[00:09] <Psi-Jack> So, it's almost a rarity these days that people even use Kerberos, isn't it?
[00:09] <Resistance> i've seen it used on Unix systems, almost never on Ubuntu nowadays
[00:10] <Resistance> and if I have seen it, its usually only on University networks and the occasional Corporate or Enterprise grade system
[00:12] <Psi-Jack> I've gotten UP to getting krb5 mit working, except it throws me errors trying to create the realm in ldap.
[01:00] <rocobruno> Hi, I was wondering if it advisable to install the ubuntu-desktop on a ubuntu server to use freenx. My concerns are of conserving as much of memory and cpu resources as possible.
[01:02] <Patrickdk> if you install ubuntu-desktop, it becomes ubuntu-desktop, basically no different than using the ubuntu desktop iso
[01:02] <Patrickdk> and it will use all the memory that it requires of that
[01:04] <rocobruno> is there such a way that you can get the desktop on demand ? Without the machine always booted with gui ?
[01:07] <Patrickdk> rocobruno sure? edit /etc/init/lightgm
[01:07] <Patrickdk> and tell it to not start on boot
[01:12] <rocobruno> Thanks Patrickdk
[01:17] <ruben23> hi guys where we can find teh data of mysql on packages install in mysql..?
[01:18] <Patrickdk> no clue what you just said
[01:19] <EvilResistance> ruben23:  can you clarify what you mean by 'data'
[01:19] <EvilResistance> and 'on package install' (same context)
[01:20] <ruben23> becasue i ahve a script with this and dont knwo what commadn should i put coz this is source install but im using package install of mysql ----> `/usr/local/mysql/bin/mysql -uroot .p.password. -e 'show databases' |  fgrep -v  \  "Database" |  fgrep -v "information_schema"`
[01:21] <ruben23> and also this ----> index_float=`du -amc  /usr/local/mysql/data/$i/*.MYI | grep total | awk '{print $1}'
[01:26] <Psi-Jack> Bah!
[01:26]  * Psi-Jack throws Kerberos out the window.
[02:28] <ruben23> hi guys how do i install perl modules on ubuntu server..?
[02:47] <matt_keys> I'm trying to bridge eth1 to virtual guests. i've got the bridge defined and working but the default was still virbr0. I virsh net-destroy default, then edited the default.xml to use the ip and bridge i want, but now when i virsh net-define the default.xml it says error: operation failed: network 'default' already exists with uuid e13c38e7-8679-b8ad-071a-3bd40d135af6
[02:48] <twb> The name of the bridge is irrelevant
[02:48] <twb> You could call it "arthur" and it would behave the same way
[02:49] <matt_keys> is deleting the default network forbidden or something?
[02:50] <twb> If it helps, this is a virsh dumpxml of a KVM instance, bridged to an existing bridge (set up in interfaces(5)) -- http://paste.debian.net/167078/
[02:54] <greppy> ruben23: are the modules that you need not included in a repo?  most of the ones that I have needed I have been able to find by searching for the module, like 'apt-cache search XML::Tidy'
[02:59] <matt_keys> twb : thanks, i had to restore default.xml like it was and then reinstall virt-manager to fix
[03:00] <matt_keys> wouldn't connect to qemu or anything
[03:03] <footvilla> I have 2 SSD 128 GIG running on Raid 0 Software Raid (mdadm)
[03:04] <footvilla> every 30 min im getting bad sector errors, and it locks access to everything
[03:04] <footvilla> how would i run fsck
[03:05] <footvilla> on a raid 0?
[03:05] <footvilla> sudo fsck =pcfv /dev/sda
[03:05] <footvilla> ?
[03:05] <twb> footvilla: fsck operates at the filesystem layer.  It doesn't give a shit about the underlying block device.
[03:05] <twb> You would need to fsck /dev/md0 or whatever the RAID0 array is called.
[03:06] <twb> Also, if no one has lectured you on this before: do not use RAID0 if you care about your data!
[03:07] <footvilla> yea ive noticed
[03:07] <footvilla> I went out and spent alot of money today
[03:08] <footvilla> i picked up 4 WD Ae4 250 gig Harddrives
[03:08] <footvilla> is it possible to transfer my raid0 and to those 4 harddrives to make it a raid 10 ?
[03:15] <twb> Dunno why you'd get 250Gs unless they're on special.  The ideal price point at the moment must be around 1.5G range atm
[03:15] <footvilla> i mean 500GB
[03:16] <twb> Anyway, the obvious way to do it would be to create a new array on the new four drives, make LVM and filesystems there, then mount them and the old drives at the same time and copy files across.
[03:16] <twb> If they're your boot drives as well, you'll also need to fiddle-fart around with fstab and grub so that the new disks will boot
[03:18] <footvilla> LVM?
[03:27] <footvilla> twb do you recommend using this tutorial ? http://www.numango.com/4653_linux-creating-configuring-raid.html
[03:27] <twb> footvilla: have you read the Ubuntu Server Guide?
[03:27] <footvilla> no
[03:27] <twb> Do so
[03:31] <twb> footvilla: you want the section "advanced installation" I think
[03:32] <footvilla> yea however it only shows how to step by step configure raid 1 on two physical drives
[03:36] <twb> RAID10 is just a mirror of striped drives (or a stripe of mirrored drives)
[03:37] <twb> mdadm --create -n2 -l0 /dev/md0 /dev/sd[ab]2
[03:37] <twb> mdadm --create -n2 -l0 /dev/md1 /dev/sd[cd]2
[03:37] <twb> mdadm --create -n2 -l1 /dev/md3 /dev/md[01]
[03:37] <twb> Something like that, anyway.
[03:38] <twb> I do not know whether it is better to do 0+1 or 1+0.
[03:38] <footvilla> yea reading up on google abou that
[03:46] <footvilla> twb
[03:46] <footvilla> server hd just wedged
[03:46] <footvilla> http://paste.ubuntu.com/963838/
[03:47] <twb> yeah that looks like the disks are dying
[03:48] <twb> At this point I would be running SMART self-tests
[03:48] <twb> (And obviously, making sure your backups are up-to-date)
[03:49] <footvilla> how do i run smart self test?
[03:49] <twb> install smartmontools, then smartctl -l and -t IIRC
[03:50] <twb> smartctl -t short /dev/sda, then watch smartctl -l selftest, watch until the self test finishes
[03:51] <twb> Good drives will give you an ETA on the self test; crap ones will not report anything about a test until it is either aborted or completes.
[03:51] <twb> You can also do a long test.
[03:52] <footvilla> thanks brb need to reboot this server
[04:05] <jeeves_moss> just wondering....  Why after an update do all of my Outlook clients not connect to postfix?  I keep getting a dissconnect after EHLO
[04:09] <footvilla> twb, i installed smartmontools
[04:09] <twb> footvilla: 13:50 <twb> smartctl -t short /dev/sda, then watch smartctl -l selftest, watch until the self test finishes
[04:11] <footvilla> http://paste.ubuntu.com/963854/
[04:12] <twb> footvilla: so now wait for it
[04:12] <footvilla> is the command window going to update?
[04:12] <footvilla> with results?
[04:13] <jeeves_moss> twb:  how's it going tonight?  it's been a while
[04:23] <twb> Not very well as far as connectivity goes, it would seem...
[04:23] <twb> footvilla: if you ran it in watch, it defaults to updating every 2s, as it says in the top-right
[04:24] <footvilla> how do i run it in watch\
[04:27] <twb> 13:50 <twb> smartctl -t short /dev/sda, then watch smartctl -l selftest, watch until the self test finishes
[04:27] <twb> "watch smartctl -l selftest"
[04:28] <footvilla> ERROR: smartctl requires a device name as the final command-line argument.
[04:30] <twb> "watch smartctl -l selftest /dev/sda" then
[04:30] <twb> Please exercise some initiative.
[05:01] <shortdudey123> hi, i am running ubuntu 10.04 and i am trying to add JAVA_HOME as a permanent environment variable.  I added it to /etc/environment and also adjusted PATH, however only the adjusted PATH is being picked up.  Any ideas?
[05:02] <twb> shortdudey123: why are you doing that
[05:03] <shortdudey123> i googled it and quite a few places said thats how you do it... but obviously its wrong or i am doing something wrong
[05:03] <twb> What is your actual goal
[05:03] <twb> 15:03 <greybot> http://mywiki.wooledge.org/XyProblem -- "I want to do X, but I'm asking how to do Y..."
[05:03] <shortdudey123> i am trying to start several services that require the JAVA_HOME var
[05:04] <twb> If you are using the JRE that ships with Ubuntu, you shouldn't need to do that.
[05:06] <shortdudey123> where would the JAVA_HOME var be pulled from then?
[05:07] <twb> it's set somewhere in the nest of java wrapper scripts
[05:08] <twb> I don't know where exactly.
[05:08] <shortdudey123> i am using OpenJDK and not the started sun java
[05:08] <shortdudey123> if that makes a difference
[05:09] <twb> So you did apt-get install <java app> ?
[05:09] <twb> Because that should Just Work
[05:10] <shortdudey123>  sudo apt-get install openjdk-6-jre
[05:10] <shortdudey123> and -jdk
[05:11] <shortdudey123> this is the specfic error that i get: http://pastebin.com/D03mkige
[05:13] <Smaug> hey all.  is there any way to restrict the commands a certain user can execute?
[05:13] <twb> Smaug: not really
[05:13] <twb> Smaug: if they are connecting via SSH keys, you can use a force command
[05:14] <twb> Smaug: but e.g. if you give them vi, they can use vi's internal fork+exec to run arbitrary commands.
[05:14] <twb> Er, s/vi/vim/
[05:14] <twb> shortdudey123: how did hadoop get onto the server?
[05:14] <shortdudey123> i installed it
[05:15] <twb> shortdudey123: how
[05:15] <shortdudey123> a repository from Clourdera
[05:15] <twb> What you should probably do, then, is contact the clourdera people and report the problem and get them to fix the package
[05:15] <Smaug> twb: okay, ignoring little workarounds like vi (which I guess I can restrict too), what is the force command you speak of?  what do you mean by SSH keys?  the user will connect by SSH, it is a bot actually, all it needs to do are run scripts with different inputs
[05:16] <Smaug> maybe a couple other things but not much
[05:16] <shortdudey123> twb: the repo is "http://archive.cloudera.com/debian lucid-cdh3 contrib"
[05:16] <twb> Smaug: first go read up on how key-based SSH auth works.  You need to understand that before you understand forced commands.
[05:17] <Smaug> right I thought that might be what you meant.  I am familiar with how key-based SSH auth works, though I only used it once, to learn how it works
[05:17] <twb> Smaug: the Ubuntu Server Guide might cover it, I don't know offhand.  Check that first, otherwise try the sshd_config, ssh_config and ssh-keygen manpages, and google
[05:17] <twb> Smaug: you should be using key-based auth always
[05:17] <Smaug> twb: why? is using pws insecure?
[05:18] <twb> https://en.wikipedia.org/wiki/Special:Search/Multi-factor_authentication
[05:18] <twb> (That is assuming your keys have passphrases, of course.)
[05:20] <Smaug> twb: ah i see.  cool, reading about it now thanks for the direction heading!
[05:20] <twb> Here is a worked example:
[05:20] <twb> command="nice ionice -c 3 rrsync -ro /",no-agent-forwarding,no-port-forwarding,no-X11-forwarding ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAsOX658HKuBNOy7X5UZPY8ogIKYaM1bQ/Nv04oFxyYj9i579fhn+gZ42fFnjMOXiTbSw6h8ZR+BF0smcDum2T6FANAdlQSanFIBMxbgAaYpNx/6qOsT1yECVzqqwEoOVqfGsb8iJwPJMJDGB40mxcvy++ESGLmgo9ivwhxdMbaS8= cyber-hosted-backup
[05:21] <twb> You may wish to combine this with sftponly techniques in sshd_config for that account
[05:22] <Smaug> do you know offhand if it's possible to  create keys for use in android (when I say bot, specifically it will be an android app)?
[05:23] <twb> I do not
[05:24] <twb> If that's your target, it may be better to simply expose the commands over an authenticated HTTPS connection with a simple REST app
[05:24] <twb> Depends on the nature of the commands and so on
[05:26] <Smaug> twb: that is not a bad idea, i suppose, is there a size limit on urls?
[05:26] <Smaug> some fields may be a bit large, but maybe that's ok
[05:26] <twb> I don't know
[05:26] <Smaug> ok
[05:26] <twb> web apps are for little girls IMO
[05:27] <Smaug> all web apps :)
[05:27] <Smaug> ?
[05:29] <twb> Yes
[05:29] <twb> arpanet for the arpans
[05:35] <shortdudey123> twb: i am installing the sun version of java to see if that fixes the problem
[05:35] <twb> Sigh
[05:36] <shortdudey123> ya i know... but i am out of ideas
[05:41] <shortdudey123> the sun java fixed the issue
[05:44] <twb> Yuk
[05:44] <twb> That'll only be because the app and sun jre are broken in the same way, so the broken halves fit together neatly :-/
[05:46] <shortdudey123> lol true
[05:55] <shortdudey123> twb, thanks for your help!
[06:22]  * SpamapS wades into the forbidden realm of CentOS administration just to remind himself why Ubuntu Server is a bazillion times better
[06:23]  * twb hands SpamapS the hip flask
[06:23] <SpamapS> aye, I'll need a straw too
[06:24] <greppy> not an IV?
[06:28] <SpamapS> greppy: thats what got me to this place in the first place ;)
[06:28] <twb> greppy: he's worried I doped the lip of the flash
[06:28] <twb> *flask
[06:28] <SpamapS> mainlining redhat's leftover crack
[06:28] <twb> That or cooties
[06:29] <twb> SpamapS: at least centos isn't using systemd yet
[06:29] <SpamapS> twb: yeah, and at least it will take them 3+ years until RHEL7 which will most likely have systemd :-P
[06:29] <SpamapS> or "the only daemon you'll ever need"
[06:30]  * SpamapS is surprised they haven't suggested merging apache into it yet
[06:30] <twb> FSVO they = lennart
[06:30] <twb> I wish someone would just arrange for him to have an "accident" so things can go back to normal
[06:31] <SpamapS> twb: careful. You likely have stalker fanbois who might think your serious. ;)
[06:32]  * SpamapS curses his ' key for failing to fire and making him say 'your'
[06:33] <_ruben_> your e key would to blame as well then
[06:33] <SpamapS> helpless victim
[06:33] <SpamapS> it's all ''s fault
[06:33] <SpamapS> it's mad because it has no way to posess it
[06:34] <SpamapS> ugh, decisions decisions..
[06:34] <SpamapS> should I migrate off courier onto the sexier new "dovecot" ..
[06:35]  * SpamapS used to think it was fun to run his own IMAP server. Now wants IMAP to die in a fire.
[06:36] <_ruben> hehe
[06:38] <greppy> SpamapS: for what it's worth, dovecot on debian/ubuntu has been way easier for me to deal with than courier was on the same.
[06:38] <SpamapS> greppy: I'm sticking with courier just because I can rsync the config dirs and move forward.
[06:39] <SpamapS> but I hate that. ;)
[06:39] <SpamapS> and I have to build courier-imap and courier-authlib because epel doesn't have it
[06:39] <SpamapS> why oh why do I run a CentOS IMAP server? (so you don't have to.. thats why)
[07:02] <twb> SpamapS: why courier and not dovecot
[07:03] <SpamapS> twb: rsync /usr/lib/courier-imap/etc newserver:/usr/lib/courier-imap
[07:03] <SpamapS> thats about it
[07:03] <SpamapS> laziness
[07:03] <twb> inertia?
[07:03] <SpamapS> It only has to support me.. though I am religious about using SSL for IMAP
[07:04] <SpamapS> awesome, upstream's courier-imap packages now *force* systemd if you are on anything except suse
[07:04] <SpamapS> stupid stupid stupid :-P
[07:06] <rmk> Use dovecot instead
[07:08] <twb> wtf
[07:08] <twb> I didn't think courier was even maintained
[07:12] <SpamapS> twb: it is. barely :)
[07:12] <SpamapS> and yeah, at this point, with the systemd madness .. no point in even trying to use courier
[07:13] <SpamapS> like.. awesome.. there are currently.. uh.. 0 RHEL or CentOS users with a /bin/systemctl command, and yet all new courier rpms depend on that.
[07:13] <SpamapS> WTG courier... one less user to worry about. :)
[07:14] <tdn> I maintain servers for a few customers. One of the regular tasks is to install security updates. A problem I face is that some updates require services to be restarted. This is no problem, if it is done outside of business hours. However, I prefer to do the maintenance work in business hours. So I figure there must be a way to install schedule an apt-get dist-upgrade to be run at night, without having to do it interactively? How to do this? I spe
[07:14] <twb> Oh I just realized I was thinking of cyrus not courier
[07:14] <twb> Whichever one provides the "sasl-bin" package so that stupid coworkers set it up as the sasl provider on postfix/dovecot mail servers
[07:15] <SpamapS> cyrus
[07:15] <twb> tdn: you can use invoke-rc.d to prevent automatic service restarts, but this will probably cause more problems than it solves
[07:15] <twb> tdn: IME you just say "suck it up, the service will bounce at 10AM, nobody will even notice anyway so STFU"
[07:16] <twb> Actually you can't use invokerc.d because stupid ubuntu uses stupid upstart which has no equivalent facility
[07:16] <twb> invoke-rc.d only works for scripts that are still managed under /etc/init.d
[07:16] <SpamapS> tdn: unattended-upgrades might be helpful
[07:16] <SpamapS> twb: not true
[07:17] <twb> SpamapS: it was true when I last checked as at 10.04
[07:17] <SpamapS> twb: invoke-rc.d works for upstart jobs
[07:17] <SpamapS> it worked then too
[07:17] <SpamapS> though there were probably a few bugs
[07:17] <SpamapS> because all upstart jobs from packages will also have a symlink from /etc/init.d/jobname to /lib/init/upstart-job
[07:17] <twb> I guess I ran into a bug, then.  I wrote my normal invoke-rc.d which went something like #!/bin/sh \n exit 101, and upstart appeared to completely ignore it
[07:17] <twb> argh, sorry
[07:17] <SpamapS> twb: and you mean /sbin/policy-rc.d
[07:17] <twb> I meant to say *policy-rc.d*
[07:18] <twb> invoke-rc.d works fine but if the postinst calls "restart foo" because its an upstart job, then policy-rc.d was/appeared to be ignored as at 10.04
[07:18] <twb> I had to do something hideous like replace initctl with /bin/true during package installation
[07:21] <SpamapS> twb: that postinst is *in error*
[07:22] <SpamapS> twb: I have fixed maybe 5 of those since 10.04
[07:22] <SpamapS> twb: people need to use dh_installinit.. :-/
[07:22] <SpamapS> stop inventing crap
[07:22] <twb> I may have some details wrong, but it was definitely causing problems and I was definitely very annoyed by it
[07:22] <Jeeves_> Morning
[07:23] <Jeeves_> Does anyone know how I let Grub skip iscsi-disks while trying to find operatingsystems?
[07:23] <twb> Jeeves_: grub or os-prober?
[07:23] <twb> Jeeves_: in the latter case the easiest way is to simply uninstall it :-)
[07:24] <Jeeves_> twb: Well, i upgraded a box to precise last night, and it looked into the iscsi disks as well
[07:24] <Jeeves_> I think it was while 'Generating grub.cfg'
[07:25] <twb> It'll either be code in os-prober or in /etc/grub/'s run-parts dir
[07:25] <twb> I don't know if you can selectively disable os-prober's scans, because I usually just remove it
[07:25] <Jeeves_> Nicely undocumented, btw. os-prober
[07:25] <Jeeves_> No manual entry for os-prober
[07:26] <twb> IIRC you also have to pin it to prevent kernel updates from reinstalling it
[07:27] <twb> I think it's basically there to find the dual-boot Windows partition on ubuntu desktops
[07:28] <Jeeves_> So don't install it on -server
[07:29] <twb> Looks like os-prober's guts live in /usr/lib, so to selectively disable a scan you would dpkg-divert --rename /usr/lib/os-probes/mounted/10linux or whatever
[07:29] <twb> It doesn't mention iscsi by name, so what is probably happening is it is simply iterating over everything in (say) /dev/disks/by-name/* and that happens to include iscsi on your system
[07:30] <twb> I'm speculating quite a bit here, though -- you will need to do some tracing yourself
[07:33] <Jeeves_> https://bugs.launchpad.net/ubuntu/+source/os-prober/+bug/797547
[07:33] <Jeeves_> Nice ..
[07:33] <SpamapS> alright, so dovecot is like a bazillion times easier to configure
[07:33]  * SpamapS is now officially a courier hater
[07:34] <Jeeves_> :)
[07:34] <lifeless> SpamapS: \o/
[07:34] <lifeless> SpamapS: dovecot is awesome
[07:36] <twb> SpamapS: I haven't ever actually configured dovecot as such ;-)
[07:37] <twb> Well, I have a liiiitle bit
[07:38] <twb> I had to jump through a hoop to allow a stupid PHP script to talk to the IMAP server without giving it a full LDAP account
[07:38] <twb> I wish it didn't have a hard-coded leading dot for subdirs though, because that annoys prayer
[07:39] <twb> SpamapS: you probably want to change protocols = imap imaps to just = imaps, and maybe add ssl = required
[07:40] <twb> Can't see anything else much interesting in etckeeper logs
[08:33] <tdn> twb, I don't think that I can just restart samba with useres logged in without risking data loss :(
[08:35] <twb> CIFS clients don't care
[08:35] <twb> I'm pretty sure they recover seamlessly
[08:35] <twb> Obviously you will want to test this, and not just believe some cowboy on IRC
[08:46] <tdn> twb, I am pretty sure I have experienced problems with this before. This is the reason why I really want to avoid it.
[08:46] <twb> Shrug
[08:46] <tdn> And I cannot prove a negative by testing.
[08:47] <twb> Sure sure
[09:55] <lynxman> morning o/
[10:18] <Jeeves_> I really hate how the boot proces of precise-server makes me wait for 'network configuration'
[10:18] <Lazik> I feel you
[10:18] <Jeeves_> 'Waiting up to 60 more seconds'
[10:19] <Jeeves_> Looks like the person that thought of that 'feature' is unaware of pxe-install environments :)
[10:58] <sarthor> Any one configure shorewall and LSM on Ubuntu-server, I have Ubuntu-server 12.04 installed. but do not know how to configure, Shorewall channel says "there is no .deb pkg, and you can Guess why there is only rpm " Any help please.
[11:10] <jpds> sarthor: There's a shorewall package in the archive?
[11:10] <jpds> sarthor: sudo apt-get install shorewall
[11:10] <sarthor> jpds, shorewall already installed. problem with LSM. Link Status Monitor.
[11:36] <sarthor> I want to compile lsm for shorewall on ubnutu-sever 12.04, How to do that, I never compiled anything before.
[12:00] <Cirbri> I got something weird going on with my Exim4 config.
[12:01] <Cirbri> I have Exim4 from package management -- where the config is all split, it's generated into a single file each time you run the init script -- I've replaced all this with a single, bare-bones config that doesn't do very much; now the parent Exim runs asDebian-exim instead of root. And it doesn't seem able to deliver mail locally.
[12:01] <Cirbri> (presumably because it cannot access mailboxes owned by their specific users)
[12:01] <Cirbri> Anyone have any idea what is going on?
[12:12] <sarthor> I want to compile lsm for shorewall on ubnutu-sever 12.04, How to do that, I never compiled anything before.
[12:15] <hallyn> stgraber: you've looked at ~frankban/lpsetup/lp-lxc-ip/ ?
[12:16] <hallyn> stgraber: I can't decide whether to just turn the devicens blueprint into a non-discussion one with just a work item to discuss devicens at plumber's
[12:27] <davmor2_> hey guys I am sure this is something I'm doing wrong I've followed the serverguide mail is up and running fine etc, I then went to setup roundcube  that displays a login page correctly but when I add the user and pass it says connection to imap server failed, what am I missing (this worked on 10.04)
[12:32] <larsweb> davmor2_, Have you checked your firewall?
[12:35] <davmor2_> larsweb: this is the first time running a firewall up and running I relied on my router firewall before, I have setup the firewall and as far as I know have opened the ports thunderbird can connect to it and send and receive mail it's just roundcube
[12:36] <larsweb> I have an ubuntu server with apache 2.2.14 and drupal. When I test with "ab -c 1" it works fine. but it "halts" with "ab -c 2" or larger. How can I debug this problem?
[12:37] <larsweb> davmor2_, are roundcube and imap on the same host?
[12:37] <davmor2_> larsweb: yeap
[12:38] <larsweb> davmor2_, which OS , mail, and imap?
[12:39] <davmor2_> ubuntu server 12.04 64bit, imap is handled by dovecot, mail is postfix
[12:39] <larsweb> and "iptables -L " says?
[12:46] <larsweb> is there a guide to optimize apache/mysql/ubuntu for fast deliveries?
[13:09] <stgraber> hallyn: I don't think there's much point discussing this at UDS as we won't have Eric or Daniel there, so making the blueprint non-discussion and adding the actual work items after plumbers is probably best.
[13:09] <stgraber> hallyn: looking at the branch now
[13:10] <hallyn> stgraber: so i wonder which state to use if not discussion.  drafting?
[13:11] <stgraber> hallyn: I can probably decline it for uds-q, that should make it go away from the schedule
[13:12] <hallyn> ok
[13:12] <stgraber> hallyn: done
[13:12] <hallyn> thanks :)
[13:13] <stgraber> hallyn: that branch is interesting, especially the clone call in python, I didn't realize it was actually possible to do it without any C :)
[13:13] <hallyn> say
[13:13] <hallyn> yeah it's cool :)
[13:13] <hallyn> stgraber: did you say you had blogged on lxc+apparmor?  I thought you did, but I don't see it.
[13:14] <hallyn> (I was going to do a post just to explain that we don't have the stackign profile support and what that means, and reference yours first)
[13:14] <stgraber> hallyn: didn't have the chance yet, my next blog post is going to be some kind of general overview of LXC in 12.04. So if you want to blog about apparmor specifically, go ahead.
[13:14] <hallyn> cool.  if i don't get a chance before the flight to uds i'll do it then, but i'm hoping this week.
[13:15] <stgraber> I'm planning on releasing my LXC in 12.04 post after the UDS plenary
[13:16] <stgraber> hallyn: I'll add an item to the lxc blueprint whiteboard to discuss liblxc, ideally I'd like to use it for an upstream python-lxc, directly calling the C functions when it's easier and offering some nice python interface for the rest.
[13:17] <hallyn> and a springboard to a bash-free lxc :)
[13:17] <stgraber> hallyn: but for that we need to move quite some code around in the C side of things. I noticed that we have a lot of code that's in the tools but really should be in the library
[13:17] <stgraber> hallyn: Implementing lxc_stop in the python module took me 5 minutes, but implemeting lxc_start would likely take me hours and lead to a lot of code duplication
[13:18] <hallyn> and really I don't like the way templating is done
[13:18] <hallyn> Sunday or monday evenign I think we should get together and break the items int he whiteboard into themes,
[13:18] <hallyn> and decide which themes are most important during q cycle
[13:18] <stgraber> hallyn: also, cleaning up liblxc to be easily usable by external tools will make it much easier to write a libvirt-real-lxc driver using it and stop that libvirt non-sense :)
[13:18] <hallyn> perhaps restructuring lxc code is the thing we shoudl focus on now
[13:18] <hallyn> heh.    sssssshhhhh, smoser will find you
[13:19] <hallyn> and of course, adding hooks can be seen as part of restructuring (or as something to better add after restructuring)
[13:20] <stgraber> adding hooks should be easy when we're already moving code around between the tools and library
[13:26] <stgraber> hallyn, highvoltage: Added my thoughts on the library work and the python bindings to the blueprint
[13:29] <stgraber> hallyn: oh, and having a good library will also make unit testing of the code much easier, which is probably something we should be adding to upstream lxc soon too
[13:30] <hallyn> that'd be great
[13:30] <hallyn> for higher level testing, i do need to sit down with jamespage about hooking my testsuite up to our jenkins instance (or whatever we can)
[13:31] <highvoltage> stgraber: awesome.
[13:31] <hallyn> i suppose maybe i should just set up my own jenkins instance in ec2 to do that
[13:31] <hallyn> but i'll wait to talk to jamespage
[13:32] <hallyn> stgraber: maybe we should flag ("(*)") items that would neatly fall in after a code rewrite
[13:32] <hallyn> (like config file inclusion, etc)
[13:32] <stgraber> hallyn: sounds good
[13:39] <jamespage> hallyn, my bad - I've still not managed to help you do that....
[13:40] <hallyn> jamespage: at this point we can perhaps best sit and chat next week
[13:41] <jamespage> hallyn, agreed - we should also see how this fits into overall QA plans
[13:41] <jamespage> then have some good stuff in pipeline ATM
[13:41] <hallyn> if you care to look when you have a moment, it's at lp:~serge-hallyn/+junk/lxc-test
[13:41] <hallyn> is there a qa session where this should be discussed, or is talking over lunch just as well?
[13:48] <jamespage> hallyn, I'll try to find out
[15:30] <ttx> adam_g: is there any OpenStack charm session scheduled for UDS ?
[15:30] <ttx> adam_g: was wondering if we could make it a strong alternative to devstack for all-in-one development environments on ubuntu
[15:36] <zul> ttx: there isnt one afaik
[15:37] <ttx> zul: couldn't find it either
[16:01] <aldo_> hi
[16:02] <aldo_> can you help me?
[16:03] <aldo_> ?
[16:04] <Resistance> !details
[16:06] <aldo_> okok, so, i have 5 pc
[16:06] <aldo_> and i use 1 pc for Ubuntu Server 12.04
[16:06] <aldo_> how can I do to connect this pc with ubuntu server?
[16:08] <Pici> Connect how?
[16:09] <aldo_> this pc are connect with one router to internet
[16:10] <aldo_> i wourd like share file in server
[16:11] <aldo_> and use phpmyadmin in all pc (excuse me for my english)
[16:11] <aldo_> (phpmyadmin of Ubuntu Server)
[16:11] <aldo_> do you understand?
[16:16] <Resistance> aldo_, so...
[16:17] <Resistance> basically you want to be able to share files between your computers through your server...
[16:17] <Resistance> and want to have phpMyAdmin accessible by your other systems from your Ubuntu Server system?
[16:17] <aldo_> true
[16:21] <aldo_> Work in Team on Web Project is my purpose, than all pc will see the work and the files and phpmyadmin
[16:23] <aldo_> than all pc will also see the web page files in php
[16:23] <aldo_> I installed php
[16:28] <aldo_> can you help me?
[16:45] <sbalneav> Hello, I'm having a problem setting up a new 12.04 server.  I've got 4 3TB drives, that I'd like to configure as software RAID10.  However, I can't ever seem to set up any partition as bootable.  In 10.04, I could create partitions as "Physical Raid Volume", and set the bootable flag.  Now, the flag stays "off", with the result that the grub install step fails.
[16:45] <sbalneav> Has anyone seen anything like this?
[16:47] <stgraber> hallyn: right, so jcastro told me I won't have the plenary slot for LXC at UDS (I guess that's the last time I propose a plenary considering how badly the last few went...). So I'll be blogging about it earlier than expected and will keep the talk for some other conference
[16:48] <stgraber> hallyn: do you think there's sufficient interest to register a session for demo, q&a, ... or we'll have enough time for that in the lxc session
[16:50] <hallyn> stgraber: not sure (i should think so) but you do remind me that at the last sprint, the kernel team asked for a lxc session showing more in-depth how it works, what kernel bits are used, etc
[16:51] <hallyn> so perhaps even 2 such sessions - one high-level for people who want to use it,
[16:51] <hallyn> and one low-level for kernel team and such.
[16:52] <hallyn> (might also be good to have security team there to ask questions pointing toward the no-doubt-present security holes we haven't yet considered)
[16:52] <stgraber> hallyn: I don't think we can really justify 3 hours worth of session for LXC but having one informational session and one development session would work. People should be technical enough at UDS that having some kernel questions during the session shouldn't disturb them too much :)
[16:52] <hallyn> i'd think monday for the high-level one, and maybe wed or fri for the low-level one
[16:53] <hallyn> stgraber: ok...  perhaps i'll ask apw if he still wants one and we can make it private
[16:53] <hallyn> stgraber: oh, you were tinking informational blueprint
[16:53] <hallyn> i was thinking evening sessions
[16:54] <hallyn> sounds good, do as you planned :)
[16:54] <stgraber> hallyn: right, I was thinking about registering a session and having it put on the main schedule
[16:54] <apw> hallyn, i am interested in knowing whats coming at me down the pipe, whatever works for those of you throwing it :)
[16:54] <stgraber> k, doing so now
[16:55] <hallyn> apw: ok, i do give sort of (my view of) a general roadmap to 14.04 wrt to lxc and kernel features in my next blog post.  when i post it...
[16:55] <hallyn> but i suspect getting together and starting with an lxc-create+lxc-start at a laptop, you all would think up some good questions
[17:03] <stgraber> hallyn: https://blueprints.launchpad.net/ubuntu/+spec/foundations-q-containers-demo
[17:05] <stgraber> jjohansen: would be great if you could attend for any security question ^
[17:20] <wiherek> hi
[17:20] <wiherek> i have a vps with only SolusVM and ssh access (no cpanel / directadmin)
[17:21] <wiherek> I'd like to use google apps for mail. where do I set the MX nameservers?
[17:22] <hallyn> stgraber: cool, thanks
[17:30] <zul> hallyn: so...do you want to merge libvirt?
[17:31] <jcastro> jamespage: ping
[17:33] <hallyn> zul: is that a trick question?
[17:34] <hallyn> it's on my list...  but happy to take it off my list if you want to do it
[17:43] <jjohansen> stgraber: ack, marked myself as essential
[17:44] <stgraber> jjohansen: thanks
[17:44] <jamespage> jcastro: pong
[17:45] <jcastro> jamespage: check your voicemail. :)
[17:46] <jamespage> jcastro: just picked it up
[18:23] <adam_g> ttx: i was hoping to cover the openstack juju charms during the openstack next steps session
[18:25] <adam_g> ttx: i can propose something dedicated to those charms, but IMHO the session at last UDS didn't really accomplish much other than adding a bunch of wishlist work items that weren't really tied to the ubuntu release.  the essential charm stuff should align with openstack next steps nicely.
[18:26] <adam_g> ttx: that said, both smoser and i have thought a lot about how to use juju to bootstrap openstack dev envs. but mostly multi-node setups, not all-in-one. i dont see much value in Juju doing that, it would mostly be a charm that just runs devstack?
[18:30] <koolhead17> ttx, but devstack uses source pkgs i suppose
[18:32] <adam_g> koolhead17: but hacking on source installed from debian packaging is a drag. we had toyed with the idea of extending the charms to optionally install from upstream repositories
[18:33] <koolhead17> adam_g, well i will not think of writing charm 4 something which  whose changes everyday/hour/minute :)
[18:33] <koolhead17> *source
[18:36] <koolhead17> i see few launchpad bugs/questions asked on mailing list because of temporary commits and devstack failing
[18:53] <insulina> hello, I am runing a ubuntu server with geoserver, and I realy need a good performance, all docs says that sun-jdk delvery better results than the openjdk, so I am thinking in trying oracle jre 7, does anyone have experience with this that like to share ? thanks
[19:01] <roaksoax> smoser: http://wiki.flimzy.com/index.php/Install_Debian_on_USB
[19:10] <mgw> hi, how can I remove a spurious entry from debconf-get-selections
[19:10] <mgw> ?
[19:10] <mgw> I accidentally added a line that does not correspond to any package
[19:11] <mgw> I know it's probably harmless, but it's annoying all the same
[19:12] <JonEdney> Is there a way to install Apache 2.2.22 and PHP 5.3.10 on 11.10?  My host isn't able to accomadate 12.04 on my VPS yet.
[19:22] <Pici> JonEdney: Is there something that you need that isn't in 2.2.20 or 5.3.6 ?
[19:23] <JonEdney> No, I don't really run much, just assume they would be more stable.
[19:24] <Pici> JonEdney: I personally wouldn't worry about it.  Security patches are applied even if the version number doesn't seem to indicate that.
[19:28] <Calif> hi, I have a server that won't accept a dhcp address
[19:28] <Calif> actually let me try just one thing...
[19:28] <JonEdney> Pici, that is good to know thanks.
[19:29] <Calif> brb
[19:31] <stgraber> hallyn: not sure if you noticed but your blog post is appearing as just plain text, none of the URLs in it are actual links
[19:33] <hallyn> stgraber: hm, thanks - i'll have to look at it (later)
[19:38] <mgw> Calif: do you have access to the dhcp server?
[20:06] <stgraber> hallyn: just noticed we have a usernamespace session on the schedule for uds-q. Will that work without Eric present?
[20:08] <erichammond> stgraber: What is a usernamespace? When I glanced at it, it looked like kernel stuff.
[20:08] <stgraber> erichammond: it's kernel stuff :)
[20:09] <hallyn> stgraber: i would try to get eric on the phone, but i would do the main presentation.  (it's an informational one)
[20:09] <stgraber> erichammond: basically the most important missing namespace for containers, that allows the userid range in a container to be different from that of the outside
[20:09] <hallyn> stgraber: i'm not yet decided as to wehther to cancel it
[20:09] <stgraber> erichammond: so uid 0 in a container != uid 0 outside of it
[20:09] <stgraber> hallyn: yep, if you can have him on the phone, that'd be fine indeed
[20:10] <stgraber> hallyn: I'm doing a cleanup pass through the sessions as I've noticed there was a few duplicates and sessions that really shouldn't be there, so was wondering if user namespace was one of them. Good to hear it's probably going to happen
[20:11] <erichammond> stgraber: If it is specific to running VMs with Ubuntu, then I probably have little contribute.  My interests are focused on running Ubuntu servers on Amazon EC2.  I have no interest in running my own hardware any more.
[20:15] <stgraber> erichammond: it's specific to LXC containers, so won't affect VMs
[20:16]  * erichammond looks up LXC.
[20:16] <erichammond> Cool! but I'm still unlikely to have much to contribute, so don't schedule around me.
[20:18] <rockets> Is there any decent documentation for configuring KVM on Ubuntu 12.04 Server? I've found a lot of documentation for KVM but it's all for 10.04 and older, and it doesn't seem to work.
[20:18] <rockets> I found one document for ubuntu 12.04 beta 1, but that didn't work either
[20:20] <terwine> Hi! I am having some trouble with SAMBA/AD shares since I upgraded from 10.04 to 12.04. Is there anybody familiar with this process who could provide some insight?
[20:25] <hallyn> stgraber: erichammond: fwiw, there is potential for (mapping-free) user namespaces to be useful for protecting the host from qemu drivers
[20:26] <hallyn> anyway the user ns session would be informational
[20:44] <Psi-Jack> heh
[20:45] <Psi-Jack> rockets: KVM is pretty much very easy. You install kvm, you use it. If you want management tools for it, libvirt, virt-manager, and virt-viewer are useful for desktop use tools.
[20:45] <Psi-Jack> libvirt itself is useful also in a pacemaker-managed cluster of kvm-based hypervisor server clusters.
[20:46] <Psi-Jack> terwine: I don't totally use 12.04 /yet/, but I do have some 12.04 server VM's I run. What about Samba/AD are you having issues with?
[20:48] <terwine> Psi-Jack: I have a SAMBA share that I use to push nightly backups into. The share is hosted on my ubuntu server. The hosts that connect to it authenticate(or at least they used to) with their AD credentials
[20:48] <Psi-Jack> I see.. And what are you using for AD integration?
[20:49] <terwine> Also, I use a windows to unix user mapping for authentication.
[20:49] <terwine> kerberos5, and winbind
[20:49] <Psi-Jack> I see.. That's a painful combination. ;)
[20:50] <terwine> indeed. Took me two days to get it working on 10.04 when I set it up
[20:50] <Psi-Jack> Centrify, is one method I have heard works very well with AD integration, and doesn't have the same flaws winbind does.
[20:50] <terwine> I have heard of this. Do you think it is worth a shot?
[20:50] <smoser> tyhicks, http://paste.ubuntu.com/965549/
[20:50] <smoser> you seen that ?
[20:51] <Psi-Jack> terwine: I don't know yet. I've mentioned to my boss I'd be investigating into what is needed to centralize out authentication against their PITA ADS server. ;)   Ended up getting a Windows 2008R2 ISO from them with one of the company VLK keys for it to experiment with in non-production environments. ;)
[20:52] <tyhicks> smoser: Yeah. For now, do a `find ~/ -inum 1279352`, verify that it is an empty file and then delete it.
[20:52] <smoser> (i usually just delete it)
[20:52] <terwine> Ah. I liked the fact that kerberos and winbind are free, and once I had it working before it was great for many months.
[20:52] <tyhicks> smoser: I'm working on handling the error path better that causes that empty file to be created.
[20:52] <smoser> but its annoying, and often i am made aware of it because something gets input/output errors when writing a file.
[20:53] <smoser> i've not lost any data that i know of to it, so i'm not terribly upset.
[20:53] <tyhicks> smoser: Is it usually the same file (or the same app) that causes it?
[20:53] <smoser> and happy that you are aware and working on it. thats good enough for me.
[20:53] <smoser> i dont knwo... recently its been offlineimap that i've been seeing it with i think.
[20:54] <smoser> which is wrigint maildir style files
[20:54] <tyhicks> ok
[20:54] <smoser> so its probably an order of magnitude the highest file writing thing i do
[20:54] <smoser> as in "lots of little files"
[20:58] <rockets> Psi-Jack, the issue is i need to set up bridging. NAT isn't going to do it for me
[20:58] <Psi-Jack> rockets: That's easy.
[20:59] <rockets> Psi-Jack, yes, easy when you know how to do it :)
[20:59] <Psi-Jack> Heh
[20:59] <Psi-Jack> rockets: Well, pastebin your /etc/network/interfaces, and I'll transform it for you.
[20:59] <rockets> lolol
[20:59] <rockets> hmm
[20:59] <rockets> is that all it really takes?
[20:59] <rockets> hold on
[20:59] <Psi-Jack> And having the bride-utils installed, yes.
[20:59] <rockets> server is reinstalling, should be done in like ~5 mins
[20:59] <Psi-Jack> bridge-utils even!
[21:00] <pabelanger> So I have a few bugs related to openstack packaging, any suggestion on how I can get them merged faster?  Is it better to try and commit them into bzr (pull request) or debdiff?
[21:00] <pabelanger> The work is done, just not merged
[21:00] <Psi-Jack> rockets: Sure I'll still be here. :)
[21:01] <Psi-Jack> rockets: Just make sure when you're ready, say my name as normal, letting me know, paying attention to multiple channels. ;)
[21:01] <rockets> thanks Psi-Jack
[21:01] <tyhicks> terwine: I recently set up Samba/AD on 12.04 for testing a security update. I took some rough notes I could forward onto you.
[21:01] <terwine> That would be much appreciated. I'm also downloading the free version of centrify, but would love to stick with open source
[21:02] <terwine> also, thatnks psi-jack
[21:02] <tyhicks> terwine: pm me your email address
[21:02] <terwine> thanks*
[21:03] <Psi-Jack> tyhicks: Did you use Centrify?
[21:03] <tyhicks> Psi-Jack: No, winbind
[21:03]  * Psi-Jack shivers.
[21:05] <terwine> I got stuck configuring PAM the last time, then to bind windows users to the unix user
[21:07] <smoser> roaksoax, search for maas at https://docs.google.com/a/canonical.com/?tab=oo&pli=1#home
[21:11] <rockets> Psi-Jack, bah I gotta go. Thanks for your offer of help. I'm sure I'll either figure it out, or wait until I can find you again :-D
[21:14] <Psi-Jack> heh
[21:14] <Patrickdk> hheh
[21:37] <wiherek> If I don't have access to something like directadmin, cpanel or linode panel etc., I can only create a name - ip relation for my vps by assigning the specific hostname to it, right?
[21:39] <wiherek> (I dont want to set up my own dns, just use my hosting providers dns)
[22:42] <adam_g> roaksoax: if you care to help get this into -proposed, i'd appreciate. :)   theres a debdiff attached to bug and a branch linked. i seem not to have sufficient upload rights to do it myself. https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/990742
[22:42] <adam_g> smoser: ^
[22:45] <roaksoax> adam_g: looking into it
[22:46] <roaksoax> adam_g: forgot to update the maintainer :) http://paste.ubuntu.com/965751/
[22:51] <roaksoax> adam_g: uploaded
[22:51] <adam_g> roaksoax: dahh thanks
[23:47] <wiherek> how can I check which processes start at system boot?
[23:59] <thomas> I'm in a bit of a bind and I'm not even sure if this is were to ask but it's a start. I got a server with over 2k emails accounts (I'm trying to figure out how to find out when users last popped email from me so I can remove ones that are >6months old anyone got any advice? or point me in the right direction?