/srv/irclogs.ubuntu.com/2012/03/16/#ubuntu-server.txt

jdstrandufw is not enabled by default00:33
jdstrandthose are libvirt rules00:33
jdstrandCheckIn: ^00:34
* jdstrand wanders off00:38
uvirtbotNew bug: #956607 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.61-0ubuntu0.10.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/95660701:01
CheckInjdstrand: umm hmm01:02
CheckInit knows that it's in a virtual machine?01:03
qman__CheckIn, it does, but that's not why01:23
qman__it must have been created by a vm builder of some kind, or has libvirt stuff installed on it01:23
qman__in any case, those rules don't really affect anything you're trying to do01:24
qman__it simply added some accept rules to the input chain, which is an accept policy already01:25
qman__and configured forwarding, probably to get the VM online01:25
qman__that would only affect you if you're trying to configure as a router01:25
=== bladernr_ is now known as bladernr_afk
CheckInqman__: So why can't I ping the machine before I drop the rules?01:37
qman__plenty of reasons, but the rules showing there aren't it01:41
qman__not directly anyway01:42
qman__it could be that your VM networking is messed up out of the box01:42
qman__and that those rules it creates cause it to be unpingable01:42
CheckInqman__: dropping the rules makes it pingable but it's not the rules?01:55
qman__not _just_ those rules02:05
qman__check the nat table, and check the VM config02:05
qman__they might in combination be breaking it02:05
CheckInhmm ok thanks02:19
CheckInqman__: What would libvirt be used for?02:20
CheckInIt's installed I'm wondering if I can just remove it02:20
CheckInIs that what is giving me a virbr0 network card?02:21
pabelangerFriendly reminder bug 953093 and bug 954915 both have branches ready for review (merge request).02:21
uvirtbotLaunchpad bug 953093 in glance "Add dbconfig-common support to glance" [Low,New] https://launchpad.net/bugs/95309302:21
uvirtbotLaunchpad bug 954915 in nova "Add dbconfig-common support to nova" [Low,New] https://launchpad.net/bugs/95491502:21
qman__CheckIn, my guess is yes, but I don't know enough about libvirt to say for certain02:22
CheckInqman__: Yes as in I can remove it or yes as in it's providing things for the computer ?02:27
qman__yes as in it's providing the interface02:28
CheckInqman__: Ah well I don't use it and it doesn't seem to do anything02:29
uvirtbotNew bug: #956657 in samba (main) "package samba (not installed) failed to install/upgrade: ошибка записи в «<стандартный вывод>»: Ошибка ввода/вывода" [Undecided,New] https://launchpad.net/bugs/95665702:51
ChmEarlCheckIn, you never make virtual machine in Kvm or Xen? thats what libvirt helps with02:53
CheckInChmEarl: Nope this is an install within a virtual machine which is VirtualBox based03:05
qman__that may explain things03:09
qman__did you install the virtualbox extensions in the VM?03:09
qman__IME, virtualbox's networking is hoakey and hard to get working right03:10
=== nonotza_ is now known as nonotza
larryi wonder if somebody is trying to attack my website, i got visit from anonymous proxy, with the IP address 65.49.2.185, a whois shows this belongs to sophidea, and searches show bad things about it, like this: www.wilderssecurity.com/showthread.php?t=286100 and this: http://www.wilderssecurity.com/showthread.php?t=302402   and this: http://thewhiterace.com/showthread.php?1720-Whitenewsnow-com-attacked-by-Anonymous/page203:39
larryanybody waked?03:42
qman__not for long, but you haven't stated why you think you were attacked03:42
qman__a hit doesn't mean an attack03:43
qman__most attacks will leave you with bizarre looking requests in the apache log03:43
larrywell i found that IP was browsing my website03:43
larrymaybe they are preparing to attack?03:43
larryso they can take money from customers later?03:44
endraWhat do you guys make of this: http://pastebin.com/XqSQGqS903:45
Malekolarry: cloudflare it03:45
Maleko:p03:45
larryis it necessary?03:46
qman__doubtful03:46
qman__a hit's a hit, doesn't necessarily mean anything03:47
larrywell any idea who what this thing was?03:47
qman__if you're worried, check for CVEs on the software you run03:47
larryjust random?03:47
qman__and patch your server03:47
qman__and of course, check your backups03:47
larryif its hosted by godaddy will godaddy do any security or its all up to me?03:48
qman__depends03:48
qman__VPS, it's up to you03:48
qman__they have certain measures in place to cover themselves, but not you03:49
larryCVE = common vulnerabilities?03:49
qman__point is, a random hit from an anonymous proxy doesn't make you any more or less vulnerable or at-risk than normal03:52
qman__make sure your software is patched and reasonably secured03:52
qman__and that your backups are good, because stuff happens03:53
qman__now, if you're seeing strange behavior from that IP, then you might have something to look into, but so far, I don't see any reason to investigate it much further03:54
larryok thank you04:24
timeboxneed help installed ubuntu server 64bit 11.10 to HP proliant ML150G6 but its as if I cant connect to the net I cannot even ping anyone had same experience?04:51
timeboxmy bad wrong port used thanks!05:14
=== fenris is now known as Guest98977
=== smb` is now known as smb
koolhead17hi all09:16
lynxmanmorning o/09:21
lynxmanjamespage: will be tackling the puppet merge this morning09:24
jamespagelynxman, you read my mind :-)09:25
Malekohello09:25
Malekohow do you add route?09:26
lynxmanjamespage: I'm like that ;)09:26
lynxmanjamespage: I had to do it yesterday, but I didn't find the time finally :/09:27
koolhead17Maleko: route add09:27
koolhead17Maleko: man route <--09:28
_rubeneew09:28
_rubenman ip09:28
_rubenip route add ...09:28
lynxmankoolhead17: route is obsolete, ip route add is how it should be done09:29
lynxman!man09:29
ubottuThe "man" command brings up the Linux manual pages for the command you're interested in. Try "man intro" at the  command line, or see https://help.ubuntu.com/community/UsingTheTerminal | Manpages online: http://manpages.ubuntu.com/09:29
koolhead17sorry Maleko09:31
koolhead17thaks lynxman09:31
koolhead17*thanks09:31
Malekoahh people replied me. thought this place is dead09:31
=== reisi_ is now known as reisi
Malekoi actually want to ask why "route add" adds an extra entry in routing09:32
Malekohttp://pastebin.com/auxBfhV809:32
Malekowhy ip route doesn't do that?09:34
_rubenbecause the route command is broken? use ip route to list the routing table instead09:35
lynxmanMaleko: it does09:35
lynxmanMaleko: the thign being, you're adding on ip route a default gateway09:35
lynxmanmaknz: then with route add a gateway to THAT network09:35
lynxmanMaleko: then with route add a gateway to THAT network09:36
lynxmanMaleko: I'd suggest you getting a bit more familiarised with routing basics09:36
lynxmanMaleko: you don't need a gateway for a network that you're part of, it's completely redundant and not desired09:37
Malekoim lost when you said i dont need a gateway for a net im part of :\09:40
maxbgateways take you other places. why would you go through a gateway to get to where you already are? that makes no sense09:43
Malekoso your point is i don't need to specify a gateway if i only want to talk to other computers in the same net i am?09:56
lynxmanMaleko: exactly10:00
lynxmanMaleko: gateways are only to be able to talk to computers in other networks10:00
=== fenris is now known as Guest77154
jamespagelynxman, whilst you are working on puppet you should credit glenn's work in the changelog entry (working through the sponsors queue ATM and noticed he did some debdiff's)10:41
lynxmanjamespage: hmm sure, didn't use any of his code though10:41
jamespagelynxman, sorry - you are quite correct - just noticed you added the debdiff10:42
* jamespage faceplants10:42
lynxmanjamespage: ;)10:42
Zx432How do I enable ethernet card on Ubuntu server? I searched on the net but I was unsucessfull. I must warn you I am a noob and this is my first server.11:19
koolhead17https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/93558511:20
uvirtbotLaunchpad bug 935585 in upstart "[kernel panic] init: log.c:786: Assertion failed in log_clear_unflushed: log->remote_closed" [High,Confirmed]11:20
koolhead17is fix for this  getting merged today?11:21
Jeeves_koolhead17: I fixed it by moving a file in /etc/init11:24
MalekoZx432: ip link set eth0 up/down11:25
Jeeves_Maleko: Well, that is a bit too basic, I suspect :)11:28
Jeeves_Zx432: See /etc/network/interfaces11:28
Jeeves_And 'man interfaces'11:28
Zx432well now I get no picture... :)11:46
Zx432Monitor is showing: Not optimum mode11:46
Zx432I have done nothing.11:46
Zx432My server doesn't display picture. Monitor displays: Not optimum mode Recommended mode 1280x1024 60 hz11:56
sorenDaviey: I've worked out how to create Keystone stuff (roles, services, endpoints, etc.) on install.12:11
Davieysoren: oh?12:13
sorenDaviey: http://bazaar.launchpad.net/~ciscosystems/keystone/ubuntu/revision/3712:13
sorenDaviey: Specifically, see the upstart job changes and the postinst.12:14
Davieysoren: should they be medium or low priority ?12:14
sorenDaviey: Which ones?12:14
sorenDaviey: The create_* questions?12:14
Davieysoren: creating the user12:14
DavieyIe, should we default to prompting it, or make it a main target for preseeding?12:15
sorenThe basic assumption is:12:15
sorenIf you're doing a large deployment, you'll be using preseeding.12:16
Davieysoren: what is the point of /var/lib/keystone/run_on_start.bak ?12:16
sorenIf you're not using preseeding, you're fairly likely just setting up a simple test environment.12:16
Davieyahh12:17
Davieyit's a run once operation12:18
sorenDaviey: Yeah.12:18
sorenDaviey: I think it's rude to do things like that and then remove the evidence.12:18
sorenDaviey: It's nice to have around for me for debugging, but it's also nice to anyone else to be able to see what "I" did on their behalf.12:19
sorenDaviey: E.g. the rightscale init script used to delete itself. I hated that.12:20
Davieysoren: I think, if you can document that in the d/changelog.. lets get it included in the upload today12:20
Daviey(would like a QA run of it first.)12:20
sorenDaviey: It's not entirely appropriate for Ubuntu right now.12:20
Davieysoren: oh?12:20
sorenDaviey: It renames the database.12:21
sorenWEll..12:21
sorenRather: It doesn't.12:21
soren...but expects to find it elsewhere.12:21
Daviey24             SQL_CONNECTION="sqlite:///$dbc_basepath/$dbc_dbname.db" 24            SQL_CONNECTION="sqlite:///$dbc_basepath/$dbc_dbname"12:21
sorendbconfig-common lets you specify a dir and a db name.12:21
Daviey?12:21
sorenYeah, but dbconfig creates $dbc_basepath/$dbc_dbname12:21
Davieysoren: you dropped the .db?12:22
sorenAnyway, a bit of care needs to be applied there and I haven't worried about that just yet. It's minor.12:22
sorenDaviey: dbconfig-common does.12:22
sorenDaviey: dbconfig-common creates the db.12:22
sorenDaviey: ...but names it just $dbc_basepath/$dbc_dbname12:23
sorenDaviey: Not $dbc_basepath/$dbc_dbname.db12:23
Davieyoh12:23
Davieysoren: Well, regardless - this would be nice to get into precise.12:23
sorenDaviey: ...and if you set dbc_dbname to keystone.db by default, the mysql and postgresql backends get upset.12:23
Davieyright!12:23
KM0201is there a walkthrough to install ubuntu server from USB?  i fail at the cd rom detection, and i don't have a cd drive.12:24
sorenDaviey: I'd be happy to get it into Ubuntu, I just haven't thought through all the migrations paths yet at all.12:24
Davieysoren: Are you committed to doing that?12:24
koolhead17!unetbootin12:25
ubottuFor information about installing Ubuntu from USB flash drives, see https://help.ubuntu.com/community/Installation/FromUSBStick - For a persistent live USB install, see: https://wiki.ubuntu.com/LiveUsbPendrivePersistent12:25
KM0201koolhead17: no kidding?... why don't you try reading that.12:25
KM0201ii've done what it says there, it doesn't seem to work12:25
sorenDaviey: The migration stuff?12:25
Davieysoren: yes12:25
sorenDaviey: I'm not sure, really. I have no clue what state keystone was in in Oneiric.12:25
koolhead17KM0201: because i use it.12:25
KM0201not working for me, i tried doing what is said12:25
sorenDaviey: What I *can* do, though, is handle the upgrade from the version immediately before the one wehre these changes land.12:25
Davieysoren: No, i'm not sure we can migrate from ks->ksl nicely12:26
Davieyadam has more info.12:26
sorenDaviey: Oh, we can.12:26
sorenDaviey: Well, at least we're supposed to.12:26
koolhead17KM0201: tell me where are you stuck?12:26
Davieysoren: I thought there was an issue?12:26
Davieysoren: markmc also mentioned concerns for them aswell.12:26
KM0201detecting the cdrom.. says it couldn't be mounted12:26
DavieyMaybe i'm missing something.12:26
sorenDaviey: Code has been written that's meant to handle that. Whether it works or not... I don't know.12:26
sorenDaviey: It's just a rather awkward procedure.12:27
KM0201i get the unetbootin screen, boot the usb, choose keyboard, language, etc..12:27
Davieysoren: oh cool, my views might have predated that then :)12:27
KM0201but it fails to mount the cd12:27
sorenDaviey: You have to create a new database, point a migration script at the old one as well as at your old Nova install..12:27
sorenDaviey: It's very, very non-trivial.12:27
Daviey*awesome*12:27
sorenDaviey: See http://keystone.openstack.org/12:27
Davieysoren: If i were a production admin, i'd not want you to do that much fiddling without permission :)12:28
sorenDaviey: Let me qualify that a bit: It looks pretty easy to do *manually*. Driving it automatically in a postinst scenario... Not much fun at all.12:28
Davieyright!12:28
DavieyI think we should provide a debconf warning, linking to steps to provide12:28
DavieyHandling a seemless, automatic upgrade seems risk prone.. and not that beneficial imo12:29
sorenDaviey: Yeah, something like that.12:29
sorenDaviey: It's a lot of work for sure, and not anywhere near the top of my list of priorities.12:29
Zx432 I have a graphic card Gigabyte GV R925128T all of a sudden I get Not optimum mode Recommended mode 1280x1024 60 hz on my monitor, I can still see boot sequence normally.12:30
sorenDaviey: But handling the upgrade from a very recent keystone should be quite easy.12:31
sorenDaviey: I just haven't looked at it yet. I'm focused on making a fresh install work.12:31
Davieysoren: agreed12:35
Davieysoren: If you are happy to put the work into this, i think it would be a great addition12:36
patdk-wkzx432, that is cause your using a lcd monitor12:36
patdk-wkand the resolution doesn't match the lcd display12:36
patdk-wkeither ignore it, or change your screen size12:37
Zx432Ihe problem is I can't do a thing.12:37
Zx432And the mponitor is new12:37
Zx432*monitor12:37
patdk-wk Idon't know what that means, can't do a thing12:37
Zx432The screen is black and only the ewarning is dancing around.12:38
Zx432*warning12:38
patdk-wkhmm, probably need to use the nomodeset kernel option on boot12:39
patdk-wkand then either fix the screen resolution, or just make that perm12:39
Zx432Never did that, checking the internet12:41
Zx432The funny thing is it worked a week ago.12:41
jamespagesmoser: https://code.launchpad.net/~james-page/swift/essex-fixup-upstart/+merge/9769012:44
Zx432I must be doing stg wrong, I cant even get the the nomodeset to show12:51
bencer_jamespage: i saw you changed into Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>12:55
bencer_do we need to do this in all packages?12:55
lynxmanjamespage: around?13:09
=== bladernr_afk is now known as bladernr_
jamespagebencer_, no - that was only because I did the delta for testing that build fix13:13
jamespagelynxman, yep13:13
bencer_jamespage: ok thx13:13
lynxmanjamespage: nah, nevermind it was a git issue :)13:13
xpistoshello everyone.13:14
xpistosare there any utilities that i should be running on my Ubuntu server to keep it healthy? Like H-top or something?13:15
bencer_jamespage: btw, even you delete the packages, you are not allowed to upload again the same version :-/13:21
jamespagebencer_, thats what I thought but I though I managed todo it the other day13:21
jamespagehmm - maybe not.13:22
Zx432ok i sort of fixed the monitor problemm.13:28
Zx432 but I still can't get the internet to work.13:28
Zx432Is there a way to restart the ethernet card and force it to connect using dinamic ip?13:30
=== mrevell_ is now known as mrevell
michael_tngood day all13:48
Zx432Hi13:49
michael_tni'm looking for a little help with using d-i and preseed to format 4 disks in LVM during an auto install via pxe13:49
michael_tni can have partman do a single disk  with no issue13:50
michael_tnif someone has a preseed example that would fantastic13:50
michael_tnall this is on 11.10 server builds13:51
=== bladernr_ is now known as bladernr_afk
=== bladernr_afk is now known as bladernr_
lynxmanjamespage: question, in order to ensure a proper sync, I've patched the local fs, which would be the most appropriate command to push that to a patch file in debian/patches ? I normally do run debuild but I'm sure there's a better way13:59
jamespagelynxman, I'd use quilt13:59
lynxmanjamespage: quilt itself? gotcha14:00
* lynxman trying to do things right14:00
jamespagelynxman, quilt new <patchname>14:00
jamespagequilt add filea14:00
jamespagequilt add fileb14:00
jamespagequilt refresh14:00
lynxmanjamespage: it's a big load of files, but yeah, will do :)14:00
jamespageof course that does require that you start by doing it that way :-)14:00
jamespagelynxman, is it an upstream patch?14:00
lynxmanjamespage: quilt supports file deletion as well?14:00
lynxmanjamespage: yes but it requires some fine tuning, won't patch cleanly as it is14:01
jamespagelynxman, hrm it does quilt add the file and then remove it - pretty ugly14:01
lynxmanjamespage: it removes a couple files14:02
lynxmanjamespage: apart from patching around ~20 files14:02
lynxmanjamespage: that's why I was wondering if it's supported to delete a file in a patch14:02
jamespagelynxman, well it is - by removing every line in the file14:02
jamespageits brittle tho14:02
lynxmanjamespage: yeah, I saw that going wrong a couple of times, this patch is a bit of a pita14:03
lynxmanjamespage: upstream patch has line differences and a couple patches that require manual editing14:03
jamespagelynxman, is this still the one that reverts something thats dropped in 2.7.12?14:03
lynxmanjamespage: yessir14:03
lynxmanjamespage: just trying to redo the patch as it should14:03
lynxmanjamespage: otherwise when I do debuild it always complains about something14:04
jamespagelynxman, you might be best to rebase the patch in github based on applying it to 2.7.11 to generate a clean patch14:04
jamespagei.e. use git todo that14:04
lynxmanjamespage: been looking that way, unfortunately I didn't find a way to do it cleaner than the patch I've been provided14:04
lynxmanjamespage: so I'll have to make do with that one :)14:04
hallynstgraber: can you explain bug 956655?14:05
uvirtbotLaunchpad bug 956655 in launchpad "libvirt dnsmasq causes runaway chain reaction" [Undecided,New] https://launchpad.net/bugs/95665514:05
lynxmanhallyn: still need my VM?14:05
hallynlynxman: oh, if possible.14:06
Zx432How to restart ethernet card?14:06
pabelangerjamespage, re: bug 907152. I think 'start on runlevel [2345] or started libvirt-bin' should be good for upstart.  Since using 'and' is no recommended14:06
uvirtbotLaunchpad bug 907152 in nova "Error: unable to connect to '/var/run/libvirt/libvirt-sock', libvirtd may need to be started: No such file or directory" [Medium,Triaged] https://launchpad.net/bugs/90715214:06
lynxmanhallyn: of course, let me fire it up14:06
jamespagepabelanger, I don't think it avoids the race condition tho14:07
pabelangerI know14:07
stgraberhallyn: looking14:07
lynxmanhallyn: done, port 65222 as usual14:07
jamespagepabelanger, I wish upstart could check to see if an event could ever be generated and use it conditionally14:08
jamespagejodh, feature for next release ^^ ?14:08
jamespage:-)14:08
pabelangerjamespage, initially I had 'start on (filesystem and net-device-up IFACE!=lo) and started libvirt-bin' but that got rejected14:08
jamespagepabelanger, yeah - I guess we're slowly deprecating (filesystem and net-device-up IFACE!=lo)14:09
stgraberhallyn: right, it's his fault ;) people shouldn't create loop between their dnsmasq servers14:09
stgraberhallyn: I've seen a few other people get into the same problem with the libvirt one ;)14:09
jamespagepabelanger, I'm not sure there is a good fix for this in upstart14:10
pabelangerjamespage, I have to admit, I still don't know why 'start on runlevel [2345] and started libvirt-bin' would not work; my upstart foo is weak14:10
stgraberhallyn: one trick might that might work is putting the LXC dns server in /etc/resolvconf/resolv.conf.d/tail instead14:11
stgraberhallyn: that would make the libc use it only if dnsmasq can't resolve14:12
=== mrevell_ is now known as mrevell
uvirtbotNew bug: #941874 in dmraid (main) "(fakeraid) root device not activated during boot" [High,Fix released] https://launchpad.net/bugs/94187414:18
hallynstgraber: tail instead of head?14:19
hallynlynxman: thanks14:19
stgraberhallyn: head would put you in an infinite loop again as the libc would take the first entry, use the lxc dnsmasq which will want to resolv through the external resolve and so use itself as it's the first entry in /etc/resolv.conf ;)14:22
lynxmanhallyn: np :)14:23
stgraberhallyn: tail still has the potential of looping but it should be much reduced as you'll need to have the libc fallback to it, have it be a record that the lxc dnsmasq doesn't know how to resolve and have it for some reason forward it to itself14:23
koolhead17seems like i found bug with glance :( failing to upload image. need to rechack it though14:26
hallynstgraber: should i just drop that suggestion from the server guide?14:31
hallynit was based on a suggestion on the security team's wiki pagefor testing with qemu/libvirt14:32
stgraberhallyn: I think that'd be the safest, yes14:35
hallynsigh14:37
hallyntoo bad.  it's such a nice feature14:38
hallynstgraber: how's the mounts stuff?  I saw tgardner applied some new kernel patches this morning...14:38
hallynare you pushing anything today?14:38
stgraberhallyn: probably not today, I need to wait for everyone to be on the new kernel14:40
stgraberhallyn: so probably on Monday when linux-meta has been uploaded and the new kernel built on all the architectures14:40
stgraberpivot_root fails with our current kernel so we need to keep apparmor off until the new kernel lands, then deal with the bugs asking everyone to reboot to get LXC working ;)14:41
hallynok14:43
hallynwhat did we ever decide about per-container policies14:43
smoserroaksoax, ok. so runparts late command stuff...14:44
smoser http://paste.ubuntu.com/886406/ is the perl script that we'd run14:44
hallynah yes.  waiting on ffe for bug 95345314:44
uvirtbotLaunchpad bug 953453 in lxc "[FFE] use per-container apparmor profiles" [Undecided,Confirmed] https://launchpad.net/bugs/95345314:44
smoserand http://paste.ubuntu.com/886407/ is an example of what debconf content would look likje14:45
smoserbut i can't figure out how to remove the values from the database14:45
smoseror, have given up on that at the moment.14:45
smoserutlemming, ping14:49
utlemmingsmoser: pong14:49
smoserso, 2 things.14:50
smoseryour 2 merges14:50
smoserfirst hte locale one14:50
smoserhow safe is that?14:50
smoseri'm kind of confused on it (https://code.launchpad.net/~utlemming/cloud-init/cloud-init.lc_all/+merge/97768)14:51
hallynsmoser: for ubuntu-cloudimg-query, should i allow any streams other than 'released' or 'daily'?14:51
hallyn(the code is ..  not 100% obvious)14:51
smoseryou could, but there are only those 214:51
smoserand i really can't imagine another one.14:51
smosersub-daily14:51
smoser:14:51
utlemmingwhat do you mean by14:51
utlemming"safe"?14:52
smoserhow likely is it to break someone who had been using these happily before. or otherwise wreak havok on an image.14:52
hallynsmoser: thanks14:52
utlemmingI think it is safe, from that stand point. It will get rid of all the error messages about invalid locales14:53
utlemmingif a user like, say Davey, who exports "LC_ALL=en_GB" logs in, which is invalid, they will get the default14:53
stgraberhallyn: jodh added your upstart branch for SIGPWR to the list of things to merge and upload with the next upstart release (by Thursday if all goes well)14:53
utlemmingso in reality, I would argue that this enhances the user experience by disallowing the setting of invalid or unsupported locales14:54
smoserso, does that happen only if the locale is not installed ?14:54
utlemmingthe bug with db-common? yes. If the locale is valid (i.e. installed/generated), then db-common works fine.14:55
utlemmingif not, then it errors out and refuses to install14:55
smoseri dont knwo of the bug with db-common14:57
utlemmingthat was the impitus...Davey discovered that db-common in precise will fail the installation dialog if the LC_* are invalid.14:58
hallynlynxman: complete rebuild of v13 does not reproduce.  it really appears v13 was a bad build.  which is scary15:00
smoserutlemming, so the presense of hte locale file forces locale15:00
hallyni'll try 3 more builds to see if i can randomly get a bad one15:00
smoserright?15:00
lynxmanhallyn: oops15:00
hallynbut maybe it was just a bad toolchain lineup15:00
lynxmanhallyn: okay! :)15:00
hallynlynxman: is my building slowing down your laptop?15:01
smoserso as far as I can see this, the images have basically never allowed someone with a different local to actually use their other locale15:03
smoserutlemming, ^ Daviey ^ ?15:03
smoseris this true ?15:03
smoserie, it seems to me that the content in that file (/etc/default/locale) *forces* those settings onto the user (ie, they are not then passed through ssh)15:04
lynxmanhallyn: nah, it's an i7, has enough juice :)15:05
smoserutlemming, and if we put LC_ALL in there, all it does is force *that* LC_ALL also.15:05
smoserutlemming, ?15:09
smoserand then, i'm not sure that (this is probably a bug in cloud-init), but LANG != LC_ALL.15:09
barbo91hi guys, i need help, i need to censure some sites for my clients pc's... I want to configure a server to do that, and i don't know well how can i do it, new on linux tbh i'm a junior... i thinked about a DNS server with some kind of restriction... can someone help me? clients pc's are windows and have a limited user, and i want to force them to use my server15:15
barbo91i already got some services up like bind, apache and squid+guard15:19
utlemmingsmoser: sorry, phone call15:24
utlemmingsmoser: it only force the LANG LC_* variables, not things like byobu15:25
smoserwell, it forces LC_ALL15:26
smoser(which in behavior forces othe rthings)15:27
smoserso cloud-init is generally broken15:28
smoserutlemming, so i'm generally very unqualified to have this conversation15:30
smoserbut to me it looks like, cloud-init as a cloud-config setting 'locale', which defaults to a value 'en_US.UTF-8'15:31
smoserit then runs localegen with that (which is probably correct)15:31
smoserbut then, it sets 'LANG' to that value15:31
utlemmingsmoser: the real issue is tha the SSH sends the LC_* values, which are then incorrect15:31
smoseri'm not sure oif that is right at all.15:31
smoserno, thats useful.15:32
smoserand if we populate templates/default-locale.tmp, we break that useful functionality15:32
utlemmingit is...but the values may not be valid (or generated), which breaks the userland experience15:32
smoserso we shouldn't be doing that at all15:32
utlemmingthen we need to generate all the locales15:32
smoserbut getting messgaes saying "you have invalid locale", to which a quick google would show you how to fix that15:32
smoseris much better than breaking for anyone who would know how to fix this situation the ability to fix it15:33
smoserie, our /etc/default/locale file means you cannot 'locale-gen your-locale' and then start using it via ssh.15:33
smoserbasically, cloud-init is insisting that all users of this system use the system locale when they ssh in.15:34
utlemmingyes15:34
smoserinstead of the default behavior on a non-cloud server, where it would work or they would get warned.15:34
utlemmingon a non-cloud, the locale would be choosen as installation time15:35
smoseryes (it is here too)15:35
smoserand on a non-cloud, you might ssh to a system that did not have your locales installed15:35
smoser(just as here)15:35
smoserthe difference is that on our cloud images, you cannot use your locale!15:36
smoser(without rm /etc/default/locale)15:36
smoserisnt that right?15:37
utlemmingI spoke with one of th locale folks a while back about coming up with a dynamic way to handle the installation of locales...and the concesus is that it would take a lot of work.15:37
utlemmingyes it the same situations between non-cloud and cloud, just felt more on cloud15:37
smoseractually wait.15:37
smoserthis is the same as it is on my desktoip system15:37
smoserthe install populated /etc/default/locale with LANG="en_US.UTF-8"15:38
smoserso we're doing what normal ubuntu server would do15:38
smoser(although that is generally sucky, i think)15:38
utlemmingone could argue that if your locale is hu_HU on the client, you'll likely have hu_HU on the server, so its not a problem there15:38
steakknifeAfter --set-selections on lucid, is there a standard way to trigger dselect without an upgrade?15:38
utlemmingand if you track the problem to the roots, the reason you can't override LANG is because of /etc/pam.d/sshd uses pam_env to force the LANG anyway.15:39
steakknifeutlemming: sounds like something that could be pushed out like ssh keys with puppet, but that would be work15:39
smoserutlemming, so... right now, my limited understanding of this...15:40
utlemmingsteakknife: perhaps, we need to solve the problem at a lower level than puppet since not all cloud users use puppet15:40
smoserin my opinion, i'd like to not touch /etc/default/locale (remove it)15:40
smoseryeahy15:40
smoserthis is not right15:40
smoserbecause ssh allows LC_* but not LANG15:40
smoserso you set default LANG because there was none15:41
smoserthat makes sense.15:41
utlemmingactually, in testing, LANG is passed15:41
smoseroh wait. it does15:41
smoseryeah15:41
smoseryou're reight15:41
smoserso really.. the way i think woudl be best to fix it would be to removfe that file and not touch it at all15:41
smoserwhich woudl suck15:41
smoserbut at least then, 'locale-gen $LANG' would make you happy15:41
smoseras it is, that wont work15:41
smoseroh.15:42
utlemmingoh?15:42
smoseri guess outside of dynamically installing locales... the best thing to do would be for ssh to look at the list of locales available, and muck your environment only if your settings didn't match the system you were ssh'ing to15:43
lynxmanjamespage: puppet new branch ready, what was the command you told me I should run? :)15:43
smoserutlemming, so heres what i think right now:15:43
jamespagelynxman, just push it to the merge proposal branch15:43
lynxmanjamespage: doing so15:43
utlemmingsmoser: I'll have to look at the debian bug...but that _is_ a bug upstream15:43
smoser * ubuntu cloud images default install is basically the same as a stock ubuntu server install15:43
smoser * adding LC_ALL to /etc/default/locale actually makes us not like stock ubuntu install, and makes it more difficult to use LC_ALL after installation of locales on the cloud image.15:44
smoseri agree that it sucks15:44
smoserand i will admit that i iprobably care less becauase i have the "proper" LC_ALL in my environment right now :)15:45
smoserdo you see what i'm saying though?15:45
smoserdoing this actually makes things different and worse.15:45
smoserin some way15:45
utlemmingalternatively, we could force LC_ALL=C15:45
smoserright, but that would be no better.15:45
smoserits just a different default15:46
smoserthat is also pre-installed15:46
utlemmingexcept that it is no internationally compatable15:46
utlemmings,no,now15:46
smoserwell, changing a default, and making it worse for some people and better for no people is not really progress.15:47
smoser:)15:47
lynxmanjamespage: overwrote branch, all yours15:47
smoserutlemming, do you agree with that ? or not?15:48
steakknifeBtw, see if I get the use case... is the goal to provide users with their locale, which may not be yet installed on a given box?15:48
utlemmingthis is a rock and hardplace, really. Fixing it in the cloud-images is the wrong place. I did mock up an /etc/profile.d script that magically detected and generated the right locale, but fixing it there is the wrong place too.15:48
utlemmingsteakknife: the goal is ensure that the SSH locale is generated and useable, to prevent userland problems due to invalid locale settings15:50
smoserutlemming, ok. now more quickly... i hope15:52
smoseron your other proposal15:52
jamespagelynxman, looking now15:52
lynxmanjamespage: cool :)15:52
Captain_ProtonI know this is not a ubuntu ? but I am running it on  a ubuntu server. I need some help with spf_record? here is my record : v=spf1 ip4:173.162.32.1 ip4:75.98.169.177 include:_spf.google.com -all15:59
jamespagebencer_, hows it going?15:59
Captain_Protonbut I still get alot of spam hit on the 173.162.32.115:59
Captain_Protondid I type it right15:59
steakknifeCaptain_Proton: i usually set an spf and a txt record, just to be sure.16:04
Captain_Protonis the syntax right?16:04
steakknifeCaptain_Proton: try http://www.kitterman.com/spf/validate.html16:05
smoserutlemming, Daviey i'd appreciate your input on my comments at https://code.launchpad.net/~utlemming/cloud-init/cloud-init.lc_all/+merge/9776816:15
hallynlynxman: this is quite the heisenbug.  I can't reproduce it today.  I'm going to mark my bug as confirmed, and comment about all the ways i couldn't reproduce it, and email the m-l16:24
hallynlynxman: thanks!16:24
lynxmanhallyn: no problem, glad to be of help :)16:24
hallynlynxman: let's see if any discussion gets spawned: https://www.redhat.com/archives/libvir-list/2012-March/msg00733.html16:40
lynxmanhallyn: *crossing fingers*16:41
Zx432I tryed to set static ip on my server to finally make it work (connect to internet) it does not work. Anyone willing to help a noob out?16:46
Captain_ProtonZx432, did you set dns in /etc/resolv.conf16:48
genii-aroundAnd possibly gateway16:50
Captain_ProtonZx432, it should be set by your dhcp server but if not  - nano /etc/resolv.conf and type this -- nameserver 8.8.8.816:51
Captain_Protongateway should be set in interface.conf16:51
Captain_Protonsorry interfaces16:52
genii-aroundYes, /etc/network/interfaces16:52
Captain_Protonguess he's sleeping :D16:53
Zx432Captain_Proton, yes I did.16:54
Captain_Protonc an you pastbin you interfaces?16:55
Captain_Protonhho  did you restart networking?16:55
genii-aroundZx432: Did you set IP to a valid IP ( not for instance ending in .0 or .255 )16:55
Zx432Network won't restart.16:55
Captain_ProtonZx432, /etc/init.d/networking restart16:56
Captain_Protonthen you have a typo somewhere16:56
Zx432Sistem plugged in router for now all ip-s should work.16:56
Captain_Protonlet us see you interfaces. it is something simple I am sure16:57
* genii-around prepares a new pot of coffee16:57
Zx432? How do I do that? Restarting gives me an error.16:58
Captain_Protoncat /etc/network/interfaces than copy and paste in http://pastebin.com/ and give us the link16:59
genii-aroundCaptain_Proton: If he can't connect, pastebin is probably not an option ;)16:59
Zx432First I need graphicall interface.16:59
Zx432And yes. No connection might be a problemm.17:00
Captain_ProtonZx432, are sitting in front of the computer that has the problem?17:01
Zx432Captain_proton: Yes. The problematic one has no connection. So I am naturaly using anotherone to talk here.17:04
Captain_ProtonZx432, ok then you type what you have in interfaces here so we can see where the problem is17:05
Zx432Ok17:06
Zx432/etc/network/interfaces17:12
Zx432#This file describes the network interfaces available on your system17:12
Zx432#and how to activate them. For more information, see interfaces(5).17:12
Zx432#The loopback network interface17:12
Zx432auto lo17:12
Zx432iface lo inet loopback17:12
Captain_Protonthat all that in there17:13
Zx432#the primary network interface17:16
Zx432auto eth017:16
Zx432iface eth0 inet static17:16
Zx432adress 192.168.1.11017:16
Zx432netmask 255.255.255.017:16
Zx432network 192.168.1.22517:16
Zx432gateway 192.168.1.117:16
Zx432That is all.17:16
Captain_Protonwell address is missing a "d"17:16
Zx432Anything else?17:18
Captain_Protonnetwork you do not really need but whatever17:18
Zx432Or do I fix that and try again?17:18
Captain_Protonfix the d will most likly make it work17:18
Captain_ProtonZx432, did that work17:20
genii-aroundI'm not sure if "network 192.168.1.225" is valid17:21
Captain_Protonyour right that would be broadcast network should be 192.168.1.017:23
genii-aroundbroadcast should end in 255 not 225 ...17:24
Captain_Protonbroadcst is 25517:24
Zx432File is read only?17:24
Captain_Protonsudo before you command17:24
Captain_Protonsudo nano/vim /etc/networking/interfaces17:25
Zx432Ok. Fixed, address and changed brodcast to 192.168.1.25517:30
Zx432Did I forget something?17:30
A-KOHow does one install the isc versions of dhcp4 and dhcp6 in Ubuntu?17:30
genii-aroundZx432: Did you spell it "brodcast" or "broadcast" ?17:31
genii-around( eg: avoid another typo ! )17:31
Zx432brodcast17:31
genii-aroundZx432: It should be "broadcast"17:32
genii-aroundZx432: ( in the file )17:32
Zx432Sorry english is not my native language.:)17:33
Zx432Ok now restart?17:33
Zx432Sudo /etc/init.d/networking restart?17:34
Captain_Protonno capital S just sudo17:35
Zx432Yes sorry. My phone did that automatic. Looks good now i ping something?17:37
Captain_Protonsweet17:38
Captain_Protonsudo apt-get update see if that works17:38
Zx432No17:42
Zx432I must have done something wrong.17:42
Captain_Protoncan you ping ggole.com17:43
Captain_Protongoogle.com17:43
Zx432Yes?!@:-D17:43
Zx432I can ping!17:43
Captain_Proton:)17:43
Zx432Now, why doesn't the update work?17:44
Captain_Protonwhat error did you get?17:45
Zx432Sec. How to stop pinging? Isn't it ctrl+c?17:45
Captain_Protonyup17:46
* Captain_Proton be right back17:46
Zx432It won't stop.17:46
uvirtbotNew bug: #956421 in openssh (main) "error in /var/log/syslog: "ssh[12586]: segfault at 0 ip 001c60e0 sp bfbf2508 error 4 in libc-2.13.so"" [Undecided,Incomplete] https://launchpad.net/bugs/95642117:47
Zx432There are pages of the same error. Eth0: mismatched ead page pointers 4c vs fa.17:48
Zx432Well it stopped now.17:48
stgraberhallyn: do we have a bug report for clean shutdown of LXC containers?17:48
stgraber(I just merged your branch in upstart and will upload in a few minutes)17:49
Captain_Protoncan you reboot it?17:54
Zx432Whole system?17:55
Captain_Protonyes17:56
Zx432Ok.17:57
Zx432It is alive!18:00
Captain_Proton:D18:00
Captain_ProtonZx432, all better now18:02
Zx432sudo apt-get update it clearly gets the updates but does it install them? It finished so fast.18:02
Zx432Almost no download.18:02
Captain_Protonnope then you do apt-get upgrade to update the system18:02
Captain_Protonupdate downloads the new package list18:03
Zx432Ah. Should i do that?18:03
Captain_Protonyes18:03
Picidist-upgrade will pull in all the upgrades.18:03
Pici!dist-upgrade18:03
ubottuA dist-upgrade will install new dependencies for packages already installed and may remove packages if they are no longer needed. This will not bring you to a new release of Ubuntu, see !upgrade if that is your intention.18:03
Zx432There seems to be a lot of upgrade/update commands...18:06
=== Lcawte|Away is now known as Lcawte
patdk-wkZx432, it's easy18:27
patdk-wkupdate = get current list of what is available18:27
patdk-wkupgrade = update anything that is currently installed18:27
patdk-wkdist-upgrade = update anything that is installed, that requires new stuff to also be installed18:27
patdk-wkkernel upgrades are going almost always be dist-upgrade18:28
ninjixany orchestra + juju users in channel?18:32
SpamapSninjix: you're more likely to find juju folks in #juju18:36
ninjixSpamapS: tnx18:39
=== Firebolt is now known as himself
=== himself is now known as Firebolt
adam_gdv310p3r: ping19:25
dv310p3radam_g, ping19:37
adam_gdv310p3r: oh jeez, sorry, pinged the wrong person!19:38
dv310p3radam_g, lol, figured so.19:39
koolhead17|away:)19:40
cr3is there a way to set the group of an existing ec2 instance?19:49
hallynstgraber: woohoo, just saw the power-chagned upstart uploaded :)  now i need to consider how best to use it.  copy the way debian does it through alternatives?20:07
stgraberhallyn: not sure what Debian does exactly, but I guess we should send SIGPWR to all containers, then enter a loop where every second we check if they're all dead. After let's say 45s, give up and kill them all20:09
stgraberI'm guessing Debian must be doing something similar20:09
smosercr3 set the group ?20:11
smoseradam_g, is there a bug associated with the postsint change at https://code.launchpad.net/~openstack-ubuntu-testing/glance/precise-essex-proposed/+merge/9796620:13
adam_gsmoser: yeah, thats the change that was applied to the ubuntu branch and cherrypicked into that one20:15
adam_gsmoser: i left the changelog entry out because its already present in the ubuntu branch, tho ill add it if it should be there20:15
smoserah. ok.20:15
adam_gsmoser: https://code.launchpad.net/~openstack-ubuntu-testing/horizon/precise-essex-proposed/+merge/97979  theres the final one. im going to hold off on melange, its building locally fine but failing in the CI20:21
smoseradam_g, ok.20:22
smoserso with the glance, what would be best i think is if you would have grabbed the precise change and change log entry20:22
smoserand committed that20:22
smoserandt hen added yours20:22
smoserbut i'll just insert the precise.dist one20:22
adam_gsmoser: ahh.. so we're good on that or you want me to update?20:26
smoseri've got it.20:26
smoserwe just dont want to delete the changelog entry20:26
smoseradam_g, python-quantumclient seemds to be missing some stuff also20:29
adam_gsmoser: what kinda stuf20:30
smoserlooking more20:31
smoserhttp://paste.ubuntu.com/886876/20:33
smoseradam_g, ^20:33
smoserthats diff of precise source (lp:ubuntu/precise/python-quantumclient) to lp:~ubuntu-server-dev/quantum/python-quantumclient/20:33
adam_gyeha20:34
adam_git looks like the ubuntu-server-dev is not in sync20:34
adam_gsmoser: we should create a lp:~ubuntu-server-dev/python-quantumclient/essex like all the others, not sure why that one differs20:34
smoserright.20:35
adam_gsmoser: can you push a clone of lp:ubuntu/precise/python-quantumclient  there, ill create a -proposed and resolve the diff20:35
smoserwell, this is hwere i gets hairy20:35
smoserthe lp:ubuntu/precise/python-quantumclient are full branches20:36
smoserbut the ones on ubuntu-server-dev are packaging only20:36
smoseri'll try to sort it out and get something to ubuntu-server-dev.20:36
adam_gsmoser: oh i see, so that package isn't setup for this kinda workflow yet?20:39
smoseri guess not. do you know who initially did that ?20:39
smoserbah, adam_g last pastebinit was garbage20:41
smoserhttp://paste.ubuntu.com/886884/20:41
smoseris better.20:41
smoserbut i'll resolve20:41
adam_gthanks20:43
cr3smoser: I can start an instance with a security group but what if I want to chnage that group for an existing instance later?20:47
smoserhm... maybe you can take a hike20:47
smoserhttp://serverfault.com/questions/237557/how-to-change-an-ec2-instances-security-group20:48
smoseryeah, looks like you can take a hike, cr320:48
cr3smoser: I suspect there's a play on words there but it's totally lost on me; I blame it on my 300-word vocabulary20:51
smosergo jump in a lake?20:51
smoserhm...20:52
smosercr3, i think this is correct:20:53
smoserSecurity Groups are being assigned to an instance at creating it. Once the instance is running, you cannot assign more groups nor can you remove groups from a running instance. You can only change individual rules in security groups.20:53
smoserhttp://blog.taggesell.de/index.php?/archives/68-Managing-Amazon-EC2-Networking-In-The-Cloud.html20:53
smoseradam_g, it looks like zul must have synced from debian on that.20:55
adam_gsmoser: hmph, okay20:56
=== erichammond1 is now known as erichammond
smoseradam_g, woudl you be opposed to waiting for chuck on this ?21:00
adam_gsmoser: not at all21:00
smoserit seem smostly resolvable.21:00
smoserbut the the debian/copyright has changes..21:00
adam_gsmoser: yeah, quantum has been largely chucks deal anyway. first time touching those packages for me21:01
smoserwell, i'm gonna leave that one.21:01
smoserok.21:02
smoseri have21:02
smoserglance  keystone  nova  python-keystoneclient  python-novaclient21:02
smoserdone21:02
smoserwhat else was there?21:02
* med_ perks up his ears on the quantum stuff and reads scrollback.21:02
adam_gsmoser: horizon21:03
smoserk. i'll get horizon and swift too.21:04
adam_gyeah, swift... just merge james' proposal, im not going to do a new upstream release till we know whast going there21:05
adam_gsmoser: are we good on the rest? i need to run an errand downtown and probably wont be back till youre EOD21:12
smoseri have swift and horizon i should be abel to get.21:12
Davieysmoser: last quatum upload introduced a new binary package, which contained a moved bin from another package.  It didn't have appropriate Breaks.. so it was rejected.21:41
=== alaing is now known as funkymonk
KM0201whats the command to move a folder (with data) to another location?   mv /path/to/folder /path/to/destination   keep stelling me "the directory is not empty" so i'm assuming i'm missing a switch23:14
=== bladernr_ is now known as bladernr_afk
stgraberhallyn: can you push your latest lxc upload to the udd branch?23:36
stgraberhallyn: did it the old school way :)23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!