleanup on shutdown (but ignoring any error as we don't really know what the user does in the container)	03:39
uvirtbot	New bug: #930525 in lxc (universe) "lxc-destroy should remove symlink from /etc/lxc/auto/ if it exists" [Undecided,New] https://launchpad.net/bugs/930525	03:46
roaksoax	smoser ?	03:47
roaksoax	smoser what was the issue with thqt half installed package	03:47
hallyn	stgraber: oh, sorry, i meant just the removing of the /etc/lxc/auto symlinks. though yeah, the /dev/console symlink might bite us one day	03:54
stgraber	hallyn: oh right, different symlink ;)	03:55
stgraber	hallyn: uploading lxc now	04:17
stgraber	hallyn: confirmed to work fine on Oneiric, can't test precise as debootstrap fails (worked fine with an existing container)	04:17
stgraber	hallyn: uploaded	04:28
uvirtbot	New bug: #930551 in quota (main) "System with quota enabled hangs after upgrade to 11.10" [Undecided,New] https://launchpad.net/bugs/930551	07:36
=== CasmoNL_ is now known as CasmoNL
clearwood	Hello I want to ask if anyone kan help me set up my apache server so that it connects to the dir public_html. Have tried to read a few guides but it does not seem to work.	11:37
dns53	so a per user share or is it just you?	11:49
dns53	have you tried a2enmod mod_userdir ?	11:53
dns53	that should be sudo a2enmod userdir	11:58
clearwood	yes as a per user share. Have tried that. I am now looking up the file that I used.	11:58
dns53	well first you need the apache module enabled, then put the following in /etc/apache2/sites-avalable/default :- UserDir public_html	12:01
clearwood	is it correct with the following to enable the module,	12:06
clearwood	I edit this file: /etc/apache2/apache2.conf	12:08
clearwood	I add the following lines,	12:09
clearwood	# Turn on userdirs	12:09
clearwood	<IfModule mod_userdir.c>	12:09
clearwood	UserDir public_html	12:09
clearwood	<Directory /home/*/public_html>	12:09
clearwood	Order allow,deny	12:09
clearwood	Allow from all	12:09
clearwood	</Directory>	12:10
clearwood	</IfModule>	12:10
clearwood	#	12:10
clearwood	is that correct?	12:11
clearwood	are u there?	12:24
dns53	sorry i was distracted	12:25
RoyK	!pastebin	12:25
ubottu	For posting multi-line texts into the channel, please use http://paste.ubuntu.com \| To post !screenshots use http://imagebin.org/?page=add \| !pastebinit to paste directly from command line \| Make sure you give us the URL for your paste - see also the channel topic.	12:25
dns53	so if the module is enabled use that rule, is the module enabled? use a2enmod userdir is the "debian way"	12:26
RoyK	clearwood: debian/ubuntu uses a set of symlinks in /etc/apache2/mods-enabled to enable/configure mods - the way you use here, is the hard core apache way, which isn't the 'normal' debuntu way	12:27
dns53	normally you would put that in a vhost config ie /etc/apache2/sites-avalable/default (or another file in that dir) which you have also run a2ensite filename	12:27
RoyK	dns53: erm - no	12:28
RoyK	dns53: the userdir is normally global	12:28
RoyK	it might be good to use it under a vhost, though, but that's a choice to make	12:28
dns53	RoyK ok, i have not used it myself but i know it can be done	12:29
clearwood	where do I use a2enmod userdir in the file apache2.conf ?	12:29
RoyK	I use userdir a bit...	12:29
RoyK	clearwood: a2enmod is a command	12:29
RoyK	not a configuration setting	12:29
RoyK	a2enmod creates a symlink under /etc/apache2/mods-enabled pointing to the module and its config under /etc/apache2/mods-available	12:30
RoyK	creating the symlink manually does the same thing	12:30
clearwood	but then I have to type it every time I turn the server on dont I	12:30
RoyK	last I checked, symlinks were persistent ;)	12:30
clearwood	ok Ill try it thanks	12:31
RoyK	remember to restart/reload apache after that	12:31
RoyK	apache2ctl restart/graceful/something	12:31
clearwood	yes	12:31
clearwood	I use this : sudo /etc/init.d/apache2 restart	12:32
RoyK	that works too	12:32
clearwood	I then get this response: Module userdir already enabled	12:34
clearwood	so my problem must be that the directory public_html is not connected	12:35
clearwood	I allso put the following in /etc/apache2/sites-avalable/default UserDir public_html	12:36
clearwood	and rstarted	12:36
clearwood	upon restart I get ... waiting apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName	12:37
clearwood	when I try to access through firefox with	12:38
clearwood	http://127.0.1.1/ I get	12:38
clearwood	It works!	12:39
clearwood	This is the default web page for this server.	12:39
clearwood	The web server software is running but no content has been added, yet.	12:39
clearwood	and I know that theres something in my public_html directory	12:39
clearwood	but it does not show up??	12:39
dns53	so user directories would be http://127.0.0.1/~username/	12:40
clearwood	Then I get the following:	12:40
clearwood	Forbidden	12:40
clearwood	You don't have permission to access /~rub on this server.	12:40
clearwood	ls -l\|grep public_html	12:41
clearwood	gives me:	12:42
clearwood	drwxrwxr-x 3 rub rub 4096 2012-01-28 09:59 public_html	12:42
clearwood	is that by the way to unsecure?	12:42
dns53	you need write on a directory to be able to look inside	12:44
dns53	unless another user is in the "rub" user group you should be fine	12:44
dns53	have you created a .htacces file and included a config line that denied access to the directory?	12:45
dns53	could you try removing your own config from your apache2 config, i wonder if it is using the /etc/apache2/mods-available/userdir.conf file as well as your own config	12:49
clearwood	I lost my connection I am back	13:28
clearwood	where do I find the former comments are they lost forever?	13:29
clearwood	fighting with tryin to set up public_html to my apache server	13:31
clearwood	used a2enmod userdir	13:32
clearwood	but no connection to the directory with firefox to http://127.0.1.1/~username	13:33
clearwood	does anyone know how to set up acces?	13:34
clearwood	please :)	13:34
clearwood	is any one there?	13:37
albert23	clearwood: former comments are at http://irclogs.ubuntu.com/2012/02/11/%23ubuntu-server.html	13:40
hayer	Why does my whole '/' seem to be read-only?	13:53
=== med_out is now known as med_
uvirtbot	New bug: #930652 in lxc (universe) "lxc & swapoff: Not superuser" [Undecided,New] https://launchpad.net/bugs/930652	14:21
=== medberry is now known as med_
orated	Hello! I need some help with NFS configuration. I'm not able to access filesystem on server from client with the following settings - http://paste.ubuntu.com/837967/ Is the config right? How can I fix it?	16:15
patdk-lap	da what?	16:19
patdk-lap	you can't export disks	16:19
patdk-lap	you have to export folders	16:19
orated	Its filesystem what matters isn't it?	16:20
orated	Well in the end of the paste, you can see the config which worked before	16:20
patdk-lap	that doesn't invole stuff in /dev	16:20
orated	yes	16:21
patdk-lap	nfs can't handle filesystems	16:21
patdk-lap	it doesn't work on block level devices	16:21
patdk-lap	use nbd if you want that	16:21
patdk-lap	or the ataoe	16:21
orated	Alright. Is there any command to run after changing exports file on server?	16:22
patdk-lap	yes	16:22
patdk-lap	been too long, don't remember	16:22
orated	restart nfsd and portmap process?	16:22
orated	ah-ok	16:23
orated	What do you use for such purpose?	16:24
jacobw	orated: to restart services?	16:43
jacobw	service foo restart\|start\|status	16:44
orated	sudo /etc/init.d/portmap restart and same for restarting nfs-kernel worked	16:45
orated	s/same/likewise*	16:46
jacobw	init.d scripts are the pre-upstart method of running services, some things still provide init.d scripts but most common services now use upstart scripts	16:53
jacobw	anyhow, init.d scripts or upstarts scripts will work.	16:53
jacobw	given the security issues of NFS, its bad a idea to export your root directory to NFS	16:54
orated	ah.. yes. Thanks :) BTW I was trying to edit exports. / 192.168.10.0/24(rw,no_root_squash,async) and /home 192.168.10.0/24(rw,no_root_squash,async) in exports on server and then 192.168.10.101:/ /mnt/ nfs rsize=8192,wsize=8192,timeo=14,intr 0 0 & 192.168.10.101:/home /mnt/home nfs rsize=8192,wsize=8192,timeo=14,intr 0 0 in fstab on client gives - mount.nfs: Stale NFS file handle error twice	16:57
jacobw	make use previous mount attempts have been umount'd and try to mount to somewhere else	17:02
jacobw	/mnt/nfs1 for example	17:03
orated	Yes, tried that - umount.nfs: /mnt: device is busy	17:03
orated	sec	17:04
jacobw	force with `umount -f`	17:04
orated	I got same error with - umount2: Device or resource busy	17:05
jacobw	hmm, perhaps try `umount -l` for 'lazy umount'	17:08
jacobw	unilateral umount is more accurate description imo	17:08
orated	great!	17:09
jacobw	lol, i've just realised i'm #ubuntu-server not #ubuntu-uk	17:10
orated	heh	17:11
Tixos	hi,i am trying to find out why my page speeds are so slow, 10.53761 seconds the server speed is very fast using this online tool http://www.serverscores.com/speedtest	17:17
Tixos	default vhost on apache	17:17
jacobw	what test gives you 10.5 seconds?	17:18
jacobw	i'd guess that 'server speed' is ping and page speed is to receive the http url	17:22
Tixos	yes	17:22
Tixos	why would it be so slow	17:22
jacobw	does your page depend on any database queues?	17:22
Tixos	its default apache,	17:23
Tixos	'It works' page	17:23
Tixos	i would like to say its DNS, but thats from server IP	17:24
jacobw	slow upstream?	17:24
Tixos	the server is lightning	17:24
jacobw	DNS is common to ping and http retreive and would be cached anyway.	17:25
jacobw	lightning?	17:25
Tixos	get 30mb/s from it	17:25
Tixos	download	17:25
Tixos	what can effect page load?	17:26
Tixos	i mean, its defautl apache2 vhost, what about PHP settings? they are also default	17:26
jacobw	the php5 module isn't enabled by default in ubuntu server	17:27
Tixos	obviously i have installed it..	17:27
jacobw	anyhow, the 'it works' page doesn't invoke the php interpretter	17:27
Tixos	neither is apache2	17:27
Tixos	ok good point.	17:28
Tixos	how else can i test this?	17:28
Tixos	locally ?	17:28
jacobw	that's true, but one might expect the apache2 package to include and enable php5	17:28
jacobw	you need to find out where it is slow from, i.e. at point between you and the server does it become slow?	17:28
Tixos	how can i test page speed load locally?	17:29
Tixos	everything else seems fine	17:29
Tixos	i will PM you the IP to show how slow it is?	17:30
orated	jacobw: I tried unmounting and remounting to reset NFS.. What used to mount before doesn't mount now and vice-versa	17:30
jacobw	Tixos: try httperf	17:31
Tixos	ok, can you load the page for me and report what its like ?	17:32
jacobw	Tixos: how long ago was this server brought online?	17:32
Tixos	hm,	17:33
Tixos	3days 30minutes	17:33
Tixos	is this a bad result? > Reply time [ms]: response 9328.6 transfer 0.0	17:35
jacobw	from what?	17:35
Tixos	not sure how to read this output (httpref)	17:35
Tixos	should i pastebin ?	17:35
Tixos	http://pastebin.com/FRNhkPhn	17:36
jacobw	Tixos: i doubt this is a problem with apache	17:37
Tixos	do those results look normal? why would you conclude that ?	17:38
jacobw	Tixos: there's most likely nothing wrong unless can you prove a slow connection to upstream	17:41
Tixos	you mean like this?	17:42
Tixos	httperf --server=www.google.com	17:42
Tixos	Request rate: 4.1 req/s (244.0 ms/req)	17:42
Tixos	my server	17:42
Tixos	Request rate: 0.1 req/s (18697.6 ms/req)	17:42
jacobw	Tixos: how is your server provided?	17:43
Tixos	how do you mean ? its a dedi	17:43
jacobw	orated: stop nfs on the server and try to umount those points again	17:45
orated	jacobw: Yes, on it	17:45
jacobw	Tixos: how much bandwidth should you have?	17:46
Tixos	unlimited	17:47
Tixos	jacob, these results dont indicate something wrong with http?	17:47
jacobw	they indicate that http to your server is slow from where you are right now	17:48
Tixos	can you help me debug man :(	17:48
Tixos	im putting my traffic onto another server for the minute, to see if it effects the server	17:49
Tixos	ealier before i swtiched to this server, it was so fast	17:49
jacobw	fast http?	17:49
orated	jacobw: / and /home access from client works good. But not the /media..	17:49
Tixos	never used httperf, but yes load time view browser was less than 1 second	17:49
Tixos	i have no firewall etc, i cant think of anything else!	17:50
Tixos	other server is centos, and has no issues, is there any default ubuntu apache2 configs that could cause this if the server receives alot of traffic?	17:50
jacobw	the apache configurations should be similar, both should use virtual hosts by default	17:51
Tixos	yes, what about client limit ? i read somewhere	17:52
Tixos	im out of ideas, so i came ehre :(	17:52
Tixos	just moved traffic to backup server	17:52
jacobw	where is the other server in relation the ubuntu server?	17:52
Tixos	so i will give it 5minutes, and check again with httperf, like i said this morning it was very quick	17:52
Tixos	same country	17:52
jacobw	same network?	17:53
Tixos	not sure, do you think it could be beyond the dedi then ?	17:53
Tixos	like a global IDS for the rack or something?	17:53
jacobw	ping is fast enough	17:54
Tixos	yea i know	17:55
Tixos	GRR	17:55
jacobw	httperf tells us that http is slow	17:55
Tixos	so why would it be?	17:55
Tixos	config?	17:55
Tixos	got slower	17:56
jacobw	if the centos host is on the same network, compare apache configurations, if not use iperf to test tcp speed from your location to the ubuntu server	17:56
Tixos	faster	17:56
Tixos	Request rate: 0.1 req/s (9849.8 ms/req)	17:56
jacobw	if the centos and ubuntu servers are on the same network, you can test between them to rule out the ubuntu server as the cause	17:59
Tixos	they are not	17:59
jacobw	ok, use iperf to test tcp speed between you and the server, if that's good then you know its the http server, otherwise contact the provider and ask for a test nearer the server, i.e. from before upstream	18:01
Tixos	how to use iperf? >$ iperf -s IP ?	18:04
jacobw	http://rackerhacker.com/2010/03/20/testing-network-throughput-with-iperf/	18:07
orated	hey jacobw! Its working fine now after restarting almost everything	18:10
jacobw	:)	18:11
orated	Thanks	18:11
orated	But I think I can have problems with NFS. Could you tell me how NBD does the same job is a better manner?	18:12
jacobw	it doesn't really	18:12
jacobw	actually, i'm not so sure, it might work well if your on a fast LAN	18:14
Tixos	jacob	18:14
Tixos	nothing i can do with the speed, it seems fine on old server	18:14
jacobw	so you ran iperf -s on your ubuntu server and connected with iperf -c <ip> from your machine?	18:15
Tixos	sec	18:15
Tixos	connected	18:16
Tixos	what do i do lol	18:16
Tixos	ah	18:16
Tixos	i see	18:16
Tixos	[ 3] 0.0-11.1 sec 2.12 MBytes 1.61 Mbits/sec	18:16
Tixos	seems fine?	18:16
jacobw	yeah	18:17
Tixos	now im really getting annoyed? is it my provider or my configuration man ?	18:17
jacobw	configuration	18:17
Tixos	not an issue with the port?	18:18
Tixos	can i run iperf on a port?	18:18
Tixos	i mean, could their router be monitoring port 80 ?	18:18
jacobw	its possible	18:18
Tixos	can i use iperf to rule it out?	18:19
jacobw	iperf -s -p 80 / iperf -c <ip> -p 80	18:19
Tixos	sec	18:19
Tixos	bind failed: Permission denied	18:19
Tixos	need to sudo for this?	18:19
Tixos	bind failed: Address already in use	18:19
jacobw	yeah, it might do, stop apache and try again.	18:19
Tixos	ok	18:19
Tixos	hm	18:20
Tixos	[ 3] 0.0-10.0 sec 0.00 � ��s 14746021652466558976 Bytes/sec	18:20
jacobw	you tested from your machine where you are?	18:22
Tixos	wtf? lol	18:22
Tixos	yes i ran that from my machine	18:22
Tixos	try yourself	18:22
jacobw	try running it again on port 443	18:22
Tixos	k	18:22
Tixos	[ 3] 0.0-11.1 sec 2.00 MBytes 1.50 Mbits/sec	18:23
Tixos	so it is ???	18:23
Tixos	btw i apprecaite you time man	18:24
Tixos	:)	18:24
jacobw	how did you stop apache?	18:25
jacobw	using `service apache2 stop`?	18:25
Tixos	yes	18:26
jacobw	check if its still running, `ps -e \| grep apache2` and see what's listening, `netstat -nultp`	18:26
Tixos	ok sec	18:26
jacobw	now you know that 443 which is the port for HTTPS works ok, so if you can prove that nothing on the your server is wrong, you can assume that port 80 is being proxied or otherwise mangled by the provider	18:27
Tixos	while i look, if i view 'top' many apache instance are there, this is wrong?	18:27
jacobw	yes	18:27
jacobw	killall apache2	18:27
jacobw	ps -e \| grep apache2	18:27
jacobw	to confirm all instances are dead	18:28
* jacobw → chinese food		18:29
Tixos	ok pal, ill update and wait :)	18:30
Tixos	man im getting like 20 PIDs for apache, once i start it.... there is nothing when i stop, but when i start there are LOADS	18:32
Tixos	i think its normal	18:34
Tixos	my other server has the same	18:34
mdeslaur	roaksoax: FYI, I'm going to merge virtinst... (you TIL)	18:46
Tixos	would KeepAlive effect things?	18:52
=== sixstringsg\|away is now known as sixstringsg
jacobw	run httperf on the ubuntu server itself	19:01
Tixos	if i run localhost its fast, if i run the IP its 15,000ms	19:02
Tixos	let me PM you ip again, its loading very fast for me via browser now, not sure if its a cache thing	19:03
Tixos	how fastis it for you ?	19:04
jacobw	it's not a cache thing	19:04
Tixos	then run httperf on it, how fast is this for you ?	19:04
Tixos	i am comparing 3 servers i have, and there is not much diff in the httpd confs, only keepalive, and prefork	19:04
jacobw	how is prefork different?	19:05
Tixos	server start = 8	19:05
jacobw	for testing, i'd want to have a single apache process	19:05
jacobw	change it to 1	19:05
Tixos	few other higher values, but the other ubuntu server i have is the same as thus one	19:05
Tixos	and httperf results are fine	19:05
Tixos	i didnt want to edit too many things	19:06
Tixos	before testing 1 thing at a time?	19:06
jacobw	what files?	19:06
jacobw	you should test one thing at time	19:06
Tixos	just httpd conf	19:06
Tixos	yes, so keepalive wont effect?	19:06
jacobw	test, disable it and try again	19:07
Tixos	so i should only use httperf? because browser seems fine now	19:08
jacobw	httperf elimates caching, but you can clear the browser cache	19:09
Tixos	so httpd is still 13-20,000ms	19:09
Tixos	per request	19:09
Tixos	i cant see how it can be config issues if another ubuntu sever i have is fine?	19:10
Tixos	back soon :S	19:11
jacobw	test your other server with httperf	19:11
=== sixstringsg is now known as sixstringsg\|away
Tixos	jacobw: i did, and its fine :P	19:37
jacobw	Tixos: you know that traffic to port 80 on your problem server doesn't proceed as expected	19:42
jacobw	Tixos: this is could be caused by HTTP proxying by the provider	19:42
jacobw	Tixos: try running apache on port 443 which tested good to isolate the problem with port 80	19:43
jacobw	Tixos: just enable sites-available/default-ssl and reload apache	19:44
jacobw	Tixos: generate your own ssl certificate first and specify the key and certificate in default-ssl	19:44
Tixos	ive got an ssl vhost there	19:45
Tixos	man	19:51
Tixos	its fine on 443	19:51
Tixos	331ms/s	19:53
Tixos	/ request sorry	19:53
jacobw	good	19:58
jacobw	now there's two possibilities	19:58
jacobw	its already disproved, httperf was ok running locally on your ubuntu server	20:02
jacobw	if there was some problem with apache it wouldn't have worked	20:03
Tixos	ok i wil speak with them, but they are useless :(	20:05
Tixos	is there a temp fix	20:06
Tixos	to redirect all traffic to 80 to 443, or is it too late once its listened and received on 80 ?	20:06
tasty	Hi, I was wondering if anyone could tell me if this looks correct: http://pastie.org/3362703 or if something is wrong.	20:07
=== JMatthewman is now known as MoleMan
tasty	everyone dead?	20:12
=== JMatthewman is now known as MoleMan
tasty	was told to come here	20:16
ikonia	for what ?	20:16
StrangeCharm	I've just created a new user account for running a program that has special permission needs. How do I give this user write access to / ?	20:16
tasty	for help	20:17
ikonia	tasty: with what	20:17
Tixos	StrangeCharm: why do you want full write access over / ?	20:17
ikonia	StrangeCharm: you've just asked this in #ubuntu - please don't cross-post	20:17
ikonia	StrangeCharm: I've just answered you in #ubuntu	20:17
tasty	ikonia, with apache2	20:17
ikonia	tasty: you need to actually state the problem if you want help	20:17
tasty	Nice!	20:18
tasty	ikonia, does this look wonky? : http://pastie.org/3362703	20:18
Tixos	tasty: he said post the problem	20:18
tasty	Tixos, that's the problem	20:19
Tixos	where?	20:19
ikonia	tasty: in what way "wonky"	20:19
tasty	: http://pastie.org/3362703	20:19
Tixos	dont be a moron :P	20:19
qman___	a configuration file isn't a problem	20:19
Tixos	leave him settle	20:19
Tixos	he will get the message	20:20
ikonia	Tixos: no need for name calling, but I don't see the issue	20:20
tasty	should it work?	20:20
ikonia	in what way ?	20:20
qman___	that depends on what 'work' is	20:20
qman___	can't read your mind, bro	20:20
ikonia	actually - I don't care, I'm not pulling information from people	20:20
ikonia	if you want help - ask a question / state a problem	20:20
ikonia	I shouldn't have to beg for information, good luck	20:20
tasty	this is how trolls become trolls	20:20
Tixos	ikonia: scroll back 2 hours and feel free to give your opinion on my issue :)	20:21
tasty	I don't know how to ask the question	20:21
ikonia	Tixos: I see lots of discussion, quick summary please	20:21
Tixos	httperf on port 80 to my server returns great request time/s	20:22
ikonia	Tixos: (just high level overview)	20:22
Tixos	sorry, it doesnt	20:22
Tixos	but to port 443 it does	20:22
tasty	I'm having an issue and I need to make sure this : http://pastie.org/3362703 looks right	20:22
ikonia	wow, that's back to front	20:22
Tixos	getting 13 second page load times on 80	20:22
ikonia	Tixos: I'd have expected 443 to be slow (due to the handshake) and 80 to be quicker	20:22
Tixos	google = 200ms/request port443 = 300 port80 = 18,000	20:22
qman___	tasty, it's syntactically valid; beyond that we can't help unless you describe what it is you're trying to do, and give details on what the problem is, exactly	20:22
ikonia	Tixos: curious, if you telnet $server 80 and just do a "get" on it, what happens ?	20:23
tasty	qman___ that is ALL I FUCKING WANTED TO KNOW	20:23
tasty	thanks dicks	20:23
ikonia	!ops \| tasty please remove the troll	20:23
ubottu	tasty please remove the troll: Help! Channel emergency! soren, lamont, mathiaz, Pici, Daviey, Tm_T or pmatulis	20:23
Tixos	<title>400 Bad Request</title>	20:24
Tixos	i just typed 'get' though lol	20:24
ikonia	Tixos: that's ok, is it "quick" to get the bad request ?	20:24
Tixos	10seconds?	20:24
Tixos	lemme try on 443?	20:24
ikonia	Tixos: slow, wow	20:25
Tixos	443 doesnt give nothing back	20:25
ikonia	Tixos: if you do a google there is a good document on how to do a correctly formatted http get over telnet	20:25
Tixos	ill pm you IP, compare the 2 ports on httperf for me? :P	20:25
ikonia	Tixos: be interested in trying that on port 80 - see if you get any info	20:26
ikonia	Tixos: sure, I'll telnet in	20:26
jacobw	443 wouldn't give anything back to plain request because it expects ssl	20:28
ikonia	yeah, I just wanted a connection test	20:30
ikonia	I think I see the issue	20:30
tasty	ikonia, quit kicking me	20:32
ikonia	tasty: stop the attitude and offensive language	20:32
tasty	I will voodoo you	20:32
tasty	good thankyou	20:35
pangolin	tasty: threatening anybody in Ubuntu channels is a bad idea and I recommend you check your attitude and adjust it accordingly	20:35
pangolin	Please :)	20:35
tasty	pangolin, they were very rude to me	20:36
pangolin	they were not.	20:36
pangolin	i didn't see them swearing or calling names	20:36
tasty	a huge barrage, and then them telling me they wouldn't help	20:36
pangolin	Please just relax a little and try to understand that the nature of IRC means people are not always around to help	20:36
pangolin	When they asked for more details you didn't provide any	20:37
pangolin	Were they supposed to guess?	20:37
tasty	I asked a very specific question.	20:37
pangolin	and they asked for more info	20:38
tasty	qman___ answered iot	20:38
tasty	it*	20:38
pangolin	i'm glad he was able to help you. then you replied with calling everybody in here dicks and morons	20:38
pangolin	great way to show appreciation	20:38
tasty	no. I called everyone in here morons from #ubuntu	20:39
pangolin	you're not helping yourself	20:39
pangolin	anyway, it is over now. back to helping people :)	20:39
tasty	well, don't be so rude	20:39
tasty	fine	20:39
tasty	qman___ isn't a moron	20:40
tasty	is there some place where I can ask questions and not have so much trouble?	20:41
pangolin	##linux	20:42
tasty	how about not on IRC, some place where the majority are not rapidfire autists	20:43
jacobw	lol	20:44
jacobw	this is the internet ;)	20:44
qman___	you get what you give	20:44
qman___	nobody to blame but yourself on this one	20:44
tasty	I asked a pretty specific question	20:44
ikonia	tasty: enough - stop now	20:44
tasty	you were the only one that could answer it	20:45
qman___	you were not specific about it - "is it right?" is very open ended and generic	20:45
qman___	you could have stated you wanted a syntax check	20:45
ikonia	tasty: STOP.	20:45
qman___	syntactically valid doesn't always mean right, or usful	20:45
tasty	ikonia, qman__ and I are trying to have a conversation	20:46
ikonia	tasty: this channel is not for that sort of conversation	20:46
ikonia	tasty: people will help you with ubuntu server issues, if you ask clear questions	20:46
ikonia	tasty: please try to just ask clear questions and people will help	20:46
tasty	do you have a list of commands ikonia?	20:46
ikonia	tasty: a list of commands to do what ?	20:46
tasty	ikojnia --help	20:47
tasty	ikonia --help	20:47
ikonia	tasty: please don't be silly in here, I'm trying to help you get actual help	20:47
tasty	ikonia I'm being serious, how do I ask questions the way you need them to be asked?	20:47
ikonia	tasty: really simple (using the example problem you had)	20:48
ikonia	tasty: "Hi, I'm trying to create an apache2 config so that everytime someone does $myurl/poker it does a pass through and forwards to port 3001	20:48
ikonia	I'm havine a problem as it's giving a 404 rather than the pass through, here is my config"	20:48
jacobw	http://catb.org/esr/faqs/smart-questions.html	20:49
ikonia	tasty: or "I've created this config file - can you see any obvious syntax problems with it $pastebin_url"	20:49
tasty	...if I knew how to ask the question why would I even come here!	20:49
ikonia	tasty: asking a question and the answer are two different things	20:50
ikonia	tasty: if you knew the answer, I can see no value you in you coming here, but being able to ask a question will get you the help you want	20:50
tasty	if I already knew how to ask the question, I wouldn't need to come here though	20:51
tasty	I could simply google it	20:51
ikonia	tasty: then I'm sorry you won't be able to get help without the issues you've faced today. Best of luck going forward	20:52
tasty	so next time I will ask you guys what question I should ask.	20:52
ikonia	tasty: please don't be silly, you knew you wanted a config check on apache, just ask for that	20:52
qman___	it's fine to not ask the perfect question, but when people ask for details, the correct response is to provide them, not harass the people trying to help you	20:52
pangolin	clearly you are intent on arguing no matter how wrong you are.	20:52
ikonia	I can't be bothered any more, I'm off to do other things	20:52
tasty	why do you guys keep doing that?	20:52
tasty	that is what pissed me off to begin with!	20:53
tasty	putting words in my mouth and then being rude again	20:53
pangolin	G.I. Joe was right, Knowing IS half the battle. I know when to give up.	20:54
tasty	instead of saying, "oh well i don't care, I can't be bothered talking to you", just go...	20:54
pmatulis	is everything ok here?	20:57
tasty	Does it make you happy if I say I am wrong?	20:57
tasty	when I came here to get help and all I am here for is to "get help"	20:57
tasty	now this is cleared up. I will speak no more of it	20:58
tasty	is this okay with everyone?	20:58
Tixos	jog on	20:58
tasty	cool!	20:58
Tixos	such a waste of life man, either get your business done here and get on with other things, or just leave and continue your life. its quite sad	20:59
tasty	Tixos, you are a waster	21:00
Tixos	cool!	21:00
tasty	http://pastie.org/3362703	21:00
tasty	what port is that listening on?	21:00
jacobw	tasty: what is it supposed to do?	21:00
zastaph	does ubuntu server install /usr/sbin/named by default? even if dont choose DNS server in the software selection during install?	21:01
jacobw	tasty: port 80	21:01
tasty	room:80?	21:01
Tixos	no zastaph	21:01
zastaph	can't find out how it got there then	21:01
qman___	probably got installed as a recommend	21:01
qman___	the base install does not include a DNS server	21:01
jacobw	tasty: yeah	21:02
tasty	jacobw, thanks man	21:02
zastaph	ok found the source, bind9 was hidden in a long apt-get guide I followed :p	21:02
ikonia	tasty: also be aware of #httpd channel for apache questions	21:02
jacobw	tasty: typically, you'd have a 'DocumentRoot' directive	21:03
jacobw	tasty: i.e. 'DocumentRoot /var/www'	21:03
tasty	ikonia: thank-you	21:03
tasty	jacobw, thank-you	21:04
tasty	now I know the issue lies in my perl kit or python	21:04
* tasty slowly removes himself from the room		21:05
tasty	don't get any funny ideas, I'm watching you guys. XD	21:06
=== hayer_ is now known as hayer
=== negronjl` is now known as negronjl
=== mrmist_ is now known as mrmist
tasty	Hi, I just wanted to let you guys know, you helped me decide to quit linux	21:59
qman___	good, we're better off without that kind of attitude	22:04
popey	apw: filed bug 930778 if you have any info you think should be added I'd appreciate knowing. have mailed my friend to let him know I filed it	22:20
uvirtbot	Launchpad bug 930778 in linux "Thinkpad X40 doesn't support PAE, so unable to install 12.04" [Undecided,New] https://launchpad.net/bugs/930778	22:20
Tixos	tard	22:59
aarcane	can ubuntu kvm-quem + guests be configured such that when an OOM Killer event has to happen, that first an attempt is made to reclaim memory from the baloon dynamically ?	23:21
=== lifeless_ is now known as lifeless
josephoe1ix	Hmm. How can I make sure my php5-fpm processes restart when a php update is installed by automatic updates?	23:47
=== josephoe1ix is now known as josePhoenix

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!