=== iarp_ is now known as iarp
[01:35] <codepython777> anyone who knows how to do bandwidth management per user basis when the network is near full utilization?
=== EntropyWorks_ is now known as EntropyWorks
=== blackjack is now known as 14WAASOBI
=== Ursinha is now known as Ursinha-afk
=== jussi01 is now known as jussi
=== megha is now known as Guest401
=== smb` is now known as smb
=== HackeMate is now known as Guest66661
=== schmidtm__ is now known as schmidtm
=== huats_ is now known as huats
[08:45] <psivaa> hallyn: we get http://pastebin.ubuntu.com/5660610/ again in the lxc smoke tests for the last few days
[08:50] <psivaa> hallyn: hmm possibly the queue is too big and its still waiting.
=== andol_ is now known as andol
=== megha is now known as Guest37767
=== yofel_ is now known as yofel
=== gema_ is now known as gema
=== DasIch_ is now known as DasIch
=== Guest66661 is now known as hxm
=== gary_poster|away is now known as gary_poster
[12:30] <webwurst1> hi! i'm using a Intel network-adapter (I350-T2) with sr-iov-capability. finally virtualized ubuntu-server work fine. but on windows an adapter lacking drivers is shown.. the Intel driver for the adapter aborts installation; maybe it is only for host-systems? do i need special windows-drivers for sr-iov adapters?
[12:33] <hxm> hi
[12:34] <hxm> i have configured a smtpd in a dedicated server, then i send email using sendmail and google and hotmail detect it as spam
[12:34] <hxm> i checked the reputation in trendmicro (as someone asked me) and is not blacklisted
[12:34] <hxm> indeed is not still being used
[12:34] <hxm> i think is a problem of my configuration related with the DNS txt records
=== wedgwood_away is now known as wedgwood
=== Sprockt is now known as Sprocks
=== marlinc_ is now known as Marlinc
=== e_t__ is now known as e_t_
=== ppetraki_ is now known as ppetraki
[13:20] <Katafalkas> Hey. I am quite a noob and this is probably very noobish question, but what happens when you do not set a password for user. in /etc/shadow file there is "*" what does that mean ?
=== mjeanson_ is now known as mjeanson
=== smoser` is now known as smoser
[13:25] <mardraum> Katafalkas: yes, 'man shadow'
[13:28] <gyre008> is there a way to list changelog of INSTALLED package on Ubuntu ?
[13:28] <gyre008> I dont mean to list changes of the deb file available on the server..
[13:28] <Katafalkas> mardraum: danke <3
[13:28] <gyre008> I thought apt-listchanges --apt <pkg_name> would do the job but boy was  wrong
[13:39] <hallyn> psivaa: ok, i've temporarily switched the lxc testsuite to branch the raring lxc bzr branch which works
=== iarp_ is now known as iarp
[13:41] <psivaa> hallyn: ack
=== iarp is now known as Guest45042
=== Madkiss_ is now known as Madkiss
=== lyda_ is now known as lyda
[13:57] <hXm> hi again
=== wizonesolutions is now known as 45PAACJIE
[14:11] <Daviey> bladernr`: hey, are you around?
[14:13] <bladernr`> Daviey: I am
[14:15] <Daviey> bladernr`: hey, just found - https://blueprints.launchpad.net/cloud-testing/+spec/servercloud-1305-cloud-testing
[14:16] <Daviey> bladernr`: can you mark me the approver please?
[14:16] <bladernr`> sure
=== roasted_ is now known as roasted
[14:16] <Daviey> bladernr`: i think it also needs associating with the ubuntu project
[14:17] <bladernr`> Daviey: possibly, I need to check with ara on that but probably so
=== gstudent2 is now known as germanstudent
=== gary_poster is now known as gary_poster|away
=== gary_poster|away is now known as gary_poster
[14:29] <Daviey> bladernr`: Well, it is a ubuntu deliverable.. no?
[14:31] <bladernr`> Daviey: ok, it's re-targeted
[14:31] <bladernr`> :)
[14:33] <Daviey> bladernr`: thanks muchly
=== _croop is now known as croop
=== wizonesolutions_ is now known as wizonesolutions
=== coffeedude_ is now known as coffeedude
=== baggar11_ is now known as baggar11
=== SpamapS_ is now known as SpamapS
[15:04] <bladernr`> Daviey: did you schedule a UDS session for that testing BP?
[15:08] <Daviey> bladernr`: not quite yet.. but that is the plan
[15:09] <bladernr`> we werent' going to schedule it initially (it's already on there for Wednesday)
[15:09] <bladernr`> mainly because a lot of the discussion for htat is internal and has already occurred
[15:10] <Daviey> bladernr`: Ugh, surely some primary stakeholders are absent fro the discussion ?
[15:10] <BAMbanda> Has anyone had success in installing dropbox on ubuntu server?
=== chuck_ is now known as zul
[15:13] <TheLordOfTime> who decides what's "default" or available through tasksel or on the ubuntu-server images?
[15:13] <TheLordOfTime> or better question, who decides the "default" httpd software in the ubuntu images/repositories
[15:14] <TheLordOfTime> (i kinda assumed there *was* no 'default')
[15:16] <Daviey> TheLordOfTime: Apache is mostly the default, but the world is changing a bit with the advancement of juju charms.  There are a few factors which drive the decision process, but I feel the weight of this.  Wassup?
[15:17] <TheLordOfTime> Daviey:  Launchpad Bug 1177919, comment #3
[15:17] <uvirtbot`> Launchpad bug 1177919 in nginx "Merge nginx 1.4.1-1 (universe) from Debian unstable (main)" [Wishlist,Confirmed] https://launchpad.net/bugs/1177919
[15:17] <TheLordOfTime> trying to figure out how to answer them :/
[15:17] <BAMbanda> Anyone install dropbox successfully on ubuntu server?
[15:17] <TheLordOfTime> Daviey:  key issue is they are like "Can we make nginx the default"
[15:18] <TheLordOfTime> my concern: "It's not modular",  "It has no easy-configured "default" php integratoin"
[15:18] <TheLordOfTime> and a thousand others
[15:18] <TheLordOfTime> not to mention that nginx is kinda unofficially guardian'd by me :/
[15:18] <TheLordOfTime> oh, and universe.
[15:19] <TheLordOfTime> Daviey:  can you dump me a list of the factors which drive the decision of what is "default"
[15:19] <Daviey> TheLordOfTime: Are you free in 24hrs + 40 mins?
[15:19] <TheLordOfTime> Daviey:  um...
[15:19]  * TheLordOfTime checks
[15:20] <TheLordOfTime> 24hrs + 40 minutes is... 12:00 here...
[15:20] <Daviey> TheLordOfTime: we have our team meeting then, and it would be great to discuss at the Open Discussion part near the end.
[15:20] <TheLordOfTime> should be, unless comcast does some stupid crap with the internet
[15:20] <TheLordOfTime> Daviey:  server team meeting i assume?
[15:20] <Daviey> yeah
[15:20] <TheLordOfTime> i *should* be here
[15:20] <TheLordOfTime> can't guarantee it though
[15:20] <TheLordOfTime> in the mean time i'd like to give this guy an answer
[15:20] <TheLordOfTime> would a simple "It's not something we can decide on a whim, and will need further discussion" suffice?
[15:21] <TheLordOfTime> (or similar)
[15:21] <tom_ilsinszki> Hey! Some of my cron jobs won't execute (depending on the time settings for the command in crontab). For example if I have a command like this: * * * * * CMD or */5 * * * * CND, then CMD will execute, but if I have it set like this: 54 17 * * * CMD, then CMD will not execute. Can someone help how to run commands in cron whenever I want…
[15:22] <Daviey> TheLordOfTime: For 'main' the Ubuntu project tries to make opinionated decisions on what it considers to be the best of free software.  'Best' Is determined by a number of factors, including supportability (inc security) and popularity.  On occasions, we do support more than 1.
[15:22] <TheLordOfTime> Daviey:  i'd say that the security aspect is the key factor here
[15:22] <TheLordOfTime> Daviey:  there was a discussion at a prior UDS of moving nginx to main
[15:22] <TheLordOfTime> but i don't think that went anywhere
[15:22] <TheLordOfTime> so it's still "universe"
[15:22] <Daviey> TheLordOfTime: whilst personally I am an apache fan, i am well aware nginx is gaining more popularity - so we should consider it.
[15:23] <TheLordOfTime> agreed, but the only "ubuntu" maintainer in an unofficial capacity is me, upstream doesn't care and their debian maintainers don't really care much
[15:23]  * resno supports nginx
[15:23] <Daviey> TheLordOfTime: Well, kees (formally ubuntu security team tech lead) was hesitant to support it, but that was 2 years ago IIRC.  Things might have changed since then
[15:24] <TheLordOfTime> i'll try and make it to the meeting, no guarantees I'll remember to bring this up, so if you can jot down about this and then remind me if i'm not /away at the meeting that'd be awesome
[15:24] <Daviey> It seems to have a better security vulnerability handling procedure than i did then
[15:24] <TheLordOfTime> at least upstream.
[15:24] <Daviey> ok, thanks TheLordOfTime
[15:24] <TheLordOfTime> Daviey:  just as an fyi, two years ago i wasn't handling the nginx bugs :P
[15:25] <TheLordOfTime> Daviey:  most of the nginx bugs end up fixed in debian, and when they don't i tend to go searching upstream :P
[15:25]  * TheLordOfTime has become  the unofficial adopted maintainer of nginx in ubuntu *shrugs*
[15:26] <Daviey> TheLordOfTime: That sounds super
[15:26] <Daviey> TheLordOfTime: If you ever need to look for sponsorship, or help - do give me a shout.
[15:26] <TheLordOfTime> ... that reminds me, note to self, apply for nginx PPU rights.
[15:27] <TheLordOfTime> Daviey:  I tend to go poking -motu for the sponsor uploads, usually don't get to getting things included unless Medium or higher because otherwise "I'll include it in a batch update"
[15:27]  * TheLordOfTime yawns
[15:27] <TheLordOfTime> ... bleh coffeetime
[15:27] <Daviey> o/
[15:28] <TheLordOfTime> ... oh crap i just realized i forgot to include the bugfix for bug #1162177 in the nginx team's ppa for 1.4.1
[15:28] <uvirtbot`> Launchpad bug 1162177 in nginx "nginx-light: invalid parameter "ipv6_only=on"" [High,Fix released] https://launchpad.net/bugs/1162177
[15:28] <TheLordOfTime> whoopsies.
=== megha is now known as baba
=== markthomas1 is now known as markthomas
=== VD is now known as Guest63668
=== jiriki- is now known as jiriki
=== stgraber_ is now known as stgraber
[17:03] <zul> adam_g:  i just approved the folsom sru branches for the CA btw
[17:09] <zul> adam_g:  https://code.launchpad.net/~zulcss/nova/havana-pbr/+merge/163578
=== Madkiss_ is now known as Madkiss
[17:13] <shiki-> Does anyone have experience with Wifi (WPA2) and Ubuntu Server?
=== horjulf is now known as h0rjulf
=== bean__ is now known as bean
=== guampa_ is now known as guampa
=== marlinc_ is now known as Marlinc
=== markthomas is now known as 16SABGG4T
=== Psi-Jack is now known as Guest31682
=== blkperl_ is now known as blkperl
=== _croop is now known as croop
=== justizin_ is now known as justizin
=== io is now known as IdleOne
=== SpamapS_ is now known as SpamapS
=== cedr is now known as Guest55365
=== pelle2_ is now known as pelle2
=== gary_poster|away is now known as gary_poster
=== Guest31682 is now known as Psi-Jack
=== Guest55365 is now known as cedr
=== blair is now known as Guest16957
=== kirkland` is now known as kirkland
=== justizin_ is now known as justizin
=== iarp_ is now known as iarp
[19:17] <adam_g_> zul, what do we do about the cinder 2012.2.4  update? re comments on https://code.launchpad.net/~gandelman-a/ubuntu/quantal/cinder/2012.2.4/+merge/161057
[19:17] <zul> adam_g_:  ill double check the SRU
=== yofel_ is now known as yofel
[19:17] <zul> adam_g_:  *sigh* we need to open up an SRU for that one
[19:17] <zul> (for paramiko)
[19:18] <adam_g_> zul, there already is one open
[19:18] <adam_g_> https://bugs.launchpad.net/cinder/+bug/1150720
[19:18] <uvirtbot`> Launchpad bug 1150720 in cinder "[SRU] There is now a dependency on paramiko v1.8.0" [High,In progress]
[19:18] <adam_g_> though im having a really hard time testing the fix
[19:18] <adam_g_> dont know if im using an unrealted test case and cannot reproduce the original, or if the fix is inadequate
[19:18] <adam_g_> whatever happens with the paramiko update, the pip-requires of cinder needs to be patched regardless
[19:19] <zul> adam_g_:  agreed ill take a look at it better
=== ScottK2 is now known as ScottK
[19:54] <gyre008> can someone tell me when I start acct service...how can I grep its PID ??
[19:56] <RoyK> gyre008: ps? pidof?
[19:57] <Pici> pgrep?
[20:14] <gyre008> hah RoyK Pici but what should I be grepping for!
[20:14] <gyre008> I tried grep for acct acc ct
[20:14] <gyre008> notthing found arrgh
[20:15] <gyre008> yet the log file is being updated
[20:18] <gyre008> maybe acct does not actually run anything in the userspace ?
[20:19] <shauno> process accounting is handled in the kernel.  accton is used to turn it on or off, but doesn't run as a daemon
[20:19] <sarnold> kernel accounting is indeed done by the kernel as processes die
[20:19] <sarnold> or maybe its as process statuses are reaped?
[20:20] <gyre008> I see ...yeah I was guessing the same...
[20:22] <gyre008> sarnold: how do I know if the accounting is enabled ?
[20:22] <gyre008> I know I can turn it on and off but would be handy to know if its enabled...
=== xnavor_ is now known as xnavor
=== wizonesolutions_ is now known as wizonesolutions
=== guampa_ is now known as guampa
[21:04] <hXm> i configured stmpd, im able to send emails but i got treated as spammer, my reputation is clean and i think is a dns txt record because the machine is multidomain
[21:05] <hXm> what can i do?
[21:05] <hXm> i stuck at this
[21:21] <jacobw> hXm: Many providers require DKIM now
[21:21] <hXm> yes, i configured it
[21:22] <jacobw> https://help.ubuntu.com/community/Postfix/DKIM
[21:23] <jacobw> hXm: Have you tested the mails from your server with the opendkim tools?
[21:23] <hXm> hm not, thanks there i go
[21:25] <jacobw> There's some tools in the opendkim package that take a mail with DKIM headers, and the public key file and try to verify the mail
[21:32] <sarnold> gyre008: I'd assume something like : ls -l /var/log/acct ; /bin/true ; ls -l /var/log/acct ; and see if the timestamps have changed
[21:32] <sarnold> gyre008: note that's a pretty big assumption on my part :0
[21:32] <sarnold> :)
[21:32] <hXm> http://dkimcore.org/c/keycheck this asks for a Selector and i dont know what is that
[21:33] <luminous> this may be better suited for ubuntu-server, so apologies on the cross post for anyone in #ubuntu..
[21:33] <luminous> hello! I am following http://code.google.com/p/bigbluebutton/wiki/InstallationUbuntu and after adding their .asc key to apt, my apt-get update breaks with: "W: GPG error: http://ubuntu.bigbluebutton.org bigbluebutton-lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 705F9EED328BD16D" - what ought to be done?
[21:37] <hXm> jacobw: i sent a test mail to autorespond+dkim@dk.elandsys.com and i got this (host megawatt.resistor.net[208.69.177.116] said: 450 4.7.0 Greylisted by Eland Systems - Please retry after 8 minutes (in reply to end of DATA command))
[21:37] <hXm> in the mail.log
[21:37] <hXm> do i really need wait 8 minutes or it is a missconfiguration?
[21:37] <sarnold> wait 8 minutes
[21:38] <sarnold> greylisting relies upon spammers being too greedy to have deployed decent MTAs to their botnets
[21:38] <sarnold> they want raw sending speed, not RFC compliance :)
[21:38] <hXm> aha
[21:38] <luminous> any thoughts on properly adding keys to apt in 10.04?
[21:38] <hXm> these are the slowest 7 minutes in life
[21:38] <jacobw> luminous: apt-key-add
[21:39] <sarnold> hXm: haha :)
[21:39] <sarnold> luminous: you should verify from some trusted source that 705F9EED328BD16D is the correct key for whichever repository you are trying to configure
[21:39] <luminous> jacobw: the instructions I'm following (see link above) sent me through: echo "deb http://ubuntu.bigbluebutton.org/lucid_dev_08/ bigbluebutton-lucid main" | sudo tee /etc/apt/sources.list.d/bigbluebutton.list
[21:40] <sarnold> luminous: the wget command immediately before is the important one
[21:40] <sarnold> luminous: if and only if you trust this group to have root access on your computer.
[21:40] <luminous> sarnold: err, sorry, I meant to post that
[21:41] <anepanal1ptos> not really ubuntu related, but do dual cpu server motherboards _need_ two cpus? or can i put one and 'expand' later?
[21:41] <luminous> sarnold: as in, who knows what is in that wget download.. or..?
[21:41] <sarnold> anepanal1ptos: should run fine on just one CPU..
[21:41] <anepanal1ptos> sarnold: thank you.
[21:41] <sarnold> luminous: that wget downloads their public key from their web server
[21:41] <sarnold> luminous: and the apt-key-add command adds it to your apt repository's list of trusted keys
[21:42] <luminous> how am I giving out root access then?
[21:42] <sarnold> luminous: because package installed on a server using that key can provide their own postinst scripts that run as root
[21:43] <sarnold> luminous: that came out wrong :) packages, downloaded from APT repositories with lists signed by that key, can run arbitrary postinst scripts as root
[21:43] <luminous> ok I can see that
[21:43] <jacobw> dpkg runs as root
[21:44] <luminous> sarnold: isn't that the same issue with any ppa you add?
[21:44] <sarnold> luminous: yes.
[21:44] <luminous> ok
[21:44] <luminous> good to know
[21:44] <sarnold> and knowledge is power!
[21:44] <luminous> anyway to verify post-instal scripts as/before they run?
[21:44] <sarnold> not easily; download packages, unpack, read scripts :/
[21:45] <luminous> :(
[21:45] <luminous> and going back to the original question, provided I copy/pasted those three commands correctly, from their install doc, I should not end up with that error, no?
[21:45] <luminous> or what am I doing wrong there?
[21:45] <jacobw> If the package is signed, you know that it came from the PPA associated with the key, beyond that there's no way of verifying that a maintainer script is not malicous without reading it
[21:46] <sarnold> luminous: re-run the wget command, and paste any errors..
[21:46] <luminous> jacobw: it'd be really cool if ubuntu were smart enough to show you something like that for confirmation, when it knows the package is not coming from official repos
[21:47] <hXm> i think i found the problem
[21:47] <luminous> ah, I see the problem..
[21:47] <hXm> google uses spf
[21:47] <jacobw> luminous: apt does that, if you try to install a package it can't verify it'll warn you and prompt you whether to install it or not
[21:48] <hXm> but can i add a spf record for ipv6?
[21:48] <luminous> jacobw: that isn't what i mean.. I mean that a post-install script be shown for verification/confirmation, if the pkg is not from an official repo
[21:48] <luminous> not just "do you want this package"
[21:48] <luminous> sarnold: I ran the first wget through my salt master, and it didn't get to run on the minion for a different reason
[21:49] <jacobw> You should read the maintainer script if your worried anyway :)
[21:49] <sarnold> luminous: well, the postinst is just the easiest to describe.. if you wind up running code from the package as root (quite possible via many other mechanisms), you'll be giving them vast amounts of power regardless of their scripts..
[21:49] <jacobw> Rootly powers
[21:49] <luminous> sure
[21:49] <luminous> but that is why it is good to run your own pkg repos
[21:49] <luminous> and verify what goes in there
[21:50] <luminous> except few of us have ever had the time to do it proper like that
[21:50] <jacobw> I do :D
[21:50] <luminous> :)
[21:50] <shauno> hXm: of course.  you can use ip6:2001:db8/32 just as with ip:10.0.0.0/8.  you can also simply add 'mx' so that anything that's returned as an MX is spf-valid
[21:51] <jacobw> luminous: I import packages from PPAs manually after testing them
[21:51] <luminous> i'm jealous
[21:51] <luminous> do you have any handy sciprts that help you with that, and which you could share?
[21:52] <jacobw> reprepro, mostly, which is quite a common package
[21:52] <luminous> jacobw: and do you use salt (saltstack.org) at all?
[21:54] <jacobw> luminous: I use Puppet which has a much larger community
[21:54] <luminous> ah a puppeteer
[21:54] <luminous> I used to do so as well
[21:55] <luminous> I find salt fits my needs, with a MUCH larger feature set
[21:55] <luminous> larger/more helpful
[21:55] <luminous> :)
[21:55] <luminous> either way, thanks for the assistance here
[21:56] <jacobw> A larger feature set?
[21:57] <sarnold> "run random command on N machines without a specific recipe" sounds both tempting and terrifying :)
[21:57] <luminous> jacobw: well, as an example, salt states covers the vast majority of what puppet cna do on its own. you need mcollective to get some of salt's built-in remote execution capabilities
[21:58] <luminous> sarnold: it's a game changer, wrt how we admin boxen
[22:00] <luminous> salt-cloud is another game changer, for example
[22:04] <hXm> shauno: just for understand it, the domain sender, i add it a txt record with this "v=spf1 mx -all" ?
[22:04] <hXm> or i should add that to the ipv6 who is the smtp server
[22:05] <shauno> hXm: that'd work, if outbound email only originates from the same addresses as your MX addresses
[22:06] <hXm> do i need configure something in the server ip?
[22:06] <hXm> for allow that record
[22:06] <shauno> should be just that record in dns.  you may find http://www.kitterman.com/spf/validate.html  useful
[22:06] <hXm> thanks
[22:07] <hXm> SPF record passed validation test with pySPF (Python SPF library)!
[22:07] <hXm> did it ok?
[22:07] <hXm> oh, oh
[22:07] <hXm> well thanks to you
[22:08] <shauno> there's two tests there; whether it's syntactically correct, and further down, whether a given address matches it.  you want good news from both
[22:12] <hXm> yes, i fail the last part
=== wedgwood is now known as wedgwood_away
=== adam_g_ is now known as adam_g
[22:16] <dewdrop> Hi is there a log file where I can look the server reboot timestamp?
[22:18] <sarnold> dewdrop: 'last reboot'
[22:23] <dewdrop> sarnold: perfect, there were 2 reboots done, and it shows both, thanks.
[22:37] <hXm> ok now google says Received-SPF: pass (google.com domain of test@mydomain designates ip.server as permitted server
[22:37] <hXm> but the email is still in spam folder
[22:40] <sarnold> try adding dkim?
[22:41] <hXm> in the original message google says nothing about dkim, i just sent an email to a hotmail account for see what happen
[22:41] <hXm> and then recheck dkim
[22:43] <hXm> hotmail mark as spam too, but it says about dkim=none
=== shirgall is now known as Guest10813
[22:45] <hXm> dkim requires to create _domainkey.<mydomain> and dkim._domainkey.<mydomain> thats all?
[22:45] <hXm> with the private rsa key generated
[22:50] <WeThePeople> hi just installed ubuntu-server 13.04 x64 in vbox, how to i connect to it using ssh
[22:55] <WeThePeople> when i try to connect it says no route to host
=== airtonix_ is now known as airtonix
[22:57] <chilicuil> WeThePeople: by default ubuntu-server doesn't install ssh, log in manually and install it, 'sudo apt-get install openssh-server', and later re try
[22:58] <WeThePeople> chilicuil, that is what i selected to install in the prompt
[22:58] <WeThePeople> openssh
[22:58] <WeThePeople> now i am getting connection refused
[23:00] <three18ti> in the ubuntu "expert install mode" I have the choice between linux-virtual linux-image-virtual kernels. what's the difference?
[23:01] <three18ti> (virtual server install)
[23:01] <chilicuil> WeThePeople: enable -v to produce more output, example: 'ssh -v user@machine'
[23:02] <chilicuil> three18ti: afaik, both of them refer to the same package, but dont take me too seriusly
[23:03]  * three18ti flips coin
[23:03] <three18ti> thanks chilicuil
[23:04] <WeThePeople> im logged in
[23:04] <three18ti> guess the worst that happens is I have to reinstall :)
[23:04] <WeThePeople> thanks
[23:26] <three18ti> hmm... I just did a non "Expert" install and the install went pretty quickly.  I just selected the virtual-image kernel and the install appears to be taking significantly longer.
=== shirgall_ is now known as shirgall