[00:21] <uvirtbot`> New bug: #946737 in libcgroup (universe) "Broken logic in /etc/init/libvirt-cgred-wait.conf" [Undecided,New] https://launchpad.net/bugs/946737
[03:45] <hallyn> stgraber: (on blog post) cool.  I've had smoser asking about thigns like that before (and handed him a custom script iirc).  so i wonder if we want to support that in the pkg
[03:45] <hallyn> i.e. have a single command that takes an image of any kind and starts it as a container
[03:45] <hallyn> (probably ephemeral)
[03:51] <hallyn> (out)
[04:12] <Zanzacar> I was looking over this certified hardware http://www.ubuntu.com/certification/ and was wondering if ubuntu server could be run on the desktops? Any thoughts?
[04:16] <qman___> Zanzacar, ubuntu and ubuntu server are largely the same and can, for the most part, run on any x86 compatible hardware
[04:16] <qman___> certified hardware is simply hardware that's been tested, verified, and basically guaranteed to work
[04:17] <qman___> there are always edge cases and certain hardware that has partial or no support, but it's reached a ~99% point
[04:17] <Zanzacar> gotcha well that cool. I guess I can just build my own machine to meet my own specs.
[04:17] <qman___> the hardware to look out for is mostly brand new stuff and rare or unusual stuff
[04:18] <Zanzacar> ok that good to know.
[04:18] <qman___> the latest and greatest sometimes takes a while to get support
[04:18] <qman___> but it's usually easy to find out whether the hardware you want will work
[04:18] <Zanzacar> Ya I dont think I am going to be building anything that powerful. I was just thinking about running a small samba server for a friend company.
[04:19] <Zanzacar> I dont even know if I would need anything over a dual core with 4gigs of ram. Main thing I think would be large enough HDD.
[04:20] <Zanzacar> anyways thanks for the input. I guess I wont worry about it to much thne.
[04:21] <qman___> just do a quick search on the chipsets before you buy
[04:21] <qman___> e.g. "sandy bridge linux support", which took a little while to get implemented
[04:21] <qman___> it's well covered now, though
[04:22] <qman___> if you want to be safe, pick something that's been out a year or so
[04:22] <qman___> and popular
[04:23] <Zanzacar> seems reasonable.
[04:23] <Zanzacar> I know I had a usb wireless adapter that I had to really work to get working. I was just not looking forward to something like that.
[04:23] <Zanzacar> Since if it was his company on the server the last thing I want is some driver/support issue.
[04:23] <qman___> with wireless, always search
[04:24] <Zanzacar> ya I learned my lesson haha.
[04:24] <qman___> same with other cheap, consumable hardware
[04:24] <qman___> but the base systems and main components are generally well supported
[04:24] <qman___> wireless chips are literally flavor of the month
[04:25] <qman___> TV tuners are another hard area
[04:25] <Zanzacar> ya I dont think I am going to have the server running anythign wirelessly
[04:25] <Zanzacar> I think I am just going to have the main components. Nothing fancy.
[04:26] <qman___> hardware RAID controllers usually have linux support, and fakeraid controllers shouldn't be used anyway
[04:27] <qman___> I've had to upgrade a system to accomodate a newer network card, but it did have support
[04:27] <twb> qman___: um, consumable?  That means printer ink and stuff
[04:28] <twb> qman___: ITYM fungible
[04:28] <twb> ...which is an awesome word you should use at every opportunity
[04:39] <stgraber> hallyn: I think it'd be interesting to have a script to deal with VM images bootted in LXC indeed. Supporting using the VM image in read-only mode with an overlay (so ephemeral mode) as well as what I described in the blog post using the .img file as read/write partition.
[04:39] <twb> stgraber: VM as in kvm?
[04:40] <stgraber> hallyn: ideally extending a bit to read /etc/fstab from the disk image and figure out the partition scheme, generating a matching fstab file for LXC (in the case where /usr or /home are on a different partition)
[04:40] <stgraber> twb: yes
[04:40] <stgraber> twb: http://www.stgraber.org/2012/03/04/booting-an-ubuntu-12-04-virtual-machine-in-an-lxc-container/
[04:40] <stgraber> twb: basically explains how to take an Ubuntu 12.04 VM disk image and boot it in a LXC container
[04:40] <twb> ephemeral writes generally require a union tool like mount --union, aufs or unionfs -- and they're usually on a per-file not per-block basis, so a KVM qcow2 would become a whole new image immediately...
[04:41]  * twb reads
[04:41] <twb> Why do you bother partitioning a VM's disk?
[04:41] <hallyn> stgraber: of course that's p+1 territory :)
[04:41] <stgraber> hallyn: definitely :)
[04:42] <hallyn> twb: for kvm :)
[04:42] <stgraber> twb: I don't but I'm sure some people do ;) or use some automated partitioning doing that for them
[04:42] <twb> Yes, silly people do :-(
[04:43] <stgraber> twb: as for the ephemeral stuff, we'd use aufs or overlayfs on top of the mounted filesystem from the VM, not on top of the block device
[04:43] <twb> stgraber: ah, OK
[04:43] <stgraber> so we'd essentially do "kpartx -a" + mount + mount overlayfs + boot lxc from the overlayfs mount point
[04:44] <twb> OK, but at that point you're using lxc with an ex-KVM image, rather than using lxc *and* KVM?
[04:44] <stgraber> well, the idea here is that you can use a single .img and either boot it in a VM or in LXC depending on what you want to do
[04:44] <twb> Nod.
[04:45] <twb> That approach means your LXC is a lot weaker, though. e.g. you can't drop the mount cap
[04:46] <twb> You could, but only if you rewrote bits of the VM's disk (e.g. /lib/init/fstab or /bin/mount) in a way that'd break its ability to boot under KVM
[04:46] <twb> Is overlayfs the one from openwrt?
[04:47] <stgraber> as long as LXC is doing the mounting before calling init, we can still drop mount capability, the system will simply detect they are already mounted at boot time and will work just fine
[04:47] <stgraber> though in 12.04 with the new apparmor changes, having mount capabilities in the container isn't as much as a problem as it used to
[04:49] <hallyn> (i'm out - gnight)
[04:50] <twb> stgraber: IME that is not the case
[04:50] <twb> stgraber: in lucid, if you drop mount caps, upstart will shit itself because even though it doesn't NEED to mount, it will fall down and die because it tries to and fails
[04:51] <twb> That is why all my containers have /bin/mount -> true
[04:51] <twb> That stuff drove me nuts, because there was no easy way to say "no mountall, you DON'T need to mount /var/run again" or whatever it was
[05:05] <koolhead17> hi all
[06:03] <hana>  i cant format my external hard disck in ubuntu?
[06:04] <twb> hana: sure you can.
[06:04] <twb> hana: mkfs.ext4 /dev/sdz
[06:07] <hana> twb:mkfs.ext4/dev/sdz mean by the way the hard disck was i was try to format before in FAT32 and during the format it shows me the error Error formatting volume  Error creating file system: helper exited with exit code 1: helper failed with: mkfs.vfat: failed whilst writing FAT  mkfs.vfat 3.0.9 (31 Jan 2010) and now i cant mount it it
[06:09] <twb> pastebin the full transcript
[06:14] <hana> twb:http://pastebin.ubuntu.com/869421/
[06:18] <twb> It is not obvious what is causing that failure.
[06:20] <hana> twb:i don't now exactly but at the currnet time is also when i insert the cable it doesn't mount proporly. the hard disck have abackup
[06:21] <twb> Is this on a server?
[06:21] <twb> Have you installed a GUI?
[06:26] <hana> twb:  currently i am using in my pc whcich is not serevr
[06:26] <hana> it have GUI
[06:26] <twb> I cannot support that, sorry.
[06:40] <twb> hana: try #ubuntu.
[08:05] <linocisco> how to install vbox guestaddition on ubuntuserver?
[08:22] <linocisco> hi
[08:22] <linocisco> how to use nano like to see line no. as column?
[08:29] <linocisco> hi all
[08:29] <linocisco> I want to find firewall like on fedora
[08:30] <linocisco> in Fedora, there is a file called firewall under /etc/kerber/firewall. How about on ubuntu?
[08:39] <koolhead17> !firewall
[08:53] <linocisco> !firewall = ?
[08:54] <linocisco> koolhead17, so can I edit in ufw ?
[08:55] <koolhead17> !shorewall
[08:55] <koolhead17> linocisco: shorewall is what your looking for i suppose
[08:56] <linocisco> koolhead17, umm. do I have to download shorewall?
[08:56] <koolhead17> linocisco: you need to check/click the documentation link to start with :P
[08:56] <lynxman> morning o/
[08:58] <linocisco> koolhead17, I want to enter this "$ipt -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128"
[08:58] <linocisco> koolhead17, i am refering video on Fedora. but I dont know where to put this command on which file of ubuntu
[08:59] <koolhead17> linocisco: for same reason i gave you the ubuntu documentation link. kindly look/readup
[09:07] <linocisco> koolhead17, I entered one command using nano. but I want to put description or remark beside. how to "syntax"?
[09:10] <jamespage> morning all
[09:12] <koolhead17> hello jamespage
[09:12]  * jamespage waves at koolhead17
[09:12] <koolhead17> wondering why keystone commands started using native --name --service options :P
[09:13] <koolhead17> hello lynxman
[09:13] <lynxman> koolhead17: ello
[09:13] <uksysadmin> morning koolhead17 (and the rest)
[09:13] <koolhead17> :P
[09:13] <koolhead17> uksysadmin: how was it man?
[09:14] <uksysadmin> was a great weekend. good to get back to my own bed though. urs?
[09:14] <koolhead17> great, not at all bad
[09:15] <uksysadmin> :)
[09:45] <linocisco> i want to setup proxy server for windows clients. do I need to do iptables or NAT apart from squid configuration?
[09:51] <eutheria> bbcmicrocomputer B/B+ or master?
[09:52] <linocisco> i want to setup proxy server for windows clients. do I need to do iptables or NAT apart from squid configuration?
[09:52] <eutheria> linocisco, http://bit.ly/z0OI6v
[10:01] <Daviey> linocisco: If you are setting the config on the windows client, then no - just stting up squid to allow connection from the LAN is enough
[10:05] <linocisco> Daviey, I am now configuring squid as per "http://www.ubuntugeek.com/how-to-setup-transparent-squid-proxy-server-in-ubuntu.html". is it enough?
[10:06] <smb> Daviey, upgraded my orchestra server from O to P over the weekend and it is not a happy bunny. Squid->squid3 apparently did not migrate options. And I still have to find out where the cobbler_web went to... :(
[10:07] <bigon> hi, do you think it could be possible to backport last version of puppet to lucid?
[10:08] <micahg> bigon: the oneiric version isn't enough?
[10:08] <eutheria> bigon, what version of puppet do you want?
[10:09] <bigon> with 2.7.1-1ubuntu3~lucid1 I've, in some case, issue with require not being honnored
[10:09] <bigon> works perfectly with 2.7.11
[10:10] <micahg> bigon: is it a no change rebuild on lucid?
[10:10] <micahg> bigon: until maverick is EOL, we'd have to backport lucid all the way through oneiric
[10:10] <bigon> https://launchpad.net/~bigon/+archive/ppa/+build/3254164
[10:10] <micahg> right :)
[10:10] <bigon> well not the right version of debhelper
[10:12] <micahg> bigon: 2.7.10-2 will also cause issues
[10:12] <bigon> well I didn't investigate much
[10:12] <micahg> yeah, backporting from precise will not be fun
[10:13] <bigon> :/
[10:15] <micahg> bigon: I'd suggest waiting for maverick to be EOL next month, and if you then want to create a patch will revert all the newest debhelper/dpkg stuff, I would certainly consider approving backport
[10:15] <micahg> *patch that will revert
[10:15] <micahg> oh, and the ruby package name changes as well
[10:15] <bigon> *sigh*
[10:17] <linocisco> do I also need to setup DNS before we need to setup proxy server?
[10:17] <linocisco> do I also need to setup DNSserver  before we need to setup proxy server?
[10:18] <bigon> micahg: I'll have a look at creating the backport, I need it for a customer anyway
[10:18] <micahg> bigon: if you're willing to make patches for the intermediate releases, I'd consider it as well, but that seems like a lot of work
[10:19] <micahg> bigon: it also requires install/run tests of all the reverse dependencies
[10:19] <RoyK> hrmf. trying to migrate a vm from one host to another fails after upgrading to precise beta http://paste.ubuntu.com/869629/
[10:25] <bigon> :(
[10:27] <eutheria> bigon, can i ask what you use puppet for?
[10:27] <eutheria> i know what is it supposed to do for me, i just never got why i would want to install another app to manage my server
[10:27] <bigon> automatic deployement :p
[10:28] <eutheria> to manage apt?
[10:28] <bigon> well it's a 'company policy' to use puppet to make repeatable deployement
[10:28] <bigon> and here it's for a deployement in the amazon cloud
[10:28] <eutheria> or your own software?
[10:28] <bigon> we try to package everything
[10:28] <eutheria> ah ok
[10:29] <eutheria> i always try and keep my software sandboxed
[10:29] <koolhead17> the essex4 keystone pkg is broken with new error
[10:56] <linocisco> do I also need to setup DNS before we need to setup proxy server?
 do I also need to setup DNSserver  before we need to setup proxy server?
[10:59] <Daviey> zul / adam_g: Can you comment how http://bazaar.launchpad.net/~ubuntu-server-dev/glance/essex/revision/120 relates to https://launchpad.net/ubuntu/+source/glance/2012.1~e4~20120224.1290-0ubuntu1 please?
[11:00] <Daviey> zul: Did you do a local build of https://launchpad.net/ubuntu/+source/python-eventlet/0.9.16-1ubuntu3 before uploading?
[11:07] <eutheria> this duplicity backup system is very unreliable
[11:08] <RoyK> duplicity?
[11:08] <eutheria> yes
[11:08] <eutheria> the backend of dejadup
[11:09] <eutheria> i constantly get missing gpg errors
[11:09]  * RoyK uses Bacula
[11:09] <RoyK> and Bacula is *not* unreliable ;)
[11:09] <eutheria> i am not sure if it is entirely duplicity's fault
[11:11] <RoyK> looks more like a hack than a backup system to me...
[11:11] <eutheria> someone here suggested it
[11:11] <RoyK> eutheria: there are a lot of different species in here ;)
[11:12] <eutheria> i figured as it was the backend to the desktop app it would be ok
[11:13] <eutheria> i am backup up to an external thirdparty, so duplicity seems to fit the bill
[11:15] <eutheria> seems i need to make a backup of the cached sigs as they don't get copied up
[11:15] <eutheria> sometimes
[12:00] <Tm_T> anyone got an idea about a tool that would monitor and alarm (log) when some process takes mem or cpu over defined limit
[12:01] <eutheria> Tm_T, nagios? munin? that sort of thing?
[12:02] <Tm_T> we've been logging once a minute with ps what processes take most of cpu and mem, but between one minute there seems to be something that suddenyl takes all available mem and then disappears (OOM-Kill happens)
[12:03] <Tm_T> eutheria: something that preferably logs to file with as little setup as possible, and is active on monitoring things, as once a minute, or once every 5 minutes isn't enough
[12:04] <eutheria> Tm_T, not sure if there is anything that requires little setup
[12:04] <Tm_T> yeah
[12:05] <Tm_T> there used to be "runaway process catcher" on KDE3, but haven't been able to find anything similar to server environment
[12:06] <koolhead17> Tm_T: i dont know about catcher/monitor but cgroup is something you can look it, i heard it does something
[12:13] <Tm_T> koolhead17: thanks
[12:14] <Tm_T> I'll try make yet another fancy script too
[12:15] <koolhead17> Tm_T: love to read your blog on same :)
[12:28] <thys_> hi.. There are 8 zombie processes on my webhosting server. All my domains stopped working yesterday could the zombies have anything to do with this?
[12:29] <koolhead17> thys_: who knows
[12:30] <thys_> how do I get rid of a zombie process?
[12:31] <eutheria> thys_, fix the parent process
[12:32] <thys_> how do I see information like this using the terminal?
[12:33] <eutheria> ps -axuf ?
[12:33] <thys_> how do I find out which the parent process is
[12:34] <eutheria> does the pretty tree not help?
[12:38] <thys_> how do I know which one I am looking for?
[12:46] <eutheria> thys_, http://bit.ly/AsfyPE
[12:48] <koolhead17> am having another error/warning during dashboard installation from repository http://paste.ubuntu.com/869792/
[12:48] <koolhead17> Daviey: ^^
[13:01] <Daviey> koolhead17: can you report a bug please?
[13:02] <Daviey> koolhead17: is this a clean box?
[13:03] <koolhead17> Daviey: yes.
[13:03] <koolhead17> never installed dash before
[13:03] <koolhead17> i can start a new VM and try it again before reporting :)
[13:04] <Daviey> koolhead17: no, both use cases are valid.. but knowing if it is an upgrade bug, or a new install bug is also useful.
[13:06] <tdn> How can I have my server get two DHCP addresses? It only has one network interface, but I would like to create some aliases for eth0 that also obtains DHCP config. I guess I will have to somehow assign different MAC addresses for each alias. How to do this?
[13:07] <koolhead17> Daviey: let me know when you want to check the keystone again for the fix you pushed
[13:08]  * koolhead17 puts all existing keystone documentation in trash
[13:09] <koolhead17> and points to keystone.openstack.org
[13:10] <Daviey> koolhead17: it's still in the build queue, should be an apt-get away when resolved.
[13:14] <koolhead17> sounds great
[13:25] <rbasak> tdn: perhaps you could use multiple tap devices bridged to eth0 and run dhcp clients against the tap devices. No idea if that'll cause any issues but I can't think of any.
[13:38] <koolhead17> Daviey: https://bugs.launchpad.net/horizon/+bug/947118
[13:38] <uvirtbot`> Launchpad bug 947118 in horizon "Horizon package on Precise throws warning during installation" [Undecided,New]
[13:38] <koolhead17> let me know if i should add some more info?
[13:53] <tdn> rbasak, hmm... Ok. Not sure how to use tap devs.
[14:13] <lynxman> jamespage: Question for you sir, if I wanted to say that package B is an upgrade for B but also obsoletes package A just adding in the control file Replaces: A would be enough?
[14:31] <rbasak> tdn: on second thought I'm not sure it'll work anyway. You have to send to the bridge device to get stuff to go out on the correct interface and then you'd only have one mac address again. Might be worth experimenting though.
[14:50] <tdn> rbasak, ok. Can I create virtual NICs in ubuntu?
[14:51] <patdk-wk> the dummy interface :)
[14:53] <rbasak> tdn: this stuff isn't really about what Ubuntu supports; it's what Linux supports. I'm sure there's a way to do what you need, but I'm not sure if you can do it without writing code. Others may be able to suggest something that just works.
[15:01] <patdk-wk> oh, this is the multible ip's per dhcp nic thing
[15:01] <patdk-wk> there is a way to do that, I helped someone a few months ago
[15:01] <patdk-wk> but I don't remember and didn't really care for it, so dunno how it happened
[15:14] <koolhead17> Daviey: keystone is getting installed now :)
[15:14] <koolhead17> bug needs to be closed i suppose
[15:14] <koolhead17> hey zul
[15:14] <zul> koolhead17: hi
[15:16] <zul> jdstrand: fyi keystone mir updated
[15:18] <jdstrand> zul: ack
[15:28] <uvirtbot`> New bug: #947183 in setserial (main) "package setserial 2.17-45.3ubuntu1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/947183
[16:42] <jdstrand> lynxman: hi! what is the status of the puppet 2.7.11 merge?
[16:42] <lynxman> jdstrand: it was merged back by SpamapS
[16:43] <jdstrand> lynxman: ah, perfect :)
[16:43] <jdstrand> I see it now
[16:43] <jdstrand> SpamapS, lynxman: thanks! :)
[16:46] <SpamapS> jdstrand: np :)
[16:46] <SpamapS> and really I just synced it.. :)
[16:57] <jdstrand> zul: I'm curious about your change to python-eventlet to allow the tests to unconditionally pass. seems one of the criteria for main acceptance was that its test suite was enabled. is there more information on the failures? are you working on fixing them?
[16:57] <zul> jdstrand: its on the todo list for today
[16:57] <jdstrand> zul: excellent, thanks, then please ignore me :)
[16:57] <zul> jdstrand: consider it done ;)
[17:04] <axisys> Phinnay: so can you login as root?
[17:04] <Phinnay> nope, no root logon either
[17:04] <axisys> can you boot into recovery mode?
[17:05] <Phinnay> yes, if i use the CD, i can boot from there, mount / and get a prompt
[17:05] <Phinnay> i see all the files, etc... I just am not sure where to look to determine what is preventing logons from working...
[17:05] <axisys> without the cd, can you boot into single user moder ?
[17:05] <axisys> mode*
[17:06] <Phinnay> i've not tried that, trying now..
[17:08] <Phinnay> ok, selected recovery mode, its loading now
[17:09] <Phinnay> nope, it does the same thing
[17:10] <Phinnay> i am not using the user 'root',  that is disabled on the server for login as per ubuntu
[17:10] <Phinnay> at setup time, the user i created was 'localadmin' that is the account I tried
[17:11] <axisys> Phinnay: edit the grub with init=/bin/bash .. that should drop you into root
[17:11] <Phinnay> so, boot from the CD and mount / to do that?
[17:11] <axisys> no.. reboot and get hold of the grub
[17:12] <axisys> i think holding shift while booting gives the grub.. its been a while
[17:12] <Phinnay> ok, gotcha
[17:12] <axisys> is it lucid ?
[17:12] <Phinnay> 11.10
[17:12] <axisys> ok
[17:13] <axisys> might be grub2
[17:13] <Phinnay> it is grub2, am sure of that
[17:13] <axisys> k
[17:17] <Phinnay> where in the grub editor thingie do i add the init=/bin/bash?
[17:18] <axisys> I dont remember.. can you possibly paste it?
[17:20] <Phinnay> http://www.lphin.com/grub.png
[17:21] <Phinnay> here ya go
[17:21] <Phinnay> its in a VM cluster so cant really paste per se ;p
[17:21] <axisys> on the linux line
[17:23] <Phinnay> ok, that gave me a 'Kernel panic - not syncing: Attempted to kill init!'
[17:25] <axisys> remove the 'ro recovery nomodeset'
[17:25] <axisys> you want rw
[17:25] <axisys> you need to modify something
[17:26] <axisys> so remove the 'ro ..' part and add 'rw init=/bin/bash' there (without the quotes)
[17:26] <wonderman> can someone tell me if this module is needed in apache? modsetenvif
[17:26] <axisys> wonderman: probably a question for #httpd
[17:26] <wonderman> not when its default ubuntu setup
[17:27] <wonderman> they always tell me 'goto #yourdistrohere'
[17:27] <wonderman> so here i am
[17:27] <wonderman> i think its a module enabled by default on ubuntu server, but not other OS's
[17:27] <wonderman> or distros rather
[17:28] <axisys> dis2mod (?) and try restart apache .. but #httpd guys are the expert
[17:29] <axisys> a2dismod*
[17:29] <wonderman> i know howot disable, im asking why/if they are needed, many modules by default
[17:29] <wonderman> authz for example
[17:29] <wonderman> mod_reqtimeout
[17:29] <wonderman> that module rendered the web server unusable ^
[17:30] <Phinnay>  this is my grub with that init= thinger: http://www.lphin.com/grub.png
[17:30] <Phinnay> and i got the same kernel panic error
[17:31] <Phinnay> eep. change that file to grub2.png
[17:31] <Phinnay> sorry
[17:32] <axisys> http://www.lphin.com/grub2.png <-- not found
[17:32] <Phinnay> arrghghhh grub1.png
[17:32] <Phinnay> im a doof
[17:33] <axisys> you need rw as well
[17:33] <axisys> `rw init=/bin/bash'
[17:34] <Phinnay> ok, added the rw, booting now
[17:34] <Phinnay> same kernel panic
[17:35] <axisys> boot from CD .. mount the root partition to /mnt and then chroot /mnt and then give root a password .. make sure shell path is correct and then reboot
[17:35] <axisys> you could pastebin the kernel panic as well..
[17:36] <Phinnay> cant copy / paste out of a vsphere
[17:36] <uvirtbot`> New bug: #947309 in ipsec-tools (main) "racoon phase 2 negotiation fails with Win Vista/7" [Undecided,New] https://launchpad.net/bugs/947309
[17:39] <Phinnay> ok, so all mounted
[17:40] <Phinnay> to give root a password i make the edits in the /etc/passwd file?
[17:40] <axisys> passwd root.. since you chrooted
[17:40] <Phinnay> right
[17:40] <Phinnay> ok, done
[17:40] <axisys> sync
[17:41] <Phinnay> typed 'sync', got another # prompt, no errors
[17:41] <axisys> good
[17:41] <axisys> grep root /etc/shadow
[17:41] <axisys> do you see a encrypted passwd there?
[17:42] <axisys> just to make sure
[17:42] <Phinnay> yep!
[17:42] <axisys> you are in chroot env .. right?
[17:42] <Phinnay> i belive so
[17:43] <axisys> ok.. otherwise you did not change the root passwd .. :-)
[17:43] <axisys> reboot and you should be able to login as root
[17:43] <Phinnay> i did the same grep command for one of my local users on this server and it came back with a simalar looking entry so i know im on the hdd filesystem
[17:44] <axisys> ok
[17:44] <stgraber> hallyn: around?
[17:45] <hallyn> stgraber: yup
[17:45] <stgraber> hallyn: do you already have a fix for LXC not working with the current kernel?
[17:45] <stgraber> [13879.309454] type=1400 audit(1330969466.790:35): apparmor="DENIED" operation="mount" parent=26752 profile="/usr/bin/lxc-start" name="/usr/lib/lxc/root/" pid=26791 comm="lxc-start" src_name="/home/stgraber/data/vm/lxc/containers/precise-i386/rootfs/" flags="rw, rbind"
[17:45] <hallyn> stgraber: no
[17:45] <hallyn> stgraber: I'm trying to amke it work with the *old* kernel right now
[17:46] <hallyn> (so we can get an 0.8.0 release)
[17:46] <Phinnay> ok, tried to log in as root, it did not say Access Denied as it did before we did this
[17:46] <Phinnay> but it still did the same thing with returning me right to the prompt
[17:46] <hallyn> stgraber: I guess until the real rules come, we need a "allow all mounts" sort of rule
[17:46] <axisys> your shell might not be working
[17:46] <stgraber> yeah, I'm trying to figure out the right way of setting that :)
[17:47] <hallyn> jjohansen: ^ where is a url describing the apaprmor mount rule syntax?
[17:47] <stgraber> jjohansen: how do we allow all mounts? (a quick grep through the man didn't help)
[17:47] <jjohansen> stgraber: mount,
[17:47] <axisys> mount back with cd.. and see if root shell is working
[17:47] <axisys> init=/bin/bash gives panic might indicates bad shell.. not sure
[17:48] <Phinnay> www.lphin.com/login.png
[17:48] <Phinnay> so you have a visual of whats goin on
[17:49] <axisys> not quite :-) .. but i think you need to fix at least root's shell for a start
[17:49] <axisys> mount the root partition in /mnt
[17:49] <stgraber> jjohansen: /sbin/apparmor_parser is stuck at 99% of CPU parsing the profile if I add "mount"
[17:50] <stgraber> jjohansen: http://paste.ubuntu.com/870223/
[17:50] <axisys> then find the shell root is using
[17:50] <axisys> and then run the shell .. see if it is working
[17:50] <axisys> brb
[17:50] <jjohansen> stgraber: really :(,  try mount /**,
[17:51] <stgraber> jjohansen: that one worked apparently (at least /etc/init.d/apparmor reload finished in a few seconds)
[17:52] <Phinnay> so, in rescue mode, i have the options 'execute a shell in /dev/appserver/root' and 'execute a shell in the installer environment'
[17:52] <stgraber> or not ...
[17:52] <stgraber> [14336.219686] type=1400 audit(1330969923.894:76): apparmor="DENIED" operation="mount" parent=27585 profile="/usr/bin/lxc-start" name="/usr/lib/lxc/root/" pid=27604 comm="lxc-start" src_name="/home/stgraber/data/vm/lxc/containers/precise-i386/rootfs/" flags="rw, rbind"
[17:52] <stgraber> jjohansen: ^
[17:52] <Phinnay> wich one would be best?
[17:53] <jjohansen> stgraber: hrmm, something is out of sync.  Try mount /** -> /**,
[17:55] <jjohansen> hallyn: http://wiki.apparmor.net/index.php/AppArmor_Core_Policy_Reference#Mount_rules
[17:55] <hallyn> thx
[17:55] <jjohansen> it hasn't been updated with the full docs but it should cover the basics
[17:56] <jjohansen> stgraber: there should be a new upload of the userspace today with some bug fixes
[17:58] <jjohansen> hallyn, stgraber: also for capability you should be able to just use
[17:58] <jjohansen>   capability,   # allow all capabilities
[17:58] <jjohansen> and then if you want to not allow a specific one
[17:58] <jjohansen>   deny capability X,
[17:59] <stgraber> jjohansen: ok, /** -> /** doesn't work either...
[17:59] <stgraber> jjohansen: oh, that's really nice!
[18:00] <jjohansen> stgraber: those are compiling and loading but failing to allow correct?
[18:01] <stgraber> jjohansen: yep
[18:01] <jjohansen> stgraber: actually you should be able to do that with file to but there is a bug there, that I need to track down.  That is
[18:01] <jjohansen>   file,
[18:01] <jjohansen> should give all permissions
[18:21] <jjohansen> stgraber: so I have duped, and traced down to the code that is failing, will see if we can't get this fixed in todays upload
[18:21] <stgraber> jjohansen: cool, thanks
[18:21] <Phinnay> (axisys): let me know when ya get back :D
[18:21] <Phinnay> ls
[18:23] <SpamapS> lynxman: you working on those changes we talked about to rabbitmq-server ?
[18:23] <adam_g> zul: did that ec2-fixes.patch get merged into nova yet?
[18:23] <zul> adam_g: dont think so
[18:23] <zul> adam_g: i been dealing with trying to get libvirt-console patch upstream
[18:24] <adam_g> zul: if that looks like an uphill battle, it might be easier to add a periodic task to nova that truncates console logs
[18:25] <adam_g> zul: i actually DOS'd myself over the weekend without that libvirt patch :)
[18:25] <zul> adam_g: yeah i suggested logrotate but apparently its not the "correct fix"
[18:25] <lynxman> SpamapS: yes, there's more changes than I foresaw, the config syntax has been changed again and also the init.d file has been completely revamped from scratch
[18:25] <adam_g> zul: is there something in gerrit atm for the console stuff?
[18:26] <zul> adam_g: not yet working on it now though
[18:26] <SpamapS> lynxman: which explains why Thomas saw the regression.. bummer.
[18:26] <uvirtbot`> New bug: #947342 in euca2ools "euca-describe-instances  should have additional fields in output" [Undecided,New] https://launchpad.net/bugs/947342
[18:26] <lynxman> SpamapS: yeah also added some extra checks in the control file
[18:37] <axisys> Phinnay: execute a shell in /dev/appserver/root
[18:44] <zul> adam_g: https://review.openstack.org/#change,4932
[18:50] <adam_g> zul: Patch Set 1: Abandoned ?
[18:50] <zul> adam_g: yeah made a typo
[18:50] <adam_g> zul: also you have the original review for robbies original patch?
[18:50] <zul> adam_g: https://review.openstack.org/#change,4932
[18:51] <Daviey> zul: why did you abandon?
[18:51] <zul> Daviey: typo in one of the tests
[18:51] <Daviey> zul: again, why did you abandon ?
[18:52] <zul> Daviey:  typo in nova/tests/test_utils.py
[18:52] <Daviey> zul: I think you are missing the question, you do know that you can re-push to the same topic, right?
[18:52] <adam_g> zul: found it. https://review.openstack.org/#change,706
[18:53] <zul> Daviey: really?
[18:53] <adam_g> zul: there are some concerns in there that will block the patch again, i think
[18:53] <Daviey> zul: i hope you are not being serious.
[18:54] <zul> Daviey: im not i dont know why i abandoned it
[18:54] <zul> adam_g: yes unfortunately
[18:59] <adam_g> zul: for the patches we're currently carrying (specifically the console fifo and the ec2-fixes.patch), moving forward can we do all refreshes in lp:~openstack-ubuntu-testing/$foo/essex and sync the most recent versions into ~ubuntu-server-dev/$foo/essex on upload day? we should ideally have a test case for each one to ensure the patch still does what its supposed to, i can try to come up with one for each of those 2 patches
[19:00] <adam_g> zul: i think the two of us refreshed console patch in the other branch at different times, and there were merge conflicts at build
[19:01] <zul> adam_g: sure
[19:02] <adam_g> zul: hopefully we wont be carrying those for much longer, but i think that is a good way to ensure we're not carrying a busted patch for any of the projects
[19:02] <zul> adam_g: ack
[19:06] <adam_g> zul: oh, FYI we're now running CI on KSL
[19:07] <adam_g> Daviey: ^
[19:07] <zul> adam_g: sweet...daviey uploaded your keystone fix this morning
[19:08] <Daviey> adam_g: sweet
[19:10] <koolhead17> SpamapS, hi
[19:11] <Phinnay> oooooohh, ok
[19:11] <Phinnay> so, mounted, went to execute bash, and got the same 'segmentation fault' messages i was seein in the boot log
[19:12] <Phinnay> looks like bash is corrupt somehow o.o
[19:12] <Phinnay> strace came back with some stuff, but i dont know how to read it...
[19:14] <koolhead17> zul, there is another bug with dashboard https://bugs.launchpad.net/horizon/+bug/947118
[19:15] <uvirtbot`> Launchpad bug 947118 in horizon "Horizon package on Precise throws warning during installation" [Undecided,New]
[19:15] <zul> koolhead17: k ill have a look
[19:18] <adam_g> zul: did you already merge https://review.openstack.org/#change,4932 into ~ubuntu-server-dev?
[19:19] <zul> adam_g: not yet
[19:19] <adam_g> zul: where did libvirt_console_buffer flag come from? :)
[19:20] <zul> adam_g: ergh...
[19:20] <zul> effing hell
[19:20] <adam_g> zul: theres syntax errors in there, btw
[19:20] <zul> adam_g: yeah its fixed in my tree sorry about that
[19:22] <adam_g> zul: well i guess that explains the merge conflicts
[19:34] <kieppie1> hi guys. are there any details available re virt for the upcoming 12.04 release? I'm thinking of re-installing my new host once it's released, and I'd like to know what to expect. I saw "openstack" as an option when I installed a desktop beta
[19:37] <Phinnay> ;
[19:43] <zul> adam_g: the lxc console changes got merged as well so it needs to take that into account now as well
[20:02] <uvirtbot`> New bug: #947424 in python-boto (main) "boto/utils.py makes use of boto.provider, but doesn't import it" [Undecided,New] https://launchpad.net/bugs/947424
[20:06] <axisys> Phinnay: do you have sh ?
[20:06] <axisys> may be /sbin/sh or /bin/sh
[20:07] <Phinnay> im checking now - was just researching this a bit...
[20:07] <axisys> grep root /mnt/etc/passwd ?
[20:09] <Phinnay> yeahhh
[20:09] <Phinnay> this is weird, for the root user, its set as /bin/bash
[20:09] <Phinnay> for everything else, its set as /bin/sh
[20:10] <axisys> grep root /mnt/etc/passwd ?
[20:10] <Phinnay> that comes up listing /bin/bash
[20:11] <axisys> ok .. run /mnt/bin/bash .. and tell me what happens
[20:11] <Phinnay> it says segmentation fault
[20:12] <axisys> how about run just bash ?
[20:12] <Phinnay> same thing
[20:12] <axisys> run which bash
[20:12] <Phinnay> came back with /bin/bash
[20:13] <axisys> ls -ld /bin/bash
[20:13] <axisys> and ls -ld /mnt/bin/bash
[20:15] <Phinnay> www.lphin.com/ls.png
[20:15] <axisys> ls -ld /mnt/bin/bash /
[20:16] <axisys> ls -ld /mnt/bin/bash ?
[20:16] <Phinnay> i am booting from the CD and using the root partition directly, so no /mnt
[20:16] <axisys> 15:11:31 < axisys> ok .. run /mnt/bin/bash .. and tell me what happens
[20:16] <axisys> 15:11:52 < Phinnay> it says segmentation fault
[20:16] <axisys> how did you run that /mnt/bin/bash ?
[20:17] <Phinnay> i didnt, i changed it to /bin/bash
[20:17] <Phinnay> because no mounting
[20:17] <axisys> that is not what I asked
[20:18] <axisys> mount root partition of the disk to /mnt
[20:18] <Phinnay> ok
[20:19] <axisys> i have to run.. fix your bash.. copy it from cdrom
[20:20] <Phinnay> just copy the bash file?
[20:20] <Phinnay> like, /bin/bash ?
[20:33] <angel282>  Does anyone familiar with the zend optimizer? I have Ubuntu 10.04 lucid, and I cant get it to work?  I've searched google and I found many posts that said optimizer not support php 5.3? any idea?
[20:34] <Daviey> smoser: can you triage bug 947424, before i upload please? ;)
[20:34] <uvirtbot`> Launchpad bug 947424 in python-boto "boto/utils.py makes use of boto.provider, but doesn't import it" [Undecided,New] https://launchpad.net/bugs/947424
[20:35] <smoser> before you upload it ?
[20:36] <smoser> Daviey, i'm confused
[20:37] <Daviey> smoser: Can you confirm that the correct fix is to add "import boto.provider" ?
[20:38] <zul> Daviey: i just fixed up the console stuff that i been working on ill push it tonight
[20:39] <smoser> it sure looks like it to me, Daviey
[20:39] <smoser> is there an upstraem bug ?
[20:39] <Daviey> smoser: thanks, yes
[20:39] <Daviey> https://github.com/boto/boto/issues/614
[20:39] <zul> Daviey: the lxc console stuff got merged so ill have to remerge it
[20:40] <Daviey> smoser: sadly, LP won't allow you to use github as an upstream tracker
[20:40] <smoser> yeah.
[20:40] <smoser> i just treid
[20:40] <Daviey> Seems github isn't popular enough to warrant supporting it
[20:40] <Daviey> Sourceforge FTW.
[20:44] <kieppie1>  hi guys. are there any details available re virt for the upcoming 12.04 release? I'm thinking of re-installing my new host once it's released, and I'd like to know what to expect. I saw "openstack" as an option when I installed a desktop beta
[20:44] <smoser> Daviey, yeah, that looks like a reasonable fix.
[20:44] <smoser> i added a reproduce to your bug report
[20:45] <Daviey> thanks smoser
[20:46] <mok0> I am wondering how to set the hostname of my mailserver, which is connected via portforwarding from my internet router
[20:46] <Daviey> zul / adam_g: Can you confirm the PPA's used for those wanting to try pre-uploaded openstack?
[20:46] <Daviey> ie, post jenkins?
[20:48] <mok0> should I just pretend that the machine is directly on the internet?
[20:48] <zul> Daviey: that is done the tarball script uploads to the local openstack-ci archive at the same time its uploaded to the ppa iirc
[20:49] <adam_g> Daviey: https://launchpad.net/~openstack-ubuntu-testing/+archive/openstack-trunk-testing
[20:50] <adam_g> Daviey: that lags behind whats been recently tested, depending on build queue
[20:55] <wonderman> can someone please tell me if in ubuntu SYN cookies are disbaled or enabled by default ?
[20:57] <jpds> wonderman: Enabled.
[20:58] <jpds> wonderman: See: /etc/sysctl.d/10-network-security.conf
[20:58] <wonderman> net.ipv4.tcp_syncookies = 1
[20:58] <wonderman> that is in the normal config
[20:58] <Daviey> adam_g: right, perfect!
[20:58] <wonderman> should it be in both places?
[20:59] <adam_g> Daviey: keep in mind now is probably not the greatest time to install from there
[20:59] <supremo13> I have a Ubuntu Server 8.04 running BIND. If I upgrade to 10.04 will my server retain the BIND configs?
[21:00] <EvilResistance> !8.04
[21:00] <EvilResistance> ah
[21:00] <EvilResistance> supremo13, it should, afaik it doesnt purge your configs
[21:00] <EvilResistance> but you might want to back up the configs first
[21:00] <EvilResistance> as a precaution
[21:01] <Daviey> adam_g: right, but once we clear up the process, it should be pretty good throught the cycle
[21:01] <supremo13> Thanks!!
[21:02] <adam_g> Daviey: well, packages get upload there after a succesful build, not after a deploy/testrun
[21:02] <Daviey> adam_g: ah, good point.. we might benefit from a 'known reasonably good' ppa
[21:03] <adam_g> Daviey: thats kinda tricky because theres so many variations of packages being built for every test run, i think we could only reasonably do that with a nova ppa, since thats what we use to trigger deployment tests
[21:03] <adam_g> Daviey: er, ..so many variations of packages being deployed for every test run
[21:04] <Daviey> adam_g: I want a place where people can get the latest crack, before it's hit the archives, and be of reasonable standard
[21:04] <Daviey> Have ideas?
[21:05] <adam_g> Daviey: once we have this process in shape, we can build nightly/hourly/per-commit packages on changes to ubuntu-server-dev branches. that is, if we keep ubuntu-server-dev branches up to date regularly instead of before an upload
[21:07] <zul> Daviey: why not something like nightlies
[21:08] <zul> with using sourece package reciepes
[21:09] <xr600> Hi... Anybody here with a good load of experience on Ubumtu's support for hibernation on various HW-confifurations ?
[21:09] <Gran> Hi, everyone! Could someone help me to figure out where is the problem: I'm trying to configure L2TP/IPSec on my Ubuntu Server 11.04 as described at http://blog.riobard.com/2010/04/30/l2tp-over-ipsec-ubuntu and when I'm running command: "sudo /etc/init.d/ipsec restart", it says: "openswan failed to exec the requested action - the following error occurred:" and no error code is given?
[21:10] <Daviey> zul: ooo, good thinking!
[21:28] <Gallomimia> after upgrading the server with do-release-update the /boot partition is full. what commands can i run to purge the system of these old kernel releases?
[21:29] <cereal> can i run a v4 and v6 on isc-dhcp-server ?
[21:29] <cereal> want to setup radvd to tell my clients to request an ipv6 address ;)
[21:30] <cereal> previously I had to run two instances to do so
[21:30] <cereal> one for v4 and one for v6
[21:33] <zul> Daviey: you'll have to make sure the bzr mirror for the projects in up to date though
[21:33] <Daviey> zul: right!
[21:56] <Aison> hello
[21:56] <Aison> after a reboot today my ubuntu server no longer creates the bonding devices
[21:56] <Aison> very strange
[21:56] <Aison> I have to use ifenslave by hand multiple times until it is created
[21:57] <Aison> Loading kernel module for a network device with CAP_SYS_MODULE (deprecated).  Use CAP_NET_ADMIN and alias netdev-bond0 instead
[22:08] <Spanky99> If anybody could give me a simple and clean recommendation of hardware and software with minimal amount of fuss for a UPS battery backup solution for Ubuntu 10.04 Server (running Zentyal) let me know.
[22:08] <Spanky99> I have some old APC Back-UPS 1000/1100's with the "dumb" serial cable.  Looks like a complete pain in the !@#$ from what I've read.  Will happily buy another unit that is easier to hook up and has "plug and play" software in the repositories...
[22:58] <rbasak> Spanky99: good question. The nut package might be a good place to start. There's a compatibility list here: http://www.networkupstools.org/stable-hcl.html. But I'm not sure about Lucid support (though there is a package in main for Lucid), or if there's a better supported solution.
[22:59] <JanC> Spanky99: dumb serial cables can't provide plug'n'play, but newer USB ones should
[22:59] <rbasak> Spanky99: I don't have any experience with UPS management software for Linux myself, apart from with apcupsd from around ten years ago. But I do know that nut exists.