/srv/irclogs.ubuntu.com/2012/11/16/#ubuntu-server.txt

uvirtbot	New bug: #1079466 in cinder (main) "cinder-volume depends on tgt" [Undecided,New] https://launchpad.net/bugs/1079466	00:26
=== cpg is now known as cpg\|away
brendon	hello room, got a dhcp question if anyone is interested.... I used this guide, "http://angrytechnician.wordpress.com/2010/07/23/how-to-stream-every-channel-from-freeview-onto-your-network/", but it overheats my router. Could I turn my ubuntu-server into a dhcp server to stream RTP streams from tv tuners on that same server to save the router a bit?	01:19
sarnold	brendon: dhcp is nearly zero load on a system -- it might save a few megabytes of memory from your router to free your router of the job, but your router would have to be just on the edge of available memory -- and in swap hell ....	01:23
esuave	does anyone know how i can boot into single user mode without networking in 8.04?	01:24
sarnold	esuave: sometimes just adding 'single' to the kernel command line will do it.	01:25
sarnold	esuave: adding init=/bin/sh to the kernel command line gives you nearly nothing :) no networking, no X, no automatically started services. You're playing the role of init, so be sure to sync and remount root read-only if you can before rebooting. :)	01:25
esuave	well it tries to start networking when i do that	01:25
esuave	so if i add init=/bin/sh to the end of the kernel command it should drop me to a shell?	01:26
sarnold	brendon: neat guide. maybe ont directly useful to me now, but neat to know none the less.	01:27
sarnold	esuave: yes.	01:27
esuave	ty ill give it a shot	01:27
brendon	hey thanx sarnold for reply. i wasn't plugging the guide, just assumed it must be able to be done so i went googling one day. hmm.... so i'm guessing the router has some type of internal memory that is quite small and it uses that to switch between all the routes to keep a constant stream going? I don't know much about this stuff, only enough to get the server up and running and doing a few things. the router coo	01:28
brendon	ks itself after 24 hours, even if no-one is connected to the streams. the sap-server doesn't seem to load it up without dblast going.... anyway, do you know what I might have to learn/a good direction to go to educate myself about doing such a thing on dhcp server? does it recognise the 239.255.blah.blah numbers automatically like a router does? thanx heaps for your help hey.	01:28
sarnold	brendon: hrm; are you sending the data from all the streams through your router all the time?	01:29
sarnold	brendon: is there no way to drop a switch on the network and remove the router from the streaming?	01:29
sarnold	(and yes, routers are typically very ram limited, though forwarding streams of data will probably not tax RAM too much -- just keep the kernel, CPU, and NICs awake and drawing too much power)	01:30
=== cpg\|away is now known as cpg
brendon	yeah, i live in a share house and want anyone to connect to any channel at once. I have three computers in my room, on a switch, plugged into the router of the fellas upstairs who own the internet connection. i believe some of the other people have some switches too.	01:32
brendon	i mean "yeah" they were all streaming at once	01:32
sarnold	brendon: cool sounding setup. :D I'd try to add a switch between the router and _all_ the other machines -- have two wires going to the router, one to the internet, and one to a new switch.	01:33
brendon	yep thats done upstairs already.... im just wondering though if i could utilize this dhcp thingy already installed on my ubuntu-server box?	01:34
sarnold	ahhhh	01:34
sarnold	you could; but then your machine would have to be on all the time, and the router would have to be configured to _not_ do dhcp. I'm not sure it's worth the trouble, but it's certainly possible.	01:34
brendon	we got two servers on all the time mine is one of them - its handy to have access to your media on the phone while on the train thinking "ive got that song somewhere, i know i do". hmm.... configure router to not do dhcp - does this mean then, say, that two routers cannot connect to the same connection? And I'm guessing too that one router (or dhcp server) can't be used as a "child" of the other somehow?	01:39
sarnold	brendon: dhcp just hands out addresses and dns configuration and similar tasks; I don't really see here there is a "connect to the same connection" or "child" relationships..	01:44
brendon	ok, well, what i was hoping was to somehow leave the "other people's" router alone while being able to dish out rtp streams via the dhcp, but i guess not possible. thanx heaps hey, this was hard to find an answer to on the www	01:46
sarnold	brendon: I'm still confused though :) when you say "dish out rtp streams via the dhcp" .. what do you mean by that?	01:46
sarnold	dhcp is pretty simple and feels a bit unrelated; when a machine turns on, it sends a DHCP REQUEST, and a DHCP server replies with an address and maybe DNS servers to use, and a lifetime for how long that address is valid. Then the two machines don't talk for a few hours until the client wants to renew its address (often before the expiration, to give a down server a chance to come back...)	01:48
brendon	um, say use the already running server to "take care" of the rtp streams independant of the router. i don't know much about this stuff hey, i'm walking through thick fog and muddy waters here about ipconfig alltogether. to put things in perspective, i don't even understand what the netmask is as ive not needed to use it yet	01:49
sarnold	ah, okay. :)	01:49
brendon	aah ok. see, i had this idea, after getting this working, of sstreamlining and selling these "tv streamer" boxes as tv tuners are pretty cheap these days, and it is not much load on the cpu. but ppl aren't gonna want anything that cooks their router, so i was hoping for a more "encapsulated" sollution. Dang.	01:55
sarnold	brendon: hrm, one possibility... are the rtp streams being sent over ethernet broadcast or via the network-local broadcast address?	01:57
sarnold	maybe the little router's ethernet is forced to inspect the packets if they are broadcast packets, it may not have much choice. :/	01:57
sarnold	brendon: look into _multicast_ streaming; that ought to use ethernet multicast addresses instead, and that will probably let your poor little router cool down	01:58
esuave	it shoots me to a prompt if i use init=/bin/bash but it won't let me type or do anything	01:58
esuave	is there a way to disable the nic in the kernel params?	01:59
sarnold	esuave: yikes, that's pretty bad.	01:59
esuave	i can boot the dang thing just fine into the OS, the only thing I'm trying to do is stop it from pulling the darn static IP i gave it cause there is another duplicate IP on the network	02:00
sarnold	I think a lot of drivers do let you use something like e100.disable=1 to disable the driver... check modinfo <foo> output for your card	02:00
esuave	i would shut off the interface on the switch but i don't have access to it :/	02:00
esuave	yeah and when it boots it pulls that IP and screws up another server cause it has the same IP	02:01
esuave	so I'm just trying to get it to boot so i can change the IP in /network/interfaces	02:02
sarnold	esuave: hrm, but 'single' wasn't good enough to fix the address and reboot?	02:06
esuave	no cause it trys to start the interface and gives it an IP	02:06
esuave	its retarded why single user mode starts networking	02:07
brendon	low cpu usage meaning i could use junk/cheap low spec machines. current server is a 4 year old low spec laptop and streams 9 channels at once on one client no worries. client has a bit of trouble though... um, well, i dunno.... they are all addressed as 239.255.x.x, which that dude in the guide reckons are special addresses that routers know are rtp streams. the only way i know to connect remotely is with the ext	02:07
brendon	ernal ip or using my crappy 3rd level domain name, which of course just fowards port 80. so yeah, I'd say its local streaming only. got all ports open to the server - got a few things running haha. oh yeah, the rtp thing is multicast hey, well, at least on here as many ppl as they want can connect to the one stream - and aparently it doesn't use extra bandwidth - according to that dude. but the router was burning	02:07
brendon	out even with no connections to the streams but with them "ready" to connect - or being served by dvblast	02:07
sarnold	brendon: ah, good. then you're already doing everything right, I think.	02:32
brendon	oh... ok what a letdown. Thanks for your help but, now I have a further understanding of what I am dealing with.	02:46
* brendon abandons his get-rich quick scheme		02:46
brendon	haha, it still works. ah, irc, takes me back...	02:47
sarnold	:)	02:47
=== Gallomimia_ is now known as Gallomimia
=== furian is now known as shantorn
=== security is now known as nerd
=== nerd is now known as hack
=== n0ts_off is now known as n0ts
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
=== hack is now known as awesome
=== awesome is now known as Guest83864
=== Guest83864 is now known as hack
=== n0ts is now known as n0ts_off
=== n0ts_off is now known as n0ts
Daviey	Good morning... dank and miserable weather today, but the party in #ubuntu-server is the place to be!	08:57
jamespage	morning all; morning Daviey	09:05
Daviey	jamespage: what is your take on bug 1066845 ?	09:11
uvirtbot	Launchpad bug 1066845 in nova "nova-novncproxy is not running; missing deps on websockify and novnc" [High,Triaged] https://launchpad.net/bugs/1066845	09:11
jamespage	Daviey, hmm - not sure; I see a Suggests on novnc from nova-novncproxy which in turn has a dep on websockify	09:13
Daviey	jamespage: yeah, but Suggests is essentially noise	09:15
jamespage	Daviey, it should be a Depends - the service won't start without it	09:16
jamespage	I suspect the reporter installed novnc and its fixed the issue	09:16
Daviey	oh	09:17
jamespage	Daviey, we should fix it in the next set of SRU's - its a minimal change	09:18
jamespage	I suspect its suggests because novnc is in universe and nova-novncproxy might have been in main at some point in time	09:18
jamespage	but its also in universe...	09:18
Daviey	jamespage: We might need to re-work who is doing the next round of SRU's.	09:19
jamespage	Daviey, yes	09:19
=== kInOzAwA is now known as Guest8864
marun	hi i need help in configuring forward lookup zone in bind9. where can i get dummies documentation? I used ubuntu server guide. But it isn't enough helpful	09:36
marun	any ideas?	09:38
vezq	search for "bind tutorial"	09:43
=== mcclurmc_away is now known as mcclurmc
Cuacrzz	hello	11:34
=== mcclurmc is now known as mcclurmc_away
=== Ursinha is now known as Ursinha-afk
=== cpg is now known as cpg\|away
disposable	i have computer1 which is my gateway to ipv6 (using tunnelbroker.net). i also have computer2 which has computer1 as its default ipv6 route. i've enabled "net.ipv6.conf.all.forwarding = 1" on computer1 but computer2 still can't get any further than computer1. computer1 has no problem accessing ipv6 internet. what am i missing? more detailes here http://pastebin.com/EfdAU6e3	12:04
=== Ursinha-afk is now known as Ursinha
xnox	"WARNING: Failed to create krb5 context for user with uid 0 for server" upon mounting nfs4 export	12:43
zul	jamespage: yeh so we probably need a MIR for websockify	12:43
jamespage	zul, its all in universe so I don't think so	12:44
zul	novncproxy?	12:44
=== kInOzAwA is now known as Guest34773
uvirtbot	New bug: #1071591 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Medium,Invalid] https://launchpad.net/bugs/1071591	13:21
uvirtbot	New bug: #1079611 in horizon (main) "Download Juju Environment Config gives wrong credentials" [Undecided,New] https://launchpad.net/bugs/1079611	13:21
=== mcclurmc_away is now known as mcclurmc
=== pcarrier_ is now known as pcarrier
MoleMan	I have a samba share that is renaming a file to some garbage on the two devices I've checked on (one Android, one windows), the file is named correctly in the local folder, is there anyway to browse the share locally from the CLI, or anyone have any ideas what the issue is?	14:20
MoleMan	aah, samba doesn't like colons: fixed, nvm thanks anyway :p	14:22
MoleMan	took me that long to think of it after asking XD	14:22
=== security is now known as hack
=== Guest34773 is now known as kInOzAwA
roaksoax	jamespage: howdy!!	15:02
jamespage	roaksoax, hey!	15:03
roaksoax	jamespage: ok so i refactored the hacluster charm, now im integrating it with the quantum charm	15:03
jamespage	roaksoax, sweet!	15:03
roaksoax	jamespage: so for now I'll do this: 1. make l3/dhcp agent run in the same machine, 2. make quantum-server run in all machines	15:03
jamespage	I pushed a few changes to the charm today - mainly for a helper script to create private tenant helpers	15:03
jamespage	roaksoax, that sounds good to me	15:03
jamespage	the only other bit I can think of the the ip address assignment to the external bridge	15:04
jamespage	technically I don't think that is required; so can probably just be disabled.	15:04
jamespage	quantum will deal with creating IP addresses in ip namespaces on the active gateway machine.	15:04
roaksoax	jamespage: right, so if it is still required, and the IP is known previously, we can handle that within the cluster as well	15:05
=== acidflash_ is now known as acidflash
iliv	hi, I was wondering why I get different numbers for total security updates when using apt-check and apt-get in this fashion: http://pastie.org/5387885 ?	15:14
iliv	whoa, this is becoming mental, ran another apt-get update and now sudo apt-get -s upgrade \|grep "^Inst" \|grep -i securi \|wc -l returns 0 while apt-check still shows there are > 0 security updates	15:30
iliv	wth?	15:30
iliv	I swear apt-get now ignores changes to my /etc/apt/sources.list where I move lines for security updates repositories to either beginning or the end of the file and after that when I run sudo apt-get update it just connects to security updates repos in either case.	15:37
iliv	looks like some sort of caching or something	15:37
iliv	let me try to remove those lines for security update altogether...	15:37
BrixSat	Hello	15:39
BrixSat	i need to make my server save all networt trafic for later analysis	15:39
BrixSat	whats the best option?	15:40
iliv	ALRIGHT, never mind what I said about apt-get ignoring my edits, those were lines starting with Ign for Translation-en_US that I glanced over...	15:41
ropetin	BrixSat: lots of variables to that question. How much data, what kind of bandwidth? Storing on the local server, storing somewhere else?	15:41
iliv	BrixSat, configure port mirroring if your switch is capable of that	15:42
BrixSat	ropetin: humm, data arround 150gb per month, storing localy , no switch access just the server it self	15:43
ropetin	As long as you have the storage for it then, dumpcap to a ring buffer on local storage?	15:44
ropetin	They you can at least analyze it with tshark or whatever	15:44
BrixSat	:/ that is not bad, aint there any other solution more "easy" my boss aint that expert :p	15:47
ropetin	OpenFPC	15:47
BrixSat	=)	15:47
ropetin	Or you could spend money on a NetWitness NextGen infrastructure	15:47
ropetin	Although that is a lot of money	15:48
hack	i am confused between using debain or ubuntu as my commercial server.	15:50
hack	which should i prefer ?	15:51
hack	benefits of ubuntu over debian ?	15:51
iliv	ubuntu is hip :P	15:51
hack	hip ?	15:52
iliv	never mind, that is just a tongue-in-cheek statement :)	15:53
highvoltage	hack: ubuntu has long-term support releases, which could be useful depending on your needs. you also need ubuntu server as apposed to debian if you want to use Canonical's services (like Landscape)	15:53
hack	highvoltage: ok, but ubuntu is also as stable as debian ?	15:54
hack	and i have checked the packges they are too almost same version.	15:54
highvoltage	hack: that's not really a simple answer, but in terms of general purpose server stuff, the LTS release is synced from debian testing and already put through its paces, so it's very stable	15:55
iliv	a question, why would apt-get -s update show those packages that are security updates as lucid-updates (I'm playin with the lucid here so...)?	15:55
highvoltage	hack: (sorry for my broken english today, I meant, "there's not really a simple answer")	15:55
hack	highvoltage: no need to be sorry :) language is not a prob at all :)	15:56
iliv	UNLESS SOMEONE IS A GRAMMAR NAZI that is	15:56
Tm_T	iliv: please...	15:57
iliv	hack, http://askubuntu.com/questions/15314/debian-stable-vs-ubuntu-lts-for-server	15:58
iliv	hack, http://askubuntu.com/questions/52066/what-is-the-difference-between-ubuntu-and-debian-server	15:58
iliv	hack, http://serverfault.com/questions/389199/is-it-debian-really-more-stable-for-servers-than-ubuntu-lts	15:58
iliv	also Google :)	15:59
hack	iliv: thanks mate lot's of imp info :)	15:59
iliv	yw!	15:59
hack	there are not many landscape videos on the net.	16:00
=== matsubara is now known as matsubara-lunch
iliv	a question, why would apt-get -s update show those packages that are security updates as lucid-updates (I'm playin with the lucid here so...)?	16:04
iliv	here's what I mean: http://pastie.org/pastes/5388180/text	16:05
iliv	I'd really love to see what packages are going to be installed as security updates, but how?	16:06
roaksoax	jamespage: in utils.relation_get("XYZ"), what happens if XYZ key=value has not been set?	16:10
uvirtbot	New bug: #1079747 in cyrus-sasl2 (main) "package sasl2-bin 2.1.25.dfsg1-5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1079747	16:11
jamespage	roaksoax, 'None'	16:13
jamespage	empty string in actual fact	16:13
jamespage	but the helper in the quantum charm converts that to None	16:13
roaksoax	jamespage: to None or 'None'	16:14
jamespage	roaksoax, None	16:14
roaksoax	jamespage: so this should work then, right?: orders = {} if utils.relation_get("orders") is None else ast.literal_eval(utils.relation_get("orders"))	16:15
jamespage	so you can do if utils.relation_get("xyz"): for example	16:15
jamespage	yep	16:15
roaksoax	jamespage: yeah I thought so... weird then... it fails :)	16:16
jamespage	roaksoax, I checked on the ip address assignment thing in quantum; its not required	16:16
uvirtbot	New bug: #1079751 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu3.11 failed to install/upgrade: problemas de dependencias - se deja sin configurar" [Undecided,New] https://launchpad.net/bugs/1079751	16:16
jamespage	so I dropped it by default on the charm	16:16
jamespage	users can still specify it but it comes with a health warning	16:16
jamespage	roaksoax, lemme check again	16:17
roaksoax	jamespage: ok I got it, i wasw using an outdated version of utils	16:17
roaksoax	jamespage: do you have your utils.py in a location independently from the charm?	16:17
jamespage	roaksoax, right - the one from ceph returns ""	16:17
roaksoax	jamespage: i think you should make a stanndard one	16:17
roaksoax	to make it reusable	16:17
roaksoax	for every chamr :)	16:18
jamespage	roaksoax, no but we need to - some of its already in python-charmhelper - buts thats not avaliable everywhere	16:18
roaksoax	i see	16:18
* jamespage berates himself for doing 'manual reuse' C-c C-v		16:18
jamespage	lol	16:18
roaksoax	:)	16:18
BrixSat	the openfpc is great :)	16:25
uvirtbot	New bug: #1077692 in mysql-5.5 (main) "package mysql-client-core-5.5 5.5.28-0ubuntu0.12.04.2 failed to install/upgrade: trying to overwrite '/usr/share/man/man1/mysql.1.gz', which is also in package mysql-client-5.5 5.5.27-1~ppa1~precise" [Undecided,Invalid] https://launchpad.net/bugs/1077692	16:26
=== Ursinha_ is now known as Ursinha
=== n0ts is now known as n0ts_off
=== matsubara-lunch is now known as matsubara
jamespage	zul, smoser, roaksoax, adam_g: ooo - I just saw the solution the metadata service access with quantum get proposed to grizzly	17:08
jamespage	roaksoax, I just added a README to the quantum charm which is better than my wiki topic	17:10
Daviey	jamespage: nice!	17:10
roaksoax	jamespage: cool!	17:13
jamespage	lp:~james-page/charms/quantal/quantum/trunk if anyone wants to know	17:16
=== Guest71769 is now known as Ard1t
roaksoax	jamespage: some basic, initial support: lp:~andreserl/+junk/quantum lp:~andreserl/+junk/hacluster	17:25
=== mcclurmc is now known as mcclurmc_away
roaksoax	jamespage: so using your deployer cinder gets install error	17:38
jamespage	roaksoax, does it?	17:39
jamespage	do you need to amend the device its using?	17:39
roaksoax	jamespage: maybe is it becuase i'm using canonistack?	17:39
iliv	seriously, guys, this isn't even funny now that I logged to the production Precise server and I can't distinguish between generic and security updates	17:39
jamespage	roaksoax, yes - you need to update the config to use the ephemeral disk instead	17:39
jamespage	same with ceph	17:39
roaksoax	jamespage: can't I just simply avoid it for now?	17:40
jamespage	roaksoax, well I'm assuming you want to be able to test a instance running right?	17:40
jamespage	actually yes - just ignore it - just don't try to present volumes to instances and you will be alright.	17:41
roaksoax	yeah that should be enough	17:41
iliv	see it for yourself: http://pastie.org/pastes/5388623/text apt-check says there are 6 security updates but which are those?	17:41
roaksoax	jamespage: btw.. does the cinder charm create /dev/sdb, or does it expect to have a partition already?	17:41
jamespage	it should create it all for you	17:41
roaksoax	jamespage: so, if the disk only has /dev/sda... does it resize the disk to create sdb or what?	17:42
jamespage	roaksoax, no - it uses a second device	17:42
jamespage	the ephemeral disk in a instance for example	17:43
jamespage	or in the CI lab the second disk in each server	17:43
roaksoax	jamespage: ah I see	17:43
roaksoax	jamespage: right so we expect the server to have 2 disks for example	17:43
jamespage	yep	17:43
jamespage	OS + Data	17:43
jamespage	same for ceph	17:43
jamespage	infact for ceph you want more disks - maybe ~8 ideally	17:43
sarnold	iliv: this may help: http://www.ubuntu.com/usn/	17:43
jamespage	but this is testing after all	17:43
sarnold	iliv: note especially apache in that list, there's at least five apache packages...	17:44
roaksoax	jamespage: right, so for cinder how do I specify a ephemeral disk ?	17:45
jamespage	block-device: vdb	17:46
jamespage	overwrite: true	17:46
jamespage	roaksoax, ^^ try that	17:46
roaksoax	jamespage: right, but do I have to amnually assign that to the instance, or the deployer does it or is it just"virtual"	17:46
jamespage	roaksoax, ah - right - use a constraint to pick an instance type which has ephemeral storage	17:47
jamespage	m1.tiny or whatever does not have this	17:47
jamespage	instance-type=m1.small should do it	17:47
roaksoax	jamespage: ok cool, thanks	17:48
jamespage	roaksoax, the charm will unmount the /mnt filesystem it gets presented on automagically	17:48
roaksoax	jamespage: ok cool!	17:49
iliv	sarnold, it's just that it seems that sometimes these security updates appear with $release-security and sometimes $release-updates... why?	17:52
iliv	I mean that happens within 0.5hr time frame	17:53
iliv	it's not like I'm talking about a situation when new security updates became available and those appear to be coming not from $release-security repository	17:53
sarnold	iliv: security updates are pushed into -updates after being published so that they can be distributed on the mirror network, rather than just live on security.ubuntu.com	17:54
iliv	does that mean that apt-get gets confused sometimes or something?	17:55
iliv	I mean	17:55
iliv	clearly, if it shows $release-updates this repository was used first.. but what determines the order?	17:55
iliv	the reason I'm worried about this is because I want to review manually what packages are exactly security updates	17:55
iliv	to carefully plan upgrade process	17:56
rbasak	"apt-cache policy <package>" can help you distinguish	17:58
sarnold	iliv: that's a good question. I know we go through the trouble of pushing to -updates because it saves vastly on download time for users -- yay for the mirror network -- but I'm not sure how apt knows to prefer -updates over -security when the version number is going to be identical between them...	17:58
rbasak	Security updates will appear in both -security and -updates	17:59
rbasak	Non-security updates will appear in -updates only	17:59
iliv	sarnold, I might be wrong, but essentially what I've experienced is that sometimes those security updates appear as -updates when I run apt-get -s upgrade \|grep ^Inst	18:02
iliv	like I've seen this with my own two eye on my terminal lol	18:02
iliv	so far, the only way to see security updates would be to have security updates repositories ONLY in a separate apt source list file and pass it as an option to apt-get	18:04
iliv	that works, but is a little heavy on typing :P	18:04
rbasak	Or you could use apt pinning I think. Not sure of the details there though	18:05
iliv	apt pinning is like a nightmare for me	18:06
sarnold	iliv: indeed, it takes a little bit of time for the updates to make it to the mirror network	18:06
sarnold	you may wish to just use your own apt mirror and monitor which packages enter the mirror that way	18:07
iliv	still creating a bash alias for 'apt-get -s upgrade -o -o Dir::Etc::SourceList=/path/to/a/file.list \|grep ^Inst' would be easier and faster :)	18:08
iliv	single -o, of course	18:09
uvirtbot	New bug: #1079794 in lxc (universe) "sudo: unable to resolve host.. when creating ubuntu-cloud container" [Undecided,New] https://launchpad.net/bugs/1079794	18:13
roaksoax	jamespage: ok so I removed cinder/ceph from openstack.cfg and services deployed fine, machines started, but the script stays in "Waiting for all service units to reach 'started' state"	18:23
roaksoax	jamespage: hook.output@INFO: Cannot find device "em2"	18:25
roaksoax	jamespage: i guess it is an issue of using canonistack?	18:32
=== jiboumans_ is now known as jiboumans
jamespage	roaksoax, no - you need a second nic	18:51
jamespage	just unset that option	18:51
jamespage	gah - you will need to reboot the nova-compute host as well	18:52
jamespage	I see a weird bug when not running on hardware that the juju agents lose connectivity to zookeeper	18:52
jamespage	a reboot sorts its out	18:52
roaksoax	jamespage: ok, so for quantum on canonistack i need to obviate (comment out) the ext-port relation setting in the hook?	18:54
lvmer	Hey where do you guys go to learn ubuntu? Like is there a local club listing somewhere? I've 95% setup a home server by myself through online tutorials, but I'm just having a 2nd set of eyes on the configs / etc. would be helpful. It would be cool to interact or shadow someone better than me too.	19:03
lvmer	but I think having a 2nd set*	19:04
jamespage	roaksoax, spot-on	19:13
roaksoax	jamespage: ok so I got it work in, cluster not fully configured dunno why though :)	19:17
daniel_-	u	19:23
=== _cronus_ is now known as cronus
=== cpg\|away is now known as cpg
matthewh3	can anyone help me install elgg - following this guide - http://docs.elgg.org/wiki/Install_Ubuntu - I tried "$ nano /etc/apache2/sites_available/default" but it doesn't exsist???	19:48
sarnold	what doesn't exist? nano? or /etc/apache2/sites_available/default ?	19:49
roaksoax	matthewh3: /etc/apache2/sites-available/default	19:49
roaksoax	s/_/-	19:49
webmonkey	Any advice using Chrootdir with Apache 2.2.14 on Ubuntu 10.04?	19:49
sarnold	roaksoax: :D	19:49
roaksoax	:)	19:49
matthewh3	ty	19:50
webmonkey	I added the ChrootDir Directive to the config file and restarted Apache but it doesn't seem to have any effect.	19:50
webmonkey	as www-data I am still able to navigate to root.	19:51
sarnold	webmonkey: how did you test that?	19:51
webmonkey	'su www-data' followed by 'cd /'	19:51
webmonkey	Is there a better way?	19:52
sarnold	webmonkey: was that shell started via a script from apache or something?	19:52
patdk-wk	that is going be a LOT of stuff, you need to put into the chroot for apache and everything to work	19:52
webmonkey	No, I was root when I ran that command	19:52
sarnold	webmonkey: a configuration option in an apache file will only influence apache and its children	19:52
webmonkey	patdk-wk I've heard that, just seeing how much of a pain it is lol	19:53
patdk-wk	a royal nightmare, it's possible, and once you know EVERYTHING you need, make a script to update them all	19:54
webmonkey	sarnold okay that makes sense, thanks	19:54
sarnold	webmonkey: a better way to test would be to write a php script or a perl script and try to access resources like /etc/passwd that way....	19:54
webmonkey	So bascially I should tell my client it's not worth the trouble? I intend to implement mod_security	19:54
webmonkey	sarnold Gotcha, that's what I'm getting ready to try.	19:55
matthewh3	do I need to download and unzip Elgg in a Apache folder as I've just done it in the default home folder - http://docs.elgg.org/wiki/Installation	19:55
sarnold	webmonkey: you may wish to investigate apparmor instead; it doesn't require setting up a chroot environment just for apache	19:56
sarnold	webmonkey: (apparmor is an alternative to ChrootDir, not an alternative to mod_security)	19:57
webmonkey	sarnold will do, I've been intending to check it out anyway. Thanks!	19:57
matthewh3	going to follow this guide - http://www.upubuntu.com/2012/03/how-to-install-elgg-social-networking.html - will get back if I need any help ty	19:57
patdk-wk	webmonkey, mod security and chroot are two totally different kinds of protection	19:57
=== yofel_ is now known as yofel
webmonkey	patdk-wk I know. Just trying to have a more secure setup.	19:58
patdk-wk	secure against what?	19:58
webmonkey	The server hosts a publicly accessible website, and the client is rather paranoid because their server got hacked once.	19:59
patdk-wk	this day in age though, I just throw up vm's dedicated to webserving	19:59
patdk-wk	instead of attempting multiserver stuff with chroots	19:59
patdk-wk	that so doesn't sound like chroot will protect them	20:00
patdk-wk	it normally takes 2 hacks to root a server, 1 hack if you don't care about rooting it	20:00
webmonkey	yeah I don't really feel that chrooting is necessary, but this is a client that thinks they know more than they actually do lol	20:00
patdk-wk	and normally those hacks are easily found in php/perl/whatever cgi your running	20:00
webmonkey	Im hoping mod_security will help with those potential issues	20:01
patdk-wk	as long as it's updated, it should	20:01
patdk-wk	and as far as rooting the server, normally that is the same thing, as long as you update ubuntu, it should be ok	20:01
webmonkey	Cool, well I will start working on mod_security then, and will check out apparmor after that	20:02
patdk-wk	doesn't mean you can't do some extra things, like remove suid/sgid from everything you don't need	20:02
lvmer	\|\| I've just got a quick syntax / terminal question \|\| if I want to redo the following: $ ls -l command but change it to: $ ls -ld .... what is the fastest way? http://paste.kde.org/608318/	20:03
lvmer	^^ like redo a previous command but add the '-d' ^^	20:03
uvirtbot	lvmer: Error: "^" is not a valid command.	20:03
sarnold	lvmer: ^-l^-ld ought to do it; also, up-arrow, ^A, arrow a bit..	20:04
lvmer	ah ^-l ^-ld worked well. Thank you. Yah I was just wondering if there was a faster way than pressing up arrow and scrolling through the characters. :) much like: sudo !! :)	20:05
sarnold	lvmer: you can also refer to the last argument on the previous command line with !$ -- ! for history, $ for last -- so ls /long/and/anonying/path followed by cat !$ or rm !$ or whatever...	20:07
sarnold	so the next command could be ls -ld !$	20:07
lvmer	sarnold: aaaaaahhhhhh I like that too. :)	20:07
sarnold	lvmer: I probably didn't learn !$ until I'd been using linux for 15 years. I'm not sure when it was introduced, but I've liked knowing it. :)	20:09
lvmer	sarnold: yes... it is making a world of difference already... wow. & if you didn't know it already: $ sudo !1 = sudo apt-get update && sudo apt-get upgrade	20:09
lvmer	sarnold: at least for me on 'ubuntu-server'	20:10
sarnold	lvmer: hahaha	20:11
sarnold	lvmer: I can't trust my !1 to be the same thing every time... a bit dangerous with a 'sudo', too. :D	20:11
lvmer	sarnold: yah crazy huh? I found it through a complete mistype	20:11
lvmer	sarnold: my new home server has really been kicking butt lately. :)	20:12
lvmer	sarnold: & I setup my pidgin account to auto login here.... so I'll probably be around a lot. xD	20:13
sarnold	lvmer: woo :)	20:13
=== cpg is now known as cpg\|away
zastern	When I'm doing something like this inside an environment, do I need to specify the environment in this "url"? puppet:///modules/unattended_upgrades/50unattended-upgrades-12	20:41
zastern	like puppert:///staging/modules/foo/bar/etc	20:41
=== cpg\|away is now known as cpg
=== cpg is now known as cpg\|away
=== cpg\|away is now known as cpg
[conrad]	Hello everyone. Is it possible to configure automount, so that it mounts /home/$user via NFS if we authenticated via LDAP, but uses the local drive if it matches a local user? We have a localhost guest account on all of our Ubuntu machines, and we have no problem doing NFS entirely, or local disk entirely, but having some issues doing one primarily with a fallback of the other.	20:52
thafreak	Is there a recomended/prefered iscsi target implementation in precise?	20:54
thafreak	it looks like iscsitarget is in universe but tgt is in main...is that correct?	20:57
thafreak	and if so, does that mean tgt is prefered, since it's in main?	20:58
thafreak	or lio also seems to be in the repos...	21:02
=== mcclurmc_away is now known as mcclurmc
matthewh3	can anyone help me install a elgg plugin - http://paste.ubuntu.com/1363554/	21:14
roaksoax	clear	21:15
uvirtbot	New bug: #990102 in cloud-init (main) "/var/log/upstart is missing" [Undecided,Confirmed] https://launchpad.net/bugs/990102	21:30
episteme	hello everybody! Quick question...nothing big just bugging the hell out of me. When i log in i get a message that there are updates to be installed. I run apt-get and of course there is nothing....how can i reset these messages?	21:35
[conrad]	episteme: Which apt-get command are you executing exactly?	21:41
[conrad]	Also, can you pastebin the exact message that indicates "there are updates to be installed"?	21:42
episteme	[conrad]: well when i get the message i run the basic apt-get update then apt-get upgrade like ive alwasy done :)	21:47
episteme	the message is not from apt-get its when i log on in the motd	21:47
episteme	i guess i should have phrased the question to ask how to reset them in the motd	21:47
[conrad]	episteme: I've not personally experienced the issue ( presuming we're talking about packages, and not the actual release ). Though I do remember a bug in 10.x ( https://bugs.launchpad.net/ubuntu/+source/sysvinit/+bug/659738 ).	21:49
uvirtbot	Launchpad bug 659738 in sysvinit "Duplicate welcome message in motd (caused by postinst script creating motd.tail file)" [Medium,Fix released]	21:49
=== mcclurmc_away is now known as mcclurmc
[conrad]	episteme: http://askubuntu.com/a/44163 better explains a solution if in fact this is the issue: http://askubuntu.com/a/44163	21:51
episteme	[conrad]: yeah i found that thread and that is exactly what im experiencing. i attempted the solved solution but to no avail :(	21:52
episteme	[conrad]: its such a small thing too...but its one of those things i want to know what cause it and fix it...just for the knowledge, but im lost lol	21:54
matthewh3	can anyone tell me why I can't unzip on ubuntu server but I can on Xubuntu? The folders contain multiple files and I am just using the unzip command.	22:09
sarnold	matthewh3: pastebin what you've done and what results?	22:12
matthewh3	thanks - http://paste.ubuntu.com/1363687/	22:14
sarnold	matthewh3: what does 'file' show for that file?	22:16
matthewh3	what do you mean :/	22:16
sarnold	matthewh3: can you unzip that file just fine on your other machine? have you compared sha1sums to make sure they are identical?	22:16
sarnold	matthewh3: type 'file social-connect' -- it'll tell you what type of file it is	22:16
matthewh3	I can download it on Xubuntu and use archive manager to unzip it but on my Ubuntu VPS when I use the unzip command I get that error?	22:17
sarnold	file(1) uses magic numbers and magic offsets to identify thousands of different file types -- and it is usually good	22:17
matthewh3	root@coinconnect:/var/www/elgg/mod# file social-connect	22:17
matthewh3	social-connect: HTML document text	22:17
matthewh3	root@coinconnect:/var/www/elgg/mod#	22:17
sarnold	matthewh3: there you go :) you downloaded some html.	22:18
sarnold	nothing to unzip.	22:18
matthewh3	kk	22:19
matthewh3	ty	22:19
sarnold	quite frequently a web site will use a cookie or something to determine whether they should give you a form to fill out or a file to download :( sometimes it's just easier to download things using browsers rather than wget or curl...	22:20
imanc	does ubuntu come packages with postfix? Postfix appears to be installed, on an ubuntu server I'm administering, but I can't seem to uninstall it via apt-get	22:55
imanc	yet it's listed in dpkg --list	22:55
sarnold	imanc: how did you try to remove it via apt-get? what error did you get back?	22:57
imanc	sudo apt-get remove postfix	22:58
imanc	and the error is:	22:58
imanc	Package postfix is not installed, so not removed	22:58
sarnold	but dpkg -l postfix shows you that it _is_ installed? very curious.	22:59
imanc	yep	22:59
sarnold	imanc: you can remove it via dpkg --remove postfix	22:59
imanc	dpkg -l \| grep postfix	22:59
imanc	rc postfix 2.7.0-1ubuntu0.2 High-performance mail transport agent	22:59
jkyle	howdy	22:59
sarnold	or dpkg --purge postfix	22:59
imanc	okay, i'll try that	22:59
sarnold	but be sure you want it gone :) hehe	22:59
imanc	sarnold: that appears to have worked. Thanks	23:01
jkyle	looks like my postfix chroot is screwey somehow. I'm getting errors like failure to resolv domains, failure to find service maps (like smtp). even though the chroot contains valid resolv.conf, hosts, and services files	23:01
sarnold	jkyle: nsswitch, too?	23:02
jkyle	identical to system, world readable	23:03
jkyle	I also verified the libnss, libresolv libraries are there and I'm fully updated/upgraded (precise 12.04)	23:03
jkyle	drop it out of chroot, all is well	23:03
koolhead17	melmoth, around?	23:04
melmoth	yep koolhead17	23:05
koolhead17	melmoth, were you able to find/document getting keystone over SSL	23:05
melmoth	hmm	23:05
melmoth	in folsom there is a new thingy	23:05
melmoth	but i m not sure i undersand what i read	23:06
melmoth	if i understand correclty, now, you can have the token signed by keystone	23:06
koolhead17	melmoth, https://bugs.launchpad.net/openstack-manuals/+bug/1032788	23:06
uvirtbot	Launchpad bug 1032788 in openstack-manuals "Task: Document how to configure Keystone with SSL" [High,Confirmed]	23:06
koolhead17	i was wondering if you could help me with this	23:06
melmoth	last stuff i read was https://www.ibm.com/developerworks/mydeveloperworks/blogs/e93514d3-c4f0-4aa0-8844-497f370090f5/entry/openstack_keystone_workflow_token_scoping?lang=en	23:08
melmoth	see the pki bits	23:08
melmoth	but if i understand correclty, the token is still readable by other people	23:08
melmoth	it s just signed	23:08
melmoth	so you know it comes fro keystone , but anyone can read it.	23:08
jkyle	well....	23:09
jkyle	as far as fixes go, this was stupidly simple considering the time I wasted figuring it out lol	23:09
melmoth	(it s encrypted all right, but with the private key of keystone, so any one with its public key can decrupt it, and be sure it comes from keystone)	23:09
koolhead17	melmoth, i will think about it. thanks	23:09
melmoth	i m still not sure its what "i want".	23:09
melmoth	my main problem was not "not being sure my token comes from keystone"	23:10
melmoth	but "i m not sure somebody else than whoever i think it is is using a token from someone else"	23:10
melmoth	anyway, too complicated for me, too many stuff to learn	23:10
melmoth	but my feeling is, it s still a bit on the hippie side of things.	23:10
hallyn	woohoo! stgraber: had some locking snafus, but finally got a owrking syslogns patch.	23:51
hallyn	now to prepare for ridicule on lkml	23:51
stgraber	hallyn: yay!	23:54
stgraber	hallyn: btw, http://www.stgraber.org/2012/11/16/running-steam-in-a-lxc-container/	23:55
hallyn	cool :) guess i have no excuse not to try it	23:57
sarnold	stgraber: nice :)	23:57

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!