=== E_T_ is now known as E_T
[10:12] <jamespage> adam_g, roaksoax: https://code.launchpad.net/~james-page/charms/precise/hacluster/v0-revert/+merge/161563 when you get a chance
[10:54] <eutheria> hi i am trying to configure a vlan interface on 12.04, i think i haven't got my ubuntu config right as my pfsense router can be seen on the switch on the .1q tagged vlan
[10:54] <eutheria> however my eth0.109 i assume .number is the vlan tag
[10:55] <patdk-lap> normally, yes
[10:55] <eutheria> i've made sure the port on the switch is on that vlan
[11:34] <sonofzeus> Hey there
[11:34] <sonofzeus> How do you find httpd.conf ?
[11:36] <greppy> sonofzeus: on an ubuntu server?  it should be in /etc/apache2
[11:36] <sonofzeus> I installed apache2 on a ubuntu desktop edition
[11:36] <sonofzeus> forgot to mention that
[11:38] <greppy> sonofzeus: should be in the same place.
[11:38] <sonofzeus> I've conf.d , mods-available modsenabled sitesavailable apache2.conf envvars magic ports.conf?
[11:38] <greppy> ah, most of what was in httpd.conf is now in conf.d, mods-available and sites-available.
[11:39] <greppy> modular configuration makes things a little easier, most of the time :)
[11:44] <sonofzeus> Open up httpd.conf (in your Apache/conf directory), find DocumentRoot and set it to be your the directory where you want your web site root.
[11:44] <sonofzeus> someone explain waht this means pls?
=== Jikan is now known as Jikai
=== Jikai is now known as Jikan
[12:08] <Aison> hello
[12:08] <Aison> I upgraded one of my test-servers to raring
[12:09] <Aison> now after reboot, I see grub and after choosing ubuntu, everything is black
[12:09] <Aison> I also wonder, why I have to choose something in the grub boot menu. In past, this menu was automatically closed after a few seconds
[12:31] <jamespage> yolanda, that bacula/mysql bug is a known issue; its because bacula only recommends mysql, not depends
[12:31] <jamespage> so the configuration order is not guaranteed to be mysql->bacula
[12:31] <yolanda> mm, so it should be a confirmed bug?
[12:31] <jamespage> users need to install mysql first, and then bacula
[12:31] <jamespage> yolanda, dupe it against the existing bug report
[12:31] <yolanda> ok
[12:32] <jamespage> yolanda, bug 321091
[12:32] <uvirtbot> Launchpad bug 321091 in bacula "Bacula fails to install correctly if mysql wasn't installed before" [Medium,Confirmed] https://launchpad.net/bugs/321091
[12:32] <jamespage> (yes that old)
[12:34] <Daviey> jamespage: crikey, i thought that was fixed long ago
[12:35] <jamespage> nope
[12:35] <jamespage> the semantics of the relationship means there is really no good way to fix it
[12:35] <jamespage> same applies on upgrades - if you get bacula and mysql in the same upgrade transaction == #bang
[12:36] <yolanda> but why mysql cannot be forced in that case?
[12:37] <jamespage> bug 1021067
[12:37] <uvirtbot> Launchpad bug 1021067 in bacula "bacula-director-mysql *->5.2.5-0ubuntu6.1 fails to upgrade if installed alongside mysql-server and upgraded in the same transaction" [Medium,Triaged] https://launchpad.net/bugs/1021067
[12:37] <jamespage> yolanda, the only way to make that happen is the make it a Depends
[12:37] <jamespage> which is not good as it does not allow you to split bacula and mysql onto different machines
[12:38] <jamespage> fwiw we only have this issue in Ubuntu; in Debian the default is sqllite
[12:38] <jamespage> not mysql
[12:40] <zul> bacula is fun isnt it?
[12:40] <jamespage> Ursinha-afk, hey - I raised a merge proposal against ubuntu-reports for a bug in the cloud-archive reporting - any chance you could take a look?
[12:40] <jamespage> zul, always :-)
[12:41]  * jamespage ponders whether we should revert back to sqlite as default
[12:43]  * rbasak thinks aloud
[12:43] <rbasak> How about moving the database initialisation to a package like bacula-director-mysql-init? bacula-director-mysql would Recommend bacula-director-mysql-init. bacula-director-mysql-init would Depend on mysql.
[12:44] <rbasak> Those wanting MySQL on a separate machine would break that recommendation.
[12:45] <rbasak> This assumes that those wanting MySQL on a separate machine will need to set up the database themselves. Or they could just install bacula-director-mysql-init but only on the MySQL machine
[12:45] <rbasak> What have I missed?
[12:51] <rbasak> But then again, perhaps it's no longer worth differing from Debian here.
[12:55] <jamespage> rbasak, worthy considerations
[12:59] <zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/python-keystoneclient/havana-fix/+merge/161599
[13:20] <zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/cinder/cinder-suacy-ftbfs/+merge/161603
[13:37] <ckuerste> jamespage: i'm preparing a security patch for tomcat6 and want to test it. jdstrand said you might have had a look on the tomcat6 testsuite before?
=== wedgwood_away is now known as wedgwood
[13:55] <zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/keystone/keystone-saucy-ftbfs/+merge/161606
[13:57] <Daviey> zul / jamespage / smoser: fancy raisng a BP suggesion for mysql wsrep patchset inclusion ?
[13:58] <zul> Daviey:  like percona?
[13:58] <Daviey> zul: The patches that expose plugin support :), http://www.codership.com/products/mysql-write-set-replication-project
[13:58] <zul> Daviey:  sure
[14:03] <jamespage> Daviey, hmm
[14:05] <Daviey> jamespage: ?
[14:06] <jamespage> Daviey, zul: I'm against carrying the patches in mysql itself; I think it will make life impossible for the security team
[14:07] <jamespage> we should go via percona or mariadb with fully upstream integrated galera support
[14:07] <Daviey> jamespage: right, hence the reason to disucss it :)
[14:07] <jamespage> Daviey, yep!
[14:08] <jamespage> ckuerste, hey!  sorry I missed your ping the other day - was taking a bit of time out
[14:08] <Daviey> jamespage: It might be that we can provide a supportable method in core. I don't know.
[14:08] <jamespage> ckuerste, I've not looked at the tomcat6 testsuite but I did enable the tomcat7 one during quantal
[14:09] <jacobw> Hi, I'm trying to preseed away everything except hostname, or set hostname as a boot paramter
[14:10] <jamespage> ckuerste, what issues are you running into?
[14:11] <eodchop> I have a new 12.04 server install. When I do the initial build, I install the mailutils meta package. Ever since 13.04 came out last week, I am unable to install mailutils any more. It has a dependency on libmysqlclient, which in turn drags in mysql-common that is incompatible with mailutils and it blows up.
[14:12] <jacobw> I'm finding that the hostname is set to ubuntu if I don't set anything in the preseed or DNS, regardless of what I set as hostname= or netcfg/hosname= when I don't set anything in DNS
[14:13] <jacobw> hostname is an alias to netcfg/hostname-unavailable, which is what is set if there's no hostname from DHCP
[14:14] <jamespage> zul: you have cruft in your keystone MP
[14:14] <zul> jamespage:  which cruft?
[14:15] <jamespage> zul: test_keystoneclient.py.orig?
[14:15] <zul> jamespage: grr...ill clean that up
[14:15] <zul> thanks
[14:15] <jamespage> zul: you also dropped the dep headers on that patch - was that intentional
[14:15] <jamespage> ?
[14:15] <zul> nope
[14:15] <ckuerste> jamespage, no problem. i enabled the testsuite like in tomcat7 but get an error about tomcat-dbcp.jar and jasper-jdt.jar can not be found to copy.
[14:16] <jamespage> ckuerste, hmm
[14:17] <ckuerste> jamespage, i was not sure if i have to install them somehow. did you had anything like that in tomcat7?
[14:17] <jamespage> ckuerste, not that I can see
[14:18] <jamespage> tomcat-dbcp.jar is not shipped in the Debian/Ubuntu packages; its a patched version of commons-dbcp that gets munged by tomcat upstream
[14:18] <jamespage> you should drop in commons-dbcp in its stead - maybe link it in or suchlike
[14:19] <jamespage> jdt - hmm
[14:19] <ckuerste> hmm, okay
[14:19] <jamespage> ckuerste,     -Djdt.jar=/usr/share/java/ecj.jar ?
[14:19] <jamespage> the debian/rules in tomcat7 appears to override the default
[14:19] <jamespage> ${jdt.jar} might be a clue
[14:20] <ckuerste> okay, will have a look
[14:21] <jamespage> ckuerste, thanks for picking this up btw
[14:26] <ckuerste> np
[14:37] <zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/glance/glance-sauce-ftbfs/+merge/161613
=== Ursinha-afk is now known as Ursinha
[15:33] <Ursinha> jamespage, sure (sorry taking long to reply, I'm in Oakland in the client sprint)
[15:36] <Ursinha> jamespage, this one? https://code.launchpad.net/~james-page/ubuntu-reports/ca-cloud-fix/+merge/161382
[15:44] <jamespage> Ursinha, yes - although I note adam_g has commented on it
[15:46] <zul> jamespage/yolanda: https://code.launchpad.net/~zulcss/quantum/quantum-saucy-fix/+merge/161630
[15:54] <zul> adam_g:  when you get in can you push your python-glanceclient change into the saucy branch please
[16:11] <hallyn> sarnold: there is no ability to block ioctls with apparmor right?
[16:13] <sarnold> hallyn: not much; you can prevent opening the device file in the first place, and if the ioctl requires a capability you can also deny that, but not on a fine-grained level
[16:21] <hallyn> sarnold: thanks
=== deegee is now known as drussell
[16:34] <smoser> jamespage, around?
[16:35] <jamespage> smoser, yes
[16:35] <smoser> oh carp
[16:35] <smoser> i was going to ask you to review a change
[16:35] <smoser> but i pushed it
[16:35] <smoser> !
[16:35] <jamespage> ooops
[16:35] <smoser> https://code.launchpad.net/~virtual-maasers/charms/precise/virtual-maas/trunk
[16:35] <smoser> i'll revert that and over-push
[16:35] <jamespage> 'a change' ?
[16:36] <jamespage> :-)
[16:48] <arosales> any channel operators around to update the motd?
[16:49] <arosales> specifically the bug link should be  Bugs: http://reqorts.qa.ubuntu.com/reports/rls-mgr/rls-r-tracking-bug-tasks.html#server
[16:49] <SpamapS> wow, this channel's topic is.. ridiculously long
[16:54] <parallel21> Trying to reinstall the grub bootloader to /dev/sda from an ubuntu-server disc in recovery mode. I've reinstalled grub… but grub still finds the same boot files in /boot
[16:54] <parallel21> How to I rebuild the /boot folder
[16:58] <parallel21> Doh… grub-install does not rebuild grub.cfg. update-grub does though
[16:58] <parallel21> I think I solved the problem
=== matsubara is now known as matsubara-lunch
[17:45] <rbasak> roaksoax: may I take the facter merge from you to work on tomorrow please? I just want to merge 1.6.10-1 so that I can SRU bug 1173265 and thus bug 1170325.
[17:45] <uvirtbot> Launchpad bug 1173265 in facter "facter fails to run from rebuilt source package" [High,Triaged] https://launchpad.net/bugs/1173265
[17:45] <uvirtbot> Launchpad bug 1170325 in facter "Facter 1.6.X not considering Qemu/KVM virtual type" [Undecided,New] https://launchpad.net/bugs/1170325
[17:45] <rbasak> facter 2.0.0~rc3-1 and puppet 3.1.1-1 are in experimental and can follow later
[17:46] <roaksoax> rbasak: sure :)
[17:46] <rbasak> Thanks!
[17:55] <LargePrime> is there a toll for me to get an email when server load goes over a certian point?
[17:55] <LargePrime> tool*
[17:57] <RoyK> LargePrime: I've used icinga/nagios for that
[17:58] <RoyK> you can probably script it easily, though, if it's only the load that matters
[18:01] <LargePrime> ima scripting noob
[18:01] <LargePrime> but i have done coding
[18:01] <LargePrime> perhaps i should se
[18:01] <LargePrime> e
[18:01] <LargePrime> how do i get the server load?
[18:05] <sarnold> LargePrime: uptime(1) or /proc/loadavg
[18:15] <LargePrime> cat /proc/loadavg seems to have a list.  uptime seems to give a diff set of numbers.  uptime(1)  is not recognized sarnold
[18:15] <sarnold> LargePrime: uptime(1) just shows which section of the manpages contains the documentation... in this case, a user command in section 1
[18:19] <LargePrime> so if i was not a noob i would have known to do man uptime(1)
[18:21] <sarnold> LargePrime: well, it'd be 'man 1 uptime', but in this case the '1' probably wouldn't be necessary. Including the manpage section is an old old habit that I've given up on trying to break... :)
=== WaVeR` is now known as WaVeR
[18:22] <LargePrime> I am still having a problem giving my web users access to thier files, and super users access to all the web files
[18:22] <LargePrime> how can thier not be ommong simple soluition for this?
[18:23] <LargePrime> a common*
[18:24] <LargePrime> I am thinking to make a SiteOwnerSiteName group owner of each virtual dir
=== matsubara-lunch is now known as matsubara
[18:24] <LargePrime> and a SiteOwnerSuperthat has all the groups in it
[18:28] <robawt> hello
[18:28] <robawt> is there a way to specify the basic linux server group of packages in a debconf answer file/
[18:50] <zerick> Hi everybody, what is the latest recommended version of Ubuntu to work with corosync, pacemaker, drbd or heartbeat?
[18:52] <sudobash> seriously, what is the point of taking protocols = imap pop3 in the dovecot config and splitting it into two files
[19:06] <jcastro> smoser: if you have a second to explain that cloud images metadata stream thing ...
[19:07] <smoser> :)
[19:09] <smoser> for some time we've had data describing aws image ids at http://cloud-images.ubuntu.com/query
[19:09] <smoser> the data there also described the .tar.gz files that could be downloaded.
[19:09] <smoser> there were some issues with the format, though
[19:10] <smoser> a.) it only described the .tar.gz files (not disk1.img files)
[19:10] <smoser> b.) it couldn't easily be extended to cover other clouds
[19:10] <smoser> c.) it wasn't easily  mirrorable
[19:11] <smoser>    and wasn't signed , relying on secure transport (https) for security.  but that meant that if you mirrored the data, then the trust couldn't "pass through".
[19:11] <smoser> d.) just not that nice of a format.
[19:12] <smoser> now we have a much nicer set of data describing both image-ids on public clouds and image downloads.
[19:12] <smoser> you can see it by browsing data at http://cloud-images.ubuntu.com/releases/streams/v1/
[19:13] <jcastro> ok so basically, a way to programatically see what's published on cloud-images?
[19:13] <smoser> because of the gpg signatures, you can mirror that data and trust of the cloud-image signer is still present (just like apt does that).
[19:13] <smoser> so we have that data there.
[19:13] <jcastro> ok so basically, a way to programatically and secure way to see what's published on cloud-images?
[19:13] <smoser> which allows you to find images on public clouds (and we'll have additional public clouds data there)
[19:13] <jcastro> whoops, butchered that sentence
[19:13] <smoser> yeah.
[19:14] <smoser> and then there is a sample client (that is still being worked on) in 'simplestreams' package.
[19:14] <gartral> hey all, does Ubuntu Server have a set-up ssh for truly headless machines? or will I need to find another way to answer the questions at install time?
[19:14] <jcastro> ok so this would make it easier for people to build tools to search the data, as opposed to say, that AMI search thing we built?
[19:14] <smoser> that client and http://bazaar.launchpad.net/~smoser/simplestreams/example-sync/view/head:/README
[19:14] <smoser> allows you to sync from cloud-image to your local cloud
[19:15] <smoser> well, the ami search thing we built could be re-built on top of this data.
[19:15] <smoser> and http://ubuntufinder.com/ is using (i believe) the newly formated data.
=== smb` is now known as smb
[19:17] <jcastro> gartral: you can probably preseed that during installation
[19:21] <gartral> jcastro: doesn't that preeseed configuration need to be specified at boot? or can that be automatically assumed? I'm dealing with a machine that literally has 1 usb port and 3 cat-5 ports. guess what's being put in the USB port? :P
[19:22] <jcastro> no netboot?
[19:23] <sarnold> usb hub?
[19:25] <gartral> jcastro: not easily, what's going to happen with this machine is I'm going to put the hardware together, pop the thumbdrive into the usb port, then ship it to it's new home where some "technition" (I.E. some guy who knows about as much about Linux as a Penguin does about a Banana.) plugs it in, then about 30 minutes later I wan't to connect to it and set it up proper.
[19:26] <gartral> ^wan't^want
[19:26] <uvirtbot> gartral: Error: "wan't^want" is not a valid command.
[19:26] <smoser> gartral, you can put a preseed configuration on the install media
[19:27] <gartral> smoser: and that will automatically be read and run?
[19:27] <smoser> yes.
[19:27] <gartral> I've never used a preseed.txt before
[19:31] <Quest> if i have a fiber optic but I have two separate ip pools of 8 ips each (the fiber optic wire will be still one), that is 2 separate threads (thats what i have been informed). Then each thread will be having its separate bandwidth limit. is it a fact that both threads will be unaffected by each other in terms of bandwidth and traffic? That is its almost same like I am having two fiber connections?
[19:32] <gartral> smoser: I see a segment called "Network Console". can I preseed everything up to that point or must I fill out everything after?
[19:37] <smoser> gartral, you can have completely unattended installation.
[19:38] <genii-around> The only thing I don't like about preseed is the sparsity of documentation
[19:38] <Quest> hello
=== Ursinha is now known as Ursinha-afk
[19:48] <gartral> smoser: while I appreciate that, I much perfer actually answering the questions myself x.x
[19:49] <smoser> i'm confused.
[19:49] <smoser> i thought you said you wanted a penguin to be able to do it.
[19:49] <dpb1> heh
[19:50] <LargePrime> I am still having a problem giving my web users access to their files, and super users access to all the web files
[19:50] <LargePrime> how can there not be common simple solution for this?
[19:52] <dpb1> LargePrime: can you explain a bit more?
[19:56] <LargePrime> and then i dc
[19:56] <LargePrime> sorry
[19:56] <LargePrime> did i miss anything?
[19:57] <LargePrime> so to continue i need www-data to server sites, useres to have mod rights, and superuser to mod all rights
[19:57] <LargePrime> it that usually how it is done?
[19:57] <LargePrime> owner will be the web authers
=== G4MBY is now known as PaulW2U
[19:58] <LargePrime> superusers will be members of all owners grups?
[19:59] <LargePrime> dpb1:
[20:00] <LargePrime> think that will work?
[20:00] <LargePrime> anyone?
[20:01] <dpb1> LargePrime: sorry, I'm not following.  What are server sites?  and what are "mod rights".  superuser (root) can do anything he wants whenever, so whatever you are asking there should work.
[20:01] <LargePrime> please ping me if you have feedback
[20:02] <LargePrime> i have several sites i host.  like mydomain.com and yourdomain.com
[20:02] <LargePrime> I want you to have rights to yourdomain.com
[20:02] <LargePrime> I want my web guy to have mydomain.com
[20:03] <LargePrime> and i want my server admin to have rights to both
[20:03] <dpb1> LargePrime: ok, and by "rights", you mean be able to modify/delete a set of files on the filesystem?
[20:03] <LargePrime> yes.  sorry
[20:04] <LargePrime> and this is all in /var/www/  so /var/www/yourdomian and /var/www/mydomian
[20:05] <LargePrime> and www-data needs to be the group for all the files i think?
[20:05] <adam_g> smoser, does 12.04's cloud-init support any of those fancy merging features?
[20:06] <dpb1> LargePrime: who is the owner of the files right now?  root?
[20:06] <smoser> adam_g, no.
[20:06] <smoser> and 13.04 doesn't really... in any way that i want to advertise
[20:06] <LargePrime> yes
[20:06] <LargePrime> dpb1: yes
[20:07] <dpb1> LargePrime: simply put, I would create one group per "site" you are hosting.  Add to that group www-data, and whoever you want to admin it.  Then, chown -R root:group /var/www/site
[20:08] <LargePrime> if i add people to www-data, do they get all thoes rights?
[20:08] <LargePrime> yes i think that is good
[20:08] <dpb1> LargePrime: users are the ones who permissions are applied to, not groups.  Groups just... "broadcast" the permissions to multiple people.  www-data is a group, but it's also a user.  The user having the rights is what is important.
[20:08] <LargePrime> wait no
[20:09] <LargePrime> cant
[20:09] <LargePrime> some of the www-data files cannot be written to by www-data
[20:09] <LargePrime> cause it seems web server can be compromised
[20:09] <LargePrime> they can only be read
[20:10] <LargePrime> so the web admins can mod thoes files
[20:10] <dpb1> LargePrime: doing a chown will not impact the read/write/execute bits.
[20:10] <LargePrime> but the web admins SHOULD be able o mod thoes files
[20:11] <LargePrime> to* dpb1
[20:12] <dpb1> LargePrime: ok, gotcha
[20:15] <LargePrime> so my idea is to replace root ownership with web site owners
=== Ursinha-afk is now known as Ursinha
[20:16] <LargePrime> but this cant be that uncommon?  so what do people usually do?
[20:16] <dpb1> LargePrime: so then, you have three options.  1) change the owner of the file to the specific admin you are interested in granting permission. (he will then be able to do whatever he wants with that file, regardless of permission).  2) grant limited sudo access to edit these files.  3) switch to ACLs which will grant you the flexibility of assigning multiple owners.
[20:23] <LargePrime> how do i limit sudo?
[20:23] <LargePrime> dpb1:
[20:26] <markthomas> LargePrime:  Ubuntu grants access to group sudo out of the box.  You can restrict access to sudo in general by controlling membership in that group.  You can implement finer-grained control over Sudo by editing /etc/sudoers with the visudo command.
[20:29] <dpb1> LargePrime: I've used something like this before: http://bencane.com/2012/02/sudoedit-securely-allow-users-to-edit-files/
=== smb` is now known as smb
[21:18] <ScottK> jamespage: DFSG #8 (License must not be specific to Debian) is also applied to Ubuntu in http://people.canonical.com/~cjwatson/ubuntu-policy/policy.html/ch-archive.html#s-ulp so your Ubuntu specific exception to link mongdb to openssl lands it in multiverse.
=== jibel_ is now known as jibel
[23:08] <roll> if ubuntu was installed with dhcp, and i want to switch to using a static ip, say 192.168.2.33, in ubuntu server (no gui), how would i go about this (permanent as well, not having to do it each time i boot up)
[23:16] <xnox> jamespage: re: mongodb  vs boost::size. Since boost1.51 it returns unsigned int. So mongodb needs fixing. Not sure which version of mongodb your patch is.
[23:16] <xnox> as it doesn't apply to current package =)
[23:20] <bradm> roll: https://help.ubuntu.com/12.04/serverguide/network-configuration.html#ip-addressing has an example of how to do static network config - basically you need to edit /etc/network/interfaces
[23:21] <roll> bradm: thanks, i'll take a look
=== wedgwood is now known as wedgwood_away