/srv/irclogs.ubuntu.com/2012/03/30/#ubuntu-server.txt

=== Arc_ is now known as a5m0
moparisthebest	I'm using Lucid and need a package which shows up on packages.ubuntu.com, but won't install, does it work for anyone else? http://paste.ubuntu.com/906458/	00:13
uvirtbot	New bug: #968743 in mysql-dfsg-5.1 (main) "package mysql-client-core-5.1 (not installed) failed to install/upgrade: trying to overwrite '/usr/bin/mysql', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/968743	00:16
uvirtbot	New bug: #968753 in openssh (main) "ssh crashed with SIGSEGV" [Medium,New] https://launchpad.net/bugs/968753	00:36
=== Jasonn is now known as jucy
=== jucy is now known as juicy
=== Arc_ is now known as a5m0
joosengee	someone use samba domain	06:10
joosengee	or not?	06:10
joosengee	I have some question?	06:15
joosengee	anyone help me, please.	06:15
Jeeves_	Hmm	07:03
Jeeves_	A new libreoffice in an LTS is possible during beta	07:04
Jeeves_	but a new apache2 isn't	07:04
henkjan	no apache 2.4 in precise?	07:05
Jeeves_	No	07:11
Jeeves_	At least, not currently	07:11
Jeeves_	https://bugs.launchpad.net/ubuntu/+bug/939300	07:11
uvirtbot	Launchpad bug 939300 in ubuntu "precise 12.04: consider adding Apache 2.4 ?" [Wishlist,Confirmed]	07:11
henkjan	*click "yes this affects me"	07:14
micahg	no, apache 2.4 will probably be a backport though	07:30
twb	Oops, my LDAP server's cert expired... no logins for nearly half an hour	07:30
jamespage	morning all	08:10
mgw	good morning	08:17
uvirtbot	New bug: #968983 in openssh (main) "ssh crashed with SIGSEGV" [Medium,New] https://launchpad.net/bugs/968983	08:50
PedroGomes	I, does anyone here can give me a functional PXE file for Ubuntu 12.04?	09:20
PedroGomes	*Hi	09:20
Daviey	Here is a function pxelinux file, http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/pxelinux.0	09:23
Daviey	functional*	09:23
PedroGomes	Daviey: not quite what I need, but maybe it can help. This is the PXEfile that goes in the tftpboot folder, what I need was a boot configuration file that is deployed for each machine	09:30
PedroGomes	but I will try and change this one	09:31
PedroGomes	maybe it will do the trick	09:31
PedroGomes	Daviey: no luck…	09:36
PedroGomes	why does 11.10 install without problems and 12.04 has ram disk problems….	09:39
xranby	jamespage: morning	09:40
jamespage	xranby, good morning! how are you?	09:40
xranby	jamespage: im fine thanks, i have beem focusing on GUI backend perfomance	09:41
xranby	mostly since i do not have any crash report to investigate :)	09:42
xranby	jamespage: please tell if you observe any instability issue	09:42
xranby	during your testing rounds	09:42
jamespage	xranby, sure will :-)	09:42
jamespage	things have been pretty stable TBH	09:42
xranby	nice, thats what i want to hear	09:43
dcramer	why would the default setup of 10.04 LTS postfix not use aliases	12:31
dcramer	I send mail to root and it sends it out	12:31
_ruben	it does use it, but i recall a "bug" where the postinst doesn't populate /etc/aliases even tho it makes you think it does	12:33
_ruben	and after modifying /etc/aliases, make sure you run newaliases	12:34
dcramer	_ruben: no it's because mail -s test root doesn't sent to root@localhost	12:37
dcramer	it sends it to root@hostname	12:37
dcramer	for some strange reason	12:37
_ruben	a default config should accept mail for @hostname as well	12:40
_ruben	what does 'postconf myorigin myhostname' show?	12:41
dcramer	/etc/mailname	12:44
dcramer	which is my domain name	12:44
_ruben	and postconf mydestination?	12:45
dcramer	mydestination = beaver1.postgresintl.com, localhost.postgresintl.com,localhost	12:45
dcramer	postgresintl.com	12:45
dcramer	is the domain name	12:45
=== smb` is now known as smb
_ruben	and beaver1 is the hostname i assume?	12:46
dcramer	yes	12:46
_ruben	beaver1 oughta be in mydestination as well	12:46
dcramer	I have other setups where this is not the case	12:47
dcramer	nm I'll try that	12:47
dcramer	actually postgresintl.com needs to be in mydestination	12:50
zul	good morning	13:02
=== bladernr_afk is now known as bladernr_
stgraber	hallyn: ping	13:29
stgraber	hallyn: could it be that we forgot to allow lxc-start to call change_profile? setting lxc.aa_profile prevents the container from starting here	13:30
stgraber	hallyn: ah, no, my bad	13:30
stgraber	hallyn: I should have read the main profile and see that it needs to be prefixed by lxc- :)	13:30
stgraber	hallyn: hmm, so I added a profile lxc-upgrader01 in /etc/apparmor.d/lxc/ and called it lxc-container-upgrader01 in the profile	13:37
stgraber	hallyn: but now /etc/init.d/apparmor reload fails ...	13:37
stgraber	hallyn: bug 969228	13:48
uvirtbot	Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [Undecided,New] https://launchpad.net/bugs/969228	13:48
hallyn	stgraber: d'oh, again i didn't see the notification here. but i saw the email :)	14:22
stgraber	hallyn: hehe :)	14:22
stgraber	hallyn: I also reproduced the weird dpkg diverts and locales being blocked by apparmor. I'm upgrading the machine to linux-image-3.2.0-21-generic before reporting that one	14:23
stgraber	hallyn: bug 969228 is either and LXC or an apparmor parser bug, so shouldn't depend on the kernel version	14:23
uvirtbot	Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [High,Incomplete] https://launchpad.net/bugs/969228	14:23
hallyn	stgraber: yes, could you try removing the #include from the top of your new file?	14:25
stgraber	hallyn: no change...	14:25
hallyn	drat	14:26
hallyn	note i did test this... how odd	14:28
hallyn	reproduced now though	14:29
hallyn	stgraber: oh i didn't go far enough in my request	14:31
hallyn	stgraber: if you pull the #include from both container profiles and put it at top of /etc/apparmor.d/lxc-containers, it works	14:32
hallyn	jjohansen: is there a way to say '#ifndef tunables #include <tunables/home> #endif' in a apparmor profile?	14:33
hallyn	jjohansen: i want users to be able to just 'apparmor_parser /etc/apparmor.d/lxc/lxc-new' rather than /etc/init.d/apparmor reload', is the only reason	14:33
hallyn	(maybe that's not worthwhile)	14:33
sbeattie	hallyn: #ifdef> not... really, but I haven't looked at the bug report yet.	14:34
hallyn	(drat, this coudl require a server guide update)	14:36
jamespage	hallyn, is there anything I can do to help diagnose/fix the 'failed to fstat previous diversions file' issue we see with postgresql under lxc?	14:39
jamespage	I just hit the same issue in another charm	14:39
hallyn	jamespage: turn off apparmor and see if it's still broken	14:40
hallyn	if not, mark it as affecting linux and critical priority, owned by jjohansen	14:40
jamespage	hallyn, OK - testing now	14:40
stgraber	hallyn: sorry, was working on something else, looking now	14:42
stgraber	hallyn: worked	14:43
hallyn	stgraber: ok, i guess i'll move the #include, and ask for server guide update. users will need to reload all container profiles at once.	14:44
stgraber	hallyn: btw: [ 1022.059598] type=1400 audit(1333118643.042:36): apparmor="DENIED" operation="mount" info="failed type match" error=-13 parent=23460 profile="lxc-container-upgrader01" name="/var/lib/ureadahead/debugfs/" pid=23666 comm="ureadahead" fstype="debugfs" srcname="none" flags="rw"	14:45
stgraber	hallyn: I guess we should silent that one	14:45
hallyn	we do that with just an explicit deny right?	14:46
stgraber	hallyn: yep	14:46
hallyn	(sorry doing a bunch of bugs at a time)	14:46
sbeattie	hallyn\|stgraber: can you post the problematic version of the /etc/apparmor.d/ tree to bug 969228	14:47
uvirtbot	Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [High,Incomplete] https://launchpad.net/bugs/969228	14:47
hggdh	roaksoax: aldebaran (the cobbler server), alkaid and phact are available now	14:48
hggdh	roaksoax: sorry for the delay, but I only ended the upgrade around 0100 UTC today	14:48
stgraber	sbeattie: there you go	14:55
sbeattie	stgraber: thanks, peeking.	14:55
jamespage	hallyn, if I turn off apparmor I can't start any containers	15:01
jamespage	hallyn, http://paste.ubuntu.com/907334/	15:01
roaksoax	hggdh: no worries	15:03
stgraber	hallyn: hmm, the divert and locale apparmor bugs are still there with -21 ... I guess I'll have to file a bug this time as it's preventing the daily upgrade testing from working	15:06
jeh	anyone here happen to be using the mlx4_en ethernet driver on precise?	15:06
hallyn	stgraber: that's what jamespage is looking at	15:07
hallyn	stgraber: yes, if jamespage hasn't filed it yet, pls mark it critical	15:07
jamespage	hallyn, stgraber: I've not filed a bug yet	15:07
hallyn	jamespage: sorry, please at 'lxc.aa_policy = unconfined' to the container's config (/var/lib/lxc/container/config)	15:07
jamespage	hallyn, ack	15:07
hallyn	jamespage: it's explained in the server guide, but that's notreally online yet iiuc :)	15:07
stgraber	jamespage: I did :)	15:08
stgraber	sbeattie, hallyn, jamespage: bug 969299	15:09
uvirtbot	Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Undecided,New] https://launchpad.net/bugs/969299	15:09
jamespage	stgraber, hallyn: oddly if I put lxc-container-default into complain mode I don't get the issue - but neither does aa complain	15:10
stgraber	hallyn: targeted to final and marked critical	15:10
stgraber	jamespage: yay for debugging fixing the bugs ;)	15:10
hallyn	jamespage: might be worht commenting that int he bug	15:11
jamespage	hallyn, lemme double check that	15:11
hallyn	jjohansen: ^ bug 969229	15:15
uvirtbot	Launchpad bug 969229 in txamqp "Impossible to reopen closed channel" [Undecided,New] https://launchpad.net/bugs/969229	15:15
hallyn	no that's not the one :)	15:15
hallyn	jjohansen: would you believe bug 969299	15:15
uvirtbot	Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Undecided,New] https://launchpad.net/bugs/969299	15:15
stgraber	hallyn: lxc-start: unknow key lxc.aa_policy	15:16
hallyn	wth	15:16
stgraber	(I think we also want s/unknow/unknown/g btw ;))	15:16
hallyn	d'oh	15:16
hallyn	aa_policy	15:16
hallyn	lxc.aa_profile	15:16
hallyn	stgraber: that's not my typo :)	15:17
stgraber	root@athos:/data/internal/containers# lxc-start -n upgrader01	15:17
stgraber	lxc-start: Permission denied - failed to change apparmor profile to unconfined	15:17
hallyn	stgraber: you haven't disabled apparmor	15:17
hallyn	usr.bin.lxc-start isn't allowed to transition to unconfined	15:18
stgraber	hallyn: why would I do that? I just want it off for one container ;)	15:18
smb	zul, Just read your answer to that xen feature mail. Just to make sure I am not doing something wrong because I am using still the xend based api between libvirt and xen host in precise.	15:18
hallyn	stgraber: you think the default lxc-start profile should allow that?	15:18
zul	smb: no you arent i think they are refering to the XCP stuff that citrix was doing this cylce in debian/ubuntu	15:19
stgraber	hallyn: I think we should allow for a container to set "lxc.aa_profile = unconfined" without turning apparmor off for all containers, yes	15:19
smb	zul, Yes, well generally the xcp stuff, right. Reading about the blueprint gave a bit the impression this is what is used in Precise	15:19
zul	smb: right i dont think anyone on the platform team has used the xcp stuff really	15:20
hallyn	stgraber: ok so there's that, the #include fix, and what was the other thing is houdl add right now?	15:20
hallyn	(and by right now i mean, "sometime soon")_	15:20
hallyn	maybe that was it	15:21
stgraber	hallyn: "#include fix", "deny for debugfs in /var/lib/ureadahead/debugfs/", "allow switch to unconfined in usr.bin.lxc-start"	15:22
hallyn	ah right debugfs, thanks	15:25
hallyn	mabe the ubuntu template should add a commented '# lxc.aa_profile = unconfined'	15:26
hallyn	stgraber: really we want debugfs anywhere to be silenetly denied, right?	15:27
brontosaurusrex	finnaly updated my old intranet server from 9.10 to 10.04 and noticing some magic: mp4/h.264 videos can be seeked without preloading in html5 mode on chrome..., is it a chrome magic or a combo of smarter apache and chrome, or some other mistery?	15:27
stgraber	hallyn: hmm, indeed, "deny mount fstype=debugs," should be fine	15:27
stgraber	hallyn: also +1 on adding some lxc.aa_profile line to the template, either "lxc.aa_profile = lxc-container-default" or a commented "# lxc.aa_profile = unconfined"	15:28
stgraber	hallyn: as long as there's a way for people to easily figure it out, that's fine	15:28
jamespage	hallyn, stgraber: not sure whether its related but I'm getting some excellent kernel message cruft - http://paste.ubuntu.com/907382/	15:28
stgraber	jamespage: I've always blamed the lack of logging namespace for that one ;) not sure if that's the real cause though	15:30
jamespage	stgraber, it does not appear to impact function as far as i can tell	15:30
stgraber	jamespage: I'm testing aa-complain now ;) sounds like an interesting workaround	15:32
Daviey	jamespage, adam_g, zul: What is the story of precise-openstack-essex-swift-trunk failing?	15:34
zul	Daviey: the story is that swift needs openstack-nose-plugins to build the testsuite and its 95% done on my todo list	15:35
zul	Daviey: its packaged just not in the archive	15:35
hallyn	stgraber: jamespage: actually we still have attach_disconnected in the policy, that might be causing problems. not sure	15:37
hallyn	biab	15:37
Daviey	zul: ok, thanks	15:37
stgraber	hallyn: good point, I'll test that before trying jamespage's trick	15:38
autif	is apt-proxy now called apt-cacher?	15:45
patdk-wk	no	15:46
patdk-wk	different project	15:46
patdk-wk	apt-cacher is slow	15:46
patdk-wk	apt-cacher-ng is faster by many times	15:46
autif	apt-cache search apt-proxy did not return apt-proxy - it returned apt-cacher and apt-cacher-ng	15:47
autif	I was looking to caching packages because I want to install and update many machines and want to save bandwidth	15:47
autif	came accross https://help.ubuntu.com/community/AptProxy	15:47
patdk-wk	find apt-proxy for me :)	15:47
autif	should I be using apt-cacher-ng?	15:47
patdk-wk	or, it works for me, to locate apt-proxy	15:47
autif	ubuntu-server 11.10	15:48
patdk-wk	10.04 here	15:48
autif	hmmn - that may do it	15:48
patdk-wk	apt-proxy downloads the all .deb's for a version if I remember right	15:48
patdk-wk	using gigs of space	15:48
patdk-wk	where apt-cacher-ng only downloads the .deb's you use, like a http proxy	15:48
autif	yup - that should be find - I have a 2TB disk :-)	15:48
autif	ah, I see the difference	15:49
patdk-wk	last time I used apt-proxy I think it was using 600gigs of space for me	15:49
autif	will try out apt-cacher-ng	15:49
patdk-wk	just all the updates for things I didn't use, kept using up all my bandwidth	15:49
autif	thanks patdk-wk	15:49
patdk-wk	heh, my apt-cacher-ng is using 1.9gigs of space	15:50
Ng	I think everyone should stop saying the names of software that ends in -ng	15:52
Pici	heh	15:52
* patdk-wk renames amavisd-new to amavisd-ng		15:52
Ng	-1	15:53
Daviey	zul: bug 965551 ?	15:53
uvirtbot	Launchpad bug 965551 in quantum "quantum-server 2012.1~rc1-0ubuntu2 fails to install" [Undecided,New] https://launchpad.net/bugs/965551	15:53
patdk-wk	ng, not bad, only 15 packages in lucid have -ng	15:54
zul	Daviey: i think adam_g said he was going to work on that one	15:54
Daviey	zul-ng, What is the status of that bug?	15:54
Daviey	ok, great	15:54
zul	heh zul-ng	15:56
patdk-wk	that one is overrated!	15:56
Ng	Daviey: you stop that!	16:01
* Daviey wonders how hard an irrsi pluggin would be to add -ng to any verb. :)		16:05
Daviey	err noun	16:06
Ng	I hope it would be very very difficult	16:06
Daviey	zul / adam_g: Are you uploading new snapshots today?	16:07
zul	Daviey: no im going to wait for rc2	16:08
Daviey	zul: no date set, or confirmed there will be an rc2, is there?	16:08
zul	Daviey: lemme check my sources	16:09
hallyn	stgraber: uh, what is jamespages' trick?	16:11
zul	Daviey: if they get their stuff together it will be today otherwise monday	16:16
stgraber	hallyn: aa-complain ;)	16:17
hallyn	ah ok	16:18
Daviey	zul: feel free to tell your sources that i haven't seen that discussed anywhere, or on the release schedule.	16:18
Daviey	Or just tell ttx.	16:18
stgraber	hallyn: dropping the attach_disconnected seems to have worked here	16:19
stgraber	jamespage: can you try doing that too? ^	16:19
hallyn	stgraber: interesting.	16:19
jamespage	stgraber, OK - I'll try - where do I set that?	16:20
hallyn	it does make some sense	16:20
hallyn	remove it from the top of /etc/apparmor.d/{usr.bin.lxc-start,lxc/lxc-default}	16:20
hallyn	probably just remove the whole flags=(.*)	16:21
azertyu	hello there	16:22
azertyu	is tehre any specialist bladecenter ?	16:23
azertyu	anyone there ?	16:24
patdk-wk	what is a, specialist bladecenter?	16:41
patdk-wk	I would assume all bladecenters to be special	16:41
azertyu	sure	16:42
azertyu	well i got a small on my bladecenter	16:42
azertyu	Chassis Cooling Devices	16:42
azertyu	1	16:43
azertyu		16:43
azertyu	Chassis Cooling Device status OK	16:43
azertyu	78%	16:43
azertyu	2	16:43
azertyu		16:43
azertyu	Chassis Cooling Device status OK	16:43
azertyu	79%	16:43
azertyu	what can be ?	16:43
ironm	hello. Is there an approved possibility to create own ubuntu server images with some third party packages (for off-line installations? I have played a bit with debian live-builder 3.0a-45-1 but was not successful. Thank you in advance for any hints.	16:45
xT_Bash	hey ppl	16:50
xT_Bash	any1 willing to help me with a 10.04 LTS install?	16:51
xT_Bash	wanna install the kde but yet dont have any clue how	16:51
arthurjohnson	Why would you want to install KDE on a server install?	16:52
xT_Bash	any other desktop u suggest?^^	16:52
xT_Bash	or does the question target the desktop thing itself?	16:52
arthurjohnson	None. At least thats my opinion.	16:53
xT_Bash	well	16:53
arthurjohnson	I would never put a desktop on a server. Wastes resources.	16:53
arthurjohnson	But if you must, go with something a little lighter, like xubuntu	16:53
xT_Bash	im not that fit with with console yet	16:53
xT_Bash	still too miseducated by microsoft stuff :P	16:53
arthurjohnson	Desktops aren't going to make configuring and maintaining a server any easier.	16:53
xT_Bash	mkay	16:54
arthurjohnson	But if you must, go for something a bit lighter, like xubuntu.	16:54
xT_Bash	combined with the ressource facts its quite a reason to leave it awys	16:54
xT_Bash	away*	16:54
ironm	!xubuntu	16:54
ubottu	Xubuntu is Ubuntu with Xfce instead of !GNOME. More info at http://www.xubuntu.org and http://wiki.ubuntu.com/Xubuntu/ - To install from Ubuntu: « sudo apt-get install xubuntu-desktop » - Join #xubuntu for support - See also: !Ubuntu and !Xubuntu-Channels	16:54
xT_Bash	so.. could u gimme a source with tutorial how to start up with ub-server?	16:55
ironm	!ubuntu-live	16:55
arthurjohnson	xT_Bash: have you installed your ubuntu server yet?	16:56
xT_Bash	yep	16:56
JanC	xT_Bash: even most serious Windows servers are administered remotely using AD (or other ways) anyway, so why do they need a GUI? ;)	16:56
xT_Bash	i already said i wont install a KDE/GNome etc	16:57
xT_Bash	actually just sitting in front of the commandline and dunno how to get the thing running	16:57
xT_Bash	well	16:58
xT_Bash	anyways thx for your advice so far	16:58
xT_Bash	am a bit busy and g2g	16:58
JanC	generally, services just run	16:58
xT_Bash	TTYL	16:59
xT_Bash	bb	16:59
hallyn	roaksoax: hi, would you mind pushing lp:~kroq-gar78/ubuntu/precise/rsyslog/fix-846818 ? I don't have the upload rights. IT's a trivial, correct, typo fix.	17:07
roaksoax	hallyn: howdy! sure!	17:09
hallyn	roaksoax: thanks!	17:09
roaksoax	hallyn: done!	17:17
hallyn	thanks again :)	17:17
zul	adam_g: hey are you workin on quantum?	17:27
stgraber	hallyn: I have a weird bug for you ;)	17:35
stgraber	hallyn: running: ubuntu-vm-builder kvm oneiric --kernel-flavour generic --ssh-key /data/auto-upgrade-tester/ssh-key.pub --components main,restricted --rootsize 15G --addpkg openssh-server --destdir /tmp/stgraber --arch i386	17:35
stgraber	hallyn: outside a container works fine	17:35
stgraber	hallyn: in a container, fails with: http://paste.ubuntu.com/907564/	17:35
stgraber	hallyn: wrong pastebin, http://paste.ubuntu.com/907541/	17:35
adam_g	zul: havent yet	17:36
adam_g	zul: would like to, tho	17:36
stgraber	hallyn: so we get that weird "mkdir: cannot create directory `/dev/shm': File exists"	17:36
adam_g	or, would like it to be fixed, if you wanna take it :)	17:36
zul	adam_g: ill get it fixed today	17:36
stgraber	hallyn: but only when running ubuntu-vm-builder in a container ... apparmor doesn't tell me it rejected anything	17:36
hallyn	stgraber: well the mkdir should fail if it exists...	17:37
hallyn	whey doesn't it onthe host?	17:37
stgraber	hallyn: it's ubuntu-vm-builder so that error appears during a deboostrap in a chroot...	17:38
stgraber	hallyn: and the mkdir call in sysvinit is guarded by a [ -d /dev/shm ] \|\| mkdir /dev/shm	17:39
stgraber	hallyn: looks like bug 891045	17:39
uvirtbot	Launchpad bug 891045 in sysvinit "initscripts: upgrade fails in chroot" [High,Confirmed] https://launchpad.net/bugs/891045	17:39
hallyn	that sucks	17:39
stgraber	yeah :)	17:39
stgraber	I'm trying to figure out exactly what's different between the host and the container...	17:40
hallyn	stgraber: test -d /dev/shm in container	17:42
hallyn	127	17:42
hallyn	umount /run/shm	17:42
hallyn	test -d /dev/shm -> 0	17:43
mgw	hey… what would cause ssh to stall for 4 seconds on login	17:43
mgw	$ ssh localhost ls	17:43
mgw	takes 4 seconds	17:43
stgraber	hallyn: interesting, though test -d /dev/shm = 0 in my container	17:45
stgraber	hallyn: but that may explain what's going on in ubuntu-vm-builder	17:45
stgraber	hallyn: my apparmor profile allows any mount in /tmp at the moment, I may try to restrict that to proc and sysfs which are the two I identified in vmbuilder as must-have	17:46
benji	mgw: does logging in locally take that long?	17:51
zul	adam_g: ok fixed	17:51
JJarvis	Hi, would someone please be able to help me in installing a wireless driver?	17:52
mgw	benji, it did… found the problem (ldap)… thanks!	17:52
benji	mgw: cool	17:53
JJarvis	I know Ubuntu-Server isn't supposed to run on anything other than LAN, but there is a reason.	17:53
zul	adam_g: problem was that i suck ;)	17:53
JJarvis	How would I activate a Broadcom STA driver (restricted) in the console?	17:53
hallyn	t doesn't always fail	17:53
hallyn	stgraber: it doesn't always fail	17:54
stgraber	JJarvis: jockey-text?	17:54
stgraber	hallyn: fun, so we have a race that mounts another tmpfs on top of /run/shm but only some of the time? :)	17:54
hallyn	stgraber: uh, i dont' think so,	17:54
hallyn	stgraber: the fs is always mounted, but someimtes test -d /dev/shm returns 0	17:55
stgraber	hmm	17:55
JJarvis	@stgraber Will try that now. Thanks.	17:55
JJarvis	exit	17:56
hallyn	stgraber: do you know if '[ -d /dev/shm ] \|\| mkdir /dev/shm calls out to /usr/bin/test or something else?	17:56
hallyn	cause /usr/bin/test's -d code looks pretty unassailable	17:56
stgraber	hallyn: it's called with /bin/sh (dash) so I think it's using dash's builtin test	17:57
hallyn	d'oh	17:57
hallyn	feh, this could be a libc bug..	17:58
hallyn	i assume the stat must occasionally fail...	17:58
hallyn	jamespage: have you confirmed that remove attach_disconnected works for you?	18:01
hallyn	jjohansen: can you confirm that it should be safe to remove attach_disconnected from lxc profile?	18:01
smoser	utlemming, SpamapS http://paste.ubuntu.com/907621/	18:05
smoser	look for Setting up postgresql-9.1 (9.1.3-2)	18:05
adam_g	zul: can we disable that console monitor thing till its been merged upstream, or has gone through sufficient testing?	18:07
zul	adam_g: sure go ahead	18:07
stgraber	hallyn: you can also remove the FIXME for that "deny umount" line, it's fixed with -21	18:10
hallyn	where is that?	18:10
adam_g	zul: can you checkin those *.logrotate files to the nova branch?	18:15
zul	adam_g: yeah hold on	18:15
zul	adam_g: they should already be there	18:16
hallyn	biab	18:16
adam_g	zul: doh	18:17
adam_g	zul: my bad	18:17
adam_g	zul: though it looks like nova-network provides dhcpbridge, not nova-common. ill update	18:18
zul	adam_g: ack	18:18
jjohansen	hallyn: it is not.	18:19
jjohansen	hallyn: those fixes/changes just aren't ready for this cycle	18:19
jjohansen	hallyn: so for 12.04 attach_disconnected is the required work around. I really, really wish it wasn't that way, but ...	18:20
Blah1	hey all. anyone familiar w/ preseed ? I remastered oneiric mini.iso, stuck a preseed.cfg file in it. fired up a vm w/ that iso yet ubuntu installer doesn't appear to pickup the preseed.	18:35
Blah1	and the only way i can tell that is because it stops to ask me the ubuntu mirror question, when i've specified it in the preseed file.	18:36
hallyn	jjohansen: ok, i asked because of bug 969228	18:39
uvirtbot	Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [High,Confirmed] https://launchpad.net/bugs/969228	18:39
jjohansen	hallyn: hrmm, okay, yet another stupid bug in the compiler that needs to be fixed.	18:44
hallyn	jjohansen: hooray if it's obvious to you how to fix :)	18:45
stgraber	hehe, looks like LXC is pretty useful at finding apparmor bugs ;)	18:45
jjohansen	hallyn: I don't know about obvious, but I know its at least part of its in the compiler	18:46
hallyn	stgraber: drat	18:48
stgraber	hallyn: I "think" I got ubuntu-vm-builder working here ;)	18:50
hallyn	did you change anything?	18:50
stgraber	hallyn: that thing does "mount --bind /dev/ /tmp/<something>/dev" which means it also gets /dev/shm in the process which is a dangling symlink	18:50
stgraber	hallyn: instead I added a new upstart script to that container that does "rm /dev/shm && mkdir /dev/shm && mount --bind /run/shm /dev/shm"	18:51
stgraber	hallyn: so now ubuntu-vm-builder gets an empty dir instead of dangling symlink and seems happy	18:51
stgraber	hallyn: then it failed running kpartx as I forgot to enable loop devices ;)	18:51
hallyn	what does 'mount --bind /dev /tmp/<something>/dev" ?	18:51
stgraber	hallyn: ubuntu-vm-builder	18:52
hallyn	oh	18:52
stgraber	which is fine if the VM knows that /dev/shm can be a symlinkto /run/shm which in some cases doesn't exist yet	18:52
hallyn	now originall /dev/shm was a symlink to, not bind mount of, /runs/hm right?	18:52
stgraber	but apparently something in oneiric doesn't ;) (I'm building an oneiric VM in a precise container)	18:52
hallyn	so how would you fix the reported bug/	18:53
stgraber	yeah and that's fine in 99% of the cases, except when something stupidly bind-mounts /dev to a chroot of another vresion of Ubuntu ...	18:53
stgraber	in my specific case, I think the fix should be in ubuntu-vm-builder, I don't see any reason to bind-mount /dev to start with	18:53
stgraber	debootstrap gives you a minimal /dev that should work just fine	18:53
stgraber	and that won't have a dangling symlink as your /dev/shm	18:54
jamespage	;q!	18:58
jamespage	hallyn, looking now	19:00
hallyn	jamespage: no need!	19:01
hallyn	jjohansen says that's wrong	19:01
jamespage	hallyn, standing down....	19:01
hallyn	:)	19:02
stgraber	jjohansen, hallyn: reading scrollback, that bug isn't linked to the attach_disconnected	19:07
stgraber	jjohansen, hallyn: the problem with attach_disconnected is localedef and dpkg-divert failing	19:08
stgraber	jjohansen, hallyn: bug 969299	19:08
uvirtbot	Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Critical,Confirmed] https://launchpad.net/bugs/969299	19:08
hallyn	oh no did i mis-paste?	19:09
hallyn	but in any case, jjohansen says removing attach_disconnected is not yet safe	19:09
hallyn	jamespage: the debdiff attached to bug 968912 (not by me) works for me, and adds a patch identical to what is already upstream. Do you mind sponsoring it?	19:11
uvirtbot	Launchpad bug 968912 in psensor "Wrong type of sensors displayed in preferences" [Undecided,Confirmed] https://launchpad.net/bugs/968912	19:11
stgraber	right, then ^ needs urgent fixing (as in, we need that for the release)... that upgrade testing container just won't work with it, so I'm currently running it without	19:11
hallyn	stgraber: you marked it critical right? jjohansen is on it iiuc	19:12
hallyn	all right i'll go ahead and test and push the rest of the changes we've discussed then	19:12
stgraber	hallyn: yeah, critical + targeted, should be on the right buglists with that	19:12
hallyn	worst case i guess we pull the apparmor profiles for now	19:13
stgraber	I don't think it's so bad we should pull the apparmor profile	19:14
stgraber	as pulling the profile introduces its own problems ;)	19:14
stgraber	at least with lxc.aa_profile I can workaround it for that specific container and keep the standard profile for the others	19:14
hallyn	stgraber: would you say that non-ubuntu containers should still start in lxc-container-default, or in unconfined?	19:25
hallyn	i'd prefer lxc-container-default of course, but i don't know if they need special mounting abilities offhand...	19:26
hallyn	eh i'll leave it as is for now	19:26
stgraber	hallyn: I'd prefer lxc-container-default, we'll deal with the bugs if anyone files one	19:26
amarcolino	quick question , is ubuntu 12.4 stable enough to be used as a development apache server?	19:34
hallyn	amarcolino: I suspect the official stance is "don't do that"	19:39
hallyn	!release	19:39
ubottu	Ubuntu releases a new version every 6 months. Each version is supported for 18 months to 5 years. More info at https://wiki.ubuntu.com/Releases & http://wiki.ubuntu.com/TimeBasedReleases	19:39
hallyn	hm, was hopin gfor more :)	19:39
hallyn	amarcolino: that said, i'm running it everywhere... except my mail server where i run lucid	19:40
amarcolino	thanks for the info and it has been stable for you till now?	19:41
hallyn	amarcolino: not always. you'd like to think we're close to release and no major library upgrade will mess us up now, but you never can tell...	19:47
jjohansen	stgraber: I updated Bug#969299 with my initial guess, I will check as soon as my vm is finished updating	19:53
hallyn	stgraber: have you noticed that lxc no longer builds on precise? http://paste.ubuntu.com/907772/	19:54
stgraber	hallyn: it built fine yesterday	20:00
* stgraber tries locally		20:00
hallyn	hmmm.	20:01
stgraber	local build failed somewhere in the doc (usually does when not in sbuild) but lxc itself built	20:04
hallyn	stgraber: "debian/rules build" fails. is your schroot 100% uptodate?	20:06
stgraber	hallyn: I'm building in arkose directly on my laptop that was updated 10min ago, so yeah should be up to date	20:07
amarcolino	hallyn, will take note of that, I aint planning to do much at the moment other than use it for site development, it should be stable enough for that...	20:07
hallyn	i'm just wondering whether to worry about the failure, or be happy it builds in buildds	20:08
stgraber	hallyn: http://paste.ubuntu.com/907790/	20:08
hallyn	what cmd did you use?	20:09
stgraber	hallyn: ./configure --disable-doc && make	20:09
stgraber	hallyn: I'll try building the full package now	20:09
stgraber	hmm, actually looks like I'm not completely up to date ... upgrading again first then	20:10
* stgraber wonders what machine he updated 10min ago ;)		20:10
hallyn	stgraber: jinkeys, it doesn't happen when i remove automake and autoconf!	20:11
stgraber	hallyn: always blame the automagic :)	20:12
hallyn	stgraber: well i'd noticed it when working on 0.8.0, so i knew we'd have to deal with it at some point...	20:13
hallyn	jjohansen: adding change_profile -> unconfined, isn't allowing me to transition to unconfined?	20:16
jjohansen	hallyn: urgh, f$#@!!!!!!	20:18
hallyn	well it's possible i'm doing something wrong!	20:18
hallyn	have two rules,	20:18
hallyn	transition -> lxc-*,	20:18
hallyn	transition -> unconfined,	20:18
jjohansen	hallyn: unlikely, unconfined is a special path, as soon as you said it, it hit me that I didn't try it	20:19
hallyn	ok	20:19
stgraber	:)	20:19
jjohansen	hallyn: I will get a patch out today	20:19
stgraber	jjohansen: did you consider using lxc as your official test suite? seems like we have pretty good code coverage there ;)	20:20
hallyn	stgraber: when i use 'deny mount fstype=debugfs,' before the allow rule for /sys/kernel/debug, container does not start	20:20
hallyn	(or after)	20:20
jjohansen	stgraber: I don't think I am ready for that yet :)	20:21
hallyn	jjohansen: thanks	20:21
jjohansen	stgraber: actually lxc will be, being rolled into the testing more	20:21
stgraber	hallyn: oh right, I'm guessing it's "normal" in apparmor world... "deny mount fstype=debugs" denies all debugfs including the one we explicitly allowed for /sys/kernel/debug	20:22
* jjohansen shakes head at the bugs this cycle		20:22
stgraber	jjohansen: ^ is that right? "deny mount fstype=debugfs," blocking our "mount fstype=debugfs -> //sys/kernel/debug/,"	20:22
hallyn	jjohansen: but look at how cool it'll be when done :)	20:23
jjohansen	stgraber: erm yeah deny, will actually subtract permissions from allow rules. Its an absolute this is denied	20:23
stgraber	ok, that's what I thought	20:23
hallyn	so do i just wnat 'dontaudit' ?	20:23
jjohansen	hallyn: yeah, one of these days ...	20:23
jjohansen	hallyn: dontaudit?	20:23
stgraber	hallyn: just go with "deny mount fstype=debugfs -> /var/lib/ureadahead/debugfs/", then	20:24
hallyn	yeah i guess so. technically that's the only one we're sure we're ok being quiet about anyway!	20:24
stgraber	hallyn: so we only silently deny this one and will update if we discover any other one we didn't know about :)	20:24
hallyn	and that actually works :) will do	20:26
Jeeves_	Hi all	20:27
Jeeves_	Can I ask for some non-ubuntu-related advice on disks and smartctl?	20:27
hallyn	stgraber: i'm getting ready to push http://people.canonical.com/~serge/lxc.debdiff	20:33
stgraber	looking	20:33
stgraber	hallyn: lxc-0.7.5/debian/lxc-default.apparmor: can you drop the FIXME in there too? it's no longer relevant with the new kernel	20:34
stgraber	hallyn: (FIXME above the deny for remount,ro of /)	20:34
hallyn	the 'Doesn't match yet' ?	20:34
stgraber	yep	20:34
stgraber	rest looks good, thanks	20:35
hallyn	thanks, pushing	20:35
mcloy	well i have a domain . and i host it on my box. i need an email@mydomain.com ..............	21:25
mcloy	i want to setup email accounts for my domains. i have a linux server avaialabe for hosting. how can i setup the emails ?	21:25
qman__	mcloy, this is covered in the server guide under postfix: https://help.ubuntu.com/10.04/serverguide/C/postfix.html	21:33
qman__	and a more advanced, complete setup here: https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto	21:34
mcloy	isnt this what i need https://help.ubuntu.com/community/MailServer ?	21:36
psyferre_	Hey folks, I've got a machine running Ubuntu 10.10 server. Given that the support EOL is "April 2012", does that mean I have two days before do-release-upgrade will cease to work?	22:09
Myrtti	no, it means you've got until the last thursday of April or so	22:15
SpamapS	uh	22:19
SpamapS	do-release-upgrade will work as long as natty is available	22:20
SpamapS	psyferre_: you have until the last thursday of April to keep getting support and security updates...	22:20
SpamapS	psyferre_: do-release-upgrade will work at least 6 more months.	22:20
SpamapS	I'd expect that one could coax it to work even after natty goes EOL too.	22:20
SpamapS	but I don't know for sure if that works	22:21
psyferre_	Awesome. Thanks! I knew it would eventually stop working, but I wasn't sure when and couldn't seem to hit the right google search string to find out for sure.	22:21
=== Arc_ is now known as a5m0

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!