=== Arc_ is now known as a5m0 [00:13] I'm using Lucid and need a package which shows up on packages.ubuntu.com, but won't install, does it work for anyone else? http://paste.ubuntu.com/906458/ [00:16] New bug: #968743 in mysql-dfsg-5.1 (main) "package mysql-client-core-5.1 (not installed) failed to install/upgrade: trying to overwrite '/usr/bin/mysql', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/968743 [00:36] New bug: #968753 in openssh (main) "ssh crashed with SIGSEGV" [Medium,New] https://launchpad.net/bugs/968753 === Jasonn is now known as jucy === jucy is now known as juicy === Arc_ is now known as a5m0 [06:10] someone use samba domain [06:10] or not? [06:15] I have some question? [06:15] anyone help me, please. [07:03] Hmm [07:04] A new libreoffice in an LTS is possible during beta [07:04] but a new apache2 isn't [07:05] no apache 2.4 in precise? [07:11] No [07:11] At least, not currently [07:11] https://bugs.launchpad.net/ubuntu/+bug/939300 [07:11] Launchpad bug 939300 in ubuntu "precise 12.04: consider adding Apache 2.4 ?" [Wishlist,Confirmed] [07:14] *click "yes this affects me" [07:30] no, apache 2.4 will probably be a backport though [07:30] Oops, my LDAP server's cert expired... no logins for nearly half an hour [08:10] morning all [08:17] good morning [08:50] New bug: #968983 in openssh (main) "ssh crashed with SIGSEGV" [Medium,New] https://launchpad.net/bugs/968983 [09:20] I, does anyone here can give me a functional PXE file for Ubuntu 12.04? [09:20] *Hi [09:23] Here is a function pxelinux file, http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/pxelinux.0 [09:23] functional* [09:30] Daviey: not quite what I need, but maybe it can help. This is the PXEfile that goes in the tftpboot folder, what I need was a boot configuration file that is deployed for each machine [09:31] but I will try and change this one [09:31] maybe it will do the trick [09:36] Daviey: no luck… [09:39] why does 11.10 install without problems and 12.04 has ram disk problems…. [09:40] jamespage: morning [09:40] xranby, good morning! how are you? [09:41] jamespage: im fine thanks, i have beem focusing on GUI backend perfomance [09:42] mostly since i do not have any crash report to investigate :) [09:42] jamespage: please tell if you observe any instability issue [09:42] during your testing rounds [09:42] xranby, sure will :-) [09:42] things have been pretty stable TBH [09:43] nice, thats what i want to hear [12:31] why would the default setup of 10.04 LTS postfix not use aliases [12:31] I send mail to root and it sends it out [12:33] <_ruben> it does use it, but i recall a "bug" where the postinst doesn't populate /etc/aliases even tho it makes you think it does [12:34] <_ruben> and after modifying /etc/aliases, make sure you run newaliases [12:37] _ruben: no it's because mail -s test root doesn't sent to root@localhost [12:37] it sends it to root@hostname [12:37] for some strange reason [12:40] <_ruben> a default config should accept mail for @hostname as well [12:41] <_ruben> what does 'postconf myorigin myhostname' show? [12:44] /etc/mailname [12:44] which is my domain name [12:45] <_ruben> and postconf mydestination? [12:45] mydestination = beaver1.postgresintl.com, localhost.postgresintl.com,localhost [12:45] postgresintl.com [12:45] is the domain name === smb` is now known as smb [12:46] <_ruben> and beaver1 is the hostname i assume? [12:46] yes [12:46] <_ruben> beaver1 oughta be in mydestination as well [12:47] I have other setups where this is not the case [12:47] nm I'll try that [12:50] actually postgresintl.com needs to be in mydestination [13:02] good morning === bladernr_afk is now known as bladernr_ [13:29] hallyn: ping [13:30] hallyn: could it be that we forgot to allow lxc-start to call change_profile? setting lxc.aa_profile prevents the container from starting here [13:30] hallyn: ah, no, my bad [13:30] hallyn: I should have read the main profile and see that it needs to be prefixed by lxc- :) [13:37] hallyn: hmm, so I added a profile lxc-upgrader01 in /etc/apparmor.d/lxc/ and called it lxc-container-upgrader01 in the profile [13:37] hallyn: but now /etc/init.d/apparmor reload fails ... [13:48] hallyn: bug 969228 [13:48] Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [Undecided,New] https://launchpad.net/bugs/969228 [14:22] stgraber: d'oh, again i didn't see the notification here. but i saw the email :) [14:22] hallyn: hehe :) [14:23] hallyn: I also reproduced the weird dpkg diverts and locales being blocked by apparmor. I'm upgrading the machine to linux-image-3.2.0-21-generic before reporting that one [14:23] hallyn: bug 969228 is either and LXC or an apparmor parser bug, so shouldn't depend on the kernel version [14:23] Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [High,Incomplete] https://launchpad.net/bugs/969228 [14:25] stgraber: yes, could you try removing the #include from the top of your new file? [14:25] hallyn: no change... [14:26] drat [14:28] note i *did* test this... how odd [14:29] reproduced now though [14:31] stgraber: oh i didn't go far enough in my request [14:32] stgraber: if you pull the #include from both container profiles and put it at top of /etc/apparmor.d/lxc-containers, it works [14:33] jjohansen: is there a way to say '#ifndef tunables #include #endif' in a apparmor profile? [14:33] jjohansen: i want users to be able to just 'apparmor_parser /etc/apparmor.d/lxc/lxc-new' rather than /etc/init.d/apparmor reload', is the only reason [14:33] (maybe that's not worthwhile) [14:34] hallyn: #ifdef> not... really, but I haven't looked at the bug report yet. [14:36] (drat, this coudl require a server guide update) [14:39] hallyn, is there anything I can do to help diagnose/fix the 'failed to fstat previous diversions file' issue we see with postgresql under lxc? [14:39] I just hit the same issue in another charm [14:40] jamespage: turn off apparmor and see if it's still broken [14:40] if not, mark it as affecting linux and critical priority, owned by jjohansen [14:40] hallyn, OK - testing now [14:42] hallyn: sorry, was working on something else, looking now [14:43] hallyn: worked [14:44] stgraber: ok, i guess i'll move the #include, and ask for server guide update. users will need to reload all container profiles at once. [14:45] hallyn: btw: [ 1022.059598] type=1400 audit(1333118643.042:36): apparmor="DENIED" operation="mount" info="failed type match" error=-13 parent=23460 profile="lxc-container-upgrader01" name="/var/lib/ureadahead/debugfs/" pid=23666 comm="ureadahead" fstype="debugfs" srcname="none" flags="rw" [14:45] hallyn: I guess we should silent that one [14:46] we do that with just an explicit deny right? [14:46] hallyn: yep [14:46] (sorry doing a bunch of bugs at a time) [14:47] hallyn|stgraber: can you post the problematic version of the /etc/apparmor.d/ tree to bug 969228 [14:47] Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [High,Incomplete] https://launchpad.net/bugs/969228 [14:48] roaksoax: aldebaran (the cobbler server), alkaid and phact are available now [14:48] roaksoax: sorry for the delay, but I only ended the upgrade around 0100 UTC today [14:55] sbeattie: there you go [14:55] stgraber: thanks, peeking. [15:01] hallyn, if I turn off apparmor I can't start any containers [15:01] hallyn, http://paste.ubuntu.com/907334/ [15:03] hggdh: no worries [15:06] hallyn: hmm, the divert and locale apparmor bugs are still there with -21 ... I guess I'll have to file a bug this time as it's preventing the daily upgrade testing from working [15:06] anyone here happen to be using the mlx4_en ethernet driver on precise? [15:07] stgraber: that's what jamespage is looking at [15:07] stgraber: yes, if jamespage hasn't filed it yet, pls mark it critical [15:07] hallyn, stgraber: I've not filed a bug yet [15:07] jamespage: sorry, please at 'lxc.aa_policy = unconfined' to the container's config (/var/lib/lxc/container/config) [15:07] hallyn, ack [15:07] jamespage: it's explained in the server guide, but that's notreally online yet iiuc :) [15:08] jamespage: I did :) [15:09] sbeattie, hallyn, jamespage: bug 969299 [15:09] Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Undecided,New] https://launchpad.net/bugs/969299 [15:10] stgraber, hallyn: oddly if I put lxc-container-default into complain mode I don't get the issue - but neither does aa complain [15:10] hallyn: targeted to final and marked critical [15:10] jamespage: yay for debugging fixing the bugs ;) [15:11] jamespage: might be worht commenting that int he bug [15:11] hallyn, lemme double check that [15:15] jjohansen: ^ bug 969229 [15:15] Launchpad bug 969229 in txamqp "Impossible to reopen closed channel" [Undecided,New] https://launchpad.net/bugs/969229 [15:15] no that's not the one :) [15:15] jjohansen: would you believe bug 969299 [15:15] Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Undecided,New] https://launchpad.net/bugs/969299 [15:16] hallyn: lxc-start: unknow key lxc.aa_policy [15:16] wth [15:16] (I think we also want s/unknow/unknown/g btw ;)) [15:16] d'oh [15:16] aa_policy [15:16] lxc.aa_profile [15:17] stgraber: that's not *my* typo :) [15:17] root@athos:/data/internal/containers# lxc-start -n upgrader01 [15:17] lxc-start: Permission denied - failed to change apparmor profile to unconfined [15:17] stgraber: you haven't disabled apparmor [15:18] usr.bin.lxc-start isn't allowed to transition to unconfined [15:18] hallyn: why would I do that? I just want it off for one container ;) [15:18] zul, Just read your answer to that xen feature mail. Just to make sure I am not doing something wrong because I am using still the xend based api between libvirt and xen host in precise. [15:18] stgraber: you think the default lxc-start profile should allow that? [15:19] smb: no you arent i think they are refering to the XCP stuff that citrix was doing this cylce in debian/ubuntu [15:19] hallyn: I think we should allow for a container to set "lxc.aa_profile = unconfined" without turning apparmor off for all containers, yes [15:19] zul, Yes, well generally the xcp stuff, right. Reading about the blueprint gave a bit the impression this is what is used in Precise [15:20] smb: right i dont think anyone on the platform team has used the xcp stuff really [15:20] stgraber: ok so there's that, the #include fix, and what was the other thing is houdl add right now? [15:20] (and by right now i mean, "sometime soon")_ [15:21] maybe that was it [15:22] hallyn: "#include fix", "deny for debugfs in /var/lib/ureadahead/debugfs/", "allow switch to unconfined in usr.bin.lxc-start" [15:25] ah right debugfs, thanks [15:26] mabe the ubuntu template should add a commented '# lxc.aa_profile = unconfined' [15:27] stgraber: really we want debugfs anywhere to be silenetly denied, right? [15:27] finnaly updated my old intranet server from 9.10 to 10.04 and noticing some magic: mp4/h.264 videos can be seeked without preloading in html5 mode on chrome..., is it a chrome magic or a combo of smarter apache and chrome, or some other mistery? [15:27] hallyn: hmm, indeed, "deny mount fstype=debugs," should be fine [15:28] hallyn: also +1 on adding some lxc.aa_profile line to the template, either "lxc.aa_profile = lxc-container-default" or a commented "# lxc.aa_profile = unconfined" [15:28] hallyn: as long as there's a way for people to easily figure it out, that's fine [15:28] hallyn, stgraber: not sure whether its related but I'm getting some excellent kernel message cruft - http://paste.ubuntu.com/907382/ [15:30] jamespage: I've always blamed the lack of logging namespace for that one ;) not sure if that's the real cause though [15:30] stgraber, it does not appear to impact function as far as i can tell [15:32] jamespage: I'm testing aa-complain now ;) sounds like an interesting workaround [15:34] jamespage, adam_g, zul: What is the story of precise-openstack-essex-swift-trunk failing? [15:35] Daviey: the story is that swift needs openstack-nose-plugins to build the testsuite and its 95% done on my todo list [15:35] Daviey: its packaged just not in the archive [15:37] stgraber: jamespage: actually we still have attach_disconnected in the policy, that *might* be causing problems. not sure [15:37] biab [15:37] zul: ok, thanks [15:38] hallyn: good point, I'll test that before trying jamespage's trick [15:45] is apt-proxy now called apt-cacher? [15:46] no [15:46] different project [15:46] apt-cacher is slow [15:46] apt-cacher-ng is faster by many times [15:47] apt-cache search apt-proxy did not return apt-proxy - it returned apt-cacher and apt-cacher-ng [15:47] I was looking to caching packages because I want to install and update many machines and want to save bandwidth [15:47] came accross https://help.ubuntu.com/community/AptProxy [15:47] find apt-proxy for me :) [15:47] should I be using apt-cacher-ng? [15:47] or, it works for me, to locate apt-proxy [15:48] ubuntu-server 11.10 [15:48] 10.04 here [15:48] hmmn - that may do it [15:48] apt-proxy downloads the all .deb's for a version if I remember right [15:48] using gigs of space [15:48] where apt-cacher-ng only downloads the .deb's you use, like a http proxy [15:48] yup - that should be find - I have a 2TB disk :-) [15:49] ah, I see the difference [15:49] last time I used apt-proxy I think it was using 600gigs of space for me [15:49] will try out apt-cacher-ng [15:49] just all the updates for things I didn't use, kept using up all my bandwidth [15:49] thanks patdk-wk [15:50] heh, my apt-cacher-ng is using 1.9gigs of space [15:52] I think everyone should stop saying the names of software that ends in -ng [15:52] heh [15:52] * patdk-wk renames amavisd-new to amavisd-ng [15:53] -1 [15:53] zul: bug 965551 ? [15:53] Launchpad bug 965551 in quantum "quantum-server 2012.1~rc1-0ubuntu2 fails to install" [Undecided,New] https://launchpad.net/bugs/965551 [15:54] ng, not bad, only 15 packages in lucid have -ng [15:54] Daviey: i think adam_g said he was going to work on that one [15:54] zul-ng, What is the status of that bug? [15:54] ok, great [15:56] heh zul-ng [15:56] that one is overrated! [16:01] Daviey: you stop that! [16:05] * Daviey wonders how hard an irrsi pluggin would be to add -ng to any verb. :) [16:06] err noun [16:06] I hope it would be very very difficult [16:07] zul / adam_g: Are you uploading new snapshots today? [16:08] Daviey: no im going to wait for rc2 [16:08] zul: no date set, or confirmed there will be an rc2, is there? [16:09] Daviey: lemme check my sources [16:11] stgraber: uh, what is jamespages' trick? [16:16] Daviey: if they get their stuff together it will be today otherwise monday [16:17] hallyn: aa-complain ;) [16:18] ah ok [16:18] zul: feel free to tell your sources that i haven't seen that discussed anywhere, or on the release schedule. [16:18] Or just tell ttx. [16:19] hallyn: dropping the attach_disconnected seems to have worked here [16:19] jamespage: can you try doing that too? ^ [16:19] stgraber: interesting. [16:20] stgraber, OK - I'll try - where do I set that? [16:20] it does make some sense [16:20] remove it from the top of /etc/apparmor.d/{usr.bin.lxc-start,lxc/lxc-default} [16:21] probably just remove the whole flags=(.*) [16:22] hello there [16:23] is tehre any specialist bladecenter ? [16:24] anyone there ? [16:41] what is a, specialist bladecenter? [16:41] I would assume all bladecenters to be special [16:42] sure [16:42] well i got a small on my bladecenter [16:42] Chassis Cooling Devices [16:43] 1 [16:43] [16:43] Chassis Cooling Device status OK [16:43] 78% [16:43] 2 [16:43] [16:43] Chassis Cooling Device status OK [16:43] 79% [16:43] what can be ? [16:45] hello. Is there an approved possibility to create own ubuntu server images with some third party packages (for off-line installations? I have played a bit with debian live-builder 3.0a-45-1 but was not successful. Thank you in advance for any hints. [16:50] hey ppl [16:51] any1 willing to help me with a 10.04 LTS install? [16:51] wanna install the kde but yet dont have any clue how [16:52] Why would you want to install KDE on a server install? [16:52] any other desktop u suggest?^^ [16:52] or does the question target the desktop thing itself? [16:53] None. At least thats my opinion. [16:53] well [16:53] I would never put a desktop on a server. Wastes resources. [16:53] But if you must, go with something a little lighter, like xubuntu [16:53] im not that fit with with console yet [16:53] still too miseducated by microsoft stuff :P [16:53] Desktops aren't going to make configuring and maintaining a server any easier. [16:54] mkay [16:54] But if you must, go for something a bit lighter, like xubuntu. [16:54] combined with the ressource facts its quite a reason to leave it awys [16:54] away* [16:54] !xubuntu [16:54] Xubuntu is Ubuntu with Xfce instead of !GNOME. More info at http://www.xubuntu.org and http://wiki.ubuntu.com/Xubuntu/ - To install from Ubuntu: « sudo apt-get install xubuntu-desktop » - Join #xubuntu for support - See also: !Ubuntu and !Xubuntu-Channels [16:55] so.. could u gimme a source with tutorial how to start up with ub-server? [16:55] !ubuntu-live [16:56] xT_Bash: have you installed your ubuntu server yet? [16:56] yep [16:56] xT_Bash: even most serious Windows servers are administered remotely using AD (or other ways) anyway, so why do they need a GUI? ;) [16:57] i already said i wont install a KDE/GNome etc [16:57] actually just sitting in front of the commandline and dunno how to get the thing running [16:58] well [16:58] anyways thx for your advice so far [16:58] am a bit busy and g2g [16:58] generally, services just run [16:59] TTYL [16:59] bb [17:07] roaksoax: hi, would you mind pushing lp:~kroq-gar78/ubuntu/precise/rsyslog/fix-846818 ? I don't have the upload rights. IT's a trivial, correct, typo fix. [17:09] hallyn: howdy! sure! [17:09] roaksoax: thanks! [17:17] hallyn: done! [17:17] thanks again :) [17:27] adam_g: hey are you workin on quantum? [17:35] hallyn: I have a weird bug for you ;) [17:35] hallyn: running: ubuntu-vm-builder kvm oneiric --kernel-flavour generic --ssh-key /data/auto-upgrade-tester/ssh-key.pub --components main,restricted --rootsize 15G --addpkg openssh-server --destdir /tmp/stgraber --arch i386 [17:35] hallyn: outside a container works fine [17:35] hallyn: in a container, fails with: http://paste.ubuntu.com/907564/ [17:35] hallyn: wrong pastebin, http://paste.ubuntu.com/907541/ [17:36] zul: havent yet [17:36] zul: would like to, tho [17:36] hallyn: so we get that weird "mkdir: cannot create directory `/dev/shm': File exists" [17:36] or, would like it to be fixed, if you wanna take it :) [17:36] adam_g: ill get it fixed today [17:36] hallyn: but only when running ubuntu-vm-builder in a container ... apparmor doesn't tell me it rejected anything [17:37] stgraber: well the mkdir *should* fail if it exists... [17:37] whey doesn't it onthe host? [17:38] hallyn: it's ubuntu-vm-builder so that error appears during a deboostrap in a chroot... [17:39] hallyn: and the mkdir call in sysvinit is guarded by a [ -d /dev/shm ] || mkdir /dev/shm [17:39] hallyn: looks like bug 891045 [17:39] Launchpad bug 891045 in sysvinit "initscripts: upgrade fails in chroot" [High,Confirmed] https://launchpad.net/bugs/891045 [17:39] that sucks [17:39] yeah :) [17:40] I'm trying to figure out exactly what's different between the host and the container... [17:42] stgraber: test -d /dev/shm in container [17:42] 127 [17:42] umount /run/shm [17:43] test -d /dev/shm -> 0 [17:43] hey… what would cause ssh to stall for 4 seconds on login [17:43] $ ssh localhost ls [17:43] takes 4 seconds [17:45] hallyn: interesting, though test -d /dev/shm = 0 in my container [17:45] hallyn: but that may explain what's going on in ubuntu-vm-builder [17:46] hallyn: my apparmor profile allows any mount in /tmp at the moment, I may try to restrict that to proc and sysfs which are the two I identified in vmbuilder as must-have [17:51] mgw: does logging in locally take that long? [17:51] adam_g: ok fixed [17:52] Hi, would someone please be able to help me in installing a wireless driver? [17:52] benji, it did… found the problem (ldap)… thanks! [17:53] mgw: cool [17:53] I know Ubuntu-Server isn't supposed to run on anything other than LAN, but there is a reason. [17:53] adam_g: problem was that i suck ;) [17:53] How would I activate a Broadcom STA driver (restricted) in the console? [17:53] t doesn't always fail [17:54] stgraber: it doesn't always fail [17:54] JJarvis: jockey-text? [17:54] hallyn: fun, so we have a race that mounts another tmpfs on top of /run/shm but only some of the time? :) [17:54] stgraber: uh, i dont' think so, [17:55] stgraber: the fs is always mounted, but someimtes test -d /dev/shm returns 0 [17:55] hmm [17:55] @stgraber Will try that now. Thanks. [17:56] exit [17:56] stgraber: do you know if '[ -d /dev/shm ] || mkdir /dev/shm calls out to /usr/bin/test or something else? [17:56] cause /usr/bin/test's -d code looks pretty unassailable [17:57] hallyn: it's called with /bin/sh (dash) so I think it's using dash's builtin test [17:57] d'oh [17:58] feh, this could be a libc bug.. [17:58] i assume the stat must occasionally fail... [18:01] jamespage: have you confirmed that remove attach_disconnected works for you? [18:01] jjohansen: can you confirm that it should be safe to remove attach_disconnected from lxc profile? [18:05] utlemming, SpamapS http://paste.ubuntu.com/907621/ [18:05] look for Setting up postgresql-9.1 (9.1.3-2) [18:07] zul: can we disable that console monitor thing till its been merged upstream, or has gone through sufficient testing? [18:07] adam_g: sure go ahead [18:10] hallyn: you can also remove the FIXME for that "deny umount" line, it's fixed with -21 [18:10] where is that? [18:15] zul: can you checkin those *.logrotate files to the nova branch? [18:15] adam_g: yeah hold on [18:16] adam_g: they should already be there [18:16] biab [18:17] zul: doh [18:17] zul: my bad [18:18] zul: though it looks like nova-network provides dhcpbridge, not nova-common. ill update [18:18] adam_g: ack [18:19] hallyn: it is not. [18:19] hallyn: those fixes/changes just aren't ready for this cycle [18:20] hallyn: so for 12.04 attach_disconnected is the required work around. I really, really wish it wasn't that way, but ... [18:35] hey all. anyone familiar w/ preseed ? I remastered oneiric mini.iso, stuck a preseed.cfg file in it. fired up a vm w/ that iso yet ubuntu installer doesn't appear to pickup the preseed. [18:36] and the only way i can tell that is because it stops to ask me the ubuntu mirror question, when i've specified it in the preseed file. [18:39] jjohansen: ok, i asked because of bug 969228 [18:39] Launchpad bug 969228 in lxc "Unable to load another apparmor profile from /etc/apparmor.d/lxc/" [High,Confirmed] https://launchpad.net/bugs/969228 [18:44] hallyn: hrmm, okay, yet another stupid bug in the compiler that needs to be fixed. [18:45] jjohansen: hooray if it's obvious to you how to fix :) [18:45] hehe, looks like LXC is pretty useful at finding apparmor bugs ;) [18:46] hallyn: I don't know about obvious, but I know its at least part of its in the compiler [18:48] stgraber: drat [18:50] hallyn: I "think" I got ubuntu-vm-builder working here ;) [18:50] did you change anything? [18:50] hallyn: that thing does "mount --bind /dev/ /tmp//dev" which means it also gets /dev/shm in the process which is a dangling symlink [18:51] hallyn: instead I added a new upstart script to that container that does "rm /dev/shm && mkdir /dev/shm && mount --bind /run/shm /dev/shm" [18:51] hallyn: so now ubuntu-vm-builder gets an empty dir instead of dangling symlink and seems happy [18:51] hallyn: then it failed running kpartx as I forgot to enable loop devices ;) [18:51] what does 'mount --bind /dev /tmp//dev" ? [18:52] hallyn: ubuntu-vm-builder [18:52] oh [18:52] which is fine if the VM knows that /dev/shm can be a symlinkto /run/shm which in some cases doesn't exist yet [18:52] now originall /dev/shm was a symlink to, not bind mount of, /runs/hm right? [18:52] but apparently something in oneiric doesn't ;) (I'm building an oneiric VM in a precise container) [18:53] so how would you fix the reported bug/ [18:53] yeah and that's fine in 99% of the cases, except when something stupidly bind-mounts /dev to a chroot of another vresion of Ubuntu ... [18:53] in my specific case, I think the fix should be in ubuntu-vm-builder, I don't see any reason to bind-mount /dev to start with [18:53] debootstrap gives you a minimal /dev that should work just fine [18:54] and that won't have a dangling symlink as your /dev/shm [18:58] ;q! [19:00] hallyn, looking now [19:01] jamespage: no need! [19:01] jjohansen says that's wrong [19:01] hallyn, standing down.... [19:02] :) [19:07] jjohansen, hallyn: reading scrollback, that bug isn't linked to the attach_disconnected [19:08] jjohansen, hallyn: the problem with attach_disconnected is localedef and dpkg-divert failing [19:08] jjohansen, hallyn: bug 969299 [19:08] Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Critical,Confirmed] https://launchpad.net/bugs/969299 [19:09] oh no did i mis-paste? [19:09] but in any case, jjohansen says removing attach_disconnected is not yet safe [19:11] jamespage: the debdiff attached to bug 968912 (not by me) works for me, and adds a patch identical to what is already upstream. Do you mind sponsoring it? [19:11] Launchpad bug 968912 in psensor "Wrong type of sensors displayed in preferences" [Undecided,Confirmed] https://launchpad.net/bugs/968912 [19:11] right, then ^ needs urgent fixing (as in, we need that for the release)... that upgrade testing container just won't work with it, so I'm currently running it without [19:12] stgraber: you marked it critical right? jjohansen is on it iiuc [19:12] all right i'll go ahead and test and push the rest of the changes we've discussed then [19:12] hallyn: yeah, critical + targeted, should be on the right buglists with that [19:13] worst case i guess we pull the apparmor profiles for now [19:14] I don't think it's so bad we should pull the apparmor profile [19:14] as pulling the profile introduces its own problems ;) [19:14] at least with lxc.aa_profile I can workaround it for that specific container and keep the standard profile for the others [19:25] stgraber: would you say that non-ubuntu containers should still start in lxc-container-default, or in unconfined? [19:26] i'd prefer lxc-container-default of course, but i don't know if they need special mounting abilities offhand... [19:26] eh i'll leave it as is for now [19:26] hallyn: I'd prefer lxc-container-default, we'll deal with the bugs if anyone files one [19:34] quick question , is ubuntu 12.4 stable enough to be used as a development apache server? [19:39] amarcolino: I suspect the official stance is "don't do that" [19:39] !release [19:39] Ubuntu releases a new version every 6 months. Each version is supported for 18 months to 5 years. More info at https://wiki.ubuntu.com/Releases & http://wiki.ubuntu.com/TimeBasedReleases [19:39] hm, was hopin gfor more :) [19:40] amarcolino: that said, i'm running it everywhere... except my mail server where i run lucid [19:41] thanks for the info and it has been stable for you till now? [19:47] amarcolino: not always. you'd like to think we're close to release and no major library upgrade will mess us up now, but you never can tell... [19:53] stgraber: I updated Bug#969299 with my initial guess, I will check as soon as my vm is finished updating [19:54] stgraber: have you noticed that lxc no longer builds on precise? http://paste.ubuntu.com/907772/ [20:00] hallyn: it built fine yesterday [20:00] * stgraber tries locally [20:01] hmmm. [20:04] local build failed somewhere in the doc (usually does when not in sbuild) but lxc itself built [20:06] stgraber: "debian/rules build" fails. is your schroot 100% uptodate? [20:07] hallyn: I'm building in arkose directly on my laptop that was updated 10min ago, so yeah should be up to date [20:07] hallyn, will take note of that, I aint planning to do much at the moment other than use it for site development, it should be stable enough for that... [20:08] i'm just wondering whether to worry about the failure, or be happy it builds in buildds [20:08] hallyn: http://paste.ubuntu.com/907790/ [20:09] what cmd did you use? [20:09] hallyn: ./configure --disable-doc && make [20:09] hallyn: I'll try building the full package now [20:10] hmm, actually looks like I'm not completely up to date ... upgrading again first then [20:10] * stgraber wonders what machine he updated 10min ago ;) [20:11] stgraber: jinkeys, it doesn't happen when i remove automake and autoconf! [20:12] hallyn: always blame the automagic :) [20:13] stgraber: well i'd noticed it when working on 0.8.0, so i knew we'd have to deal with it at some point... [20:16] jjohansen: adding change_profile -> unconfined, isn't allowing me to transition to unconfined? [20:18] hallyn: urgh, f$#@!!!!!! [20:18] well it's possible i'm doing something wrong! [20:18] have two rules, [20:18] transition -> lxc-*, [20:18] transition -> unconfined, [20:19] hallyn: unlikely, unconfined is a special path, as soon as you said it, it hit me that I didn't try it [20:19] ok [20:19] :) [20:19] hallyn: I will get a patch out today [20:20] jjohansen: did you consider using lxc as your official test suite? seems like we have pretty good code coverage there ;) [20:20] stgraber: when i use 'deny mount fstype=debugfs,' before the allow rule for /sys/kernel/debug, container does not start [20:20] (or after) [20:21] stgraber: I don't think I am ready for that yet :) [20:21] jjohansen: thanks [20:21] stgraber: actually lxc will be, being rolled into the testing more [20:22] hallyn: oh right, I'm guessing it's "normal" in apparmor world... "deny mount fstype=debugs" denies all debugfs including the one we explicitly allowed for /sys/kernel/debug [20:22] * jjohansen shakes head at the bugs this cycle [20:22] jjohansen: ^ is that right? "deny mount fstype=debugfs," blocking our "mount fstype=debugfs -> //sys/kernel/debug/," [20:23] jjohansen: but look at how cool it'll be when done :) [20:23] stgraber: erm yeah deny, will actually subtract permissions from allow rules. Its an absolute this is denied [20:23] ok, that's what I thought [20:23] so do i just wnat 'dontaudit' ? [20:23] hallyn: yeah, one of these days ... [20:23] hallyn: dontaudit? [20:24] hallyn: just go with "deny mount fstype=debugfs -> /var/lib/ureadahead/debugfs/", then [20:24] yeah i guess so. technically that's the only one we're sure we're ok being quiet about anyway! [20:24] hallyn: so we only silently deny this one and will update if we discover any other one we didn't know about :) [20:26] and that actually works :) will do [20:27] Hi all [20:27] Can I ask for some non-ubuntu-related advice on disks and smartctl? [20:33] stgraber: i'm getting ready to push http://people.canonical.com/~serge/lxc.debdiff [20:33] looking [20:34] hallyn: lxc-0.7.5/debian/lxc-default.apparmor: can you drop the FIXME in there too? it's no longer relevant with the new kernel [20:34] hallyn: (FIXME above the deny for remount,ro of /) [20:34] the 'Doesn't match yet' ? [20:34] yep [20:35] rest looks good, thanks [20:35] thanks, pushing [21:25] well i have a domain . and i host it on my box. i need an email@mydomain.com .............. [21:25] i want to setup email accounts for my domains. i have a linux server avaialabe for hosting. how can i setup the emails ? [21:33] mcloy, this is covered in the server guide under postfix: https://help.ubuntu.com/10.04/serverguide/C/postfix.html [21:34] and a more advanced, complete setup here: https://help.ubuntu.com/community/PostfixVirtualMailBoxClamSmtpHowto [21:36] isnt this what i need https://help.ubuntu.com/community/MailServer ? [22:09] Hey folks, I've got a machine running Ubuntu 10.10 server. Given that the support EOL is "April 2012", does that mean I have two days before do-release-upgrade will cease to work? [22:15] no, it means you've got until the last thursday of April or so [22:19] uh [22:20] do-release-upgrade will work as long as natty is available [22:20] psyferre_: you have until the last thursday of April to keep getting support and security updates... [22:20] psyferre_: do-release-upgrade will work at *least* 6 more months. [22:20] I'd expect that one could coax it to work even after natty goes EOL too. [22:21] but I don't know for sure if that works [22:21] Awesome. Thanks! I knew it would eventually stop working, but I wasn't sure when and couldn't seem to hit the right google search string to find out for sure. === Arc_ is now known as a5m0