/srv/irclogs.ubuntu.com/2012/06/15/#ubuntu-server.txt

marvelouzonewas wondering if someone could help me with a strange problem01:11
marvelouzoneanybody on?01:23
genii-around!details01:24
ubottuPlease give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."01:24
smwgenii-around, I like !ask better01:26
smw!ask01:26
ubottuPlease don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience01:26
* genii-around makes more coffee and waits for the strange problem specifics01:28
marvelouzoneI have a problem with all passwords stop working the only thing I have installed is zentyal. if I try to log in it tells me incorrect password, on both user accounts that I have. if I do sudo nano, it ask me for password, I enter correct password, and it just drops back to prompt with no error message, if I do plain nano it works, this happensa with any command I put sudo or gksu in01:28
marvelouzonefront of. I cant log in through ssh, ttyl, etc.. I'm lost, Ive been searching for answers for hours..01:28
marvelouzoneI have checked to make sure I'm in the admin group, and I am01:29
marvelouzoneI'm running 12.0401:29
ChmEarlmarvelouzone, sudo -s;grep admin /etc/sudoers01:34
JanCmarvelouzone: are you in the sudoers group too?01:38
marvelouzoneyes01:46
uvirtbotNew bug: #1013457 in juju (universe) "twistd still autostarted for juju after juju is removed from system" [Undecided,New] https://launchpad.net/bugs/101345701:51
twbhttp://paste.debian.net/174600/ WTF?04:23
twbOh, never mind, I can't read04:23
twbApparently the aptitude full-upgrade I ran five minutes ago, didn't actually run04:24
twbAh, because I forgot to teach apt to mount /boot read-write when it is upgrading a kernel04:25
twbIn lucid, what turns on rp_filter?05:13
twbBecause it's on by default AFAICT, but it's commented out in sysctl.conf05:13
twbNever mind, I can't tell when I'm logged into two hosts at once05:14
twbMOAR COFFEE05:14
=== jtv1 is now known as jtv
samba35if i want to use MAAS on thin client what kind of hardware i should have07:48
twbSorry, I am not buzzword compliant.07:56
twbI run netboot end-user Ubuntu 10.04 desktops on diskless machines with an Atom n4xx CPU and 1GB of RAM.  2GB is preferable, but not necessary.07:57
twbThe netboot server is usually an ordinary $1500-ish server and can serve around 100 to 255 desktops.  It would have 7200 SATAs in an md RAID1 or RAID5, one to four gigE NICs bonded together, and 4GB to 16GB of RAM.  I don't know offhand where the bottlenecks are.07:59
=== almaisan-away is now known as al-maisan
twbIf you are netbooting over the internet, obviously that would be the bottleneck.07:59
RoyKtwb: how many drives? in what config? linux md?08:03
twbRoyK: two (RAID1) or three/four (RAID5).  md, unless I am overruled.08:04
samba35ok08:05
samba35do you use boot rom or any other method ? if i want to boot over internet what kind of nic i should use ?08:06
RoyKtwb: k08:07
twbIf you copy the OS into the desktop's RAM, obviously that means you need to increase the desktop's available RAM by the image size (anything from 80MB to 4GB), and that will also severly limit your ability to turn on all the desktops at once.  OTOH it does mean that the desktops can operate stand-alone without network, as long as they don't lose power.08:07
twbYou can guard against transient issues my having the desktop mount the OS partition -o hard instead of -o soft.08:08
twbBut you should understand the full implications of that change before you run with it...08:09
twbsamba35: what nic you use doesn't matter a damn, other than 1) if it's 100MB of gige; and 2) if it has a PXE ROM08:09
twbI suppose it must also be supported by the kernel.08:10
samba35ok08:10
twbYou can only PXE boot off the local network, so you will need an on-site device that can act as the DHCP and TFTP server.  Once the kernel and ramdisk are loaded, you can pull the OS down using e.g. HTTP08:10
twbI would not run NFS over the public internet.08:11
twbAlso I strongly recommend you roll out 12.04, not 10.04.  And use live-initramfs, not casper.08:11
twbThe casper/10.04 stack can be made to work, but it's far more annoying.08:11
samba35so in nutshell if i want to boot ubuntu i should have some storage space /local boot08:13
samba35for thin clinet stup08:14
twbWhat is your end goal?08:14
samba35if i want to put ubuntu to boot over internet08:15
twbBut why do you want that08:15
samba35school student can use this at thier home08:16
samba35not a good idea ?08:16
twbWhat kind of internet connection do they have?08:17
samba35512 kb08:17
twbGuarateed or maximum?08:17
samba35max08:17
twbIt would be better to just give them a USB key with a live Ubuntu on it, I think08:17
twbA 2GB USB key will cost perhaps $5, and that's a one-time cost.08:18
samba35ohh that is good idea and use ltsp08:18
samba35yes very much true08:18
twbIf you need to periodically update the image, you could do that when they come on site.08:19
twbe.g. have them hand in their keys once a month for updating08:19
samba35ok08:19
twbI am surprised you're talking about LTSP instead of just havnig everything be web-apps08:19
twbBut LTSP will probably be OK over 512kB provided that the school has a decent pipe08:19
samba358 mb for 100 students08:20
twbif your school also has say 512kbps down / 64kbps up, you are not going to be able to have more than a handful of LTSP users at once08:20
twbAlso it is definitely worth talking to the LTSP people about use NX, because that can significantly reduce bandwidth costs08:20
twbI do not know if LTSP can do NX yet08:21
samba35ic08:21
twbAlthough really you don't need LTSP, you can just have a live CD that uses normal remote X (or NX) over SSH.08:21
twbSo that would be a bit like having a citrix client on a windows laptop08:21
samba35ok08:22
twbIt depends how much of the desktop you want to be hosted on the local machine, and how much remote.  Since they're (presumably) going to be running fat client hardware, it makes sense for e.g. the window manager and so on the be hosted on the live USB key, and to only remotely host the app itself on the school app server08:22
samba35ok08:23
twbIf the app server is a Unix system and has each student as a normal shell account, the only real hard part would be teaching the students to use key-based SSH securely08:23
twbOtherwise they can use essentially a stock standard ubuntu live CD and then just basically run ssh -X <student account>@<your app server> <the app name>08:23
samba35students are about 10-15 year age08:24
twbSo probably what you'd do is set up the keypair in advance on the live USB key08:24
samba35ok08:24
twbMaybe also print the passphrase on a sticker on the side of the USB key08:24
twbIt's suboptimal, since then *YOU* would also have their keypair, but if they are nontechnical there is not much else you can do08:25
twbWell you could use password-based auth and forego keys entirely, but I don't like that08:25
samba35this project is on planning stage once i get some thin clients i will get in touch with you08:26
twbsamba35: are you also givng the students specific hardware?08:27
samba35may be next week08:27
twbIf so what is your hw budget per student08:27
lynxmanmorning o/08:27
twbBallpark, I mean -- $100, $500, $1000 or $500008:27
samba35if they have already a pc then as you sugguested usb of they cant  pay for then rent08:28
samba35i was reading more about thin client and arm based thin client are costing around 100 -200 usd that is around 5500 - 11000 indian rupee08:29
twbRenting would be a pain.  You can get previous-generation netbooks for about $300 new, probably a bit less if you have a bulk buy.  If that is within budget, I would suggest that08:29
samba35plus key and monitor and mouse08:30
twbI suggest you stick to x86 (e.g. atom) and avoid ARM unless you have time to fix all the exciting hardware issues that ARM usually has08:30
samba35so arond 300 us $08:30
twbFor the use case you describe, I would recommend netbook rather than traditional thin client, because it has keyboard/mouse/screen/ups built in08:31
samba35ok i will go with atom08:31
twbSince you are a school you might be able to ring up a vendor and get them to do a deal where they get good press in return for a discount08:32
samba35yes very much true netbook is good option ,they will able to travell also with in school08:32
twbAlso if they are netbooks, you can just flash the netbook instead of using USB keys08:32
samba35yes08:32
twbHmm, current listings seem to be giving *current* generation 10" and 11" netbooks at around AU$330, new08:37
samba35do you have link so i will also get idea about hardware and software08:40
twbA link about what?08:40
samba35netbook price08:41
twbWell I just went to jbhifi.com.au08:41
samba35ok08:41
samba35thanks08:41
twbObviously if you are in india, you will need a different site :-)08:41
samba35yes i just want the make and hardware spec08:45
samba35did you played with MAAS ?08:45
twbNo08:45
twbLike I said, I do not do buzzwords08:45
uvirtbotNew bug: #1013549 in lxc (universe) "lxc-clone fails for xfs fs on lvm" [Undecided,New] https://launchpad.net/bugs/101354908:46
ZanzacarI keep getting errors that read Assuming drive Cache: write through and failed09:13
ZanzacarI am not sure why it keeps saying this and there is no way I can do much work since everything is view the terminal09:13
Zanzacarthrough not view*09:15
=== al-maisan is now known as almaisan-away
Zanzacarit appears that it is related to a sdcard reader09:30
uvirtbotNew bug: #1013471 in samba (main) "swat goes blank on button click and logs panic internal error" [Undecided,New] https://launchpad.net/bugs/101347109:38
ttxjamespage: around ?09:50
jamespagettx: yep09:51
ttxjamespage: was wondering about progress on your OpenStack PPAs front09:51
ttxI'm in a hurry to deprecate our own (stale) PPAs09:51
ttxjamespage: what's the current state ?09:52
jamespagettx, let me just check - I think its all running now09:53
jamespagettx: https://wiki.ubuntu.com/ServerTeam/OpenStack09:54
jamespagefolsom on quantal is up and running09:54
jamespagebut it would appear that folsom on precise is not yet09:55
ttxlooking09:55
jamespageI would need to check with zul as to when he expects that to start happening - its linked in with the cloud-archive work09:55
ttxjamespage: we also need "PPA tracking tip of (Folsom) milestone-proposed on Precise"09:59
ttxso that we can completely replace the current state @ http://wiki.openstack.org/PPAs09:59
jamespagettx, OK - I need to check with zul and adam_g on plans for dealing with milestone-proposed - but we will do something10:00
ttxjamespage: was supposed to help with producing the cloud archive Folsom updates10:00
ttxand would replace our "milestone-proposed" testing PPAs10:01
jamespagettx, I'm sure you are right (have been working on other things so not as close to what zul and adam_g are doing as I have been)10:01
ttxjamespage: ok, we'll wait for them10:02
Davieyttx: Can i clarify what you are expecting ?10:09
=== matsubara is now known as matsubara-lunch
ttxDaviey: my expectations are well summarized in my May 22 email10:20
ttxIf we have a spot for everything, we can completely deprecate our own setup10:21
Davieyttx: I'll re-read and circle back.10:21
ttxDaviey: awesome, thanks.10:21
* ttx lunches10:21
=== matsubara-lunch is now known as matsubara
freddybhiya. I just noticed that some lxc problem I have is fixed in precise-proposed and precise updates. when will they arrive on my 12.04 lts server via normal updates?11:11
freddybhow safe is it to just get the .deb for precise proposed and install manually? i.e. what side-effects would it have?11:11
jamespagefreddyb, you will get 0.7.5-3ubuntu58 as part of you regular server updates11:12
freddybthe normal apt-get updates, apt-get upgrades?11:13
freddybI didn't see it yet. maybe my mirror is just slow then?11:13
freddybmy hosted server is using a local mirror for apt ;)11:13
freddybjamespage? --^11:16
jamespagefreddyb, could be - what do you see with 'apt-get policy lxc' ?11:16
freddybE: Invalid operation policy11:17
freddyboh cache. nvm :P11:18
freddyb0.7.5-3ubuntu58 for Installed and Candidate11:18
freddybhm11:20
freddybthe problem I have looks fixed as of this bug, which went into 53. https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/99370611:21
uvirtbotLaunchpad bug 993706 in lxc "Fix lxc-execute without rootfs failing apparmor transitions" [Medium,Fix released]11:21
freddybmaybe it's another bug I am seeing.11:21
freddyblxc-create fails for me, it says permission denied when it mounts proc into the container11:21
freddyblet's see. I reported it as #101361811:40
uvirtbotNew bug: #1013618 in lxc (universe) "lxc-create fails when trying to moung proc into chroot" [Undecided,New] https://launchpad.net/bugs/101361811:41
Anomie21Can anyone help with this cronjob?, I know its the positioning of my quotation marks, but don't know how to fix it, I tried escaping them (as you can see by the /'s) but its still not working  http://bpaste.net/show/WWp04DgpgszmGARPE7rg/12:32
ikoniaAnomie21: please don't cross post your question in multiple ubuntu channels (please)12:33
Anomie21ikonia: Why not? I remembered about this channel after I made my post in #ubuntu and didnt get a response12:35
ikoniaAnomie21: it was less than 2 minutes after posting it12:36
ikoniait dilutes the channel, please try to pick the best channel for your needs and focus your questions there12:36
zulgood morning12:37
pmatulismorning13:02
hallynsmoser: would you say qemu-io belongs in qemu-kvm or qemu-utils?13:05
hallynit's been in qemu-kvm.  i was going to move it, but now i'm thinking it doesn't really belong in qemu-utils after all13:05
* smoser types 'man qemu-io'13:05
smoseri wouldn't move it from wherever debian has it.13:06
hallynok thanks13:06
=== IdleOne is now known as nickspam
=== ikonia is now known as ikonia_
=== ikonia_ is now known as ikonia
zuljamespage: back from lunch yet?13:25
jamespagezul: yep!13:25
zuljamespage:  so im doing some openstack-qa stuff today and working on package installation testing and thinking of using piuparts13:25
jamespagezul, +113:26
jamespagethat would be fantastic13:26
jamespagezul: oh great - https://merges.ubuntu.com/b/bacula/REPORT13:27
zuljamespage:  i would like to get all of keysone rather than testing than individual deb13:27
zuljamespage: yeah i saw want me to merge it?13:27
zuljamespage: since its a workload type merge ;)13:27
jamespagezul, I'm actually wondering whether we can just sync it....13:28
zuljamespage: ack13:28
jamespagebacula is broken in precise ATM - uploaded the fixes yesterday hence my name is against that merge13:28
jamespagesorry - upgrade to bacula in precise are broken - not fresh installs13:28
zuljamespage:  *sigh*13:29
jamespagezul, anyway - back to openstack qa13:29
zuljamespage: yes!13:29
jamespage"i would like to get all of keysone rather than testing than individual deb"13:29
zuljamespage:  try to distract me...*nngnh*13:29
jamespagenot sure I understand13:29
zulwell looking at the piuparts it does invidual debs unless im reading it wrong13:29
jamespagezul, you can pass it a .changes file I think13:30
jamespagethat way it will test all of the debs for a given build13:30
zuljamespage: ah yes13:30
zulthats better13:30
jamespagezul, you can also select the packages as well from .changes - we would need todo that for nova13:31
jamespagenova-compute-kvm | nova-compute-lxc | nova.....13:31
zuljamespage: so i was thinking the script grabs the source, generates the changes and then runs piuparts13:32
jamespagezul, why would we not just integrate it into the upstream triggered package build process?13:33
jamespageor is that what you mean?13:33
zuljamespage thats the other option i was thinking13:33
zulyeah thats what im going to do13:34
jamespagesounds good13:34
jamespagehmm - but13:34
jamespagehaving something we can use for general install testing would be good13:34
* jamespage goes to check with jibel that we don;t already have something13:34
zuljamespage: thats what i was thinking13:34
jamespagezul, I'd actually like to test the installability of all server related packages regularly during the dev cycle13:36
zuljamespage: so a python script that queries the packages ubuntu-server is subscribed to or just grab the seeds and just run piupart13:37
jamespagezul, +113:39
jamespageI guess we need some way to tune each piuparts run13:39
jamespageDebian do this sort of stuff regularly13:39
zulyeah i was looking at collab-qa to see if i could find something but they use perl..*grin*13:40
smbzul, Not wanting to rush in any way. I am just not sure how well just subscribing you is really getting to your attention. Did you see my merge request for xen?13:46
zulsmb: yeah ill get to it today13:46
smbzul, Oh, only if it really looks good. There are a few questions (and puzzles) for the reviewer, you know.13:47
zulsmb: gee thanks :)13:49
smbzul, Always ready to entertain. :)13:49
Davieyjamespage: re-install testing.. i started doing this a couple of weeks ago.. rebuild testing, and instability of all packages in our set13:53
=== nickspam is now known as IdleOne
jamespageDaviey, marvellous13:53
Davieyjamespage: i was mainly working on the infrastructure13:53
Davieyjamespage: wasn't jenkins based.. do you feel it should be?13:53
jamespagejibel say's he'll stick it in the QA lab whenever13:53
jamespageDaviey, what is is based on?13:53
Davieyjamespage: django, celery, sbuild and piuparts :)13:53
jamespageDaviey, hmm13:54
jamespagewhats the django and celery stuff used for?13:54
Davieyjamespage: the approach i went for scaled out to N nodes.13:55
Davieyjamespage: django as the datastore and viewer, celery as the job dispatcher and workers for nodes13:55
jamespageDaviey, so pretty much what jenkins does for all the other QA activity we do?13:55
Davieyuses rabbitmq for pushing out jobs13:55
Davieyjamespage: yes13:56
Davieyjamespage: if you think it should be moved to jenkins, i'd be happy with that.13:56
=== ogra_ is now known as ogra
=== ogra is now known as ogra_
jamespageDaviey, I think it would make sense - mainly due to the investment we have already made in jenkins deployments to execute testing activity13:57
zulDaviey: you have a bit too much time on your hands :)13:57
jamespagewe would be able to leverage the existing infrastructure and publish results alongside everything else QA related at jenkins.qa.ubuntu.com13:57
Davieyzul: this was a few weeks ago.. as a weekend hobby project.13:58
jamespagelol13:58
zulhehe13:58
Davieyjamespage: i agree.13:58
jamespageDaviey, we can scale out by using jenkins slaves so I think we get the same characteristics13:58
jamespageit will just be about setting up the jobs in the right way more than anything else13:59
jibelHi :)14:00
jamespageDaviey, zul: I asked jibel to drop by to discuss durther14:01
zulheylo14:01
jamespagejibel: Daviey has been working on a tool todo this14:01
jamespagewe where just discussing django/celery vs jenkins - but as we already do alot of jenkins in QA that seemed to make sense14:02
jamespageDaviey: what state is your work in today?14:02
Davieyjamespage: it's crap.. it was basically a POC.. I was mainly working on mimicking the buildd infrastructure.. making use of /CurrentlyBuilding etc14:03
jamespageDaviey: do we actually need to build the packages? or just test that they install from the distro itself during development?14:04
Davieyjamespage: One of the other motivations was to also have an area people can dput signed packages.. run through some validation, if passes - upload it to the archive.14:04
jamespageDaviey, actually that is quite nice14:04
jamespagewe could do that with Merge Proposals as well14:04
zuli think for my use case just the installability14:05
Kagee&part14:05
Davieyyeah, that wasn't something i was thinking.. but yes, that sounds valid.14:05
Davieyzul: in your case, it's the buildability :P14:05
zulDaviey: i already have buildablitiy :P14:05
jamespagejibel: are we doing anything in QA re automate build and install testing of projects?14:05
jibelDaviey, we have this for example which seems to match your description https://wiki.ubuntu.com/QATeam/AutomatedTesting/UnityAutolandingSetup14:05
jibelit's called 'unity' put can be used for any project in bzr14:06
* Daviey stabs vmbuilder14:06
Davieyvmbuilder AND pbuilder.14:06
* Daviey cries14:06
* LordOfTime hands Daviey a tissue14:06
jibelfor package builds there is an infrastructure based on pbuilder that we uses to build and tests libreoffice for exmaple14:07
Davieyjibel: So the thing i was working on would have differing sources.list for main/universe packages.. and do the pkgmangler crap.14:07
* SpamapS points at sbuild14:08
SpamapSbuildd in a box :)14:08
jibel:)14:08
DavieyYeah, i am kinda suprised pbuilder was used.14:08
Davieysbuild even has much nicer build logs :)14:08
SpamapSand it is 3 higher in ASCII14:09
SpamapS*3*14:09
SpamapSS totally kicks P's rear14:09
LordOfTimeSpamapS: is sbuild what is used on the LP PPA builders?14:09
DavieySpamapS: P does kick S in morse IMO.. S is so boring14:09
SpamapStrue14:10
DavieyLordOfTime: an old, forked version of sbuild which only does part of it.14:10
SpamapSDaviey: in semaphore tho.. P is really annoying and tiring.. while S lets you rest a bit14:11
zulbah14:13
DavieySpamapS: inversely, P is more uniformed than S in Braille14:14
* Daviey likes uniformed.14:14
zulguys focus...installation testing :)14:14
robbiewseriously bad when zul tells you to "focus"14:15
robbiewlol14:15
zul:p14:16
robbiew;)14:16
Davieyhah14:16
zulthat wouldnt hurt so much if it wasnt so true :)14:18
feisarhi, what's the name of the script that secures a mysql install?14:26
feisar I've used it but can't remember what it was called - it's installed by default14:26
Davieyjamespage: how is https://blueprints.launchpad.net/ubuntu/+spec/servercloud-q-tomcat7 working out?14:30
Davieyzul: are you driving https://blueprints.launchpad.net/ubuntu/+spec/servercloud-q-openstack-deployment-on-arm ?14:31
jamespageDaviey, I got distracted by other things this week14:31
jamespagebut it was going OK14:31
zulDaviey: yeah14:31
jamespageit WILL be done for a214:31
Davieysmoser: any progress on https://blueprints.launchpad.net/ubuntu/+spec/servercloud-q-apt-improvements ?14:31
Davieyjamespage: super14:31
jamespageDaviey, beer all round if I don't make it14:31
Davieyjamespage: \o/14:32
smoserrobbiew, ^14:34
smoseri was hoping to get robbiew to look at that today14:34
robbiewok...I looked at it...done14:35
Davieylol14:36
robbiewand by "done", I mean I set a priority...hard work14:36
smoserrobbiew, sorry.14:38
smoserbrain failure14:38
smoserrbasak, ^14:38
robbiewlol...I kinda figured that...but kept trolling14:38
Davieyhah14:39
* robbiew knows the low to nothing value he now brings to blueprint evaluation14:39
robbiew...and by the silence I see you all are in 100% agreement14:41
robbiewlol14:41
Davieyrobbiew: Oh no.. you are most valuable ! :)14:41
robbiewass14:42
robbiewDaviey: I have little kids too, you know14:43
robbiew"oh no...that's a beautiful drawing"14:43
Davieyrobbiew: haha14:43
Davieyrobbiew: You are also my favourite princess in the whole wide world.14:44
robbiewyeah...yeah...I got your princess alright14:45
rbasaksmoser: I've been working on apt today. It's slow going because the code path is really twisted14:52
rbasakI think I've identified a place to get a PoC in14:52
rbasakSo making some progress, but slowly14:52
smoserrbasak, thank you, kind sir.14:53
smoserlet me know if you need anything14:53
rbasakWill do14:53
rbasakI haven't even looked at debootstrap yet. I don't see how a debootstrap patch could possibly be harder than the apt one, though :)14:53
rbasakI had to fire up eclipse to help me make sense of the apt code :-(14:54
uvirtbotNew bug: #1013719 in php5 (main) "package php5-cgi 5.3.5-1ubuntu7.8 failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/101371915:12
uvirtbotNew bug: #1013724 in multipath-tools (main) "Setting "prio const" in multipath.conf has no effect" [Undecided,New] https://launchpad.net/bugs/101372415:26
zuljamespage: : looks sane? http://bazaar.launchpad.net/~zulcss/+junk/piuparts/revision/7015:29
uvirtbotNew bug: #1006898 in dnsmasq (main) "[SRU] dnsmasq fails at leasing issues when using vlan mode" [Medium,Fix released] https://launchpad.net/bugs/100689815:30
zuljamespage:  did you eod on me?15:42
jamespagezul, nah - sorry - just trying to get something done before I do in 20 mins15:43
* jamespage looks15:43
zuljamespage: im suggesting we use piuparts to do upgrade tests after this15:43
jamespagezul, OK15:43
jamespageI'm not sure but we may want to create tarballs or make piuparts use schroots for speed15:44
jamespageI've not used it for a while TBH so would need to grok it15:44
zuljamespage: yeah lemme worry about that :)15:44
jamespagezul, we do need to consider configuring which packages to test from changes as well15:45
jamespageit will fail for some with 'default' options is my guess15:45
zuljamesapge: for the upgrade test?15:45
jamespagezul, and for the install test as well15:49
jamespageI think15:49
smbsmoser, utlemming, Just a heads up that today was a patch committed to the Quantal kernel that is replacing one we were carrying to fix an early crash on some EC2 instances with old Xen versions. Not that I would expect it but _if_ there are early crashes again, please let me know asap.15:49
utlemmingsmb: ack15:49
utlemmingsmb: has that landed in the archives yet?15:50
smbutlemming, No it just went into git today15:50
utlemmingsmb: okay, I'll be sure to beat up the quantal build from Sunday night15:50
=== Lcawte|Away is now known as Lcawte
smbutlemming, I am not sure when exactly the next upload happens. The changelog for it would have "UBUNTU: SAUCE: Mask CR4 writes on older Xen hypervisors" in it15:53
koolhead17hi all16:04
RoyKhi16:06
=== matsubara is now known as matsubara-afk
zulsmb: whats the bug number for the xen merge again?16:39
uvirtbotNew bug: #1013782 in nova (main) "Stop/start a KVM instance with volumes attached produces an error state" [Undecided,New] https://launchpad.net/bugs/101378217:51
hallynjdstrand: I'm (so far) holding up the qemu-kvm 1.1 push bc it mysteriously makes libvirt qrt fail.  But it fails having a test user do virsh define (at line 1841), but when i manualy do sudo -H -u tUQmyVnL virsh define /tmp/bad.18:13
hallynxml I succeed18:13
hallyndoes this ring a bell at all?18:13
hallyn/dev/kvm is root:kvm...18:13
jdstrandhallyn: not otoh. might check the libvirt groups in /etc/libvirt/qemu.conf18:15
hallynjdstrand: same libvirt with quantal's qemu-kvm (1.0) has no errors18:16
jdstrandhmm18:16
hallyni just can't imagine what's different18:16
jdstranddid you try the complicated "su -c 'sudo -H -u <user> -c <uri> define <xml>'"18:18
hallynheh, only the sudo part18:18
jdstrandthat is what the script is doing for I don't remember what reason18:18
jdstrandI can say it was intentional18:19
hallynwhat does '-H' to su do i wonder?  it's not int he man page18:19
hallynoh.  nm18:19
jdstrandsets HOME18:19
hallyni was thinking that was part of the su command18:19
hallynstill succeeds18:20
hallyn(except i'm not giving the uri)18:20
smoserok. i feel stupid.18:32
smoser$ echo "ls /tmp >/tmp/log 2>&1" | atq18:32
smoser2Fri Jun 15 15:15:00 2012 a smoser18:32
smoserer...18:33
smoserecho "ls /tmp >/tmp/log 2>&1" | at 00:0018:33
smoser$ atq18:33
smoser2Fri Jun 15 15:15:00 2012 a smoser18:33
smoserhow can i later see what is actually *in* job 2 ?18:33
smoserits a file in /var/spool/cron/atjobs/ , but as a normal user, i can't even list that directory (or view the file explicitly)18:34
greppyls /tmp 2>&1 > /tmp/tmp.txt18:35
smosergreppy, it was just an example of a command.18:35
smoseri want to see "details" about my atq18:35
greppysmoser: ah, sorry, I thought you were trying to get the contents into the file :)18:36
* greppy should go to sleep.18:36
=== Lcawte is now known as Lcawte|Away
zulsmoser: what do you mean by details?18:44
smoserzul, after i've ran:18:46
smoser echo "echo hi mom" | at 00:0018:46
smoserhow do i see that the job it created (say job '2')18:46
uvirtbotNew bug: #1013804 in openvswitch (universe) "package openvswitch-pki 1.4.0-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/101380418:46
smoserhow do i see the content of that 'job 2'18:47
smoseri forgot that i said "hi mom" and want to remember18:47
smoserif i'm root, i can cat that file18:47
zulsmoser: ah....i have no idea18:47
leojrfswhat did change in samba or samba default conf? i cant get clients to login18:54
leojrfssecurity is set to user18:55
leojrfsbut no login required for the clients18:55
leojrfsim using 12.0418:55
hallynjdstrand: yeah, i know have test-libvirt.py print out the command it tried and failed to do, then sleep 1000 seconds; then i try it by hand, and it succeeds.19:15
jdstrandonly thing I can think of is there is a race of some sort or it is terminal related19:18
TheLordOfTimeany idea if php 5.4.x will be included in quantal?19:25
blendedbychriswhat's the proper way to add a apt source? It's not a ppa… i noticed there is a sources.list.d should i put it there?19:34
guntbertblendedbychris: what are you trying to add?19:34
blendedbychrishttp://projects.puppetlabs.com/projects/1/wiki/Puppet_Ubuntu19:35
blendedbychrisbut it seems that's actually might be a ppa19:35
blendedbychrisah no nm ya apt.puppetlabs.com ?19:36
blendedbychrisguntbert: ?19:37
guntbertblendedbychris: just sudo apt-get install puppetmaster19:37
guntbertit is in the repos19:37
blendedbychrisguntbert: i need 2.7.16 or whatever19:37
blendedbychrisbecause my lucid client is 2.7.16 it's a bitch19:38
guntbert!info puppetmaster19:38
ubottupuppetmaster (source: puppet): Centralized configuration management - master startup and compatibility scripts. In component main, is optional. Version 2.7.11-1ubuntu2 (precise), package size 12 kB, installed size 330 kB19:38
=== Lcawte|Away is now known as Lcawte
hallynjdstrand: your hunch about a race was right.  when I add a time.sleep(2) before the virsh define, it passes20:05
jdstrandhuh, weird20:06
hallynleaving just 3 failures, maybe all stemming from some difference in shutoff behavior20:06
hallyn(test-qemu all passes, btw;  i really did not expect test-libvirt failures)20:07
gary_posterhallyn, do you happen to know any reason why we could not start a relatively large number (we see this with approx >7 on a 16 core hyperthreaded machine) of lxc instances at once, and expect them to all be initialized, if io is not an issue (these are ephemeral instances, so disk is RAM)?  We're investigating, but wanted to make sure you didn't already know the answer :-)20:26
gary_postersorry, expect them all to be initialized within a minute or so20:26
gary_postercpu is not an issue according to load averages and vmstat20:27
hallynjdstrand: fooi, but next time it died there again.  (error: unknown OS type hvm)20:27
gary_posterand neither is memory20:27
gary_posteror io20:27
gary_posterwell, memory might be an issue if we are running into some bus issue I guess, but that seems unlikely20:27
hallyngary_poster: not really20:27
hallynare they all ubuntu containers, precise or above?20:28
hallynif not, it could be udev storm20:28
gary_posterhallyn, lucid containers20:28
hallyncould be udev storm.  try precise ones and see if they do better (for confirmation)20:28
gary_posterah, ok hallyn.  where would we look for an indication of that?20:28
gary_posterph ok20:28
gary_posteroh ok20:28
hallynsyslog on the host should be overflowing20:28
gary_posterit is not really20:28
gary_posterjust dnsmasq stuff20:29
gary_posterseems relatively normal stuff20:29
hallynmaybe /var/log/udev.log?20:29
hallyn/var/log/udev that is20:29
gary_posterhallyn that is there.  It's just over 7000 lines and as far as we know nothing has happened since about 22 seconds since boot time ("UDEV [21.996436] add ... sda120:32
gary_poster")20:32
rwbHi, I'm using Ubuntu 10.04LTS and everything is up to date, however, my squirrelmail program is at version 1.4.2  I would like to upgrade past 1.5.  Is there a way I can trick apt-get in order to get a newer version?  I don't want to manually install this.  I want to keep using apt-get...20:38
hallyngary_poster: how exactly are they failing?  do they come up badly, or just not come up?20:39
hallyngary_poster: it's possible there is something funky with overlayfs20:40
hallyncould you clone 8 containers and start them all at once, and see if *that* succeeds?20:40
gary_posterhallyn, they come up slowly.  So, the first 7 or so on this 32 core machine come up within, say, 10 or 20 seconds; then after about 2 or 3 minutes, the other 9 (in the case of 16) will come up within about 10 seconds of one another20:41
gary_posteryou can see this in the syslog from dnsmasq logs20:41
gary_posteras well as from user experience20:41
hallynhm, 2 mins.  you're sure dnmasq isn't dying and restarting, and then containers continue?20:42
Davieyhallyn: I can't remember what you said before, but are you handling the ipxe merge?20:42
hallynDaviey: the ipxe merge is as done as it's going to be20:42
gary_posterhallyn no, we're not sure, we are only going by the syslog20:42
gary_posterso you think we ought to get the pid of dnsmasq before and after maybe, ok20:43
hallyngary_poster: ok, i don't have any brilliant ideas.  if you'd like pls feel free to open a bug with the script and i'll try to reproduce20:43
Davieyhallyn: we don't want, http://pb.daviey.com/X1bV/ ?20:43
gary_posterack hallyn thank you.  We'll try the lxc-clone test and the dnsmasq pid test and a few other things and then file the bug with the details.  thanks again20:43
hallynDaviey: i'd say ask lynxman about those20:44
Davieyhallyn: ok, thanks20:44
hallynDaviey: we have our own version of 'disable banner timeout' which was what we wanted most20:44
hallynDaviey: if there is more we want, we'll cherrypick, but we don't want to merge from debian, and given that ipxe is currently working, we don't want to grab latest upstream (and have it break).  it's volatile stuff20:45
hallynDaviey: btw i'm open to arguments about that, those are just the conclusions we came to when lynxman and i talked about it20:45
nathwillrwb, squirrelmail 1.4.2 is stable version, even in precise. even from the squirrelmail project download page...20:47
rwbYea, but I was over talking on the SM chat, and they are saying it is WAY out of date.20:48
rwbI am basically having problems with the gpg plugin...20:49
rwbI guess I will just wait it out...20:49
Davieyhallyn: no, i'm happy with that.. just wanted to check in, making sure it was considered :)20:52
Davieyhallyn: whilst i have you... what would you think about making libvirt default to providing a qemu/kvm watchdog?20:53
hallynhm20:58
hallynDaviey: not sure how we would do that by default,a s it's usually specified in xml21:00
hallynDaviey: unless it's already possible (which i don't think it is), we'd then have to check whether the xml already specifies one, and if not, then specify a watchdog model21:01
Davieyhallyn: right, got that.. but can you see issues with using xml to 'opt out'?21:01
hallynhow would xml opt out?21:01
hallynDaviey: I see no downsides21:01
hallynif the guest doesn't want to use it it doesn't ahve to use it21:01
Davieymodel='' i assumed21:02
hallyn(guest kernel, that is)21:02
hallynDaviey: apart from potential ugliness in impelmentation, i'm certainly fine with it and see no problems21:02
Davieyhallyn: thanks21:02
hallynDaviey: going to opena  bug?21:02
Davieyhallyn: i'll dig into viability first.21:03
hallynDaviey: while *i* still have *you*, woudl you sai it's early enough in q cycle still to upload qemu-kvm-1.1 even though it seems to do something to libvirt testcases?21:03
hallynit *runs* fine.  i have no idea what the problemis.  but there's a problem.21:03
Davieyhallyn: most certainly early enough.. i assume you've done some local testing :)21:03
hallynyeah, it works perfectly for me :)21:04
Davieyah, libvirt fails against it?21:04
hallynnope21:04
hallynlibvirt qa-regression-test fails against it21:04
hallynbut doing it all by hand, it works21:04
hallyn*magic*21:04
Davieyhow odd :/21:04
Davieyhallyn: maybe speak with zul/adam_g about trying it in the openstack-ci lab first, if you want it exercised ?21:05
hallynDaviey: good idea, thanks21:05
hallyn(in that case i'll first upload one tweak to ppa)21:05
hallynzul: adam_g: is it possible, no, easy, to run the openstack-ci lab with a qemu-kvm from ppa (ppa:serge-hallyn/virt) ?21:07
hattorihanzohey, i just brought up 2x 12.04 box's21:14
hallynstgraber: for the lxc 'start' hook, do you think we should (a) expect the user to specify a script that exists in the container, or (b) copy the script into the container, run it, then delete it ?21:15
hattorihanzo1 box, easy_install pyzmq fails21:15
hattorihanzoor just easy_install itself21:15
hallyn(that detail aside, pre-start, mount, and post-stop hooks are working.  as is aid, the other stop hooks may not be possible, due to the way reboot/shtudown worksin the kernel for containers)21:16
stgraberhallyn: OpenVZ does the later (or at least something that gives a similar behavior), so I think we should go for b)21:16
hallynheh, drat21:17
hallynok21:17
stgraberhallyn: would have to look at exactly how OpenVZ does it, but I wouldn't be surprised if they were opening the script before the chroot, then reading it and piping it to bash after the chroot() call. Avoiding the need to copy it (and the risk of the rootfs being read-only)21:21
hallynstgraber: how bad would it be to just run it out of mnt.put_old after pivot_root but before the umounts of mnt.put_old :)21:23
hallynstgraber: if what you say is true, and we follow that, then we'd be tying ourselves to bash scripts21:24
hallynno python, go, or c21:24
hallyndare i say it - not even haskell!21:25
stgraberhmm, indeed and that'd be a bit annoying21:25
hallyncourse, some of that may not work due to missing libs either21:25
hallynso maybe a simple script is the best21:25
hattorihanzohow can i have apt force a reinstall of python-setuptools21:26
stgraberhallyn: I'm sure that if we restrict to only bash, people will be complaining (that and we can't guarantee that bash or even /bin/sh will always be there...)21:27
hallynstgraber: at the same time, i'm sure we'll have problems with users having incompatible libc bc they're specifying a program that's compiled on the host and in different distro/release in container21:28
hallynmaybe for my POC patch i'll just say the script/program must be installed in the container21:28
hallynin a way it's the most sensible21:28
hallyn(waiting for you to argue :)21:29
stgraberwell, I'd just argue that it'd be good to do it like OpenVZ did and changing behaviour later on will break everything, so it'd be best to do it "right" from the start21:29
stgraberif we require for it to be in the container, there isn't much difference between that and an init script21:30
hallyni argue with 'like openvz did it' being 'right' by definition :)21:30
hallyni agree, which is why i 'm not sure we need that hook :)21:30
hallynbut,21:30
stgraberthat's why I wrote it "right" ;)21:30
hallynthe biggest difference is that this will run before init starts21:30
hallyncould be valueable still21:30
hallynlike an initramfs21:30
stgraberhmm, one quick question on the subject, what will happen in that pid namespace, as init won't be exec() from that start script, will it still get pid 1?21:31
SpamapSsomebody who is an admin of the ubuntu-server team please add mysql-5.5 to the bug subscriptions21:31
hallynstgraber: i think so21:32
SpamapSwe are not triaging at all there21:32
SpamapSvery bad21:32
SpamapSjust noticed all the NEW bugs21:32
hallynDaviey: ^21:32
TheLordOfTimeSpamapS:  any idea on php 5.4 and when it'll be included into Ubuntu?21:32
TheLordOfTime(Quantal)21:32
TheLordOfTimelast i checked its in Debian21:32
hallynstgraber: just tried it, i was pid 521:35
hattorihanzowhats the best way to reinstall python2.7? the dist-packages are broken one 1 of my boxes21:36
RoyKapt-get purge?21:36
hallynstgraber: ok there are enough questions there it's probably worth asking on m-l21:36
stgraberhallyn: sounds good21:37
hattorihanzopython_debian-0.1.21ubuntu1.egg-info/top_level.txt/top_level.txt/top_level.txt21:39
hattorihanzothe hell python21:40
stgraberhallyn: the binding is 90% done, I have everything working, except for the arguments of start(). I'll need to write some magic to convert them all to chars, build an array of char pointers and pass that to start()21:45
hallynstgraber: why not just support startl() only?21:48
hallynstartl pretty much only exists to make the python stuff easier21:48
stgraberhallyn: well, I still need to convert everything to char* before sending them to startl :(21:49
stgraber(and that's the tricky part, becaus of all the references and Unicode => Bytes => char* conversion...)21:50
hallynoh i see.  got it21:53
taipreswhat's the deal with the mysql exploit21:58
taipreshas ubuntu released patched version yet?21:58
taipresam using 11.0421:58
TheLordOfTimetaipres:  which exploit?21:59
erichammondI wish rsync had an option to transfer the most recently modified files first.  Or a way of giving me the list of files that it's going to update and let me order them.22:08
taipres@Time its the one that lets you get pass the login after certain number of trys22:22
taipressome memcpy sse bug or somthing22:22
taipresFlaw Grants Access to 900,000 Servers By Guessing Username A flaw in MySQL and MariaDB22:23
taipresA flaw in MySQL and MariaDB databases allows someone to merely guess a username and be granted access to 900,000 Internet connected servers while able to attempt logging in 256 times. MySQL and MariaDB databases both assign an SHA-encrypted token to every user who logs in to the server so users only have to log in at the beginning of the session, not every time they send a request to22:23
taipresthe database. This flaw is due to an error when comparing the token to the expected value. Some editions of the database can not tell if the login is authentic or not, assumes that it is, and allows users access whether the password is correct or not.22:23
TheLordOfTimetaipres:  i meant a link to the thing, and a link to the CVE22:30
TheLordOfTime(such a vulnerability must have a CVE)22:30
jdstrandthatwas fixed in http://www.ubuntu.com/usn/usn-1467-1/22:31
TheLordOfTimehttp://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-2122.html  <-- yep22:34
uvirtbotTheLordOfTime: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2122)22:34
TheLordOfTimeoh quiet you22:34
TheLordOfTimedid i mention how much i hate the bots that do that?22:34
TheLordOfTimeeven in -hardened :/22:34
TheLordOfTimefor -bugs, its useful22:35
TheLordOfTimefor -* its not as useful22:35
=== Lcawte is now known as Lcawte|Away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!