[00:08] Hi [00:09] I tried to set a server but now I have a loopback. I have a Local loopback. The server is plugged in my router, since I only want it for internal use it shouldn't be a problem. [00:14] Anyone here? :) [00:17] Zx432, Not sure what you mean, what are you trying to do? [00:17] I was setting up a home srever [00:18] It should be basically my first server, It is plugged in my router and has no internet acces or any acess at all because of the loopback. [00:19] l0n: I *think* he's trying to do something relating to networking, and is getting an 169.172/24 address from avahi. Or possibly he's looking at "scope local" on an iface address. [00:19] Zx432: what you're saying doesn't make any sense. [00:20] ifconfig -a gives me: [00:20] twb, that does idd sound reasonable [00:20] Zx432: do not use ifconfig. [00:20] ok [00:20] Zx432: pastebin the output of "ip r", "ip a" and /etc/network/interfaces. [00:21] Zx432, there is always a loopback adapter [00:21] it has nothing to do with your ability to get to the internet [00:21] ok [00:21] but I still cant ping anythinng. [00:22] I hope it is clear I am talking about another computer. [00:22] that's fine, but it has nothing to do with the loopback adapter, you need to configure your interface, and verify that one is even loading in ifconfig -a or ip a [00:22] ok [00:22] how? [00:23] in ifconfig -a, you will see blocks of information for each adapter which is configured [00:23] there will always be a lo0 [00:23] beyond that, you should have an eth0, or eth1, or ath0, or wlan0, etc [00:23] if you don't, that means you've got driver issues or hardware issues [00:23] if you do, it's simply not configured [00:29] what is lo? [00:29] lo = loopback [00:29] It is te only thing showing [00:29] So it is a driver problem? [00:30] Zx432: lspci -nn | grp net [00:30] *grep net [00:32] It tells me the name of the card. [00:33] What do the numbers mean? [00:33] That's the PCI ID. [00:33] You can enter it into the kmuto.jp HCL page to find out if it's supported [00:34] If it isn't showing up in "ip a" then it probably isn't [00:34] yeah, a google search of it will also help [00:34] if it's not supported, you'll likely find lots of other people having the same problem [00:34] And lots of unhelpful "I cargo-culted this and it works OKish" comments... [00:37] New bug: #954477 in swift (main) "swift config doesn't match upstart expectations" [Undecided,New] https://launchpad.net/bugs/954477 [00:39] Winbond electronics corp w89c940 first searches don't fill me with hope... === hggdh_ is now known as hggdh === guampa|2 is now known as guampa [01:21] New bug: #954632 in lxc (universe) "The -- option to lxc-start-ephemeral no longer works" [Undecided,New] https://launchpad.net/bugs/954632 === Jasonn is now known as juicy [02:14] I just realized that my 10.04 LTS server's been sitting around with the 2.32.35 kernel for while, when USN-1389-1 noted a number of serious security bugs that should have made me reboot. [02:15] However, whenever aptitude told me to upgrade my kernel, I always checked the changelog to see if I actually needed to reboot into the server...all it says there is "Bump ABI." [02:15] Shouldn't the changelog make some mention of "security bugs fixed," and set the urgency to something other than "low"? [02:20] dunno about aptitude, but apt-get tells me those things [02:22] trimeta: you hit C in aptitude to see the changelog? [02:22] I mean, landscape (which is presumably fueled by aptitude gives me a message saying "N packages can be updated, M updates are security updates." when I log in, but it doesn't say which ones are which. [02:22] twb: I typed "aptitude changelog linux-server" [02:23] Either 1) you are looking at the meta package; or 2) there are multiple changelog entries since the current version, and you're only looking at the latest (first) one. [02:23] FYI, there is an extra package you can install that lets aptitude boldify all the new changelog entries [02:23] twb: I may be looking at the meta package...let me see if typing the full package name helps. [02:23] Also apt-listchanges and apt-listbugs [02:23] * patdk-lap just doesn't bother, and updates on every kernel [02:24] trimeta: the metapackage is built from a separate stub source package than the actual kernel itself -- this is a kernel-specific peculiarity, normal packages don't have that issue [02:24] OK, aptitude changelog linux-image-2.6.32-39-server does give a more meaningful changelog; I'll need to remember that in the future. [02:25] It still could be clearer here which of these updates are security-related. [02:26] trimeta: in aptitude's GUI, it's a separate section [02:26] I'm accessing the server over ssh; in fact, I don't have X installed on this thing. [02:26] aptitude's GUI is an ncurses GUI [02:27] (Well, it also has a GTK GUI now. Of course, you can tunnel X applications as long as there is an X *server* installed on your SSH *client* side.) [02:27] I've never used aptitude's ncurses interface, actually...hmm, let's see what's here. [02:28] http://paste.debian.net/ [02:28] Gah [02:28] That pastebin hates screenshots with box chars in them :-/ [02:28] http://cyber.com.au/~twb/tmp.txt <-- screenshot [02:29] http://paste.debian.net/159636/ [02:32] OK, so if I have security updates, they'd be there? [02:32] I usually just update things using a script that runs "aptitude update && aptitude safe-upgrade". [02:33] You might have unattended-upgrades installed and enabled [02:33] In which case you wouldn't notice most of the time [02:33] It's definitely installed... [02:38] But I think it's disabled (no mention in /etc/apt/apt.conf.d/10periodic). [02:47] Hello all. I was hoping you all could point me to a good guide for setting up an internet gateway using ubuntu 11.10. [03:35] New bug: #954692 in nova (main) "cannot detach volume from terminated instance" [Undecided,New] https://launchpad.net/bugs/954692 === DJ is now known as Guest63005 [05:01] New bug: #923426 in samba (main) "smbd crashed with SIGABRT in store_inheritance_attributes() (dup-of: 911680)" [Medium,New] https://launchpad.net/bugs/923426 [05:13] New bug: #927891 in samba (main) "smbd crashed with SIGABRT in store_inheritance_attributes() (dup-of: 911680)" [Medium,New] https://launchpad.net/bugs/927891 [05:16] New bug: #954721 in cloud-init (main) "90_dpkg_maas.cfg is world readable" [Undecided,New] https://launchpad.net/bugs/954721 [05:41] hi all, my local dhcp server is a little on the flakey side. is it possible to stop dhcpcd from deconfiguring the interface if the dhcp server dissapears for a few minutes? [06:36] what is the ideal way to load balance a drupal site between three servers, I feel rsync might be to slow if a new user signup and then redirected to a non-updated server [06:40] brando753: rsync doesn't do load balancing [06:40] brando753: you mean how do you keep shared files in sync? [06:40] no rsync to update content [06:40] between the servers and using round robin [06:40] the content should be in a database server [06:40] but that is not an ideal situation for me [06:40] SpamapS, video content [06:41] brando753: for video you want an object storage solution. I like MogileFS, CEPH, and Swift [06:41] dunno if drupal has built in support for any of those [06:41] Im using red5 [06:42] but Im just trying to setup the main servers for load balancing [06:42] I dont want the database in one server incase something happens [06:42] I thought all the cool kids used S3/EC2 for load balancing shite [06:42] I know drbd is a huge fuckign pain [06:43] drbd is easy.. its the cluster managers like corosync/pacemaker that are a PITA [06:43] but manually switching drbds in a catastrophic failure scenario is easy [06:44] brando753: mysql has several ways to make it HA so you can put it on all 3 servers [06:44] brando753: I really like Galera for that.. [06:44] brando753: http://codership.com/products/mysql_galera [06:45] SpamapS: if you have a NOC monkey that isn't an idiot, I guess [06:46] SpamapS: oh did I mention the customer also wanted to drbd the root fs [06:46] thanks I will check that out, how about for actual file synchronization? is rsync the best choice? [06:46] SpamapS: so I was estimating how hard it would be to manage drbd from within the initrd... [06:46] brando753: rsync is good at moving arbitrary data from one place to another. [06:46] brando753: for code, you should be using VCS not rsync [06:47] brando753: for RDBMSs, you should be using database-specific sync mechanisms [06:48] brando753: no, for videos it would be a bad choice [06:48] brando753: since they could take quite a while, and be missing for a long time [06:49] twb: drbd root is a bit silly [06:49] SpamapS: yes well, customer was more than a bit silly [06:49] thanks I will check some of this out [06:50] brando753: use a distributed object store.. looks like red5 has some massively complicated way to do that.. http://trac.red5.org/wiki/Documentation/Clustering/EdgeOriginSolutiononTerracotta [07:38] adam_g: hi there === variant is now known as mrintegrity [07:58] hi all, my local dhcp server is a little on the flakey side. is it possible to stop dhcpcd from deconfiguring the interface if the dhcp server dissapears for a few minutes? [08:05] <_ruben> a dhcp server disapearing for a few minutes shouldn't cause any issues, unless you have insanely small lease expiration times [08:06] _ruben: hmm, guess that could be the problem actually [08:06] a typ [08:07] a typo [08:10] _ruben: or it happens to be when that least expires [08:10] *lease [08:14] <_ruben> that's why it should work like most ipsec implementations (not sure if that's the case currently with dhcp implementations): attempt to renew long before expiry and only deconfig when it fails to do so at expiry time [08:16] Maybe it does; I am only guessing [08:16] <_ruben> makes 2 of us then :) [08:17] <_ruben> then again, the most obvious solution would be to fix the dhcp server [08:17] Pfft, fix things? You must be new here [08:17] <_ruben> :) [08:18] <_ruben> breaking stuff does tend to be way easier [08:22] _ruben: to be honest, I did fix the dhcp server and this is no longer a problem. my only consern is future dhcp server breakage causing unplanned downtime on the whole network because of this feature/miss configuration :) [08:23] 08:14 < _ruben> that's why it should work like most ipsec implementations ... I will test this [08:25] <_ruben> i wonder if dhcp has seperate renew and expire lifetimes (like ipsec does), then you could set it to renew like every hour, but expire only after a day for instance. probably isn't the case though [09:17] Morning all [09:19] I can stop mysql with service mysql stop. It gives a givea an error: stop: Method "Get" with signature "ss" on interface "org.freedesktop.DBus.Properties" doesn't exist. After that upstart is all messed up: start: Unknown job: mysql [09:21] a_ok: why are you telling us? [09:28] twb: how do I get to start mysql? [09:29] Oh sorry, I thought this was #networking [09:30] a_ok: it looks like it's pissed that dbus isn't running or some dbus backend magic isn't installed [09:30] Or wait, are you root? [09:30] yes i am [09:30] "sudo stop mysql" [09:31] twb: unknown job mysql... [09:32] Is there an /etc/init/mysql.conf ? [09:32] yes there is [09:33] I am not convinced you're actually root [09:33] It sure feels like you're not, from the symptoms [09:36] twb: I am convinced I am root however I seem to have corrupted config. Weird that it would stop the first time though [09:36] upstart might not reread the config file while the job is running [09:38] twb: ah. that might explain it [09:39] twb: I am trying to get a ulimit -n in there. it's in the pre-start now but not doing anyting [09:49] A core dumping init... Should I worry? :) [10:02] morning o/ [10:03] hello lynxman [10:07] http://imgur.com/8cePA [10:08] koolhead17: ello! [10:28] Daviey: poke rabbitmq [10:28] morning BTW :-) [10:33] jamespage: poke received [10:45] gah [10:46] bencer: around? lots of empty packages... [10:46] jamespage: yup [10:46] tell me [10:46] * jamespage hates cdbs for this [10:46] so [10:47] side effect of adding the transitional packages I'm afraid [10:47] didnt check the launchpad build, jacalvo uploaded that [10:47] when cdbs builds a source package with a single binary package [10:48] $(DEB_DESTDIR) points to debian/ [10:48] when it has multiple binary targets it points to debian/tmp [10:49] jamespage: what do you suggest to do in this case then? [10:49] just thinking about it [10:52] bencer, http://build-common.alioth.debian.org/cdbs-doc.html#id2550863 [10:53] Alternatively, write a packagename.install file listing: debian/tmp/* [10:53] Well, after testing yesterday. I'm happy with now nova and dbconfig-common are working together; uploading the patch to launchpad [10:53] bencer: thats one way around it [10:54] OR zbuildtools could be updated to target the right directory for the package. [10:55] ok, let me have a look at it [10:55] <_ruben> Jeeves_: who needs init anyways ? :p [10:56] bencer: I'm not looked yet but there could be a problem with upstart configuration getting installed into the transitional packages as well [10:56] ok, going to have a look at that too [10:57] bencer: I'll do a quick local build to check now [10:58] bencer: confirmed - both packages get all upstart configurations. [10:59] arr :-/ then maybe the easiest thing is to change zbuildtools? [10:59] _ruben: Indeed. init is sooooooooo overrated :) [11:04] jamespage: going to have a look on a change on zbuildtools [11:05] bencer: I think so [11:23] New bug: #954915 in nova (main) "Add dbconfig-common support to nova" [Undecided,New] https://launchpad.net/bugs/954915 === Xethron_ is now known as Xethron [11:32] ok, I have 2 merge requests up, 1 for the glance package and the other is for the nova package. Both add support for dbconfig-common. Reviewers wanted / welcome :) [11:51] New bug: #954759 in php5 (main) "php5 10.04 LTS critical bug fixes" [Undecided,Invalid] https://launchpad.net/bugs/954759 [11:54] logwatch is run from /etc/cron.daily/00logwatch on 3 hosts. On 2 hosts it runs at 5:25 and on one at 6:25, any idea why it's different on one host? [11:54] I've checked the time and timezone on all three hosts, the output of `date` is the same on all. [12:00] <_ruben> chmac: have a look at /etc/crontab [12:01] _ruben: Strange, they're all identical. I did change the timezone after setting up the servers, I wonder if it needs to reboot to take effect. I just restarted the cron service, maybe that will resolve it. [12:01] The two hosts at 5:25 are actually running wrong, it's meant to run at 6:25, so I'll keep an eye on it, maybe reboot those nodes if necessary. [12:19] _ruben: Thanks for the feedback btw [12:29] what are the minimum required for the ubuntu 10.04.4 server I have vps with 128 ram. Is it enough memory space? [12:30] non-vps it uses like 26megs [12:30] so with vps, it should use less === smb` is now known as smb === marrusl_ is now known as marrusl === bladernr_afk is now known as bladernr_ [13:15] patdk-wk: thanks [14:11] New bug: #955070 in juju (universe) "charm getall stderr output" [Undecided,New] https://launchpad.net/bugs/955070 [14:15] Does ubuntu server still store the default runlevel in /etc/inittab ? [14:15] I'm trying to run libvirt in precise but is spewing all kinds of errors http://pastebin.ubuntu.com/883276/ [14:16] Any idea where to start looking at? [14:24] lynxman, its not much, but looks like a process which is supposed to pull hardware info is failing terribly. I'm unsure as to why its doing this or what a fix may be, a quick google turned this up as the page of the process in question: http://www.nongnu.org/dmidecode/ [14:30] New bug: #700146 in eucalyptus "The default configuration of httpd-cc.conf on the cluster controller is causing apache2 to write the /var/log/eucalyptus/cc.log* files incorrectly. Versions 1.62, 2.02 of eucalyptus-cc." [Undecided,New] https://launchpad.net/bugs/700146 [14:30] jamespage: so what would be better, reverse patch 2.7.11 or go to 2.7.12? Isn't too late at this height of the cycle to jump one version up? [14:31] lynxman, hmm [14:31] * jamespage scratches his chin [14:33] Daviey: ^^^ ?? [14:35] lynxman, bearing in mind the last few releases from upstream how do we feel about taking a whole new point release? [14:35] has 2.7.11 proven a bit more stable? [14:37] lynxman, anyone from puppetlabs/puppet devs around to help us make this decision? [14:39] jamespage: I can ask stahnma later today [14:39] jamespage: at this point we're pretty much high in the release cycle, the version should be stable [14:39] *should* [14:39] I agree [14:39] so the patch makes more sense [14:39] lynxman, whats the impact of not taking that patch [14:39] I did not ask that in the MP [14:42] jamespage: it reverts a newly introduced lock file mechanism [14:43] jamespage: looks like it broke existing platforms running 2.7.x so it was decided to reintroduce it in 3.0 and drop it out 2.7.x [14:43] lynxman, ack - fix it up and ill upload [14:43] jamespage: thanks :) [14:44] jamespage: will fix it right away [14:44] lynxman, you might want to run 'update-maintainer' on that branch as well [14:44] saves me typing it :-) [14:44] jamespage: hehe will do [14:48] lynxman: yeah, we can resolve that in euca [14:48] Have a patch [14:49] Daviey: cool [14:53] New bug: #955110 in juju (universe) "juju should tell me that I'm not in libvirtd group when running juju bootstrap" [Undecided,Confirmed] https://launchpad.net/bugs/955110 [15:41] New bug: #955168 in lxc (universe) "lxc-start seems to reset properties of input devices" [Undecided,New] https://launchpad.net/bugs/955168 [15:45] stgraber: did you have any complaints about my manpages patch? if not i'll roll it into the package right now (along with a patch from gary_poster) [15:47] hallyn: nope, I only briefly looked at it but it looked good [15:48] ok, thanks. [15:48] hallyn: btw, I have apparmor working fine here now but I'm not too sure what we should do with the profile to make it block what we want (moving /proc and /sys) while allowing everything else so we don't need to patch it every other week for other distros/versions/... [15:48] hallyn: http://paste.ubuntu.com/883431/ is what I have now [15:49] stgraber: well i think we want to allow tmpfs anywhere, [15:49] restrict /proc and /sys to those locations, [15:49] and refuse securityfs [15:49] (and debugfs) [15:49] and maybe add a comment (or a conditional if possible?) to just allow all mounts [15:50] stgraber: what you have now works with current kernel and apparmor userspace? [15:50] or still waiting on pushes? [15:50] hallyn: you need a new parser and kernel [15:50] if it works, i can just stage my changes in ubuntu:lxc and let you update? [15:50] ok [15:50] 12:44 <@jjohansen> people.canonical.com/~jj/linux-image-3.2.0-18-generic_3.2.0-18.29_amd64.deb [15:50] 12:44 <@jjohansen> people.canonical.com/~jj/apparmor_parser [15:50] hallyn: ^ [15:53] hallyn: blocking debugfs and securityfs caused mountall to fail in an interesting way for me, we might need to patch it to deal with apparmor denying the mount [15:54] hallyn: or allow these fs only at the "right" location and then deny access to the content [15:54] i guess the latter is ok [15:54] can we let lxc-start mount it, and deny the container mounting it? [15:54] (i.e. if it's mounted will mountall ignore it) [15:55] yeah, if it's mounted mountall won't touch it [15:56] I guess our existing restrictions already refuse writes to those, so it's not a big deal either way [15:56] but the advantage of having the host mount it is that it keeps the contaienr policy easier to understand [15:57] disadvantage, we need to update contaienr fstab in templates [15:57] stgraber: meanwhile, shoudl i push the two fixes i have, or do you have something else to stage today? [15:58] hallyn: push what you have, the apparmor changes still depend on having some other bug fixed in apparmor and new userspace + kernelspace upload [15:58] kthx [16:04] hallyn: what was the reason for blocking /sys/fs/fuse/connections/ ? [16:05] fuse is scary? :) [16:05] i don't know the fuse api. i just don't want the containers being able to muck with the kernel through the fuse stuff [16:05] if everything under /sys is safe, then we can remove that. [16:05] (but i have my doubts) [16:07] hallyn: don't we allow /dev/fuse already? [16:07] yes but /dev/fuse is world writeable [16:08] looking at /sys/fs/fuse on my laptop i guess it looks ok [16:08] how do you register a new fuse handler? [16:08] (that's what i want a container to be refused) [16:08] does that require a modprobe? [16:08] apparently when creating a new fuse mount through /dev/fuse a new entry appeares in /sys/fs/fuse/connections/ [16:08] owned by the user owning the mount [16:09] so the only problem is a privacy one with root in container seeing info for user on host [16:09] so in my case I see an entry in /sys/fs/fuse/connections/ that's owned by my user (500 for directory and some files at 600 in there) [16:10] well i did an sshfs mount, and don't see anything bad there [16:10] hallyn: well, currently it can access it, it just can't write to it [16:10] so container could do a DOS with max [16:10] max_connections [16:10] but that's it [16:11] and i don't thin it needs to write to it :) but near as I can tell it's not bad if it can [16:11] you know, compared to other stuff it can do :) [16:12] I guess I'm fine keeping it read-only for now and allowing read/write when we have a bug report, does that sound good? [16:13] yup [16:14] stgraber: i'm about to turn back to qemu and libvirt bugs. do you want me to be testing the apparmor stuff right now instead, or are you ok fleshing that out still? [16:14] (i wonder if anyone would notice that there isn't a lxc-clone manpage...) [16:15] hallyn: I'm working a bit on it now, will need jjohansen's help on a mount weirdness though [16:15] hallyn: one more question, shouldn't we deny /proc/sys/fs/**? [16:15] hallyn: mostly thinking of /proc/sys/fs/binfmt_misc/ [16:17] hallyn: oh, we do, sorry, I'm blind :) [16:26] hallyn: nice side-effect of apparmor: [ 9736.120788] type=1400 audit(1331742393.327:650): apparmor="DENIED" operation="mount" info="failed type match" error=-13 parent=8952 profile="/usr/bin/lxc-start//lxc_container" name="/" pid=8964 comm="mount" flags="ro, remount" [16:32] ah yes. i was hoping for that, and have bugged poor jjohansen like 20x over the last 2 months asking whether that would happen :) [16:32] \o/ [16:32] heck now we could drop the rootfs.pin file... so ppl coudl stop asking me to put text in there [16:33] (but as i'm sure ppl will be dsiabling apparmor in some cases, better not) [16:36] hallyn: http://paste.ubuntu.com/883514/ [16:36] hallyn: with the FIXMEs fixed, I think I'll be happy to use that for precise [16:37] hallyn: hey hallyn, I see you uploaded a new version of libvirt that solves a couple issues, it's not still on the archive but installing from scratch the previous one I have this problem http://pastebin.ubuntu.com/883276/ have you seen this before? [16:38] Quick question, I've posted a few merge request for nova and glance (OpenStack), I'm unsure if I have set them up to notify the properly people; I have not heard much feed back yet. Its only been a day, but want to make sure I did the review properly [16:41] pabelanger: where did you propose the merges? [16:41] New bug: #955231 in mysql-dfsg-5.1 (main) "Unable to install sympa during debian-installer" [Undecided,New] https://launchpad.net/bugs/955231 [16:42] adam_g: bug 954915 and bug 953093 have each being linked to the merge request [16:42] Launchpad bug 954915 in nova "Add dbconfig-common support to nova" [Undecided,New] https://launchpad.net/bugs/954915 [16:42] Launchpad bug 953093 in glance "Add dbconfig-common support to glance" [Undecided,New] https://launchpad.net/bugs/953093 [16:42] hello [16:42] my system reboot 3 times per day [16:43] i got this error : [kern.info] kernel Copyright (C) 2004 MontaVista Software - IPMI Powerdown via sys_reboot. [16:43] on my log [16:43] azertyu: is your system a VPS? [16:43] correct [16:43] i'd assume the hardware node went down for updates/upgrades [16:44] sys_reboot might be being called from the hardware node [16:44] pabelanger: oh nice. would you mind redirecting the proposals to lp:~ubuntu-server-dev/nova/essex and lp:~ubuntu-server-dev/glance/essex ? [16:44] thereby signaling to the VPSes to shutdown, and come back up after the upgrades [16:44] adam_g: Okay sure, did I link to the wrong branches? [16:45] stgraber: hm. should all regular block devices be allowed to be mounted in contaienrs you think? [16:45] or should we make that configurable? [16:45] pabelanger: well, we do all the packaging work in the ubuntu-server-dev branches, and then merge into the lp:ubuntu/precise/ branches. im not sure if theres a way to make that more obvious, so sorry if its unclear. [16:46] I think ppl will complain about it being denied. But certainly a bad FS risks corrupting the host [16:46] adam_g: Okay [16:46] lynxman: looking [16:46] pabelanger: proposals to the ubuntu-server-dev get run thru the openstack CI testing before uploading to ubuntu [16:47] lynxman: no, that's new to me [16:47] hallyn: I'm guessing most people would do that through the fstab outside of the container to avoid giving access to the block device [16:47] hallyn: doing so will be allowed by my current profile [16:47] (as lxc-start can mount anything it wants to /usr/lib/lxc/root/**) [16:47] stgraber: ok. perhaps the server guide should give guidance on that [16:47] hallyn: probably a good idea indeed [16:47] (but i've sent the merge requerst so that'll have to wait) [16:48] hallyn: we definitely shouldn't recommend allowing block devices in the lxc config, it's much easier to have lxc-start mount them [16:48] stgraber: thanks for getting the policy working! [16:48] hallyn: np, just need to nag jjohansen some more, have the parser fixed (or my profile) and get all that in the archive [16:49] hallyn: it's very weird indeed ./ [16:50] anyone ? [16:50] i got this error : [kern.info] kernel Copyright (C) 2004 MontaVista Software - IPMI Powerdown via sys_reboot. [17:01] lynxman: i've seen it before apparently https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/922628 [17:01] Launchpad bug 922628 in libvirt "virbr0 not created at startup" [Medium,Invalid] [17:01] hallyn: ooh :) [17:01] hallyn: so it just happened on a new VM here [17:02] hallyn: interesting... anything you want me to check on the system? I rebooted it twice with the same result [17:03] lynxman: still the internal error Child process (/usr/sbin/dmidecode -q -t 0,1,4,17) status unexpected: fatal signal 15 has me wondering if something else is causing the root problem [17:04] /4/ [17:04] 6/ [17:07] lynxman: what does '/sbin/iptables -L -t nat' show? [17:08] hallyn: http://paste.ubuntu.com/883568/ [17:09] lynxman: is that with libvirt sucessfully restarted? [17:09] lynxman: waht confuses me is that virPidWait is supposed to ignore -EINTR [17:09] hallyn: restarted it yeah, but still complains [17:09] hallyn: also can confirm that /dev/virbr0 doesn't exist [17:10] lynxman: but that you can reproduce it is good news :) can you set the log level to 1 in /etc/libvirt/libvirt.d and restart libvirtd? [17:10] eh. maybe not worth it. [17:10] lynxman: your iptables output shows 192.168.122.0 redirects existing. what created those? [17:11] hallyn: I reckon libvirt did [17:11] hallyn: http://paste.ubuntu.com/883574/ [17:12] hallyn: also the interface virbr0 exists with the correct IP, but /dev doesn't :) [17:12] hallyn: *duh* [17:12] ? [17:12] what do you mean by /dev doesn't? [17:13] hallyn: nah, me being sleepy, nevermind [17:13] hallyn: it created the network interface properly [17:13] hallyn: still log says error [17:14] and vms have a good working network? [17:14] but on your first start of libvirt, they didn't? [17:14] hallyn: it does [17:14] hallyn: ah no, nova-compute doesn't start because libvirt errors [17:14] hallyn: it waits forever to connect to libvirt and doesn't show up in nova-manage service list [17:15] hallyn: can do a reverse ssh tunnel for you to connect to the VM [17:19] lynxman: ah. i see. i'm confusing errno and waitpid status [17:19] lynxman: woudl it be possible for you to jsut reboot and not try to restart libvirt? [17:19] i want to know if the network still comes up right [17:19] hallyn: let me do that right now [17:21] hallyn: same result, compute waiting forever on libvirtd, virb0 is there so is libvirtd it's just sitting ducks [17:22] hallyn: http://paste.ubuntu.com/883591/ [17:22] hallyn: iptables http://paste.ubuntu.com/883594/ [17:25] lynxman: this is annoying. -4 is not supposed to be a valid exit code for iptables. and the rule *is* being added. [17:25] I don't want to go and blindly patch the code to be quiet though [17:25] hallyn: :/ [17:25] adam_g: okay, I think I got it. Thanks for the pointer [17:25] hallyn: anything else I can test? If not as said, I can do a reverse tunnel so you can connect in [17:26] lynxman: i'm afraid if i do that my afternoon will be sucked up by it :) [17:26] but ig uess we should [17:26] hallyn: heh :) [17:26] heidar: be my guest [17:27] lynxman: how do you want to do it? ssh-import-id serge-hallyn and give me an ip addr to go to? [17:27] pabelanger: cool, ill hopefully give it a look today [17:27] pabelanger: thanks for the help, btw [17:28] hallyn: no need to, PMing you the details [17:28] thx [17:28] adam_g: no problems, I needed them locally, that's why I did it [17:29] Heya, I'm trying to install nagios3, but I'm not wanting apache to come in a dependency . According to the package deps, apache is a recommends.. Yet, using --no-install-recommends still brings it in.. How can I find out where the hard "Depends" rather than "Recommends" is coming from? [17:32] Kiall, works fine here [17:32] Actually, Looks like I found it.. But would still like to know an easier way than tracing through the deps manually :) [17:33] Kiall, are you seeing apache2-utils and thinking that it's installing apache? [17:33] No, it was depending on libapache2-mod-php OR php-cgi .. [17:33] adding php-cgi let it work correctly.. [17:33] Kiall: apt-get install nagios3-core [17:34] Kiall, huh, it doesn't attempt to install php-cgi nor libapache2-mod-php here === Lcawte|Away is now known as Lcawte [17:34] But, I would still love to know a better way to list a dependency tree for what apt is selecting.. [17:34] cwillu_at_work: http://packages.ubuntu.com/oneiric/nagios3-cgi [17:35] Kiall, nagios3-cgi is not nagios3 [17:35] hmm, although it does seem to depend on it too [17:35] Yes but, nagios3 Depends on nagios3-cgi, which Depends on libapache2-mod-php5|php5-cgi|php5.. [17:36] deps must have changed since 10.04 [17:36] Anyway.. All sorted, but is there an easier way to have apt list a tree of what its about to install? I'm sure I've seen a method of doing that before.. But cant find it! [17:37] (on a tangental note: not requiring php is a hard requirement for any software I use :p) [17:37] lol [17:38] SpamapS, ping [17:38] https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/615545 [17:38] Launchpad bug 615545 in cloud-init "Instances launched in a VPC cannot access ec2.archive.ubuntu.com" [Undecided,Fix committed] === Leseb_ is now known as Leseb [17:49] smoser: pong [17:49] smoser: sup? [17:50] that bug... [17:50] there has been an update un-verried sitting in lucid-proposed for quite some time [17:50] and it appears that it wouldn't even fix the issue any more [17:51] that... and i'm looking to fix https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/615545 [17:51] Launchpad bug 615545 in cloud-init "Instances launched in a VPC cannot access ec2.archive.ubuntu.com" [Undecided,Fix committed] [17:51] oops [17:51] https://bugs.launchpad.net/ubuntu/+source/apt/+bug/948461 [17:51] Launchpad bug 948461 in apt "apt-get hashsum/size mismatch because s3 mirrors don't support http pipelining correctly" [High,Confirmed] [17:51] smoser: how do we test cloud-init from proposed? do we build AMI's for proposed updates? [17:52] so i'm thinking i should just get the lucid-proposed dropped. [17:52] SpamapS, well you can build with -proposed, but the easiest thing really is to just launch an instance [17:52] then [17:52] upgrade [17:52] rm -Rf /var/lib/cloud [17:52] reboot [17:52] its reasonable for most things [17:52] ah ok [17:52] but for this, i tihnk i just need to drop that fix, and we need to pave the way for the S3 mirrors [17:53] drop as it forget [17:53] so, thats why i pinged you [17:53] i thikn you can pull it from -prposed [17:53] right? [17:58] smoser: Probably, but I wouldn't know how to do that. [17:59] I only know how to let things in. :) [18:00] hi, how can i install oidentd on ubuntuserver? [18:01] smoser: seen, https://wiki.ubuntu.com/Testing/EnableProposed ? [18:02] Daviey, i'm confused. [18:02] i was asking how i can get something removed from proposed. [18:03] i have just installed package "oidentd", i typed "/etc/init.d/oidentd start", i changed conf like here: http://is.gd/Z3Z3C3 [18:03] and its not working [18:03] :/ [18:04] i added iptables -A INPUT --protocol tcp --destination-port 113 -j ACCEPT [18:04] and output too [18:04] whats wrong? [18:05] smoser: Oh.. sorry [18:05] smoser: I don't think you need to bother? [18:06] well, i'm gonna do another upload [18:06] smoser: it's a published source, which you can declare as failed verification.. so just ignore it. [18:06] smoser: well you need to bump the version regardless. [18:06] "declare as failed verification" [18:06] smoser: as in, treat it as a failed verification [18:19] smoser: if you have another change for cloud-init.. just revert the failed one in the next upload. [18:26] hallyn: machine won't reboot until you manually kill process 23846 [18:31] New bug: #948461 in apt (main) "apt-get hashsum/size mismatch because s3 mirrors don't support http pipelining correctly" [High,Confirmed] https://launchpad.net/bugs/948461 [18:38] lynxman: actually i killed the dmidecode and that did it. what IS that dmidecode and why does it fail? [18:38] (but, i'm afk doing lunch - bbl) [18:39] don't you need dvi/hdmi/displayport for dvidecode to work? [18:39] dmidecode :) [18:56] If it takes about 15 seconds to finish doing something like "mkdir folder" (where I create a folder) - what does that typically mean? [19:00] foo, using dm [19:01] other issues is if your running out of diskspace/inodes [19:02] patdk-wk: hm, I don't have dm - what is that? CLI only. I don't see a problem with diskspace, how would I know if I'm running out of inodes? I wonder if I need an fsck. [19:02] df -h, and df -hi [19:06] dm would be if your using, encryption, non-mdadm software raid, lvm, luks [19:24] patdk-wk, I don't believe btrfs has an inode limit of that nature [19:24] I didn't see him say btrfs at all [19:25] Thanks, this is the output: /dev/sdc1 59M 646K 58M 2% /public [19:25] er, sorry [19:25] wrong channel [19:25] looks ok to me. hmm. is it possible I just need a fsck? [19:25] unlikely [19:25] weird. in that case, drive maybe going bad? [19:25] my system used to take upto 5min to do a mkdir on ext3 [19:25] could be [19:26] to a smartctl test on it [19:26] smartctl -t long /dev/.... [19:26] then check the results in a few hours [19:27] patdk-wk: I am on ext3. This is a small home based server, nothing too crazy [19:27] lynxman: i now can't reproduce it [19:28] lynxman: eh, but reverting my debug patch lets me reproduce. heisenbug? [19:30] hallyn, did you test IO at all in vms ? [19:30] smoser: no [19:30] what am i paying you for [19:30] oh [19:30] smoser: i started to set up an oneiric vm on marula, but it failed to boot [19:30] wait [19:30] never mind. [19:31] smoser: i really do want to know if it's regressed... [19:31] yeah. i know. [19:31] i think that is third in line, after lynxman's bug, and daviey's patch for nested vmx [19:50] Hi. what do I need to do to make my USB WLAN-dongle "listen" at boot-up? Currently, when I boot and the ethernaet cable is NOT connected, I cannot access the system. If I connect the ethernet cable to eth0, then all of a sudden the wlan0 becomes active and I can ssh into the box. Both are configured with static IPs, wlan0 is lested first in /etc/network/interfaces (not that I think that matters), and I'm running 11.10 Serve [19:50] Help much appreciated!! [20:03] is there any way i can tell how or when an IP changed on my server? [20:03] the machine was rebooted.. and the IP is assigned statically.. but some how it still changed.. [20:03] im thinking it may have been a user.. but is there a sure way i can tell? maybe a log or something? [20:04] *correction.. the machine was never rebooted.. been up for 133 days [20:09] Doesn't anybody have an idea? [20:13] Harald__: can you pastebin your /etc/network/interfaces file? [20:14] Harald__: (hint: apt-get install pastebinit && pastebinit < /etc/network/interfaces) [20:15] auto lo [20:15] iface lo inet loopback [20:15] # The primary network interface [20:15] auto wlan0 [20:15] iface wlan0 inet static [20:15] address 192.168.xxx.6 [20:15] gateway 192.168.xxx.1 [20:15] netmask 255.255.255.0 [20:15] wpa-ssid [20:15] wpa-psk [20:15] auto eth0 [20:15] iface eth0 inet static [20:15] address 192.168.xxx.5 [20:15] gateway 192.168.xxx.1 [20:17] the hint about pastebinit came too late, sorry... [20:18] would it help to put a 'sudo ifup wlan0' in my /etc/rc.local? [20:19] at least this answer (http://askubuntu.com/questions/3677/disable-wireless-on-startup) would lead me to believe that could work [20:19] though there the person wants to disable it... [20:20] hey, i had a question not sure if this is the place to ask or #ubuntu+1, anyway i just installed precise x64 in a VM and noticed that python-django* packages were not in the repos, [20:20] i was wondering if those were intentionally left out, or they will be added in for the final release [20:20] i've been using the last LTS and it included django and associated packages, and a lot more python packages [20:24] ses1984: which ones are missing? [20:25] python-django - High-level Python web development framework [20:25] ses1984: I see python-django-* in my precise system [20:25] i just did "aptitude search django" and got nothing [20:25] Harald__: please *do not* paste text in the channel [20:26] Harald__: when I said "pastebin" I meant paste it into a pastebin website. http://paste.ubuntu.com/ [20:26] i didn't do apt-get update yet that's probably it... [20:26] yup [20:28] Harald__: so, the ifup is a bit confusing. After udev is done detecting devices, 'ifup -a' is run, so wlan0 should be brought up then. [20:28] putting that into the r.local had no effect anyway [20:29] yeah I didn't read the askubuntu page, but I doubt that would change much [20:29] I don't know how the wpa-* bits are handled.. [20:29] but I've never had any luck using WIFI on Ubuntu w/o network manager. [20:29] and what's better is, when I disconnect the ethernet cable then wlan0 goes down, too [20:30] by 'going down' I mean I lose my ssh on that interface [20:32] and here you go: http://paste.ubuntu.com/883847/ [20:32] lynxman: libvirt libvirt0_0.9.8-2ubuntu13 is the only one that gives me those errors. [20:33] i find it hard to believe that enabling numa fixed it :) === JVDZ is now known as jvdz [20:51] hallyn: heh :) [20:51] hallyn: so it's a last minute bug [20:56] my guess is it's so timing-related that a new build rearranges the code enough to hide it [20:57] in which case, the bug is still there and real [20:58] maybe worth looking at iptables src for clues [21:11] how to ssh with a key? [21:12] nancy--: see https://help.ubuntu.com/10.04/serverguide/C/openssh-server.html [21:41] New bug: #955510 in nova (main) "failed attach leaves stale iSCSI session on compute host" [Undecided,New] https://launchpad.net/bugs/955510 [21:56] i just sudo apt-get apache2 . did i installed php and mysql too and how to start these. with httpd? [22:04] nancy--, no, those must be installed in addition, apache is just a web server [22:11] hey guys i'm trying to set up a basic samba share based on the default config that ships with lucid, but my auth fails (share works if i allow guest) [22:11] anyone know if there's anything about the default config that's wonky? [22:11] in the log i pretty much just get create_connection_server_info failed: NT_STATUS_ACCESS_DENIED [22:11] bitmonk, with the default config, you have to set up users in tdbsam [22:12] sudo smbpasswd -a username [22:12] ah [22:12] libpam-smbpass supposedly keeps them in sync, and users added hereafter should get smb passwords [22:12] but for existing users, you have to do that [22:13] ah. yeah our users are written out by chef, i don't think any sort of pam trigger will work on them ever. [22:13] but i only really need two users. [22:13] and they aren't unix users anyway. this'll do. [22:13] * bitmonk hasn't touched samba in so many years. [22:16] how is access controlled for these users? wow it really has been a while. [22:16] how to install mysql after i have installed apache2 and php5 ? [22:17] bitmonk: the default setup will map them to unix users of the same name I THINK [22:17] nancy--: apt-get install mysql-server [22:18] New bug: #955540 in juju (universe) "juju-create hard-coded to use 192.168.122.1" [High,New] https://launchpad.net/bugs/955540 [22:19] thx [22:20] SpamapS, how to give ftp access to /var/www folder ? [22:21] nancy--: do not use FTP :) [22:22] nancy--: ssh/scp/sftp is what you want [22:22] nancy--: I'd recommend putting your website in /srv/www rather than /var/www .. as some packages may put files in /var/www even though they shouldn't. :) [22:22] really? [22:23] ok.. so how to setup sftp? [22:23] nancy--: install openssh-server [22:24] i already haave ssh acces. i dont know what is installed. iam using amazon free tier [22:25] nancy--: ahh ok. So you can scp files from your local machine to your instance then. [22:26] nancy--: or use 'sftp' for the same purpose [22:26] nancy--: you can also use 'rsync' to copy a whole directory tree [22:27] hmm [22:28] how to install sftp [22:31] SpamapS, [22:34] nancy--: its built in with ssh [22:34] hm === Lcawte is now known as Lcawte|Away [22:38] thx guyes [23:01] New bug: #955576 in juju (universe) "'local:' services not started on reboot" [Undecided,New] https://launchpad.net/bugs/955576