/srv/irclogs.ubuntu.com/2012/03/23/#ubuntu-server.txt

pukekohow ?00:00
tarvida mixture of www, ftp and ssh00:00
pukekofrom internal network or ext ?00:00
tarvidexternal00:00
tarvidssh I suspect was password cracking]00:01
pukekowhat do you mean by that ?00:01
tarvidconstantly trying to log in?00:01
pukekowhere you limiting the attempts etc ?00:02
tarvidiptables00:02
pukekosshd_config00:02
pukekoand iptables00:03
tarvidno I don't want to bother with auth, I just want to dsrop the packets00:03
tarvidI don't want them to even know whawt doesn't work00:03
tarvidthis box does dns for my domains to the world and nat for the boxes behind it00:04
pukekoare you writing the iptables script yourself ?00:04
tarvidI need administrative access from other locations00:04
tarvidyes00:04
tarvidhard enough to understand when you write your own00:04
pukekogood whay to learn though..00:04
tarvidold dog new tricks00:05
tarvidhotel california00:05
tarvidi've been in networking 101 25 years00:05
pukekomakes "learning" something like Pfsense a walk in the park00:05
tarvidwhat does that do00:06
pukekohttp://pfsense.org/00:07
tarvidah, i have been ubuntu monogamous00:07
tarviddid try one of those distros about 5 years ago00:08
pukekoits easy peasy - only gets abit weird if yr installing onto a softraid00:08
pukeko"they" use different naming convensions00:08
tarviddoing a softraid install of 12.04 as we chat00:08
pukekoserver ?00:09
tarvidrun into that on my pbx box00:09
tarvidyes00:09
pukekowhat pbx dist you use ?00:09
tarviderasing the md at the moment should finish by morning00:09
pukeko..you can set it up in "disabled" mode load the data and "fix' the md later of course ..00:10
pukeko: )00:11
tarvidmdadm create failed so I am building the md first00:11
pukekowhat sort of machine is it ?00:12
tarvidI suspect replacing a failed rive would go better00:12
tarvidpentium 4 socket LGA 775 sata drives 2GB00:13
tarvida gift00:13
tarvidall I have to do is replace the stock colling fan00:13
tarvidcooling00:13
tarvidi thanked them for the machine and they said free like in free cats00:14
pukekobtw anyone here have any thoughts regarding my samba sync query above ?00:14
pukekohehe00:14
tarvidwish I did, I have a samba based nas at home00:15
tarvidubuntu windows at home00:15
tarvidubuntu mac osx at the condo00:15
pukekoonly one and a quarter hours to go before beer oclock00:15
pukekobarbeque and beers at 3 !!!!00:17
* pukeko pretends to get back to work00:17
* pukeko rolls up sleeves and frowns a lot00:18
pukekobut seriously ... better get back to it .. catch you later tarvid00:18
micahgDaviey: SpamapS: I don't see a backport of apache being possible it just breaks too much00:29
adam_gDaviey: fyi, i think those swift bugs from earlier may be specific to the diagnostic tools and not swift itself. ive just xfered ~25GB on  precise swift cluster w/o issue01:39
pukekoi have 2 samba servers i want to keep in sync - which other files/dirs do i need apart from /etc/samba/* /etc/group /etc/passwd /var/lib/samba/* ?01:46
pukeko*one of the servers has the smbd service disabled so no clash01:47
=== KM0201 is now known as hello
=== hello is now known as KM0201
jtranhey all.  i have 4 ubuntu natty servers all installed the same method.   3 of them automatically load 'bonding' module, verified via lsmod bonding.    however, 1 of them does not.   i've verified it has ifenslave pkg installed.   insmod bonding:    insmod: can't read 'bonding': No such file or directory03:19
jtranany idea why this is happening?03:19
axisysis it possible to get 3Gbps write with disks ? may be with raid1003:27
twbProbably not on whitebox hardware03:28
qman__dependent on a lot of factors, but if you get some SSDs and raid, you can probably do it03:29
axisysqman__: how do I benefit from ssd with ext4 or ext3 may be? I know how, with ZFS03:30
qman__the current gen SSDs simply have faster data rates than hard disks03:30
axisystwb: how about with sun hardware or some other.. company is looking to purchase it03:30
qman__and would be possible to achieve that level of speed, with the right controller, and the right configuration03:30
axisysqman__: can you do hybrid (disk + ssd)03:31
qman__that's a whole mess I want none of, personally03:31
axisysqman__: with linux's available fs ?03:31
qman__but some people do it03:31
twbaxisys: I was thinking more like non-persistent RAM03:31
qman__simple fact is, though03:32
axisysqman__: with zfs you can setup hybrid .. where write log part of raid can be ssd.. never done anything like this in linux03:32
qman__a hybrid system doesn't give you anything that more RAM wouldn't do better, cheaper, with less potential for problems03:32
twbhear hear03:32
twbEven better would be /dev/null -- that's only slightly less recoverable03:33
axisystwb: lol03:33
axisystwb: what is non-persistent RAM ?03:33
axisysshould google it, I guess03:33
axisysno luck yet03:34
twbaxisys: normal ram03:34
twbi.e. volatile RAM, data is lost when you lose power03:34
axisysqman__: what is a good raid controller? i thought sftware raid is pretty good with lots of cpu and mem ?!03:35
axisystwb: ok03:35
twbwhereas SSDs are non-volatile but still basically RAM03:35
qman__it is, but it's not as fast as a good dedicated controller under certain circumstances03:35
qman__also, I said disk controller, not raid controller03:35
axisysqman__: oh03:35
qman__you need a disk controller that can sustain your disks' data rates03:35
twbhw raid makes sense when bandwidth is more important than flexibility, reliability, and ease of management03:36
twbi.e. almost never03:36
axisys:-)03:36
twbI'm with qman__ -- work out where the bottlenecks are and fix those03:36
qman__for example, my file server has an LSI non-RAID SAS controller for 8 of the disks03:36
twbOr better, fix your app to not need 3gbps sustained03:36
qman__which I selected specifically because it can handle SATA 3's full data rate03:37
qman__my disks aren't that fast yet, but I'm future proofing03:37
axisysqman__: dell or hp or supermicro ?03:37
qman__none03:37
axisysqman__: or sun ?03:37
qman__it's a Gigabyte AM3+ board03:37
qman__with a phenom II x403:38
qman__you'd want something better if you're needing that level of performance though03:38
axisysand for raid .. i suppose dont look at anything but raid10 ?03:38
qman__depending on your application03:39
qman__you can make up for a slower disk subsystem by throwing more RAM at it03:39
qman__put 32, 64GB of RAM in, and that's all disk cache03:39
axisysdo I have to do anything special except just put more rams in the system for that?03:39
qman__nothing special, linux does this by default03:40
axisysok03:40
qman__all unused memory is automatically used as disk cache03:40
qman__of course cache is cache, and doesn't apply in all situations03:40
qman__raid 10 will be fastest03:41
TylerWwhats the deal with webmin vs. Zentyal; everyone claims webmin can mess up an Ubuntu system but nobody brings proof or facts, and those of us that love it find no issues...03:41
qman__webmin violates the debian package management system, and mucks up config files in a nonstandard way03:42
axisysqman__: now I need some hardware for enterprise..03:42
axisysqman__: really dont want SUN hardware03:42
qman__so, in practice, it can work okay, but if it breaks it, we can't help you03:42
TylerWqman: thanks for a straight answer! I prefer cli for most practices, there are a couple things i find much easier/less time consuming on webmin <-- and for some of my staff that NEED it because they can't even understand the "ls" command03:43
TylerWBut seeing as though I don't use webmin for many configs... maybe setting up some apache virtual hosts from time to time... but once established I usually go in and manually write out a lotof the configs I know by heart03:43
TylerWone last thing if you don't mind; any absolute no no for running zentyal AND webmin on the same system? By the looks of it they wouldn't compete/interact with eachother so long as I wasn't trying to edit the same config in both03:44
qman__sounds like a really bad idea03:44
qman__especially because of the way webmin does it03:45
qman__you can try it, but make sure you do it non-production, and spend plenty of time on it03:45
TylerWyeah, definitely good points03:46
qman__axisys, I've worked on a few supermicro systems, they're alright, but I don't have enough to say if any one is better than any other03:46
qman__I buy based on reviews, and the last time I priced one out (didn't end up getting it) I actually picked an ASUS board for dual opterons03:47
qman__most of the hardware I work on isn't enterprise grade03:47
TylerWI find enterprise grade hardware to be more expensive and not last any longer or offer any other additional benefits (for the most part) than consumer hardware most of the time03:48
qman__lots of entry level server boards, single socket, just glorified desktops, and lots of actual desktop hardware03:49
qman__couldn't justify the cost for my server, just don't need that much RAM or dual chips03:49
qman__16GB and a quad core is overkill enough for what it does03:50
micahgDaviey: SpamapS: I take that back, the way Debian has the current 2.4 packaging, a backport should be fine as nothing is allowed to be coinstallable, but to make it useful, you'll need to backport other stuff with it as any of the current apache modules in precise won't work03:50
TylerWoh gee, Zentyal vm image for quick testing... excellent03:50
twbqman__: personally, I *do* just buy desktop/workstation ATX boards04:57
uvirtbotNew bug: #962779 in samba (main) "package samba 2:3.6.3-2ubuntu1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/96277905:13
Error404NotFoundIs there a way i can override the path of where a certain scripts looks for libs from /lib or /usr/lib to some other directory in runtime without sudo access?05:50
uvirtbotNew bug: #962826 in samba (main) "package samba-common 2:3.6.3-2ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/96282607:01
uvirtbotNew bug: #943000 in cobbler (main) "update to system fails with  Exception value: 'NoneType' object has no attribute 'os_version'" [Critical,Fix committed] https://launchpad.net/bugs/94300008:18
Davieymorning all!08:38
koolhead17good morning Daviey08:38
Davieymorning koolhead1708:38
* koolhead17 wants to go back sleep again.08:39
jamespagemorning all09:43
Qtenlo, 12.04, anyone have any guesses as to why i get a kernel panic when using the bonding driver on bootup but works ok if i do a networking restart?10:22
Qtenand one some servers it works fine every reboot but on others never works at all10:23
Qtenone some = one10:23
Qtenfound the issue /facepalm i need bridge-utils and ifenslave for bonding why isnt it a depend of ifenslave10:33
dforthmanGood morning. Does anyone know where I can download Groundwork 6.5? I'm running 32-bit Ubuntu Server and the latest version (6.6) only supports 64-bit.11:39
ikoniadforthman: is that in the repos or a comercial product11:45
dforthmannot sure if it's in the repos or not. that's why i'm asking11:45
ikoniaI don't see it11:45
ikoniais it a comercial product or open source ?11:45
dforthmanit's supposedly open source, http://www.gwos.com - but they don't have a link to previous versions11:46
ikoniaI don't see it as open source11:47
ikoniaI see licenses11:47
dforthmanthere's support contracts per device, but the software itself is free11:48
ikoniatheir website has terrible layout for information11:48
ikoniaI'd contact them direct11:48
dforthmanyeah, i'll do that. thanks for your help11:48
ikoniathank you, I'm having a look at groundworks, never heard of it11:49
dforthmanit's pretty much a pretty front-end for nagios11:49
dforthmanit also lets you make changes, test it, and store it in mysql, then commit them all at once11:50
=== smb` is now known as smb
_rubenbah .. groundwork seemed nice, until i noticed that the free edition is limited to 50 hosts12:25
koolhead17_ruben: i saw it too :D12:28
koolhead17http://www.gwos.com/downloads/core/ :P12:29
_rubenwhich makes it useless for us12:32
_rubengrep -c host_name /etc/nagios/hosts.cfg12:32
_ruben24212:32
* koolhead17 wants to learn nagios as well12:33
_ruben$10000 per year aint fun :P12:33
_rubenand that'd be only level1 :)12:33
uvirtbotNew bug: #963034 in openssh (main) "package openssh-server (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/96303412:41
zulmorning12:57
husienhye..13:19
lynxmanzul: morgen13:34
smblynxman, ist Samstag13:36
lynxmansmb: jetzt? Ich denke auf Freitag war13:37
smblynxman, Heute ist Freitag, "morgen" ist Samstag ;-P13:37
lynxmansmb: heh :)13:38
* smb blames the increasing silliness on the weather...13:39
lynxmansmb: yeah, not miserable = fun ;)13:40
smbAt least while not required to be working ... home office at 26Ā° = not so much fun, at least until one is used to it13:42
lynxmansmb: ouch, that's slightly too hot for my taste13:48
Davieysoren: How is your keystone-common looking13:48
Daviey?13:49
sorenDaviey: Lovelier and lovelier by the day.13:49
sorenDaviey: *Just* finished adding the ability to add the service and endpoints to keystone as well.13:49
sorenDaviey: Literally two minutes ago.13:49
Davieysoren: this is great news.. what branch are you using?13:49
sorenIt's at lp:~soren/+junk/keystoneconfig-common/13:50
sorenI don't want to create a project for it. I expect to maintain it as a native package.13:50
soren...so until Q opens and I can upload it properly, it'll just be under +junk13:50
ogra_you plan to upload junk to Q ?13:51
ogra_tsk13:51
sorenogra_: That's all I have.13:51
sorenogra_: Gotta put it somewhere.13:51
ogra_server guys ...13:51
soren:)13:51
ogra_:)13:51
DavieyI really wish there was a "misc" project, rather than +junk for catchall13:51
sorenDaviey: I got the impression it was too late for you guys to make use of it in Precise anyway, so didn't bother uploading it.13:52
sorenDaviey: Create one?13:52
Davieysoren: I'd rather get it in, if adam_g thinks we can.13:52
sorenDaviey: Would be fun to see what sort of stuff turns up there.13:52
sorenDaviey: I'm surprised the config project on LP hasn't been abused more.13:53
Davieysoren: /me starts a homeless project.13:53
sorenDaviey: Well, let me know if you want me to push it.13:53
sorenDaviey: I'd just rather not waste time on it if it won't be used anyway.13:53
Davieysoren: lets see what adam_g thinks when he arrives.13:54
sorenCool beans.13:54
Davieysoren: We've abused jdstrand enough this cycle, reviewing NEW's. :)13:54
zulDaviey: i dont think jdstrand should pay for his drinks at uds when a server team member is around ;)13:55
Nafallowhat's the favourite way to combat spam on a postfix/dovecot setup? :-)13:59
Nafalloin particular spam that comes from a forwarder, such as @ubuntu.com ;-)13:59
zulNafallo: /dev/null? :)14:01
Nafallothat's sounds like the end goal. there must be a good path to get there ;-)14:02
Nafalloi.e. I need a classifier.14:02
patdk-wknafallo, the only way to get spamass to better classify forwarder email, is to add the forwarder to your trustednetworks14:06
patdk-wkbut then, that can also bit you, for emails that originate from there14:07
Nafallohmm. yeah. I'd like to avoid any kind of host-based checks. I'd rather spend the CPU cycles to check each message.14:08
Nafallohow about dspam?14:08
=== jvdz_ is now known as jvdz
rbasakCan anyone suggest why "d-i netcfg/choose_interface select auto" might not work? I've tried eth0 as well. It keeps asking me!14:31
* rbasak is using priority=critical14:32
tjaaltonrbasak: it won't work in a preseed file, you need to give it on the kernel cmdline14:32
rbasaktjaalton: oh yeah of course, it won't be able to read the preseed yet14:33
tjaaltonyeah, unless you build your own boot image, can put the preseed file there but it's simpler to feed the kernel directly..14:33
rbasaktjaalton: doing it on the cmdline worked - thanks!14:36
jdstrandheh14:38
gabebugI have a server running Natty that's got a vulnerability report for https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/837991 - but that but report only lists patches for oneric. shouldn't natty and maverick get back ported patches for this too?14:47
uvirtbotLaunchpad bug 837991 in apache2 "Please merge apache2 2.2.20-1 to fix CVE-2011-3192+regressions" [High,Fix released]14:47
SpamapSgabebug: that bug is for a regression in the CVE update, not the actual CVE14:51
gabebugah14:51
SpamapSgabebug: http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3192.html14:51
uvirtbotSpamapS: The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192)14:51
gabebugi have controlscan complaining that my natty install is vulnerable, but i'm running apache2-2.2.17-1ubuntu1.5. suppose that's just a false positive from controlscan?14:55
mdeslaurSpamapS: new mysql versions apparently15:02
SpamapSmdeslaur: been waiting for 5.5.22 actually.. 5.5.21 had some kind of regression IIRC15:10
mdeslaurSpamapS: they mention security stuff in the 5.1.x release notes, but not 5.5 and 5.015:10
mdeslaurSpamapS: although they have updated yassl in 5.5 and 5.0 also, and I suspect that's security realted15:10
SpamapSOh joy, 5.5.22 has "yaSSL was upgraded from version 1.7.2 to 2.2.0."15:10
mdeslaurSpamapS: do we use yassl?15:10
SpamapSyes we enable SSL15:11
mdeslauror do we build with openssl or something else15:11
=== bladernr_ is now known as bladernr_afk
SpamapSmdeslaur: yassl is their only solution15:11
jdstrandmdeslaur: I saw some yassl stuff recently-- that is probably CVE-2012-088215:12
uvirtbotjdstrand: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0882)15:12
mdeslaurjdstrand, SpamapS: yeah, probably that one15:12
SpamapSYeah, mysql has always embedded yassl15:12
SpamapSThere's an open bug against the Debian mysql packages to package yassl separately and use that15:13
SpamapSI think that may end in disaster though ... mysql hates playing nice with others.15:13
mdeslaurSpamapS: ok, thanks for the clarification...I'm probably thinking of something else that bundles yassl that we disable15:13
zulthere swift down to one failing test15:28
* smb wonders whether hallyn is to be expected today...15:33
_rubenugh, nice challenge for next week: fresh install of 10.04.4 on software, at boot time it complains /boot is not ready yet or unavail, enter recovery shell, issue mount /boot, ctrl-d, boot continues without issue15:49
_rubens/software/software raid/15:50
henkjan_ruben: i see that happen a lot with lucid15:55
henkjanrandomly droppen to initramfs while booting from mdadm15:55
henkjanafter a powercycle booting mostly works correct15:55
_rubenhenkjan: tried 3 reboots just now, keeps failing15:58
_rubenand i don't really end up in the initramfs i think15:58
_rubenas / is already mounted and after exiting that shell, it just continues starting some services and be done15:59
_rubenguess should've requested hw raid after all :P15:59
henkjanmwah, mdadm raid is fine most of the time16:00
_rubenthis shouldn't be a disk intensive box anyways: border router :)16:00
_rubentho reliable booting would be nice :)16:00
* jamespage is killing qemu quite convincingly this afternoon trying to automate iscsi root testing16:01
henkjan_ruben: routing on ubuntu + ?16:01
_rubenhenkjan: bird16:01
henkjanquagga? bird?16:01
_rubenworking like a charm16:02
_rubenreplacing my current dell pe860 boxes with pe r210 ones16:02
_rubenif they'd boot....16:02
_rubenproperly that is :)16:02
henkjan...16:02
_rubenbut that's for next week to tackle, time to head home now16:02
pabelangernice to see bug 935585 is fixed.  The only real issue I have had with 12.0416:04
uvirtbotLaunchpad bug 935585 in upstart "[kernel panic] init: log.c:786: Assertion failed in log_clear_unflushed: log->remote_closed" [High,Fix released] https://launchpad.net/bugs/93558516:04
KM0201why is NFS so hard to setup?16:14
smbhallyn, Morning, I got two little libvirt presents you may want to have a look at (bug 929626 and bug 963006). I would also try to get them upstream but if they pass you review and we could get that uploaded it would be great.16:15
uvirtbotLaunchpad bug 929626 in libvirt "virt-manager misses xen guests shutting down" [Medium,In progress] https://launchpad.net/bugs/92962616:15
uvirtbotLaunchpad bug 963006 in libvirt "libvirt: xen: hypervisor driver fills log with internal errors after shutdown" [Low,In progress] https://launchpad.net/bugs/96300616:15
iclebytedoes any one know how to specify the pppX interface from within the /etc/ppp/peers/provider files?16:26
adam_gzul: have tried uploading that swift patch against the current ubuntu pkg to a buildd and see if the other tests pass? if that works, i think the keystone tests should as well17:08
zuladam_g: not yet im going to build it locally before i upload it to a ppa17:09
zuladam_g: btw that patch is specifically for 1.4.7 though17:11
uvirtbotNew bug: #963280 in zookeeper (universe) "Memory leak on any async python call" [Undecided,New] https://launchpad.net/bugs/96328017:11
apwhallyn, i presume the memory cgroup is enabled so we can use it with lxc?  do we recommend a base OS for lxc use (for x86)17:19
stgraberhallyn: arkose is broken with new lxc ;)17:20
stgraberhallyn: I'll look at it after my current meeting17:20
l3dxI have a 3-disk array that previously was setup with lvm2 and raid5. These disks are now inserted into a different server. Is it possible to "recover" the setup? How do I do that without losing the data?17:22
tarvidnew RAID 1 installation, how do I check synchronization17:24
stgraberhallyn: right, I'm out of my meeting17:26
stgraberhallyn: I had to downgrade lxc in a hurry to make arkose work again :)17:27
stgraberhallyn: so arkose calls lxc-init using a shell script as init script, so far so good17:27
stgraberhallyn: but starting with the new LXC, it complains it can't find the apparmor profile and just fails to start at all17:27
l3dxnvm, I found out (mdadm -A)17:30
tarvidany way to monitor RAID 1 remotely?17:32
Nafallocat /proc/mdstat17:35
tarvidNafallo, I would like to monitor from an external host or get machine eo email a message if status changes17:36
Nafallomunin, nagios, mdadm... choose your poison :-)17:37
tarvidI'd have to poll with mdadm17:38
tarvidmunin looks interesting17:39
Nafallomdadm does include a monitor that can e-mail stuff, you know... :-)17:39
foohmm, just to confirm: if someone has an e-mail client, and they get e-mail via pop3, and all of a sudden we change the pop3 server (eg. migrate their e-mail system to a new one), then they start getting e-mail from the new server and all of their old e-mail still stays in their e-mail client, right?17:46
uvirtbotNew bug: #963301 in php5 (main) "php5 crashed with SIGSEGV when i was compiling XDebug using pear" [Medium,New] https://launchpad.net/bugs/96330117:46
zuladam_g: it built locally fine here just threw it in a ppa18:04
instabinWould it be better to run a web server on ubuntu or freebsd?18:19
instabinand why18:19
SpamapSinstabin: better implies that there is a measurement that can be applied18:20
instabinThey both can use apache? So is one more secure than the other?18:21
SpamapSinstabin: I'd guess that there are quite a few measurements that would be used to measure the success or failure of running a web server... but they are likely specific to each web site/server :)18:21
SpamapSinstabin: security is a process, and not a single thing that can be measured18:22
instabinI been running on 10.4 lts for the last 2 years18:22
SpamapSinstabin: then you'll find apache in 'apt-cache search apache' ;)18:22
instabinI have been running apache on it for the last 2 years with php18:23
instabinFriend of mine is trying to convince me to switch to freebsd18:23
instabinSays it more secure.. because its designed to be a server only18:24
mdeslauruhm, "more secure because it's designed to be a server only" sounds fishy to me18:24
instabinI think its just cuz hes a freebsd fanboy18:25
instabinBut i figured I would evaluate since I was planning on upgrading to 12.04 when its released18:26
instabinI think that since they run the same web server it would depend on your firewall for how secure the system is.18:27
hallynhggdh: Daviey: boy!  i'm wondering whether bug 961217 turns out to be due to libnl3!18:40
uvirtbotLaunchpad bug 961217 in libvirt "virsh start domain sometimes fail in oneiric" [High,Confirmed] https://launchpad.net/bugs/96121718:40
hggdhhallyn: if so, how to check?18:40
* hggdh is glad there is some light at the end of the tunnel18:40
* hggdh is not sure it is not a train comming in18:41
hallynhggdh: im' not sure :)  so far i've just got that i can reproduce it with upstream git with our patches on top, but not without our patches18:41
hggdhah18:41
hallynso now i'll try all our patches except libnl3...18:41
hggdhand we patched for using libnl3?18:41
hggdhyes, of course, already answered18:42
hallynmind you i'm not 100% clear on why we do that.  it introduces delta over debian for libvirt and netcf.  but i assume we had to do it for something so now do ti for everything18:43
pdtpatr1ckQuestion - does anyone know of a similar service like Moonwalk (http://www.moonwalkinc.com/products/moonwalk-for-linux) for Ubuntu  ?18:59
Davieykoolhead17|away: around? (i note your nick suggests a no)19:04
koolhead17|awayDaviey, am very much here sir19:04
=== koolhead17|away is now known as koolhead17
koolhead17i log in with default away nice :P19:07
stgraberhallyn: ping19:07
Davieykoolhead17: hah, did you ever get a solution for bug 807038?19:07
uvirtbotLaunchpad bug 807038 in dbconfig-common "dbconfig-common fails to preseed phpmyadmin on natty/lucid" [Medium,Triaged] https://launchpad.net/bugs/80703819:07
instabinwhat web gui is recommeded for managing a ubuntu server19:08
koolhead17instabin, landscape :)19:08
koolhead17Daviey, i moved to oneiric and then never looked at it. i can check it again19:09
koolhead17Daviey, or you have some other suggestion?19:10
instabinHow do you get landscape19:11
instabinDo you have to buy Ubuntu Advantage?19:12
Davieykoolhead17: no, just wondered19:14
koolhead17instabin, i think 5 machine its free for more yes you have to buy support which comes with many other services i suppose19:15
koolhead17Daviey, i will look at it again and get back to you.19:15
uvirtbotNew bug: #963368 in bind9 (main) "dnssec-keygen takes forever to generate a keyfile" [Undecided,New] https://launchpad.net/bugs/96336819:16
koolhead17Daviey, i saw some openssh-server bug reported today for 10.0419:17
stgraberhallyn: tracked my lxc bug down to the fact that I'm running a container without a /proc mounted by lxc19:18
stgraberhallyn: if /proc isn't mounted by lxc (through a fstab entry), then you get "lxc-start: No such file or directory - failed to change apparmor profile to lxc-container-default"19:19
stgraberhallyn: I'll file a bug about it, would be great if it could be fixed very soon as it'd need to be included for beta2 (arkose is broken because of that)19:19
instabinkoolhead17: how do i get it19:20
koolhead17instabin, http://www.canonical.com/enterprise-services/ubuntu-advantage/landscape19:21
koolhead17it has everything you need19:21
stgraberhallyn: bug 96338819:24
uvirtbotLaunchpad bug 963388 in lxc "Unable to start containers without proc entry in fstab" [High,Triaged] https://launchpad.net/bugs/96338819:24
uvirtbotNew bug: #963388 in lxc (universe) "Unable to start containers without proc entry in fstab" [High,Triaged] https://launchpad.net/bugs/96338819:31
mgware the certificates signed by two intermediate CAs of the same root CA interchangeable?19:31
kklimondastgraber: how secure is lxc nowadays?19:47
Steve[MBA]anyone happen to know why I keep getting the following error when running virt-install with kvm? "ERROR    Unable to resolve address 'system' service '16514': Name or service not known"19:49
Steve[MBA]seems that libvirt isnt running, but dunno why19:49
Steve[MBA]actually libvirt is running, just not listening on that port19:51
Steve[MBA]im trying to connect locally as well19:51
stgraberkklimonda: pretty secure when you have the apparmor profile turned on. We won't guarantee it to be root-safe until we have the user namespace though, but we're definitely interested in any feedback on how to escape a container and will update our profiles accordingly.19:52
hallynstgraber: dangit, sorry, my forwarded didnt' fwd your pings.20:10
hallyni did see the bug;  guess we'll end up seeing whether aa_change_onexec is fixed :)20:11
smoserhallyn, https://bugs.launchpad.net/ubuntu/+source/linux/+bug/96342020:30
uvirtbotLaunchpad bug 963420 in linux "https download performance significantly worse in precise than lucid" [Undecided,New]20:30
smoserthats what i came  up with for network performance in precise20:30
smoserguests.20:30
smosergood news is that if i do http rather than https, I can probably saturate the link20:31
smoserprecise http: 88.1 MB/s20:31
hallynsmoser: interesting :)20:32
hallynhggdh: well, fooi - today i can't reproduce the bug at all20:32
hallyneven with stock20:32
smoserprecise https: 11.5 MB/s20:32
hallynmaybe...20:32
smoserlucid http: 78.8 MB/s20:32
hallyni wonder if there's any chance that i didn't reboot after do-dist-upgrade, and oneiric kernel is the problem20:32
hggdhhallyn: welcome to my hell :-)20:32
smoserlucid https: 46.7 MB/s20:33
hallyncozy20:33
smoserhallyn, the good news is my attempt to show precise virtio disk regression has so far failed.20:33
smoser(ie, seeing similar write speeds of /dev/zero to /dev/vdb)20:33
smoseri realize thats very non-scientific, but it was my first test20:34
hallynsmoser: jinkeys i sure hope that can get fixed20:34
=== koolhead17 is now known as koolhead17|afk
hallynwtf - there's no kernels in /boot?20:36
hallynwell, i'm going to have to reinstall oneiric again for this.  bbl.20:37
hallynoh wait.  stgraber: do you need that lxc fix this weekend?20:38
stgraberhallyn: no, if it lands on Monday that'll be fine20:44
hallynwhen is freeze over?20:45
hallynstgraber: you want me to ask in #ubuntu-release for an exception for that?20:46
mgwAny PKI or openvpn pros here? I'm having a problem where a cert issued by one intermediate seems to be recognized/validated by another intermediateā€¦ both intermediates have the same root.20:52
stgraberhallyn: no, it's a bugfix, just upload and they'll poke me as it only affects Edubuntu20:52
stgraberhallyn: the freeze is over on Thursday but I want that fix for beta2 as it's completely breaking arkose20:53
hallynok, thx20:53
stgraberhallyn: so whenever you have a fix, just upload it20:53
hallynwill do.20:53
hallynttyl20:53
primerashi all. Good evening. Where is the Ubuntu Server bug list21:33
=== _Gabber is now known as Gabber
axisyswhy would pulling a preseed file fail? https://imgur.com/pKNs923:58
axisysthat url is valid and reachabled23:58
axisysnetwork setup through is successful23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!