/srv/irclogs.ubuntu.com/2013/01/11/#ubuntu-server.txt

=== koolhead|H is now known as koolhead17
=== slank_away is now known as slank
=== ariel__ is now known as Guest77318
Guest77318can sombody tell me if lamp supports ajax00:43
sarnoldGuest77318: it does if you write your application that way...00:43
Guest77318do you know javascript00:44
roastedhello!01:16
roastedI'm running ubuntu server 12.04.1. I just moved my hardware to another box (new mobo and cpu, same hdd's and same install) and now it won't find the network.01:16
roastedI have the server set to DHCP with an IP reservation from the router. Eth0 is failing to come up and I'm not enturely sure why.01:16
roastedinterfaces config file looks normal... auto eth0            iface eth0 inet dhcp01:17
roastedifconfig only brings up lo, but lspci shows the realtek gigabit onboard ethernet in the listing.01:17
PryMar56roasted, /etc/udev/rules.d/70-persistent-net.rules (edit or delete)01:17
PryMar56the old NIC macs are persisted01:18
roastedPryMar56: thank you! I knew there was something I was forgetting.01:19
roastedOddly enough I knew it had a 7 in it for some reason... I just forgot... everything else :/01:19
roastedPryMar56: we're up and running now. I owe ya a beer.01:19
PryMar56roasted, cheers01:19
roasted:D01:20
avickeryhowdy01:33
=== slank is now known as slank_away
=== Koheleth is now known as gimp4ever
=== gimp4ever is now known as koheleth
=== smb` is now known as smb
=== yofel_ is now known as yofel
psivaaToday's server installations fail because linux-headers-server have unmet dependencies (linux-headers-generic (3.8.0.0.13)09:31
psivaawho should i report the bug against?09:32
psivaaDaviey: jamespage ^^09:32
jamespagepsivaa, linux kernel please09:32
jamespageits probably transitory09:32
psivaajamespage: ahh ok thanks. normally the mismatch in d-i installer and the archive give a different error message, i'll confirm with release or kernel then09:35
Davieyjamespage / psivaa: You'd hope that with the proposed usage now, we'd not get this!09:39
psivaaDaviey: thanks, ill report a bug anyway and see how it goes09:43
Davieypsivaa: could i ask you to let me know how it turns out please?09:45
psivaaDaviey: infinity is fixing the 'proposed migration' and then the images will have to be respun . the issue seems to be in the desktop images too09:48
Davieypsivaa: yeah, i just caught it in -release.. thanks :)09:49
Davieyappreciate you following it up09:49
jamespageDaviey, I uploaded hp3parclient to NEW in raring yesterday if you have time to review and accept10:07
jamespageyolanda2, ^^ fyi10:07
yolanda2jamespage, so we could add it as a dependency when it's done?10:08
jamespageyolanda2, yes - but lets hold off until after g2 is out in the distro10:08
jamespageyolanda2, it will need to go through MIR10:08
Davieyjamespage: ok, chuck asked me to do 2 others first... i'll do them today for sure10:10
jamespageDaviey, great - thanks10:10
dijitHello10:30
dijitI have a server (Ubuntu 10.04 LTS)10:30
dijitwhich will not boot, it drops to busybox with the line "Could not open /dev/mapper/<servername>-root"10:30
dijithowever, the block file exists, and I can mount it and move around the filesystem.. (it's definitely my filesystem, not initramfs)10:31
dijitI assumed it was pvscan taking a while, so I've tried adding rootdelay=6010:31
dijitbut that's not working either.10:31
dijitafter it goes to busy box; a ^D will take me to another screen "Waiting for device / press S to skip or M to manually mount the device"10:32
dijitpressing "M" takes me to a shell that's mounted in ro mode.10:32
dijitI can remount,rw and get networking up.10:33
dijitbut the machine will not boot into init 510:33
dijithttp://superuser.com/questions/256856/ubuntu-alert-dev-mapper-localhost-root-does-not-exist-dropping-to-a-shell10:47
swHi, I've setup samba on a remote Ubuntu server but when our Windows server tries to connect it says that the password is incorrect? Connecting to \\ip\backups as user 'backups' who is in write users in the samba.cfg.10:59
swroot works fine.10:59
tdnI have a complete disk image (dd if=/dev/sda of=foo.bin) that contains several partitions and LVM logical volumes on which there are ext4 filesystems. How do I mount one of the filesystems on this diskimage? I assume I have to use a loopback device somehow, but I am not sure how to do it when I have the entire device as an image and not just one filesystem.11:04
xnoxtdn: look into kpartx, you may need to use it recursively to get into lvm.11:11
xnox(if your lvm volumes also have partition table)11:12
xnoxkpartx -a path/to/foo.bin; vgchange -ay should do it, fi you don't11:12
swHi, I have a user 'backups' trying to access a samba share \\ip\backups from a Windows machine but can't get authorized. It's using the correct password and is in write users for that share. root is too and that works.11:13
tdnxnox, ok11:24
dijitI found another sysadmin with my problem.11:46
dijitupdate, reboot -> no longer boots11:46
dijitI'm going to try updating to a newer version of the OS using do-release-upgrade11:48
samba35i am planning to upgrade/install (from source ) libvirt version on ubuntu 12.04.1 from 9.13 to version 1.0.x? willl that create a problem ?12:15
dijitso my install is now almost completely broken12:49
dijitI'm going to reinstall using centos.12:49
dijitafter copying all my VM's off.12:49
TheBronxHi all!13:23
TheBronxRoyK, sarnold, my server "survived" his first attack xD13:24
RoyK:)13:24
TheBronxthe server was unaccessible, or ultra slow, but alive, and once the attack stopped, was still there!13:24
TheBronxCSF bloqued a ton of IPs13:25
TheBronxblocked*13:25
TheBronxno messages of "dst cache overflow" in the logs13:25
TheBronxI think i'm going to reduce the synflood parameters in CSF13:29
TheBronxhttp://i.imgur.com/m1oly.png13:33
TheBronxstill a lot of very similar IPs. It would be great if the firewall could block the entire range when 3 or more similar IPs are already blocked13:34
=== slank_away is now known as slank
=== slank is now known as slank_away
=== slank_away is now known as slank
zuljamespage or yolanda2: https://code.launchpad.net/~zulcss/cinder/cinder-g2/+merge/14290013:55
jamespagezul, approved14:01
=== motmot is now known as liva
=== cpg is now known as cpg|away
zuljamespage: https://code.launchpad.net/~zulcss/glance/glance-g2/+merge/14290614:20
jamespagezul, approved14:29
=== chuck_ is now known as zul
=== cpg|away is now known as cpg
=== cpg is now known as Guest53868
zuljamespage:  next https://code.launchpad.net/~zulcss/horizon/horizon-g2/+merge/14290814:43
zuljamespage: next https://code.launchpad.net/~zulcss/keystone/keystnoe-g2/+merge/14291114:55
zuljamespage:  i thought you added alembic to quantum?15:08
jamespageI did15:10
zuljamespage: nm i suck15:12
zuljamespage:  https://code.launchpad.net/~zulcss/quantum/quantum-g2/+merge/14291615:24
jamespagezul, all approved15:32
zuljamespage:  thanks there is a couple of more to do...but im making my way through it15:32
zuljamespage: https://code.launchpad.net/~zulcss/python-glanceclient/grizzly-g2/+merge/14291915:40
dijithttps://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/59655415:43
uvirtbotLaunchpad bug 596554 in udev "Unable to mount root LVM partition" [Undecided,Confirmed]15:43
=== megha is now known as firewall
thompchaHey, I've got an issue with tomcat taking more than 20 minutes to start on Ubuntu Server 12.10. I've written up the problem in detail here: http://serverfault.com/q/466190/4560716:05
thompchaAny suggestions?16:06
pmatulisthompcha: check logs and available resources (cpu, memory, disk)16:10
Crazy_SpaiAhoy.16:24
thompchapmatulis: I'm trying to make the logs output more.16:30
TheBronxhm, I have an idea, but I don't know if it is possible or how can I implement it16:33
TheBronxcapture example, from the last attack: http://i.imgur.com/m1oly.png16:34
TheBronxis it possible to count the number of SYN packets from each /24 IP block?16:34
TheBronxfor example:16:34
TheBronx192.132.209.0/24 -> 27 SYN packets16:35
TheBronx105.75.136.0/24 -> 2 SYN packets16:35
TheBronxand so on16:35
TheBronxif a /24 block has more than X packets, it gets blocked16:35
TheBronxis it possible?16:36
jamespagezul, Daviey: bah - openvswitch dkms package is not liking 3.8.0 kernel16:37
zuljamespage:  meh16:37
jamespagezul, Daviey: I really think we should drop whoopsie from the kernel seed16:40
jamespageserver seed rather16:40
zuljamespage: how come?16:40
jamespagezul, it does *nothing* in server world AFAICT16:42
zuljamespage: im ok with it16:42
jamespagethompcha, tomcat7 does some key/crypto init on startup - if you have poor entropy on your system it may take some time16:43
jamespagethompcha, installing haveged might help16:43
jamespagethompcha, hmm - its not that "INFO: Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [164] milliseconds."16:49
jamespagesmb, still around?17:11
sarnoldTheBronx: woot! good work. :)17:15
TheBronxunder attack again. I've posted a thread in CSF forums: http://forum.configserver.com/viewtopic.php?f=6&t=6134&p=1880717:16
TheBronxthat feature in CSF would be great I think. or a script that can do that17:17
patdk-wkhmm?17:17
patdk-wksynfloods are pretty well blocked by the kernel on its own, for me atleast17:17
patdk-wkI got a huge one a few days ago17:17
TheBronxbut if each different IP only sends 1 SYN packet17:18
patdk-wkbut beyond that, you should have something doing watching and blocking, sure17:18
TheBronxboth the kernel and the firewall (CSF) will do nothing17:18
patdk-wkdunno about a csf thing17:19
Crazy_SpaiIs UFW not enough?17:19
patdk-wkI use fail2ban and some scripts that upset ipset for banning stuff17:19
patdk-wkufw is static, not active17:19
Crazy_SpaiFair enough, pardon my ignorance.17:19
jdstrandI was actually thinking about adding ipset support to ufw17:20
patdk-wkhe wants some kind of indrusion detecton thing17:20
Crazy_SpaiIs there a different between denyhosts and fail2ban? I'm under the impression that fail2ban is just more confurable17:20
Crazy_Spaiconfigurable17:20
patdk-wkipset kicks ass, except you need to install xtables17:20
patdk-wkCrazy_Spai, same idea, ya17:20
Crazy_SpaiFigured as much, thank you.17:21
TheBronxCSF uses iptables, but it is easy to configure, for example for SYN flood attacks17:22
TheBronxyou can set a limit, for example: 30/s SYN packets17:22
TheBronxbut this limit is applied per IP17:23
Crazy_SpaiCouldn't you use another program to block those IP's17:23
TheBronxand what I want is to block the entire /24 block of IPs, as that is what the attackers are using17:23
TheBronxyeah, if know one that can do what I want, of course!17:24
TheBronxif you know*17:24
Crazy_SpaiCouldnt fail2ban monitor a log set by csf?17:24
Crazy_Spai*I'm not too sure of anything, but from my understanding just trying to learn through brainstorming with you17:24
patdk-wkfail2ban can monitor anything, and call any script17:24
patdk-wkI dunno how you detect a single syn, as bad though17:25
patdk-wkbut fail2ban can easily grep the kernel iptables logs and ban ranges based on that17:25
Crazy_SpaiThat's the route I was thinking was possible.17:25
patdk-wkI guess if you log based on an INFO rule, it would get *LOTS* of info17:26
TheBronxbut SYN packets are not logged, so fail2ban can't know what is happening17:27
TheBronxit is possible to use the CSF logs, so that when an IP is blocked for SYN flood, fail2ban can call a script that bans the entire range17:28
patdk-wksure17:28
TheBronxbut again the problem is that CSF only blocks IPs that send more than 30 SYN packets per second (or 20 or whatever I set in the config)17:28
Crazy_SpaiWell, you have control over that frequency17:29
patdk-wkpersonally, 30 syn per second is acceptable to my http servers17:29
patdk-wkas that is normal17:29
TheBronxless than 30 is just paranoid hehe17:30
TheBronxas patdk-wk says, 30 syn is acceptable17:30
TheBronxthe key is frequency per /24 block, not frequency per single IP17:30
patdk-wkI personally allow 80/s per ip17:31
TheBronxthat's the key, as the attack uses a lot of IPs from the same block17:31
patdk-wkany my syncflood only come in at like 1000/sec17:31
TheBronxCSF is not blocking anyone. The logs are clean of banned IPs, until an attack starts17:32
TheBronxwhen an attack starts, CSF starts blocking IPs, that's what I see in the logs17:32
TheBronxso it seems 30/s is nice for my server17:32
patdk-wkwell, normal clients, will generate about 6 syn per webpage normally17:37
patdk-wkunless you use multible hostnames, then 6 per hostname17:37
patdk-wkI use 5 hostnames, so that gets me up to the 30 range per client17:38
TheBronxyeah, I only have one site (and a few small blogs and static sites) so 30/s is enough17:48
=== alein is now known as a|way
=== a|way is now known as alein
dijithttp://pastebin.com/pdPNRMnH18:07
sarnolddijit: apt-get install python-gnupginterface first ?18:09
dijitshouldn't I already have that.18:10
dijitisn't that like, a dependancy?18:10
dijithttp://pastebin.com/PQBFvhH418:11
sarnoldone would hope..18:11
dijityeah this is very broken now.18:11
dijitI tried to run an apt-get dist-upgrade before.18:11
dijitthat might be why.18:12
sarnolddijit: .. to upgrade between distributions?18:12
dijitwell, what else is it for?18:12
dijit(I'm on 10.04)18:12
dijitthis happened /after/ my issues earlier.18:12
sarnoldsadly, some larger changes are difficult to do entirely via dist-upgrade, which is why the do-release-upgrade (or whatever the name tis..) was introduced.18:13
* dijit sighs18:13
dijitI wish I knew that.18:13
dijitanyway, this server is a lost cause, it's not booting with LVM anymore because, god knows why.18:14
dijitI'm just going to rebuild it as a centos vm host or something.18:14
dijitand I happened to fuck up apt anyway.18:14
dijitso, I think it's time.18:14
dijitxD18:14
sarnoldsometimes not solving a problem is easiest :)18:15
ckramercan someone explain the purpose or point me towards some documentation covering the precise-server-cloudimg-amd64-loader ?18:20
ckramerI get an qemu error when I try to use it with a libvirt direct kernel boot.18:22
ckramerAlso, I'm looking for an initramfs for the Precise cloud image but I don't see any listed on http://cloud-images.ubuntu.com/precise/current18:26
ckrameram I missing something basic here?18:26
adam_gjamespage: re: that keystone charm branch, looks like the swift stuff landed while i was working on it and just needed to be rebased against the upstream trunk. doing that now19:06
jamespageadam_g, great!19:14
jamespageI thought that might be the case19:14
kieppiehappy new year all.19:29
kieppieI've just set up a new OS (12.04) from the mini.iso - all looks good, but I don't have any video-out (VGA or DV. I'm able to log in via SSH, but bupkis on the TTY's. headless setup (no X)19:29
=== Ursinha_ is now known as Ursinha
kieppie1is it possible to push my headless/CLI TTY's to all display outputs?20:10
sarnoldkieppie1: the console= kernel boot param may let you select something.. or you may need to use netconsole (though I don't think that allows for interacting..)20:13
kieppie1sarnold - cheers20:13
kieppie1found the issue to my previously stated problem: I have multiple graphics cards on this machine, & it was defaulting to an output that had no monitor connected20:14
sarnoldah!20:14
sarnoldI've done that. :/ hehe.20:14
kieppie1silly really20:14
kieppie1it's going to be a headless resver, no X installed, so it's a bit silly that it's not simply throwing out TTY to all displays :/20:15
kieppie1sarnold - I'm finding references to enabling the serial console (probably not a terrible idea), but not for VGA. got any refs please?20:20
Davieyzul: pecan.. ./pecan/middleware/recursive.py is a different licence to the rest?20:20
adam_gzul: http://people.canonical.com/~agandelman/g2_deps/ <- added, alembic, python-webob, python-testtools, python-testscenarios, testrepository20:21
zulDaviey: erp20:23
Davieyzul: I also don't really agree with keeping the experimental changelog entry, as it seems it hasn't been published there?20:24
zulDaviey: ok ill have another look20:25
sarnoldkieppie1: darn. maybe video= is the better starting point?20:25
kieppie1sarnold - cheers. brub/kernel options does seem the way to go at least. I'll keep digging, thanks20:26
Davieyzul: not a requirement for NEW'ing.. but.. is this intentional? "python setup.py test --functional || true"20:26
zulDaviey: yeah i didnt spend alot of time with the testsuite20:27
Davieyjamespage: python-hp3parclient looks good.. but i note it has a testsuite that will probably need enabling for MIR.. if we need it.20:30
Davieyzul: python-ceilometer, should it be arch: any .. and there is boilerplate left in debian/copyright20:43
zuldoh20:44
Davieyzul: ok, i'll reject it for now.20:45
zulat least g2 is uploaded except for ceilometer20:45
Daviey\o/20:46
Davieyzul: i'll reject python-pecan whislt you look into the licence, if it is indeed good.. it can be salvaged from the queue20:47
=== Ursinha is now known as Ursinha-afk
=== alein is now known as a|way
=== Ursinha-afk is now known as Ursinha
stiv2khi21:08
stiv2ki need some help21:08
stiv2ki replaced the hdd enclosure for my server's external disk21:09
stiv2kand now during bootup21:09
stiv2kpresumably on the fsck stage21:09
stiv2kit says HDIO_GET_IDENTITY failed for '/dev/sdb' invalid argument21:09
submanI'm trying to add a repository on one of my Ubuntu 12.04 servers with the command:  sudo add-apt-repository ppa:openbravo-isv/ppa but I get a "sudo: add-apt-repository: command not found" in response.  I did this on another server with no issue.  What am I missing?21:10
sarnoldsubman: it's apt-add-repository not add-apt-repository21:11
submansarnold, Wow, didn't notice that at all!  I was just copy/pasting instructions right from the OpenBravo website.21:12
tjaaltonvirt-manager is giving pain on raring.. I keep getting 'Error starting domain: internal error Failed to get user record for name '116': Connection refused', 116 is the uid of libvirt-qemu21:12
tjaaltoncan't start any vm21:13
submansarnold, but that gives the error:  "sudo: apt-add-repository: command not found"21:13
stiv2khere http://i.imgur.com/SBICT.jpg21:13
stiv2kis my error21:13
stiv2k^^^21:13
uvirtbotstiv2k: Error: "^^" is not a valid command.21:13
sarnoldsubman: haha21:13
sarnoldsubman: that's hilarious. I just typed "apt-<tab>" and thought you had it wrong..21:14
sarnoldsubman: lrwxrwxrwx 1 root root 18 Sep 28 07:06 /usr/bin/apt-add-repository -> add-apt-repository21:14
sarnoldsubman: install the python-software-properties package  :)21:14
stiv2kanyone21:16
stiv2ksarnold: ping21:16
submansarnold, why thank you!21:17
sarnoldstiv2k: sorry, I don't know much there, except that it _looks_ bad.21:18
tjaaltonlooks like I hit https://bugzilla.redhat.com/show_bug.cgi?id=88354721:18
uvirtbottjaalton: Error: Could not parse XML returned by bugzilla.redhat.com: HTTP Error 404: Not Found21:18
stiv2kits not bad21:18
stiv2kim sure the disk is fine21:19
stiv2kit was JUST working21:19
stiv2kall i did was put a new enclosure21:19
sarnoldstiv2k: yeah, but your enclosure looks like it is giving results that disagree with the old enclosure about drive size21:19
sarnoldstiv2k: it feels like it steals a sector for its own use? or .. why would it report something different?21:19
stiv2ki dunno21:19
jamespageDaviey, great - I have the test suite working as of this morning - I'll upload a fix early next week21:28
eutheriais there a server and client like ubuntu one just for syncing files to your own server?21:41
sarnoldeutheria: rsync is neat..21:41
TheLordOfTimewhat sarnold said21:42
eutheriasarnold, rsync requires me to remember to run it21:42
TheLordOfTimenot if you use a crontab21:42
sarnoldeutheria: indeed :)21:42
sarnoldeutheria: cron may help21:42
eutheriaubuntu one syncs things for me21:42
TheLordOfTimeeutheria, there's no client/server system i'm aware of similar to ubuntu one that you can easily set up for your system, except for an rsync set up to run every so often via cron21:43
eutheriafair enough21:43
TheLordOfTimeand to be honest...21:43
eutheriadeja-dup created me a useless backup21:43
TheLordOfTimei have that running on 4 servers.21:43
sarnoldit would be keen to have an inotify-aware rsync daemon thingy...21:43
TheLordOfTimeagreed with sarnold21:44
sarnold(piecing something together with imcron and rsync would be _painful_, don't do that.)21:44
TheLordOfTime(heh)21:45
eutheriai guess i could use rsync21:45
eutheriamaybe there is a task manager to remind me to backup21:46
TheLordOfTimeor you can just schedule the rsync with cron to run at a given time each day21:46
TheLordOfTimeor multiple times per day21:46
eutheriait is a laptop21:46
eutheriait might be off at that time21:46
eutheriafor a server sure21:47
TheLordOfTimeas i said, set it up for multiple times per day :p21:47
TheLordOfTimeor don't its your  call21:47
* TheLordOfTime returns to poking at nginx's source code21:47
adam_gzul: dont suppose you've seen this one: https://launchpadlibrarian.net/128227169/buildlog_ubuntu-precise-i386.testrepository_0.0.11-0ubuntu5~cloud0_FAILEDTOBUILD.txt.gz22:07
syncsyscannot set JAVA_HOME in /etc/enviroment  with JAVA_HOME="/home/syncsys/bin/jdk1.7.0_10/"    echo give me that but its not a correct java home or i need something else?22:08
=== gary_poster is now known as gary_poster|away
=== syncsys is now known as Quest
Quest please see this http://stackoverflow.com/questions/14287501/java-home-in-etc-enviroment-in-ubuntu    any help?22:52
=== motmot is now known as liva
sw__Hi, I installed nagios3 through apt-get but on the tutorial that I'm looking at it shows that the web interface should be setup automatically to http://localhost/nagios, is this correct? It's not even listed as running through apache2 at the moment, should I cp the sample conf to /etc/apache2/sites-available and then a2enable it?23:22
sw__I've tried #nagios, but there doesn't seem to be many signs of life over there at the moment.23:22
sarnoldsw__: they'd probably tell you to find details on distribution packaging from your distro.. :)23:48
sarnoldsw__: I think your a2enable idea is good, give that a shot..23:48

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!