
wizonesolutionsargh, how do I actually connect to the VNC console on a KVM guest?00:04
wizonesolutionsI'd rather SSH in but don't know how to figure out its IP00:04
=== Aaton is now known as Aaton_off
=== bitmonk_ is now known as bitmonk
=== n0ts_off is now known as n0ts
=== bitmonk_ is now known as bitmonk
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
wizonesolutionsgoodness gracious. figured out how to get the VMs bridged so I could SSH in, but that was way underdocumented. I should somehow contribute when I have time...01:10
TheLordOfTimeSpamapS:  good idea, thanks.01:13
=== jhulten_ is now known as jhulten
uvirtbotNew bug: #1031568 in bacula (main) "package bacula-director-mysql 5.0.3-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1. Also, the database it needed could not be created." [Undecided,New] https://launchpad.net/bugs/103156802:11
akivaokay let me get this straight02:48
akivaa dns server basically takes an IP, and attaches a name to it, such as www.name.com, to which it then arranges the names in a type of heirarchy02:49
akivasuch as www.name.com/foo02:49
mardraumyou look like you are confusing DNS and HTTP02:50
akivaI am just looking at my installation here02:51
=== cpg is now known as cpg|away
akivaand I am trying to learn about the different types of servers that I can install02:51
akivato which I want to set up dummies in which I can learn from02:51
ScottKmardraum: No.  He's not.02:51
mardraumScottK: how is "/foo" related to DNS02:52
akivaso a dns then is basically taking addresses, and attaching naming schemes which are/can be heirarchical.02:54
ScottKExcept he's right to an extent.02:54
akivamardraum: foo is the name of a sup page in the site. Just chose the name foo :P02:54
ScottKDNS will figure the IP address associated with example.com or www.example.com.02:55
ScottKWithin a sing host, it doesn't help you.02:55
mardraumakiva: yes, which is HTTP, not DNS02:55
ScottKmardraum: It could be multiple protocols.02:55
ScottKFor a web server it's http, but for an ftp server it's ftp.02:55
ScottKThe path within the host is not tied to a specific protocol.02:56
akivaWould I ever use a DNS server practically speaking?02:56
mardraumit's not DNS though, is it ScottK ?02:56
=== cpg|away is now known as cpg
mardraumI think that's what we are trying to establish.02:56
ScottKNo, it's not.02:56
ScottKDNS get's you an IP/hostname pairing that's it.02:56
akivaokay, interesting02:56
ScottKEverything after that is related to the file hierarchy of the host.02:57
akivabut http, ftp, dns, these are all "Name Servers"?02:57
mardraumDNS gets you more than simple IP/hostname pairing, what about MX records, TXT records, etc02:57
ScottKThey are all protocols.02:57
ScottKSure, but in this context.02:57
akivaprotocols, each one with distinct advantages, etc02:59
taipresdoes debian use less mem than ubuntu?03:10
taipresserver that is03:11
qman__not if you install the same packages, by any measurable amount03:12
taipreswhat do you consider measurable03:12
qman__memory use depends on what software you install03:12
qman__you can choose to install less stuff with different install options03:13
qman__like JeOS or minimal, though minimal is more difficult to get working03:13
taipresam asking because i'm running it on a VPS03:14
taipresso memory is a bottleneck03:14
qman__the only notable difference here is that debian, when you choose to not install the GUI, installs less packages than the regular ubuntu server install03:14
mardraumthey only affect "memory" while they are running, are you actually concerned with disk space?03:15
genii-aroundSetting APT::Install-Recommends off helps quite a bit with the bloat03:19
ScottKBut, you're on your own if something doesn't work the way you expect.  The system's designed for those to be on unless you know what you're doing.03:26
taipresI aways remove apache2 immediately heh03:28
mardraumI didn't think apache2 was installed by default03:29
taipreswell for VPS's it seems to be03:30
taipresat least ones i've tried03:30
ScottKThat's your VPS's provider doing that.03:30
ScottKIt's not part of the Ubuntu Server default install.03:30
taipresthat's weird that'd add software then make an imagine, since is for openvz03:31
taipresxen, or what have you03:31
taipresI only use openvz atm though03:31
taipresimage rather03:31
mardraumit's not weird, since 99% of people who don't know what they are doing will want LAMP03:31
mardraumprovider is simply cutting down on support calls03:32
taipresgood point :)03:32
taipresthough mysql and phpmyadmin not installed by default, from ones i've seen03:33
taipresI get unmanaged vps's though03:33
mardraumphp, not phpmyadmin03:33
taipresyeah that either, have to apt-get it03:34
mardraumI guess they are going with a more secure default then, not the kitchen sink, good for them03:34
taipresyeah I love budget vps's, get nice servers for few bucks a month that gives me far far more control and flexibility than shared hosting, can remove/install distros in few seconds too, I usually pick ubuntu though03:35
taipreseasiest, but I keep hearing people recommend debian for servers03:36
=== n0ts is now known as n0ts_off
ScottKDebian and Ubuntu have very different release processes.03:49
taipresdebian like turtle, ubuntu like rabbit? :)03:49
ScottKIf you need non-ancient software in a release, Debian may not be for you.03:49
ScottKSort of.03:49
ScottKUbuntu releases every 6 months.03:49
taipresi'm using version03:49
ScottKDebian releases when they believe it's ready.03:49
taipres11.04 currently03:50
ScottKYou may want to consider upgrading.03:50
taipresdoes the new 12 use a lot of memory?03:50
ScottKIt's not much different than 11.04, but to get to 12.04, you need to upgrade to 11.10 and then 12.04.03:50
ScottKDirect upgrades from 11.04 aren't supported.03:50
taipreswell there's a template for to, so I could switch over, it'd be fresh install anyway03:51
taipresjust don't want to use a bunch of new memory for the latest version when it's not necessary03:51
=== fenris is now known as Guest72521
qman__the important reason here is 12.04 is LTS and supported for 5 years, while 11.04 isn't, and is already over year through its support03:56
taipreswho supports it03:57
qman__the important part of support being patches and this channel03:58
taipresmy host has two images04:00
taipresubuntu-12.04-x86 326MBs and ubuntu-12.04-x86q1-July over 500mbs?04:00
taipresweird the latter is so much larger trying to figure out why04:00
taipresi'm sure patches are good practice but linux seems pretty secure04:01
taipresonly downside i've personally seen, in terms of myself for older ubuntu is repo isn't the best04:02
taipreshas older software, I'm aware 11.04 has almost released its end of cycle for support though04:03
ScottKPatches won't make it bigger.04:07
morpheuola pessoal04:15
morpheuto com um problema04:16
morpheuno servidor04:16
=== fenris_ is now known as Guest72079
=== n0ts_off is now known as n0ts
uvirtbotNew bug: #1006770 in backuppc (main) "package backuppc 3.2.1-2ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Low,Expired] https://launchpad.net/bugs/100677004:26
uvirtbotNew bug: #993660 in samba (main) "package samba-common 2:3.5.8~dfsg-1ubuntu2.4 failed to install/upgrade: unable to open '/etc/dhcp3/dhclient-enter-hooks.d/samba.dpkg-new': Too many levels of symbolic links" [Undecided,Expired] https://launchpad.net/bugs/99366004:27
uvirtbotNew bug: #995315 in samba (main) "package samba 2:3.6.3-2ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Low,Expired] https://launchpad.net/bugs/99531504:27
uvirtbotNew bug: #1006829 in samba (main) "package samba 2:3.6.3-2ubuntu2.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Low,Expired] https://launchpad.net/bugs/100682904:27
taipresjust installed debian looks to be using 2 more megabytes then the ubuntu install05:11
taipresdang was hoping for the opposite, removed all default services I don't need05:11
=== cpg is now known as cpg|away
akivais it wise to encrypt a server?06:36
seekwillakiva: What do you mean?06:46
akivaseekwill: I am trying to setup a business, and I have established 5 types of systems I am going to be using06:47
akivaand of these 5 types, I am trying to determine which types I should bother with encryptions,06:47
akivaparticularly the lvm, and the disk06:47
akivagiven that a server does not tend to get stolen, and it might be bothersome if it needs rebooting right away, I am thinking I will not encrypt my server types of computers06:48
seekwillYou can never have too much security, but there are other things I worry about before disk encryption06:48
akivasuch as?06:48
seekwillNetwork and physical security06:48
akivaNetwork is something I have yet to get too yet.06:49
seekwillSo, what are these five types?06:49
akivaServer, Administrators, Executives, Departments, and Terminals06:50
akivaThe server is obviously going to be tucked away on its rack, doing its thing.06:50
akivaAdmins are the only users who have read write access to the servers,06:51
seekwillAre you the business owner, the IT manager, or?06:51
akivaIT manager06:52
akivaMight as well say business owner though, given circumstances06:52
akivaI got a simple spreadsheet. explains it all06:52
seekwillIf you are the business owner, I would highly suggest outsourcing this so you can focus on your core business06:52
akivaNo, I don't believe in doing that type of thing06:53
akivaor rather, I do not enjoy it.06:53
seekwillThe question you're asking seems to be at a much higher architectural level, which doesn't always work well over IRC06:53
akivaWhat does IRC have to do with it?06:54
seekwillI could be jumping to conclusions too early, but that's just the feeling I get06:54
akivaspeaking from previous experience, I do want any higher up to have their disks encrypted.06:56
seekwillFor example, I disagree with your statement that disk encryption on your servers is unnecessary as you don't generally reboot servers outside a maintenance window06:56
akivaI have witnessed laptops and desktops being stolen before.06:56
seekwill... or just don't store that data on those machines :/06:57
akivaseekwill: I don't understand the logic behind that06:57
akivaYes, I am looking into the cloud too06:57
akivaubuntu one I figure should suffice06:58
akivaGoogle Docs... maybe, but I am not entirely sold on that yet.06:58
seekwillDon't understand the logic behind what?06:59
akivadisk encrypting a server thats always running?07:00
akivaand that is highly unlikely to be stolen?07:00
seekwillUmm ok07:00
seekwillIs your server stored in a commercial data center with 24/7 security? How sensitive is the data you're storing?07:00
seekwillBut like I said, these are not really the conversations that go well over IRC, in my opinion07:01
akivaseekwill: Very sensitive. It would be stored locally.07:01
seekwillIf you are worried about data being stolen, I would never consider using Ubuntu One or Google Docs07:01
seekwillI have a much higher confidence with commercial data centers than my own office07:02
akivaNo, not google docs07:02
akivawith ubuntu one, I don't really know. Its purpose would only be to back up certain emails and local documents07:02
SpamapSakiva: Have you ever heard the statement "Security is a process, not a product" ?07:03
akivaseekwill: I used to work in security and surveillance, so I tend to have...07:03
akivaSpamapS: I think that is a fair statement.07:03
SpamapSOk, well you'll understand this if you worked in surveillance07:03
SpamapSIf surveillance was about products.. people wouldn't be needed.07:04
SpamapSlikewise w/ security07:04
SpamapSyou can automate *a lot*07:04
SpamapSbut you still have to go through the process of planning and evaluating07:04
akivaSpamapS: Agreed, such is why I am trying to create standards07:05
seekwillThere are lots of security standards out there07:05
seekwillEven certifications!07:05
SpamapSakiva: indeed, its good to start with a process which gets you going and mitigates your risk early on...07:05
akivaseekwill: Certs can go fly a kite :P07:05
seekwillOk :)07:05
akivaSpamapS: I am focussing on long term scalability, and setting password standards that will be highly secure without giving you a headache07:06
SpamapSakiva: anyway, encrypting your server isn't really the question to ask07:06
SpamapSIts "what am I risking if I let security be at 0"07:06
akivacontrary to popular belief, "@#<sea TsatZX5@#^" is not that secure of a password07:07
SpamapSfind a dollar value for that..07:07
SpamapSspend an appropriate percentage of that dollar amount protecting it07:07
seekwillHow did you guess my password?!?!? :(07:07
akivaSpamapS: well, I am specifically talking about lvm and disk encryption07:07
akivaSpamapS: These types of encryptions if I am not so naive, are important when physical theft is involved07:08
akivaseekwill: ha ha ha07:08
SpamapSakiva: great. What assets would be at risk without whole-disk encryption? How much are they worth? How much will encryption cost? answer those, and you'll have your answer.07:08
seekwillBut you get the answer "for now". Things change07:09
akivawell, how does one physically steal a server rack locked in its own air conditioned room?07:09
seekwillSo because you can't do it, means no one else can?07:09
SpamapSHonestly, sysadmins and engineers suck at security planning (I say that as a sysadmin/engineer). You need an insurance agent to really get things right.07:10
akivaas to encryption, here is one thing I do not know07:10
SpamapSakiva: how is not important..07:10
SpamapSakiva: why. answer that first.07:10
SpamapSIf its worth $1,000,000 .. they can spend $100,000 on equipment / man power / planning and still profit from the theft.07:10
akivafor a server, where performance is important, does an encrypted file system need more cpu power etc?07:11
SpamapSakiva: yes it will use a few more cycles to encrypt/decrypt data07:11
akivaSpamapS: Perhaps you are more optomistic about those in the workforce than I am.07:11
akivaSpamapS: That was my supposition, though I was not entirely sure.07:12
ScottKThe other thing you have to ask yourself is what are you guarding against?07:13
akivaScottK: Good question. But one step at a time right now07:13
ScottKWithout knowing the answer to that question, you can't answer the encryption question.07:14
SpamapSTo me, you look at risk factors once you've assesed the value of your assets. Its hard to know how likely things are without numbers.07:14
akivalvm encryption and disk encryption, given that physical theft risk is near nil, that such would not be neccessary07:14
akivathat is not to say that some other type of encryptian would not be important.07:15
akivagiven the assumption that this server will not be stolen07:15
SpamapS"physical theft risk is near nil" .. this sounds like WAG method of assessment07:15
akivaSpamapS: What is Wag?07:15
akivaAnd trust me.07:16
SpamapSWild Ass Guessing07:16
ScottKI know someone who has an encrypted VM and has to go to the data center every time the VM is restarted to enter a passphrase because he wants to ensure the data center operators don't have access to it.07:16
akivaLike I said, I have experience in this particular regard07:16
akivaScottK: It will be held locally07:16
akivaScottK: but yes, in that case07:16
akivathat would be very advisable.07:16
SpamapSakiva: as do many here.. many whom you're subtly ignoring, I suspect because you want to play with encryption.07:17
SpamapSI've seen many people talk themselves into security "solutions"07:17
akivaSpamapS: If I wanted to play with encryption, then I would not question it.07:17
SpamapSmy customers, back when I was doing spam filters and basic intrusion detection systems, often talked themselves into buying an IDS even before I had assessed their risk.. because the web interface was cool07:18
SpamapSakiva: also you can measure how much encryption drains the performance07:18
akivaSpamapS: Indeed, that is exactly what I am doing. What is my purpose here however? To see if there is any oversight.  does disk encryptian protect against any non physical attempts at data theft?07:18
akivaI don't know07:18
SpamapSinstall w/ and w/o it.. measure the metrics that matter to your business.07:19
=== smb` is now known as smb
akivaSpamapS: Yes, that will be tricky. I will need to do it anyways, but that will be depending on performance forecasts07:20
SpamapSakiva: if you leave the volumes encrypted most of the time, and only use the physical console to decrypt.. you can mitigate a remote attack07:20
SpamapSbut you'd still be vulnerable to root exploits while the volumes are decrypted.07:21
SpamapSand even if they're encrypted and the box is rooted..07:22
SpamapSif you don't notice before decrypting.. you're still vulnerable because now they have keyboard logged the passphrase07:22
akivaSpamapS: but I am just asking about disk and lvm encryptian07:22
akivathat is all right now07:22
SpamapSIts primarily a mitigation strategy for physical access violations.07:22
* SpamapS reboots into quantal w/ fingers crossed07:23
akivaassuming I only have to worry about remote attacks, a disk encryptian and an lvm encryptian are not going to help mitigate attacks. Is this correct?07:24
alex88hi guys, from http://kernel.ubuntu.com/~kernel-ppa/mainline/ i need a kernel > 3.4, can i use the quantal release also if i'm running precise?07:32
SpamapSalex88: I believe there is a PPA with the backport07:37
akivaSpamapS: Have you used landscape?07:39
* alex88 searchs07:41
feisarhow pricey is Landscape?07:42
akivaseems pretty reasonable to me07:42
akiva33 a year I think for webhosting07:42
akivalocal hosting is about 100 per year07:42
feisarthe number of Ubuntu Server boxes I manage is increasing and I understand that Landscape can centrally manage them07:43
akivawait, its more07:44
akivaI am thinking of something else apparently07:44
akivawait*, I think I am thinking of openerp07:44
akivaWanting to impliment this too :)07:44
koolhead11akiva: feisar mailing the markting folks via there canonical website will be more helpful07:45
koolhead11the place is more developer oriented :P07:45
feisarakiva: I have been looking at OpenERP for a small business that needs a new finance package07:45
feisarkoolhead11: yeah, thanks07:46
koolhead11Daviey: so i seriously feel am missing something with LXC or it has some bugs07:46
akivafeisar: ugh, mail07:46
akivathanks though, it probably is correct07:46
taipressadly my vps provider, most their images for distros are broken07:47
akivafeisar: I am looking to set up a warehouse, and need something that will be able to deal with idependent product serials etc07:47
taipresone after another, tried latest ubuntu, one didn't load other used like 30mbs of ram I think and couldn't ssh in07:47
feisartaipres: what's the hardware?07:48
feisartaipres: oh sorry, just seen the above07:48
taipresI knew 12.x used lot more mem, was hoping wasn't as much as I saw at least for 1 build07:49
taipresso i'll hold off on that07:49
=== tommygu_ is now known as Guest80214
jamespageDaviey: any particular reason rabbitmq-server was synced for quantal rather than merged?08:16
lynxmanmorning o/08:17
jamespagemorning lynxman08:17
lynxmanjamespage: mr Page :)08:18
mardraumcan anyone give me an idea about what else I can do to help debug 101435008:18
jamespagebug 101435008:19
uvirtbotLaunchpad bug 1014350 in linux "WARNING: at /build/buildd/linux-3.2.0/net/core/dev.c:1960 skb_gso_segment+0x341/0x3b0()" [Medium,Confirmed] https://launchpad.net/bugs/101435008:19
jamespagemardraum, I think you've already done loads08:27
Davieyjamespage: MAAS, LS and the DM were happy that the ubuntu changes had been adopted08:28
Davieyjamespage: see the merge bug08:28
jamespageDaviey, OK - I'm going to drop the mcollective delta as well then as it depends on stuff that no longer exists08:28
mardraumjamespage: thanks for looking, I'll be patient :D08:29
jamespagemardraum, the kernel team have a pretty good triage process and your right in it...08:30
=== railsraider_ is now known as railsraider
nocturnHi, I have KVM running on 11.10 server with a 12.04 guest.   I set up prerouting and forwarding on the host to make port 25 on the guest available to the outside.  Post is open remotely, but not reaching the guest.  A similar forward to another VM on port 22 is working.   What could I be missing?08:52
nocturnRule: -A PREROUTING -p tcp -m tcp -d --dport 25 -j DNAT --to-destination
nocturn-A FORWARD -p tcp -d --dport 25 -j ACCEPT08:53
nocturn.45 is public08:53
fastaIs there any GUI to completely control iptable rules?09:02
RoyKstupid bot09:05
RoyKfirst hit on google ;)09:05
koolhead11zul: let me know when you around09:07
koolhead11hi jamespage09:08
jamespagehey koolhead1109:08
koolhead11how are things jamespage09:08
jamespageand you09:08
koolhead11am awesomer09:08
koolhead11need some help from Zul to get LXC working in essex09:08
fastaRoyK: that's not a GUI, because it requires me to understand the syntax of iptables.09:09
koolhead11jamespage: i wonder who shot those kareoke videos and where are they09:09
fastaRoyK: I am sure a GUI could be designed which doesn't require that.09:09
koolhead11the UDS one09:09
RoyKfasta: well, it's the best I could find - learning iptables syntax isn't that hard, after all09:10
koolhead11RoyK: +109:10
fastaRoyK: it's also silly that one even needs to learn a syntax, because it only creates a dependency on Linux.09:10
RoyKfasta: if you need something simple, try pfSense - it's based on FreeBSD, not iptables, but it's simple and easy to use09:10
fastaRoyK: it's basically a kind of vendor lockin.09:10
koolhead11fasta: http://www.shorewall.net/ might help09:10
RoyKfasta: it's *NEVER* silly to learn anything09:10
fastaRoyK: so, you mean: install a virtual machine?09:11
RoyKfasta: either learn how things work, or use something fancy09:11
* RoyK likes to learn how things work09:11
fastaRoyK: I like to learn how things of importance work.09:11
RoyKfasta: but fancy GUIs isn't really an ubuntu server issue09:11
RoyKmost people in here uses the commandline to do things the proper way09:12
fastaRoyK: yes, it is, because I haven't seen one.09:12
fastaRoyK: I will decide what is proper.09:12
RoyKI haven't seen God, is that an ubuntu server issue, then?09:12
ubottuUbuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command - see https://help.ubuntu.com/community/UFW | An alternative to ufw is the 'iptables' command - See https://help.ubuntu.com/community/IptablesHowTo | GUI frontends such as Gufw (GNOME) and Guarddog (KDE from Lucid onwards) also exist.09:12
fastaRoyK: server configuration, of which iptables is a part, is a nm ubuntu server problem.09:13
RoyKfasta: that's the proper ubuntu firewall09:13
fastaRoyK: that's not a serious solution.09:13
RoyKthen use iptables09:13
RoyKcase closed09:13
fastaRoyK: because I wanted to have full control over iptables.09:13
RoyKthen learn it09:13
fastaRoyK: you apparently don't get it.09:13
RoyKI do, you don't09:13
fastaRoyK: you said that fancy GUIs aren't a problem on Ubuntu server.09:13
RoyKyou don't get full control over *anything* by trusting a fancy GUI09:13
fastaRoyK: sure you can.09:13
fastaRoyK: you can read the source code for the fancy GUI.09:14
RoyKif that GUI is written well, and proper, and doesn't have too much bugs, yes09:14
fastaRoyK: which happens to be what I am looking for.09:14
RoyKbut it'll take a long time, and most people give up and use iptables instead09:14
fastaRoyK: what you are saying is that there is no fancy GUI on Ubuntu server.09:14
fastaRoyK: and that those that are there are bug ridden.09:14
RoyKfasta: so, please, either google for a fancy iptables gui, or *learn* *iptables*09:15
fastaRoyK: and thus that Ubuntu server does have a problem.09:15
* RoyK ignores fasta 09:15
fastaRoyK: lol09:15
fastaRoyK: you shouldn't start an argument with me.09:15
fastaRoyK: because, of course I Googled.09:15
fastaRoyK: you just are so ignorant that you think one google query solves all problems.09:15
fastaWhy you would think that is beyond me.09:16
* RoyK reminds himself of the phrase "Never argue with an idiot, they drag you down to their level and beat you with experience bumper sticker"09:16
fastaRoyK: you are just projecting ignorance.09:16
fastaRoyK: judging by your credentials, you are -- by far -- the idiot here.09:18
fastaRoyK: I advice you to consider who your talking to before you even consider to call someone an idiot.09:18
mardraumoh look, this guy again09:18
mardraumnew nick!09:18
=== mcclurmc_away is now known as mcclurmc
fastaI wish IRC responses were tagged with the CV immediately.09:19
fastaThen at least I could automatically ignore those responses.09:20
* mardraum popcorn09:20
nocturnfasta, you are being rude when you received help.  RoyK was more patient with you than I would be09:20
fastanocturn: I am sorry; I received _no_ help.09:21
fastanocturn: RoyK only wasted my time.09:21
fastanocturn: I have been patient with him.09:21
fastanocturn: not the other way around.09:21
fastanocturn: comprendo?09:21
nocturnHe gave you the answer, just not the one you wanted to hear.09:21
fastanocturn: no, he gave me _an_ answer.09:21
fastanocturn: initially a wrong one.09:21
nocturnfasta: 4209:21
nocturnthat's the right answer09:22
nocturnyou're welcome09:22
fastanocturn: good book09:22
fastanocturn: most people who say it, didn't read it.09:22
nocturnI read it allright, listened to the radio show too, didn't like the movie though09:22
fastanocturn: same with the exception of the radio show.09:23
fastaI like09:26
fastaI hate09:26
uvirtbotNew bug: #1031680 in nagios-plugins (main) "check_apt always report 0 critical updates" [Undecided,New] https://launchpad.net/bugs/103168009:36
RoyKsometimes those trolls come by...09:45
=== Lcawte|Away is now known as Lcawte
=== n0ts is now known as n0ts_off
=== railsraider_ is now known as railsraider
nocturnBeen trying some stuff, but no progress.  I cannot foward port 25 on a VM guest to port25 on the VM host using iptables.  Yet the same rules for port 22 on another VM do the trick...11:42
melmothsomething is already listening on port 25 on the host , and nothing was listening on port 22 ?11:44
=== Garbee_ is now known as Garbee
nocturnmelmoth: No, I checked11:49
nocturnnothing is listening on either port on the host.  And the guest respond on those ports from the host (using netcat)11:49
blizzkidlo all. Running into trouble using nut (network ups tools). Anyone knows how to cancel all timers? Doc says to remove files, but pipe is used instead of files...12:10
nocturnI needed to SNAT it too!12:26
=== dendro-afk is now known as dendrobates
zulsmoser: nova package has the persistent volume support now.13:05
adacIs it absolutely painless to install python3 via apt-get on lucid LTS?13:07
ScottKadac: It is, but it's python3.1, so there's a limit to how painless using it will be.13:17
ScottKIt also won't interfere with any python stuff.13:17
adacScottK, oh ok so it never becomes the system python13:18
Mandarkhey guys, hopin sum1 can guide me in the right direction>>13:18
ScottKDear lord no.13:18
Mandarkconfiguring multiple VirtualHosts, enabled the new site entry but what seems to be happening is its ignoring the previous virtual host entry and applying the rootdirectory to all hosts over port 80. i.e. domain1.com >> /var/www/domain1/   domain2.com >> /var/www/domain1/13:18
Mandarkhas anybody had a similar problem or heard of a resolution?13:18
=== dendrobates is now known as dendro-afk
adacScottK, hehehe13:20
adacScottK, is there also 2.7 that can be installed?13:21
ScottKNot for 10.04.13:21
ScottK12.04 has python3.2 and python2.7.13:21
ScottKIf you want 2.7 for something, it's really easier just to upgrade.13:22
xnoxok you can start a chroot.... but that would be ugly13:22
Mandarkif no other resolutions come up, it might have to b that13:23
ScottKThere are PPAs with python2.7, which, if you only need the standard library and no extensions might work if you can find one run by someone you can trust (anyone can get a PPA, so don't assume it's any different than downloading from some random site on the net).13:24
adacScottK, kk thank you so much!13:25
uvirtbotNew bug: #1030519 in perl (main) "/proc/self/exe is not necessarily correct on overlayfs" [Undecided,New] https://launchpad.net/bugs/103051913:26
adacScottK, what would be the sytem python version on 12.04?13:28
=== dendro-afk is now known as dendrobates
koolhead17zul, awake?14:00
zulkoolhead17: yep14:01
koolhead17zul, have you tried LXC with essex14:02
zulkoolhead17: yep14:02
koolhead17zul, and what all pkgs am supposed to install14:04
zulkoolhead17: the usual packages and libcgroup1-lite14:04
koolhead17because i installed some pkg i think python-nova-lxc14:04
koolhead17ooh okey so i missed this pkg libcgroup-lite14:05
zulno there isnt a package called python-nova-lxc14:05
koolhead17zul, i meant some nova pkg with lxc extension14:05
zulok if you have nova-compute-kvm and nova-compute-lxc installed then it wont work youll have to remove nova-compute-kvm14:06
koolhead17zul, so nova-compute-lxc and libcgroup-lite i hope it will download the lxc pkg along with.14:08
zulkoolhead17: and you will need to to install lxc as well14:08
koolhead17gosh zul why novaa-compute-lxc depends on lxc ? :(14:11
zulkoolhead17: it doesnt you might need stuff in there14:12
hw_junkie /window 414:13
koolhead17thanks zul !! finally 3ed day after hitting my ass all around i found the soln, will do the testing in lab tomorrow :)14:18
koolhead17will trouble you if stuck14:18
koolhead17zul, can i test play with quantum for essex?14:18
zulkoolhead17: i wouldnt14:19
koolhead17zul, so better i should wait for folsom PPA to play on 12.04 :)14:19
koolhead17adam_g, sir14:20
zulkoolhead17: yes14:20
=== MoleMan_ is now known as MoleMan
uvirtbotNew bug: #1031795 in postfix (main) "package postfix 2.9.3-2~12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/103179514:31
=== n0ts_off is now known as n0ts
pawadWho should I be talking to if my Lucid server is sending a lot of http traffic to Canonical servers in London?15:01
tgm4883pawad, I guess that would depend on what was in that traffic15:02
tgm4883or what was sending it15:02
pawadSo far it looks like apt-gets, but that might be actual updates I was running on the weekend. I'm talking 1.5GB+ over 4 days15:03
zulsmoser: ping15:06
tgm4883pawad, is that just for one computer?15:06
zulsmoser: can you change the maintainer of ec2-api-tools to scott moserk please? so i dont get upload notifications15:07
smoseri will chnage in the packaging branch that i have.15:07
pawadtcpdump from a Lucid server on Rackspace. HTTP traffic only between 2012-07-28 to this morning.15:07
zulsmoser: cool...because obviously im not the maintainer anymore as well :)15:08
smoserMaintainer: Ubuntu Developersk <ubuntu-devel-discuss@lists.ubuntu.com>15:08
smoserdoes that look good?15:08
tgm4883pawad, have you tried using something like nethogs to see what it is?15:10
tgm4883what is sending the data I mean15:10
zulpawad: you might want to talk to rackspace then15:11
pawadI have the dump file loaded in Wireshark.15:11
pawadIt's unmanaged server. they've given me the suggestions they can. But they wont do much more then that without a support contract.15:12
apwcan anyone remind me where the 'update only to the next LTS' flag is for a server15:14
seicherlbobhi there! I've had a failed harddisk in a raid1. now i got a new drive of equal size, but this one has 4K blocksize (the old one had 512B). Is it possible to add the new drive to the array or will this crash my data?15:23
=== JanC_ is now known as JanC
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
Kingsyguys, I have just installed xcache via a cpanel.. and now I need to change some of the values in its ini file.. how do I find it? I have no idea where the cpanel has installed it too..15:52
=== n0ts is now known as n0ts_off
Kingsynm really stupid question16:01
r3dLunchb0x_anyone know why on ubuntu 11.04 server, landscape-sysinfo presents incorrect info when you login?16:08
=== cpg|away is now known as cpg
danielsh`the download instructions don't link to the md5 or pgp of the iso files16:30
danielsh`any reason for that ?16:30
ubottuSee http://mirror.anl.gov/pub/ubuntu-iso/CDs/12.04/MD5SUMS for the md5sums of the latest Ubuntu release16:31
danielsh`err, thanks, that was my next questino16:32
danielsh`it would be nice if the download page actually linked to them16:33
danielsh`some of the people who download ubuntu actually care about checking md5's16:34
osmosiswhat partition is /dev/mapper/me-swap_1  attached too?  when I use cfdisk, i dont see a swap partitions. I am using a LUKS encrypted volume.16:47
=== cpg is now known as cpg|away
=== matsubara is now known as matsubara-afk
=== Aaton_off is now known as Aaton
=== cpg|away is now known as cpg
osmosisif installed with full disk encryption...is the swap partition encrypted as well?17:20
babbioHi guys….I need your help…I need my pc to automatically connect to my home wifi connection at boot (also without login) so that I can ssh into my server and have an active connection…I read a lot of doc on how to modify the /etc/network/interfaces but at the reboot I have no internet connection17:30
axisyscan I add more than one port in the ufw/application.d/myapp ?17:44
axisysor do I need myapp-port-x myapp-port-y .. blah ?17:45
axisysand add a new port number for each17:45
axisysi need to have multiple tacacs+ server instance running on different ports17:45
roaksoaxadam_g: what was the bug# for the nova-network lock thingy?17:57
=== mcclurmc is now known as mcclurmc_away
jdstrandaxisys: you can add more than one. Eg: ports=5353/udp|529818:14
adam_groaksoax: one sec18:23
adam_groaksoax: https://review.openstack.org/#/c/10321/18:24
roaksoaxadam_g: thanks18:24
adam_groaksoax:  ppa:openstack-ubuntu-testing/essex-stable-testing should have a nova package built with that commit included, you can set 'nova-release' in the charm config to that ppa and it will install from there18:29
roaksoaxadam_g: arrgh.. can't seems to reproduce being able to access the instances using its private IP from "outside"18:33
roaksoaxahh daaah never mind :)18:36
=== ReTFEF is now known as TheTFEF
r3dLunchb0x_is there a nagios expert here?19:01
=== cpg is now known as cpg|away
SpamapSadam_g: ping, just accepted your openvswitch FTBFS fix (no bug to notify you on ;)19:21
adam_gSpamapS: cool. i noticed verification-done on the bug, im assuming the non-FTBFS archs from the original upload made it to -proposed?19:26
SpamapSadam_g: yeah, FTBFS of one arch does not affect the others for publishing19:29
adam_gSpamapS: is that true of all archs? im getting openssl armhf failures now :)19:33
SpamapSadam_g: the binaries will get published as they build. We just won't copy them to -updates until all arches pass19:35
adam_gSpamapS: ah, gotcha19:35
SpamapSadam_g: but in the openvswitch case.. it was FTBFS for the release too.. so I care even less. ;)19:35
=== zyga is now known as zyga-afk
LordOfTimeSpamapS:  still around?20:57
LordOfTimeSpamapS:  the debdiff was uploaded to LP Bug 1014044, and I subscribed the sponsors team accordingly.  My internet died shortly later, so I didnt get to subscribe sponsors to the other bug (LP BUg 1006738), but i mentioned in 1014044 that they'd have to review 1006738 as well21:08
uvirtbotLaunchpad bug 1014044 in php5 "PHP5-FPM not reporting errors to web server (nginx)" [Medium,In progress] https://launchpad.net/bugs/101404421:08
uvirtbotLaunchpad bug 1006738 in php5 "php5-fpm segfaults with error 4 in libc-2.15.so" [High,In progress] https://launchpad.net/bugs/100673821:08
LordOfTimein case you;d like to do the actual sponsoring... :P21:08
=== dendrobates is now known as dendro-afk
=== LordOfTime is now known as TheLordOfTime
SpamapSTheLordOfTime: I'll take a look later21:32
TheLordOfTimeSpamapS:  cool, just one question21:32
TheLordOfTimeshoudl i subscribe the sponsors team to the other bug where i did not upload the debdiff to?21:32
SpamapSTheLordOfTime: no, one bug for one upload is fine. :)21:33
TheLordOfTimeoh damn, i forgot to put the SRU template on the segfault bug21:33
SpamapSadam_g: https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.4 ... looks like that patch needs some tweaking to be non-x86-friendly21:53
adam_gSpamapS: ya, i saw21:58
=== cpg|away is now known as cpg
shodan45I have an empty file named (literally) /var/log/mail.* on a freshly imaged 12.04 VM.... wtf?22:21
dannfis the code for building maas ephemeral images available?22:22
r3dLunchb0x_anyone here know anything about nagios 3.3.1 for ubuntu?22:44
slicslakwhat should i install for java these days?  standing up a solr server23:15
=== n0ts_off is now known as n0ts
slicslaklooks like openjdk should be fine.23:18
=== Lcawte is now known as Lcawte|Away
=== n0ts is now known as n0ts_off

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!