[00:01] kick me you fools [00:11] ? === aarcane_ is now known as aarcane [00:26] So... nmapping to generate a network map is what I'm getting ready to do. [00:27] using zenmap. [00:27] Good tool for the job? Anything simpler / better that any experienced admins recommend? [00:40] fraterm: nmap is great [01:44] <_johnny> hi. i've ruined my apt sources, and i'm using an old (karmic) ubuntu. can anyone help me get back on track (which currently just means getting build-essentials installed)? [01:46] Isn't karmic EOLd? [01:47] <_johnny> yes [01:47] !eol [01:47] End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades [01:47] EOLd releases move to a different URL [01:47] hallyn: reported bug 931220 I just noticed when testing my new LXC host. Not sure if that's lxc or upstart's fault though. [01:47] old-releases.ubuntu.com or something [01:47] Launchpad bug 931220 in lxc "lxc.conf upstart job fails to spawn containers at boot time" [High,New] https://launchpad.net/bugs/931220 [01:47] The wiki should tell you all about it [01:48] <_johnny> twb: perfect! thanks [01:55] New bug: #931220 in lxc (universe) "lxc.conf upstart job fails to spawn containers at boot time" [High,New] https://launchpad.net/bugs/931220 [01:57] <_johnny> rats.. the last attempt to upgrade resulted in all essentials (crontab, (x)inetd etc) to be removed, and no way to restore lol. guess i have to do it the hard way :) [01:59] Learn to use aptitude to resolve conflicts [02:31] New bug: #931229 in lxc (universe) "lxc containers do not retain configured ip on container reboot" [Undecided,New] https://launchpad.net/bugs/931229 [02:31] <_johnny> twb: conflicts is an understatement :) [02:34] _johnny: wow, what kind of deamons are you keeping in your sources.list that they break upgrade that much? :) [02:38] <_johnny> kklimonda: hehe, not sure. needed to do a few low level installs because too many dependencies were broken, but got it working now :) [03:16] New bug: #931236 in keystone (universe) "keystone install is unnecessarily interactive" [Undecided,New] https://launchpad.net/bugs/931236 [03:26] hi guys. quick htaccess question. I have the following code in a main folder: http://pastebin.com/vAUtyYVr I want to reverse this inside of another sub folder. I mean, i don't want to guard against any of this inside a sub folder. how do I do this> [03:26] ? [03:50] webroasters, I don't know for sure, but I think you can just create another .htaccess inside that subfolder with the same filesmatch, but with 'allow from all' [03:51] yeah i just did that. it works. thanks man [05:18] hi all [05:32] kklimonda: which freeipa version are you building? the one on git should build [05:34] If you have root, everything that you would've put in an .htaccess file CAN and SHOULD go in /etc/apache2/, and htaccess should be disabled [05:35] Leaving htaccess enabled where non-root users can write to .htaccess is Bad Juju [05:39] tjaalton: I build the one from git using packages from ubuntu-389-directory-server ppa on precise [05:40] tjaalton: first it complains about libdirsrv-dev missing (it seems to be a part of 389-ds-base-dev now) [05:43] Why 389 instead of openldap? [05:44] Oh, it requires 389 [05:46] yeah === Corey_ is now known as Corey [05:52] tjaalton: I also had to patch some issues related to tighter gcc flags: http://paste.ubuntu.com/840047/ [06:02] kklimonda: oh right, I was running oneiric when building it the last time [06:03] add a patch to git, I can send it upstream [06:03] (did the same for 389) [06:03] kklimonda: and I renamed libdirsrv* to 389-ds-base-{libs,dev} [06:03] but didn't change it there, oops [06:07] * twb has a knee-jerk reaction to starting package names with a number [06:08] blame upstream :) [06:08] Anyway (C) libraries have a different package naming convention already [06:09] libfoo-N or so [06:28] Hello! I'm trying to configure /etc/samba/smb.conf file and I'm bit confused about users. Windows got a user xyz and Ubuntu got say abc. I have to useradd xyz and then smbpasswd xyz in linux to allow samba share access? [06:29] you need smbpasswd -a to add the user to the smbpasswd database [06:29] unless you implement ldap or something else [06:30] then, provided the unix user has access to the directory and you haven't specified any restrictions on the samba share, that user will have access [06:31] How can I see the users added by smbpasswd? [06:32] sorry, I don't know [06:32] the default backend is tdbsam, that may help you google [06:33] I do know the tdbsam files are binary, not plaintext [06:33] Secondly, you said unix user need to have access to the directory. Does it mean I have add new users in linux users as well as using smpasswd? I noticed that I had to useradd xyz and then also smbpasswd -a [06:33] by default, yes [06:34] Well, that's [06:34] there are ways to configure it to not behave that way but the default setup maps smb users to unix users [06:34] Is there an alternative to that? [06:34] ah-ok [06:34] but that's getting pretty advanced [06:35] I find it annoying to add users in linux box so that it matches Windows login even if I won't be using it in linux [06:35] easiest way, if you don't want them to have any other access, is to set their shell to /usr/sbin/nologin or /bin/false [06:36] -s /bin/true yes. Thanks that can be done [06:36] er [06:38] /bin/false* [06:38] What are the alternative approaches to this? [06:39] ldap or similar, or specifying which smb users have access in smb.conf [06:39] I haven't actually done it myself so I don't know for sure what's needed [06:39] you can add any users with smbpasswd -a even if they don't exist as unix users [06:40] my best guess is they need world-permission if they don't exist as unix users [06:40] Yes, but it failed.. It gave this error - pdb_get_group_sid: Failed to find Unix account for xyz [06:41] Maybe I'm doing it wrong. Is there any other way to network Linux and Windows other than Samba? [06:41] samba's the easiest, as it doesn't require installing software on windows [06:41] but windows can install an nfs client [06:42] server 2008 includes it as a feature, I think windows 7 does too but not sure [06:44] I'll try using inbuilt services for NFS in Windows then [06:44] But that again may be limited to Windows releases Home, pro etc [06:44] yeah, I don't know the details [06:45] I think there are third party nfs clients but I'm not certain on that either [06:45] Alright, thanks for informing that nfs clients exists for Windows. I didn;t know that [06:46] I know for a fact that 2008 includes an NFS client as an optional feature [06:46] I think it's available on 7, but not sure [06:50] Windows' NFS implementation is probably crapper than Linux's CIFS implementation. [06:50] OTOH Linux has no working SMB2 client implementation yet AFAIK. === kthomas1 is now known as kthomas [07:33] tjaalton: hmm, pki-ca depends on pki-selinux but you've disabled building it [07:34] haha [07:35] touched that several weeks ago, can't recall what's going on there [07:36] and regarding the lib naming. easily changed again if the policy requires it, though there were several examples of similar naming the last time i looked [07:36] (and there is no pki-common-theme anymore, is it one of dogtag-pki-*-theme packages?) [07:37] you're forcing me to look? :) [07:37] :D [07:37] ah, there are provides fields [07:37] no need :) [07:37] too many packages involved, so i've been tackling them in the dependency order, and pki & freeipa are the last ones [07:38] yeah the ppa still has the faulty version, with versioned provides which isn't supported [07:38] yeah, it's huge :) [07:39] maybe I'll upload the packages in NEW to the ppa's too, so that it's easier to work on them [07:42] oh right, the libs package just has the plugin lib, and -dev has headers for it, so the naming is right [07:42] it's not in a public search path [07:43] split only for 389-admin to build-dep on that, and not needing to install the whole ds [07:49] kklimonda: i'll prepare 389-ds-base for the ppa. needs a dfsg tarball === gustav- is now known as beerbro [08:14] tjaalton: few beers, and dpkg --force-overwrite later, I've managed to install freeipa-server \o/ [08:14] ;) [08:14] (libpki-silent-java and pki-silent both ship /usr/share/java/pki-silent-9.0.14.jar) [08:15] wow [08:15] I bet the setup script fails though [08:15] it's a monster.. [08:15] yeah, and you've commented acutil out :) [08:16] haven't run it myself, but the client install needs hacks so same applies here [08:16] :) [08:16] i'd wish we had nss cert db already.. [08:16] now if only I haven't done it all on my desktop machine.. *whistles* [08:17] I really should configure some more VMs for this stuff [08:17] yeah they are really nice [08:17] i have F16 on a vm, running freeipa. tested client against it last fall [08:18] how much hacking did client installation script required for it to work? [08:18] and an instance for an ubuntu server, but it's still WIP [08:18] hmm hang on [08:19] kklimonda: https://www.redhat.com/archives/freeipa-devel/2011-September/msg00408.html [08:20] though most of it is now on the archive [08:20] god, ipa-server-install is going to be such a pita :D [08:20] it configures everything and assumes it's redhat ;) [08:20] yeah the platform code isn't patched in yet [08:21] for client you need at least 12) and 13) [08:22] ok sbuild run of 389ds went fine, I'll upload it to the ppa now === jodh is now known as jhunt [08:27] Hello, I'm having trouble with crond service after upgrade 11.04 > 11.10, can someone please help me? === rickspencer3_ is now known as rickspencer3 [08:46] hi all [08:48] hi all. http://pastebin.ubuntu.com/840151/ [08:49] hi all. http://pastebin.ubuntu.com/840151/http://pastebin.ubuntu.com/840151/ [08:49] http://pastebin.ubuntu.com/840151/ [08:49] Hello! How do I configure smb.conf to allow only hosts 192.168.1.100-192.168.1.110 ? I did man smb.conf but I'm not sure how to achieve this [08:49] http://pastebin.ubuntu.com/840151/ [08:51] linocisco: stop spamming! [08:51] meh [08:51] kraut, no. i m not spamming [08:52] sure! [08:52] linocisco: http://lmgtfy.com/?q=W%3A+GPG+error%3A+http%3A%2F%2Fextras.ubuntu.com+marverick+Release%3A+The+following+signatures+could+not+be+verified+because+public+key+is+not+available%3A+NO_PUBKEY+16126D3A3E5C1192 [08:52] kraut, it is real post [08:58] morning all [09:00] http://pastebin.ubuntu.com/840160/ [09:00] http://pastebin.ubuntu.com/840160/. what do I do? [09:00] linocisco: are you that stupid!? [09:00] linocisco: did you read it in anyway?! [09:01] kraut, don't I have the right to post my problem? [09:01] if you frist try to solve this problem on your own and if that's not possible you are welcome to ask here. [09:01] kraut, have you checked if those two posts are the same? [09:01] the script writes down what you should do! [09:02] Rather than invoking init scripts through /etc/init.d, use the service(8) untility, e.g, ____###service dovecot restart###___. [09:02] did you READ that? [09:02] kraut, all I have tried and only in the last time, I ask here. because I actually hate to get unwelcome response [09:02] kraut, . I can read english. I tried. not ok [09:03] kraut, it ended with " Reload: unknown instance:" [09:36] hi [09:39] i found '"telnet localhost imap2" is fine. but "telnet localhost pop3" got error. it is like toggle? === rickspencer3_ is now known as rickspencer3 [10:10] hi can someone please tell me a reason i may be getting access.logs like this > [12/Feb/2012:00:20:19 +0100] "-" 408 0 "-" "-" [10:16] Tixos, what is that machine doing? 408 is a timeout message. You got some internal monitoring going on? Maybe some load balancer? [10:19] not that i know of, the provider has some monitoring robot or something but dont know if that is the issue [10:21] should i turn off keepalive or soemthing? or adjust the timeout to test? [10:21] i didnt have the issues on centos [10:21] and i know configs are different across the OS's [10:21] no - its a login timeout - what modules do you have loaded? I am presuming this is apache, but never seen an entry without an IP before. [10:21] it has an IP, i didnt feel i should post it @? [10:22] oh - is it foreign to your network? [10:22] rewrite, ssl are about the only ones i have loaded [10:22] yes [10:22] I presume this is from a POST request to some form? [10:23] no its GET [10:23] happenening every 1-2 seconds [10:23] i just tailed with | grep 408 [10:24] is there anyway to debug it further? [10:24] dig -x ip - do you recognise the address? [10:26] for the 408? or serverip ? [10:27] the access IP is just general traffic.. [10:30] very strange thing is, i am moving from a centos server, i went to another ubuntu 10.04 server previosly, and looking at both sets of access.logs | grep 408, the CentOS has not a single 408 error... both ubuntus have many [10:31] so maybe a config issue? [10:32] the only different in my virtualhost file that i can see, is i am using Virtualhost *:80 on ubuntu, and Virtualhost domain.com:80 on centos [10:41] could this actually be causing it though? i mean in my Centos install, #NameVirtualHost *:80 is commented out, and in ubuntu by default in 'ports.conf' its uncommented? [10:46] New bug: #931342 in php5 (main) "XSLTProcessor::transformToXml(): runtime error" [Undecided,New] https://launchpad.net/bugs/931342 [10:52] what about the apache module 'request timeout' ?? [10:52] this doesnt seem to be enabled on my centos install === _ruben_ is now known as _ruben [10:54] fixed.... [10:55] whytf is that setup by default [11:09] damn - hpwdt doesn't seem to be in lucid :( [11:14] weird - what distro and version of apache? [11:17] ubuntu man thats why i am here :) 10.04, and latest version of apache that comes with it [11:26] Tixos, never used any distro apache to comment tbh - we roll our own and strip off stuff that's not needed - avoids these issues. [11:27] ? [12:33] hi all [12:35] hey koolhead17 [12:35] hello jamespage [12:36] i am trying to test diablo setup on multinode, on oneiric [12:38] my glance and rabbitmq are running on saperate nodes, i am not sure what will i put in rabbit_virtual_host = / in my case inside glance.conf [12:40] also i see keystone sausage in the bottom of the conf file, which makes me bit confusing [12:43] * koolhead17 pokes zul :P [13:07] zul: have you fixed horizon CI? [13:08] Daviey: will do so this morning [13:08] havent started work yet [13:08] zul: i saw a commit, that was all [13:09] Daviey: ah ok [13:09] Daviey: maybe its the community fixing it ;) [13:09] ah, sorry, it was last Monday :) [13:13] zul: what happened with horizon 2012.1~e4~20120202.1300-0ubuntu1, *ubuntu2 then *ubuntu3? [13:28] zul, just to let you know, I opened bug 931425 and bug 931423 to have a place to track those two minor issues I found with the current xl stack. [13:28] Launchpad bug 931425 in xen "Cannot specify a default bridge with xen xl stack" [Wishlist,Triaged] https://launchpad.net/bugs/931425 [13:28] Launchpad bug 931423 in xen-common "Use of vifscript requires full path unlike the example suggests" [Low,Triaged] https://launchpad.net/bugs/931423 [13:41] Daviey: eh? [13:56] Trying to boot from LVM. I've copied my root to an LVM and tried to set the fstab to mount the LVM, and run update-initramfs but it still seems to be booting to the original partition. Can anyone help? [13:57] Daviey: horizon is building again [14:01] can anyone help with booting from LVM / mounting an LVM as root? [14:05] MoleMan, I'd probably check /boot/grub/grub.cfg and /etc/fstab whether they contain the uuid of the lv you want as root [14:05] At least change the one for the current kernel manually once [14:06] Though you probably need /boot to be a partition still... [14:09] zul: the packages in the archive differ from those in the packaging branch. [14:09] 2 x FTBFS's in the archive? [14:10] Daviey: i just noticed and its been synched now [14:10] Daviey: now i have to fix keystone [14:10] i am using kvm on centos 6.2 ,i have installed another ubuntu 10.04 as a guest if i want to access ssh of guest kind of network i have to use -- i want to use guest from outside [14:10] awesome. [14:11] GRUB should point to my boot partition, from where the initrd should know to mount the LVM, was my understanding? [14:13] MoleMan, Yes, grub should look in /boot for kernel and initrd, from there it looks for the uuid of /. But if you generate grub.cfg while / is still mounted from the partition, the scripts to generate the grub.cfg would pick that still [14:14] not to mention that /etc/fstab is not updated either. Not sure but that might get used by something as well (at least misleading mtab probably) [14:14] I updated /etc/fstab to have the new root UUID. === bladernr_afk is now known as bladernr_ [14:15] then ran update-initramfs to update the initrd. [14:16] MoleMan, Ok, but check /boot/grub as well, just to be sure [14:18] smb: what am I looking for? [14:19] MoleMan, something like "search --no-floppy --fs-uuid --set=root 2eab68c5-c6fa-405d-a360-1f6f1690bbb3" with your current partition root's uuid [14:20] yeah just saw that, would the easiest thing to do be boot a live CD, chroot and grub-upate (or whatever the command is)? [14:20] Or actually there are linux "/boot/vmlinuz-*-generic root=UUID=xxx ro quiet splash" lines later for the kernel [14:21] MoleMan, Ok, that should work too (like use alternate-cd and rescue mode) [14:21] New bug: #931448 in quota (main) "package quota 3.17-6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/931448 [14:21] MoleMan, Then choose the lv as root and runn a shell in there to update-grub [14:22] MoleMan, The advantage of alternate (or server) cds is that you have lvm ready to use [14:23] does the alternate disk have an easier rescue mode than using the desktop live CD and using terminal to manually mount everything and chroot? [14:24] If so I'm going to get easily irritated... the server CD I had if it went to rescue mode had a very limited busybox? [14:25] MoleMan, In the sense easier that it guides you to mount and run a shell in a root of your choice and it has lvm to actually let you select the lv. Hm, I thought the server CD's rescue mode was the same as alternates === yakster_ is now known as yakster [14:25] And it would give you a selection of partitions or lvs to mount as root and then execute a shell (ok then I usually type bash in there) [14:29] Its strange, it seems as if its starting to install over the top because it asks for system names etc, which always worries me, give me a second I will try to boot the new server disc... [14:32] MoleMan, It does ask those things. Which could be confusing, but it should not ask about where to install [14:33] smb: do you know why it asks for the hostname etc? does it actually matter what I put? [14:34] MoleMan, Just gives the current rescue boot that name. It does not matter that much really. [14:35] Don't think any service (like ssh) is started but I might be wrong there [14:35] well I'm using YUMI multiboot and if I try to launch server it only gives me the install option [14:36] not sure if its worth me burning a disc or just using the ubuntu desktop liveCD [14:36] Hm, don't know about that one. I normally either use a cd or put things on a usb stick with usb-creator [14:38] MoleMan, From the desktop life cd you would have to install lvm and then mount the fs yourself and do the chroot on your own. It should work the same [14:38] yeah, I used to, then I started using YUMI MultiBoot because it means I can choose from god only knows how many different things I can install on one memory stick... [14:38] * smb must admit he did not look at the life DVDs for a while in detail [14:38] * MoleMan looks through heap of CDs on desk and in shoebox [14:38] or life CDs either [14:40] the only server disc I have is 10.10 which gives you a limited busybox with 'bash like' commands... which is why I have been using the desktop and doing it manually as I wasn't sure what I was restricted to [14:42] MoleMan, Other option is to be daring and replace the uuid of the first kernel sections uuids (if there a multiple which would give a fallback). Actually the rescue a broken system boot should have been the same for even beyond Maverick [14:53] any upstart expert in the room ? === caribou_ is now known as Caribou [14:54] I'm seeing what looks like a race condition with the mongodb upstart start sequence [14:54] I've seen cases where the db daemon was starting databases before /var/lib/mongodb File system was mounted [15:02] smb: do I need anything special in the options for the mount in fstab? [15:05] MoleMan, Probably depends on what you want to achieve. For root the default is errors=remount-ro... [15:07] smb: yeah I just copied the ones from root, I was wondering if there were any others specific to LVMs but it doesn't matter. [15:07] smb: more to the point: THANKYOU!!! IT WORKS!! been trying to sort this on and off for like a week... [15:08] MoleMan, No, there is no difference between a lv and a partition in that respect [15:08] MoleMan, Heh, good to hear :) === jodh is now known as jhunt [15:10] adbauvjhgvlkjabsgfaqs;lbgr #rage# [15:10] everything is owned by root #sob# [15:11] smb, could you please take a look at https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/898373 [15:11] Launchpad bug 898373 in cloud-init "fsck.ext3: Device or resource busy while trying to open /dev/xvda2" [High,Confirmed] [15:11] slangasek is fairly sure nothing in user space at that point should have a device busy to stop fsck [15:12] MoleMan, That probably depends on how you created your copy. [15:12] smoser, looking [15:12] smoser, Oh wasn't that the one you mentioned in last weeks meeting? [15:13] smb, yeah, there are kind of two parts to it [15:13] one is that fsck is failing, claiming busy device (this one is instance-store i think). [15:13] other part is bug 928990 [15:13] Launchpad bug 928990 in cloud-init "fsck / dirty filesystem on instance is death" [High,Triaged] https://launchpad.net/bugs/928990 [15:13] which is unfortunately functioing as currently designed. [15:14] right, so is there an option or something for cp to retain the owner + group settings? [15:14] MoleMan, cp -a should do it. [15:15] ok thanks, I will do that later... for now, I'm going to see the GF. Thanks for your help... [15:16] MoleMan, Np, oh, actually cp -ax maybe (to only copy one fs) [15:18] I typically just use rsync for anything more complicated than a single file [15:18] smoser, Hm, wonder whether we could sneak in a fuser into the init scripts error path... But I need to take a bit more time for the logs first [15:18] ok, I'll look into it and doublecheck when I get back, will look at rsync maybe [15:18] cya [15:32] zul, Daviey, adam_g: for the openstack stable pre-commit testing [15:32] a) do we want to merge/maintain a verion history like we do for trunck testing [15:33] and b) upload to PPA? [15:33] a) yes b) yes [15:33] OK - just checking! [15:33] jamespage: no worries [15:34] zul: hmm - so the reason I asked about the branch for version history was that we are going to trigger on patch upload into gerrit [15:34] so we could end up with multiple entries for the same gerrit review - might get kinda messy [15:35] jamespage: yeah [15:35] hmm - I guess it does not matter that much [15:35] it doesnt matter to me i guess [15:40] jamespage: Hi, thanks for reviewing my package [15:40] jamespage: I have some questions though if you have time [15:40] brendan0powers, no problem [15:40] ask away [15:41] Ok, That bonjour exe file shouldn't have made it into the source archive [15:41] it was just there to help automate the windows builds === 31NAAV9PE is now known as irvee [15:41] Is it possible to remove it from the .orig.tar.gz without incrementing the software version? [15:42] brendan0powers, yes - you can simple repack the orig.tar.gz and exclude files you don't want [15:42] Ok, and launchpad won't complain that the file changed? [15:43] brendan0powers, ah - now that is a different matter [15:43] I may be able to remove the package from launchpad completely [15:43] then re-upload it [15:43] brendan0powers, not in the same PPA I'm afraid [15:43] Ah, that's too bad [15:44] I suggest that we start using a bzr branch whilst we go through review [15:44] that way you can make changes incrementally without having to push to a PPA for me to be able to see them [15:44] so with regards to repacking the orig.tar.gz [15:44] The packaging info is already stored in a mercurial repo, is that OK? [15:45] brendan0powers, that's fine; in which case its probably worth referencing where the packaging source code is stored [15:45] in the debian/control file [15:46] brendan0powers, http://www.debian.org/doc/manuals/developers-reference/best-pkging-practices.html#bpp-vcs [15:47] brendan0powers, is there a published source distribution of rsa? [15:47] i.e. a tar.gz that you could download and build [15:47] jamespage: No, only source packages, or the VCS [15:48] brendan0powers, can you point me at the Vcs location? [15:49] rsa/rds BTW [15:49] jamespage: http://bitbucket.org/resara/resara-server [15:50] pacakges are stored in rds/packages/[ubuntu codename] [15:50] jamespage: although the precise stuff hasn't been pushed yet [15:52] brendan0powers, I see [15:52] so how are you generating the .orig.tar.gz at the moment? [15:53] jamespage: I have a script that does it [15:53] jamespage: also not commited:) [15:53] I will push everything in a few minutes [15:54] brendan0powers, so I notice that you have tagged releases in bitbucket which allows you to then download that commit point as a tar.gz [15:55] that would be acceptable as the orig.tar.gz - I do similar for a number of packages I maintain based on projects in github.com [15:55] jamespage: Ok, I will think about that [15:57] brendan0powers, that way you should be able to add a debian/watch file which can be used to download the orig.tar.gz - it can also run a specified script once downloaded to do any repacking required. [15:57] jamespage: repackaging? [15:58] brendan0powers, repacking - removing any files that you don't want in the orig.tar.gz [15:58] exe's for example :) === sixstringsg|away is now known as sixstringsg [16:00] jdstrand: ping [16:00] Caribou: pong [16:01] morning jdstrand ! [16:01] hi! [16:01] would you be interested in an update from my PXE/tftp issue of last week ? [16:01] if you have a couple of minute to spare, or I can email it to you [16:01] jamespage: Ah, that could be useful [16:02] jamespage: do you know where I could find documentation on that? [16:02] Caribou: I can take a look; perhaps I can add something to help [16:02] jdstrand: well I think that I have sorted it out [16:02] brendan0powers, 'man uscan' is a good place to start [16:03] Caribou: oh, excellent [16:03] jamespage: thanks [16:03] Caribou: I'm definitely curious on what it was [16:03] jdstrand: it's interaction b/w firewall NAT rules & conntrack helpers [16:03] interesting [16:04] brendan0powers, as you are endeavouring to get this into the distro is probably worth thinking about packaging versions separate from the 'upstream' version [16:04] jdstrand: privmsg [16:04] jamespage: I'm not sure I understand that [16:05] brendan0powers, OK you are packaging 1.1.0 of rds - which is the upstream version [16:05] the packaging is then appended to that - -0ubuntu1 or suchlike [16:06] by separating the packaging from the upstream codebase they can be versioned independently [16:06] -0ubuntu2.... [16:06] when a source package gets uploaded to ubuntu it gets automatically imported into a bzr branch - in the case of this package it would be : [16:07] lp:ubuntu/rds [16:07] and then lp:ubuntu/precise/rds once precise gets released [16:08] you can say - well actually we manage the packaging source code for this somewhere else - thats what the Vcs-* fields are for in debian/control [16:08] but that is really a reference to the packaging source - not the upstream source. [16:09] jamespage: Ok, so you suggesting I store the packaging source somewhere else [16:09] Like, in a bzr repo on launchpad [16:09] hallyn: ping [16:09] and then use the debian/watch file to pull in the orig.tar.gz file? [16:09] brendan0powers, thats it! [16:10] brendan0powers, once the package gets imported into the bzr branch in launchpad [16:10] it will contain both the orig.tar.gz and the packaging [16:10] bzr uses tagging, branches etc to manage that [16:10] utlemming: yo [16:11] hallyn: so cloud-images and lxc -- I was playing with them the other day [16:11] brendan0powers, it means that you can bzr branch lp:ubuntu/rds and it will give you everything you need to build the package [16:11] jamespage: I still don't understand that part [16:11] utlemming: you're about to tell me you love it [16:11] jamespage: is there some documentation on that? [16:12] hallyn: I discoved two things we need to do if they are outside a cloud -- we need to set the locale to that of the host and we need to figure out hostnames...but otherwise I love it [16:12] brendan0powers, I think this is the latest - http://developer.ubuntu.com/packaging/html/index.html [16:12] hallyn: speficially, for the hostname situation, the container has the default hostname of "ubuntu", which then doesn't map to an ip [16:13] brendan0powers, I'd not worry to much about that for the time being [16:14] having a location to download the orig.tar.gz from and adding a watch file to your packaging would be a better place to start [16:14] jamespage: Ok [16:14] utlemming: you can specify a hostname by specifying a config file containering "lxc.utsname" [16:14] i.e. cat > lxc.conf << EOF\nlxc.utsname=mylxc\nEOF [16:14] jamespage: I'l probably have to create a new tag for the precise package, as I've had to make some changes to the build system [16:14] followed by "lxc-create -t ubuntu-cloud -f lxc.conf -n cloud1" [16:15] brendan0powers, OK [16:15] jamespage: I think I have enough to go on for now [16:15] utlemming: as for locales, I know nothing about them (C is my locale), but I know stgraber wanted something too [16:15] jamespage: thanks for your help, and I'll let you know when things are a little less broken:) [16:15] hallyn: the locale is easy...and I'll get you a patch for that [16:15] i don't particularly care, if you want to install the host's locale in both ubuntu and ubuntu-cloud templates, go for it [16:16] utlemming: cool [16:16] brendan0powers, feel free to ask questions both on this channel and in #ubuntu-devel - there is normally someone around to help! [16:16] jamespage: where did you get your reverse-depends script from? apt-file can't find it. [16:16] rbasak, ubuntu-dev-tools [16:16] rbasak, think that is new in precise tho [16:17] Aha, thanks [16:17] rbasak, I did a rebuild test over the weekend for openmpi [16:17] about ~30 packages failed to rebuild [16:17] * jamespage goes to dig out the results [16:17] Would you happen to have the build logs handy, by any chance? [16:18] What's odd is that I can get boost-mpi-source1.46 to build if I do it by hand, even in a schroot. [16:18] rbasak, http://paste.ubuntu.com/840557/ summary [16:18] The other option is to add a new libopenmpi1.5 package. [16:19] rbasak, I seemed to be getting issues with a compiler openmpi provides not actually working - its was segfaulting [16:22] rbasak, that caused an early failure which then resulted in some un-installable package scenarios (failed rather than attempted status) [16:24] hallyn: the lxc/upstart issue seems to depend on what jobs you have + potentially timing of the boot [16:25] hallyn: I reproduce it every single time on a physical machine but can't reproduce in a VM [16:25] hallyn: I'm talking with jhunt about it though [16:28] hey, can anyone advise me on speeding up ubuntus apache configs? i am getting around 500k hits a day, and at the moment the request time is 15000ms/request! on CentOS its fine.. [16:29] Request rate: 0.0 req/s (20211.4 ms/req) [16:31] New bug: #914392 in juju "LXC local provider does not respect 'series' (only installs oneiric)" [High,Fix released] https://launchpad.net/bugs/914392 [16:33] Hi, I have a static Ip set up on a server, however after some time it'll automatically disregard the settings in /etc/network/interfaces and take an IP from DHCP ? [16:34] satyanash: do you perhaps have network-manager setup to manage the device as well? [16:34] Daviey: lp:~ubuntu-server-dev/keystone/debian-merge/ [16:34] SpamapS, I don't think I have NM installed.. [16:35] SpamapS, unless it comes in the default server installation. [16:36] satyanash: definitely not. [16:36] satyanash: perhaps you have a leftover dhclient running from before you made the ip static? [16:36] The server has restarted several times before.. [16:37] SpamapS, I think I remember installing nm on this server.. [16:38] satyanash: perhaps remove it. :) [16:38] SpamapS, what is the package called ? [16:38] stgraber: ok. I suppose if we have to we can ship a script that closes fds > 2 (which it finds in /proc/self/fd) before starting the container [16:38] or provide a flag to lxc-start to not just complain, but close open fds [16:39] hallyn: yeah, jhunt gave me the needed changes to close the extra fd, I'll push that probably later today [16:40] SpamapS, aah.. Sorry, I dont have it installed, installed wicd-cli instead of NM earlier... [16:41] hi SpamapS [16:43] Okay, I guess removing wicd should also be done.. [16:43] changes to upstart, so those fds aren't needed? [16:43] stgraber: ^ [16:43] SpamapS, I guess I'll have to wait it out, since it changes randomly.. thanks though.. [16:43] satyanash: is dhclient running? [16:44] hallyn: nope, an hack in the job, we're still looking into what could be the cause of the upstart issue [16:44] SpamapS, yes, [16:45] * satyanash kills dhclient === sixstringsg is now known as sixstringsg|away [16:45] "warning: skipping optional Message Passing Interface (MPI) library." [16:46] Not a good warning to see when I'm trying to build boost-mpi-source1.46! [16:46] anyone here see CVE: CVE-2011-3639 its an apache mod-proxy vulnerability [16:46] dwbear: The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: t [16:49] bleh [16:49] smoser, Not sure how relevant this is but I would read the init dependencies in a way that the mount of / should have succeeded before clould-init-local is started. Yet, the logfiles seem to mix output of the two like those did run at the same time [16:51] hey, can anyone advise me on speeding up ubuntus apache configs? i am getting around 500k hits a day, and at the moment the request time is 15000ms/request! on CentOS its fine.. [16:56] satyanash: you may want to look at what is actually running dhclient [16:57] Benchmarking 159.253.141.242 (be patient)...apr_socket_recv: Connection reset by peer (104) [16:57] Total of 20 requests completed < this is not normal! [16:57] uvirtbot: anything more ? bottom line seems to be the current patches don't were and we are still vulnerable. [16:57] dwbear: Error: "anything" is not a valid command. [16:58] anyone else not a bot have advice related to the apache proxy issue ? [17:20] smb, the fsck that is complaining is about /mnt (not /) [17:21] so that is after / is mounted (you'd think) [17:21] but really, cloud-init is not at all involved in this. === fenris is now known as Guest17978 [17:22] smoser, Hm, well actually / would be mounted even before. Think that is done in init-bottom and then already pivoted before anything else. But I got confused about what complains anyway... :/ [17:23] right. [17:23] clearly / is mounted/. [17:23] but cloud-init is'nt really involved in this path. [17:23] other than possibly forcing a intersection point in the boot on network and / mounted RW [17:23] So in the depth of cloud-init, do we have anything that would/could touch /mnt? Like scanning for uuids or so [17:24] hm.. [17:24] smb, possibly... cloud-init does run 'blkid' but that (i think) should only happen on the first boot of the instance. [17:24] and this is not the first boot. [17:24] oh... wait. [17:25] it could be related. [17:25] we recently changed that to run every boot. [17:25] Ok, just wondering. It must be something that only takes a short time. Otherwise we would likely see it more often [17:26] http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/precise/cloud-init/precise/view/head:/cloudinit/CloudConfig/cc_resizefs.py [17:26] SpamapS, okay, will check process owner next time IP auto-changes.. [17:26] smb, that is what runs that runs blkid [17:27] and we even explicitly tell it to not look at consult a cache [17:29] smoser, Hm, ok. Guess I try to see whether I can get it to reproduce even with a fake cloudinit locally. Then maybe try to add a bit of debugging to that part [17:31] zul: you hit this yet? tests started failing over the weekend because of it, http://paste.ubuntu.com/840651/ [17:32] adam_g: not yet [17:49] hallyn: oh, just got my first clean boot on that machine, without changing anything... [17:49] hallyn: actually, no, I changed something, not sure that's the issue though, /me gets back to testing [17:50] (I turned off the ldap plugin in nss between the last reboot and this one) [17:55] hallyn: confirmed, turning on libnss-ldap in my test VM reproduces the issue [18:01] within the context of cobbler/orchestra is there an 'accepted' way to handle named zones (or records) that are not directly created by cobbler? [18:06] stgraber: libnss. that's caused troubles before... with c/r. [18:06] in fact, it was the same issue. couldn't checkpoint bc it kep topen fds into another ns [18:08] hallyn: yeah, in this case it looks like upstart uses nss at some point (usually pretty difficult not to) and keeps the ldap socket open as it's not marked SOCK_CLOEXEC [18:09] hallyn: I'm not sure whose fault it's though, might be nss, might be nss-ldap or even libldap [18:09] bleh [18:09] one of them isn't setting CLOEXEC [18:09] it might be a "feature" [18:09] i wont' object if you want to assign the lxc part to me and have me add the 'close-all-fds' option [18:10] hallyn: that'd be great, I'm having a difficult time closing these fds in shell, the code jhunt gave me doesn't work, even though it matches the manpage ... [18:11] stgraber: in fact maybe -d should just imply that option - you're not going to see the failure (iiuc) anyway, so no sense sending a warning and failing === Guest48794 is now known as Internaut === Internaut is now known as Guest93395 [18:13] hallyn: updated the bug, I guess making it a default for -d makes sense, yes === Guest93395 is now known as Internaut === Internaut is now known as Guest82735 === Guest82735 is now known as Internaut [18:18] hallyn: took me my morning to track down that one but at least we know what it's now ;) [18:18] stgraber: thanks for that [18:18] hallyn: would have been a pain to debug post-release when people start deploying real servers (where LDAP is fairly common) [18:19] stgraber: well i'm not sure how many people will use the autostart - though i guess if i document it in the server guide, they're more likely to :) [18:19] well, I know I'll for all my servers and so will the Revolution Linux folks for all the customers they move from OpenVZ [18:20] these are production servers where each service or in some cases website runs in a separate container, in these cases you want everything back online after a reboot [18:20] people using lxc for development environments are indeed less likely to use the autostart though [18:21] bleh, reproduced bug 930430. can't find where it does it, but do i think juju is doing it, not lxc [18:21] Launchpad bug 930430 in lxc "lxc-ls requires root access after deploying an LXC instance" [High,Confirmed] https://launchpad.net/bugs/930430 [18:28] hey hallyn. Just discovered lxc-setuid when I was going to have to try and do something similar myself (I was intending to do something more limited, but if lxc-setuid is built-in that's compelling). However AFAICT it is not working (I ran sudo lxc-setuid and then lxc-start -n whatever and it complained about insufficient privs, among other things). Do you consider lxc-setuid supported, or not so much? [18:32] gary_poster: not so much [18:33] i consider it unsafe, in fact (since it doesn't add appropriate pam-cap controls over the inheritable capabilities) [18:34] hallyn, cool. thanks [18:35] gary_poster: if it's important to you, we can look into how to get it working better. but i was sort of waiting until user namespaces are in, because those will remove a huge portion of the needed privilege [18:35] stgraber: were you going to hit bugs 925122 and 880968 ? or should i? [18:35] Launchpad bug 925122 in udev "container's udevadm trigger --add affects the host" [Medium,Confirmed] https://launchpad.net/bugs/925122 [18:35] Launchpad bug 880968 in ureadahead "ureadahead should not run in containers" [Low,Confirmed] https://launchpad.net/bugs/880968 [18:37] I was actually wondering if we'd have any benefit in getting ureadahead working in a container but I guess not ... [18:37] I'll take care of these two today [18:37] hallyn: did you see my ifupdown upload? [18:37] no [18:37] hallyn, maybe this is a "fools rush in..." sort of thing, but we are planning to have a more limited approach of a stupid simple C wrapper (a la http://paste.ubuntu.com/840736/) with setuid that makes the exact lxc call we need. Since what we need is automated/repeated/identical that should work fine for us. [18:37] stgraber: great, thanks [18:38] So IOW I don't think we need lxc-setuid now, thank you [18:38] hallyn: I added a new network-interface-container.conf emitting net-device-added for 'lo' in lxc and lxc-libvirt [18:38] gary_poster: sounds good [18:38] cool [18:38] hallyn: this was needed because I discovered some jobs are "start on net-device-up IFACE=lo" and that even would never be emitted [18:38] stgraber: ah, cool. [18:38] *event [18:38] stgraber: heh, so which jobs were they? [18:38] munin-node is the one I noticed, probably others [18:46] hallyn: did you confirm we still get net-device-added for eth0 in a container without udevtrigger? [18:46] stgraber: i thought i did but can't swear by it now, actually [18:46] ok, testing again then ;) [18:48] hallyn: container doesn't boot with the change ... [18:48] looking into why now [18:49] no wait, i have a container i use every day which doesn't have udevadm trigger [18:49] and yes it has an ip address and boots fine. [18:49] (weird) [18:49] hallyn: and does it boot in less than a minute? [18:50] stgraber: yes, quickly === sixstringsg|away is now known as sixstringsg [18:50] any idea why a default, network manager controlled interface would spam dhcp requests? [18:51] stgraber: http://paste.ubuntu.com/840762/ is its udevtrigger.conf [18:52] hallyn: I definitely didn't get an even for eth0 in mine ... [18:52] *event [18:52] oh, the event. hold on [18:53] though my upstart job is wrong as I should call udevadm settle regardless and currently I don't [18:54] yeah there's an event [18:59] I'm having trouble with Upstart, as well, it won't start cron since the upgrade to 11.10, but the strange thing is "cron" won't start up manually neither [18:59] eyy1sup: you should have a message in /var/log/syslog explaining what the exit code for crond was [19:01] eyy1sup: one common problem is that cron ends up starting before NIS or OpenLDAP, which may be needed to enumerate users. [19:02] eyy1sup: likewise if there are other sysvinit scripts supporting the users' home dirs, same problem. [19:03] SpamapS: but at least crond should respond to "sudo service cron restart", shouldn't it? In my case it won't respond to anything, also initctl returns nothing, as if it's not running :( [19:05] hallyn: http://paste.ubuntu.com/840778/ [19:06] not sure 'exec' is needed before 'exit 0' [19:06] but looks good. [19:06] smb, i would think that you could reproduce within kvm if you seed the image with cloud-init data and just keep rebooting. [19:07] i just haven't had time to dig at it really. [19:07] hallyn: it's not, if you don't exec it'll take the exit value of the last thing called, in this case, udevadm or exit [19:09] eyy1sup: in precise and later, that will work. But unfortunately, in << precise, 'service any-upstart-job restart' will not start it if it is not running. [19:09] smoser, I was hoping to do the same with xen. Though must admit that looking at the OVF doc (which I cannot use when using PVM as there is no cdrom) and trying to figure out how much I would need in seed/nocloud I would be rather motivated to apt-get purge cloud-init again. If not the bug was related to that. [19:10] eyy1sup: status cron should show stop/waiting [19:10] stgraber: huh? 'exit 0' should exit 0, no? [19:13] hallyn: yes, as I said, the 'exec' is NOT needed ;) though it doesn't make any difference either [19:13] stgraber: oh sorry, misunderstood you [19:13] hallyn: http://paste.ubuntu.com/840788/ [19:15] stgraber: hm, but, that works? in that case, won't the last thing called be a failed test? [19:15] zul: pingb [19:15] adam_g: whats up? [19:16] stgraber@castiana:~/Desktop/lxc/udev/debian$ ([ '1' = '2' ] && echo pass || echo failed) ; echo $? [19:16] failed [19:16] 0 [19:16] hallyn: ^ so in the if statement itself should return 0 in that case [19:16] stgraber: but there the last thing was the result of 'echo failed', not of the test === sixstringsg is now known as sixstringsg|away [19:17] zul: how did the CI packaging diverge from what we've got in ubuntu? [19:17] hallyn: good point ;) [19:18] stgraber: http://paste.ubuntu.com/840793/ (in dash) [19:18] adam_g: the temp_fix that you had on friday didnt get in when i did the upload and i added the libvirt-console patch on friday, today the libvirt-console patch got rediffed and the your temp-fix got merged upstream [19:18] $ if [ '1' = '2' ]; then echo pass; fi; echo $? [19:18] 0 [19:18] hallyn: also in dash ;) [19:18] zul: but nova.conf is reverted to some old version, i dont know what else [19:18] adam_g: what are you seeing? [19:19] stgraber: interesting! [19:19] hi guys. hope everyone's doing well. [19:19] I could use some help, please - I've had a catastrophic failure on one of my server's drives (a WD caviar black), but I've manages to recover most of the important data (using the recovery remix) - fat help SMART did me. [19:19] how can I do a deep, thorough, comprehensive disk scan of the remaining drives do ensure they're healthy & to pre-emptively fix any other issues that might occur with them? [19:19] zul: http://paste.ubuntu.com/840796/ [19:20] adam_g: i mean what failures are you seeing [19:21] SpamapS: status cron shows absolutely nothing, also my "runlevel" returns "unknown"... this upgrade really messed me up [19:21] zul: nova volume is broken [19:21] eyy1sup: are you in a recovery shell? [19:21] eyy1sup: and did the upgrade claim to have completed? [19:21] adam_g: how is it broken? [19:21] zul: because of the nova.conf changes in that diff, im not sure why those were merged [19:21] eyy1sup: what did you upgrade from / to ? [19:22] adam_g: ah i think i know why [19:22] adam_g: because i merged upstream changes this morning...gimme a sec [19:22] zul: why did nova.conf flags change in that merge? [19:22] adam_g: because they arent using tgt as default [19:22] zul: yeah... so, the nova.conf merge was a mistake? [19:23] SpamapS: the upgrade said complete (without errors) and then I couldn't boot because of the /var/run move to /run, which I had to move the old structure to new and setup symlinks... then booting worked but half of the services (cron, proftpd, apache2) were not starting up.... while I could start apache and proftpd with the "service XXXX start", cron was not working like that [19:23] adam_g: well no it wasnt a mistake per say its just that their default nova.conf clobbered ours, just a sec === sixstringsg|away is now known as sixstringsg [19:26] i assumed it was [19:26] adam_g: ok pushed, should be fine again [19:27] zul: k [19:28] zul: whered you push? [19:28] eyy1sup: is this by any chance a vmware VM? [19:28] ubuntu-server-dev [19:29] ah, k [19:29] SpamapS: no, it's a standalone server actually, all upgrades have been smooth from 9.x onward... except last night when I upgraded from 11.04 to 11.10, I tried to force reinstall cron and upstart but to no avail [19:36] eyy1sup: how did you do the upgrade? [19:37] SpamapS: with the 2 commands: sudo apt-get update; sudo apt-get dist-upgrade [19:37] zul: --use_deprecated_auth is still enabled, we disabled that [19:38] eyy1sup: any reason you did not use the supported way, do-release-upgrade ? [19:38] eyy1sup: granted, that *should* work [19:38] adam_g: pushed [19:38] eyy1sup: but I suspect there was a missing dependency somewhere that broke the sequencing of the dist-upgrade [19:39] SpamapS: no reason at all, I've been using those 2 commands since I deployed this machine back in 2009... I did not know do-release-upgrade existed [19:39] SpamapS: when I try to upgrade again, it says "everything up to date", I also tried the apt-get to clean out dependencies and stuff... nothing unusual there [19:40] hallyn: hmm, actually, I can't upload these fixes just yet [19:40] hallyn: we need to have upstart built on all architectures first [19:40] how can I do a deep, thorough, comprehensive disk scan of the remaining drives do ensure they're healthy & to presumptively fix any other issues that might occur on my HDD's? [19:40] stgraber: is that just a matter of buildd build time? [19:41] zul: when jenkins runs a trunk build, it merges ~ubuntu-server-dev with ~openstack-ubuntu-testing. does it push that merge back up to lp:~openstack-ubuntu-testing? [19:41] hallyn: no, that's a matter of fixing upstart tests to pass on armel, armhf and powerpc [19:41] adam_g: yes [19:41] cool [19:41] adam_g: im in the middle of refactoring the tarball scripts [19:41] fun. lemme queue up the song "this is gonna hurt" [19:43] SpamapS: it seems like a badly botched upgrade this time, I'm leaning towards a fresh install here [19:43] eyy1sup: sorry that this is broken. :-/ if you have backups, I'd go back, and do it with do-release-upgrade [19:43] eyy1sup: the /run transition has been particularly nasty. [19:43] SpamapS: any idea how to find out on which HDD is Ubuntu installed? I have 2 external HDDs and I don't want to erase them, just the internal HDD [19:44] hallyn: I'm pushing the changes to the packaging branches with a huge scary warning so people don't upload these two until upstart is fixed. [19:45] eyy1sup: mount will show you what is mounted where [19:45] stgraber: does the warning include bug# for the upstart problem? [19:45] eyy1sup: to be sure, you should note the UUID's of each device with 'blkid /dev/sdXX' [19:45] hallyn: I'm not even sure we have a bug# for it ;) [19:45] d'oh. noone working on it then? [19:46] hallyn: I know it's pretty high on James' todolist though, that'll be fixed with the next upstart upload [19:46] ok [19:46] hallyn: well, it's been like that for a month or so ;) [19:47] SpamapS: only sda1 and sda5 return an UUID, others nothing... this just tells me the HDD"s unique ID, correct? How do I know where Ubuntu is installed? [19:49] eyy1sup: from the mount command [19:49] Filesystem 1K-blocks Used Available Use% Mounted on [19:49] /dev/sda4 153923360 132463536 13753456 91% / [19:49] SpamapS: seems cat /etc/fstab shows sda5 as my /boot [19:49] eyy1sup: fstab shouldn't say 'sda5' [19:49] eyy1sup: shuild say UUID=........ [19:49] eyy1sup: I suppose if your system is old enough it may have an older /etc/fstab [19:50] hehe, this system comes from 9.10, upgraded always [19:50] maybe 9.10 had an older fstab [19:50] SpamapS: /dev/sda5 on /boot type ext2 (rw) <- this is shown by mount... safe to assume sda5 is the Ubuntu HDD? === shadeslayer_ is now known as shadeslayer === koolhead17 is now known as koolhead17|zzZZ === sixstringsg is now known as sixstringsg|away [20:21] New bug: #931660 in rabbitmq-server (main) "package rabbitmq-server 2.6.1-1ubuntu4 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/931660 [20:25] hallyn: hmm, actually I'm now sure how to fix ureadahead, it's currently starting before mountall and so before container-detect [20:25] hallyn: so adding a "and not-container" would just prevent it from starting completely [20:27] hallyn: did you ever see this in Precise? [20:27] stgraber: for now we can just have it duplcate the checks... [20:28] not sure. maybe not. [20:28] stgraber: you mean dealyed shutdown? [20:28] stgraber: I think that went away because the kernel-supported reboot is tougher :) [20:29] yeah, I don't remember seeing a container hang at least since we have the new kernel and I can't reproduce the ureadahead error messags [20:29] i.e. it now kills any hanging tasks, whereas with the utmp helper it (the lxc monitor) waited for all tasks but init to exit [20:29] *messages [20:29] more rephrase: the *kernel* kills any hanging tasks when sys-reboot is issued, [20:30] so the similar problem with ssh sometimes hanging will also be no problem [20:30] hallyn: would you be opposed to me marking this won't fix? AFAICT ureadahead is actually doing what it should and it's probably failing just as badly on a real system [20:30] stgraber: that's fine - the log issue will be fixed when we have syslog namespaced [20:32] hallyn: updated the bug [20:38] hello [20:39] can someone give me some info on postfix and mailx, please? [20:39] I have some questions i can't find solution... [20:39] Just try and ask :) [20:40] can postfix send an email directly or it needs an ISP's SMTP server? [20:41] it is the ISPs SMTP server, quite often [20:42] Vancio: Both [20:42] if you unset smarthost, it will lookup mx records itselve [20:43] ok... thanks [20:44] :) [20:46] stgraber: I don't see your changes at ubuntu:lxc ? [20:47] hallyn: for? [20:47] oooooh - [20:48] i thought you had an lxc change too. i didn't realizde it was only the upstart branch [20:48] nm :) [20:49] hallyn: right, no upstart changes, only pending one is in the udev branch [20:49] s/upstart/lxc/g [20:55] going out for a bit. will think though the mount stuff. jjohansen: let's talk tomorrow? [20:56] hallyn: sure [21:05] tjaalton: how do you generate orig tarballs from the git repositories you use? [21:07] (I can't use uscan --download-current-version to get 389-ds-base orig, as http://directory.fedoraproject.org/sources/ returns 403) [21:07] kklimonda: upstream provides them [21:08] kklimonda: grab it from the ppa [21:08] i should disable 'ppa' highlights >.> [21:08] :P [21:09] tjaalton: right, you've uploaded it already [21:29] hallyn: I've hit an odd thing...I'm not able to run locale-gen under a LXC container [21:39] Hello, need help, my dmesg is filled with: "generic-usb 0003:051D:0002.0001: control queue full" making it IMPOSSIBLE to ask my APC UPS for any information. How do I fix this? === sixstringsg|away is now known as sixstringsg === dduffey is now known as dduffey_afk [22:48] hallyn: ok, let's try this new lxc see if my containers start now ;) [22:52] hallyn: and it worked! thanks [23:14] stgraber: \o/ [23:17] jjohansen: yeah I've been thinking about it, and i think the lack of remount restrictions is fine. That's so long as mount restrictions either (likely) forbid bind mounts, or (unlikely) cause original pathname to be used by aa [23:18] (fine for 12.04 :) [23:19] hallyn: err, its not a lack of remount restrictions per say. it a lack of control of all the options available. We will be able to control, mount, umount, remount, move, and pivot root. Its whether some specific options in mount/remount are set [23:20] right. long as i understand you, that's what i meant :) [23:20] ah okay [23:21] so we can forbid remount, just not allow some remounts but not others. [23:21] don't answer that. i'm not eloquent today [23:21] hallyn: even can be selective on them [23:21] Hey, I am newbie, and I would like to set up a SOCK5 server using ubuntu server. Could you tell me / link me on how do I go about this? [23:21] i'll wait for the debs and policy instructions :) [23:22] okay [23:39] smoser: if you're around, where can i find the old eucalytpus stress test suite?