[08:14] <Kingsy> guys, is it possible to setup a proxy server without doing ssh dynamic port forwarding?
[08:15] <Kingsy> its just a little annoying that if I want to route through my server I need to open an ssh connection each time..
[08:15] <Kingsy> what about if I wanted to do it on a windows machine for example.. using putty each time is just unrealistic
[08:16] <greppy> Kingsy: you could use plink on windows.
[08:17] <Kingsy> greppy: its still a bit annoying.. there is no way og having a service running?
[08:17] <Kingsy> of**
[08:17] <greppy> you might be able to, you could also run tinyproxy or squid on your server instead.
[08:18] <SpamapS> Kingsy: what kind of proxy?
[08:18]  * SpamapS curses his insomnia
[08:19] <Kingsy> SpamapS: basically just a proxy that would allow me to route http through my server
[08:19] <SpamapS> Kingsy: and re using putty.. its a single self contained binary...why is that unrealistic?
[08:19] <Kingsy> SpamapS: because a friend of mine wants to use and, and he is not computer literate
[08:19] <SpamapS> Ah, for that, there's OpenVPN
[08:20] <Kingsy> so to have a service running on the server from which you could enter the details into chrome, then just turn the proxy on and off with a couple of clicks
[08:20] <SpamapS> several decent frontends for windows
[08:21] <Kingsy> tinyproxy actually looks like what I need
[08:30] <Kingsy> ok now, general sys admin questions. If you have installed a service.. its running but you want to see if its listening on the port you set.. what is the best way?
[08:30] <SpamapS> netstat -tnlp
[08:31] <SpamapS> thats "tcp, no dns lookups, listening, show me the [p]rocess owning the socket"
[08:31] <SpamapS> Kingsy: sudo will likely be needed
[08:31] <Kingsy> worked nicely
[08:32] <Kingsy> hmm it says access denied.. but I added the damn ip to the list of address in the config
[08:33] <Kingsy> greppy: have you used tinyproxy before?
[08:33] <greppy> Kingsy: yeah, but it's been a while.  I think it defaults to localhost only.
[08:34] <Kingsy> greppy: yeah it does, but I added "Allow some.ip.address.home    <-- to the conf file
[08:34] <Kingsy> restarted and it still says access denied.. which is odd
[08:34] <Kingsy> greppy: got any debugging tips?
[08:35] <greppy> check for a listen or bind statement.
[08:35] <Kingsy> greppy: what do you mean?
[08:35] <Kingsy> I can see tcp        0      0 0.0.0.0:1099            0.0.0.0:*               LISTEN      -  which is the port I set it up to listen on
[08:36] <Kingsy> however when I    host:1099 in a browser it says    The administrator of this proxy has not configured it to service requests from your host.
[08:38] <Kingsy> greppy: I assume, if I wanted to connect to it, I should use the computers external ip that I want to connect with and stick it in the config as "Allow the.external.ip.addr"  right?
[08:38] <greppy> the allow should be the IP of the remote system.
[08:39] <greppy> ( I think )
[08:39] <Kingsy> by remote system you mean the ip of the computer that is attempting to connect to the proxy?
[08:39] <greppy> yes
[08:40] <Kingsy> hmm I did that.. no joy
[08:41] <SpamapS> Kingsy: make sure tinyproxy isn't doing reverse DNS lookups
[08:41] <DarkStar1> does anyone know how to allow writeable chroot in vsftpd
[08:41] <DarkStar1> ?
[08:41] <Kingsy> SpamapS: how would I do that?
[08:41] <SpamapS> Kingsy: read the manual mostly :)
[08:42] <DarkStar1> I thought that: allow_writeable_chroot=YES would fix that but it just causes 500 errors
[08:42] <SpamapS> ok time to go start attempt #3 at sleep
[08:43] <DarkStar1> Sleep? What is sleep?
[08:43] <DarkStar1> ;|
[08:50] <Kingsy> SpamapS: ok I got it working.. what the hell.. its REALLY REALLY slow
[08:51] <Kingsy> greppy: ^^
[08:51] <Kingsy> like 20 seconds to load google
[08:51] <Kingsy> could it be cos I am using foxy proxy?
[08:54] <Kingsy> nope looks like its just really slow in general
[08:55] <Kingsy> poo
[08:58] <greppy> Kingsy: the max upstream bandwidth for the remote system is as fast as the connection will be.
[08:58] <Kingsy> greppy: well put it this way. its fast as hell when you connect via ssh -D
[08:59] <greppy> There may be some settings you can tweak.
[09:00] <Kingsy> such as settings in tinyproxy? what would you recommend? I wouldnt even know how to pinpoint why its going slow
[09:01] <DarkStar1> anyone?
[09:01] <greppy> I don't know off the top of my head, I would have to check the configuration and man page, and I don't have time right now.
[09:17] <Kingsy> ok np
[09:35] <radish> hi
[09:37] <radish> I'm trying to addapt our current preseed for ubuntu 10.04 server to ubuntu 12.04. The setup stops at the 'detect keyboard layout?' dialogue, allthough I did change "d-i console-setup/layoutcode string de" to "d-i keyboard-configuration/layoutcode string de". "d-i console-setup/ask_detect boolean false" is configured as well. Does anyone know, why this is?
[09:45] <xnox> radish: are you preseeding desktop/ubiquity or server/mini.iso ?
[09:48] <radish> xnox: we are using a local repository with the server-kernel. Live-session is provided by the netboot image (http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/) <- netboot.tar.gz
[09:51] <Kingsy> greppy: don't suppose you are going to have any time today to give me a hand? I am gonna be kicking around for a while
[09:52] <xnox> radish: compare with http://d-i.alioth.debian.org/manual/example-preseed.txt
[09:53] <xnox> radish: you want locale & keymaps-at?!
[09:54] <radish> xnox: we want english locale with support for the german one, using german timezone and keyboard layout. As stated, it works with lucid without problems
[09:54] <AdvoWork> ive edited /etc/exports but do i have to do: sudo /etc/init.d/nfs-kernel-server restart  or: sudo exportfs -a   or both?
[09:55] <RoyK> AdvoWork: exportfs -r
[09:56] <RoyK> -a will attempt to export everything regardless of whether it's exported already or not
[09:56] <RoyK> -r will re-export
[09:56] <RoyK> restarting nfs-kernel-server is major overkill ;)
[10:08] <cluelessperson> clear
[10:08] <cluelessperson> lol
[10:08] <cluelessperson> It seems to me that ubuntu is getting worse.
[10:12] <cluelessperson> I'm worried.  I love ubuntu. :P
[10:18] <AdvoWork> RoyK, thankyou
[10:42] <eagles0513875_> hey ikonia have you ever worked with the postfixadmin web panel
[11:21] <AdvoWork> anyone know the system requirements for disk space for server 10.04? it says 1GB with all tasks installed, that seems really low
[11:21] <AdvoWork> ahh thats ram, i miss read
[11:22] <AdvoWork> on no, i miss-re read miss re read lol, it is 1GB they recommend for HDD. Thats low?
[11:34] <TJ-> AdvoWork: Sounds about right to me. Although, once it's up and running you may want to use a separate LVM LV or partition for /var/ since that's the one that will grow
[12:20] <Phule> Hi. I dont know if I'm in right channel. I need help with correcting gateway/firewall or webserver settings. Depends on whats wrong in my case.
[12:20] <Phule> I'm running 2 ubuntu servers. One as gateway/firewall and another as webserver. Until now all was OK. But I need to access my webserver with both internet connections I've got. Webserver is answering on one but cant make it to ansver on second.
[12:22] <rbasak> Phule: this is non-trivial
[12:22] <rbasak> Phule: see http://lartc.org/howto/lartc.rpdb.multiple-links.html for a guide
[12:23] <rbasak> Phule: personally I'd find a way of not needing to do that.
[12:23] <Phule> rbasal: I've tryed this already :(
[12:23] <rbasak> If you don't follow exactly why it's complicated and understand the details of what the guide is doing, you're really going to struggle
[12:26] <Phule> rbasal: I'm surely overlooking something really easy. But cant find out what it is.
[12:27] <Phule> rbasak: I'm surely overlooking something really easy. But cant find out what it is.
[12:28] <rbasak> Doing this is far from easy. The easy route is to find another solution to your problem which does not require this.
[12:29] <TJ-> Phule: Are you talking about bonding 2 separate internet interfaces (each with their own IP address) ?
[12:30] <TJ-> Phule: If you simply want to route back out on the same interface the request arrived on, you need to engage in some packet marking and use additional routing tables
[12:32] <Phule> TJ-: Each internet line is connected to separate ethernet card in gateway. Yes I only need to make the webserver ansver thru same interface as the request came on.
[12:33] <TJ-> Phule: I did that some time ago. My memory is rusty. Let me take a peek on that gateway, see if I can remember the steps
[12:37] <TJ-> Phule: I can see the rules in the additional routing tables, but I can't find the set of instructions I used to create them. I need to dig deeper into the server start-up scripts
[12:42] <Phule> TJ-: check the query
[13:24] <kobe893> heey
[13:24] <kobe893> heey
[13:40] <koolhead17> ejat: poke
[13:40] <ejat> koolhead17: poke u back
[13:40] <koolhead17> ejat: all set?
[14:26] <Yann2> hi! Is it ok to deploy a /etc/resolv.conf file with chef/puppet on ubuntu-server? I'm unsure because of this resolvconf software...
[14:28] <patdk-wk> yann2, yes, as long as you don't just deploy it, first REMOVE resolv.conf, then write a new one
[14:28] <patdk-wk> if you just overwrite it, it will follow the symlink, and that will get killed via resolvconf
[14:33] <Yann2> interesting I'd need to ask chef people :)
[15:28] <Daviey> is it just me, or has kexec been broken lately ?
[15:28] <Daviey> (quantal)
[15:47] <hallyn> zul: have you recently been able to use openvswitch in precise?
[15:48] <zul> hallyn:  i havnet
[15:48] <zul> hallyn:  why?
[15:48] <hallyn> uh, have you tried and had it fail recently?
[15:48] <hallyn> bc i'ts not working for me
[15:48] <zul> hallyn: nope
[15:48] <zul> hallyn: check with adam_g
[15:49] <hallyn> zul: ok, thanks
[15:49] <zul> hallyn: not working as in how?
[15:50] <hallyn> as in i connect two instances with a gre tunnel, but nics joined to the ovs bridges on the two machines aren't able to talk to each toerh
[15:50] <hallyn> was working for me a month or two ago
[15:51] <hallyn> will keep trying then i guess file a bug
[15:51] <zul> hallyn: interesting
[15:51] <hallyn> adam_g_: ^ have you recently had success with ovs on precise?
[16:27] <DarkStar1> I'd like to perform backup twice a day: is this crontab line command correct: 05 2/0-23 * * * root    mysqldump -u root?
[16:28] <DarkStar1> specifically the hour column
[16:28] <TheLordOfTime> shouldn't you be dumping the data to somewhere...?
[16:28] <TheLordOfTime> rather than just dumping to nowhere...?
[16:28] <DarkStar1> I am. I just grabbed the first half
[16:28] <TheLordOfTime> ah
[16:28] <DarkStar1> of the line
[16:28] <TheLordOfTime> my mistake :)
[16:29] <SpamapS> DarkStar1: the first column is the minute of the hour
[16:29] <SpamapS> DarkStar1: so should be something like 0 */2 * * *
[16:30] <TheLordOfTime> mhm
[16:30] <DarkStar1> aah ok
[16:31] <DarkStar1> SpamapS: I read that as every half hour
[16:33] <DarkStar1> shouldn't it be * */2 * *I read that as: every minute, everyhour, evverydayof month/2 and every  month of year
[16:34] <SpamapS> DarkStar1: * */2 * * is *every* minute of every other hour of every day of every month
[16:36] <DarkStar1> SpamapS: sorry my mistake (again) I guess I want * * */2 * *
[16:36] <DarkStar1> for twice a day
[16:37] <DarkStar1> hang on. BEst go read that one again
[16:37] <SpamapS> DarkStar1: twice per day would be * */12 * * *
[16:37] <TheLordOfTime> no, the format is: minute hour day month year
[16:37] <SpamapS> err
[16:37] <SpamapS> no
[16:37] <SpamapS> DarkStar1: 0 */12 * * *
[16:38] <TheLordOfTime> so 0 for the minute, */12 for every other hour, * for every day, * for every month, * for every year
[16:38] <SpamapS> */12 is basically at midnight and noon
[16:38] <SpamapS> you can also pick the hours, like   0 4,16 * * *
[16:38] <TheLordOfTime> SpamapS, couldnt you use 0 0,12 * * * as well?
[16:38] <TheLordOfTime> or similar ;P
[16:38] <SpamapS> right
[16:39] <shauno> was about to say, I'd personally go for 0,12 (or similar) just to be a bit less opaque
[16:39] <TheLordOfTime> mhm
[16:39] <TheLordOfTime> i use 0,12 on my twice-a-day cronscripts
[16:39] <DarkStar1> Cheers guys
[16:39] <shauno> saves trying to decode the incantation when you go back to it next year
[16:40] <TheLordOfTime> yup
[16:40] <roaksoax> SpamapS: howdy!! could you please process maas-enlist that i uploaded yesterday to precise-proposed  queue as it is kind of a critical bug please?
[16:42] <SpamapS> roaksoax: will take a look in approximately 15 minutes
[16:42] <roaksoax> SpamapS: awesome thank you
[16:42] <hallyn> zul: well shucks, elsewhere it does work for me.
[16:43] <hallyn> ("it" beign openvswitch with gre tunnel)
[16:46] <TheLordOfTime> does iptables support rules which can be based off of items listed in /etc/hosts?
[16:47] <sarnold> firewall rules don't often blend well with DNS
[16:50] <TheLordOfTime> sarnold, i know right?  but in theory, is it possible, assuming the /etc/hosts entry won't change?
[16:51] <sarnold> TheLordOfTime: I'd probably write some handy code to generate the rules on-demand
[16:51] <sarnold> TheLordOfTime: parse through /etc/hosts, get the data you want, write the rules you want (with IPs), and go from there
[16:58] <jamespage> zul: bug 850443
[16:58] <jamespage> I think that is fixed for quantal - is it fixed for precise as well or do we still need a SRU?
[16:58] <jamespage> actualy Daviey owns the bug - maybe he knows? ^^
[17:08] <drPoo> Hi, im getting a gzip: compressed data--length error when gunzipping a gz file on a mdadm array. I do not get this error when doing the same thing on a normal hdd. Any ideas?
[17:13] <SpamapS> roaksoax: there are multiple uploads of maas-enlist in the precise queue
[17:13] <hallyn> SpamapS: do the relation-joined hooks queue up and wait until the install hook is done?
[17:13] <hallyn> or do they run in parallel?
[17:14] <SpamapS> hallyn: hooks are run in serial
[17:14] <roaksoax> SpamapS: the latest one, uploaded last night please
[17:14] <SpamapS> hallyn: its a state machine, and relations won't be touched until the state is 'started'
[17:15] <hallyn> SpamapS: ok, thanks.  and should the fact that they've run be showing up in the log under /var/log/juju?
[17:15] <hallyn> eh i've added a bunch of juju-logs, will see what they say i guess
[17:15] <roaksoax> SpamapS: https://pastebin.canonical.com/76232/ -> this one
[17:25] <roaksoax> rvba: maas-import-pxe-files needs to be run in the region only right?
[17:28] <roaksoax> rvba: 'maas' and 'maas-provision' binaries
[17:28] <rvba> roaksoax: yes
[17:29] <roaksoax> rvba: right, but maas-provision is also needed for the provisioningserver
[17:35] <roaksoax> doko: can I ship both a binary (usr/bin) and the module in a python-foo binary package?
[18:04] <hallyn> SpamapS: grrr.  charm docs seem to say that 'relation-get ip' should work? but it gives me "".  I assume from other charms I should use relation-get private-ip?
[18:04] <hallyn> though i see postgresql uses 'relation-get ip'
[18:07] <hallyn> <dim light glows> oh is there no established ns?  i have to set them all mysefl?
[18:46] <SpamapS> hallyn: the only assumable values are private-address and public-address
[18:47] <hallyn> SpamapS: thanks
[18:54] <giovani> anyone here love their sip-t1/e1 gateway?
[18:54] <giovani> if so, let me know, I'm in the market for a few
[18:55] <giovani> mediatrix has been awful
[18:58] <giovani> i.e. how's the sangoma vega line?
[19:17] <TheLordOfTime> so, is uvirtbot only reporting public bugs?  or does it also sees the private bugs (such as crash bugs)?
[19:54] <sidnei> hallyn, around?
[20:03] <hallyn> sidnei: what's up?
[20:03] <sidnei> hallyn, having some trouble with lxc on quantal, suddenly none of my containers finish starting up
[20:04] <hallyn> sidnei: can you pastebin 'outout' after adding '-l debug -o outout' to the lxc-start args?
[20:05] <sidnei> doing so
[20:05] <hallyn> sidnei: are these lxc-ubuntu or lxc-ubuntu-cloud (or other) templates?
[20:05] <sidnei> the former
[20:07] <sidnei> hallyn, http://paste.ubuntu.com/1271887/
[20:08] <sidnei> hallyn, interestingly it got all the way to the prompt now. maybe i was just hasty
[20:09] <hallyn> sidnei: looks like up to starting init all went fine.  what does 'lxc-ps -n u1-precise' show?
[20:09] <sidnei> let me try the lucid one, which failed in a different way
[20:09] <SpamapS> roaksoax: accepted maas-enlist into precise-proposed
[20:09] <hallyn> sidnei: d'oh, wait.  check /var/log/syslog...  anything in there?
[20:10] <hallyn> you did say 'on quantal', but heck maybe you have iw wifi
[20:10] <sidnei> hallyn, nope, this is inside a vmware vm
[20:11] <hallyn> sidnei: hm, and it worked before?  vmware used to need tweaking to support >1 mac at a time...  but if it was working before that seesm unlikely to regress
[20:11] <sidnei> yes, worked fine before.
[20:11] <hallyn> k
[20:12] <sidnei> hallyn, http://paste.ubuntu.com/1271898/ lucid container
[20:13] <hallyn> sidnei: looks fine. lxc-ps?
[20:13] <roaksoax> SpamapS: awesome! thank you!
[20:13] <sidnei> hallyn, http://paste.ubuntu.com/1271900/ is what i get on the console
[20:13] <hallyn> ag
[20:14] <hallyn> stgraber: ^ more /dev/shm lucid nonsense
[20:14] <hallyn> sidnei: what about on the quantal container?  or is lucid all you were trying?
[20:14] <sidnei> hallyn, im trying lucid and precise, the precise one seemed to get stuck, but i left it alone a bit longer and it eventually gave me a prompt
[20:15] <hallyn> sidnei: i wonder if your dnsmasq on lxcbr0 died.
[20:15] <stgraber> hallyn: hmm, on lucid we should have /lib/init/fstab diverted to avoid that...
[20:15] <hallyn> did your precise contaienr get an addr on eth0?
[20:15] <hallyn> stgraber: d'oh, right, that's upgrades failing i was thinking of
[20:16] <sidnei> hallyn, indeed, no address on the precise container eth0
[20:16] <sidnei> but dnsmasq seems to be there
[20:16] <hallyn> sidnei: 'status lxc-net' ?
[20:16] <hallyn> hm
[20:16] <sidnei> lxc-net start/running
[20:16] <hallyn> brctl show?
[20:17] <sidnei> seeying some UFW BLOCK on /var/log/syslog for port 67 udp
[20:17] <sidnei> brctl show: http://paste.ubuntu.com/1271906/
[20:18] <hallyn> have you customized ufw?
[20:18] <hallyn> recnetly?
[20:18] <sidnei> indeed
[20:18] <hallyn> phew.  sounds like those rules need to be fine-tuned
[20:19] <hallyn> just have them ignore device lxcbr0
[20:19] <hallyn> and 10.0.3.0/24
[20:20] <hallyn> what does the current ruleset look like?
[20:24] <sidnei> hallyn, http://paste.ubuntu.com/1271923/
[20:27] <hallyn> sidnei: yeah been awhile since i've tweaked ufw, but you'll want to add exceptiosn for 10.0.3.0/24
[20:28] <sidnei> tried a blanket allow in on lxcbr0 but no luck maybe its matching on PHYSIN, which is the random vethXXXX thing
[20:32] <hallyn> sidnei: just to make sure we're not barking up the wrong tree, what if you just stop ufw for a minute?  does it then work?
[20:33] <sidnei> hallyn, precise one yes, lucid one is unhappy about /dev/shm
[20:33] <hallyn> sidnei: the lucid one probably doesn't have lxcguest installed.
[20:33] <hallyn> not sure if the apt-get install of lxcguest failed during container creation bc of the firewall...
[20:34] <hallyn> you can 'chroot /var/lib/lxc/u1-lucid/rootfs dpkg -l | grep lxc' to check for the lxcguest package
[20:34] <sidnei> hallyn, not sure if this is related/meaningful: http://paste.ubuntu.com/1271944/
[20:35] <sidnei> hallyn, http://paste.ubuntu.com/1271947/
[20:36] <hallyn> hrmph
[20:36] <hallyn> sidnei: no, that error msg is normal
[20:36] <hallyn> but as stgraber said lxcguest should be keeping shm fro mtrying to be mounted in the container
[20:37] <hallyn> sidnei: what's in /varlib/lxc/u1-lucid/rootfs/etc/fstab?
[20:37] <hallyn> and /var/lib/lxc/u1-lucid/rootfs/lib/init/fstab.lxc ?
[20:38] <hallyn> sidnei: for the lucid container it's probably worth filing a bug.  Though the lxcguest making it work comes from a ppa...  but we do want that working.
[20:38] <sidnei> hallyn, http://paste.ubuntu.com/1271964/
[20:38] <hallyn> sidnei: i need to run.  will look for a bug later
[20:39] <hallyn> sidnei: well..
[20:39] <hallyn> did you add that shm entry?
[20:39] <hallyn> if so, then you need to just also fix /dev/shm to be a direcotry
[20:39] <hallyn> and perhaps tweak the apparmor policy to allow the mount
[20:39]  * hallyn out - ttyl
[20:40] <sidnei> hallyn, it does look familiar, but the container is fresh so not sure where it came from
[20:50] <sidnei> hallyn, bug #573461 seems relevant to the ufw problem, made the change to /etc/ufw/before.rules and it seems like traffic is flowing happily now.
[21:54] <roaksoax> SpamapS: sorry to bother you again, but could you please reject the SRU for maas-enlist, I need to get in another fix with that upload
[21:55] <LordOfTime> roaksoax:  why not let that SRU go, and then run another one?
[21:55] <LordOfTime> out of curiosity ;P
[21:55] <roaksoax> LordOfTime: becuase it will take to much time and we need to get it in asap :)
[21:56] <LordOfTime> ah.  i see.  you never know, hence my curiosity
[21:56] <LordOfTime> and asking questions never killed anyone.
[21:56] <LordOfTime> ... much...
[21:57] <roaksoax> :)
[21:59] <ScottK> roaksoax: I don't see it in the queue.
[22:00] <roaksoax> ScottK: it is in -proposed, and I'm waiting for the quantal fix to be approved in order to upload the new package to precise-proposed
[22:01] <ScottK> roaksoax: Just upload a new SRU then.  Now need to remove the existing one.
[22:01] <ScottK> Now/no
[22:01] <roaksoax> ScottK: awesome, thank you!
[22:01] <ScottK> You need to increment the revision regardless of if you remove the old one or not.
[22:02] <roaksoax> ScottK: will do
[22:03] <roaksoax> thanks :)
[22:20] <LordOfTime> hallyn:  ping
[22:32] <SpamapS> roaksoax: its already accepted. Your next upload can revert anything you don't want in proposed.