[00:03] {{done}} [00:03] oops === Guest88597 is now known as exocaesar [00:06] I have an old laptop running Ubuntu 12.04 server in a corner and I was wondering what software you would recommend to set up backups for it? The data that I really need will fit in my dropbox account but I would like to back the entire thing up to an external drive on a regular basis, preferably a barebones backup if that could be accomplished [00:21] rsync === bitmonk_ is now known as bitmonk [00:46] New bug: #1026402 in ceph (main) "mon cluster (no cephx) fails to start unless empty keyring files are created" [Undecided,New] https://launchpad.net/bugs/1026402 === jtv1 is now known as jtv [02:12] Anyone knows what is a really good tool to stress the I/O read and write ? for raid 10 or raid 5 servers ? [02:15] sure, do whatever your going be doing on them [02:15] cause any benchmark you do will be meaningless, unless it correctly mimics your workload === cpg is now known as cpg|away === n0ts_off is now known as n0ts [03:11] is there some tool in ubuntu that I can install that exposes the server status via apache? (web) [03:16] Skaag: 'server status' ? [03:16] I meant something like webmin but more decent ;) [03:17] not sure about admin... but my google-fu suggests you look up cacti [03:17] * MoleMan boots VM to look at [03:18] cacti is great [03:18] but it's a bit too much, and there's no control over the server, it just measures various metrics and graphs them with rrd [03:18] anyway never mind, I guess webmin will have to do for now [03:18] what control did you want? [03:19] I guess what webmin does… just with a nicer GUI. [03:19] I find the webmin UI repulsive. [03:19] but functionality is great! [03:23] haha, are there not any replacement styles/themes available? bit of searching might turn up someones customised CSS for it or whatver... [03:58] Hey, does anyone have any suggestions on how I could use smbios from the installer? I need to set PXE boot to false after the installer finishes so it doesn't PXE boot and install all over again. (This is normally achieved by executing smbios-token-ctl, however even if the binaries are on the /target I won't be able to run because I presume it installs some modules in the kernel) [03:59] I hope some of that makes a little bit of sense. === n0ts is now known as n0ts_off === n0ts_off is now known as n0ts === ReTFEF is now known as TheTFEF [04:26] New bug: #999725 in ntp (main) "broken start-up dependencies for ntp (starts before NIS is available)" [Medium,Expired] https://launchpad.net/bugs/999725 [05:03] !webmin | Skaag [05:03] Skaag: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. [05:03] IIRC Zentyl (or something similar is suggested now) [05:03] oh cool [05:03] thank you! === cpg|away is now known as cpg [05:10] MoleMan: ^^^ happy now. === n0ts is now known as n0ts_off === n0ts_off is now known as n0ts === almaisan-away is now known as al-maisan === al-maisan is now known as almaisan-away === cpg is now known as cpg|away === railsraider_ is now known as railsraider === Asar is now known as ReshAyin === railsraider_ is now known as railsraider === cpg|away is now known as cpg [07:26] New bug: #1026478 in samba (main) "CIFS: Files not shown in mount.smbfs directory listings" [Undecided,New] https://launchpad.net/bugs/1026478 === almaisan-away is now known as al-maisan [07:38] anyone using quantal with kvm and libvirt notice that when libvirt 0.9.13 was imported virsh can't see VMs anymore (user is member of group libvirtd) unless running as root? [07:38] not sure if it's a bug or a change to the behaviour [07:41] New bug: #1026480 in openssh (main) "SSH broken with 'Corrupted MAC on input' in last QUANTAL upgrade" [Undecided,New] https://launchpad.net/bugs/1026480 [08:11] mardraum, I see the same issue (just upgraded) [08:11] oddly I can see stuff using virt-manager [08:11] but not using virsh [08:12] mardraum, wanna raise a bug and I'll confirm it? [08:13] Daviey, the floodlight package it nearly there - upstream are testing from PPA ATM to validate its all good [08:13] but my local testing looked OK [08:16] * RoyK is frustrated with ubuntu and kvm and the lack of sanlock support :( [08:17] jamespage: woot [08:18] What does t mean as the execute permission for other in a directory? like: drwxrwxrwt 2 root root 4096 Jul 19 08:16 tmp/ [08:19] jamespage: thanks. sure, I'll do it now. [08:31] New bug: #1025203 in quantum "Trying to overwrite '/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini', which is also in package quantum-server" [High,Triaged] https://launchpad.net/bugs/1025203 [08:34] jamespage: Bug #1026515 [08:34] Launchpad bug 1026515 in libvirt "virsh unable to see running VMs since upgrade to libvirt 0.9.13" [Undecided,New] https://launchpad.net/bugs/1026515 [08:34] mardraum, on it now - thanks! [08:37] Is there some program or way to check that the permissions of files and directories in /var are ok? I just accidentally changed many of them. [08:45] if i only need vlanX interface in my /etc/network/interfaces (vlan_raw_device eth0), do i need a separate stanza for eth0 or does it get brought up when vlanX starts? [08:46] i don't even want to have 'auto eth0' in there if i don't have to === disposab1e is now known as disposable === ejat- is now known as ejat [09:02] Does anyone know of a daemon that will monitor my internet connectivity and send me an email if it gets disconnected? It can't rely on an uplink test though it actually needs to try accessing something on the internet === n0ts is now known as n0ts_off === n0ts_off is now known as n0ts [09:13] howdy folks [09:13] http://askubuntu.com/questions/165075/how-to-get-isolcpus-kernel-parameter-working-with-precise-12-04-amd64 [09:13] I've been researching that stuff for a while [09:13] hints? [09:13] maybe kernel config related? [09:14] do you believe that opening a LP issue is worth it? === cpg is now known as cpg|away === n0ts is now known as n0ts_off === n0ts_off is now known as n0ts === slide23 is now known as slide [09:56] New bug: #1025664 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: le sous-processus script post-installation installé a retourné une erreur de sortie d'état 1" [Undecided,Invalid] https://launchpad.net/bugs/1025664 === n0ts is now known as n0ts_off [10:09] hi guys, i want to run corosync after nova-network on boot, for now, i've removed corosync from boot and added "exec sleep 10 && service corosync start" at the end of /etc/init/nova-network [10:09] which is obviously horrible, but i was just testing if that works, what's the correct way? [10:11] anyone care to give my an opinion on bug 1025418 [10:11] Launchpad bug 1025418 in openssh "Using ProxyCommand w/a non-existant host results in infinite spawns." [Undecided,New] https://launchpad.net/bugs/1025418 [10:11] s/my/me/ [10:14] jamespage: his screenshot is on the client, isn't it? [10:14] rbasak, yes [10:14] its a misconfiguration of openssh [10:14] jamespage: best to compare this with a fork bomb I think. If he has permission to create a fork bomb, then this isn't a bug. [10:14] its more whether this is a 'vulnerability' [10:15] I just get dumped out when the bash can't allocate more memory.... [10:15] If he does not have permission to create a fork bomb, and this allows him to, then it's a vulnerability [10:15] rbasak, educate me - how would I check that? [10:16] jamespage: I didn't mean as direct as that - just conceptually the boundary between a vulnerabiity and a misconfiguration [10:17] rbasak, ah - I see [10:17] jamespage: ulimit is the usual way to prevent resource exhaustion. On his machine, his ssh client is limited to that anyway [10:17] If he's exhausting resources as a client on his own machine, then he's not crossing a privilege boundary [10:18] If OTOH he manages to cause a resource exhaustion on the server, and the server is configured to resource limit him, then he's crossing a privilege boundary and it's a vulnerability [10:18] It's not clear to me that there's any resource exhaustion on the server at all. He says server, but it looks to me that's where he's running a client. [10:18] So what he's really after is configuring some resource limits [10:20] jamespage: I can comment on the bug if you like? I'll even mark it as Invalid :) === al-maisan is now known as almaisan-away [10:21] rbasak, well as its a FUD target its safe to assume that 'server' is the client in this case [10:21] rbasak, sure - feel free to comment and close - I think you are correct. === gratidude is now known as gratidude_ [11:11] jamespage: re: bug 988819. I've verified that the fix appears to work, but am not sure how to test it fully. I've asked for test cases from the reporters on the bug. So it's now blocked on that. If this fix does work, then the only SRU will be for modsecurity-apache, which is in universe. Thus, is the 12.04.1 milestone target still relevant, or should I drop it? [11:11] Launchpad bug 988819 in mod-proxy-html "[SRU] wrong path to libxml2.so.2 in mod_security - broken by multiarch enabled libraries" [Undecided,Confirmed] https://launchpad.net/bugs/988819 [11:11] rbasak, I think that the test case can be technical [11:12] I've verified that libxml2.so.2 is loaded, but not that it's functional [11:12] so for example I think its sufficient to say - yes we can restart apache OK with it installed and we can see that this library has been loaded by using lsof or suchlike [11:12] OK in that case we're done [11:12] rbasak, 12.04.1 is agnostic of location BTW [11:12] May I paste your comment in the bug please? :) [11:13] sure === matsubara is now known as matsubara-afk [11:13] do you fancy doing the same fix for mod-proxy-html as well? [11:13] rbasak, while you are there..... [11:13] Sure, is there a bug on that? [11:13] same bug [11:14] different task [11:14] Ah I missed that [11:14] No problem [11:14] rbasak, marvellous - thanks v much [11:15] * rbasak gets to it [11:16] rbasak, if you ping me the branches I will upload for you as well [11:16] OK, thanks! [11:17] rbasak, so that means no fix in apache2 itself right? [11:17] jamespage: for SRU, correct [11:17] rbasak, OK - marking 'Invalid' === railsraider_ is now known as railsraider [11:36] New bug: #1024641 in mysql-5.5 (main) "package mysql-server-5.5 (not installed) failed to install/upgrade: 正试图覆盖 /usr/bin/mysqltest，它同时被包含于软件包 mysql-server 5.5.25a-2" [Undecided,Invalid] https://launchpad.net/bugs/1024641 [11:36] New bug: #1026570 in openldap (main) "slapd has random connection failures related to "do_extended: protocol version (2) too low"" [Undecided,New] https://launchpad.net/bugs/1026570 [12:04] good morning [12:27] hi guys, i've two machines, configured in the same way, in one pacemaker starts, in the other it doesn't..how can i debug why? [12:36] alex88: start by looking at the log file maybe? [12:36] zul: it seems as it never started [12:37] alex88: checked the man page and put it in debug mode then? [12:37] ok, give me a second [12:38] other than that i cant tell you what happened [12:39] because pacemaker writes log to /var/log/cluster/corosync.log but i get "corosync [pcmk ] WARN: route_ais_message: Sending message to local.crmd failed: ipc delivery failed (rc=-2)" [12:39] let me search for debug [12:42] there is a -v flag. i've added an echo to file in the init script just to get if it's called [12:42] because after login i can start it without any problem [12:43] alex88: then you google that message and figure it out [12:43] and check for a #corosync channel [12:43] kk [12:44] thnx [12:44] it says it has been started [12:44] btw, i'll check [12:46] zul: libvirt in quantal has dropped the patch ubuntu/9002-better_default_uri_virsh.patch. Just to make sure - that wasn't on purpose right? [12:46] hallyn: no [12:47] k [12:47] zul, hallyn: would that explain bug 1026515 [12:47] Launchpad bug 1026515 in libvirt "virsh unable to see running VMs since upgrade to libvirt 0.9.13" [High,Triaged] https://launchpad.net/bugs/1026515 [12:47] jamespage: yeah that's why i went looking [12:47] hallyn, ah - I see [12:48] do one of you have an /etc/ceph/ceph.conf? does it look sensitive? [12:48] wondering if there is any reason qemu should *not* be given access t oit [12:49] hallyn, I do - one second [12:49] a pacemaker purge->install make it working [12:50] hallyn, http://paste.ubuntu.com/1099990/ [12:50] for a client like libvirt it just contains addresses for the ceph monitors and nothing else AFAIK [12:53] hallyn: I think it would be OK TBH [12:54] jamespage: tested and done the MPs in bug 988819 [12:54] Launchpad bug 988819 in modsecurity-apache "[SRU] wrong path to libxml2.so.2 in mod_security - broken by multiarch enabled libraries" [High,In progress] https://launchpad.net/bugs/988819 [12:54] rbasak, you are a star - thankyou! [12:55] I'll look at them PM today [12:57] jamespage: cool, thanks :) [13:00] * jamespage looks forward to trying that out with hallyn's next upload :-) [13:24] rbasak, uploaded [13:25] rbasak, do we removed the verification-failed tag now? [13:25] rbasak, I expect SpamapS will tell us.... === almaisan-away is now known as al-maisan === ahs3` is now known as ahs3 === th0mz_ is now known as th0mz [14:03] thanks jamespage! [14:11] New bug: #1026621 in nova (main) "nova-network gets release_fixed_ip events from someplace, but the database still keeps them associated with instances" [Undecided,New] https://launchpad.net/bugs/1026621 [14:22] how do I track the status of bugs I have posted to launchpad? === n0ts_off is now known as n0ts [14:34] tarvid: https://bugs.launchpad.net/~tarvid/+reportedbugs [14:38] hey all, correct me if i am wrong. but the advantage of having a master-master mysql replication is that you can write to both computers, yes? Is that dangerous? I don't think i have an application that warrents a cluster. === Lcawte|Away is now known as Lcawte [14:49] anyone able to help me with some MaaS stuff? [14:49] realnorth: just ask the question. you might want to consider #maas as well [14:50] didn't know #maas existed [14:50] thanks [14:50] I created this here http://askubuntu.com/questions/165545/maas-install-64-bit-client-nodes-doesnt-work [14:50] but basically I can't get maas to install with 64 bit OS [14:50] it always does the 32 bit version [14:50] even though the processors are 64 bit [14:56] Daviey: around? I want to run a seed change past you before I do it.... === n0ts is now known as n0ts_off [15:02] skrite, its easier to have a master/slave and switch the personality of the slave if the master dies [15:02] OR have an active/passive cluster and use clustering [15:03] each has its positives and negatives [15:04] zul: how are you on seed management? [15:05] jamespage: tolerable [15:05] jamespage: whats up [15:05] zul, if I need to add a package to the 'supported' set for server; but not ship it anywhere; is the supported-misc-server seed the right place to add it? [15:05] its where all of the openstack stuff is... [15:06] jamespage: yeah [15:07] jamespage: we really only want to build this on two to three machines. The application is different from a webserver, most of our load is disk i/o.. we do data processing, control and monitoring of lab and industry machines. [15:07] jamespage: so we take a lot of data in, we display it on a website, but that is not the major load. [15:07] skrite, what is your downtime tolerance like? [15:08] jamespage: for a failure? [15:08] yep [15:08] jamespage: if we are down less than an hour, when a machine melts down, we should be just fine [15:09] skrite, hmm - so quite low then [15:09] skrite, do you have access to a SAN or suchlike? or are they standalone servers? [15:09] They are stand-alone servers [15:10] skrite, I'd probably go with an master/slave with replication then [15:10] that way if you get a machine that pop's badly enough to have to swap it out - you still have a database.... [15:10] right now, we use one server with MySQL replication master/slave and use the other computer to run some cron jobs to help process the data, but it is difficult to have it as a ready to go replacement set up like that [15:11] because of how our data input and processing goes in. [15:11] i would like, in an ideal scenario, to write to the database on more than one computer. We run a lot of processes that really work the hard drives [15:12] what disadvantage is there with Master-Master ? i have set up master-slave many times, but never master-master. [15:12] skrite, I don't think that mysql can even do multimaster TBH [15:13] oh [15:13] well, i guess that master-slave will have to do if that's the case [15:14] skrite, without knowing the specifics of your application is hard to make recommendations [15:14] skrite, there are solutions which are more horizontally scalable than mysql [15:15] BUT they are not typically SQL/row based; so it requires a different approach to data storage and retrieval [15:15] jamespage: yeah, the problem with a change in dataserver is that i have 5+ years of code that work with the MySQL server. Python, Ruby, etc.. [15:15] skrite, hmmm [15:16] which is always awkward to change.... [15:16] yeah, we have totally outgrown our earlier solution. The database is about 70GB and growing... whew ! [15:17] 70G? well you are definately still in mysql territory then [15:17] our major I/O is not the website, it used to be. but now its all the processing of data as it comes in fromt the machines [15:18] skrite, can you offload from the database in anyway? [15:18] if that is where your bottleneck is? [15:19] jamespage: mmm. the database is part of the bottleneck, the biggest though is the disk i/o [15:19] skrite, in which case more memory and faster disks is probably the way to go... [15:20] https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1026660 [15:20] skrite, what type of storage are you using? do your servers have any type of RAID configuration? [15:20] Launchpad bug 1026660 in logrotate "after logrotate logs are empty" [Undecided,New] [15:20] why not make a text file based web chat client with ajax rather than xmpp based web clients? [15:21] jamespage: we do have RAID on our main server, with two PCI express RAM drives, Raid 5 Storage is MyISAM [15:22] skrite, hmm [15:22] I've reinstalled logrotate and rsyslog, I used to be able to restart rsyslogd and it would start logging again. Now I am without logs which is not good for an active server [15:23] jamespage: we thought that if we could use two computers that we could write to both, have the RAID as a stripe for speed and make the computers redundant instead of the drives, that would more than double the drive throughput [15:23] as i understand it.. little shakey.. [15:23] that's why i am here :) [15:26] skrite, one second [15:27] New bug: #1026655 in apache2 (main) "package apache2.2-bin 2.2.22-1ubuntu1 failed to install/upgrade: package apache2.2-bin is already installed and configured (dup-of: 1026656)" [Undecided,New] https://launchpad.net/bugs/1026655 [15:27] utlemming, seed change pushed for walinuxagent [15:27] jamespage: sure [15:31] skrite, not sure my brain is working that well today... [15:32] * jamespage thinks again... [15:32] skrite, in your scenario are you writing the same data to both servers? [15:32] thank you mr. page [15:32] jamespage: i would be, yes [15:33] so the only real benefit you are getting is the change in RAID type? [15:33] each would be an exact copy of the other, i would like to write local to the drive, and have replication take care of the updates [15:33] jamespage: well, i would gain a computer i could write to. [15:34] skrite, theoretically yes - but you are writing the same data to both so the only performance improvement is really the RAID change [15:34] right now i have master/slave. and i am limited on the slave to do work because i have to write my scripts to read from the local database and write to the master (scripts on the slave anyway) [15:35] jamespage: yes, but i thought that the data transfer between them is more effecient than my sql statements in programs [15:37] jamespage: so my slave scripts have to be written differently than the scripts on my master, because of reading and writing to different computers. [15:38] skrite, so apparently you can do master-master replication [15:38] yes, if i can do master-master replication [15:38] (not something I have ever done) [15:38] me either, was just wondering a few things about the complexity of setup, dangers of writing to both at the same time.... [15:39] what kind of PITA it may be to fix if something goes wrong. [15:39] skrite, the challenge is with conflict resolution I guess [15:39] jamespage: precicley what i am worried about [15:39] if you can write your application to effectively shard across the two servers with good partitioning it might work [15:40] but unless you have baked that in upfront it could be challenging [15:40] we might could when we soon purchase a server. That is when we plan to change how we do things [15:41] arosales, geeez ! diggin out 4 year old bugs ! [15:43] skrite, I'm not sure I would do it; I think that you are pushing the bounds of what mysql is good at doing TBH [15:43] mmm [15:43] you may be right. exactly what i am worried about, because if this goes bad, it goes real bad [15:44] messing up our database or replication, on the good to bad scale is bad. [15:44] skrite, can you partition the data associated with your workloads? or does it all need to end up in the same place? [15:45] i.e. could you run two databases with different data sets on different servers. === railsraider_ is now known as railsraider [15:45] ogra_: ya that one come up on one of Ursinha reports and looks like low hanging fruit :-) [15:46] i *think* upstartification of dchp3-server should have actually solved it ... [15:47] not sure though and i dont have any dhcp server running on a NM based system atm [15:47] stgraber, do you happen to have such a setup around atm ? NM and dchp3-server installed on the same machine [15:48] Bug 280123 [15:48] Launchpad bug 280123 in dhcp3 "dhcp3-server needs if-up.d/if-down.d scripts for better network-manager compatibility" [Undecided,Confirmed] https://launchpad.net/bugs/280123 [15:48] * ogra_ bets that can just be closed [15:48] jamespage: how do you mean partition the data? [15:48] ogra_: no rush, the bug was happy with 2.6 years since the last update :-) [15:48] yeah, imho its a candidate for closing [15:48] skrite, write different sets of data to different servers [15:48] none of the releases discussed there are supported anymore [15:50] ogra_: I agree, however I didn't want to take any action with out first checking with you and zul first [15:50] well, imho just close it with an EOL massage and a comment that epople still being bothered by it should re-open [15:51] i concur [15:52] ogra_: so, the bug should still be present with recent NM and isc-dhcp, though looking at the startup conditions, NM should start slightly before isc-dhcp, so you might get away with it most of the time [15:52] ogra_: though people should really just define that interface in /etc/network/interfaces... (as we do for LTSP) [15:53] stgraber, that was the case back then :) [15:53] /etc/network/interfaces had an entry but NM grabbed the device [15:53] ah, well, that part got fixed then :) [15:53] right [15:54] ogra_: would you mind inserting a quick comment to confirm EOL, if that is the action yo want to take? === matsubara-afk is now known as matsubara [15:57] arosales, done [15:58] ogra_: ah, thank you. :-) [15:58] always nice to close bugs [15:58] jamespage: very little could be done like that. unfortunatly [15:59] utlemming, this looks quite bad - https://jenkins.qa.ubuntu.com/view/ec2%20AMI%20Testing/view/Overview/job/oneiric-server-ec2-daily/ [15:59] i386 is broken across the board.... [15:59] * utlemming looks [16:01] jamespage: is there a way to get failures like this emailed to me? IIRC, there is jenkins plugin for sending hate mail on failures. [16:01] utlemming, ubuntu-testing-notifications ML on lists.ubuntu.com [16:01] :) [16:01] * utlemming subscribes himself [16:01] utlemming, looks like a kernel panic on boot [16:01] utlemming, warning - its quite noisy [16:02] I'll procmailer filter it I think [16:05] jamespage: this could be really bad...I'm testing but it looks like if someone upgrades their kernel their instance is horked [16:06] utlemming: specific to oneiric? [16:06] arosales: yes, this is a looks like a kernel regression [16:09] utlemming: ok [16:10] jamespage: do you have any experience with mysql-cluster? [16:11] New bug: #1026680 in bacula (main) "bacula director crashing whole system" [Undecided,New] https://launchpad.net/bugs/1026680 [16:12] jamespage: the SRU team's process will remove the tag when the package is accepted [16:14] jamespage: hey! seed change? === al-maisan is now known as almaisan-away [16:24] https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1026690 [16:24] Launchpad bug 1026690 in linux-meta "3.0.0.-23.38-virtual kernel regression kills EC2 instances" [Critical,Confirmed] [16:24] jamespage: its the kernel...I've confirmed that installing all updates but the 32-bit kernel kills the instances [16:30] jamespage: can we add a new test to the daily test -- enable proposed and update everything? Or add a new job that does this? [16:39] hallyn: i have a couple of libvirt patches coming down the pipe as well [16:49] zul: for q? [16:49] i've already pushed mine i'm afraid [16:49] i do need to SRU the one for p [16:49] hallyn: yeah for q its arm specific [17:09] smoser, I don't support cloud-init has an 'enabled proposed' feature does it? [17:10] no. there is not easy way to add proposed [17:10] (but htere is a bug that handled that for quantal) [17:10] but i dont knwo what it was and cant find it [17:10] ah. [17:10] no i was wrong [17:10] https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/997371 [17:10] Launchpad bug 997371 in software-properties "Create command to add "multiverse" and "-backports" to apt sources" [Wishlist,In progress] [17:10] is what i was thinking of [17:10] but i could/should be extended to add proposed [17:13] smoser, I think I have a way. [17:14] you're just going to have to add to /etc/apt/atp.conf.d [17:14] smoser, do apt_sources get added prior to updating/upgrading? [17:14] of course. [17:15] hm.. [17:15] i was going to suggest htat you acutallyneeded to test 'dist-upgrade' [17:15] before adding proposed [17:15] but for daily images tested within hours, maybe that isn't that big of a deal [17:16] smoser, I tend to agree - they should be up-to-date - esp for releases where proposed is in active use. [17:17] anyway - I'll do this later [17:17] well, they're guaranteed to be a couple hours old at newest. === zyga is now known as zyga-afk [17:39] can anyone explain what does this rsyslogd rule do (part of defaults): *.*;auth,authpriv.none <-- doesn't *.* already contain both auth and authpriv.none? [17:39] do/does [17:40] anyone know how i can turn on iptables accounting in Ubuntu precise 12.04? I don't have /proc/net/ip_acct [17:43] i think it is in the 'ipfwadm' pkg but aptitude search doesn't see it [17:55] jamespage: hey, thanks for all your help earlier. === Lcawte is now known as Lcawte|Away === exocaesar is now known as Guest78353 [18:14] hello [18:14] any body there [18:15] === cpg|away is now known as cpg [18:57] SpamapS: around? === randy__ is now known as JaceAlvejetti [19:24] stgraber: all right, getkeys is pushed, and set_config_item(lxc.network.0.ipv4) should work [19:24] yay! thanks [19:25] stgraber: i'm sure you'll want some changes to that, but other than those, i think we need to consider getting this usptream before adding too much more [19:25] it's goin to get too unwieldy for anyone to review [19:26] maybe i'll look at the state of seccomp next === Leseb_ is now known as Leseb [19:40] kees: d'oh, libseccomp-dev doesn't ship manpages? [19:42] man pages, tests, who needs 'em. we've got the internets [19:43] and kittenz [19:44] i don't get *why* the manpages aren't there though. they should be... [19:48] oh i see [19:49] * patdk-wk was hungry [19:50] * RoyK has put on new tyres on his bike and has to go to bed early to wake up and take a wee 50km trip tomorrow [19:55] kees: (bug filed against debian) [19:56] Hey everyone, I'm trying to set up a postfix server on ubuntu 10.04 and am having problems. I followed the guide at https://help.ubuntu.com/10.04/serverguide/postfix.html yet cant get it to work... What I can do: telnet localhost 25 and then send mail to myself or external emails via the telnet interface. What I cant do: telnet to the system from other systems (though i can ssh), send/recieve from mail clients (thunderbird) [19:56] my only clue right now is when I "telnet localhost smtp" and then "ehlo localhost" i dont see the 250-auth lines, which I've tried to troubleshoot but to no avail [19:57] lsof -ni :25 | grep LISTEN <-- bears: when you run that as root, what does it say? [19:57] master 10126 root 12u IPv4 29521343 0t0 TCP *:smtp (LISTEN) [19:58] master 10126 root 13u IPv6 29521345 0t0 TCP *:smtp (LISTEN) [20:02] * hallyn becomes worried about the implications of seccomp_syscall_priority === Lcawte|Away is now known as Lcawte [20:15] lamont: sorry i lost connection, any further ideas about my postfix server? [20:19] bears: help me better understand "other systems" - are they on the same LAN? [20:20] no, not on the same network [20:20] the server im trying to set this up on is one in a rack i rent in another city [20:23] my first suspicion then is that the nice ISP or someone is being friendly and blocking TCP/25 [20:23] because if you can talk to port 22 and you are listening on *:smtp, well, it's a network issue, not a postfix issue [20:25] i can netcat 25 and it says its open [20:25] hmm [20:29] bears: does tcpdump on your postfix host show the connection happening? [20:29] * lamont must run [20:30] I have a question about LXC in 12.04. Is there any known method to escaping the container using its technology? === ReTFEF is now known as TheTFEF [20:32] lamont: yes, when i try to get mail with thunderbird from that email address, i get Jul 19 16:31:47 M01 dovecot: imap-login: Login: user=, method=PLAIN, rip=24.176.25.111, lip=199.16.189.227, TLS [20:33] ah. so it's not that you cannot talk to postfix, it's that, having talked to postfix, it's not accepting email? [20:33] and for that, I'm going to refer you to the other postfixish people in the channel. not just because I have to run. [21:01] it [21:01] anyone have any solutions for this: http://comments.gmane.org/gmane.linux.raid/38213 ? raid (md) performance is seriously hindered by it [21:15] SpamapS: howdy!! could you please take care of maas-enlist, as I believe it would be very necessary to have it in the archives asap [21:19] roaksoax: what more can I do? Its been in proposed for 2 days [21:19] SpamapS: the verification is done :) [21:19] or is there a time requirement? [21:19] roaksoax: 7 day waiting period [21:19] unless its *totally* broken without the update? [21:19] * SpamapS reads the bug [21:19] SpamapS: ah! didn't know that. Sorry for boethering you then :) [21:20] * SpamapS actually waits for launchpad, THEN will read the bug [21:20] SpamapS: it is almost totally broken. Basically, precise machines can't enlist on MAAS running in quantal [21:22] roaksoax: what about a maas running on precise? [21:23] SpamapS: it is no effect really, but does break testing of the maas targetted for 12.04.1 [21:23] roaksoax: also, when you self-verify it, that poses a higher regression risk [21:23] SpamapS: it is a very minimal change [21:23] yeah [21:23] I see that its tiny [21:23] yeah [21:24] Since its already in proposed, can you at least point testing efforts at machines w/ proposed enabled? [21:24] That would be ideal, as it would help shake out any unintended consequences. [21:25] SpamapS: will do, thanks! [21:36] New bug: #1020278 in raphael (universe) "[MIR] raphael" [High,Fix committed] https://launchpad.net/bugs/1020278 [21:47] New bug: #1020273 in yui3 (universe) "[MIR] yui3" [High,Incomplete] https://launchpad.net/bugs/1020273 === Lcawte is now known as Lcawte|Away === smw_ is now known as smw_work === bazhang_ is now known as bazhang [23:21] New bug: #1026842 in puppet (main) "too silent puppet agent pluginsync failure if CRL is missing from node" [Undecided,New] https://launchpad.net/bugs/1026842 [23:31] New bug: #1014732 in mysql-5.5 (main) "log_error not set in my.cnf, errors not written anywhere" [High,Fix released] https://launchpad.net/bugs/1014732 [23:57] how do I find all the security updates waiting without running apt-get upgrade ?