[07:44] <Karl-Arne> Howto setup prive ssl sertificate on virtual name server? Any links to howto's?
[07:57] <RoyK> HAPPY CAPS LOCK DAY
[08:02]  * koolhead17 pokes RoyK 
[08:44] <ewook> *yawn*
[08:51] <radish> greetings, I want to setup using a two node setup (one controller, one compute node) using ubuntu 12.04, folsom release. The official documentation mentions that the controller node has to use LVM. Is this also true for a setup that would use local hdds on the compute node (no shared storage)?
[08:53] <RoyK> what controller?
[08:55] <melmoth> radish, i think you need lvm only on the nodes where you wanna run nova-volumes (or cinder)
[08:55]  * RoyK uses lvm for most volumes
[08:55] <melmoth> (and i bet you wanted to ask the question in #openstack :) )
[08:56] <radish> melmoth: I did =)
[08:56] <radish> melmoth: so if I use 1 system as the cloud controller and another one as the hypervisor (using local storage), the controller doesn't need lvm as it won't serve volumes?
[08:56] <melmoth> yep.
[08:58] <koolhead17> hola melmoth
[08:59] <melmoth> hola koolhead17
[08:59] <radish> melmoth: another question if you would be so kind: is it really necessary to setup the controller node to be a ntp-server? wouldn't it feasible to use an internal one?
[09:00] <melmoth> you can use an internal one
[09:00] <melmoth> what is important is that all nodes have the same time
[09:00] <koolhead17> radish: we area ll here to help :)
[09:00] <melmoth> otherwise, strange thingds may hapen
[09:00] <koolhead17> melmoth: +1
[09:00] <melmoth> such as services appearing as XX in nova manage service list and stuff
[09:01] <koolhead17> or in another words all nodes need to be synced because multiple service needs to communicate with each other
[09:03] <radish> thank you for your help, guess I'll continue until things screw up =)
[09:04] <koolhead17> radish: it will badly if time is not synced :)
[09:04] <radish> koolhead17: we use an internal ntp-server, no worries =)
[09:05] <koolhead17> radish: point it to that server then
[09:05] <radish> koolhead17: already implemented by our preseed installation
[09:06] <koolhead17> radish: COOL
[10:05] <radish> melmoth: regarding the openstack packages, should I install suggested packages as well? (we have usually turned off suggested/recommended packages for apt)
[10:05] <melmoth> unsure
[10:05] <melmoth> try without, and see if it works ?
[10:54] <radish> Again a question regarding openstack: I'm trying to grant the admin role to the admin user, however, keystone complains about an ambiguous option: "keystone user-role-add: error: ambiguous option: --user could match --user-id, --user_id" which one should I use?
[12:55] <radish> melmoth: if I have mistyped the region at the creation of the swift service, how can I change that? adjust the command and run it again, or do it somehow using the id / service id?
[12:56] <melmoth> dont know. I dont even remember exactly when does one use the region
[12:56] <radish> melmoth: when you create the services and their endpoints in keystone
[12:56] <melmoth> ahh. so i guess you may change it with keystone comand itself
[12:57] <radish> melmoth: so just rerun the same command after adjusting it?
[12:57] <melmoth> i dont see a kesytone endpoint-edit
[12:57] <koolhead17> radish: keystone-endpoint --help
[12:57] <koolhead17> see if it helps
[12:57] <melmoth> but there s a keystone endpoint-list, ten you can keystone endpoint-delete and recreate it
[13:16] <radish> melmoth: thanks for that, I did just rerun the old command and will delete the faulty entry later on. If I run a token-get using the admin user, I get the correct data, but also the message "No handlers could be found for logger "keystoneclient.v2_0.client"" Is this to be expected?
[13:17] <melmoth> i think the no handler error is sort of common
[13:18] <melmoth> what i tend to do is sudo sed -i "s|log_config.*|log_file = /var/log/keystone/keystone.log|g" \
[13:18] <melmoth> /etc/keystone/keystone.conf
[13:18] <melmoth> so i have logs.
[13:24] <hallyn> zul: around?
[13:25] <zul> hallyn: kind of
[13:25] <hallyn> zul: question on openvswitch-datapath-dkms
[13:25] <zul> hallyn: ok
[13:25] <hallyn> zul: it was dropped in q, i assume bc the module exists upstream
[13:25] <zul> hallyn: yeah
[13:26] <hallyn> probelm is the upstream module doesn't yet do gre tunnels.
[13:26] <zul> hallyn: oh...also the dkms doesnt build on quantal either
[13:27] <hallyn> drat :)  my q was going to be which src you recommend i grab (from a juju charm) to build it
[13:27] <zul> hallyn: i think you would have to heavily patch it in order for it to work
[13:28] <hallyn> zul: ok, thx.  gotta think about whether that's worth it or not
[14:03] <radish> melmoth: in the /etc/glance/glance-registry.conf, one has to set config_file, however, the documentation says to use /etc/glance/glance-api-paste.ini, not the default one glance-registry-paste.ini, is this correct?
[14:05] <melmoth> i dont know
[14:05] <melmoth>  i dont see this setting here anywhere in /etc/glance
[14:05] <melmoth> (but i havent finished installing, and am struggling with swift charm)
[14:08] <melmoth> i always have been confused as to why glance needed 2 paste file anyway
[14:16] <radish> melmoth: my /var/log/glance/registry.log is spammed with errors about removing dead childs, source is eventlet.wsgi.server. Do I need some kind of wsgi package (none installed currently)?
[14:16] <melmoth> the whole openstack is a big wsgi.
[14:16] <melmoth> all of em, keystone, nova, glance... Name it, it s wsgi
[14:18] <radish> melmoth: seems it's this bug: https://bugs.launchpad.net/glance/+bug/1042823
[14:19] <melmoth> i never hit this one (yet ?)
[14:25] <radish> melmoth: well, I'm using 2012.2-0ubuntu1~cloud0 which should be fixed, according to the bugreports
[14:45] <radish> melmoth: did solve it, the documentation is faulty
[15:53] <tboat> hey all, is there a way to allow users to connect to sftp without needing a DSA key? or do they still need to generate a SSH key first?
[15:56] <andol> tboat: I assume the answer you are looking for isn't to use a RSA key instead? :) Alternatively you should be able to tell you ssh server to also accept password logins
[15:57] <tboat> i prefer no password logins, for security, so i guess I can't have seperate settings for sftp?  If the answer is just to generate the keys, that is not that big of a deal.
[15:57] <tboat> my server is a LAN samba file server, and currently sftp/ssh to just me with a key, but wish to allow others access to a certain directory via sftp
[15:59] <andol> tboat: So, you want to restirct full shell sessions to key auth, but allow sftp for passwords logins? Not sure how much benefit that would be, given that the user then could just as well login with passwords on sftp and use that access to put a new ssh key in place.
[16:00] <andol> tboat: Alternatively you could have different requires (ssh key vs. passwords) for different users, or only allow certain users to login using sftp.
[16:06] <RoyK> addisonj: does sshd support that?
[16:07] <addisonj> ? assuming you meant andol
[16:09] <tboat> if i restrict them to just sftp, but ssh still uses keys, then the user will still need to generate a key correct? my user is elsewhere, so they would have to generate a key and email it to me, which is fine, but was just looking for an alternate route
[16:10] <andol> tboat: Whatever you restrict them sftp or not is a separate issue from whatever you allow password logins or not. Or did I missunderstand your question.
[16:10] <RoyK> addisonj: erm, yes ;)
[16:11] <tboat> no you did, restricting them to sftp is essentially what i want, but i also need to distinguish the authentication between ssh/sftp, which seems to just not be possible, undertandable as sftp depends on ssh, just looking for a workaround
[16:11] <andol> tboat: But yeah, if they are going to login using ssh keys they will have to send you their public ssh key in some way. (That is unless you generate the keypair and provide them with the private key, which in almost all cases is a worse idea.)
[16:16] <sarnold> tboat: I wonder, if you could run two different sshd daemons; run one on say, port 22, that only does sftp. Run another on port 2222 that only does ssh. You'd need to create your own /etc/init.d/ssh copy that starts the other daemon with a different configuration file. (-f)
[17:28] <axisys> which ubuntu perl package has BER.pm ?
[17:28] <axisys> libconvert-ber-perl is not it which has /usr/share/perl5/Convert/BER.pm
[17:28] <sarnold> axisys: libconvert-ber-perl and libsnmp-session-perl
[17:29] <axisys> sarnold: is there a easy way to find out besides asking here?
[17:29] <sarnold> axisys: apt-file search BER.pm
[17:29] <sarnold> apt-file is an immensely useful little tool :)
[17:29] <axisys> sarnold: thanks a lot
[17:53] <phear> Anyone in the Lafayette, LA area? I'm looking for dev work
[19:08] <maxmahem> hey question. Trying to upgrade server but out of space on /boot. Turns out I have a lot of old packages there. apt-get purge old-linux-image fails with some errors on unmet dependancies (linux-image-server depends linux-image-3.0.0-26-server)
[19:08] <maxmahem> thoughts?
[19:08] <maxmahem> er old kernals there that is.
[19:22] <jdstrand> mdeslaur: fyi, that is probably a dupe of your bug ^
[19:22] <mdeslaur> jdstrand: yeah, I'm looking at it now
[19:23] <jdstrand> cool
[19:44] <koolhead17> philballew, around
[19:44] <koolhead17> seems like netflix gone too http://news.ycombinator.com/item?id=4684384
[19:46] <philballew> koolhead17, lame!
[19:46] <koolhead17> what happned to the monkey script which they released
[19:48] <_ruben> ahh bugger, the /boot on mdadm boot issue didn't get resolved afterall .. wonder what made me think it did :/
[19:49] <philballew> koolhead17, Seems odd if you ask me
[19:49] <philballew> its middle of the day there
[19:49] <philballew> there in east cost iirc from last time
[19:51] <koolhead17> seems like they are turning it off/on on regular basis :P
[19:54] <philballew> koolhead17, iirc github was down last week or something like that
[19:54] <koolhead17> ya
[21:03] <Guest47529> Hi, I have a really strange one I have installed LVM2 but dont have the pvcreate command, why might that be?
[21:08] <Guest47529> strange, I just removed then installed it and the commands were there
[21:36] <ninjai> hey all, I'm running kernel 2.6.32-23 on ubuntu server 12.04, but suffering from this bug: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/565288.  Seems I should upgrade my kernel to 2.6.32 or .34, but I can't find the kernel in the apt-cache.  Where can I obtain the kernel?
[21:36] <blizzow> I installed gcp on my 12.04 server and keep running into this when trying to use it.  http://pastebin.com/nSubWH7X
[21:37] <blizzow> Anyone have any idea what might cause that problem and what the solution might be?
[21:47] <diogo_79> hi
[21:48] <diogo_79> i have an usb modem that is connected to ubuntu server 12.04 but i cannot get it to work, help is need
[21:49] <diogo_79> the modem is identify has SGS Thomson Microelectronics 56k SoftModem
[21:51] <diogo_79> in the dev directory the modem is ttyACM0
[21:51] <diogo_79> i have install minicom to talk to the modem but the port ttyACM0 is not a valid port
[21:52] <diogo_79> what to do next
[22:14] <aFeijo> I've got an WORM! How can I find and remove it?
[22:15] <sarnold> aFeijo: wordpress? :)
[22:15] <aFeijo> no
[22:16] <sarnold> some other php application? :)
[22:16] <aFeijo> I'm using drupal
[22:19] <aFeijo> sarnold, funny that only php does that :p
[22:19] <aFeijo> it seems that it is a exacutable named "i", just the letter
[22:19] <aFeijo> how can I find it? lol
[22:19] <sarnold> aFeijo: find / -name i -print
[22:20] <sarnold> though that may take a little while :)
[22:20] <aFeijo> thanks
[22:20] <aFeijo> /bin/i
[22:20] <aFeijo> damn worm
[22:28] <aFeijo> Opyum Team got me
[22:35] <aFeijo> how can I remove this Opyum Team ???
[22:37] <sarnold> aFeijo: safest and most fail-safe way is to re-install
[22:37] <aFeijo> omg...
[22:38] <sarnold> aFeijo: you _may_ be able to track down where the specific intrusion took place, find related files, replace them, etc. but rootkits can make it impossible to trust anything on the system
[22:39] <aFeijo> I see
[22:43] <aFeijo> thanks for the hints, I'll work on it
[23:01] <ninjai> hey all, I'm running kernel 2.6.32-23 on ubuntu server 12.04, but suffering from this bug: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/565288.  Seems I should upgrade my kernel to 2.6.32 or .34, but I can't find the kernel in the apt-cache.  Where can I obtain the kernel?