[00:10] hallyn: http://paste.ubuntu.com/894479 [00:10] hallyn: any ideas? [00:16] Daviey: http://paste.ubuntu.com/894473/ that testing override look reasonable? [00:22] adam_g: no, that shouldn't be happening... [00:22] Daviey: bug 891232 [00:22] Launchpad bug 891232 in numactl "[MIR] numactl" [Undecided,Fix released] https://launchpad.net/bugs/891232 [00:23] adam_g: is your system uptodate? i'll try a fresh instance... [00:23] adam_g: unless you have other files under /etc/apparmor.d/lxc that you created... [00:24] hallyn: strange, this happened on one of the CI nodes, the same version installed fine across all of the other nodes, though. [00:24] adam_g: disconcerting [00:24] are they all using hte same mirror? [00:24] i know juju is the one installing lxc, wonder if its doing anything strange [00:25] hallyn: ok, thanks.. i bumped the status back, which makes it show on the tracking page [00:26] adam_g: looks good, not tested it.. It's a shame there isn't a helper in the upstream src [00:26] adam_g: is that instance still up? [00:27] adam_g: if so, can you pastebin /etc/apparmor.d/lxc-container and /etc/apparmor.d/* ? [00:28] hallyn: sure one sec [00:29] Daviey: cool. seems to work just fine with jenkins builds [00:29] i've gotta run out actually, backin awhile [00:31] hallyn: o/ [00:35] hallyn: gonna tear down and redeploy, see if its a fluke. here is /etc/apparmor.d/ for you if interested, http://people.canonical.com/~agandelman/apparmor.tar [01:00] adam_g: thx [01:02] adam_g: really if it happens again, probably best to file a bug against lxc and mark it as also affecting apparmor (bc the files look fine, so it sounds like a transient error in the apparmor_parser) [01:03] hallyn: ill keep an eye out for it, so far so good [01:06] hallyn: http://people.canonical.com/~ubuntu-archive/livefs-build-logs/precise/edubuntu-dvd/20120322/livecd-20120322-i386.out [01:06] hallyn: Edubuntu DVD build failed because of the new lxc's postinst [01:07] hallyn: http://paste.ubuntu.com/894524/ is the important part [01:09] stgraber: so apparmor is installed but not active? why couldn't it find the fs? [01:09] maybe i'm supposed to use /lib/init/apparmor-profile-load [01:10] jdstrand: in a postinst, should i be using /lib/init/apparmor-profile-load in place of apparmor_parser? [01:10] jjohansen: ^ [01:11] hallyn: well, that's in a live-build environment so a chroot in a chroot on an older kernel :) [01:12] hallyn: apparmor is indeed insalled in that chroot but certainly doesn't match the version in the kernel (probably 2.6.24) and no services are running as it's a chroot using policy-rc.d to prevent anything from starting [01:12] so not your everyday use case except it's what we have on the CD builders and so it needs fixing before we can get dailies again :) [01:13] stgraber: using apparmor-profile-load would check for the fs, but not kernel compatibility. so not sure that'd be 100% fix [01:13] will push a fix as soon as i get guidance :) [01:14] stgraber: open a bug? [01:14] note i won't be in tomorrow [01:15] ah [01:15] maybe i can check /sys/kernel/security/apparmor/features/mount/ [01:15] stgraber: is it possible for you to walk into such a chroot and see if /sys/kernel/security/apparmor/features/mount/ exists ? [01:16] hallyn: no, these builds run on a livefs builder in the DC and are flushed immediately when they fail [01:16] stgraber: will they try to build+run a container? [01:17] hallyn: I'll have a quick look through the log to see if I can find some information on /sys/kernel/security/apparmor/features/mount/ [01:18] hallyn: my guess is that nothing in /proc or /sys is mounted [01:19] stgraber: ok i'll do the checks by hand. i also will update lxc-start bc i suspect it'll break you as well. [01:19] hallyn: hmm, actually based on the logs /proc and /sys are mounted, no mention of securityfs though, so probably not mounted (unless some packages do it) [01:31] stgraber: http://paste.ubuntu.com/894544/ is for the postinst part [01:31] I'm going to add a patch to start.c before pushing [01:32] stgraber: opinion q [01:33] stgraber: if a transition to container polciy fails, should we just ignore it? [01:33] New bug: #961824 in lxc (universe) "Edubuntu DVD livefs builds failed because of lxc failing to install" [Undecided,New] https://launchpad.net/bugs/961824 [01:33] ah [01:36] hallyn: the problem isn't "on livecd" it's "on the livecd builder" [01:36] hallyn: I think running lxc on the livecd will probably work fine [01:37] stgraber: the reason i'm worried is that it *looks* as though apparmor policies don'et get loaded on livecd [01:37] (look at /lib/init/apparmor-profile-load) [01:38] soi want to quickly check, before we start loading the container, if apparmor module is loaded and we're in lxc-start profile, and skip the transition if not [01:38] hallyn: ah, indeed, I guess no apparmor in the live environment was to make things faster [01:39] well ok maybe i should push this fix, so you can get it built, and then we can fix lxc-on-livecd next (and try to do it properly) [01:39] hallyn: running /lib/init/apparmor-profile-load would make sense as we'd avoid some code duplication in the process, unless it's bad to do that for some reason [01:39] it still doesn't check for mount support, so it's not really enough [01:40] inf act i guess the upstart job should be fixed to check for that too [01:41] oh, but we can't [01:41] can't be sure securityfs is mounted [01:45] stgraber: heh i was being dense. so yes switching to that, as per http://paste.ubuntu.com/894559/ [01:47] hallyn: looks good [01:53] hallyn: hrmm I honestly don't know, I will have to defer to jdstrand, I still haven't dug into the debian packaging end of things. Its one of those perpetual I look at it this cycle ... things [01:54] jjohansen: I'm feeling pretty good about the patch i'm whipping up :) [01:54] jjohansen: will you be around in a few mins to proofread? [01:55] hallyn, stgraber: apparmor was pulled from the livecd environment ages ago because of unionfs issues actutally, and it was never reinstated because it wasn't considered to be important there [01:55] hallyn: yeah I'll be around, I just got back from dinner [01:55] jjohansen: that's funny, bc i thought it was a regression when overlayfs didn't work with it. But now I see why it was never found :) good good [01:57] hallyn: actually it is a regression, it works with aufs, and unionfs. I know why its not working with overlayfs but get a proper fix (not attach_disconnected) just isn't going to happen this cycle. === Ursinha is now known as Ursinha-away [01:58] the unionfs bug is back when I was at Novell and Ubuntu tried switching to unionfs 2.1 instead of 1.4, it was buggy and crashed and they endup pull AA to try fixing it and then reverting to unionfs 1.4 in the end but not restoring AA [01:58] jjohansen: oh noes. what the heck do the contents of /sys/modules/apparmor/enabled mean? [01:59] why is it 10 instead of 1 [02:00] hallyn: 10? It should be Y [02:00] hmm, when i read it as %c it's 'm' [02:00] gah [02:01] sorry. my bad [02:04] runlevel 2 is entered AFTER rc-sysinit right? [02:10] jjohansen: http://paste.ubuntu.com/894576/ is what I'm looking at... [02:10] jjohansen: pls critique :) [02:11] SYSF sounds like its missing an -S [02:12] oh is that why it looked funny :) [02:12] Why are you binding it to a variable if you only evaluate the variable once? [02:12] to keep the condition easy to read? [02:12] and under 80 cols [02:12] over-conditioned [02:13] I have a coworker who does things like [02:13] PATH_TO_ETC_EXPORTS=/etc/exports [02:14] :) [02:14] FWIW, type is not SUS portable, nor is which. But Debian is (AFAIK) guaranteed to have both. I would generally use which on Debian because that seems to be the convention. [02:14] i suppose if it's going to be dereference tons of times... [02:14] (I'm assuming the postinst is #!/bin/sh and not #!/bin/bash [02:15] twb: oh, i always used which in the past, [02:15] It's merely a style issue [02:15] then saw type, and thought "huh, must be som ereason they're using that" [02:16] If the existing code is already using type you might as well keep to that convention [02:17] Typo: 94 ++ INFO("apparmor not emabled"); [02:17] d'oh, landed my var decl inside a long #else [02:17] thanks [02:17] Does this affect both lxc-start and lxc-exec? And if so, does it DTRT for both cases? [02:18] (I'm looking at the patch part but it's beyond my expertise.) [02:21] twb: they both use lxc_start() from start.c. so it should, and seems to be here [02:26] hallyn: twb has caught more things than I did [02:26] twb: ah, but, it doesn't [02:26] the lxc-init wants to mount /proc and /sys. it's not allowed to [02:27] hallyn: there is an aa_is_enabled fn if you want, but your rolling your own is fine [02:27] I WIN [02:28] jjohansen: d'oh! i looked for a manpage but couldn't find anything like that [02:28] paranoia strikes again [02:28] guess i only tried aa_enabled [02:28] jjohansen: i trust aa_is_enabled would be more robust? [02:28] hallyn: hrmm, sorry they really should be bread crumbs between the different man pages but that one seems to be missing [02:29] right i looked for 'see also' in the others :) [02:29] hallyn: heh, it does much the same thing but includes a search of mount points in case things get mounted else where [02:30] how often do they get mounted elsewhere? [02:30] my inclination is, if they're mounted elsewhere, we want to disable aa for containers... but not sure [02:30] but I think most of the scripts would break if things weren't mounted at /sys [02:30] hallyn: call it a hold over from by gone times before securityfs [02:31] hallyn: like I said rolling your own is fine [02:31] I really don't see a need to change it [02:32] hallyn: I guess it does let you detect a little more about how/why apparmor is disabled [02:32] eg. available but disabled at boot [02:32] stgraber: I really think we'll want to allow containers to mount proc ->/proc and sys -> /sys just to reduce # of complaints [02:33] hallyn: yeah, I didn't do it because it worked without it [02:33] hallyn: but it's safe to allow so no problem with that [02:34] stgraber: the only reason i'm hesitating is they'll just want to mount devpts next (and that they cant) [02:35] hallyn: you could add a generic "deny mount fstype=devpts," with a comment explaining why we never want it [02:35] all right i'm adding it [02:35] good idea (long as it doesn't confuse apparmor) [02:35] it'll silence anything trying to do it and if they look at the profile they'll see why [02:35] stgraber, hallyn: so I working through the fixes for change_onexec, and the deny mount bug. They should be in tomorrows up load [02:36] New bug: #961839 in postfix (main) "FFe - Sync latest postfix release (2.9) from Debian" [Wishlist,Triaged] https://launchpad.net/bugs/961839 [02:36] jjohansen: great, thanks! [02:36] hallyn: as well as the getcon fixes I have [02:37] stgraber: there is a small syntactic change to the mount rules [02:37] jjohansen: ah? [02:37] the options bit is picking up another keyword [02:37] wait - what is the deny mount bug? [02:38] will i hit it if i'm adding 'deny mount fstype=devpts" ? [02:38] hallyn: "deny mount..." won't match with the current apparmor [02:38] hallyn: it doesn't always result in the correct denial at the moment, depending on the options being set [02:38] will it deny a different mount potentially, or just not deny it? [02:38] the latter's ok, the former is bad :) [02:38] not that I could see [02:39] hallyn: no that should not cause a problem [02:39] cool [02:39] ok, testing http://people.canonical.com/~serge/debdiff [02:39] stgraber: so you can do option=(X, Y) that means this rule requires those options be set to match [02:39] and you can do [02:40] options in (X, Y) [02:40] meaning any of the options can be set [02:40] i dn't envy the person who's going to document that :) [02:41] heh, no. Its ugly, we kicked around a lot of different ways to express it, and decided that with the current time frame ... [02:42] jjohansen: oh, that's nice, the "options in (a, b)" will definitely be useful for stuff like devpts [02:43] stgraber: yeah, it has its uses [02:43] especially around writing deny mount options in (X, Y, Z) [02:44] hallyn, stgraber: we will be looking at revising the syntax for the next release, so any improvements you can think of are more than welcome [02:44] pls keep me posted if it's going to require lxc chagnes to keep up :) [02:45] d'oh. stgraber: another thing occurred to me- would be good to get apport info into lxc [02:45] hallyn: we plan to keep it backwards compatible, so changes should not be required but if you have something you would like I would like to hear about it [02:46] the current syntax is an uncomfortable compromise [02:50] will think about it, thanks [02:50] (long drive tomororw, time to think :) [02:50] ok i think i'm pushing [02:51] debdiff looked good, didn't look the C change too closely though but I'm sure you tested it so it probably won't be any worse at least ;) [02:52] and *that* should be my last upload before this freeze :) [02:53] now i can go back to fretting over how brittle libvirt and qemu feel [02:54] I'll do some LXC tests tomorrow now that the installer sprint is over, if I find something broken I'll fix it [02:55] great, thanks [02:55] hm, so server guide string freeze is tomorrow [02:55] so i have tonight to get in an update to the lxc section about apparmor [02:56] lxc is only affected by beta2 freeze because it's part of Edubuntu but as I'm the product manager for Edubuntu I should be able to get something trough even post-freeze time if needed (as long as I have time to test the new images) [02:56] I believe someone asked for a later freeze time of the server guide, hold on a sec I'll dig a link [02:56] that'd be great [02:57] (i suppose we can always just put that documentation on the wiki and integrate into server guide later) [02:57] hallyn: https://lists.ubuntu.com/archives/ubuntu-release/2012-March/000991.html [02:57] for middle-of-the-night driving, it helps staying awake to think through a paper or docs to write [02:58] cool, thanks. that also gives me time to review the libvirt part [03:15] good night, see you all friday === nonotza_ is now known as nonotza === himcesjf1 is now known as himcesjf [07:21] New bug: #961115 in update-inetd (main) "update-inetd failed due missing File/Temp.pm during samba upgrade" [Undecided,New] https://launchpad.net/bugs/961115 [07:55] smoser, No, smb usually has no ideas after sensible working hours and even more on Wednesdays. ;) [08:20] hi all === himcesjf1 is now known as himcesjf [08:57] Ive followed the guide on ubuntu, for setting up Samba fileshare - so I can map a drive on my windows machine to the ubuntu virtual machine. I can ping the ubuntu machine, but cant map the drive, it says network error. does the ubuntu virtual machine need a static ip address for this? [08:59] hey guys [08:59] great work on openstack btw - I've got Ubuntu 12.04 running Essex: Nova, Glance, Keystone, Horizon and Swift [08:59] wanted to make sure that your efforts are not going unnoticed [09:03] uksysadmin: :D [09:15] openstack? [09:16] interesting [09:18] ejv: i was execting "O WAO" reaction TBH :) [09:18] *expecting [09:23] my top bar with menues wont show on 11.10??? [09:23] how can I get it to show? [09:24] * koolhead11 points Znow to #ubuntu [09:29] how do i install third party drivers from the command line in ubuntu server? [09:29] I need my broadcom wireless driver to work [09:36] morning all [09:39] sorry i haven't drank the cloud koolaid just yet koolhead11 ;) [09:39] ejv: :P [09:49] Hi all. might not be the most appropriate chan to ask in, but has the UCP programme been cancelled? I still find some info about it, but seems outdated... [09:53] bencer_, binary packages just got accepted - should appear in the archive in the next couple of hours [09:57] thevinci: the jockey-common package will give you a jockey-text command which I think is the equivalent of the GUI tool for proprietary drivers on the desktop, but I've never used it (I avoid that kind of hardware). That might be a starting point. Or you could do whatever jockey does manually - perhaps there's a package in the archive for your hardware? [09:59] morning o/ [10:01] jodh, whats the recommended way to disable an upstart configuration these days? [10:02] jamespage: http://upstart.ubuntu.com/cookbook/#disabling-a-job-from-automatically-starting [10:02] jamespage: specifically, http://upstart.ubuntu.com/cookbook/#override-files [10:02] jodh, was just reading that - thanks for the confirmation === fenris is now known as Guest95871 [10:14] New bug: #962001 in autofs5 (main) "Nfs mount hangs while automounting home" [Undecided,New] https://launchpad.net/bugs/962001 [10:26] jodh, are you around for a question about wait-for-state? [10:27] jamespage: that's one of SpamapSs, but you can try :) [10:31] jodh, OK - just let me frame my question [10:35] jodh, actually I think I just answered by own question - I;m looking at a bug in the autofs startup [10:38] jamespage: ok. I've raised bug 962047 as wait-for-state needs to be documented both in a man page and the cookbook IMHO. [10:38] Launchpad bug 962047 in upstart "document wait-for-state" [Undecided,New] https://launchpad.net/bugs/962047 [10:38] jodh, I think by default wait-for-state waits for the 'started' event - which stops autofs restart if ypbind is installed and already running [10:39] I think that if I target WAIT_STATE=running that should do the trick [10:39] hi, i'm upgrading 8.04 lts to 10.04 lts (do-release-upgrade). It's near the end I think, it just restarted PowerDNS and now nothing is happening... haven't seen output in 10 mins or something any ideas? [11:06] hello all [11:07] I've just been in a meeting with some of our folks over RabbitMQ HA options... what is the best resource, person to have a chat to pick the brains on what we want to achieve? [11:07] * koolhead11 points uksysadmin to lynxman :P [11:08] * lynxman feels pointed at [11:08] * uksysadmin will get one of our guys to ping lynxman if he doesn't mind... [11:09] uksysadmin: it's fine :) [11:09] lynxman: best coming from them on what they want to set up, what they have setup and what challenges they came up against. [11:09] they're not on irc atm, but I'll send them you're way when they are. [11:10] uksysadmin: BTW lynxman is in UK too. [11:10] * koolhead11 hides [11:11] lol [11:11] helps with timezones :) [11:12] uksysadmin: it does ;) [11:13] * koolhead11 needs extra beer from lynxman when he meets 4 that [11:19] anybody knows if there is a deb package for java 1.5 sdk available somewhere that can be used on ubuntu 12.04? [11:20] is there any way to prevent apparmor from returning? Just ran a apt-get dist-upgrade and in reinstalled (and started) apparmor [11:20] apparmor screws plesk over badly unfortunately === jtv is now known as mup === mup is now known as jtv [12:08] I HATE BROADCOM DRIVERS! [12:08] Can anyone help me figure out hoe to get my ubuntu server laptop connected to the wireless internet? [12:09] thevinci: checkout the desktop guide, the process is the same [12:09] from command line? [12:10] I installed b43-fwcutter from the desktop cd [12:10] but it's saying i need other firmware drivers that i can't find anywhere... === Ursinha-away is now known as Ursinha [12:18] uksysadmin: Glad to hear things are working out for you :) [12:18] uksysadmin: I think some of the frustrations you have been feeling has been lack of doc's, meaning that often the wrong this has been done by the end user. [12:18] Hopefully, by release - this will be easier. [12:18] hey all. does anyone know the recommended approach to upgrading apache in 10.04 LTS? i thought there'd be a backport but i can't find one [12:19] Daviey: I think so too [12:19] keystone -> redux didn't help [12:21] uksysadmin: no.. that was more painful than we hoped. [12:21] uksysadmin: It's so easy to go down ratholes with this :/ [12:21] Daviey: indeed! [12:22] BUT - the upshot - OpenStack is alive and kicking on 12.04 - that's some achievement. [12:22] uksysadmin: Great job! [12:22] uksysadmin: What is your install method? [12:23] closing eyes and praying [12:23] ;-) [12:24] at the mo - scripted apt-get installation [12:24] hoping to get some Canonical love though for when we do this for real though [12:24] uksysadmin: sounds great :) [12:25] uksysadmin: Have you documented your workflow? [12:26] if I was a developer, I'd say yes ;-) ... its work in progress [12:26] * uksysadmin goes to get free pizza [12:27] uksysadmin: Can i have free pizza? [12:28] Daviey: i saw the keystone ftbfs this morning once of the requirements is to have a working MIR however in order to test the keystone that failed you need to have swift installed and there is a fix for it proposed but it uses a git checkout to get swift [12:28] zul: linky? [12:29] to the MP [12:29] just a sec [12:29] https://review.openstack.org/#change,5595 [12:57] kirkland, around ? [12:58] lynxman, ? === smb` is now known as smb [13:01] New bug: #962150 in openvswitch (universe) "openvswitch-datapath-dkms neads linux-headers" [Undecided,New] https://launchpad.net/bugs/962150 [13:02] lynxman, well, when you see this.. [13:02] http://bazaar.launchpad.net/~orchestra/orchestra/trunk/revision/61 [13:02] that seems like you added the rsyslog stuff. [13:02] and i'm trying to move it to maas === bladernr_afk is now known as bladernr_ [13:16] Daviey: so you dont like the polling? [13:19] zul: if poll doesn't scale to the regularity of the baud of the serial console being reasonabnle to fill up the disk :) [13:19] OTP btw [13:19] Daviey: k so daemon then? [13:20] smoser: http://bazaar.launchpad.net/~orchestra/orchestra/trunk/revision/61/monitoring-server/etc/rsyslog.d/99-orchestra.conf <-- dump to disk [13:20] Daviey, yes, i just had some questoins about that. [13:20] i'm thinking i'm not going to bother with gnutls at the moment. [13:20] its boot logging only [13:20] smoser: agreed [13:20] so, mark this place in your irc history [13:20] so you can come back and blame me [13:20] :) [13:20] :D [13:21] the thing htat sucks here. [13:21] i think we're baically going to open up a udb listening rsyslog server [13:21] udp [13:21] that will log whatever traffic anyone wants [13:22] and fill /var/log appropriately [13:23] smoser: notice the paths? [13:23] different files for each node [13:23] so? [13:24] different files for each attacker? [13:24] well thats convieneint [13:24] smoser: make sure it's not dependant on hostname.. as it can chane easily. [13:24] change* [13:24] smoser: just pointing it out [13:24] not dependant on hostname ? [13:24] why? [13:24] its useful [13:24] i was just putting everything into [13:24] /var/log/maas/rsyslog/OSTNAME%/%$YEAR%/%$MONTH%/%$DAY%/messages [13:25] (no need to separate, i dont think) [13:27] so this is what i've got right now [13:27] http://paste.ubuntu.com/895081/ [13:28] smoser: HOSTNAME isn't stable [13:28] i dont like the hostname/$year/$month/$day/meesages [13:28] there needs to be another metric [13:28] why? [13:28] smoser: it can change too easily.. [13:28] so? [13:28] are you trying to be safe against an attack ? [13:29] smoser: i'd rather it used the UUID :) [13:29] smoser: no, just consistent logging locations for each node [13:29] sorry for being sparse, OTP [13:30] http://www.rsyslog.com/doc/property_replacer.html [13:30] thats what we can use [13:30] without modifying the syslog support in the installer to read a kernel parameter that is passed (UUID) [13:31] maybe fromhost-ip ? [13:34] smoser: UUID is certainly more interesting.. but right.. do what you think is best :) [13:34] uuid is also a helluva lot more difficult to find [13:35] oh look, host 972035b7-f428-4127-8f0c-582d948c6a79 logged a message [13:35] let me go to that host [13:37] smoser: around! [13:37] well, see my pastebin above. [13:38] do you think that is a sane rsyslog config ? [13:38] smoser: yeah, rsyslog according to the MaaS design (let me know if somehting has changed) should only be installer logs [13:38] Daviey: we're still set on that right? [13:38] yes please, for now. [13:38] lynxman, that is correct. [13:39] smoser: it looks like a sane rsyslog conf [13:39] smoser: although messages will filter, you still need something else [13:39] k. [13:39] curious [13:39] smoser: *looks around* [13:39] why are there 2 ? [13:40] why did orchesta logging server have 2 configs [13:40] install time, and long term. [13:40] ? [13:41] smoser: it has one per client and one to the server, we didn't fully cover install time [13:41] smoser, Daviey: We just need to know the install time channel and divide that into local and not local, then filter it from the rest, should do [13:43] smoser: otherwise any message to let's say user.* will go both to local and remote file locatios, the filter is not exclusive and needs to be explicitly filtered out [13:43] smoser: I'll be around in case I can be of help :) [13:43] lynxman, right now, boot logs go both places [13:43] in orchestra [13:43] they go to syslog and to the remote [13:43] were you saying that was not intended ? [13:43] anyone want to test something for me and maybe open a bug ? [13:44] smoser: that was not intended indeed :) [13:44] i am under the impression that virtio net and possibly virtio disk are considerably slower in the guest [13:44] in precise compared to lucid [13:44] smoser: can do later today, right now I'm heads down doing a juju openstack install [13:44] i would like someone to (with precise host) boot kvm guests of both and prove me wrong or right. [13:45] smoser: could do :) [13:45] smoser: as soon as I got this hammered I'll be glad to [13:45] (on canonistack, it seems to me that i can hit almost 50M/s writing to /dev/null in lucid, but only half that or worse in precise) [13:46] lynxman, http://paste.ubuntu.com/895099/ [13:46] that is how you stop messages from going to the default location [13:48] hallyn, So it seems bug 929626 which I thought was virt-manager might actually be a libvirt issue. mdeslaur found a rh bugilla with a good lead: https://bugzilla.redhat.com/show_bug.cgi?id=746007 [13:48] Launchpad bug 929626 in libvirt "virt-manager misses xen guests shutting down" [Undecided,Confirmed] https://launchpad.net/bugs/929626 [13:48] bugzilla.redhat.com bug 746007 in libvirt "After using 'shutdown' on a xen guest, virt-manager still reports guest is running" [Unspecified,Assigned] [13:50] hallyn, Would you know better which area needs inspection when an acquired object seems not to get certain updates? [13:56] smoser: I know, the difference is that you have messages coming from the same syslog channels, so you need to define both remote and local and then filter out :) [13:57] lynxman, so you're syaing that the same does not work ? [13:58] i just assumed i could put the & ~ after the last matching condition [13:58] and it would drop it [13:58] basically i though "& ~" meant "drop this message if the last condition was true" [13:58] so... [13:58] http://paste.ubuntu.com/895109/ [14:00] smoser: as far as I know you're dropping the channel, although that is a filtering rule... [14:01] smoser: let's try that and see how it goes :) [14:05] New bug: #962189 in openvswitch (universe) "dkms module is not automatically rebuild when installing new linux-image package" [Undecided,New] https://launchpad.net/bugs/962189 [14:24] ttx: around - have a question about milestone-proposed branches for https://github.com/openstack/* [14:24] jamespage: yes [14:24] ttx: coolio [14:25] ttx: so we have had a few issues in the Ubuntu OpenStack CI lab with FOLSOM opening for dev - most of which we have resolved by switching to the milestone-proposed branch [14:26] I just wanted to understand what the Openstack approach to master/milestone-proposed branches was between now and release so I can update the test configurations correctly [14:26] So the RCs will be generated in the milestone-proposed branches [14:26] at release time we'll cut stable/essex branches [14:26] and hand them to stable maintenance team [14:27] ttx: OK - that was what I expect to happen. [14:27] the trick is everyone is not using mliestone-proposed branches yet [14:27] since keystone is not RC1 yet [14:27] ttx: so I noticed [14:27] so you should actually use "milestone-proposed and master if not" [14:27] ttx: OK - thats what we have been doing [14:28] I hope keystone will be RC1 today [14:28] ttx: https://github.com/openstack/python-novaclient/branches is giving us a few issues as folsom has opened but no milestone-proposed? [14:28] does this apply to core projects only or all projects? [14:29] hmmm [14:29] there should be one [14:30] https://github.com/openstack/python-novaclient/tree/milestone-proposed [14:30] and there is ^ [14:30] it wasn't committed to, though [14:30] since novaclient didn't need Final=True pushed to it [14:30] so maybe it didn't trigger on your side === jvdz_ is now known as jvdz [14:32] ttx: hmm - showing my lack of git knowledge now - thanks for pointing that out [14:35] ttx: OK - think I'm all set now -thanks for the advice (see you in a couple of weeks!) [14:36] np, see ya [14:38] hi all, my ssh speed is too low how i can speed it up? [14:53]