=== nick is now known as Guest90392 === tuv0k is now known as darthanubis === cpg|away is now known as cpg === n0ts_off is now known as n0ts === n0ts is now known as n0ts_off === n0ts_off is now known as n0ts === n0ts is now known as n0ts_off === dendrobates is now known as dendro-afk === dendro-afk is now known as dendrobates === n0ts_off is now known as n0ts === n0ts is now known as n0ts_off === chilicui1 is now known as chilicuil === n0ts_off is now known as n0ts [03:29] hey all, i'm trying to get x11vnc running on :0 through xinetd, any recommendations? [03:30] everything i'm finding wants me to install lightdm or gdm [03:31] !x11vnc [03:41] Gents, trying to mount an NFS share from my ubuntu server to a windows 7 laptop. Installed the M$ NFS client add-on but can't seem to get it to mount. Anyone have any experience with this? google is failing me. === cpg is now known as cpg|away [03:44] btw: i get "Error connecting to NFS WMI provider" when trying to use the NFS interface that comes with MS === n0ts is now known as n0ts_off === n0ts_off is now known as n0ts === n0ts is now known as n0ts_off [04:22] how do i use swat to config samba so i can share my /media/share as a windows share i can acess anywhere on my network === cpg|away is now known as cpg [04:55] hi, i need some help with apache and ftp [04:55] i installed lamp using task-sel when root was my only user, now i have a user in the admin group and when i use ftp and navigate to /var/www i can't add files or change the permissions [04:57] root was your only user? are you using ubuntu server 12.04? [04:57] yes [04:58] i have a vps [04:58] not only user [04:58] it had the other default ones [04:58] i made the user portaljacker and put it in the admin group pretty quickly [04:59] had to create the admin group then enable sudo priviledges [04:59] but i did it [05:01] have you tried adding portaljacker to the sudo group? [05:01] it is [05:01] i sudo often :P [05:02] root seems to be the owner of www [05:02] well, sudo'ing when not necessary is just as bad as running everything as root === n0ts_off is now known as n0ts [05:03] i know [05:03] but when i go in on ftp i can't upload to the www folder [05:03] which i sort of need to do to edit a website [05:03] or even put one up [05:04] i was told in #ubuntu that www-data becomes the owner when it runs and accesses www? [05:04] does that mean i need to add the user i log in to ftp with into the www-data group? [05:05] I dont think thats the right way... how are the permissions in the "ls -l /var/www" [05:07] -rw-r--r-- 1 root root 237 Aug 24 02:40 index.html [05:07] but i had to create that file with sudo [05:07] no other way [05:08] actualy, I think I would try something like "chown -R portaljacker:portaljacker /var/www" and then from there give permissions to the group [05:08] portaljacker@yuki:~$ ls -l /var | grep www drwxr-xr-x 2 root root 4096 Aug 24 03:24 www [05:08] portaljacker@yuki:~$ ls -l /var | grep wwwdrwxr-xr-x 2 root root 4096 Aug 24 03:24 www [05:08] portaljacker@yuki:~$ ls -l /var | grep wwwdrwxr-xr-x2 root root 4096 Aug 24 03:24 www [05:08] derp [05:08] portaljacker@yuki:~$ ls -l /var | grep www drwxr-xr-x [05:09] 2 root root 4096 Aug 24 03:24 www [05:09] whoops [05:09] the line split is after grep www === n0ts is now known as n0ts_off [05:13] maybe something like: "chown -R portaljacker:admin /var/www ; chmod g+rxw /var/www" [05:14] what does the first part do exactly? i know the second part sets the permissions of the group to rxw [05:18] the first part changes the owner and group of the directory . maybe you should try the second command, then try the ftp upload, then the first command [05:20] the group in the second command is the group of the current user? or the owner of the directory? [05:21] did the second command then logged in on ftp and could not create a directory [05:22] ok wait [05:22] now you have "ls -l /var/www" -> drwxrwxr-x [05:23] yes, shows that in the ftp client [05:24] that command doesn't give that output [05:24] it shows the permissions of the files in www [05:24] but not of www [05:24] I'm not sure about this but, try "sudo useradd -G www-data portaljacker" [05:24] that adds portaljacker to www-data? [05:24] yes, that adds your user to that group [05:25] wich is the group any webserver uses to access /var/www [05:25] useradd: user 'portaljacker' already exists [05:26] i think i'll just use webmin to add portaljacker to the group [05:27] nope [05:27] couldn't create the directory with ftp [05:29] so now what? [05:30] maybe you should create a folder in your home folder [05:31] and tell apache to publish from folder [05:31] (that apache's config is made at /etc/apache2/...) [05:32] btw, do not forget to reverse the permissions "chmod g-w /var/www" === n0ts_off is now known as n0ts [05:32] i guess i could just do that first part [05:33] making my user the owner of the folder? === user is now known as anotheruser [05:34] or i could log into ftp as root, what's the worst that could...i can't finish that sentence without imagining my server as a pile of ashes [05:34] +1 for ffunenga solution [05:34] ya but there should be a way for it to work from www [05:34] that's how it's made to work in the first place [05:35] i'm not the first to ever do this [05:35] it's not exactly extraordinary to put your website in /var/www [05:36] i missed the beginning of the question, but as soon as you want to host several websites, for several users, better to put them in the home folder of said users [05:36] which is why i'm wondering why it's so damned hard to upload a file into that folder via ftp [05:37] have you thought about using ssh? [05:37] i do [05:37] sftp? [05:37] this doesn't eliminate the root issue [05:37] root owns that folder [05:37] which is apparently good [05:37] if you just give the whole var/www folder to www-data, and log in as www-data, should work probably [05:38] but that means i can't edit files without root access [05:38] it should [05:38] but i've heard that it's bad :P [05:38] one sec [05:38] http://serverfault.com/questions/69685/what-user-should-own-var-www-on-ubuntu-9-04-server [05:39] well [05:39] that's true [05:39] but then , you can just give the folder to *any* user you create [05:39] as long as it's not root, it won't be a security issue [05:40] that answer says to make the owner root:newgroup [05:40] and add the users that need access to that group [05:41] i still prefer ffunenga solution, anyway :p [05:41] of making a whole different folder? [05:41] Portaljacker, if you make root::newgroup [05:41] you have to change permissions too === n0ts is now known as n0ts_off [05:42] (what are the current permissions on your /var/www ?) [05:42] 755 [05:42] so of course you can't create anything as the group [05:43] (5 is rx, you need the write too) [05:43] so only the direct owner can write unless it's 775 [05:43] yes [05:44] so i guess i should make portaljacker:admin the owner and get it over with :P [05:44] yes. "chmod 775 /var/www ; chown -R root:newgroup /var/www" [05:44] though i guess there's no downside to 775 over 755? [05:44] it just means that the group can write [05:45] if you trust all the users in the group, no problem [05:45] and if i limit the group to one user (+root of course) it's not much of an issue? [05:45] yes, no problem at all then [05:45] ok [05:45] well, now i can finally set up wordpress XD [05:46] root is always in every group right? [05:48] no [05:48] woot, blog subfolder successfully created! [05:48] ? [05:49] check "id root" [05:49] nice ! :) lol [05:49] so root is part of only root [05:49] ? [05:49] but then why can i say root:newgroup without adding root to the group? [05:51] btw, since you weretalking about the effects of potential security flaws [05:51] one additional advantage of using custom folders for your website is that an attacker can't predict the path of your files on the server [05:52] Good question... I guess the owner and the group of the files are independent. I'm checking that hypothesis now [05:52] i mean, if for some reason the attacker gets the possibility to read a file (as it happened to my server yesterday thanks to phpmyadmin) [05:52] then he just has to open /var/www/config.php or some other sensible file and it's over [05:53] how did he get to the point of being able to see the file? [05:53] if the file is in /home/myuser132424/my_strange_var_www_folder/config.php, it's harder to get [05:54] well, 4 security flaws in phpmyadmin that aren't fixed in ubuntu 10.04 LTS package... [05:56] lovely [05:57] so he could see your filesystem? === lifeless_ is now known as lifeless [05:58] couldn't he just search your file tree at that point for config.php? [05:59] just search [05:59] he couldn't see the filesystem [05:59] it's actually funny to see in the logs all the files that he tried to read at random [06:01] so he basically had to guess your filesystem [06:01] lol [06:01] i get the point [06:02] i could always be crazy and make my www folder a git repo [06:02] then i could just blow away the whole thing with a reclone [06:04] i'm not sure what exactly a git repo involves [06:05] it saves all the changes you've made since the last commit [06:05] but don't do anything that leaves files such as CVS folder or .svn files in your website folder [06:05] oh ya [06:05] .... [06:05] same idea [06:05] that would be a huge security issue :p [06:05] it would [06:05] but then again [06:06] they need my rsa password to affect the remote repo [06:06] i don't know how it works for git, but for cvs i think, i once saw a website that could be hacked in a few seconds because of that.... [06:07] well apparently the .cvs and .svn folders hold passwords [06:07] but in git i always set it to use an rsa key to authenticate [06:08] still i don't think it's a good idea [06:08] probably not [06:08] use a git repo for your website, and then do a checkout or whatever to get the working copy of the website [06:09] ya [06:09] like have the reop elsewhere [06:09] and copy it into www [06:09] repo [06:09] and just copy everything but the .git folder [06:09] heck i could do it over ftp [06:09] though it would be slower [06:09] yeah something like that [06:10] anyway, it's a bit late and i'm getting tired [06:10] i guess i'll be installing wordpress later :P [06:11] careful with wordpress too [06:11] especially custom themes etc. [06:11] keep it well up to date and only use trusted sources [06:14] i intend to do so [06:14] thanks === n0ts_off is now known as n0ts === n0ts is now known as n0ts_off === Guest83481 is now known as jussi === dendrobates is now known as dendro-afk === n0ts_off is now known as n0ts === n0ts is now known as n0ts_off [08:02] Hi I have some Questions regarding NFS... I now use samba to share, but i only have *nix machines is it better to switch to NFS? [08:23] Morning all [08:24] What would cause an upgrade from 11.10 to 12.04 to become unresponsive, it continues to run just all tasks seem to freeze for about 30 - 40 seconds at times ? [08:25] It's not a hardware issue as it's the same symptoms on 3 different servers. [09:12] hi guys. I was doing and apt-get update on one of my servers, and getting "invoke-rc.d: initscript resolvconf, action "start" failed. dpkg: error processing resolvconf (--configure): subprocess installed post-installation script returned error exit status 1" [09:12] doing a google search shows some bugs with the same errors, but a bit unrelated [09:19] New bug: #973243 in keystone "deleting tenants or users does not clean up metadata" [Undecided,Confirmed] https://launchpad.net/bugs/973243 [09:19] New bug: #974199 in keystone "deleting a tenant does not cleanup its user associations" [Undecided,Confirmed] https://launchpad.net/bugs/974199 [09:19] New bug: #978130 in glance "multiprocess glance-api failed to exit when stopped by ctrl+c" [Undecided,Confirmed] https://launchpad.net/bugs/978130 [09:19] New bug: #978610 in glance "/usr/bin/glance's built-in pager breaks redirection" [Undecided,Confirmed] https://launchpad.net/bugs/978610 [09:19] New bug: #983800 in keystone "TokenNotFound not raised in testsuite because of timezone issues" [Undecided,Confirmed] https://launchpad.net/bugs/983800 [09:19] New bug: #988920 in keystone "Token authentication for a user in a disabled tenant does not raise Unauthorized error" [Undecided,Confirmed] https://launchpad.net/bugs/988920 [09:19] New bug: #994936 in keystone "export_legacy_catalog doesn't convert url names correctly" [Undecided,Confirmed] https://launchpad.net/bugs/994936 [09:19] New bug: #996595 in keystone "Following a password compromise and subsequent password change, tokens remain valid." [Undecided,Confirmed] https://launchpad.net/bugs/996595 [09:19] New bug: #997194 in keystone "Tokens remain valid after a user account is disabled" [Undecided,Confirmed] https://launchpad.net/bugs/997194 [09:19] New bug: #997565 in glance "glance add command - incorrect help text" [Undecided,Confirmed] https://launchpad.net/bugs/997565 [09:19] New bug: #997669 in horizon "When adding ICMP rule, the type/code is being validated as from/to ports" [Undecided,Confirmed] https://launchpad.net/bugs/997669 [09:19] New bug: #1007093 in glance "glance add uploads a double image if using ssl and images is smaller the 4k" [Undecided,Confirmed] https://launchpad.net/bugs/1007093 [09:19] New bug: #1010560 in glance "response.environ is None; instance fails to spawn" [Undecided,Confirmed] https://launchpad.net/bugs/1010560 [09:19] New bug: #1012268 in glance "exception.BadStoreUri exposes sensitive information to end users" [Undecided,Confirmed] https://launchpad.net/bugs/1012268 [09:20] New bug: #1012381 in keystone "Memcache token backend eventually stops working" [Undecided,Confirmed] https://launchpad.net/bugs/1012381 [09:20] New bug: #1012752 in glance "glance-cache.conf needs metadata encryption key" [Undecided,Confirmed] https://launchpad.net/bugs/1012752 [09:20] New bug: #1016056 in keystone "EC2 credentials not migrated from legacy (diablo) database" [Undecided,Confirmed] https://launchpad.net/bugs/1016056 [09:20] New bug: #1022369 in glance "Glance scrubber date formatting fails w/ Postgres" [Undecided,Confirmed] https://launchpad.net/bugs/1022369 [09:20] New bug: #1041070 in bridge-utils (main) "802.3ad bond interface have show high RX dropped packets" [Undecided,New] https://launchpad.net/bugs/1041070 [09:20] New bug: #992447 in juju "Communication with store.juju.ubuntu.com is not authenticated" [Critical,In progress] https://launchpad.net/bugs/992447 [09:20] New bug: #1018246 in glance "image.upload notification doesn't report size" [Undecided,Confirmed] https://launchpad.net/bugs/1018246 [09:20] New bug: #1021054 in glance "Admins should be able to share image regardless of ownership" [Undecided,Confirmed] https://launchpad.net/bugs/1021054 [09:20] New bug: #1025353 in glance "Support zero-size image creation" [Undecided,Confirmed] https://launchpad.net/bugs/1025353 [09:20] New bug: #1028433 in glance "Image id not contained in swift chunk debug message" [Undecided,Confirmed] https://launchpad.net/bugs/1028433 [09:21] New bug: #1032314 in glance "qpid_heartbeat setting in ineffective" [Undecided,Confirmed] https://launchpad.net/bugs/1032314 [09:21] New bug: #1040800 in asterisk (universe) "res_config_sqlite should be ported to sqlite3" [Wishlist,Confirmed] https://launchpad.net/bugs/1040800 [09:21] New bug: #1040846 in autofs5 (main) "Missing content in /etc/nsswitch.conf causes failure" [Undecided,New] https://launchpad.net/bugs/1040846 [09:21] New bug: #995079 in nova (main) "Internal server error when accessing nova/instances_and_volumes/ via horizon" [Undecided,Confirmed] https://launchpad.net/bugs/995079 [09:22] New bug: #1040586 in whois (main) "Cyrillic characters shown with wrong encoding" [Undecided,New] https://launchpad.net/bugs/1040586 [09:22] New bug: #1040682 in ipmitool (universe) "[MIR] ipmitool" [Undecided,New] https://launchpad.net/bugs/1040682 [09:23] New bug: #1006815 in keystone/essex "Admin API /v2.0/tenants/{tenant_id}/users/{user_id}/roles doesn't validate token" [Critical,Fix released] https://launchpad.net/bugs/1006815 [09:23] New bug: #1040212 in php5 "PHP CGI configuration fundamentally changed" [Undecided,Fix released] https://launchpad.net/bugs/1040212 [09:23] New bug: #1040475 in maas (main) "maas depends on a broken version of python-tx-tftp" [Undecided,New] https://launchpad.net/bugs/1040475 [09:23] New bug: #1040588 in squid3 (main) "squid3.HEAD (20120823-r12295) "WARNING: ICAP Max-Connections limit exceeded" bug" [Undecided,New] https://launchpad.net/bugs/1040588 [09:24] New bug: #1039456 in quota (main) "Can't turn quotas on" [Undecided,Invalid] https://launchpad.net/bugs/1039456 [09:24] New bug: #1039871 in Ubuntu Quantal "[needs-packaging] oprofile 0.9.7" [High,Confirmed] https://launchpad.net/bugs/1039871 [09:24] New bug: #1040274 in spamassassin (main) "Merge spamassassin 3.3.2-4 (main) from Debian unstable (main)" [Undecided,New] https://launchpad.net/bugs/1040274 [09:25] New bug: #1023412 in python3-chardet (main) "[MIR] python3-chardet" [Undecided,Fix released] https://launchpad.net/bugs/1023412 [09:25] New bug: #1040177 in openldap (main) "slapd install fails when requesting to 'Omit OpenLDAP server configuration"" [Undecided,New] https://launchpad.net/bugs/1040177 [09:26] New bug: #1014235 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: подпроцесс установлен сценарий post-installation возвратил код ошибки 1" [Undecided,Expired] https://launchpad.net/bugs/1014235 [09:26] New bug: #1031747 in python-django-openstack-auth (main) "[MIR] python-django-openstack-auth" [Undecided,Fix released] https://launchpad.net/bugs/1031747 [09:26] New bug: #1039554 in cyrus-sasl2 (main) "Please re-enable PIE" [High,Fix released] https://launchpad.net/bugs/1039554 [09:26] New bug: #1039597 in openbsd-inetd (main) "Please re-enable PIE and BIND_NOW" [High,Fix released] https://launchpad.net/bugs/1039597 [09:26] New bug: #1040139 in keystone (main) "keystone upgrade fails due to mysql not being available" [Undecided,New] https://launchpad.net/bugs/1040139 [09:26] i think i need a quick and dirty imap server to send test emails to, which would you guys recommend to use? [09:28] New bug: #1028453 in ubuntu-meta (main) "Quantal Ubuntu Server minimal install oversized" [High,Confirmed] https://launchpad.net/bugs/1028453 [09:28] New bug: #1039542 in asterisk (universe) "Please re-enable PIE and BIND_NOW" [High,Triaged] https://launchpad.net/bugs/1039542 [09:28] New bug: #1039593 in squid3 (main) "squid3 lost compiler hardening options in last update, but shouldn't have" [Undecided,Invalid] https://launchpad.net/bugs/1039593 [09:28] New bug: #1039627 in etckeeper (main) "etckeeper init with git gives error" [Undecided,New] https://launchpad.net/bugs/1039627 [09:29] New bug: #1039470 in openssh (main) "'man sftp' shows a wrong creation date" [Undecided,New] https://launchpad.net/bugs/1039470 [09:30] New bug: #977007 in nova/essex "instance live migration should create virtual_size disk image" [Low,Fix released] https://launchpad.net/bugs/977007 [09:30] New bug: #1017418 in nova "NoMoreFloatingIps: Zero floating ips available after repeatedly creating and destroying instances over time" [Undecided,Confirmed] https://launchpad.net/bugs/1017418 [09:30] New bug: #1018586 in nova "cleanup_file_locks does not remove stale sentinel files" [Undecided,Confirmed] https://launchpad.net/bugs/1018586 [09:31] New bug: #1018721 in nova "Launching with source groups under load produces lazy load error" [Undecided,Confirmed] https://launchpad.net/bugs/1018721 [09:31] New bug: #1021340 in nova "Race condition in network/deallocate_for_instance() leads to security issue" [Undecided,Confirmed] https://launchpad.net/bugs/1021340 [09:31] New bug: #1021352 in nova "Deallocation of fixed IP occurs before security group refresh – leading to potential security issue in error / race conditions" [Undecided,Confirmed] https://launchpad.net/bugs/1021352 [09:31] New bug: #1021373 in nova "[nova][volumes] Exceeding volumes, gigabytes and floating_ips quotas returns general uninformative HTTP 500 error" [Undecided,Confirmed] https://launchpad.net/bugs/1021373 [09:31] New bug: #1027105 in nova "Restarting nova-compute removes ip packet filters" [Undecided,Confirmed] https://launchpad.net/bugs/1027105 [09:31] New bug: #1027984 in nova "nova testsuite errors on newer versions of python-boto (e.g. 2.5.2)" [Undecided,Confirmed] https://launchpad.net/bugs/1027984 [09:31] New bug: #1029463 in nova "Libvirt driver reports incorrect error when volume-detach fails" [Undecided,Confirmed] https://launchpad.net/bugs/1029463 [09:31] New bug: #1030430 in nova "qpid_heartbeat setting in ineffective" [Undecided,Confirmed] https://launchpad.net/bugs/1030430 [09:31] New bug: #1031311 in nova "CVE-2012-3361 not fully addressed" [Undecided,Confirmed] https://launchpad.net/bugs/1031311 [09:31] New bug: #1033178 in nova "pycrypto is unused and the existing code is potentially insecure to use" [Undecided,Confirmed] https://launchpad.net/bugs/1033178 [09:31] New bug: #1036902 in nova "Block storage connections are NOT restored on system reboot" [Undecided,Confirmed] https://launchpad.net/bugs/1036902 [09:31] New bug: #1039420 in ntp (main) "NTP security vulnerability because not using authentication by default" [Undecided,New] https://launchpad.net/bugs/1039420 [09:32] New bug: #956096 in nova "Listing flavors with marker set returns 400" [Undecided,Confirmed] https://launchpad.net/bugs/956096 [09:32] New bug: #971621 in nova "nova delete lxc-instance umounts the wrong rootfs" [Undecided,Confirmed] https://launchpad.net/bugs/971621 [09:32] New bug: #994935 in nova "Deleting Flavor currently in use by instance creates error" [Undecided,Confirmed] https://launchpad.net/bugs/994935 [09:32] New bug: #1013689 in nova "cannot umount guestfs " [Undecided,Confirmed] https://launchpad.net/bugs/1013689 [09:32] New bug: #1016273 in nova "ram_allocation_ratio does not work" [Undecided,Confirmed] https://launchpad.net/bugs/1016273 [09:32] New bug: #1017795 in nova "scheduler hang (DOS) possible with DifferentHostFilter/SameHostFilter " [Undecided,Confirmed] https://launchpad.net/bugs/1017795 [09:32] New bug: #1020634 in nova "[nova][volumes] Exceeding volumes quotas logs "VolumeSizeTooLarge" instead of "VolumeLimitExceeded" " [Undecided,Confirmed] https://launchpad.net/bugs/1020634 [09:32] New bug: #1022036 in nova "metadata injection is broken in xen" [Undecided,Confirmed] https://launchpad.net/bugs/1022036 [09:33] New bug: #1006664 in nova "euca-describe-keypair NonExistent returns 200" [Undecided,Confirmed] https://launchpad.net/bugs/1006664 [09:33] New bug: #1007573 in nova "affinity filters don't work if scheduler_hints is None" [Undecided,Confirmed] https://launchpad.net/bugs/1007573 [09:33] New bug: #1012374 in nova "impl_qpid doesn't ACK messages" [Undecided,Confirmed] https://launchpad.net/bugs/1012374 [09:33] New bug: #1013147 in nova "nova-rootwrap hardcodes paths instead of using /sbin:/usr/sbin:/usr/bin:/bin" [Wishlist,Confirmed] https://launchpad.net/bugs/1013147 [09:33] New bug: #1014769 in nova "NoMoreFixedIps: Zero fixed ips available. Nova seems leaking them." [Undecided,Confirmed] https://launchpad.net/bugs/1014769 [09:33] New bug: #1015531 in nova "Remote arbitrary file corruption / creation flaw via injected files" [Undecided,Confirmed] https://launchpad.net/bugs/1015531 [09:34] New bug: #986922 in nova "Call to network_get_all_by_uuids missing 'db'" [Undecided,Confirmed] https://launchpad.net/bugs/986922 [09:34] New bug: #992805 in nova "test_get_console_output_file requires sudo NOPASSWD" [Undecided,Confirmed] https://launchpad.net/bugs/992805 [09:34] New bug: #997763 in nova "floating ips are not disassociated from instances on deletion" [Undecided,Confirmed] https://launchpad.net/bugs/997763 [09:34] New bug: #999698 in nova "qpid timeout causing compute service to crash" [Undecided,Confirmed] https://launchpad.net/bugs/999698 [09:34] New bug: #1000853 in nova "Restarting nova-network removes ip packet filters " [Undecided,Confirmed] https://launchpad.net/bugs/1000853 [09:34] New bug: #1004298 in nova "not able to get host total memory in xen with libvirt" [Undecided,Confirmed] https://launchpad.net/bugs/1004298 [09:35] New bug: #985162 in nova "Firewall rules from nova-compute are not refreshed after host reboot" [Undecided,Confirmed] https://launchpad.net/bugs/985162 [09:35] New bug: #985184 in nova "Security groups fail to be set correctly if incorrect case is used for protocol specification" [Undecided,Confirmed] https://launchpad.net/bugs/985184 [09:35] * _ruben slaps uvirtbot [09:36] Yikes! [09:36] That's a lot of new bugs :) [09:37] <_ruben> I propose we just ditch nova, it's bug-ridden apparently! :) [09:37] * soren admits the mail host backing uvirtbot may have had a couple of rough days and is catching up. [09:47] so guys, any advice with resolvconf, please? I'm getting getting "invoke-rc.d: initscript resolvconf, action "start" failed. dpkg: error processing resolvconf (--configure): subprocess installed post-installation script returned error exit status 1" while doing an apt-get update [09:50] <_ruben> i'm guessing apt-get upgrade instead of apt-get update? [09:51] oh yeah, upgrade [09:52] and now the packages resolvconf is marked as crashed, and doing "apt-get -f install" throws the same error [09:53] here http://pastie.org/4579589 [09:56] New bug: #1041120 in nova (main) "Meta bug for tracking Openstack Stable Updates" [Undecided,New] https://launchpad.net/bugs/1041120 === n0ts_off is now known as n0ts === cpg is now known as cpg|away === mcclurmc_away is now known as mcclurmc [10:51] New bug: #997700 in keystone "LDAP should not check username on "sn" field" [Undecided,Confirmed] https://launchpad.net/bugs/997700 [10:51] New bug: #1035428 in keystone "authenticate in ldap backend doesn't return a list of roles" [Medium,In progress] https://launchpad.net/bugs/1035428 [11:25] guys, how to change language for console info and other? [11:25] Error messages, Info messages.. [11:28] woozly: see LANG, LC_ALL etc variables, locale (1) [11:28] reisi: thank you! [11:29] woozly: also there are language-pack-* packages [11:29] reisi: great! Thank you man! === n0ts is now known as n0ts_off === n0ts_off is now known as n0ts [11:44] I can't believe how many people install stuff from my ppa, then email complaints [11:45] patdk-lap: i named my ppa "Danger do not use" and the email spam dropped off [11:46] xnox: did usage drop off as well? [11:46] greppy: that is irrelevant, I'm not paying the bandwidth =) [11:58] guys, where iptables config? I need to add rule to it [11:58] :/ === n0ts is now known as n0ts_off [11:59] or it disabled by default? [12:00] it doesn't exist by default [12:00] ufw exists, but disabled [12:01] oh... okay thanks! === n0ts_off is now known as n0ts === dendro-afk is now known as dendrobates === irvie is now known as irv === n0ts is now known as n0ts_off [13:09] hello any1 familiar to vpn [13:13] !anyone | KrizTmarK [13:13] KrizTmarK: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll. [13:38] does any1 know the folder which the kernel on ubuntu is stored [13:40] KrizTmarK: Usually in /boot [13:42] New bug: #1006822 in keystone "API（v2.0/OS-KSADM/services，v2.0/OS-KSADM/services/{service_id}）doesn't validate token" [Undecided,Confirmed] https://launchpad.net/bugs/1006822 [13:46] Hey Guys =) [13:47] i want to set up an email server. i need to set the ptr entry [13:47] mx entry is already set [13:47] does anybody know how to do this? [13:50] I maybe totally wrong but banyantree is this what you need -https://help.ubuntu.com/community/BIND9ServerHowto#Reverse_Zone_File [13:50] thx i will read it now [13:51] hope its the right thing =) === mcclurmc is now known as mcclurmc_away === garyposter is now known as gary_poster === sanderj is now known as Sander^work [14:16] zul: Hey, nova, keystone, horizon and glance are all in the -proposed queue. [14:16] zul: All bugs have a Precise task against them [14:17] okies cool [14:24] Hallo, I've got a machine running maas, then i create another one, run the cd, select install maas, setting everythings till it present the window where specify manually the name or the address, and another entry with maas (ip ddress) , but whatever i choose it request the name for this server (if blank maas assign it) and when hit enter it send sigkill or sigter and system poweroff. is this a bug ??(quantal) or I get wrong ? [14:51] I've configured and tested ActiveDirectory authentication for my Ubuntu server, however, when I attempt to use sudo -i for an account which only exists on the server, and not in activedirectory - I get a message warning me that my password was incorrect (presumably, it tried to Auth against AD first) and then I become root (presumably when it auths against /etc/passwd /etc/shadow - any idea how to avoid getting thie Wrong Password ... [14:51] ... message? === gema_ is now known as gema [15:23] how can I disable syslog? [16:18] SpamapS: Hey, are you alive for the day? === n0ts_off is now known as n0ts [16:32] Daviey: I am , whats up? [16:43] SpamapS: hey, would you be able to sru review a few packages? :) [16:44] SpamapS: One gotcha.. please can you not post the spammy comment from sru-accept into each bug please? [16:44] Daviey: Sure. I think slangasek is on shift today, but I can look too. :) [16:45] Daviey: spammy? Its informative, and, luscious. [16:45] SpamapS: and mostly offtopic :) [16:45] Dear Reporter who reported an upstream bug, please test our ubuntu packages kkthnx [16:46] Precise, nova - keystone - horizon - glance. :) [16:47] SpamapS: bug 1041120 is the meta-bug [16:47] Launchpad bug 1041120 in nova "Meta bug for tracking Openstack Stable Updates" [Undecided,Confirmed] https://launchpad.net/bugs/1041120 [16:54] Daviey: the reference to the reporter is just because we aren't sure who else to ask :) The rest is fairly important as it identifies the way we expect the packages to be tested. And the script that does that also maeks sure bug tasks are set right and such.. dunno if I feel like seaparating those two [16:55] SpamapS: i can happily set the bug taks if you prefer? [16:55] SpamapS: I just don't want to hijack bug reports TOO much [17:03] stgraber: for lxc-start -d, i'm trying to decide how far to go. i'ts trivial to just wait for 'running' state or 5 second timeout [17:03] but if it immediately fails, we could catch that with a starting->aborting->stopping->stopped transtion, [17:04] except that it's possible that the daemonized task starts after the container has already done all of those [17:04] unlikely, but possible [17:04] but i don't want to introduce a new api to have the container task wait to start starting until the daemonized task is ready for it. [17:05] i suppose i can just declare it nigh-upon-impossible to have the container hit all those states before the daemonized task checks, and only handle the other cases [17:06] Daviey: how is that hijacking? [17:07] Daviey: also our report specifically looks for the comment to know when responses have come in. [17:09] SpamapS: ok, do as you need. It was just a request. [17:11] Daviey: noted that the comments are considered "spammy hijacking". You are the first to bring that to my attention. :p [17:15] SpamapS: well, i could see why an upstream project might be sensitive to lotta downstream comments. [17:16] and the downstream having the audacity to ask the reporter to test it, even if tey don't give two hoots about Ubuntu [17:17] stgraber: well, the simple 'wait for running or timeout' is in lp:~serge-hallyn/ubuntu/quantal/lxc/lxc-start-d-wait [17:17] Daviey: thats a fair concern. Perhaps we can just leave off the "Dear reporter" one === n0ts is now known as n0ts_off [17:25] SpamapS: ok, thanks [17:27] stgraber: hm, looks like my subsequent pushes went to ubuntu:lxc [17:27] Daviey: also it just ocurred to me that we're not doing full verification on at least nova. Right? We're just doing regression tests and the CI lab? [17:32] SpamapS: a little more than that, but yes.. not complete coverage. For example, in the last one.. we included fixes for SUSE that doesn't impact us. [17:32] There was scope for regression, but this is exactly why we are so involved with the upstream stable tree, to avoid these issues. [17:33] As a testament, the last time we did this.. It was regression free. [17:33] hallyn: change looks reasonable (looked at ubuntu:lxc) [17:33] Daviey: I'm just thinking its not so important to set all the bug statuses and tags if we're really just going to track the one master bug's status [17:33] SpamapS: Note, the whole idea of doing this at upstream, rather than at pure distro level.. is something we conceived for upstream. [17:34] Daviey: you're preaching to the choir you don't have to convince me. :) I'm just thinking about the logistics [17:34] SpamapS: right.. I'd be much happier to just set it Fix Committed. [17:34] (which i have tooling to do already, if that is easier for you) [17:34] Daviey: it also needs verification-needed to help us know when its ok to send to -updates [17:34] SpamapS: right, i can do that aswell if you prefer [17:49] what's the latest kernel for Precise servers? [17:54] LoT: 3.2.0 as it will be for the next 6 years [18:15] Psi-Jack: do patches for bugs get applied to the kernel over time? [18:16] Security fixes and bugs, yes, there are patchlevels to the kernel Ubuntu provides. [18:16] also, would the Quantal kernel (after its released "stable") work on Precise (if I were to backport it) [18:16] i don't use backported kernels, ever. [18:43] SpamapS: any traction on those SRU's? [18:45] Daviey: I just now cleared my table to look at them :-/ [18:45] Daviey: I assume that this is high enough priority that its worthy of jumping in front of all the other SRU's waiting? [18:47] Daviey: so how about I jus spam bug 1041120 for all of them? [18:47] Launchpad bug 1041120 in nova "Meta bug for tracking Openstack Stable Updates" [Undecided,Confirmed] https://launchpad.net/bugs/1041120 [18:47] SpamapS: Well, there is a significant calling for this SRU. [18:48] SpamapS: spamming that one meta bug would be better IMO :) [18:48] Thats the only one that really will control the packages' progression into -updates [18:48] SpamapS: i will keep close eye on that, and the others.. just incase. [18:49] Daviey: where is the testing plan for these bugs? [18:49] hi, I installed nginx-full then removed it and deleted the /etc/nginx directory. Now doing an apt-get install nginx-full won't put the default configuration files there. Any hint ? [18:49] Daviey: err, s/bugs/updates/ ? [18:50] g0bl1n: thats intentional [18:50] g0bl1n: dpkg consideres a removed config file as something the administrator likely wanted [18:50] g0bl1n: apt-get purge nginx-full [18:50] SpamapS: ahh, let me try ;-) [18:50] g0bl1n: that will reset dpkg's tracking of the config files (and remove ALL data and configs) [18:51] SpamapS: I was doing a remove and autoremove. Not enough, ok [18:51] SpamapS: So.. We will be doing a full burn in a lab. I will put out a call for testing on upstream mailing list, and we've also had at least one partner offer to help test aswell [18:51] So.. more coverage than the previous SRU had. [18:51] Daviey: isn't that written down somewhere? [18:52] somewhere I can link to.. :P [18:52] SpamapS: yes [18:52] hmm [18:52] that might an isue for this moment [18:53] poor users will just have to trust good ol' Daviey's word ;) [18:53] Well as long as the results are documented I don't mind. [18:53] fools! [18:53] adam_g: do you know where that doc is? [19:02] ugh [19:02] the SRU queuediff script nearly crashed my browser opening all the nova bugs [19:04] Daviey: accepted all. UNLEASHE THE HOUNDS [19:06] SpamapS: [19:06] SpamapS: still getting errors after the purge [19:06] g0bl1n: you may need to purge *all* of the packages that own files in /etc/nginx .. 'dpkg -S /etc/nginx' [19:06] SpamapS: was 12.04.1 released? [19:06] * LoT seems to have missed 3 days fo announce emails, so.... [19:07] I have a question about configure ssl certs for a samba/ldap setup on an ubuntu server, is this the correct channel to ask it? [19:07] SpamapS: ah, nginx-common appeared. Purged. Now retrying [19:08] SpamapS: well done thankyou. Worked === LordOfTime is now known as TheLordOfTime [19:14] SpamapS: thanks! [19:20] * SpamapS sometimes wonders if dpkg's conffile handling is really worth it [19:21] TheLordOfTime: yes, 12.04.1 was released yesterday [19:21] TheLordOfTime: and your PHP SRU is awaiting approval [19:21] SpamapS: ah, wonderful. Thanks. === dendrobates is now known as dendro-afk [20:52] SpamapS: Houston, we have a problem [20:52]