/srv/irclogs.ubuntu.com/2012/08/24/#ubuntu-server.txt

=== nick is now known as Guest90392
=== tuv0k is now known as darthanubis
=== cpg\|away is now known as cpg
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
=== dendrobates is now known as dendro-afk
=== dendro-afk is now known as dendrobates
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
=== chilicui1 is now known as chilicuil
=== n0ts_off is now known as n0ts
paradizelost	hey all, i'm trying to get x11vnc running on :0 through xinetd, any recommendations?	03:29
paradizelost	everything i'm finding wants me to install lightdm or gdm	03:30
paradizelost	!x11vnc	03:31
lickalott	Gents, trying to mount an NFS share from my ubuntu server to a windows 7 laptop. Installed the M$ NFS client add-on but can't seem to get it to mount. Anyone have any experience with this? google is failing me.	03:41
=== cpg is now known as cpg\|away
lickalott	btw: i get "Error connecting to NFS WMI provider" when trying to use the NFS interface that comes with MS	03:44
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
brianp1992	how do i use swat to config samba so i can share my /media/share as a windows share i can acess anywhere on my network	04:22
=== cpg\|away is now known as cpg
Portaljacker	hi, i need some help with apache and ftp	04:55
Portaljacker	i installed lamp using task-sel when root was my only user, now i have a user in the admin group and when i use ftp and navigate to /var/www i can't add files or change the permissions	04:55
ffunenga	root was your only user? are you using ubuntu server 12.04?	04:57
Portaljacker	yes	04:57
Portaljacker	i have a vps	04:58
Portaljacker	not only user	04:58
Portaljacker	it had the other default ones	04:58
Portaljacker	i made the user portaljacker and put it in the admin group pretty quickly	04:58
Portaljacker	had to create the admin group then enable sudo priviledges	04:59
Portaljacker	but i did it	04:59
ffunenga	have you tried adding portaljacker to the sudo group?	05:01
Portaljacker	it is	05:01
Portaljacker	i sudo often :P	05:01
Portaljacker	root seems to be the owner of www	05:02
KM0201	well, sudo'ing when not necessary is just as bad as running everything as root	05:02
=== n0ts_off is now known as n0ts
Portaljacker	i know	05:03
Portaljacker	but when i go in on ftp i can't upload to the www folder	05:03
Portaljacker	which i sort of need to do to edit a website	05:03
Portaljacker	or even put one up	05:03
Portaljacker	i was told in #ubuntu that www-data becomes the owner when it runs and accesses www?	05:04
Portaljacker	does that mean i need to add the user i log in to ftp with into the www-data group?	05:04
ffunenga	I dont think thats the right way... how are the permissions in the "ls -l /var/www"	05:05
Portaljacker	-rw-r--r-- 1 root root 237 Aug 24 02:40 index.html	05:07
Portaljacker	but i had to create that file with sudo	05:07
Portaljacker	no other way	05:07
ffunenga	actualy, I think I would try something like "chown -R portaljacker:portaljacker /var/www" and then from there give permissions to the group	05:08
Portaljacker	portaljacker@yuki:~$ ls -l /var \| grep www drwxr-xr-x 2 root root 4096 Aug 24 03:24 www	05:08
Portaljacker	portaljacker@yuki:~$ ls -l /var \| grep wwwdrwxr-xr-x 2 root root 4096 Aug 24 03:24 www	05:08
Portaljacker	portaljacker@yuki:~$ ls -l /var \| grep wwwdrwxr-xr-x2 root root 4096 Aug 24 03:24 www	05:08
Portaljacker	derp	05:08
Portaljacker	portaljacker@yuki:~$ ls -l /var \| grep www drwxr-xr-x	05:08
Portaljacker	2 root root 4096 Aug 24 03:24 www	05:09
Portaljacker	whoops	05:09
Portaljacker	the line split is after grep www	05:09
=== n0ts is now known as n0ts_off
ffunenga	maybe something like: "chown -R portaljacker:admin /var/www ; chmod g+rxw /var/www"	05:13
Portaljacker	what does the first part do exactly? i know the second part sets the permissions of the group to rxw	05:14
ffunenga	the first part changes the owner and group of the directory . maybe you should try the second command, then try the ftp upload, then the first command	05:18
Portaljacker	the group in the second command is the group of the current user? or the owner of the directory?	05:20
Portaljacker	did the second command then logged in on ftp and could not create a directory	05:21
ffunenga	ok wait	05:22
ffunenga	now you have "ls -l /var/www" -> drwxrwxr-x	05:22
Portaljacker	yes, shows that in the ftp client	05:23
Portaljacker	that command doesn't give that output	05:24
Portaljacker	it shows the permissions of the files in www	05:24
Portaljacker	but not of www	05:24
ffunenga	I'm not sure about this but, try "sudo useradd -G www-data portaljacker"	05:24
Portaljacker	that adds portaljacker to www-data?	05:24
ffunenga	yes, that adds your user to that group	05:24
ffunenga	wich is the group any webserver uses to access /var/www	05:25
Portaljacker	useradd: user 'portaljacker' already exists	05:25
Portaljacker	i think i'll just use webmin to add portaljacker to the group	05:26
Portaljacker	nope	05:27
Portaljacker	couldn't create the directory with ftp	05:27
Portaljacker	so now what?	05:29
ffunenga	maybe you should create a folder in your home folder	05:30
ffunenga	and tell apache to publish from folder	05:31
ffunenga	(that apache's config is made at /etc/apache2/...)	05:31
ffunenga	btw, do not forget to reverse the permissions "chmod g-w /var/www"	05:32
=== n0ts_off is now known as n0ts
Portaljacker	i guess i could just do that first part	05:32
Portaljacker	making my user the owner of the folder?	05:33
=== user is now known as anotheruser
Portaljacker	or i could log into ftp as root, what's the worst that could...i can't finish that sentence without imagining my server as a pile of ashes	05:34
anotheruser	+1 for ffunenga solution	05:34
Portaljacker	ya but there should be a way for it to work from www	05:34
Portaljacker	that's how it's made to work in the first place	05:34
Portaljacker	i'm not the first to ever do this	05:35
Portaljacker	it's not exactly extraordinary to put your website in /var/www	05:35
anotheruser	i missed the beginning of the question, but as soon as you want to host several websites, for several users, better to put them in the home folder of said users	05:36
Portaljacker	which is why i'm wondering why it's so damned hard to upload a file into that folder via ftp	05:36
ffunenga	have you thought about using ssh?	05:37
Portaljacker	i do	05:37
anotheruser	sftp?	05:37
Portaljacker	this doesn't eliminate the root issue	05:37
Portaljacker	root owns that folder	05:37
Portaljacker	which is apparently good	05:37
anotheruser	if you just give the whole var/www folder to www-data, and log in as www-data, should work probably	05:37
Portaljacker	but that means i can't edit files without root access	05:38
Portaljacker	it should	05:38
Portaljacker	but i've heard that it's bad :P	05:38
Portaljacker	one sec	05:38
Portaljacker	http://serverfault.com/questions/69685/what-user-should-own-var-www-on-ubuntu-9-04-server	05:38
anotheruser	well	05:39
anotheruser	that's true	05:39
anotheruser	but then , you can just give the folder to any user you create	05:39
anotheruser	as long as it's not root, it won't be a security issue	05:39
Portaljacker	that answer says to make the owner root:newgroup	05:40
Portaljacker	and add the users that need access to that group	05:40
anotheruser	i still prefer ffunenga solution, anyway :p	05:41
Portaljacker	of making a whole different folder?	05:41
anotheruser	Portaljacker, if you make root::newgroup	05:41
anotheruser	you have to change permissions too	05:41
=== n0ts is now known as n0ts_off
anotheruser	(what are the current permissions on your /var/www ?)	05:42
Portaljacker	755	05:42
anotheruser	so of course you can't create anything as the group	05:42
anotheruser	(5 is rx, you need the write too)	05:43
Portaljacker	so only the direct owner can write unless it's 775	05:43
anotheruser	yes	05:43
Portaljacker	so i guess i should make portaljacker:admin the owner and get it over with :P	05:44
ffunenga	yes. "chmod 775 /var/www ; chown -R root:newgroup /var/www"	05:44
Portaljacker	though i guess there's no downside to 775 over 755?	05:44
anotheruser	it just means that the group can write	05:44
anotheruser	if you trust all the users in the group, no problem	05:45
Portaljacker	and if i limit the group to one user (+root of course) it's not much of an issue?	05:45
anotheruser	yes, no problem at all then	05:45
Portaljacker	ok	05:45
Portaljacker	well, now i can finally set up wordpress XD	05:45
Portaljacker	root is always in every group right?	05:46
ffunenga	no	05:48
Portaljacker	woot, blog subfolder successfully created!	05:48
Portaljacker	?	05:48
ffunenga	check "id root"	05:49
ffunenga	nice ! :) lol	05:49
Portaljacker	so root is part of only root	05:49
Portaljacker	?	05:49
Portaljacker	but then why can i say root:newgroup without adding root to the group?	05:49
anotheruser	btw, since you weretalking about the effects of potential security flaws	05:51
anotheruser	one additional advantage of using custom folders for your website is that an attacker can't predict the path of your files on the server	05:51
ffunenga	Good question... I guess the owner and the group of the files are independent. I'm checking that hypothesis now	05:52
anotheruser	i mean, if for some reason the attacker gets the possibility to read a file (as it happened to my server yesterday thanks to phpmyadmin)	05:52
anotheruser	then he just has to open /var/www/config.php or some other sensible file and it's over	05:52
Portaljacker	how did he get to the point of being able to see the file?	05:53
anotheruser	if the file is in /home/myuser132424/my_strange_var_www_folder/config.php, it's harder to get	05:53
anotheruser	well, 4 security flaws in phpmyadmin that aren't fixed in ubuntu 10.04 LTS package...	05:54
Portaljacker	lovely	05:56
Portaljacker	so he could see your filesystem?	05:57
=== lifeless_ is now known as lifeless
Portaljacker	couldn't he just search your file tree at that point for config.php?	05:58
anotheruser	just search	05:59
anotheruser	he couldn't see the filesystem	05:59
anotheruser	it's actually funny to see in the logs all the files that he tried to read at random	05:59
Portaljacker	so he basically had to guess your filesystem	06:01
Portaljacker	lol	06:01
Portaljacker	i get the point	06:01
Portaljacker	i could always be crazy and make my www folder a git repo	06:02
Portaljacker	then i could just blow away the whole thing with a reclone	06:02
anotheruser	i'm not sure what exactly a git repo involves	06:04
Portaljacker	it saves all the changes you've made since the last commit	06:05
anotheruser	but don't do anything that leaves files such as CVS folder or .svn files in your website folder	06:05
Portaljacker	oh ya	06:05
Portaljacker	....	06:05
Portaljacker	same idea	06:05
anotheruser	that would be a huge security issue :p	06:05
Portaljacker	it would	06:05
Portaljacker	but then again	06:05
Portaljacker	they need my rsa password to affect the remote repo	06:06
anotheruser	i don't know how it works for git, but for cvs i think, i once saw a website that could be hacked in a few seconds because of that....	06:06
Portaljacker	well apparently the .cvs and .svn folders hold passwords	06:07
Portaljacker	but in git i always set it to use an rsa key to authenticate	06:07
anotheruser	still i don't think it's a good idea	06:08
Portaljacker	probably not	06:08
anotheruser	use a git repo for your website, and then do a checkout or whatever to get the working copy of the website	06:08
Portaljacker	ya	06:09
Portaljacker	like have the reop elsewhere	06:09
Portaljacker	and copy it into www	06:09
Portaljacker	repo	06:09
Portaljacker	and just copy everything but the .git folder	06:09
Portaljacker	heck i could do it over ftp	06:09
Portaljacker	though it would be slower	06:09
anotheruser	yeah something like that	06:09
Portaljacker	anyway, it's a bit late and i'm getting tired	06:10
Portaljacker	i guess i'll be installing wordpress later :P	06:10
anotheruser	careful with wordpress too	06:11
anotheruser	especially custom themes etc.	06:11
anotheruser	keep it well up to date and only use trusted sources	06:11
Portaljacker	i intend to do so	06:14
Portaljacker	thanks	06:14
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
=== Guest83481 is now known as jussi
=== dendrobates is now known as dendro-afk
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
Stapper	Hi I have some Questions regarding NFS... I now use samba to share, but i only have *nix machines is it better to switch to NFS?	08:02
dax_roc	Morning all	08:23
dax_roc	What would cause an upgrade from 11.10 to 12.04 to become unresponsive, it continues to run just all tasks seem to freeze for about 30 - 40 seconds at times ?	08:24
dax_roc	It's not a hardware issue as it's the same symptoms on 3 different servers.	08:25
progre55	hi guys. I was doing and apt-get update on one of my servers, and getting "invoke-rc.d: initscript resolvconf, action "start" failed. dpkg: error processing resolvconf (--configure): subprocess installed post-installation script returned error exit status 1"	09:12
progre55	doing a google search shows some bugs with the same errors, but a bit unrelated	09:12
uvirtbot	New bug: #973243 in keystone "deleting tenants or users does not clean up metadata" [Undecided,Confirmed] https://launchpad.net/bugs/973243	09:19
uvirtbot	New bug: #974199 in keystone "deleting a tenant does not cleanup its user associations" [Undecided,Confirmed] https://launchpad.net/bugs/974199	09:19
uvirtbot	New bug: #978130 in glance "multiprocess glance-api failed to exit when stopped by ctrl+c" [Undecided,Confirmed] https://launchpad.net/bugs/978130	09:19
uvirtbot	New bug: #978610 in glance "/usr/bin/glance's built-in pager breaks redirection" [Undecided,Confirmed] https://launchpad.net/bugs/978610	09:19
uvirtbot	New bug: #983800 in keystone "TokenNotFound not raised in testsuite because of timezone issues" [Undecided,Confirmed] https://launchpad.net/bugs/983800	09:19
uvirtbot	New bug: #988920 in keystone "Token authentication for a user in a disabled tenant does not raise Unauthorized error" [Undecided,Confirmed] https://launchpad.net/bugs/988920	09:19
uvirtbot	New bug: #994936 in keystone "export_legacy_catalog doesn't convert url names correctly" [Undecided,Confirmed] https://launchpad.net/bugs/994936	09:19
uvirtbot	New bug: #996595 in keystone "Following a password compromise and subsequent password change, tokens remain valid." [Undecided,Confirmed] https://launchpad.net/bugs/996595	09:19
uvirtbot	New bug: #997194 in keystone "Tokens remain valid after a user account is disabled" [Undecided,Confirmed] https://launchpad.net/bugs/997194	09:19
uvirtbot	New bug: #997565 in glance "glance add command - incorrect help text" [Undecided,Confirmed] https://launchpad.net/bugs/997565	09:19
uvirtbot	New bug: #997669 in horizon "When adding ICMP rule, the type/code is being validated as from/to ports" [Undecided,Confirmed] https://launchpad.net/bugs/997669	09:19
uvirtbot	New bug: #1007093 in glance "glance add uploads a double image if using ssl and images is smaller the 4k" [Undecided,Confirmed] https://launchpad.net/bugs/1007093	09:19
uvirtbot	New bug: #1010560 in glance "response.environ is None; instance fails to spawn" [Undecided,Confirmed] https://launchpad.net/bugs/1010560	09:19
uvirtbot	New bug: #1012268 in glance "exception.BadStoreUri exposes sensitive information to end users" [Undecided,Confirmed] https://launchpad.net/bugs/1012268	09:19
uvirtbot	New bug: #1012381 in keystone "Memcache token backend eventually stops working" [Undecided,Confirmed] https://launchpad.net/bugs/1012381	09:20
uvirtbot	New bug: #1012752 in glance "glance-cache.conf needs metadata encryption key" [Undecided,Confirmed] https://launchpad.net/bugs/1012752	09:20
uvirtbot	New bug: #1016056 in keystone "EC2 credentials not migrated from legacy (diablo) database" [Undecided,Confirmed] https://launchpad.net/bugs/1016056	09:20
uvirtbot	New bug: #1022369 in glance "Glance scrubber date formatting fails w/ Postgres" [Undecided,Confirmed] https://launchpad.net/bugs/1022369	09:20
uvirtbot	New bug: #1041070 in bridge-utils (main) "802.3ad bond interface have show high RX dropped packets" [Undecided,New] https://launchpad.net/bugs/1041070	09:20
uvirtbot	New bug: #992447 in juju "Communication with store.juju.ubuntu.com is not authenticated" [Critical,In progress] https://launchpad.net/bugs/992447	09:20
uvirtbot	New bug: #1018246 in glance "image.upload notification doesn't report size" [Undecided,Confirmed] https://launchpad.net/bugs/1018246	09:20
uvirtbot	New bug: #1021054 in glance "Admins should be able to share image regardless of ownership" [Undecided,Confirmed] https://launchpad.net/bugs/1021054	09:20
uvirtbot	New bug: #1025353 in glance "Support zero-size image creation" [Undecided,Confirmed] https://launchpad.net/bugs/1025353	09:20
uvirtbot	New bug: #1028433 in glance "Image id not contained in swift chunk debug message" [Undecided,Confirmed] https://launchpad.net/bugs/1028433	09:20
uvirtbot	New bug: #1032314 in glance "qpid_heartbeat setting in ineffective" [Undecided,Confirmed] https://launchpad.net/bugs/1032314	09:21
uvirtbot	New bug: #1040800 in asterisk (universe) "res_config_sqlite should be ported to sqlite3" [Wishlist,Confirmed] https://launchpad.net/bugs/1040800	09:21
uvirtbot	New bug: #1040846 in autofs5 (main) "Missing content in /etc/nsswitch.conf causes failure" [Undecided,New] https://launchpad.net/bugs/1040846	09:21
uvirtbot	New bug: #995079 in nova (main) "Internal server error when accessing nova/instances_and_volumes/ via horizon" [Undecided,Confirmed] https://launchpad.net/bugs/995079	09:21
uvirtbot	New bug: #1040586 in whois (main) "Cyrillic characters shown with wrong encoding" [Undecided,New] https://launchpad.net/bugs/1040586	09:22
uvirtbot	New bug: #1040682 in ipmitool (universe) "[MIR] ipmitool" [Undecided,New] https://launchpad.net/bugs/1040682	09:22
uvirtbot	New bug: #1006815 in keystone/essex "Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token" [Critical,Fix released] https://launchpad.net/bugs/1006815	09:23
uvirtbot	New bug: #1040212 in php5 "PHP CGI configuration fundamentally changed" [Undecided,Fix released] https://launchpad.net/bugs/1040212	09:23
uvirtbot	New bug: #1040475 in maas (main) "maas depends on a broken version of python-tx-tftp" [Undecided,New] https://launchpad.net/bugs/1040475	09:23
uvirtbot	New bug: #1040588 in squid3 (main) "squid3.HEAD (20120823-r12295) "WARNING: ICAP Max-Connections limit exceeded" bug" [Undecided,New] https://launchpad.net/bugs/1040588	09:23
uvirtbot	New bug: #1039456 in quota (main) "Can't turn quotas on" [Undecided,Invalid] https://launchpad.net/bugs/1039456	09:24
uvirtbot	New bug: #1039871 in Ubuntu Quantal "[needs-packaging] oprofile 0.9.7" [High,Confirmed] https://launchpad.net/bugs/1039871	09:24
uvirtbot	New bug: #1040274 in spamassassin (main) "Merge spamassassin 3.3.2-4 (main) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/1040274	09:24
uvirtbot	New bug: #1023412 in python3-chardet (main) "[MIR] python3-chardet" [Undecided,Fix released] https://launchpad.net/bugs/1023412	09:25
uvirtbot	New bug: #1040177 in openldap (main) "slapd install fails when requesting to 'Omit OpenLDAP server configuration"" [Undecided,New] https://launchpad.net/bugs/1040177	09:25
uvirtbot	New bug: #1014235 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: подпроцесс установлен сценарий post-installation возвратил код ошибки 1" [Undecided,Expired] https://launchpad.net/bugs/1014235	09:26
uvirtbot	New bug: #1031747 in python-django-openstack-auth (main) "[MIR] python-django-openstack-auth" [Undecided,Fix released] https://launchpad.net/bugs/1031747	09:26
uvirtbot	New bug: #1039554 in cyrus-sasl2 (main) "Please re-enable PIE" [High,Fix released] https://launchpad.net/bugs/1039554	09:26
uvirtbot	New bug: #1039597 in openbsd-inetd (main) "Please re-enable PIE and BIND_NOW" [High,Fix released] https://launchpad.net/bugs/1039597	09:26
uvirtbot	New bug: #1040139 in keystone (main) "keystone upgrade fails due to mysql not being available" [Undecided,New] https://launchpad.net/bugs/1040139	09:26
eutheria	i think i need a quick and dirty imap server to send test emails to, which would you guys recommend to use?	09:26
uvirtbot	New bug: #1028453 in ubuntu-meta (main) "Quantal Ubuntu Server minimal install oversized" [High,Confirmed] https://launchpad.net/bugs/1028453	09:28
uvirtbot	New bug: #1039542 in asterisk (universe) "Please re-enable PIE and BIND_NOW" [High,Triaged] https://launchpad.net/bugs/1039542	09:28
uvirtbot	New bug: #1039593 in squid3 (main) "squid3 lost compiler hardening options in last update, but shouldn't have" [Undecided,Invalid] https://launchpad.net/bugs/1039593	09:28
uvirtbot	New bug: #1039627 in etckeeper (main) "etckeeper init with git gives error" [Undecided,New] https://launchpad.net/bugs/1039627	09:28
uvirtbot	New bug: #1039470 in openssh (main) "'man sftp' shows a wrong creation date" [Undecided,New] https://launchpad.net/bugs/1039470	09:29
uvirtbot	New bug: #977007 in nova/essex "instance live migration should create virtual_size disk image" [Low,Fix released] https://launchpad.net/bugs/977007	09:30
uvirtbot	New bug: #1017418 in nova "NoMoreFloatingIps: Zero floating ips available after repeatedly creating and destroying instances over time" [Undecided,Confirmed] https://launchpad.net/bugs/1017418	09:30
uvirtbot	New bug: #1018586 in nova "cleanup_file_locks does not remove stale sentinel files" [Undecided,Confirmed] https://launchpad.net/bugs/1018586	09:30
uvirtbot	New bug: #1018721 in nova "Launching with source groups under load produces lazy load error" [Undecided,Confirmed] https://launchpad.net/bugs/1018721	09:31
uvirtbot	New bug: #1021340 in nova "Race condition in network/deallocate_for_instance() leads to security issue" [Undecided,Confirmed] https://launchpad.net/bugs/1021340	09:31
uvirtbot	New bug: #1021352 in nova "Deallocation of fixed IP occurs before security group refresh – leading to potential security issue in error / race conditions" [Undecided,Confirmed] https://launchpad.net/bugs/1021352	09:31
uvirtbot	New bug: #1021373 in nova "[nova][volumes] Exceeding volumes, gigabytes and floating_ips quotas returns general uninformative HTTP 500 error" [Undecided,Confirmed] https://launchpad.net/bugs/1021373	09:31
uvirtbot	New bug: #1027105 in nova "Restarting nova-compute removes ip packet filters" [Undecided,Confirmed] https://launchpad.net/bugs/1027105	09:31
uvirtbot	New bug: #1027984 in nova "nova testsuite errors on newer versions of python-boto (e.g. 2.5.2)" [Undecided,Confirmed] https://launchpad.net/bugs/1027984	09:31
uvirtbot	New bug: #1029463 in nova "Libvirt driver reports incorrect error when volume-detach fails" [Undecided,Confirmed] https://launchpad.net/bugs/1029463	09:31
uvirtbot	New bug: #1030430 in nova "qpid_heartbeat setting in ineffective" [Undecided,Confirmed] https://launchpad.net/bugs/1030430	09:31
uvirtbot	New bug: #1031311 in nova "CVE-2012-3361 not fully addressed" [Undecided,Confirmed] https://launchpad.net/bugs/1031311	09:31
uvirtbot	New bug: #1033178 in nova "pycrypto is unused and the existing code is potentially insecure to use" [Undecided,Confirmed] https://launchpad.net/bugs/1033178	09:31
uvirtbot	New bug: #1036902 in nova "Block storage connections are NOT restored on system reboot" [Undecided,Confirmed] https://launchpad.net/bugs/1036902	09:31
uvirtbot	New bug: #1039420 in ntp (main) "NTP security vulnerability because not using authentication by default" [Undecided,New] https://launchpad.net/bugs/1039420	09:31
uvirtbot	New bug: #956096 in nova "Listing flavors with marker set returns 400" [Undecided,Confirmed] https://launchpad.net/bugs/956096	09:32
uvirtbot	New bug: #971621 in nova "nova delete lxc-instance umounts the wrong rootfs" [Undecided,Confirmed] https://launchpad.net/bugs/971621	09:32
uvirtbot	New bug: #994935 in nova "Deleting Flavor currently in use by instance creates error" [Undecided,Confirmed] https://launchpad.net/bugs/994935	09:32
uvirtbot	New bug: #1013689 in nova "cannot umount guestfs " [Undecided,Confirmed] https://launchpad.net/bugs/1013689	09:32
uvirtbot	New bug: #1016273 in nova "ram_allocation_ratio does not work" [Undecided,Confirmed] https://launchpad.net/bugs/1016273	09:32
uvirtbot	New bug: #1017795 in nova "scheduler hang (DOS) possible with DifferentHostFilter/SameHostFilter " [Undecided,Confirmed] https://launchpad.net/bugs/1017795	09:32
uvirtbot	New bug: #1020634 in nova "[nova][volumes] Exceeding volumes quotas logs "VolumeSizeTooLarge" instead of "VolumeLimitExceeded" " [Undecided,Confirmed] https://launchpad.net/bugs/1020634	09:32
uvirtbot	New bug: #1022036 in nova "metadata injection is broken in xen" [Undecided,Confirmed] https://launchpad.net/bugs/1022036	09:32
uvirtbot	New bug: #1006664 in nova "euca-describe-keypair NonExistent returns 200" [Undecided,Confirmed] https://launchpad.net/bugs/1006664	09:33
uvirtbot	New bug: #1007573 in nova "affinity filters don't work if scheduler_hints is None" [Undecided,Confirmed] https://launchpad.net/bugs/1007573	09:33
uvirtbot	New bug: #1012374 in nova "impl_qpid doesn't ACK messages" [Undecided,Confirmed] https://launchpad.net/bugs/1012374	09:33
uvirtbot	New bug: #1013147 in nova "nova-rootwrap hardcodes paths instead of using /sbin:/usr/sbin:/usr/bin:/bin" [Wishlist,Confirmed] https://launchpad.net/bugs/1013147	09:33
uvirtbot	New bug: #1014769 in nova "NoMoreFixedIps: Zero fixed ips available. Nova seems leaking them." [Undecided,Confirmed] https://launchpad.net/bugs/1014769	09:33
uvirtbot	New bug: #1015531 in nova "Remote arbitrary file corruption / creation flaw via injected files" [Undecided,Confirmed] https://launchpad.net/bugs/1015531	09:33
uvirtbot	New bug: #986922 in nova "Call to network_get_all_by_uuids missing 'db'" [Undecided,Confirmed] https://launchpad.net/bugs/986922	09:34
uvirtbot	New bug: #992805 in nova "test_get_console_output_file requires sudo NOPASSWD" [Undecided,Confirmed] https://launchpad.net/bugs/992805	09:34
uvirtbot	New bug: #997763 in nova "floating ips are not disassociated from instances on deletion" [Undecided,Confirmed] https://launchpad.net/bugs/997763	09:34
uvirtbot	New bug: #999698 in nova "qpid timeout causing compute service to crash" [Undecided,Confirmed] https://launchpad.net/bugs/999698	09:34
uvirtbot	New bug: #1000853 in nova "Restarting nova-network removes ip packet filters " [Undecided,Confirmed] https://launchpad.net/bugs/1000853	09:34
uvirtbot	New bug: #1004298 in nova "not able to get host total memory in xen with libvirt" [Undecided,Confirmed] https://launchpad.net/bugs/1004298	09:34
uvirtbot	New bug: #985162 in nova "Firewall rules from nova-compute are not refreshed after host reboot" [Undecided,Confirmed] https://launchpad.net/bugs/985162	09:35
uvirtbot	New bug: #985184 in nova "Security groups fail to be set correctly if incorrect case is used for protocol specification" [Undecided,Confirmed] https://launchpad.net/bugs/985184	09:35
* _ruben slaps uvirtbot		09:35
soren	Yikes!	09:36
soren	That's a lot of new bugs :)	09:36
_ruben	I propose we just ditch nova, it's bug-ridden apparently! :)	09:37
* soren admits the mail host backing uvirtbot may have had a couple of rough days and is catching up.		09:37
progre55	so guys, any advice with resolvconf, please? I'm getting getting "invoke-rc.d: initscript resolvconf, action "start" failed. dpkg: error processing resolvconf (--configure): subprocess installed post-installation script returned error exit status 1" while doing an apt-get update	09:47
_ruben	i'm guessing apt-get upgrade instead of apt-get update?	09:50
progre55	oh yeah, upgrade	09:51
progre55	and now the packages resolvconf is marked as crashed, and doing "apt-get -f install" throws the same error	09:52
progre55	here http://pastie.org/4579589	09:53
uvirtbot	New bug: #1041120 in nova (main) "Meta bug for tracking Openstack Stable Updates" [Undecided,New] https://launchpad.net/bugs/1041120	09:56
=== n0ts_off is now known as n0ts
=== cpg is now known as cpg\|away
=== mcclurmc_away is now known as mcclurmc
uvirtbot	New bug: #997700 in keystone "LDAP should not check username on "sn" field" [Undecided,Confirmed] https://launchpad.net/bugs/997700	10:51
uvirtbot	New bug: #1035428 in keystone "authenticate in ldap backend doesn't return a list of roles" [Medium,In progress] https://launchpad.net/bugs/1035428	10:51
woozly	guys, how to change language for console info and other?	11:25
woozly	Error messages, Info messages..	11:25
reisi	woozly: see LANG, LC_ALL etc variables, locale (1)	11:28
woozly	reisi: thank you!	11:28
reisi	woozly: also there are language-pack-* packages	11:29
woozly	reisi: great! Thank you man!	11:29
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
patdk-lap	I can't believe how many people install stuff from my ppa, then email complaints	11:44
xnox	patdk-lap: i named my ppa "Danger do not use" and the email spam dropped off	11:45
greppy	xnox: did usage drop off as well?	11:46
xnox	greppy: that is irrelevant, I'm not paying the bandwidth =)	11:46
woozly	guys, where iptables config? I need to add rule to it	11:58
woozly	:/	11:58
=== n0ts is now known as n0ts_off
woozly	or it disabled by default?	11:59
patdk-lap	it doesn't exist by default	12:00
patdk-lap	ufw exists, but disabled	12:00
woozly	oh... okay thanks!	12:01
=== n0ts_off is now known as n0ts
=== dendro-afk is now known as dendrobates
=== irvie is now known as irv
=== n0ts is now known as n0ts_off
KrizTmarK	hello any1 familiar to vpn	13:09
rbasak	!anyone \| KrizTmarK	13:13
ubottu	KrizTmarK: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.	13:13
KrizTmarK	does any1 know the folder which the kernel on ubuntu is stored	13:38
genii-around	KrizTmarK: Usually in /boot	13:40
uvirtbot	New bug: #1006822 in keystone "API（v2.0/OS-KSADM/services，v2.0/OS-KSADM/services/{service_id}）doesn't validate token" [Undecided,Confirmed] https://launchpad.net/bugs/1006822	13:42
banyantree	Hey Guys =)	13:46
banyantree	i want to set up an email server. i need to set the ptr entry	13:47
banyantree	mx entry is already set	13:47
banyantree	does anybody know how to do this?	13:47
aheu	I maybe totally wrong but banyantree is this what you need -https://help.ubuntu.com/community/BIND9ServerHowto#Reverse_Zone_File	13:50
banyantree	thx i will read it now	13:50
banyantree	hope its the right thing =)	13:51
=== mcclurmc is now known as mcclurmc_away
=== garyposter is now known as gary_poster
=== sanderj is now known as Sander^work
Daviey	zul: Hey, nova, keystone, horizon and glance are all in the -proposed queue.	14:16
Daviey	zul: All bugs have a Precise task against them	14:16
zul	okies cool	14:17
njin	Hallo, I've got a machine running maas, then i create another one, run the cd, select install maas, setting everythings till it present the window where specify manually the name or the address, and another entry with maas (ip ddress) , but whatever i choose it request the name for this server (if blank maas assign it) and when hit enter it send sigkill or sigter and system poweroff. is this a bug ??(quantal) or I get wrong ?	14:24
tinyhippo	I've configured and tested ActiveDirectory authentication for my Ubuntu server, however, when I attempt to use sudo -i for an account which only exists on the server, and not in activedirectory - I get a message warning me that my password was incorrect (presumably, it tried to Auth against AD first) and then I become root (presumably when it auths against /etc/passwd /etc/shadow - any idea how to avoid getting thie Wrong Password ...	14:51
tinyhippo	... message?	14:51
=== gema_ is now known as gema
ninjai	how can I disable syslog?	15:23
Daviey	SpamapS: Hey, are you alive for the day?	16:18
=== n0ts_off is now known as n0ts
SpamapS	Daviey: I am , whats up?	16:32
Daviey	SpamapS: hey, would you be able to sru review a few packages? :)	16:43
Daviey	SpamapS: One gotcha.. please can you not post the spammy comment from sru-accept into each bug please?	16:44
SpamapS	Daviey: Sure. I think slangasek is on shift today, but I can look too. :)	16:44
SpamapS	Daviey: spammy? Its informative, and, luscious.	16:45
Daviey	SpamapS: and mostly offtopic :)	16:45
Daviey	Dear Reporter who reported an upstream bug, please test our ubuntu packages kkthnx	16:45
Daviey	Precise, nova - keystone - horizon - glance. :)	16:46
Daviey	SpamapS: bug 1041120 is the meta-bug	16:47
uvirtbot	Launchpad bug 1041120 in nova "Meta bug for tracking Openstack Stable Updates" [Undecided,Confirmed] https://launchpad.net/bugs/1041120	16:47
SpamapS	Daviey: the reference to the reporter is just because we aren't sure who else to ask :) The rest is fairly important as it identifies the way we expect the packages to be tested. And the script that does that also maeks sure bug tasks are set right and such.. dunno if I feel like seaparating those two	16:54
Daviey	SpamapS: i can happily set the bug taks if you prefer?	16:55
Daviey	SpamapS: I just don't want to hijack bug reports TOO much	16:55
hallyn	stgraber: for lxc-start -d, i'm trying to decide how far to go. i'ts trivial to just wait for 'running' state or 5 second timeout	17:03
hallyn	but if it immediately fails, we could catch that with a starting->aborting->stopping->stopped transtion,	17:03
hallyn	except that it's possible that the daemonized task starts after the container has already done all of those	17:04
hallyn	unlikely, but possible	17:04
hallyn	but i don't want to introduce a new api to have the container task wait to start starting until the daemonized task is ready for it.	17:04
hallyn	i suppose i can just declare it nigh-upon-impossible to have the container hit all those states before the daemonized task checks, and only handle the other cases	17:05
SpamapS	Daviey: how is that hijacking?	17:06
SpamapS	Daviey: also our report specifically looks for the comment to know when responses have come in.	17:07
Daviey	SpamapS: ok, do as you need. It was just a request.	17:09
SpamapS	Daviey: noted that the comments are considered "spammy hijacking". You are the first to bring that to my attention. :p	17:11
Daviey	SpamapS: well, i could see why an upstream project might be sensitive to lotta downstream comments.	17:15
Daviey	and the downstream having the audacity to ask the reporter to test it, even if tey don't give two hoots about Ubuntu	17:16
hallyn	stgraber: well, the simple 'wait for running or timeout' is in lp:~serge-hallyn/ubuntu/quantal/lxc/lxc-start-d-wait	17:17
SpamapS	Daviey: thats a fair concern. Perhaps we can just leave off the "Dear reporter" one	17:17
=== n0ts is now known as n0ts_off
Daviey	SpamapS: ok, thanks	17:25
hallyn	stgraber: hm, looks like my subsequent pushes went to ubuntu:lxc	17:27
SpamapS	Daviey: also it just ocurred to me that we're not doing full verification on at least nova. Right? We're just doing regression tests and the CI lab?	17:27
Daviey	SpamapS: a little more than that, but yes.. not complete coverage. For example, in the last one.. we included fixes for SUSE that doesn't impact us.	17:32
Daviey	There was scope for regression, but this is exactly why we are so involved with the upstream stable tree, to avoid these issues.	17:32
Daviey	As a testament, the last time we did this.. It was regression free.	17:33
stgraber	hallyn: change looks reasonable (looked at ubuntu:lxc)	17:33
SpamapS	Daviey: I'm just thinking its not so important to set all the bug statuses and tags if we're really just going to track the one master bug's status	17:33
Daviey	SpamapS: Note, the whole idea of doing this at upstream, rather than at pure distro level.. is something we conceived for upstream.	17:33
SpamapS	Daviey: you're preaching to the choir you don't have to convince me. :) I'm just thinking about the logistics	17:34
Daviey	SpamapS: right.. I'd be much happier to just set it Fix Committed.	17:34
Daviey	(which i have tooling to do already, if that is easier for you)	17:34
SpamapS	Daviey: it also needs verification-needed to help us know when its ok to send to -updates	17:34
Daviey	SpamapS: right, i can do that aswell if you prefer	17:34
LoT	what's the latest kernel for Precise servers?	17:49
Psi-Jack	LoT: 3.2.0 as it will be for the next 6 years	17:54
LoT	Psi-Jack: do patches for bugs get applied to the kernel over time?	18:15
Psi-Jack	Security fixes and bugs, yes, there are patchlevels to the kernel Ubuntu provides.	18:16
LoT	also, would the Quantal kernel (after its released "stable") work on Precise (if I were to backport it)	18:16
Psi-Jack	i don't use backported kernels, ever.	18:16
Daviey	SpamapS: any traction on those SRU's?	18:43
SpamapS	Daviey: I just now cleared my table to look at them :-/	18:45
SpamapS	Daviey: I assume that this is high enough priority that its worthy of jumping in front of all the other SRU's waiting?	18:45
SpamapS	Daviey: so how about I jus spam bug 1041120 for all of them?	18:47
uvirtbot	Launchpad bug 1041120 in nova "Meta bug for tracking Openstack Stable Updates" [Undecided,Confirmed] https://launchpad.net/bugs/1041120	18:47
Daviey	SpamapS: Well, there is a significant calling for this SRU.	18:47
Daviey	SpamapS: spamming that one meta bug would be better IMO :)	18:48
SpamapS	Thats the only one that really will control the packages' progression into -updates	18:48
Daviey	SpamapS: i will keep close eye on that, and the others.. just incase.	18:48
SpamapS	Daviey: where is the testing plan for these bugs?	18:49
g0bl1n	hi, I installed nginx-full then removed it and deleted the /etc/nginx directory. Now doing an apt-get install nginx-full won't put the default configuration files there. Any hint ?	18:49
SpamapS	Daviey: err, s/bugs/updates/ ?	18:49
SpamapS	g0bl1n: thats intentional	18:50
SpamapS	g0bl1n: dpkg consideres a removed config file as something the administrator likely wanted	18:50
SpamapS	g0bl1n: apt-get purge nginx-full	18:50
g0bl1n	SpamapS: ahh, let me try ;-)	18:50
SpamapS	g0bl1n: that will reset dpkg's tracking of the config files (and remove ALL data and configs)	18:50
g0bl1n	SpamapS: I was doing a remove and autoremove. Not enough, ok	18:51
Daviey	SpamapS: So.. We will be doing a full burn in a lab. I will put out a call for testing on upstream mailing list, and we've also had at least one partner offer to help test aswell	18:51
Daviey	So.. more coverage than the previous SRU had.	18:51
SpamapS	Daviey: isn't that written down somewhere?	18:51
SpamapS	somewhere I can link to.. :P	18:52
Daviey	SpamapS: yes	18:52
Daviey	hmm	18:52
Daviey	that might an isue for this moment	18:52
SpamapS	poor users will just have to trust good ol' Daviey's word ;)	18:53
SpamapS	Well as long as the results are documented I don't mind.	18:53
Daviey	fools!	18:53
Daviey	adam_g: do you know where that doc is?	18:53
SpamapS	ugh	19:02
SpamapS	the SRU queuediff script nearly crashed my browser opening all the nova bugs	19:02
SpamapS	Daviey: accepted all. UNLEASHE THE HOUNDS	19:04
g0bl1n	SpamapS:	19:06
g0bl1n	SpamapS: still getting errors after the purge	19:06
SpamapS	g0bl1n: you may need to purge all of the packages that own files in /etc/nginx .. 'dpkg -S /etc/nginx'	19:06
LoT	SpamapS: was 12.04.1 released?	19:06
* LoT seems to have missed 3 days fo announce emails, so....		19:06
dormito	I have a question about configure ssl certs for a samba/ldap setup on an ubuntu server, is this the correct channel to ask it?	19:07
g0bl1n	SpamapS: ah, nginx-common appeared. Purged. Now retrying	19:07
g0bl1n	SpamapS: well done thankyou. Worked	19:08
=== LordOfTime is now known as TheLordOfTime
Daviey	SpamapS: thanks!	19:14
* SpamapS sometimes wonders if dpkg's conffile handling is really worth it		19:20
SpamapS	TheLordOfTime: yes, 12.04.1 was released yesterday	19:21
SpamapS	TheLordOfTime: and your PHP SRU is awaiting approval	19:21
TheLordOfTime	SpamapS: ah, wonderful. Thanks.	19:21
=== dendrobates is now known as dendro-afk
Daviey	SpamapS: Houston, we have a problem	20:52
Daviey	SpamapS: nova FTBFS, due to a debuild problem.	20:52
adam_g	Daviey: i think i know what it is	20:52
adam_g	did the others build okay?	20:53
Daviey	adam_g: yes	20:56
Daviey	adam_g: missing HCnageLog.. I am assuming you did a sdist from a tar checkout, rather than git tree?	20:57
adam_g	Daviey: no, in fact i didn't use sdist	20:58
adam_g	Daviey: but yea, that would have been autogen'd	20:58
Daviey	adam_g: Oh, then that is the error	21:00
Daviey	How come you didn't sdist?	21:00
adam_g	Daviey: wasn't sure how zul was cutting the previous tarballs, and whether upstream has merged any of the newer magic into sdist that makes the endproduct something much different than what we were shipping at 12.04	21:03
Daviey	adam_g: Ah, ok	21:04
adam_g	Daviey: but actually, sdist'ing it doesn't produce a ChangeLog either it seems	21:05
Daviey	adam_g: from tar or git co?	21:06
adam_g	Daviey: git	21:06
Daviey	oo-er	21:06
adam_g	Daviey: oh jeez, nvm. it does have it. my bad	21:08
adam_g	Daviey: whats best? adjust packaging on the current upload to exlude it, or upload a new tarball for proposed	21:09
Daviey	I'd think uploading a new orig. SpamapS, what do you think?	21:10
Daviey	adam_g: I'd like to squeeze one more commit in aswell.. if you don't mind :)	21:13
=== lool- is now known as lool
=== cpg\|away is now known as cpg
=== arosales1 is now known as arosales
adam_g	Daviey: what commit?	21:52
adam_g	Daviey: that'd make it easier, current versioning scheme makes it hard to bump the version	21:52
Portaljacker	do i need to install phpmyadmin for my website? or is it enough to have webmin for my server?	21:54
Portaljacker	lamp stack and going to install wordpress	21:55
Portaljacker	i'm stuck at the part to make the mysql database for wordpress	21:56
Portaljacker	and the interface of webmin is not making it obvious how to set it up correctly	21:57
=== dendro-afk is now known as dendrobates
Daviey	adam_g: I just landed two upstream	21:59
Daviey	https://review.openstack.org/#/c/11813/	21:59
Daviey	https://review.openstack.org/#/c/11597/ <-- needed	21:59
adam_g	k	22:00
anotheruser	Portaljacker, don't install the 10.04 phpmyadmin anyway, it's full of holes	22:06
Portaljacker	ok then	22:06
Portaljacker	well i assumed i could set up the mysql database in the webmin mysql module	22:06
anotheruser	i don't know webmin... i've used phpmyadmin, and the mysql command line	22:07
anotheruser	if you really want phpmyadmin, at least install the last version, and change its default path (then you should be ok)	22:07
Portaljacker	command line can work	22:07
Portaljacker	is the comand line tool easy enough to setup a new database?	22:08
anotheruser	it's reasonable	22:08
anotheruser	basically, you just run a CREATE DATABASE command	22:09
anotheruser	if you want user rights management, it's a bit more tricky	22:09
anotheruser	(then you need to read about the "grant" commands	22:09
Portaljacker	apparently this is sufficient :P	22:11
Portaljacker	http://www.debuntu.org/how-to-create-a-mysql-database-and-set-privileges-to-a-user	22:11
anotheruser	yeah that's good enough	22:11
Portaljacker	this line seems odd to me	22:11
Portaljacker	grant usage on . to amarokuser@localhost identified by 'amarokpasswd';	22:11
anotheruser	it means amazokuser can connect, from localhost, with that password	22:12
Portaljacker	oh, and he can only connect to a db he's assigned to	22:12
anotheruser	usage is the most basic privilege	22:13
anotheruser	so yeah he can do nothing with it	22:14
anotheruser	The USAGE privilege specifier stands for “no privileges.”	22:15
anotheruser	here :p	22:15
Portaljacker	thanks	22:18
=== nxvl_ is now known as nxvl
=== cpg is now known as cpg\|away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!