/srv/irclogs.ubuntu.com/2012/03/14/#ubuntu-server.txt

Zx432	Hi	00:08
Zx432	I tried to set a server but now I have a loopback. I have a Local loopback. The server is plugged in my router, since I only want it for internal use it shouldn't be a problem.	00:09
Zx432	Anyone here? :)	00:14
l0n	Zx432, Not sure what you mean, what are you trying to do?	00:17
Zx432	I was setting up a home srever	00:17
Zx432	It should be basically my first server, It is plugged in my router and has no internet acces or any acess at all because of the loopback.	00:18
twb	l0n: I think he's trying to do something relating to networking, and is getting an 169.172/24 address from avahi. Or possibly he's looking at "scope local" on an iface address.	00:19
twb	Zx432: what you're saying doesn't make any sense.	00:19
Zx432	ifconfig -a gives me:	00:20
l0n	twb, that does idd sound reasonable	00:20
twb	Zx432: do not use ifconfig.	00:20
Zx432	ok	00:20
twb	Zx432: pastebin the output of "ip r", "ip a" and /etc/network/interfaces.	00:20
qman__	Zx432, there is always a loopback adapter	00:21
qman__	it has nothing to do with your ability to get to the internet	00:21
Zx432	ok	00:21
Zx432	but I still cant ping anythinng.	00:21
Zx432	I hope it is clear I am talking about another computer.	00:22
qman__	that's fine, but it has nothing to do with the loopback adapter, you need to configure your interface, and verify that one is even loading in ifconfig -a or ip a	00:22
Zx432	ok	00:22
Zx432	how?	00:22
qman__	in ifconfig -a, you will see blocks of information for each adapter which is configured	00:23
qman__	there will always be a lo0	00:23
qman__	beyond that, you should have an eth0, or eth1, or ath0, or wlan0, etc	00:23
qman__	if you don't, that means you've got driver issues or hardware issues	00:23
qman__	if you do, it's simply not configured	00:23
Zx432	what is lo?	00:29
l0n	lo = loopback	00:29
Zx432	It is te only thing showing	00:29
Zx432	So it is a driver problem?	00:29
twb	Zx432: lspci -nn \| grp net	00:30
twb	*grep net	00:30
Zx432	It tells me the name of the card.	00:32
Zx432	What do the numbers mean?	00:33
twb	That's the PCI ID.	00:33
twb	You can enter it into the kmuto.jp HCL page to find out if it's supported	00:33
twb	If it isn't showing up in "ip a" then it probably isn't	00:34
qman__	yeah, a google search of it will also help	00:34
qman__	if it's not supported, you'll likely find lots of other people having the same problem	00:34
twb	And lots of unhelpful "I cargo-culted this and it works OKish" comments...	00:34
uvirtbot	New bug: #954477 in swift (main) "swift config doesn't match upstart expectations" [Undecided,New] https://launchpad.net/bugs/954477	00:37
Zx432	Winbond electronics corp w89c940 first searches don't fill me with hope...	00:39
=== hggdh_ is now known as hggdh
=== guampa\|2 is now known as guampa
uvirtbot	New bug: #954632 in lxc (universe) "The -- option to lxc-start-ephemeral no longer works" [Undecided,New] https://launchpad.net/bugs/954632	01:21
=== Jasonn is now known as juicy
trimeta	I just realized that my 10.04 LTS server's been sitting around with the 2.32.35 kernel for while, when USN-1389-1 noted a number of serious security bugs that should have made me reboot.	02:14
trimeta	However, whenever aptitude told me to upgrade my kernel, I always checked the changelog to see if I actually needed to reboot into the server...all it says there is "Bump ABI."	02:15
trimeta	Shouldn't the changelog make some mention of "security bugs fixed," and set the urgency to something other than "low"?	02:15
patdk-lap	dunno about aptitude, but apt-get tells me those things	02:20
twb	trimeta: you hit C in aptitude to see the changelog?	02:22
trimeta	I mean, landscape (which is presumably fueled by aptitude gives me a message saying "N packages can be updated, M updates are security updates." when I log in, but it doesn't say which ones are which.	02:22
trimeta	twb: I typed "aptitude changelog linux-server"	02:22
twb	Either 1) you are looking at the meta package; or 2) there are multiple changelog entries since the current version, and you're only looking at the latest (first) one.	02:23
twb	FYI, there is an extra package you can install that lets aptitude boldify all the new changelog entries	02:23
trimeta	twb: I may be looking at the meta package...let me see if typing the full package name helps.	02:23
twb	Also apt-listchanges and apt-listbugs	02:23
* patdk-lap just doesn't bother, and updates on every kernel		02:23
twb	trimeta: the metapackage is built from a separate stub source package than the actual kernel itself -- this is a kernel-specific peculiarity, normal packages don't have that issue	02:24
trimeta	OK, aptitude changelog linux-image-2.6.32-39-server does give a more meaningful changelog; I'll need to remember that in the future.	02:24
trimeta	It still could be clearer here which of these updates are security-related.	02:25
twb	trimeta: in aptitude's GUI, it's a separate section	02:26
trimeta	I'm accessing the server over ssh; in fact, I don't have X installed on this thing.	02:26
twb	aptitude's GUI is an ncurses GUI	02:26
twb	(Well, it also has a GTK GUI now. Of course, you can tunnel X applications as long as there is an X server installed on your SSH client side.)	02:27
trimeta	I've never used aptitude's ncurses interface, actually...hmm, let's see what's here.	02:27
twb	http://paste.debian.net/	02:28
twb	Gah	02:28
twb	That pastebin hates screenshots with box chars in them :-/	02:28
twb	http://cyber.com.au/~twb/tmp.txt <-- screenshot	02:28
twb	http://paste.debian.net/159636/	02:29
trimeta	OK, so if I have security updates, they'd be there?	02:32
trimeta	I usually just update things using a script that runs "aptitude update && aptitude safe-upgrade".	02:32
twb	You might have unattended-upgrades installed and enabled	02:33
twb	In which case you wouldn't notice most of the time	02:33
trimeta	It's definitely installed...	02:33
trimeta	But I think it's disabled (no mention in /etc/apt/apt.conf.d/10periodic).	02:38
bearly230	Hello all. I was hoping you all could point me to a good guide for setting up an internet gateway using ubuntu 11.10.	02:47
uvirtbot	New bug: #954692 in nova (main) "cannot detach volume from terminated instance" [Undecided,New] https://launchpad.net/bugs/954692	03:35
=== DJ is now known as Guest63005
uvirtbot	New bug: #923426 in samba (main) "smbd crashed with SIGABRT in store_inheritance_attributes() (dup-of: 911680)" [Medium,New] https://launchpad.net/bugs/923426	05:01
uvirtbot	New bug: #927891 in samba (main) "smbd crashed with SIGABRT in store_inheritance_attributes() (dup-of: 911680)" [Medium,New] https://launchpad.net/bugs/927891	05:13
uvirtbot	New bug: #954721 in cloud-init (main) "90_dpkg_maas.cfg is world readable" [Undecided,New] https://launchpad.net/bugs/954721	05:16
variant	hi all, my local dhcp server is a little on the flakey side. is it possible to stop dhcpcd from deconfiguring the interface if the dhcp server dissapears for a few minutes?	05:41
brando753	what is the ideal way to load balance a drupal site between three servers, I feel rsync might be to slow if a new user signup and then redirected to a non-updated server	06:36
SpamapS	brando753: rsync doesn't do load balancing	06:40
SpamapS	brando753: you mean how do you keep shared files in sync?	06:40
brando753	no rsync to update content	06:40
brando753	between the servers and using round robin	06:40
SpamapS	the content should be in a database server	06:40
brando753	but that is not an ideal situation for me	06:40
brando753	SpamapS, video content	06:40
SpamapS	brando753: for video you want an object storage solution. I like MogileFS, CEPH, and Swift	06:41
SpamapS	dunno if drupal has built in support for any of those	06:41
brando753	Im using red5	06:41
brando753	but Im just trying to setup the main servers for load balancing	06:42
brando753	I dont want the database in one server incase something happens	06:42
twb	I thought all the cool kids used S3/EC2 for load balancing shite	06:42
twb	I know drbd is a huge fuckign pain	06:42
SpamapS	drbd is easy.. its the cluster managers like corosync/pacemaker that are a PITA	06:43
SpamapS	but manually switching drbds in a catastrophic failure scenario is easy	06:43
SpamapS	brando753: mysql has several ways to make it HA so you can put it on all 3 servers	06:44
SpamapS	brando753: I really like Galera for that..	06:44
SpamapS	brando753: http://codership.com/products/mysql_galera	06:44
twb	SpamapS: if you have a NOC monkey that isn't an idiot, I guess	06:45
twb	SpamapS: oh did I mention the customer also wanted to drbd the root fs	06:46
brando753	thanks I will check that out, how about for actual file synchronization? is rsync the best choice?	06:46
twb	SpamapS: so I was estimating how hard it would be to manage drbd from within the initrd...	06:46
twb	brando753: rsync is good at moving arbitrary data from one place to another.	06:46
twb	brando753: for code, you should be using VCS not rsync	06:46
twb	brando753: for RDBMSs, you should be using database-specific sync mechanisms	06:47
SpamapS	brando753: no, for videos it would be a bad choice	06:48
SpamapS	brando753: since they could take quite a while, and be missing for a long time	06:48
SpamapS	twb: drbd root is a bit silly	06:49
twb	SpamapS: yes well, customer was more than a bit silly	06:49
brando753	thanks I will check some of this out	06:49
SpamapS	brando753: use a distributed object store.. looks like red5 has some massively complicated way to do that.. http://trac.red5.org/wiki/Documentation/Clustering/EdgeOriginSolutiononTerracotta	06:50
koolhead17	adam_g: hi there	07:38
=== variant is now known as mrintegrity
mrintegrity	hi all, my local dhcp server is a little on the flakey side. is it possible to stop dhcpcd from deconfiguring the interface if the dhcp server dissapears for a few minutes?	07:58
_ruben	a dhcp server disapearing for a few minutes shouldn't cause any issues, unless you have insanely small lease expiration times	08:05
mrintegrity	_ruben: hmm, guess that could be the problem actually	08:06
mrintegrity	a typ	08:06
mrintegrity	a typo	08:07
twb	_ruben: or it happens to be when that least expires	08:10
twb	*lease	08:10
_ruben	that's why it should work like most ipsec implementations (not sure if that's the case currently with dhcp implementations): attempt to renew long before expiry and only deconfig when it fails to do so at expiry time	08:14
twb	Maybe it does; I am only guessing	08:16
_ruben	makes 2 of us then :)	08:16
_ruben	then again, the most obvious solution would be to fix the dhcp server	08:17
twb	Pfft, fix things? You must be new here	08:17
_ruben	:)	08:17
_ruben	breaking stuff does tend to be way easier	08:18
mrintegrity	_ruben: to be honest, I did fix the dhcp server and this is no longer a problem. my only consern is future dhcp server breakage causing unplanned downtime on the whole network because of this feature/miss configuration :)	08:22
mrintegrity	08:14 < _ruben> that's why it should work like most ipsec implementations ... I will test this	08:23
_ruben	i wonder if dhcp has seperate renew and expire lifetimes (like ipsec does), then you could set it to renew like every hour, but expire only after a day for instance. probably isn't the case though	08:25
diplo	Morning all	09:17
a_ok	I can stop mysql with service mysql stop. It gives a givea an error: stop: Method "Get" with signature "ss" on interface "org.freedesktop.DBus.Properties" doesn't exist. After that upstart is all messed up: start: Unknown job: mysql	09:19
twb	a_ok: why are you telling us?	09:21
a_ok	twb: how do I get to start mysql?	09:28
twb	Oh sorry, I thought this was #networking	09:29
twb	a_ok: it looks like it's pissed that dbus isn't running or some dbus backend magic isn't installed	09:30
twb	Or wait, are you root?	09:30
a_ok	yes i am	09:30
twb	"sudo stop mysql"	09:30
a_ok	twb: unknown job mysql...	09:31
twb	Is there an /etc/init/mysql.conf ?	09:32
a_ok	yes there is	09:32
twb	I am not convinced you're actually root	09:33
twb	It sure feels like you're not, from the symptoms	09:33
a_ok	twb: I am convinced I am root however I seem to have corrupted config. Weird that it would stop the first time though	09:36
twb	upstart might not reread the config file while the job is running	09:36
a_ok	twb: ah. that might explain it	09:38
a_ok	twb: I am trying to get a ulimit -n in there. it's in the pre-start now but not doing anyting	09:39
Jeeves_	A core dumping init... Should I worry? :)	09:49
lynxman	morning o/	10:02
koolhead17	hello lynxman	10:03
Jeeves_	http://imgur.com/8cePA	10:07
lynxman	koolhead17: ello!	10:08
jamespage	Daviey: poke rabbitmq	10:28
jamespage	morning BTW :-)	10:28
Daviey	jamespage: poke received	10:33
jamespage	gah	10:45
jamespage	bencer: around? lots of empty packages...	10:46
bencer	jamespage: yup	10:46
bencer	tell me	10:46
* jamespage hates cdbs for this		10:46
jamespage	so	10:46
jamespage	side effect of adding the transitional packages I'm afraid	10:47
bencer	didnt check the launchpad build, jacalvo uploaded that	10:47
jamespage	when cdbs builds a source package with a single binary package	10:47
jamespage	$(DEB_DESTDIR) points to debian/<BINARY_PKG_NAME>	10:48
jamespage	when it has multiple binary targets it points to debian/tmp	10:48
bencer	jamespage: what do you suggest to do in this case then?	10:49
jamespage	just thinking about it	10:49
jamespage	bencer, http://build-common.alioth.debian.org/cdbs-doc.html#id2550863	10:52
jamespage	Alternatively, write a packagename.install file listing: debian/tmp/*	10:53
pabelanger	Well, after testing yesterday. I'm happy with now nova and dbconfig-common are working together; uploading the patch to launchpad	10:53
jamespage	bencer: thats one way around it	10:53
jamespage	OR zbuildtools could be updated to target the right directory for the package.	10:54
bencer	ok, let me have a look at it	10:55
_ruben	Jeeves_: who needs init anyways ? :p	10:55
jamespage	bencer: I'm not looked yet but there could be a problem with upstart configuration getting installed into the transitional packages as well	10:56
bencer	ok, going to have a look at that too	10:56
jamespage	bencer: I'll do a quick local build to check now	10:57
jamespage	bencer: confirmed - both packages get all upstart configurations.	10:58
bencer	arr :-/ then maybe the easiest thing is to change zbuildtools?	10:59
Jeeves_	_ruben: Indeed. init is sooooooooo overrated :)	10:59
bencer	jamespage: going to have a look on a change on zbuildtools	11:04
jamespage	bencer: I think so	11:05
uvirtbot	New bug: #954915 in nova (main) "Add dbconfig-common support to nova" [Undecided,New] https://launchpad.net/bugs/954915	11:23
=== Xethron_ is now known as Xethron
pabelanger	ok, I have 2 merge requests up, 1 for the glance package and the other is for the nova package. Both add support for dbconfig-common. Reviewers wanted / welcome :)	11:32
uvirtbot	New bug: #954759 in php5 (main) "php5 10.04 LTS critical bug fixes" [Undecided,Invalid] https://launchpad.net/bugs/954759	11:51
chmac	logwatch is run from /etc/cron.daily/00logwatch on 3 hosts. On 2 hosts it runs at 5:25 and on one at 6:25, any idea why it's different on one host?	11:54
chmac	I've checked the time and timezone on all three hosts, the output of `date` is the same on all.	11:54
_ruben	chmac: have a look at /etc/crontab	12:00
chmac	_ruben: Strange, they're all identical. I did change the timezone after setting up the servers, I wonder if it needs to reboot to take effect. I just restarted the cron service, maybe that will resolve it.	12:01
chmac	The two hosts at 5:25 are actually running wrong, it's meant to run at 6:25, so I'll keep an eye on it, maybe reboot those nodes if necessary.	12:01
chmac	_ruben: Thanks for the feedback btw	12:19
rsajdok	what are the minimum required for the ubuntu 10.04.4 server I have vps with 128 ram. Is it enough memory space?	12:29
patdk-wk	non-vps it uses like 26megs	12:30
patdk-wk	so with vps, it should use less	12:30
=== smb` is now known as smb
=== marrusl_ is now known as marrusl
=== bladernr_afk is now known as bladernr_
rsajdok	patdk-wk: thanks	13:15
uvirtbot	New bug: #955070 in juju (universe) "charm getall stderr output" [Undecided,New] https://launchpad.net/bugs/955070	14:11
Cryp71c	Does ubuntu server still store the default runlevel in /etc/inittab ?	14:15
lynxman	I'm trying to run libvirt in precise but is spewing all kinds of errors http://pastebin.ubuntu.com/883276/	14:15
lynxman	Any idea where to start looking at?	14:16
Cryp71c	lynxman, its not much, but looks like a process which is supposed to pull hardware info is failing terribly. I'm unsure as to why its doing this or what a fix may be, a quick google turned this up as the page of the process in question: http://www.nongnu.org/dmidecode/	14:24
uvirtbot	New bug: #700146 in eucalyptus "The default configuration of httpd-cc.conf on the cluster controller is causing apache2 to write the /var/log/eucalyptus/cc.log* files incorrectly. Versions 1.62, 2.02 of eucalyptus-cc." [Undecided,New] https://launchpad.net/bugs/700146	14:30
lynxman	jamespage: so what would be better, reverse patch 2.7.11 or go to 2.7.12? Isn't too late at this height of the cycle to jump one version up?	14:30
jamespage	lynxman, hmm	14:31
* jamespage scratches his chin		14:31
lynxman	Daviey: ^^^ ??	14:33
jamespage	lynxman, bearing in mind the last few releases from upstream how do we feel about taking a whole new point release?	14:35
jamespage	has 2.7.11 proven a bit more stable?	14:35
jamespage	lynxman, anyone from puppetlabs/puppet devs around to help us make this decision?	14:37
lynxman	jamespage: I can ask stahnma later today	14:39
lynxman	jamespage: at this point we're pretty much high in the release cycle, the version should be stable	14:39
lynxman	should	14:39
jamespage	I agree	14:39
jamespage	so the patch makes more sense	14:39
jamespage	lynxman, whats the impact of not taking that patch	14:39
jamespage	I did not ask that in the MP	14:39
lynxman	jamespage: it reverts a newly introduced lock file mechanism	14:42
lynxman	jamespage: looks like it broke existing platforms running 2.7.x so it was decided to reintroduce it in 3.0 and drop it out 2.7.x	14:43
jamespage	lynxman, ack - fix it up and ill upload	14:43
lynxman	jamespage: thanks :)	14:43
lynxman	jamespage: will fix it right away	14:44
jamespage	lynxman, you might want to run 'update-maintainer' on that branch as well	14:44
jamespage	saves me typing it :-)	14:44
lynxman	jamespage: hehe will do	14:44
Daviey	lynxman: yeah, we can resolve that in euca	14:48
Daviey	Have a patch	14:48
lynxman	Daviey: cool	14:49
uvirtbot	New bug: #955110 in juju (universe) "juju should tell me that I'm not in libvirtd group when running juju bootstrap" [Undecided,Confirmed] https://launchpad.net/bugs/955110	14:53
uvirtbot	New bug: #955168 in lxc (universe) "lxc-start seems to reset properties of input devices" [Undecided,New] https://launchpad.net/bugs/955168	15:41
hallyn	stgraber: did you have any complaints about my manpages patch? if not i'll roll it into the package right now (along with a patch from gary_poster)	15:45
stgraber	hallyn: nope, I only briefly looked at it but it looked good	15:47
hallyn	ok, thanks.	15:48
stgraber	hallyn: btw, I have apparmor working fine here now but I'm not too sure what we should do with the profile to make it block what we want (moving /proc and /sys) while allowing everything else so we don't need to patch it every other week for other distros/versions/...	15:48
stgraber	hallyn: http://paste.ubuntu.com/883431/ is what I have now	15:48
hallyn	stgraber: well i think we want to allow tmpfs anywhere,	15:49
hallyn	restrict /proc and /sys to those locations,	15:49
hallyn	and refuse securityfs	15:49
hallyn	(and debugfs)	15:49
hallyn	and maybe add a comment (or a conditional if possible?) to just allow all mounts	15:49
hallyn	stgraber: what you have now works with current kernel and apparmor userspace?	15:50
hallyn	or still waiting on pushes?	15:50
stgraber	hallyn: you need a new parser and kernel	15:50
hallyn	if it works, i can just stage my changes in ubuntu:lxc and let you update?	15:50
hallyn	ok	15:50
stgraber	12:44 <@jjohansen> people.canonical.com/~jj/linux-image-3.2.0-18-generic_3.2.0-18.29_amd64.deb	15:50
stgraber	12:44 <@jjohansen> people.canonical.com/~jj/apparmor_parser	15:50
stgraber	hallyn: ^	15:50
stgraber	hallyn: blocking debugfs and securityfs caused mountall to fail in an interesting way for me, we might need to patch it to deal with apparmor denying the mount	15:53
stgraber	hallyn: or allow these fs only at the "right" location and then deny access to the content	15:54
hallyn	i guess the latter is ok	15:54
hallyn	can we let lxc-start mount it, and deny the container mounting it?	15:54
hallyn	(i.e. if it's mounted will mountall ignore it)	15:54
stgraber	yeah, if it's mounted mountall won't touch it	15:55
hallyn	I guess our existing restrictions already refuse writes to those, so it's not a big deal either way	15:56
hallyn	but the advantage of having the host mount it is that it keeps the contaienr policy easier to understand	15:56
hallyn	disadvantage, we need to update contaienr fstab in templates	15:57
hallyn	stgraber: meanwhile, shoudl i push the two fixes i have, or do you have something else to stage today?	15:57
stgraber	hallyn: push what you have, the apparmor changes still depend on having some other bug fixed in apparmor and new userspace + kernelspace upload	15:58
hallyn	kthx	15:58
stgraber	hallyn: what was the reason for blocking /sys/fs/fuse/connections/ ?	16:04
hallyn	<shrug> fuse is scary? :)	16:05
hallyn	i don't know the fuse api. i just don't want the containers being able to muck with the kernel through the fuse stuff	16:05
hallyn	if everything under /sys is safe, then we can remove that.	16:05
hallyn	(but i have my doubts)	16:05
stgraber	hallyn: don't we allow /dev/fuse already?	16:07
hallyn	yes but /dev/fuse is world writeable	16:07
hallyn	looking at /sys/fs/fuse on my laptop i guess it looks ok	16:08
hallyn	how do you register a new fuse handler?	16:08
hallyn	(that's what i want a container to be refused)	16:08
hallyn	does that require a modprobe?	16:08
stgraber	apparently when creating a new fuse mount through /dev/fuse a new entry appeares in /sys/fs/fuse/connections/	16:08
stgraber	owned by the user owning the mount	16:08
hallyn	so the only problem is a privacy one with root in container seeing info for user on host	16:09
stgraber	so in my case I see an entry in /sys/fs/fuse/connections/ that's owned by my user (500 for directory and some files at 600 in there)	16:09
hallyn	well i did an sshfs mount, and don't see anything bad there	16:10
stgraber	hallyn: well, currently it can access it, it just can't write to it	16:10
hallyn	so container could do a DOS with max	16:10
hallyn	max_connections	16:10
hallyn	but that's it	16:10
hallyn	and i don't thin it needs to write to it :) but near as I can tell it's not bad if it can	16:11
hallyn	you know, compared to other stuff it can do :)	16:11
stgraber	I guess I'm fine keeping it read-only for now and allowing read/write when we have a bug report, does that sound good?	16:12
hallyn	yup	16:13
hallyn	stgraber: i'm about to turn back to qemu and libvirt bugs. do you want me to be testing the apparmor stuff right now instead, or are you ok fleshing that out still?	16:14
hallyn	(i wonder if anyone would notice that there isn't a lxc-clone manpage...)	16:14
stgraber	hallyn: I'm working a bit on it now, will need jjohansen's help on a mount weirdness though	16:15
stgraber	hallyn: one more question, shouldn't we deny /proc/sys/fs/**?	16:15
stgraber	hallyn: mostly thinking of /proc/sys/fs/binfmt_misc/	16:15
stgraber	hallyn: oh, we do, sorry, I'm blind :)	16:17
stgraber	hallyn: nice side-effect of apparmor: [ 9736.120788] type=1400 audit(1331742393.327:650): apparmor="DENIED" operation="mount" info="failed type match" error=-13 parent=8952 profile="/usr/bin/lxc-start//lxc_container" name="/" pid=8964 comm="mount" flags="ro, remount"	16:26
hallyn	ah yes. i was hoping for that, and have bugged poor jjohansen like 20x over the last 2 months asking whether that would happen :)	16:32
hallyn	\o/	16:32
hallyn	heck now we could drop the rootfs.pin file... so ppl coudl stop asking me to put text in there	16:32
hallyn	(but as i'm sure ppl will be dsiabling apparmor in some cases, better not)	16:33
stgraber	hallyn: http://paste.ubuntu.com/883514/	16:36
stgraber	hallyn: with the FIXMEs fixed, I think I'll be happy to use that for precise	16:36
lynxman	hallyn: hey hallyn, I see you uploaded a new version of libvirt that solves a couple issues, it's not still on the archive but installing from scratch the previous one I have this problem http://pastebin.ubuntu.com/883276/ have you seen this before?	16:37
pabelanger	Quick question, I've posted a few merge request for nova and glance (OpenStack), I'm unsure if I have set them up to notify the properly people; I have not heard much feed back yet. Its only been a day, but want to make sure I did the review properly	16:38
adam_g	pabelanger: where did you propose the merges?	16:41
uvirtbot	New bug: #955231 in mysql-dfsg-5.1 (main) "Unable to install sympa during debian-installer" [Undecided,New] https://launchpad.net/bugs/955231	16:41
pabelanger	adam_g: bug 954915 and bug 953093 have each being linked to the merge request	16:42
uvirtbot	Launchpad bug 954915 in nova "Add dbconfig-common support to nova" [Undecided,New] https://launchpad.net/bugs/954915	16:42
uvirtbot	Launchpad bug 953093 in glance "Add dbconfig-common support to glance" [Undecided,New] https://launchpad.net/bugs/953093	16:42
azertyu	hello	16:42
azertyu	my system reboot 3 times per day	16:42
azertyu	i got this error : [kern.info] kernel Copyright (C) 2004 MontaVista Software - IPMI Powerdown via sys_reboot.	16:43
azertyu	on my log	16:43
EvilResistance	azertyu: is your system a VPS?	16:43
azertyu	correct	16:43
EvilResistance	i'd assume the hardware node went down for updates/upgrades	16:43
EvilResistance	sys_reboot might be being called from the hardware node	16:44
adam_g	pabelanger: oh nice. would you mind redirecting the proposals to lp:~ubuntu-server-dev/nova/essex and lp:~ubuntu-server-dev/glance/essex ?	16:44
EvilResistance	thereby signaling to the VPSes to shutdown, and come back up after the upgrades	16:44
pabelanger	adam_g: Okay sure, did I link to the wrong branches?	16:44
hallyn	stgraber: hm. should all regular block devices be allowed to be mounted in contaienrs you think?	16:45
hallyn	or should we make that configurable?	16:45
adam_g	pabelanger: well, we do all the packaging work in the ubuntu-server-dev branches, and then merge into the lp:ubuntu/precise/ branches. im not sure if theres a way to make that more obvious, so sorry if its unclear.	16:45
hallyn	I think ppl will complain about it being denied. But certainly a bad FS risks corrupting the host	16:46
pabelanger	adam_g: Okay	16:46
hallyn	lynxman: looking	16:46
adam_g	pabelanger: proposals to the ubuntu-server-dev get run thru the openstack CI testing before uploading to ubuntu	16:46
hallyn	lynxman: no, that's new to me	16:47
stgraber	hallyn: I'm guessing most people would do that through the fstab outside of the container to avoid giving access to the block device	16:47
stgraber	hallyn: doing so will be allowed by my current profile	16:47
stgraber	(as lxc-start can mount anything it wants to /usr/lib/lxc/root/**)	16:47
hallyn	stgraber: ok. perhaps the server guide should give guidance on that	16:47
stgraber	hallyn: probably a good idea indeed	16:47
hallyn	(but i've sent the merge requerst so that'll have to wait)	16:47
stgraber	hallyn: we definitely shouldn't recommend allowing block devices in the lxc config, it's much easier to have lxc-start mount them	16:48
hallyn	stgraber: thanks for getting the policy working!	16:48
stgraber	hallyn: np, just need to nag jjohansen some more, have the parser fixed (or my profile) and get all that in the archive	16:48
lynxman	hallyn: it's very weird indeed ./	16:49
azertyu	anyone ?	16:50
azertyu	i got this error : [kern.info] kernel Copyright (C) 2004 MontaVista Software - IPMI Powerdown via sys_reboot.	16:50
hallyn	lynxman: i've seen it before apparently https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/922628	17:01
uvirtbot	Launchpad bug 922628 in libvirt "virbr0 not created at startup" [Medium,Invalid]	17:01
lynxman	hallyn: ooh :)	17:01
lynxman	hallyn: so it just happened on a new VM here	17:01
lynxman	hallyn: interesting... anything you want me to check on the system? I rebooted it twice with the same result	17:02
hallyn	lynxman: still the internal error Child process (/usr/sbin/dmidecode -q -t 0,1,4,17) status unexpected: fatal signal 15 has me wondering if something else is causing the root problem	17:03
Ng	/4/	17:04
Ng	6/	17:04
hallyn	lynxman: what does '/sbin/iptables -L -t nat' show?	17:07
lynxman	hallyn: http://paste.ubuntu.com/883568/	17:08
hallyn	lynxman: is that with libvirt sucessfully restarted?	17:09
hallyn	lynxman: waht confuses me is that virPidWait is supposed to ignore -EINTR	17:09
lynxman	hallyn: restarted it yeah, but still complains	17:09
lynxman	hallyn: also can confirm that /dev/virbr0 doesn't exist	17:09
hallyn	lynxman: but that you can reproduce it is good news :) can you set the log level to 1 in /etc/libvirt/libvirt.d and restart libvirtd?	17:10
hallyn	eh. maybe not worth it.	17:10
hallyn	lynxman: your iptables output shows 192.168.122.0 redirects existing. what created those?	17:10
lynxman	hallyn: I reckon libvirt did	17:11
lynxman	hallyn: http://paste.ubuntu.com/883574/	17:11
lynxman	hallyn: also the interface virbr0 exists with the correct IP, but /dev doesn't :)	17:12
lynxman	hallyn: duh	17:12
hallyn	?	17:12
hallyn	what do you mean by /dev doesn't?	17:12
lynxman	hallyn: nah, me being sleepy, nevermind	17:13
lynxman	hallyn: it created the network interface properly	17:13
lynxman	hallyn: still log says error	17:13
hallyn	and vms have a good working network?	17:14
hallyn	but on your first start of libvirt, they didn't?	17:14
lynxman	hallyn: it does	17:14
lynxman	hallyn: ah no, nova-compute doesn't start because libvirt errors	17:14
lynxman	hallyn: it waits forever to connect to libvirt and doesn't show up in nova-manage service list	17:14
lynxman	hallyn: can do a reverse ssh tunnel for you to connect to the VM	17:15
hallyn	lynxman: ah. i see. i'm confusing errno and waitpid status	17:19
hallyn	lynxman: woudl it be possible for you to jsut reboot and not try to restart libvirt?	17:19
hallyn	i want to know if the network still comes up right	17:19
lynxman	hallyn: let me do that right now	17:19
lynxman	hallyn: same result, compute waiting forever on libvirtd, virb0 is there so is libvirtd it's just sitting ducks	17:21
lynxman	hallyn: http://paste.ubuntu.com/883591/	17:22
lynxman	hallyn: iptables http://paste.ubuntu.com/883594/	17:22
hallyn	lynxman: this is annoying. -4 is not supposed to be a valid exit code for iptables. and the rule is being added.	17:25
hallyn	I don't want to go and blindly patch the code to be quiet though	17:25
lynxman	hallyn: :/	17:25
pabelanger	adam_g: okay, I think I got it. Thanks for the pointer	17:25
lynxman	hallyn: anything else I can test? If not as said, I can do a reverse tunnel so you can connect in	17:25
hallyn	lynxman: i'm afraid if i do that my afternoon will be sucked up by it :)	17:26
hallyn	but ig uess we should	17:26
lynxman	hallyn: heh :)	17:26
lynxman	heidar: be my guest	17:26
hallyn	lynxman: how do you want to do it? ssh-import-id serge-hallyn and give me an ip addr to go to?	17:27
adam_g	pabelanger: cool, ill hopefully give it a look today	17:27
adam_g	pabelanger: thanks for the help, btw	17:27
lynxman	hallyn: no need to, PMing you the details	17:28
hallyn	thx	17:28
pabelanger	adam_g: no problems, I needed them locally, that's why I did it	17:28
Kiall	Heya, I'm trying to install nagios3, but I'm not wanting apache to come in a dependency . According to the package deps, apache is a recommends.. Yet, using --no-install-recommends still brings it in.. How can I find out where the hard "Depends" rather than "Recommends" is coming from?	17:29
cwillu_at_work	Kiall, works fine here	17:32
Kiall	Actually, Looks like I found it.. But would still like to know an easier way than tracing through the deps manually :)	17:32
cwillu_at_work	Kiall, are you seeing apache2-utils and thinking that it's installing apache?	17:33
Kiall	No, it was depending on libapache2-mod-php OR php-cgi ..	17:33
Kiall	adding php-cgi let it work correctly..	17:33
pabelanger	Kiall: apt-get install nagios3-core	17:33
cwillu_at_work	Kiall, huh, it doesn't attempt to install php-cgi nor libapache2-mod-php here	17:34
=== Lcawte\|Away is now known as Lcawte
Kiall	But, I would still love to know a better way to list a dependency tree for what apt is selecting..	17:34
Kiall	cwillu_at_work: http://packages.ubuntu.com/oneiric/nagios3-cgi	17:34
cwillu_at_work	Kiall, nagios3-cgi is not nagios3	17:35
cwillu_at_work	hmm, although it does seem to depend on it too	17:35
Kiall	Yes but, nagios3 Depends on nagios3-cgi, which Depends on libapache2-mod-php5\|php5-cgi\|php5..	17:35
cwillu_at_work	deps must have changed since 10.04	17:36
Kiall	Anyway.. All sorted, but is there an easier way to have apt list a tree of what its about to install? I'm sure I've seen a method of doing that before.. But cant find it!	17:36
cwillu_at_work	(on a tangental note: not requiring php is a hard requirement for any software I use :p)	17:37
Kiall	lol	17:37
smoser	SpamapS, ping	17:38
smoser	https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/615545	17:38
uvirtbot	Launchpad bug 615545 in cloud-init "Instances launched in a VPC cannot access ec2.archive.ubuntu.com" [Undecided,Fix committed]	17:38
=== Leseb_ is now known as Leseb
SpamapS	smoser: pong	17:49
SpamapS	smoser: sup?	17:49
smoser	that bug...	17:50
smoser	there has been an update un-verried sitting in lucid-proposed for quite some time	17:50
smoser	and it appears that it wouldn't even fix the issue any more	17:50
smoser	that... and i'm looking to fix https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/615545	17:51
uvirtbot	Launchpad bug 615545 in cloud-init "Instances launched in a VPC cannot access ec2.archive.ubuntu.com" [Undecided,Fix committed]	17:51
smoser	oops	17:51
smoser	https://bugs.launchpad.net/ubuntu/+source/apt/+bug/948461	17:51
uvirtbot	Launchpad bug 948461 in apt "apt-get hashsum/size mismatch because s3 mirrors don't support http pipelining correctly" [High,Confirmed]	17:51
SpamapS	smoser: how do we test cloud-init from proposed? do we build AMI's for proposed updates?	17:51
smoser	so i'm thinking i should just get the lucid-proposed dropped.	17:52
smoser	SpamapS, well you can build with -proposed, but the easiest thing really is to just launch an instance	17:52
smoser	then	17:52
smoser	upgrade	17:52
smoser	rm -Rf /var/lib/cloud	17:52
smoser	reboot	17:52
smoser	its reasonable for most things	17:52
SpamapS	ah ok	17:52
smoser	but for this, i tihnk i just need to drop that fix, and we need to pave the way for the S3 mirrors	17:52
smoser	drop as it forget	17:53
smoser	so, thats why i pinged you	17:53
smoser	i thikn you can pull it from -prposed	17:53
smoser	right?	17:53
SpamapS	smoser: Probably, but I wouldn't know how to do that.	17:58
SpamapS	I only know how to let things in. :)	17:59
konradb	hi, how can i install oidentd on ubuntuserver?	18:00
Daviey	smoser: seen, https://wiki.ubuntu.com/Testing/EnableProposed ?	18:01
smoser	Daviey, i'm confused.	18:02
smoser	i was asking how i can get something removed from proposed.	18:02
konradb	i have just installed package "oidentd", i typed "/etc/init.d/oidentd start", i changed conf like here: http://is.gd/Z3Z3C3	18:03
konradb	and its not working	18:03
konradb	:/	18:03
konradb	i added iptables -A INPUT --protocol tcp --destination-port 113 -j ACCEPT	18:04
konradb	and output too	18:04
konradb	whats wrong?	18:04
Daviey	smoser: Oh.. sorry	18:05
Daviey	smoser: I don't think you need to bother?	18:05
smoser	well, i'm gonna do another upload	18:06
Daviey	smoser: it's a published source, which you can declare as failed verification.. so just ignore it.	18:06
Daviey	smoser: well you need to bump the version regardless.	18:06
smoser	"declare as failed verification"	18:06
Daviey	smoser: as in, treat it as a failed verification	18:06
SpamapS	smoser: if you have another change for cloud-init.. just revert the failed one in the next upload.	18:19
lynxman	hallyn: machine won't reboot until you manually kill process 23846	18:26
uvirtbot	New bug: #948461 in apt (main) "apt-get hashsum/size mismatch because s3 mirrors don't support http pipelining correctly" [High,Confirmed] https://launchpad.net/bugs/948461	18:31
hallyn	lynxman: actually i killed the dmidecode and that did it. what IS that dmidecode and why does it fail?	18:38
hallyn	(but, i'm afk doing lunch - bbl)	18:38
patdk-wk	don't you need dvi/hdmi/displayport for dvidecode to work?	18:39
patdk-wk	dmidecode :)	18:39
foo	If it takes about 15 seconds to finish doing something like "mkdir folder" (where I create a folder) - what does that typically mean?	18:56
patdk-wk	foo, using dm	19:00
patdk-wk	other issues is if your running out of diskspace/inodes	19:01
foo	patdk-wk: hm, I don't have dm - what is that? CLI only. I don't see a problem with diskspace, how would I know if I'm running out of inodes? I wonder if I need an fsck.	19:02
patdk-wk	df -h, and df -hi	19:02
patdk-wk	dm would be if your using, encryption, non-mdadm software raid, lvm, luks	19:06
cwillu_at_work	patdk-wk, I don't believe btrfs has an inode limit of that nature	19:24
patdk-wk	I didn't see him say btrfs at all	19:24
foo	Thanks, this is the output: /dev/sdc1 59M 646K 58M 2% /public	19:25
cwillu_at_work	er, sorry	19:25
cwillu_at_work	wrong channel	19:25
foo	looks ok to me. hmm. is it possible I just need a fsck?	19:25
patdk-wk	unlikely	19:25
foo	weird. in that case, drive maybe going bad?	19:25
patdk-wk	my system used to take upto 5min to do a mkdir on ext3	19:25
patdk-wk	could be	19:25
patdk-wk	to a smartctl test on it	19:26
patdk-wk	smartctl -t long /dev/....	19:26
patdk-wk	then check the results in a few hours	19:26
foo	patdk-wk: I am on ext3. This is a small home based server, nothing too crazy	19:27
hallyn	lynxman: i now can't reproduce it	19:27
hallyn	lynxman: eh, but reverting my debug patch lets me reproduce. heisenbug?	19:28
smoser	hallyn, did you test IO at all in vms ?	19:30
hallyn	smoser: no	19:30
smoser	what am i paying you for	19:30
smoser	oh	19:30
hallyn	smoser: i started to set up an oneiric vm on marula, but it failed to boot	19:30
smoser	wait	19:30
smoser	never mind.	19:30
hallyn	smoser: i really do want to know if it's regressed...	19:31
smoser	yeah. i know.	19:31
hallyn	i think that is third in line, after lynxman's bug, and daviey's patch for nested vmx	19:31
Harald__	Hi. what do I need to do to make my USB WLAN-dongle "listen" at boot-up? Currently, when I boot and the ethernaet cable is NOT connected, I cannot access the system. If I connect the ethernet cable to eth0, then all of a sudden the wlan0 becomes active and I can ssh into the box. Both are configured with static IPs, wlan0 is lested first in /etc/network/interfaces (not that I think that matters), and I'm running 11.10 Serve	19:50
Harald__	Help much appreciated!!	19:50
esuave	is there any way i can tell how or when an IP changed on my server?	20:03
esuave	the machine was rebooted.. and the IP is assigned statically.. but some how it still changed..	20:03
esuave	im thinking it may have been a user.. but is there a sure way i can tell? maybe a log or something?	20:03
esuave	*correction.. the machine was never rebooted.. been up for 133 days	20:04
Harald__	Doesn't anybody have an idea?	20:09
SpamapS	Harald__: can you pastebin your /etc/network/interfaces file?	20:13
SpamapS	Harald__: (hint: apt-get install pastebinit && pastebinit < /etc/network/interfaces)	20:14
Harald__	auto lo	20:15
Harald__	iface lo inet loopback	20:15
Harald__	# The primary network interface	20:15
Harald__	auto wlan0	20:15
Harald__	iface wlan0 inet static	20:15
Harald__	address 192.168.xxx.6	20:15
Harald__	gateway 192.168.xxx.1	20:15
Harald__	netmask 255.255.255.0	20:15
Harald__	wpa-ssid <my-essid>	20:15
Harald__	wpa-psk <my-psk>	20:15
Harald__	auto eth0	20:15
Harald__	iface eth0 inet static	20:15
Harald__	address 192.168.xxx.5	20:15
Harald__	gateway 192.168.xxx.1	20:15
Harald__	the hint about pastebinit came too late, sorry...	20:17
Harald__	would it help to put a 'sudo ifup wlan0' in my /etc/rc.local?	20:18
Harald__	at least this answer (http://askubuntu.com/questions/3677/disable-wireless-on-startup) would lead me to believe that could work	20:19
Harald__	though there the person wants to disable it...	20:19
ses1984	hey, i had a question not sure if this is the place to ask or #ubuntu+1, anyway i just installed precise x64 in a VM and noticed that python-django* packages were not in the repos,	20:20
ses1984	i was wondering if those were intentionally left out, or they will be added in for the final release	20:20
ses1984	i've been using the last LTS and it included django and associated packages, and a lot more python packages	20:20
SpamapS	ses1984: which ones are missing?	20:24
SpamapS	python-django - High-level Python web development framework	20:25
SpamapS	ses1984: I see python-django-* in my precise system	20:25
ses1984	i just did "aptitude search django" and got nothing	20:25
SpamapS	Harald__: please do not paste text in the channel	20:25
SpamapS	Harald__: when I said "pastebin" I meant paste it into a pastebin website. http://paste.ubuntu.com/	20:26
ses1984	i didn't do apt-get update yet that's probably it...	20:26
ses1984	yup	20:26
SpamapS	Harald__: so, the ifup is a bit confusing. After udev is done detecting devices, 'ifup -a' is run, so wlan0 should be brought up then.	20:28
Harald__	putting that into the r.local had no effect anyway	20:28
SpamapS	yeah I didn't read the askubuntu page, but I doubt that would change much	20:29
SpamapS	I don't know how the wpa-* bits are handled..	20:29
SpamapS	but I've never had any luck using WIFI on Ubuntu w/o network manager.	20:29
Harald__	and what's better is, when I disconnect the ethernet cable then wlan0 goes down, too	20:29
Harald__	by 'going down' I mean I lose my ssh on that interface	20:30
Harald__	and here you go: http://paste.ubuntu.com/883847/	20:32
hallyn	lynxman: libvirt libvirt0_0.9.8-2ubuntu13 is the only one that gives me those errors.	20:32
hallyn	i find it hard to believe that enabling numa fixed it :)	20:33
=== JVDZ is now known as jvdz
lynxman	hallyn: heh :)	20:51
lynxman	hallyn: so it's a last minute bug	20:51
hallyn	my guess is it's so timing-related that a new build rearranges the code enough to hide it	20:56
hallyn	in which case, the bug is still there and real	20:57
hallyn	maybe worth looking at iptables src for clues	20:58
nancy--	how to ssh with a key?	21:11
guntbert	nancy--: see https://help.ubuntu.com/10.04/serverguide/C/openssh-server.html	21:12
uvirtbot	New bug: #955510 in nova (main) "failed attach leaves stale iSCSI session on compute host" [Undecided,New] https://launchpad.net/bugs/955510	21:41
nancy--	i just sudo apt-get apache2 . did i installed php and mysql too and how to start these. with httpd?	21:56
qman__	nancy--, no, those must be installed in addition, apache is just a web server	22:04
bitmonk	hey guys i'm trying to set up a basic samba share based on the default config that ships with lucid, but my auth fails (share works if i allow guest)	22:11
bitmonk	anyone know if there's anything about the default config that's wonky?	22:11
bitmonk	in the log i pretty much just get create_connection_server_info failed: NT_STATUS_ACCESS_DENIED	22:11
qman__	bitmonk, with the default config, you have to set up users in tdbsam	22:11
qman__	sudo smbpasswd -a username	22:12
bitmonk	ah	22:12
qman__	libpam-smbpass supposedly keeps them in sync, and users added hereafter should get smb passwords	22:12
qman__	but for existing users, you have to do that	22:12
bitmonk	ah. yeah our users are written out by chef, i don't think any sort of pam trigger will work on them ever.	22:13
bitmonk	but i only really need two users.	22:13
bitmonk	and they aren't unix users anyway. this'll do.	22:13
* bitmonk hasn't touched samba in so many years.		22:13
bitmonk	how is access controlled for these users? wow it really has been a while.	22:16
nancy--	how to install mysql after i have installed apache2 and php5 ?	22:16
SpamapS	bitmonk: the default setup will map them to unix users of the same name I THINK	22:17
SpamapS	nancy--: apt-get install mysql-server	22:17
uvirtbot	New bug: #955540 in juju (universe) "juju-create hard-coded to use 192.168.122.1" [High,New] https://launchpad.net/bugs/955540	22:18
nancy--	thx	22:19
nancy--	SpamapS, how to give ftp access to /var/www folder ?	22:20
SpamapS	nancy--: do not use FTP :)	22:21
SpamapS	nancy--: ssh/scp/sftp is what you want	22:22
SpamapS	nancy--: I'd recommend putting your website in /srv/www rather than /var/www .. as some packages may put files in /var/www even though they shouldn't. :)	22:22
nancy--	really?	22:22
nancy--	ok.. so how to setup sftp?	22:23
SpamapS	nancy--: install openssh-server	22:23
nancy--	i already haave ssh acces. i dont know what is installed. iam using amazon free tier	22:24
SpamapS	nancy--: ahh ok. So you can scp files from your local machine to your instance then.	22:25
SpamapS	nancy--: or use 'sftp' for the same purpose	22:26
SpamapS	nancy--: you can also use 'rsync' to copy a whole directory tree	22:26
nancy--	hmm	22:27
nancy--	how to install sftp	22:28
nancy--	SpamapS,	22:31
SpamapS	nancy--: its built in with ssh	22:34
nancy--	hm	22:34
=== Lcawte is now known as Lcawte\|Away
nancy--	thx guyes	22:38
uvirtbot	New bug: #955576 in juju (universe) "'local:' services not started on reboot" [Undecided,New] https://launchpad.net/bugs/955576	23:01

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!