[00:01] this only gives it read access then correct? [00:02] as long as you only do +r [00:03] the -R is recursive so it will effect everything under that directory too [00:03] still same error [00:03] really, can you do another ls -lsa /Shared/Share/Torrents/ pls? [00:05] http://paste.ubuntu.com/1189917/ [00:06] oops, sorry, I forgot that directories need the x permission too lol. sudo chmod -R +x /Shared [00:07] "Execute permission on a directory means you can list the files in that directory" [00:08] HEY [00:08] :) lookin better? [00:08] ? [00:09] no error now [00:09] thats a good start lol, can you access your media from other devices now? [00:10] lol no files to be found [00:10] but we are heading in the right direction [00:10] most definitely [00:10] I'll be back in just a few [00:10] ok ill play more [00:12] hallyn: found the problem, it's the sed call in pre-mount [00:12] hallyn: that's altering the config file and breaking everything... === arrrghhhAWAY is now known as arrrghhh [00:18] oApocalypse: I'm gonna head home from my datacenter, but I'm in this channel any time my laptop is online, so feel free to send me a PM if theres anything else I might be of assistance with [00:18] ok ty for your help [00:18] any time, gl [00:18] i need it [00:19] hallyn: well, will still need you to take a look... now the container gets created fine, starts/stops with lxc-start/lxc-stop just fine but can't get started from python/API [00:20] hallyn: it says the pre-mount hook failed to run, but adding some debug to the script, it clearly worked and returned 0 [00:20] oApocalypse, http://en.wikipedia.org/wiki/Filesystem_permissions#Notation_of_traditional_Unix_permissions <-- very helpful for me [00:20] adam_g: how do you setup horizon without the headache of keystone/nova to test your changes? [00:20] ty :) [00:20] np [00:21] hallyn: updated script at http://paste.ubuntu.com/1189928/, run as python3 script.py -o -k [00:21] hallyn: it should fail, then try to lxc-start the failed container, that should work fine [00:21] Daviey: i have no idea. i install the package on an instance on my local openstack cluster, and just update /etc/openstack-dashboard/settings.py to find the keystone server and everything else is magick [00:21] hallyn: lxccontainer.log doesn't tell me why lxc-start works and start() doesn't... my guess being that it's related to the hooks [00:21] adam_g: lardie-dah.. local cloud eh? very posh :) [00:21] hallyn: apparmor doesn't show any reject here, so it's unlikely to be that either [00:23] adam_g: yeah.. doing it at debuild -S time will always ensure that we have a correct css/js compression [00:23] Daviey: i dont follow [00:24] adam_g: one moment [00:24] * Daviey wishes he wasn't sat in the dark [00:29] Daviey, does thatbaically mean generating the css/jss compression in 'debian/rules clean' [00:30] smoser: well.. that is what i was checking.. i think so, yes [00:30] I wanted to see if there was another entry point. [00:30] http://www.debian.org/doc/manuals/maint-guide/build.en.html [00:30] yeah, i didn't see anything either. [00:30] i do think that i've seen unpatch called [00:30] or reverse-pathces or something [00:31] clean seems strange, but i think the abuse is reasonable. and you can have configurable to disable if you'd like [00:31] smoser: wait.. ./configure is often run.. is that via clean? [00:31] really? [00:32] that seems completely broken in a build source [00:32] I'm sure i had seen that on a few packages [00:33] hallyn: log when using lxc-start (working): http://paste.ubuntu.com/1189939/ [00:33] hallyn: log when using the API (failing): http://paste.ubuntu.com/1189940/ [00:34] smoser: rules clean, runs dh_clean, which runs dh_testdir [00:35] smoser: ahh.. scrub that, irrelevant.. i think what i have seen is 'broken' make files.. where "make clean" does a ./configure aswell [00:35] so handled by upstream, rather than packaging [00:37] smoser / adam_g: "clean target: to clean all compiled, generated, and useless files in the build-tree" lol... we want to do the opposite :) [00:38] Daviey: generating this stuff requires installation of node-less. [00:38] that would then make node-js a build dependency and we're back at square one, no? [00:43] adam_g: no, it's a source package creation requirement [00:43] not a build-dep [00:43] ie, you need it on your machine... but the buildd's don't [00:43] Daviey: ah, cool [00:44] Daviey: let me figure out a good way to ship this stuff, and then we can come up with a good way to generate it [00:44] smoser: what do you know of source format, 3.0 (custom)? [00:44] (perhaps overkill) [00:44] adam_g: ok, cool [00:48] smoser: ah, debian bug 246918 .. not quite what i hoped [00:48] Debian bug 246918 in dpkg-dev "dpkg-source may have an option to get .diff.gz from a custom source" [Wishlist,Fixed] http://bugs.debian.org/246918 [00:52] smoser: the definition made it sound ideal.. "This format is particular. It doesn't represent a real source package format but can be used to create source packages with arbitrary file" === arrrghhh is now known as arrrghhhAWAY [01:13] anyone familiar with minidlna [01:15] it appears to properly sharing the folders i have provided but it doesnt seem to be showing the contents of hte file [01:17] hallyn: AFAICT from the leftovers, the pre-mount script is actually run, the container is failing right after for some unknown reason [01:27] /win 26 === cpg is now known as cpg|away === n0ts_off is now known as n0ts === cpg|away is now known as cpg [02:23] stgraber: ok so the malforned rootfs was due to sed, but you're still having trouble? [02:23] hallyn: yep [02:24] hallyn: the resulting container boots fine with lxc-start but doesn't from the API [02:24] hallyn: I pasted the current version of my code and the lxc log for a working (lxc-start) and non-working (API) start(0 call [02:25] i saw the logs but missed the code [02:25] hallyn: http://paste.ubuntu.com/1189928/, [02:25] may be something i'm not executing in api that gets done in lxc_start [02:25] thx, looking [02:26] the good thing is that with all these tests, the API will be very well tested even before it gets merged upstream ;) [02:27] stgraber: so after you create one of these, even if you start a new python3, import lxc, and create a new Container() instance for that container, it still won't start? === dendrobates is now known as dendro-afk [02:28] correct [02:28] I tried with "import lxc; lxc.Container("name").start()" and it'd still return False with similar log entries [02:29] so it's apparently not something being messed up with the in memory structure [02:29] (or it's messed up enough that it gets back to the wrong state even when reading the config from scratch) [02:31] stgraber: i'ts not leaving a /var/lib/lxc/p1-ex274c behind for me to look at [02:32] (but destroy is commented out) [02:33] BTW - can i just say i HATE the python3 'print()' [02:33] hallyn: did you use -k? [02:33] hallyn: otherwise it'll get wiped out by the post-stop hook [02:36] no i didn't :) i just did this to easily look at the hooks :) [02:44] stgraber: looks like maybe an error in lxc_run_script(), bc i put 'exit 0' at the end, a print right above that to confirm we're getting there, but it still says returning error in container.log [02:45] * hallyn looks [02:48] yeah, that matches what I've seen here when trying to trace the hook to see where it failed (to notice it didn't actually fail at all and was run just fine) [02:48] oh, no [02:48] i'm doing it wrong. the 'c = lxc.Container("p1-ookuma')' already loads the config [02:48] then i re-load the cnfig [02:51] right, no need to call load_config on top of that, it'll just lead to duplicate network entries [02:53] stgraber: i note that lxc.mount is set to /var/lib/lxc/p1/fstab [02:53] (shouldn't matter) [02:54] yeah, I wasn't sure whether I wanted to mess with fstab at all, as it's supposed to be identical to the source anyway, might as well keep it pointing to the original one [02:55] stgraber: i think it's a bug in popen/pclose [02:56] building new lxc to instrument pclose [02:56] (racing against time, i must go in a few mins) [02:59] gr, compiler is getting downright fascist. fine so i redefined ret. what's it to you? [02:59] :) === dendro-afk is now known as dendrobates [03:03] hm, errno from pclose() is 'no child processes' [03:03] oh, that actually tells me exactly what the problem is [03:04] that totally sounds like my zombie handler in python3-lxc catching the SIGCLD before you do [03:05] right, so that's my fault then, will have to rethink how to deal with the zombie handler ;) [03:05] d'oh :) [03:05] i was worrying it was the way i was doing daemon(). [03:06] can we get the errno in the log? that'd have helped quite a lot in this case :) [03:06] yeah, trivial to do [03:06] do you have any other changes to queue up? [03:06] I'll have the python-lxc fix for that new found bug [03:07] so just stack it in python:lxc, I'll fix my bug and upload after that [03:10] pushed [03:10] good night [03:10] good night [03:10] (trying to test one more time as i did a 'cleanup' and you know how those go) [03:54] hallyn: confirmed that it's indeed the zombie handler that's at fault. Will try to think about some ways around it and likely poke you about it tomorrow. [04:08] hallyn: I'm actually wondering if start() should do the dual-forking, set a reasonable process name (showing up as python3 kind of sucks) and let init deal with the whole zombie thing [04:08] because python3-lxc being a python extension it seems pretty tricky to only process the sigchld coming from the container and nothing else [04:08] and ultimately the container doesn't depend on the parent process (when the python shell goes away, the container keeps running) [04:09] so doing the full daemonizing with the usual dual-fork + exit might actually make sense (and then see if we can set the name to lxc-start or something similar that's more meaningful than python3) === n0ts is now known as n0ts_off [04:52] <[snake]> Is it secure to put some files that you want to host on your web server in a file that's open(meaning it can be explored with the web browser because it doesn't have an index file) [04:52] <[snake]> ? === n0ts_off is now known as n0ts === n0ts is now known as n0ts_off === n0ts_off is now known as n0ts === n0ts is now known as n0ts_off === n0ts_off is now known as n0ts === dayangkun_ is now known as dayangkun === dendrobates is now known as dendro-afk [06:46] hi all === smb` is now known as smb [07:20] Hello [07:21] anyone install ubuntu on a dell poweredge 2800 before? [07:24] Kentos: yes as well as 1800 [07:25] im having some trouble with the install, i just bought it today, it already had a zentyal OS installed over Ubuntu, but im trying to get a fresh install and configuration for myself [07:26] basically boots right to zentyal [07:27] raid? specs please [07:27] I can get to the install from a Unetbootin USB, however it wants to check my cd-rom drive quickly after install begins [07:28] 2800, raid 5 on 4 drives, OS is currently on a seperate drive, total of 7 drives 4x 74gb 2x 36gb and one 9.1gb drive, I've not got a whole lot of info to be honest [07:28] well did you have it check the disc for errors? [07:28] the OS is on a 36gb drive, i believe the 4x 74gb are on a newer scsi raid adapter [07:29] ill run that quick ya, I wasnt quite sure where to go, ive only played with the server OS a handful of times before [07:31] going to take a second to boot up and into the USB [07:32] New bug: #1015033 in mysql-5.5 "mysqlhotcopy errors on databases containing MyISAM views" [High,In progress] https://launchpad.net/bugs/1015033 [07:32] ok, what were you gonna install? a base? or everything? === Kiall is now known as zz_Kiall [07:33] im looking to get the server on it, I don't want to mess around with whats already set up for an OS. not heard of the term base before [07:34] just want to install ubuntu server on it, and go throught the configuration, i printed off the ubuntu server manual and have a lot of coffee [07:34] alright into the usb and checking disc for errors === n0ts is now known as n0ts_off [07:35] it shouldn't take too long [07:36] went to auto boot lol, i dont have batteries for my keyboard on this comp, so i do quick switching from usb ports lol [07:40] ahhh i thought that might be it [07:40] md5sum is not right, ive tried downloading it multiple times now [07:41] tried the torrent, the odd thing is i always get the same hash, but its always the wrong one [07:41] well that sucks, try direct this time [07:41] oh i have twice lol [07:41] different locations? [07:42] its very odd, maybe a problem with chrome downloader [07:42] not sure how to navigate that file tree [07:42] download via ubuntu? [07:43] ill try it again, im DLing the 1386 version as the proccesor i believe is the 32 bit one for the 2800s [07:43] i386** [07:44] 645 MB, does that sound a bit low? [07:44] how much ram do u have? the 1800 was 64 bit [07:44] hmmm, i have 3gb roughyl on this one [07:45] you may be right that it can run it, but its an older version i believe that wouldnt support the dual core Xeons [07:45] im thinking its a v2 mobo === zz_Kiall is now known as Kiall [07:46] 645 is right [07:46] ya after some checking your correct on not supporting it [07:47] i keep getting hash check fails [07:47] even on the 64 bit iso i DLed [07:48] I may have to try a different browser [07:49] the new DL of the iso is about done, ill check it quick [07:50] yeah same hash as all the others [07:51] seems weird [07:51] its kinda wierd, im wondering if something is off here with my system, since its not downloading it right from anywhere [07:53] http://releases.ubuntu.com/12.04/ [07:55] yeah, this may take a minute [07:56] what I'm aiming to do with the server is to host websites, or possibly do some data storage for friends etc via a webpage if i can get that set up [07:56] mostly low traffick type of stuff [07:56] maybe even host some older games or something, I just want to see where i can go with it [07:58] seems like i might be able to get a deal on better processors provided the mobo can handle them, or atleast a second processor if all things go well [08:01] is there any drivers or anything i will have to get from dell? [08:02] I couldn't find a whole lot but might as well look again if ill need somethign [08:02] I never looked about drivers [08:02] if your serious about games, i'd just rent and save the hassle [08:03] yeah, i dont believe so, but i was prompted for drvier media on the bad boot usb, so it might not be a real issue [08:03] nah, im serious about getting a useful hobby [08:03] learning something I dont already know === n0ts_off is now known as n0ts [08:06] and if i do the data storage or website hosting it'll be for friends and family etc. do something for myself and offer what i can for my fam and friends [08:12] I might pass out, be warned sorry [08:12] no worries, thanks for the help so far. Im pretty sure its just a bad download issue for the iso file [08:12] I am converting windows server (attached to 6 windows clients) to two ubuntu servers. one is to be a router (dhcp, dns, firewall) for increased security. second is to be samba, apache, sql, raid. am I on right track? where can I find info? - have spent 2 months googling w/ no results. [08:14] I think samba is the file server type that you want for windows clients to access it, but im just starting to get my server going...not even off the ground yet so to speak [08:14] yes that is correct [08:14] but i believe the samba file serveri s the kind that is best for multiple types of OS's not sure why though [08:15] maybe the drive formatting? [08:16] samba just allows linux to talk to windows === n0ts is now known as n0ts_off [08:17] port protocols for the networking right? [08:18] i noticed windows using the samba ports for IGMP before, was curious about that [08:18] how is the dl going? [08:19] just finished and checking the hash [08:19] no go [08:20] very strange, not sure why this is happening [08:21] have a friend dl it for you [08:21] good thing to try i suspect [08:24] does samba have to handle dhcp duties for windows clients? [08:25] hmm, DLing an alternate at 692 MB file size, hopefully this is the right one, at lest something is different =P [08:26] couldn't say myself jimmy, maybe in a few months ill have the experience to help =/ [08:26] thx and have a great night/day! === Kiall is now known as zz_Kiall === zz_Kiall is now known as Kiall [08:38] samba is a protocol for file sharing [08:39] jimmy: http://en.wikipedia.org/wiki/Samba_(software) === n0ts_off is now known as n0ts === lifeless_ is now known as lifeless === n0ts is now known as n0ts_off [09:03] still can't get a real DL of the Iso lol. maybe i have to put it off for a few days === n0ts_off is now known as n0ts === n0ts is now known as n0ts_off === Kiall is now known as zz_Kiall [10:23] Daviey: ping === zz_Kiall is now known as Kiall [10:34] anyone up? Trying to get this install going on a dell poweredge 2800 [10:42] Kentos: 'sup? [10:45] does anyone know how you get a ar report from date to date? I know you can get a full 24 hours with sar -f /var/log/sa/sa29 -A for example.. but what if you wanted 29 - 04 or whatever [10:45] I know -e and -s manages times, but I havnt seen how to get a report spanning across more than 24 houts [10:45] hours* [10:47] trying to get this server installed with a new ubuntu OS [10:47] its seems it just won't go [10:50] I'd appreciate some help if anyone can. I thought it might be the hash check error but i found some posts stating the hash checks on the ubuntu page were not the right ones. So it would seem things should boot, but they don't === railsraider_ is now known as railsraider [10:59] zul: let me know when your here sir. [11:00] it appears that 2 files are missing from the quantum config :P === giro is now known as Guest81032 === Guest81032 is now known as giroo [11:05] hi all [11:05] is it safe to backport lxc from quantal to precise or should I expect some problems doing that? === cpg is now known as cpg|away [11:11] stgraber: you seem very active in lxc, maybe you have some insight into this? [11:13] i wish i could figure out what Im not doing to get this thing to boot properly [11:13] got me stumped [11:14] but I guess ill try again tomarow, later all [11:27] koolhead17: hey [11:27] Daviey: howdy sir :) [11:35] Daviey: how would you feel if I did a general call for testing of quantal on the ubuntu-server mailing list? not really tied to the beta but stating we are in the final run now so bug fixing is important - go find bugs! [11:37] jamespage: Always a good idea [11:37] :) [11:37] ack [11:40] zul zul zul zul [11:41] koolhead17: should be fixed in today's upload [11:41] zul: awesome. both the issues vncproxy and quantum one [11:41] :P [11:42] koolhead17: yep [11:43] cool === mcclurmc is now known as mcclurmc_away === mcclurmc_away is now known as mcclurmc === dendro-afk is now known as dendrobates === gary_poster|away is now known as gary_poster [13:16] giroo: quantal to precise is fine. I have these backports in ppa:stgraber/experimental and they'll be pushed to precise-backports once we're done pushing a bunch of changes to quantal [13:18] stgraber: cool, thanks [13:19] stgraber: can we expect one of your great lxc blog posts about what's all new in this cycle? [13:20] giroo: yep, I'm at least going to blog about the new API, then do one of these generic "what's new" blog post close to release time [13:20] stgraber: awesome :) [13:20] please keep up the great work [13:42] soren: ping [13:58] stgraber: now i can't recall... aren't there some apparmor issues still in precise which could cause trouble with quantal to precise lxc backport? [13:58] or were all of those fixed in precise? [14:00] hallyn: I think they were all fixed, at least nobody running my backports complained yet ;) [14:06] stgraber: cool [14:06] hallyn: did you see what I wrote yesterday about having start() do a dual-fork + exit to move the container as a child of init? [14:06] nope [14:07] so it is init and not python reaping? [14:11] stgraber: yeah... do you happen to know if daemonize() actually does that? i didn't think it did... [14:13] no, daemon(0,0) only clones once [14:15] hallyn: right, the idea is that if we make the container a child of init, I don't have to deal with the whole zombie situation in my code and it'd also make it consistent with what lxc-start -d does [14:15] stgraber: oh wait, I think the problem is I'm no longer doing setsid() [14:16] no, i am [14:16] stgraber: I'm doing setsid, so you shouldn't have to! [14:18] stgraber: do you have any reference for 'dual fork'? I don't see anyone doing that [14:19] root 16551 0.0 0.0 25236 2264 pts/8 S 10:14 0:00 | \_ /bin/bash [14:19] root 16907 0.1 0.0 60012 8788 pts/8 S+ 10:18 0:00 | \_ python3 [14:19] root 16909 0.0 0.0 0 0 ? Zs 10:19 0:00 | \_ [python3] [14:19] hallyn: ^ that's what I'm trying to avoid. This being the result of start() + stop() [14:20] stgraber: right, i understand. but setsid is supposed to do that [14:21] well, i guess i can try dual fork. it makes sense, i just don't see anyone doing it. [14:21] lemme spin off a branch... [14:24] hallyn: I have encountered dual forks before.. they ended up intermingling.. rather confusing.. i documented it here.. http://dual.forks.daviey.com/ [14:24] hallyn: I can't find any proper reference to it, though it's essentially what lxc-start does with -d at the moment as lxc-start itself exits after spawning the container in the background [14:25] stgraber: oh, well - it doesn't dual-fork, it just exits after the first fork. [14:25] in fact, i think i see now [14:26] we used to exit, now we wait for completion [14:26] so that (recent) change probably broke this. ok, tree almost ready for testing [14:27] Hi I am trying to create a vm with ubuntu-vm-builder and I am getting a 2012-09-07 15:24:31,485 ERROR : Process (['umount', '/tmp/tmpbBTW0f/dev']) returned 1. stdout: , stderr: umount: /tmp/tmpbBTW0f/dev: device is busy. [14:27] (In some cases useful info about processes that use [14:27] the device is found by lsof(8) or fuser(1)) [14:35] Daviey: btw, thanks :) [14:35] Question, I have now blocked all ports except for tcp/udp 2049 and I don't see any program listening to this port (using lsof -i), yet nfs v4 works. Can someone explain to me what I'm missing? [14:35] stgraber: well i pushed to bzr+ssh://bazaar.launchpad.net/~serge-hallyn/ubuntu/quantal/lxc/lxc-dualfork/, doesn't seem to help. [14:36] I'm still pretty sure the setsid() is supposed to do that for us anyway [14:36] so why isn't it... [14:37] wtf let's check ppid before and after. [14:38] * koolhead17 is happy [14:39] hallyn: hope it helps. [14:48] let's try using setpgid(0,0) i place of setsid [14:52] hallyn: I pushed the code change to python-lxc removing the reaper code to my git branch [14:53] stgraber: actually can you try the lxc-dualfork branch? Maybe I'm now failing for different reasons. [14:53] with that change, start() will work with hooks but you'll see the zombie processes if you stop a container (at least until you figure out why that's happening) [14:53] hallyn: yep, I can do that [14:53] no this doesn't make sense. sometimes ppid is 1, sometimes not (after dual fork) [14:54] must be racing with myself [14:55] yeah i think it's now actually working and my containers fail for a different reason [14:56] i STILL say setsid should keep your reaper from reaping the child, but... [15:00] hallyn: hmm, so using the dual-fork branch and after removing my reaper, I see that the container is now a child of PID 1 but I'm still getting a defunct child [15:02] stgraber: can you run that through strace ? [15:04] hallyn: http://paste.ubuntu.com/1190977/ [15:05] well, I guess it makes sense that the initial fork is still the child of the python shell... so I still need to reap that one... [15:06] or can we do that in liblxc? [15:06] as I'm not the one calling fork() it's a bit difficult to do the waitpid() [15:08] oh, yeah, i guess we can [15:08] so that is the firs fork that'z zombieing? [15:10] looks like it [15:10] yeah lemme reap that, one min [15:12] LSBInitScripts question: Required-Start means if facility is not running (even if it is not installed), service depending on it will not start? [15:13] raub: I believe that's correct. Though please note that Ubuntu doesn't use the LSB headers [15:16] stgraber: what does it use then? [15:17] stgraber: re-pushed to bzr+ssh://bazaar.launchpad.net/~serge-hallyn/ubuntu/quantal/lxc/lxc-dualfork/ . stab in the dark, but shoudl work [15:17] AFAIK, it does not use inserv, which is fine with me [15:17] raub: upstart uses the init jobs in /etc/init/ with their start/stop conditions instead. For sysvinit scripts in /etc/init.d, they just start sequentially depending on the runlevel (/etc/rcX.d/) [15:17] But the packages in question -- nslcd/nscd -- do not seem to be upstart-ready yet === dendrobates is now known as dendro-afk [15:18] hallyn: ok, testing [15:19] what fun. "start on runlevel [2345]\nexec reboot\n" [15:21] hallyn: looks like you killed all the zombies! :) [15:22] yay. and containers start? [15:23] stgraber: a bit of a bummer on the LSB headers though [15:24] hallyn: yep === arrrghhhAWAY is now known as arrrghhh === Hayate is now known as blackshirt [16:03] hallyn: only bit of code to port from shell to python is the fstab handling, everything else seems to be working great [16:05] stgraber: cool. you're going to grab the doublefork patch whenever you push? [16:05] I assume there's a git pull request coming my way too, so so as not to complciate things in your tree I"ll wait for that [16:06] hallyn: I'm still not sure whether I want to push the python rewrite in quantal, but I'll at least send you a pull request for it [16:07] hallyn: did you push the doublefork change to your git? that one I dion't have in mine [16:07] no i didn't [16:08] stgraber: do you want me to, or are you doing it? [16:09] hallyn: go ahead [16:09] rbasak, so... i'm pretty sure that i'm just SOL right now [16:09] with our ephemeral images. [16:10] k [16:10] i'm not sure what would have broke them (they previously worked), but now this issue with mounted / coming before virtual-filesystems (and udev) is just really screwing me. [16:10] Is there an easy way to overwrite a function within a class, with a new function? I can't just curry it with a new function because there are references to this in other libraries I don't want to edit. eg, I want to do something like [16:10] requests.get = functools.partial(requests.get, timeout=0.00001) [16:11] wrong channel, my bad [16:31] Daviey: uploading a new snapshot this afternoon [16:33] utlemming, I'm guessing you probably won't be fixing bug 928990 for quantal? [16:33] Launchpad bug 928990 in cloud-init "fsck / dirty filesystem on instance is death" [High,Triaged] https://launchpad.net/bugs/928990 [16:34] jamespage: I'll be building a rescue image for that, but no, we're not going to fix that in instance. [16:34] jamespage: that is in the cloud image roundtable blueprint. We talked about options and thought it best to just a rescue volume [16:34] utlemming, is that a 'Won't Fix' then? or should we leave it open for the future? [16:35] yeah, I'll put something in the bug there [16:36] I currently have Postfix set up with both Amavis and SpamAssassin on 12.04, based on the Server Guide. I want to use user preferences with SpamAssassin, which apparently the version of Amavis in the repos for precise doesn't support. How would I go about removing Amavis from the mix and just having Postfix call SpamAssassin directly? === Kiall is now known as zz_Kiall [16:37] is the server team aware that PHP 5.4.4 and greater (which would include the 5.4.6 in Ubuntu) listens by default on a UNIX socket instead of a TCP listener? [16:38] and that it may impact other applications/packages which use PHP's configurations? [16:38] Hi all, can anyone explain if this log entry is normal behavior or if it is indicating a problem? Sep 7 08:02:33 rarch-002 sshd[5335]: Connection closed by 10.30.0.123 [preauth] [16:41] zul: cool [16:44] TheLordOfTime: Why would php listen on a socket? [16:44] Unless you tell it to do so? [16:45] you don't read the changelogs much, i guess, because in 5.4.4 it was patched to automatically have that as a default config option [16:45] was wishlisted in both Ubuntu and Debian, was fixed in both. === zz_Kiall is now known as Kiall [16:45] s/fixed/implemented/ [16:46] i wrote the patch, i'd know. [16:46] having said this, if the server team thinks that should change, they only need to remove a single patch from the package. [16:47] No, I don't read changelogs much. I've got about 590 packges on an average server. I've got more to do than reading those changelogs :) [16:47] :P [16:48] SpamapS: ^ i assume you were aware of the php listening on unix sock default change? [16:48] well, that changed the default configs, though, so webserver documentations might need updating [16:48] hallyn: very aware [16:48] https://bugs.launchpad.net/ubuntu/+source/php5/+bug/900620 [16:48] Launchpad bug 900620 in php5 "Possible Bug: php5-fpm does not listen on a socket by default" [Wishlist,Fix released] [16:48] SpamapS was integral in helping get that patch to Debian [16:48] SpamapS: jolly good [16:48] TheLordOfTime: are you talking about php-fpm ? [16:48] SpamapS: aye [16:49] SpamapS: specifically -fpm [16:49] TheLordOfTime: right so upstream followed suit then? [16:49] SpamapS: not sure if upstream did, i know at least Ubuntu users are getting that patch implemented [16:49] SpamapS: i'd have to dig around in upstream [16:49] atm, i'm fighting PHP 5.4.6 on this system right now, so... [16:49] TheLordOfTime: I had read somewhere that some high-intensity tests revealed that it was actually slower because of some kernel locks around unix sockets that had been optimized away in AF_INET [16:49] * TheLordOfTime kicks the PHP source code. [16:49] SpamapS: then should the patch be removed? [16:49] * SpamapS will probably never be able to find that article again tho [16:50] TheLordOfTime: no, AF_UNIX should be fixed :) [16:50] :P [16:50] SpamapS: the only reason i remembered the change is because someone in #nginx was running PRecise server and was using QUantal level PHP [16:50] (5.4.6 at least) [16:50] they were complaining about the upgrade breaking their setups [16:50] and i remembered that patch/change, so... [16:51] i'm itrying to track down changelogs now, SpamapS, for upstream source, see if they implemented it or not there. [16:52] TheLordOfTime: the upgrade shouldn't break anything.. we did that as the default in 11.10 IIRC [16:52] SpamapS: it was implemented in 5.4.4 of PHP, 11.10 had an older version [16:53] 5.4.4 wasnt synced to Precise before freeze [16:53] so the changes made it to Quantal [16:53] not Precise [16:53] so 11.10, 12.04 are both still using the original default listener, 127.0.0.1:9000 [16:53] SpamapS: and the implementation was only in Debian and Ubuntu [16:53] (Upstream didn't adopt the change) [16:54] right [16:54] ok so this might warrant a NEWS item [16:54] mhm [16:54] i'm going to put a note in my blog, that'll aggregate on planet.u.c, so... [16:54] I recall now that there was no need for a NEWS entry for Debian because they had not shipped php5-fpm in squeeze [16:55] TheLordOfTime: how about opening a bug and making a patch to debian/NEWS? [16:55] and perhaps release notes too [16:55] SpamapS: can i post on my blog first? I've been working on the post for 10 minutes, and am on a roll. [16:55] quantal is a good time to make these changes.. but we need to call them out [16:55] i'll make the bug shortly afterwards, the patch is only in Quantal we're targetting? [16:56] s/patch/news change and release notes change/ [16:56] TheLordOfTime: I'd recommend linking to the bug in the blog post (perhaps as an update after the fact) [16:56] that's what i plan on doing :P [16:56] TheLordOfTime: thanks for helping out with PHP. :) [16:56] yep [16:56] SpamapS: still waiting on that SRU to go through, but... [16:56] :P [16:57] i'm not whining, i've got the patched version already running via a PPA, so.... [16:58] TheLordOfTime: SRU team has been busy w/ 12.04.1 and then beta1 .. only a couple items in front of it now. [17:02] indeed. [17:02] as i said, i'm not complaining, i'm running a patched version already :p [17:09] SpamapS: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1047520 [17:09] Launchpad bug 1047520 in php5 "NEWS and release notes need updating" [Undecided,New] === mcclurmc is now known as mcclurmc_away [17:09] probably forgot to set a status other than "New" though... [17:09] *shrugs* [17:09] there we go, "In Progress" [17:10] TheLordOfTime: targetted at Quantal [17:11] TheLordOfTime: Once you have the text figured out, we can add it to the bug description and open a task against ubuntu-release-notes [17:13] SpamapS: alrighty, i assume that I don't need to include a debdiff detailing the changes, but rather I should just figure out the wording and post that? [17:14] TheLordOfTime: a debdiff or merge proposal against lp:ubuntu/php5 would be a lot easier to sponsor in :) [17:14] true. [17:14] that's dependent on whether this system explodes or not... [17:14] its been close to dying a lot lately [17:17] SpamapS: oh, a bug needs to be filed against phpmyadmin, if not already filed against it, which changes its fpm configuration options (was reading through the Debian bug on that initial Wishlist bug that changed things) [17:18] ... oh snap, i'm going to be late for class... [17:18] TheLordOfTime: thanks for the tip, go go go [17:20] SpamapS: before i run, where in debian/NEWS should i put the note about the changes, in the 5.4.4 section(s), or in a new entry? [17:22] hallyn: sent a pull request your way [17:22] hallyn: this includes the new lxc-start-ephemeral [17:22] stgraber: nifty [17:22] btw i tried to do a git-send-email from my mail server, but lxc-devel didn't like that address. [17:23] I'm not about to send 100 patches by hand to the m-l, so we'll just have to hope Daniel is ok with the github workflow [17:23] SpamapS: oh hang on... [17:23] SpamapS: already in NEWS: http://paste.ubuntu.com/1191228/ [17:23] * TheLordOfTime runs at insane speed to class [17:24] hallyn: I think he'll be, otherwise I'll figure out a way to get the 100 commits to the ML, but I'm not sure everyone will like that :) [17:25] hallyn: any thoughts on registering an lxc "project" on github so we can have a shared staging branch on there? That way whenever one of us has something to push, we can just send a pull-request to that branch and the other can review [17:26] FWIW Daniel seemed happy to have an official staging branch that he can easily pull from and I believe having it on github would make it much more accessible to other contributors [17:26] stgraber: i'd be happy with that [17:26] ok. I'll try to figure out how to do that then [17:26] stgraber: one issue with lxc-start-ephemeral, [17:26] you're hardcoding some paths [17:26] which other scripts set through '@LXCDIR@' etc, [17:27] i.e. lxc-start-ephemeral should probably be lxc-start-ephemeral.in ? [17:27] (i've already merged your request) [17:28] hallyn: oh yeah, that'd make sense [17:28] hallyn: did you see anything besides /var/lib/lxc? [17:28] hm, i'm really not sure about the ordering after commits after a pull request. i may have to install gitk to get a closer look [17:28] checking === arrrghhh is now known as arrrghhhAWAY [17:29] stgraber: no only htat one [17:31] ok, I'll reduce the use of it even more, then turn the script into a .in for the remaining one [17:33] stgraber: cool, thanks. shout when a new pull requeset is ready [17:33] (my laptops are all busy trying to reproduce odd bugs) [17:36] hallyn: hmm, do we actually have a variable for /var/lib/lxc? LXCDIR is only defined in lxccontainer.h [17:39] stgraber: stgraber I think '@LOCALSTATEDIR'/lib/lxc - at least that seems to be hardcoded in some places [17:40] LXCPATH [17:40] (@LXCPATH@) pretty sure that's it [17:42] hm, my laptop has precise-backports enabled. i didn't think i'd enabled those [17:44] hallyn: that's been on by default i think [17:44] for a while... [17:44] hallyn: it's enabled by default but packages won't auto-install/auto-update from it. You need to specifically pull a version from it [17:45] ah, ok [17:45] was hoping that might explain why apt insists that 'tk', which is in main, cannot be authenticated [17:55] -dest_path = tempfile.mkdtemp(prefix="%s-" % args.orig, dir="@LXCPATH@") [17:55] +dest_path = tempfile.mkdtemp(prefix="%s-" % args.orig, dir="${localstatedir}/lib/lxc") [17:55] hallyn: ^ do you know how to tell autoconf to fully expand these? [17:55] stgraber: just the '@LXCPATH@' should do it... not working? [17:56] hallyn: looks like in the shell scripts we have an extra localstatedir=@LOCALSTATEDIR@ line to workaround that problem, but that's not of much help with python [17:56] hallyn: @LXCPATH@ is expanded to "${localstatedir}/lib/lxc" not "/var/lib/lxc" [17:56] ah [17:58] stgraber: those get expanded in Makefile.am, maybe the thing to do is make a new define which does the right thing for python === arrrghhhAWAY is now known as arrrghhh [18:12] hallyn: Makefile.am seems to expand them before setting them in the cflags, though I'm not sure how that'd help for python... I guess I can simply add an extra target that does a sed though... [18:16] stgraber: sorry - actually look at configure.ac [18:16] jsut add a python_lxcpath variable in there, and use proper python in the text in that one [18:17] oh, yeah. sed would work too i guess [18:17] Daviey: when you have a second.... what is th best way to get bug #1044318 moving? i assume its too late to upload a new version into quantal (assuming the fix is debian, to begin with). should i apply the fix to quantal package as a patch to get it fix released there, and start the SRU process for the precise package? [18:17] Launchpad bug 1044318 in quantum "pre-1.5 OVS has trouble with floating ips when pinging from the same box" [High,Confirmed] https://launchpad.net/bugs/1044318 [18:18] adam_g: well, it needs to be fixed in Quantal to start with, regardless [18:18] adam_g: diff looks SRU-able IMO. [18:18] as a patch [18:19] Daviey: yeah, no problem on the SRU. im wondering how to get it fix released in quantal. if the fix is included in debian, is it to late for another merge? or should it just be carried as a patch in Q? [18:19] Is it ok to encrypt your home directory if Ubuntu server is going to be an apache server? [18:20] adam_g: it's not too late for another merge, no [18:20] I wanted to have docroot in that users home dir [18:20] adam_g: if the merge introduces features, it should be signed off first tho [18:20] but bug fix merge is fine [18:20] Daviey: okay, ill see whats what in debian [18:23] Anyone good with Apache? [18:23] I'm in need of some help. =( [18:24] !ask [18:24] Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience [18:24] well [18:24] an encrypted home won't work well with apache serving it [18:24] you will need a freetext storage area for web [18:25] just reconfigure apache to use another place to store home websites [18:25] Why won't it work? [18:25] serving from encrypted homes won't work well, period [18:26] because the user needs to be logged in for the storage to be available [18:26] which is really the reason for encrypting things [18:26] If the user is user1 and the application runs as root? [18:26] I didnt code this application and I know it shouldnt run as root but that is how it is now (atleast in testing) [18:27] root can't decrypt a user's encrypted home [18:27] But it seems to be working [18:27] log out [18:27] and it won't [18:27] ? [18:27] This is on Ubuntu server [18:27] yes [18:27] I"m sudoing from the user to run this application as root [18:28] reboot the machine and sudo into the user with an encrypted home, and you won't find shit [18:28] that's what encrypted home is about [18:28] it's safe with the user [18:28] not root [18:29] so use another place for storing things exposed to the net [18:29] Ok so I may have to create a new user and then move the docroot [18:29] Don't know why it is working [18:29] or just put the docroot in like /var/www [18:30] not in the encrypted /home [18:30] Daviey: so, debian is not any more recent than we are (1.4.2+git20120612-9), dan just mentioned a new stable upstream release (1.4.3) came out last night. is it acceptable to update to that in Q, ahead of debian? [18:31] Should that user own those directories [18:31] 755? [18:31] joemyfriend: docroot is irrelevant, home directories can be set somewhere else [18:31] Sorry, I'm only worried about apache. I understand [18:32] joemyfriend: and it doesn't matter what permissions you set if the home directory is encrypted [18:32] indeed joemyfriend. i would put docroot somewhere else other than /home if you use encrypted /home's [18:33] Web apps shouldn't run as root rigth? [18:33] www-data usually [18:33] This dev is annoying me [18:33] joemyfriend: [18:33] that's the default [18:33] in userdir.conf [18:33] choose another directory for that [18:34] web apps run as www-user [18:34] by default [18:34] running web apps as root isn't very smart [18:34] Agreed. developer is insisting that is ONLY way to go [18:35] Another ? [18:35] www-data, not -user, sorry [18:35] joemyfriend: can you spell RTFM? [18:35] ? [18:36] oh noes [18:36] read the f***** manual [18:37] Does an alias directory have to exist or is it like a link (think ln)? so can I alias for /var to /home/username/webdata when there is no /var? [18:38] Sorry I haven't been working with apache in years (10 to be exact) [18:40] Can I alias for a directory that doesn't exist? FYI I'm restoring this application from an older box with a different configuration [18:41] hallyn: sent updated pull request: https://github.com/hallyn/lxc/pull/5 [18:42] smoser: failed to get https://maas.ubuntu.com/images/query/quantal/ephemeral/released-dl.current.txt [18:42] remote query of https://maas.ubuntu.com/images failed === arrrghhhAWAY is now known as arrrghhh [18:43] utlemming, ^ [18:43] do you know anything about that [18:43] adam_g: I'd be happier if quantal shipped a release rather than a snapshot. :) [18:43] Daviey: meaning what? jump the gun with a new orig.tar.gz? the snapshot comes from debian. [18:44] smoser: I have touched nectarine's MAAS code/generation/process yet [18:44] adam_g: take note that the DM is well integrated into upstream, i'd expect a new Debian version shortly === arrrghhhAWAY is now known as arrrghhh [18:44] adam_g: I'd be tempted to shoot an email to the DM asking if he has plans [18:44] smoser: but I don't see any quantal images being built there [18:45] RoyK, Thanks 4 ur help [18:45] ah. you're right. roaksoax we have not built any quantal [18:45] utlemming, sorry. i was afraid fallout of move off nectarine [18:45] smoser: ah! that is it then [18:45] smoser, roaksoax: I hope to have some EOD, but no promises there [18:46] smoser: I wanted to make sure I understand the process before I move that off...and I will absolutely get your sign off before I migrate the MAAS generation [18:49] Daviey: i think we're on our own for the new stable release. #openstack-dev, if interested. === arrrghhh is now known as arrrghhhAWAY [18:51] stgraber: still using /var/lib/lxc? [18:51] (s'ok, it can get straightened out later) [18:51] hallyn: hmm, the last commit should be fixing that... === cpg|away is now known as cpg [18:52] hallyn: or not... looks like I messed up my commit [18:52] canceling the pull request, will fix [18:52] too late actually ;) you already merged it [18:52] hallyn: gah, dammit. [18:52] err, adam_g [18:52] adam_g: Okay, just cherry the patch to Quantal for now, to unblock the SRU [18:53] we'll evaluate the stable solo effort next week [18:53] stgraber: i pulled, but didn't hten push [18:53] Daviey: i should ignore? [18:53] hallyn: Yes, wrong nick.. sorry [18:53] stgraber: oh no, i did [18:55] hallyn: there you go: https://github.com/hallyn/lxc/pull/6 [18:56] stgraber: yup got it, thanks [18:56] stgraber: it's all very unfortunate :) we should probably look for a better way [19:13] hallyn: https://github.com/lxc/lxc/commits/github/staging [19:13] hallyn: that's the new staging tree [19:14] hallyn: these last two "merge" commits seem to be messing quite a bit with the history... will see if I can fix that somehow [19:18] stgraber: cool. teams :) [19:18] thanks [19:39] hallyn: oh, fun, our branch doesn't actually apply on the upstream git ;) [19:39] how can that be? [19:40] apparently some of the apparmor stuff merged upstream doesn't match what we have in the branch [19:40] I'm attempting a rebase now to try and sort out that mess [19:44] stgraber: that's true, but the apparmor stuff in upstream git should be what's in my lxcgit [19:45] hallyn: it's close but not quite [19:45] could thing i haven't yet further complciated it with selinux implementation [19:45] and smack [19:46] hehe [19:55] zul: thoughts on making OVS the default quantum plugin ? [19:56] Daviey: ^ === cpg is now known as cpg|away [19:59] Isn't it rather late in the game? [20:00] ScottK: considering the package is entirely unusable at this point, i dunno? in addition to the fixes i'm working on, i thought maybe it'd be a good idea to provide a default that at least provides a running service after installation [20:00] In that case, I guess not. Didn't realize it was that broken. [20:01] adam_g: oh, most certainly [20:01] OVS should always be the default plugin [20:01] it can be used everywhere. [20:12] adam_g: it should be in a better state in the ci testing [20:12] zul: no, its broken [20:13] adam_g: and im ok with ovs as the default [20:13] adam_g: borken as in how? [20:16] zul: what ive fixed so far: http://paste.ubuntu.com/1191538/ [20:17] adam_g: cool just wondering [20:20] adam_g: im going to be uploading rest of the snapshots tonight [20:20] zul: okay, ill hopefully have this working better out of the box by then [20:20] adam_g: coolio [20:20] Daviey: https://code.launchpad.net/~gandelman-a/ubuntu/quantal/openvswitch/lp1044318/+merge/123350 [20:23] adam_g: perfect upload [20:23] adam_g: do you need sponsoring ? [20:28] Daviey: i believe i do [20:28] zul: is quantum-plugin-dhcp-agent supposed to have a corresponding quantum-plugin-dhcp package? i see a .insatll for it, but its not in d/control [20:29] adam_g: its suppose to === arrrghhhAWAY is now known as arrrghhh === arrrghhh is now known as arrrghhhAWAY === gary_poster is now known as gary_poster|away === cpg|away is now known as cpg [22:18] anyone noticed an issue with umount, and unmounting kerberos/nfs shares? [22:19] i've got an issue where umount doesn't recognize that a folder contains a mounted share, so i can't shut down completely because it can't unmount... === cpg is now known as cpg|away === cpg|away is now known as cpg