/srv/irclogs.ubuntu.com/2013/02/24/#ubuntu-server.txt

xslhello all ... before my server freezes im detecting this message in logs "TCP Peer: {ip} unexpectedly shrunk window 954892853:954895757 (repaired)"00:42
xslany ideas on what it might be?00:42
hikenbootis there ubuntu server (latest stable) settings I can implement that make up for slow drives I have battery backed up everything and a UPS and data doesnt change often. So A large cache might be helpful or other settings I dont know of. Thanks for the pointers!00:46
SpaceBasshikenboot, can you say more? are you losing data to power outages?00:49
hikenbootno data is being lost...everything is fine just I notice the VM (uunder esx5i) has slow typing into the ubuntu server guest and also that the admin panel in wordpress is slow responing00:50
SpaceBassxsl, thats probably normal, what else appears in the log?00:50
hikenboots/responing/responding/00:50
SpaceBasshikenboot, ah. What's the VM's config? how much RAM? what's the host box like?00:50
xslSpaceBass, after that i only see the reboot it self00:51
hikenboothost box only has one hard drive but I have 24 gig of memory for two vms ( a windows 2008 R2 SP1 Domain controller) and (a ubuntu latest stable server running apache and wordpress website)00:51
xslFeb 23 05:19:03 andy kernel: [30601.301962] usb 2-1.8: USB disconnect, device number 500:51
xslFeb 23 05:20:03 andy kernel: imklog 5.8.6, log source = /proc/kmsg started.00:51
hikenboothold on let me see how much memory i have assigned to guest to be sure00:51
hikenboot8 gig to the ubuntu guest00:52
xslI have lxcontainers on that server... i'm starting to believe its some sort of misconfiguration ( i'm in a dead end .... :( )00:52
hikenboot4 virtual cpu's on an 8 core system00:52
xsldo you guys know if lxcontainers support ext4 as a backend lvm?00:52
hikenbootopen source guest tools installed00:53
SpaceBassxsl, that TCP window error is pretty common, but usually triggered by lots of data and too little cache on the NIC?still nothing to worry about. It does make one wonder if the NIC itself may be going bad and causing a panic? but that's a stretch00:53
xslbut i dont see anything on the logs00:53
xslcould be a faulty sysctl config?00:54
SpaceBasshikenboot, sounds like quite the box! and 8gb is plenty (at least enough to avoid input lag) ? you might be on to something re disk lag.00:54
xslits weird because i have several servers like this one ... and only this one gives me problems ( tough its the one with the highest load )00:54
SpaceBasshikenboot, I'm outta my league past that ? I'd be tempted to research disk caching and your VM provider?and then maybe test with an SSD on the main bus, if for no other reason than to test throughput00:55
SpaceBassxsl, highest load sounds suspicious? I'd start at the most basic level: new/different ethernet cable, different port on the switch, then maybe confirm correct kernel module for the NIC is loaded, and then maybe different NIC ?if only for trouble shooting00:56
xslSpaceBass, i understand... i already requested a hardware test and the ISP says its all ok00:57
xslits a rented server00:57
SpaceBassxsl, oh wow, doubly complicated in that case.00:57
xsli'm so lost that i'm starting to doubt my setup ...00:58
xslopen files problem ... maybe disk out of inodes?00:58
xslbut could not be... that way it didnt hang00:58
xsli have separate partitions00:59
SpaceBassif you were out of inodes, it'd throw errors in the log long before a crash00:59
SpaceBassxsl, can you throttle the traffic to see if it increases uptime?01:00
xsli have to check how to do that ... this is a high load webserver01:01
SpaceBasshikenboot, the input delay is suspicious ? with that kind of ram and horsepower, it does sound like disk lag. But I'm not aware of any settings to tine that (though I'm sure some exist).01:01
SpaceBassxsl, maybe on the router, upstream? also, confirm the basics like the NIC in full duplex 100 or 1000 mbs mode01:02
xsland the proof that it rly hangs is that the software raid ... needs to rebuild sometime01:02
xslSpaceBass, thx for the tips ... i'm gonna try and see what i can do about the nic01:02
SpaceBassxsl, good luck?I'm curious to know what you learn01:03
SpaceBassxsl, woah,?software raid? mdadmin?01:03
xsli will report it... its been a mysterious issue to solf01:03
xslyes01:03
SpaceBassxsl, gig ethernet?01:04
xslyes01:04
SpaceBasswonder if you are flooding the write buffer on the software raid01:04
xslwhats new to me.. hmmm01:05
xslhow can i check that?01:05
SpaceBassused to happen to me w/ a software raid 5 all the time.01:05
xslthis one is raid101:05
xslso ... now im thinking... maybe i pushed the nofiles too high...01:06
SpaceBassthat could do it01:07
xslin each container i have like ... 6553601:07
xslfor hard limit of nginx user01:07
xslfor mysql user01:07
xslfor php user01:07
xsland the default is 102401:08
SpaceBasshave seen systems with 75000, so 65000 doesn't seem too high, but that could very well be it01:08
xsli have like 18G of ram .. and its allways at 30% of its capacity, couldn't i use ram to tweak this out?01:09
SpaceBassyou could tune mysql to use more ram01:10
SpaceBassassuming it's DB writes thats the issue01:11
xsli'm using a Innodb buffer pool size of 6Gb01:12
xslyou might be right01:12
xsli'm pushing the disks01:12
SpaceBasscould it be heat?01:14
SpaceBassare your running lm-sensors ?01:14
xsland i have innodb_flush_log_at_trx_commit=1 ... maybe i should set it to 201:14
xslno, but i can install it01:14
SpaceBassI had an overheating issue for a while?set up a cron to push CPU temps to my iPhone every 15 mins (if over critical)? ended up buying a $15 fan off amazon and it solved the problem.01:15
xslwell this is in a rented server, i want to believe that they have a good ventilation01:16
SpaceBass2 is each commit, right?01:16
xslbut non the less.. its a good thing to keep track01:16
xslyesterday it rebooted itself .. maybe its rly heat01:17
SpaceBassthose drives could be cranking out some heat01:17
xsli have noted down all the ideas you gave me ... its been rly helpfull ... i will tell you my findings01:19
xslthx01:19
SpaceBassin fairness, I'm no expert. But enjoyed thinking through the troubleshooting.01:21
SpaceBasskeep us posted!01:21
xslsure ty once again01:21
=== paddymahoney1 is now known as paddymahoney
rurufufussif hdparm shows fast speeds (e.g around 100MB/s) but cp etc is ridiculously slow (1MB/s), what are the possible reasons?02:03
=== paddymahoney1 is now known as paddymahoney
=== sweettea is now known as Guest48399
jetoleHey guys. I hope someones around because I need some help. Not as in my system is about to explode but post recovery forensics to determine what caused a server issue. I have some theories and I have what data I thought to collect prior to the reboot. I don't know where to begin other then I guess explain the situation11:56
jetolewe have a Linux firewall we use in production, in a rack at the data center. It's actually one of two which provides high availability via conntrackd11:56
jetolethe server stopped accepting ssh requests mid Nov. It showed the port was open and sshd actually gave a error which I don't have in front of right now but I'll pull that up in a minute11:57
jetoleanyways, I went to the data center the other day and I saw the server clearly had a issue11:57
jetoleit's unix load average was 7000+11:58
RoyKI guess without the error, no fun11:58
RoyKoops11:58
RoyKthat's a bit ;)11:58
jetolethe error isn't relavent but11:58
jetoleyeah...11:58
jetoleso as I was saying11:58
jetoleI did some pre-reboot checks and I found one of the main causes seemed to be cron11:58
RoyKhigh load is usually because of threads hanging in D state, because of bad i/o11:58
jetoleoh and by the way the high load is what causes the error on ssh but ssh isn't the problem here11:58
jetolewhich is the case11:59
jetoleand I am suspecting this may be driver related11:59
jetoleat first I thought it was batched cron jobs11:59
RoyKcheck if processes are in D state11:59
RoyKthat is - have you rebooted it yet?11:59
jetolebut then I noticed we had some sshd instances that were also hung and netstat said they were in wait close I believe it was but they have been hung for several months11:59
jetoleRoyK: I did but I saved a lot of stats prior and yes @ d state12:00
RoyKwhich processes were in D state?12:00
jetolewhich is making me suspect it's a driver issue. If sshd is hung on a tcp close for several months... well it makes me think it is in D waiting on the NIC to realease the uninterupptable lock12:00
jetolemany, let me pull up the PS log I did before the reboot12:01
RoyKI've never seen D state be network related12:01
RoyKalways disk related the times I've seen it climb12:01
RoyKbut I don't know the internals well enough to say for sure12:02
maswanalso, did you save dmesg output?12:02
maswanand df?12:02
jetolewell I don't want to sound bias but we had some network issues with the broadcom nics when we deployed these servers prior to upgrading the driver from the broadcom site12:02
jetoleit's using bridge on bond12:02
RoyKmaswan: df???12:02
maswanRoyK: yes, filesystems don't always play nice when you fill them up12:02
jetolemaswan: I wish I did but I just pulled copies of the dmesg log as well as others from the server now and this server had been in this state for several months now12:03
maswanRoyK: a full /var/log could stick lots of processes in D12:03
RoyKmaswan: erm - a full filesystem making load exceed 7k? never seen that ;)12:03
RoyKmaswan: why?12:03
RoyKthey get an error writing to disk12:03
RoyKif the filesystem is full12:04
maswanRoyK: Not necessarily12:04
RoyKthey aren't put in d state12:04
maswanRoyK: Sometimes they just get stuck instead12:04
jetoleI don't think the FS is full but let me check. I also note that the server seemed very responsive when I logged in via the console despite the 7000+ PIDs and load avg12:04
RoyKI'd love to see that demonstrated12:04
maswanRoyK: xfs is nutorious for that, but can happen to other filesystems too12:04
jetoleno xfs12:04
maswanRoyK: Only happens in certain circumstances, but we see it happen a couple of times per year12:05
RoyKmaswan: got a reference for that?12:05
jetoledf is good12:05
jetolenothing listed above 10% usage12:05
RoyKmaswan: I've never seen that...12:05
jetolenow let me look at the PS file as RoyK asked which procs were in D12:05
jetoleand I know cron has 7000+ procs where most were in D but don't know what else12:06
RoyKjetole: that usually means cron is trying to write to a dangling filesystem. I've seen that with NFS12:06
RoyKthen it's stuck in D state and can't be killed until the I/O transaction is completed12:07
RoyKmeaning *high* load may occur12:07
jetoleRoyK: but sshd hung while waiting for a tcp close since Nov?12:09
RoyKjetole: do you have dmesg output?12:09
maswanRoyK: when most allocation groups are full and you do many concurrent writes the last few blocks might become wedged instead. "xfs full filesystem hang" seem to find some of those refernces12:09
RoyKmaswan: it seems like a very rare case - still, this isn't xfs, as jetole said.12:10
jetoleI don't think this server has nfs but lets go back to which procs. This is a big PS file as I used ps -o x,x,x,x,x,x,x,x,x,x,x,x specifying every little detail from the ps man page I could think might be important. does anyone know the awk syntax for multiple columns? I typically only use it for one column12:10
jetoleRoyK: one thing at a time here. I'm only human12:10
RoyKdmesg?12:10
jetoleso dmesg first? ok12:10
jetoleone min12:10
jetolewell...12:12
jetolethe last dmesg seems to be wrote at 44.67xxxxx on the one saved to /var/log/dmesg. I wish I got the live one but this looks like we have bnx2 issues already12:13
jetole... or not. It looks like it's writing the allocations12:13
jetoleirq allocations.12:13
jetolemy mistake12:13
jetole@ RoyK12:13
RoyKwill need the live one to see the errors12:14
jetolethe system has been rebooted already12:14
RoyKiirc /var/log/dmesg is just the one from the bootup12:14
jetoleit may be12:14
jetoleone sec and let me tell you what I have12:14
RoyKit is12:14
RoyKjust checked12:14
jetoleI have lsmod, lspci, lsof, ps with the following columns: PID,PPID,STARTED,S,BLOCKED,CAUGHT,CLS,TIME,F,IGNORED,LWP,NI,NLWP,PENDING,PGID,PRI,PSR,RSS,SCH,SESS,RSS,SZ,STACKP,STAT,SZ,TT,VSZ,WCHAN,USER,GROUP,CMD,CMD12:16
jetoleI also have logs from newest to oldest pre log rotate for: conntrackd, dmesg, kern, messages, syslog12:17
RoyKstill doesn't help, since what's needed, is the live dmesg at the time of the problem12:18
RoyKI guess I/O was hanging12:18
RoyKthat is, the disk or subsystem12:18
jetoleso you're saying I'll never be able to figure it out since I don't have the dmesg? you don't think syslog or lsof may hold some clues? it was in this state from Oct 8th until last night12:19
jetoleI'm skeptical12:19
jetoleon disk12:19
jetolealso, the system was booted on apr 2nd and didn't start to have these back logged / hung procs till oct 8th12:19
RoyKpastebin the syslog (or put it somewhere)12:20
jetoleI really, really want to12:20
RoyKif I/O was hanging, this will probably happen again12:20
jetolebut12:20
jetolethis is corporate12:20
jetoleI can't12:20
RoyKdidn't you say this was one of two in a cluster?12:20
jetoleI could be tarred, feathered and hung if I did12:20
jetoleRoyK: it will probably happen again but it took 7 months before it started and yes @ one of two12:21
RoyKjetole: there's no way of finding a lost dmesg. period. so if there's nothing in the logs, there's nothing in the logs12:21
* RoyK thinks jetole will remember dmesg next time12:21
jetoleRoyK: who says there's nothing in the logs12:22
RoyKwell, post the logs12:22
jetoleI'm just starting forensics now. I'm hoping something is in the logs12:22
RoyKI can scan through them12:22
jetoleI wish I could but I can't. I'm sorry. I just can't. Appreciate any hints you can give though since this is a lot of logs12:22
RoyKthen use egrep -v 'unimportant|blah|blah' logfile12:23
RoyKand you'll end up with whatever you don't understand, which may be interesting12:24
RoyKbut if processes are stuck in D state, they *hang* and can't write to logs12:24
RoyKthey won't notice they're hanging12:24
jetoleyeah I'm about to do something similar. I just changed to the syslog dir and ran while read file; do cat "$file" >> master.syslog; done < <(ls -1 | tac) #12:24
RoyKso you probably won't find anything12:24
jetoleabout to start vim'ing the master file and :g /pattern/d for all unimportant12:24
jetoleoh12:25
jetole... well that sucks12:25
RoyKjust wait12:25
RoyKmonitor the server regularly12:25
jetoleyeah I'm also going to start writing a montoring script this weekend to help us catch this earlier next time unless I can prove what the failure is first12:25
RoyKuse icinga or something to generate alerts if the load gets too high12:25
jetoleright12:26
* jetole prefers nagios but I get the point 12:26
jetoleI'm gonna go hop in the shower. I'll be back in a bit12:28
=== highvolt1ge is now known as highvoltage
jetoleRoyK: I had 20 minutes to collect this information before I had to perform a scheduled and planned fail over and reboot. We just recently found out about this issue and while we use Nagios, this server is... I don't know how to phrase it without breaking NDA's so let's just say a different class then the rest but in the future it's going to be added to nagios. Anyways, I had 20 minutes where I had attempted to somehow ...12:56
jetole... recover the server before the reboot and during the last 5 mins when I realized this wasn't possible, off the top of my head I thought what do I need to save before the reboot, let's get it. Anyways, yes, I'll remember dmesg last time but this was just a different situation then you may be used to so please don't be too quick to judge12:56
RoyKsetup syslog to log to a different server12:57
jetolewe will12:58
RoyKthe kernel log should hold whatever comes to dmesg12:58
jetolelike I said, it's hard to explain but not in your typical class of how we keep servers normally12:58
jetoleit's kind of new to us to access it but not new as in just been deployed. It's complex12:58
jetoleand NDA's12:58
RoyKok13:00
jetoleI know13:01
jetoleI wish I could say more but I can't13:01
* jetole sighs13:01
jetolejoy to corporate politics but they do keep the pay checks comming :-)13:01
morfeo_81hi13:48
morfeo_81how can I  found file on flashplayer13:48
morfeo_81lsof!grep flash13:49
=== nixon is now known as Guest14856
=== Guest14856 is now known as n1xon
xslhello all, i cannot find the /sys/block/md0/md/stripe_cache_size file .. is this been removed ? how will i know the stripe cache size of my mdadm device?16:21
RoyKwhat linux version?16:22
RoyKworks for my machines - on ubuntu 12.04 or later16:23
xsli have ubuntu 12.04... weird16:25
xslDescription:    Ubuntu 12.04.2 LTS16:25
xsl cat /sys/block/md1/md/stripe_cache_size16:26
xslcat: /sys/block/md1/md/stripe_cache_size: No such file or directory16:26
xslit was not md0 sorry ... i want the second partition of the disks16:26
xslthat is built into a raid116:26
RoyKxsl: do you have anything under /sys/block?16:38
RoyKand is your md dev named md1?16:38
RoyKpastebin /dev/mdstats16:39
RoyKpastebin /dev/mdstat even16:40
xslhttp://pastebin.com/KGYGgjUS16:47
xslty RoyK for the time16:47
_jfbRoyK are you around??16:48
* RoyK is16:49
RoyK_jfb: long time no see :)16:49
_jfbRoyK: indeed!16:50
_jfbbusy days! You?16:50
RoyKwell, somewhat busy, but I'm not sweathing16:50
_jfbmy home theater PC was just hacked!!! We were just sitting here and the mouse started moving around, they opened a browser and pointed to ip2location.com before I could shut it off... the IP (looking at my router) is coming from Egypt. Suggestions? What the F%#$ to do to be sure my home network is 'cleased'?? :o16:51
_jfbcleansed...16:52
_jfbI've taken that computer offline for now, but our others are still online...16:52
RoyKrkhunter and chkrootkit is a good start16:53
RoyKif the box is rooted, well, reinstall it - you never know what they left16:53
RoyKoh, in terms of rooting, check out this book - it's just *brilliant* http://craphound.com/rotn/16:54
RoyKcomes in dead tree versions too16:54
RoyK_jfb: any windows machines on that network?16:55
_jfbwe don't know for how long they've been here... so yes, there's one.16:55
RoyKcheck last -10 for unknown ssh logins16:56
RoyKcheck for rootkits16:56
RoyKcheck the system logs16:56
RoyKin that order, usually16:56
_jfbwhat do you mean if the box is rooted? The user that was logged on has sudo.16:56
RoyKuse rkhunter *and* chkrootkit to check if there's a rootkit around16:57
RoyKrootkits will let the intruder access the system without futher logins16:57
RoyKif the account used had or has sudo access without password, better reinstall the box16:58
_jfbok.16:58
_jfbfreaking annoying.16:59
RoyKI know16:59
funkyHatDo you have remote desktop enabled, and have the port for it forwarded from your router?16:59
_jfbI'll take it as a learning experience.16:59
xsl_jfb, do you use java on your system?16:59
Alienheadi have a windows server 2003 box with an ntfs formatted raid5 array on a softraid card. is there a way to assemble the array in ubuntu and mount it?17:00
RoyK_jfb: first machine rooted is always inconvenient17:00
_jfbI have a router port forwarding to ssh port17:00
_jfbxsl: yes, java was recently installed... in fact, I think for some remote android ap I was playing with!17:00
RoyKjava doesn't open new ports17:00
RoyKand the router in front should stop access unless you browse from it17:01
xsljava executes anything you want :P17:01
xslthere have been several exploits on java17:01
funkyHat_jfb: and your'e sure no-one else in the house might have messed around with your remote android app?17:01
xslit can log keystrokes17:01
xslsend to hacker17:01
xsland then ...17:01
xslyou get the picture17:01
RoyKxsl: not unless you browse from the system17:02
xsldont allow plain text passwords on your ssh .. user rsa certs17:02
xsls/user/use17:02
RoyKxsl: "plaintext" on ssh is rather safe if your passwords are good17:02
xslRoyK, not necessarly.. you can visit a website that offers "free something" and your being compromised17:02
xslpasswords are easy to get logged17:03
RoyKxsl: erm - you have to browse from that server for that to work17:03
RoyKor perhaps use the same username and password for that service17:03
_jfbfunkyHat: certain.17:03
RoyKwhich means you're doing something stupid17:04
funkyHatRoyK: xsl is talking about a java web applet on the client machine logging keystrokes17:04
RoyKcan really a web applet log keystrokes?17:04
xslits very common these days17:04
_jfbfunkyHat: RoyK: xsl: fearing I may have done "something stupid"... carelessly playing around looking for these android remotes.17:05
_jfbwas feeling a little suspicious at times.17:05
Alienheadits only stupid if you knew better at the time and did it anyway17:06
xsli never install android apps that have only "2 or 3" reviews17:06
RoyK_jfb: did you find a rootkit?17:06
xslif even a coder on CM project was caught loggin stuff... imagine people that give away "game cheats for android games" "free very good apps that dotn have ads"17:07
xslif you use the simple clamav you might find virus on your temporary files17:07
funkyHat_jfb: as others have said, the safest thing to do is reinstall. You might find that something quite benign went on though17:07
xslfirefoxx or chromium or whatever17:07
xslif you dont reinstall you will never be 100% sure... trust me .. the first time is a killer one :D17:08
xsland using RSA files to auth yourself is a good idea ... it prevents the need to install fail2ban or something17:08
xslfor ssh i mean17:09
xslRoyK, did you take a look at http://pastebin.com/KGYGgjUS ?17:10
xsland i'm using Ubuntu 12.0417:10
RoyKxsl: sorry - don't know17:12
_jfbSearching for suspicious files and dirs, it may take a while... The following suspicious files and directories were found:17:12
_jfb/usr/lib/jvm/.java-1.6.0-openjdk-amd64.jinfo /usr/lib/pymodules/python2.7/.path17:13
_jfbresult of chkroot.17:13
xslfirst thing :( imho dont use openjdk .. and install oracle java 717:13
_jfband rkhunter:17:16
_jfb    /usr/bin/whoami                                          [ OK ]17:16
_jfb    /usr/bin/unhide.rb                                       [ Warning ]17:16
_jfb    /usr/bin/mawk                                            [ OK ]17:16
xslunhide is from a package you have installed17:23
RoyK(hopefully)17:24
RoyK_jfb: for your new setup, use fail2ban or perhaps denyhosts to block ssh connection attempts17:25
RoyKor use key-based login17:25
xsl:)17:25
RoyKthe latter is more secure, but doesn't allow you to login from everywhere17:25
_jfbyes, I guess key based ...17:25
xsljust have your key with a passphrase in a USB disk and you will be fine17:26
RoyKwe have some hosts at work requiring both key and password17:26
RoyKthat's pretty secure17:26
RoyKRequiredAuthentications2 publickey,password17:28
RoyKput that in sshd_config17:28
xslthat way he needs to have both auth to login17:29
xslnice17:29
_jfbThis hurts! What a pain it's going to be... :/17:29
RoyK_jfb: first time rooted? :)17:29
_jfbyup.17:29
RoyKit hurts badly, but you learn a bit from it17:30
xslthe biggest pain will be that your going to start building the new server... and you wanna harden each step :)17:30
_jfbI've always been a little suspicious of the level of Paul's security... but I guess now I understand!17:30
_jfbyup.17:30
RoyKhehehe17:31
RoyKI guess Paul has had a box rooted, then17:31
_jfbhehe, perhaps. One thing for certain, he's going to enjoy hearing about this!17:32
RoyKprobably ;)17:32
RoyKI guess you made two mistakes17:33
RoyKone: a bad password, or someone sniffed it17:33
RoyKtwo: sudo without password17:33
xslRoyK, that file i was chasing at .. does not exist on raid0 or raid117:34
xslits for raid5 and raid617:34
_jfbthree: installing all these stupid android remotes... I'm pretty convinced.17:34
RoyKxsl: ah - that makes sense17:34
xsli need to increase write buffer for my mdadm devices i have a mysql server with a large innodb pool and my server freezes each 2 days :(17:34
RoyKxsl: I only have raid6 here17:34
xslim thinking its a disk problem since i dont have nothing ( rly nothing ) on my logs17:35
RoyKxsl: the main issue there, is that you're using mysql ;)17:35
xsllol17:35
xsli dont know that much of postgres17:35
RoyKit works far better17:35
RoyKsql syntax is about the same17:35
xsland i used a online tool from percona website... and i believe they push too much out of the hardware... and i dont have a raid controler .. its 2 disks doing all the job17:36
xslwell the problem is i dont know how to administer it that well17:36
xslmysql i know all the syntax to create, view, bla bla bla17:36
xslgive permissions, take, etc...17:37
RoyKmysql is a pile of *17:37
xsland this is from a community of 1000 concurrent users accessing a ipb forum ...17:37
RoyKwell17:37
RoyKmysql works well for reads17:37
xslthis has alot of writes17:38
RoyKbut don't use mysql in something that uses transactional databases17:38
RoyKjust my opinion17:38
RoyKpostgresql is faster for various workloads17:38
RoyKmysql for read-mostly17:38
RoyKand if you're just using simple databases without stored procedures or other hacks, moving to psql will be easy17:39
xsli will take a look in to it17:42
xslsince i have my server with lxcontainers and each has its own software.. like a nginx.lxc php.lxc mysql.lxc17:42
xsli can create a container and migrate the data17:42
xslthen i will just change in the php.lxc with php-fpm the socket and ip of the data17:43
RoyKpostgres uses the system buffer for caching17:43
RoyKinstead of allocating memory of its own17:43
RoyKthat helps out a bit17:43
RoyK_jfb: what did those android remotes do?17:43
xslhave you tried linux containers and running postgres inside of them ?17:43
RoyKno, but since postgres leaves the OS to do the caching, I'm pretty sure it will perform better than the dedicated memory caching in mysql17:44
RoyKs/leaves the/leaves to the/17:44
_jfbRoyK: let me access ubuntu using my phone...18:37
_jfbvia a java server.18:37
RoyKok18:37
RoyKwas that open from the internet?18:37
_jfbno.18:37
RoyKthen that shouldn't be the problem, really18:37
_jfbbut it required jre/java... so who knows what was lurking.18:38
RoyKwell, java doesn't open any ports18:38
_jfbwell, like I said, I don't *know* that it wasn't open.18:38
RoyKand so far you have said only ssh was open18:38
RoyKin the router18:38
_jfbWhat was weird, is we were just sitting here... and the mouse started to move.18:38
_jfbyes, that's correct.18:38
_jfbone port on my router directing to 2218:39
_jfbon this box.18:39
RoyKperhaps someone pulled your leg?18:39
_jfb??18:39
_jfbmy two year old son?18:40
RoyKit's rather uncommon for a hacker to engage in interactive takeover of a system18:40
_jfblike I was saying, then they opened a browser (chrome) and opened the url: ip2location18:40
RoyKnot a javascript doing that?18:41
_jfbyes, probably not a very savvy hacker -- maybe just a kid messing around... but freaky none the less.18:41
_jfbI don't think javascript can move a mouse around or launch two seperate browsers (they tried firefox first, but it started updating)... then they chose chrome18:43
_jfblike I said, we were using the box, it just happened that we were sitting here and had our tv on (the monitor)...18:43
_jfbanyway, definitely going to scrub this box.18:44
RoyK_jfb: did you see the same behaviour from a different client?18:48
RoyKmight be your mac is rooted18:49
_jfbRoyK: what do you mean mac?19:01
_jfbI've never had anything like this happen before...19:02
ikoniamac address19:02
_jfbhow can a mac address be rooted?19:02
_jfbRoyK: back to your comment about it being 'uncommon', now I wish I had let them keep playing... just to see what they were up to ;)19:03
_jfbthe one fortunate thing of all this, it wouldn't be too easy to connect that box to me.19:04
xsl_jfb, you have X forward on in you sshd?19:04
xsl*your19:04
xslthats enough to "move your mouse" and "see your desktop"19:05
xslbut to be honest... if an hacker is good enough to root you.. he does not need to move the mouse to check a website to know from where is your connection19:05
xslgtg19:05
RoyKno chance x forward would make it though ssh without authentication19:06
_jfbRoyK: what did you mean that my mac might be rooted?19:06
RoyKit seems unlikely that the server with only ssh access in should be compromised19:08
_jfbso you think my router is compromised?19:09
_jfbI'm not following...19:10
RoyKno19:14
RoyKjust check last -1019:15
RoyKor -10019:15
RoyKon that server19:15
=== marahin is now known as system
=== system is now known as marahin
Oblivion1500hello, i was wondering how you add permissions to a user to edit a file say the user is username@localhost and the dir is /example23:58
Oblivion1500or i mean edit a directory23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!