[00:03] <bca> {{done}}
[00:03] <bca> oops
[00:06] <demonspork> I have an old laptop running Ubuntu 12.04 server in a corner and I was wondering what software you would recommend to set up backups for it? The data that I really need will fit in my dropbox account but I would like to back the entire thing up to an external drive on a regular basis, preferably a barebones backup if that could be accomplished
[00:21] <r0tha_> rsync
[02:12] <MosquitoCR> Anyone knows what is a really good tool to stress the I/O read and write ? for raid 10 or raid 5 servers ?
[02:15] <patdk-lap> sure, do whatever your going be doing on them
[02:15] <patdk-lap> cause any benchmark you do will be meaningless, unless it correctly mimics your workload
[03:11] <Skaag> is there some tool in ubuntu that I can install that exposes the server status via apache? (web)
[03:16] <MoleMan> Skaag: 'server status' ?
[03:16] <Skaag> I meant something like webmin but more decent ;)
[03:17] <MoleMan> not sure about admin... but my google-fu suggests you look up cacti
[03:17]  * MoleMan boots VM to look at
[03:18] <Skaag> cacti is great
[03:18] <Skaag> but it's a bit too much, and there's no control over the server, it just measures various metrics and graphs them with rrd
[03:18] <Skaag> anyway never mind, I guess webmin will have to do for now
[03:18] <MoleMan> what control did you want?
[03:19] <Skaag> I guess what webmin does… just with a nicer GUI.
[03:19] <Skaag> I find the webmin UI repulsive.
[03:19] <Skaag> but functionality is great!
[03:23] <MoleMan> haha, are there not any replacement styles/themes available? bit of searching might turn up someones customised CSS for it or whatver...
[03:58] <mgi> Hey, does anyone have any suggestions on how I could use smbios from the installer? I need to set PXE boot to false after the installer finishes so it doesn't PXE boot and install all over again. (This is normally achieved by executing smbios-token-ctl, however even if the binaries are on the /target I won't be able to run because I presume it installs some modules in the kernel)
[03:59] <mgi> I hope some of that makes a little bit of sense.
[05:03] <ScottK> !webmin | Skaag
[05:03] <ScottK> IIRC Zentyl (or something similar is suggested now)
[05:03] <Skaag> oh cool
[05:03] <Skaag> thank you!
[05:10] <ScottK> MoleMan: ^^^ happy now.
[07:38] <mardraum> anyone using quantal with kvm and libvirt notice that when libvirt 0.9.13 was imported virsh can't see VMs anymore (user is member of group libvirtd) unless running as root?
[07:38] <mardraum> not sure if it's a bug or a change to the behaviour
[08:11] <jamespage> mardraum, I see the same issue (just upgraded)
[08:11] <jamespage> oddly I can see stuff using virt-manager
[08:11] <jamespage> but not using virsh
[08:12] <jamespage> mardraum, wanna raise a bug and I'll confirm it?
[08:13] <jamespage> Daviey, the floodlight package it nearly there - upstream are testing from PPA ATM to validate its all good
[08:13] <jamespage> but my local testing looked OK
[08:16]  * RoyK is frustrated with ubuntu and kvm and the lack of sanlock support :(
[08:17] <Daviey> jamespage: woot
[08:18] <Pupeno_W> What does t mean as the execute permission for other in a directory? like: drwxrwxrwt  2 root root     4096 Jul 19 08:16 tmp/
[08:19] <mardraum> jamespage: thanks. sure, I'll do it now.
[08:34] <mardraum> jamespage: Bug #1026515
[08:34] <jamespage> mardraum, on it now - thanks!
[08:37] <Pupeno_W> Is there some program or way to check that the permissions of files and directories in /var are ok? I just accidentally changed many of them.
[08:45] <disposab1e> if i only need vlanX interface in my /etc/network/interfaces (vlan_raw_device eth0), do i need a separate stanza for eth0 or does it get brought up when vlanX starts?
[08:46] <disposab1e> i don't even want to have 'auto eth0' in there if i don't have to
[09:02] <slide23> Does anyone know of a daemon that will monitor my internet connectivity and send me an email if it gets disconnected? It can't rely on an uplink test though it actually needs to try accessing something on the internet
[09:13] <rubiojr> howdy folks
[09:13] <rubiojr> http://askubuntu.com/questions/165075/how-to-get-isolcpus-kernel-parameter-working-with-precise-12-04-amd64
[09:13] <rubiojr> I've been researching that stuff for a while
[09:13] <rubiojr> hints?
[09:13] <rubiojr> maybe kernel config related?
[09:14] <rubiojr> do you believe that opening a LP issue is worth it?
[10:09] <alex88> hi guys, i want to run corosync after nova-network on boot, for now, i've removed corosync from boot and added "exec sleep 10 && service corosync start" at the end of /etc/init/nova-network
[10:09] <alex88> which is obviously horrible, but i was just testing if that works, what's the correct way?
[10:11] <jamespage> anyone care to give my an opinion on bug 1025418
[10:11] <jamespage> s/my/me/
[10:14] <rbasak> jamespage: his screenshot is on the client, isn't it?
[10:14] <jamespage> rbasak, yes
[10:14] <jamespage> its a misconfiguration of openssh
[10:14] <rbasak> jamespage: best to compare this with a fork bomb I think. If he has permission to create a fork bomb, then this isn't a bug.
[10:14] <jamespage> its more whether this is a 'vulnerability'
[10:15] <jamespage> I just get dumped out when the bash can't allocate more memory....
[10:15] <rbasak> If he does not have permission to create a fork bomb, and this allows him to, then it's a vulnerability
[10:15] <jamespage> rbasak, educate me - how would I check that?
[10:16] <rbasak> jamespage: I didn't mean as direct as that - just conceptually the boundary between a vulnerabiity and a misconfiguration
[10:17] <jamespage> rbasak, ah - I see
[10:17] <rbasak> jamespage: ulimit is the usual way to prevent resource exhaustion. On his machine, his ssh client is limited to that anyway
[10:17] <rbasak> If he's exhausting resources as a client on his own machine, then he's not crossing a privilege boundary
[10:18] <rbasak> If OTOH he manages to cause a resource exhaustion on the server, and the server is configured to resource limit him, then he's crossing a privilege boundary and it's a vulnerability
[10:18] <rbasak> It's not clear to me that there's any resource exhaustion on the server at all. He says server, but it looks to me that's where he's running a client.
[10:18] <rbasak> So what he's really after is configuring some resource limits
[10:20] <rbasak> jamespage: I can comment on the bug if you like? I'll even mark it as Invalid :)
[10:21] <jamespage> rbasak, well as its a FUD target its safe to assume that 'server' is the client in this case
[10:21] <jamespage> rbasak, sure - feel free to comment and close - I think you are correct.
[11:11] <rbasak> jamespage: re: bug 988819. I've verified that the fix appears to work, but am not sure how to test it fully. I've asked for test cases from the reporters on the bug. So it's now blocked on that. If this fix does work, then the only SRU will be for modsecurity-apache, which is in universe. Thus, is the 12.04.1 milestone target still relevant, or should I drop it?
[11:11] <jamespage> rbasak, I think that the test case can be technical
[11:12] <rbasak> I've verified that libxml2.so.2 is loaded, but not that it's functional
[11:12] <jamespage> so for example I think its sufficient to say - yes we can restart apache OK with it installed and we can see that this library has been loaded by using lsof or suchlike
[11:12] <rbasak> OK in that case we're done
[11:12] <jamespage> rbasak, 12.04.1 is agnostic of location BTW
[11:12] <rbasak> May I paste your comment in the bug please? :)
[11:13] <jamespage> sure
[11:13] <jamespage> do you fancy doing the same fix for mod-proxy-html as well?
[11:13] <jamespage> rbasak, while you are there.....
[11:13] <rbasak> Sure, is there a bug on that?
[11:13] <jamespage> same bug
[11:14] <jamespage> different task
[11:14] <rbasak> Ah I missed that
[11:14] <rbasak> No problem
[11:14] <jamespage> rbasak, marvellous - thanks v much
[11:15]  * rbasak gets to it
[11:16] <jamespage> rbasak, if you ping me the branches I will upload for you as well
[11:16] <rbasak> OK, thanks!
[11:17] <jamespage> rbasak, so that means no fix in apache2 itself right?
[11:17] <rbasak> jamespage: for SRU, correct
[11:17] <jamespage> rbasak, OK - marking 'Invalid'
[12:04] <zul> good morning
[12:27] <alex88> hi guys, i've two machines, configured in the same way, in one pacemaker starts, in the other it doesn't..how can i debug why?
[12:36] <zul> alex88:  start by looking at the log file maybe?
[12:36] <alex88> zul: it seems as it never started
[12:37] <zul> alex88: checked the man page and put it in debug mode then?
[12:37] <alex88> ok, give me a second
[12:38] <zul> other than that i cant tell you what happened
[12:39] <alex88> because pacemaker writes log to /var/log/cluster/corosync.log but i get "corosync [pcmk  ] WARN: route_ais_message: Sending message to local.crmd failed: ipc delivery failed (rc=-2)"
[12:39] <alex88> let me search for debug
[12:42] <alex88> there is a -v flag. i've added an echo to file in the init script just to get if it's called
[12:42] <alex88> because after login i can start it without any problem
[12:43] <zul> alex88: then you google that message and figure it out
[12:43] <zul> and check for a #corosync channel
[12:43] <alex88> kk
[12:44] <alex88> thnx
[12:44] <alex88> it says it has been started
[12:44] <alex88> btw, i'll check
[12:46] <hallyn> zul: libvirt in quantal has dropped the patch ubuntu/9002-better_default_uri_virsh.patch.  Just to make sure - that wasn't on purpose right?
[12:46] <zul> hallyn: no
[12:47] <hallyn> k
[12:47] <jamespage> zul, hallyn: would that explain bug 1026515
[12:47] <hallyn> jamespage: yeah that's why i went looking
[12:47] <jamespage> hallyn, ah - I see
[12:48] <hallyn> do one of you have an /etc/ceph/ceph.conf?  does it look sensitive?
[12:48] <hallyn> wondering if there is any reason qemu should *not* be given access t oit
[12:49] <jamespage> hallyn, I do - one second
[12:49] <alex88> a pacemaker purge->install make it working
[12:50] <jamespage> hallyn, http://paste.ubuntu.com/1099990/
[12:50] <jamespage> for a client like libvirt it just contains addresses for the ceph monitors and nothing else AFAIK
[12:53] <jamespage> hallyn: I think it would be OK TBH
[12:54] <rbasak> jamespage: tested and done the MPs in bug 988819
[12:54] <jamespage> rbasak, you are a star - thankyou!
[12:55] <jamespage> I'll look at them PM today
[12:57] <hallyn> jamespage: cool, thanks :)
[13:00]  * jamespage looks forward to trying that out with hallyn's next upload :-)
[13:24] <jamespage> rbasak, uploaded
[13:25] <jamespage> rbasak, do we removed the verification-failed tag now?
[13:25] <jamespage> rbasak, I expect SpamapS will tell us....
[14:03] <rbasak> thanks jamespage!
[14:22] <tarvid> how do I track the status of bugs I have posted to launchpad?
[14:34] <rbasak> tarvid: https://bugs.launchpad.net/~tarvid/+reportedbugs
[14:38] <skrite> hey all, correct me if i am wrong. but the advantage of having a master-master mysql replication is that you can write to both computers, yes? Is that dangerous? I don't think i have an application that warrents a cluster.
[14:49] <realnorth> anyone able to help me with some MaaS stuff?
[14:49] <pmatulis> realnorth: just ask the question.  you might want to consider #maas as well
[14:50] <realnorth> didn't know #maas existed
[14:50] <realnorth> thanks
[14:50] <realnorth> I created this here http://askubuntu.com/questions/165545/maas-install-64-bit-client-nodes-doesnt-work
[14:50] <realnorth> but basically I can't get maas to install with 64 bit OS
[14:50] <realnorth> it always does the 32 bit version
[14:50] <realnorth> even though the processors are 64 bit
[14:56] <jamespage> Daviey: around? I want to run a seed change past you before I do it....
[15:02] <jamespage> skrite, its easier to have a master/slave and switch the personality of the slave if the master dies
[15:02] <jamespage> OR have an active/passive cluster and use clustering
[15:03] <jamespage> each has its positives and negatives
[15:04] <jamespage> zul: how are you on seed management?
[15:05] <zul> jamespage: tolerable
[15:05] <zul> jamespage: whats up
[15:05] <jamespage> zul, if I need to add a package to the 'supported' set for server; but not ship it anywhere; is the supported-misc-server seed the right place to add it?
[15:05] <jamespage> its where all of the openstack stuff is...
[15:06] <zul> jamespage:  yeah
[15:07] <skrite> jamespage: we really only want to build this on two to three machines. The application is different from a webserver, most of our load is disk i/o.. we do data processing, control and monitoring of lab and industry machines.
[15:07] <skrite> jamespage: so we take a lot of data in, we display it on a website, but that is not the major load.
[15:07] <jamespage> skrite, what is your downtime tolerance like?
[15:08] <skrite> jamespage: for a failure?
[15:08] <jamespage> yep
[15:08] <skrite> jamespage: if we are down less than an hour, when a machine melts down, we should be just fine
[15:09] <jamespage> skrite, hmm - so quite low then
[15:09] <jamespage> skrite, do you have access to a SAN or suchlike? or are they standalone servers?
[15:09] <skrite> They are stand-alone servers
[15:10] <jamespage> skrite, I'd probably go with an master/slave with replication then
[15:10] <jamespage> that way if you get a machine that pop's badly enough to have to swap it out - you still have a database....
[15:10] <skrite> right now, we use one server with MySQL replication master/slave and use the other computer to run some cron jobs to help process the data, but it is difficult to have it as a ready to go replacement set up like that
[15:11] <skrite> because of how our data input and processing goes in.
[15:11] <skrite> i would like, in an ideal scenario, to write to the database on more than one computer. We run a lot of processes that really work the hard drives
[15:12] <skrite> what disadvantage is there with Master-Master ? i have set up master-slave many times, but never master-master.
[15:12] <jamespage> skrite, I don't think that mysql can even do multimaster TBH
[15:13] <skrite> oh
[15:13] <skrite> well, i guess that master-slave will have to do if that's the case
[15:14] <jamespage> skrite, without knowing the specifics of your application is hard to make recommendations
[15:14] <jamespage> skrite, there are solutions which are more horizontally scalable than mysql
[15:15] <jamespage> BUT they are not typically SQL/row based; so it requires a different approach to data storage and retrieval
[15:15] <skrite> jamespage: yeah, the problem with a change in dataserver is that i have 5+ years of code that work with the MySQL server. Python, Ruby, etc..
[15:15] <jamespage> skrite, hmmm
[15:16] <jamespage> which is always awkward to change....
[15:16] <skrite> yeah, we have totally outgrown our earlier solution. The database is about 70GB and growing... whew !
[15:17] <jamespage> 70G? well you are definately still in mysql territory then
[15:17] <skrite> our major I/O is not the website, it used to be. but now its all the processing of data as it comes in fromt the machines
[15:18] <jamespage> skrite, can you offload from the database in anyway?
[15:18] <jamespage> if that is where your bottleneck is?
[15:19] <skrite> jamespage: mmm. the database is part of the bottleneck, the biggest though is the disk i/o
[15:19] <jamespage> skrite, in which case more memory and faster disks is probably the way to go...
[15:20] <tarvid> https://bugs.launchpad.net/ubuntu/+source/logrotate/+bug/1026660
[15:20] <jamespage> skrite, what type of storage are you using? do your servers have any type of RAID configuration?
[15:20] <maplesoft> why not make a text file based web chat client with ajax rather than xmpp based web clients?
[15:21] <skrite> jamespage: we do have RAID on our main server, with two PCI express RAM drives, Raid 5 Storage is MyISAM
[15:22] <jamespage> skrite, hmm
[15:22] <tarvid> I've reinstalled logrotate and rsyslog, I used to be able to restart rsyslogd and it would start logging again. Now I am without logs which is not good for an active server
[15:23] <skrite> jamespage: we thought that if we could use two computers that we could write to both, have the RAID as a stripe for speed and make the computers redundant instead of the drives, that would more than double the drive throughput
[15:23] <skrite> as i understand it.. little shakey..
[15:23] <skrite> that's why i am here :)
[15:26] <jamespage> skrite, one second
[15:27] <jamespage> utlemming, seed change pushed for walinuxagent
[15:27] <skrite> jamespage: sure
[15:31] <jamespage> skrite, not sure my brain is working that well today...
[15:32]  * jamespage thinks again...
[15:32] <jamespage> skrite, in your scenario are you writing the same data to both servers?
[15:32] <utlemming> thank you mr. page
[15:32] <skrite> jamespage: i would be, yes
[15:33] <jamespage> so the only real benefit you are getting is the change in RAID type?
[15:33] <skrite> each would be an exact copy of the other, i would like to write local to the drive, and have replication take care of the updates
[15:33] <skrite> jamespage: well, i would gain a computer i could write to.
[15:34] <jamespage> skrite, theoretically yes - but you are writing the same data to both so the only performance improvement is really the RAID change
[15:34] <skrite> right now i have master/slave. and i am limited on the slave to do work because i have to write my scripts to read from the local database and write to the master (scripts on the slave anyway)
[15:35] <skrite> jamespage: yes, but i thought that the data transfer between them is more effecient than my sql statements in programs
[15:37] <skrite> jamespage: so my slave scripts have to be written differently than the scripts on my master, because of reading and writing to different computers.
[15:38] <jamespage> skrite, so apparently you can do master-master replication
[15:38] <skrite> yes, if i can do master-master replication
[15:38] <jamespage> (not something I have ever done)
[15:38] <skrite> me either, was just wondering a few things about the complexity of setup, dangers of writing to both at the same time....
[15:39] <skrite> what kind of PITA it may be to fix if something goes wrong.
[15:39] <jamespage> skrite, the challenge is with conflict resolution I guess
[15:39] <skrite> jamespage: precicley what i am worried about
[15:39] <jamespage> if you can write your application to effectively shard across the two servers with good partitioning it might work
[15:40] <jamespage> but unless you have baked that in upfront it could be challenging
[15:40] <skrite> we might could when we soon purchase a server. That is when we plan to change how we do things
[15:41] <ogra_> arosales, geeez ! diggin out 4 year old bugs !
[15:43] <jamespage> skrite, I'm not sure I would do it; I think that you are pushing the bounds of what mysql is good at doing TBH
[15:43] <skrite> mmm
[15:43] <skrite> you may be right. exactly what i am worried about, because if this goes bad, it goes real bad
[15:44] <skrite> messing up our database or replication, on the good to bad scale is bad.
[15:44] <jamespage> skrite, can you partition the data associated with your workloads? or does it all need to end up in the same place?
[15:45] <jamespage> i.e. could you run two databases with different data sets on different servers.
[15:45] <arosales> ogra_: ya that one come up on one of Ursinha reports and looks like low hanging fruit :-)
[15:46] <ogra_> i *think* upstartification of dchp3-server  should have actually solved it ...
[15:47] <ogra_> not sure though and i dont have any dhcp server running on a NM based system atm
[15:47] <ogra_> stgraber, do you happen to have such a setup around atm ? NM and dchp3-server installed on the same machine
[15:48] <ogra_> Bug 280123
[15:48]  * ogra_ bets that can just be closed
[15:48] <skrite> jamespage: how do you mean partition the data?
[15:48] <arosales> ogra_: no rush, the bug was happy with 2.6 years since the last update :-)
[15:48] <ogra_> yeah, imho its a candidate for closing
[15:48] <jamespage> skrite, write different sets of data to different servers
[15:48] <ogra_> none of the releases discussed there are supported anymore
[15:50] <arosales> ogra_: I agree, however I didn't want to take any action with out first checking with you and zul first
[15:50] <ogra_> well, imho just close it with an EOL massage and a comment that epople still being bothered by it should re-open
[15:51] <zul> i concur
[15:52] <stgraber> ogra_: so, the bug should still be present with recent NM and isc-dhcp, though looking at the startup conditions, NM should start slightly before isc-dhcp, so you might get away with it most of the time
[15:52] <stgraber> ogra_: though people should really just define that interface in /etc/network/interfaces... (as we do for LTSP)
[15:53] <ogra_> stgraber, that was the case back then :)
[15:53] <ogra_> /etc/network/interfaces had an entry but NM grabbed the device
[15:53] <stgraber> ah, well, that part got fixed then :)
[15:53] <ogra_> right
[15:54] <arosales> ogra_: would you mind inserting a quick comment to confirm EOL, if that is the action yo want to take?
[15:57] <ogra_> arosales, done
[15:58] <arosales> ogra_: ah, thank you. :-)
[15:58] <arosales> always nice to close bugs
[15:58] <skrite> jamespage: very little could be done like that. unfortunatly
[15:59] <jamespage> utlemming, this looks quite bad - https://jenkins.qa.ubuntu.com/view/ec2%20AMI%20Testing/view/Overview/job/oneiric-server-ec2-daily/
[15:59] <jamespage> i386 is broken across the board....
[15:59]  * utlemming looks
[16:01] <utlemming> jamespage: is there a way to get failures like this emailed to me? IIRC, there is jenkins plugin for sending hate mail on failures.
[16:01] <jamespage> utlemming, ubuntu-testing-notifications ML on lists.ubuntu.com
[16:01] <utlemming> :)
[16:01]  * utlemming subscribes himself
[16:01] <jamespage> utlemming, looks like a kernel panic on boot
[16:01] <jamespage> utlemming, warning - its quite noisy
[16:02] <utlemming> I'll procmailer filter it I think
[16:05] <utlemming> jamespage: this could be really bad...I'm testing but it looks like if someone upgrades their kernel their instance is horked
[16:06] <arosales> utlemming: specific to oneiric?
[16:06] <utlemming> arosales: yes, this is a looks like a kernel regression
[16:09] <arosales> utlemming: ok
[16:10] <skrite> jamespage: do you have any experience with mysql-cluster?
[16:12] <SpamapS> jamespage: the SRU team's process will remove the tag when the package is accepted
[16:14] <Daviey> jamespage: hey!  seed change?
[16:24] <utlemming> https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1026690
[16:24] <utlemming> jamespage: its the kernel...I've confirmed that installing all updates but the 32-bit kernel kills the instances
[16:30] <utlemming> jamespage: can we add a new test to the daily test -- enable proposed and update everything? Or add a new job that does this?
[16:39] <zul> hallyn: i have a couple of libvirt patches coming down the pipe as well
[16:49] <hallyn> zul: for q?
[16:49] <hallyn> i've already pushed mine i'm afraid
[16:49] <hallyn> i do need to SRU the one for p
[16:49] <zul> hallyn: yeah for q its arm specific
[17:09] <jamespage> smoser, I don't support cloud-init has an 'enabled proposed' feature does it?
[17:10] <smoser> no. there is not easy way to add proposed
[17:10] <smoser> (but htere is a bug that handled that for quantal)
[17:10] <smoser> but i dont knwo what it was and cant find it
[17:10] <smoser> ah.
[17:10] <smoser> no i was wrong
[17:10] <smoser> https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/997371
[17:10] <smoser> is what i was thinking of
[17:10] <smoser> but i could/should be extended to add proposed
[17:13] <jamespage> smoser, I think I have a way.
[17:14] <smoser> you're just going to have to add to /etc/apt/atp.conf.d
[17:14] <jamespage> smoser, do apt_sources get added prior to updating/upgrading?
[17:14] <smoser> of course.
[17:15] <smoser> hm..
[17:15] <smoser> i was going to suggest htat you acutallyneeded to test 'dist-upgrade'
[17:15] <smoser> before adding proposed
[17:15] <smoser> but for daily images tested within hours, maybe that isn't that  big of a deal
[17:16] <jamespage> smoser, I tend to agree - they should be up-to-date - esp for releases where proposed is in active use.
[17:17] <jamespage> anyway - I'll do this later
[17:17] <smoser> well, they're guaranteed to be a couple hours old at newest.
[17:39] <reisi> can anyone explain what does this rsyslogd rule do (part of defaults): *.*;auth,authpriv.none <-- doesn't *.* already contain both auth and authpriv.none?
[17:39] <reisi> do/does
[17:40] <jtran> anyone know how i can turn on iptables accounting in Ubuntu precise 12.04?   I don't have /proc/net/ip_acct
[17:43] <jtran> i think it is in the 'ipfwadm' pkg but aptitude search doesn't see it
[17:55] <skrite> jamespage: hey, thanks for all your help earlier.
[18:14] <malak> hello
[18:14] <malak> any body there
[18:15] <RoyK>  
[18:57] <LordOfTime> SpamapS: around?
[19:24] <hallyn> stgraber: all right, getkeys is pushed, and set_config_item(lxc.network.0.ipv4) should work
[19:24] <stgraber> yay! thanks
[19:25] <hallyn> stgraber: i'm sure you'll want some changes to that, but other than those, i think we need to consider getting this usptream before adding too much more
[19:25] <hallyn> it's goin to get too unwieldy for anyone to review
[19:26] <hallyn> maybe i'll look at the state of seccomp next
[19:40] <hallyn> kees: d'oh, libseccomp-dev doesn't ship manpages?
[19:42] <SpamapS> man pages, tests, who needs 'em. we've got the internets
[19:43] <hallyn> and kittenz
[19:44] <hallyn> i don't get *why* the manpages aren't there though.  they should be...
[19:48] <hallyn> oh i see
[19:49]  * patdk-wk was hungry
[19:50]  * RoyK has put on new tyres on his bike and has to go to bed early to wake up and take a wee 50km trip tomorrow
[19:55] <hallyn> kees: (bug filed against debian)
[19:56] <bears> Hey everyone, I'm trying to set up a postfix server on ubuntu 10.04 and am having problems. I followed the guide at https://help.ubuntu.com/10.04/serverguide/postfix.html yet cant get it to work... What I can do: telnet localhost 25 and then send mail to myself or external emails via the telnet interface. What I cant do: telnet to the system from other systems (though i can ssh), send/recieve from mail clients (thunderbird)
[19:56] <bears> my only clue right now is when I "telnet localhost smtp" and then "ehlo localhost" i dont see the 250-auth lines, which I've tried to troubleshoot but to no avail
[19:57] <lamont> lsof -ni :25 | grep LISTEN <-- bears: when you run that as root, what does it say?
[19:57] <bears> master  10126 root   12u  IPv4 29521343      0t0  TCP *:smtp (LISTEN)
[19:58] <bears> master  10126 root   13u  IPv6 29521345      0t0  TCP *:smtp (LISTEN)
[20:02]  * hallyn becomes worried about the implications of seccomp_syscall_priority
[20:15] <bears> lamont: sorry i lost connection, any further ideas about my postfix server?
[20:19] <lamont> bears: help me better understand "other systems" - are they on the same LAN?
[20:20] <bears> no, not on the same network
[20:20] <bears> the server im trying to set this up on is one in a rack i rent in another city
[20:23] <lamont> my first suspicion then is that the nice ISP or someone is being friendly and blocking TCP/25
[20:23] <lamont> because if you can talk to port 22 and you are listening on *:smtp, well, it's a network issue, not a postfix issue
[20:25] <bears> i can netcat 25 and it says its open
[20:25] <bears> hmm
[20:29] <lamont> bears: does tcpdump on your postfix host show the connection happening?
[20:29]  * lamont must run
[20:30] <Rallias> I have a question about LXC in 12.04. Is there any known method to escaping the container using its technology?
[20:32] <bears> lamont: yes, when i try to get mail with thunderbird from that email address, i get Jul 19 16:31:47 M01 dovecot: imap-login: Login: user=<mike>, method=PLAIN, rip=24.176.25.111, lip=199.16.189.227, TLS
[20:33] <lamont> ah.  so it's not that you cannot talk to postfix, it's that, having talked to postfix, it's not accepting email?
[20:33] <lamont> and for that, I'm going to refer you to the other postfixish people in the channel.  not just because I have to run.
[21:01] <freakynl>  it
[21:01] <freakynl> anyone have any solutions for this: http://comments.gmane.org/gmane.linux.raid/38213 ? raid (md) performance is seriously hindered by it
[21:15] <roaksoax> SpamapS: howdy!! could you please take care of maas-enlist, as I believe it would be very necessary to have it in the archives asap
[21:19] <SpamapS> roaksoax: what more can I do? Its been in proposed for 2 days
[21:19] <roaksoax> SpamapS: the verification is done :)
[21:19] <roaksoax> or is there a time requirement?
[21:19] <SpamapS> roaksoax: 7 day waiting period
[21:19] <SpamapS> unless its *totally* broken without the update?
[21:19]  * SpamapS reads the bug
[21:19] <roaksoax> SpamapS: ah! didn't know that. Sorry for boethering you then :)
[21:20]  * SpamapS actually waits for launchpad, THEN will read the bug
[21:20] <roaksoax> SpamapS: it is almost totally broken. Basically, precise machines can't enlist on MAAS running in quantal
[21:22] <SpamapS> roaksoax: what about a maas running on precise?
[21:23] <roaksoax> SpamapS: it is no effect really, but does break testing of the maas targetted for 12.04.1
[21:23] <SpamapS> roaksoax: also, when you self-verify it, that poses a higher regression risk
[21:23] <roaksoax> SpamapS: it is a very minimal change
[21:23] <SpamapS> yeah
[21:23] <SpamapS> I see that its tiny
[21:23] <roaksoax> yeah
[21:24] <SpamapS> Since its already in proposed, can you at least point testing efforts at machines w/ proposed enabled?
[21:24] <SpamapS> That would be ideal, as it would help shake out any unintended consequences.
[21:25] <roaksoax> SpamapS: will do, thanks!
[23:57] <axisys> how do I find all the security updates waiting without running apt-get upgrade ?