/srv/irclogs.ubuntu.com/2013/05/15/#ubuntu-server.txt

=== slide23 is now known as slide
surjikalHey guys, for some reason, my sshd service isn't starting on boot. I see no errors in syslog. I'm able to mount the server's drive onto another ubuntu distro. Is there a way I can make sshd boot on startup by modifying some config file? Alternatively, can I somehow chroot into my mounted drive?00:48
sarnoldsurjikal: check /etc/init/ssh.conf, /etc/init/ssh.conf.override, /etc/default/ssh, /etc/ssh/sshd_config00:51
sarnoldsurjikal: you can chroot into the filesystem with ... drum roll ... cd /path/mounted/filesystem ; chroot .00:52
surjikalsarnold, would I be able to start sshd from the chroot?00:53
sarnoldsurjikal: I would expect so, unless your system already has an sshd bound to port 22...00:54
sarnoldsurjikal: upstart has some chroot awareness, it might be worth reading about that a bit before just starting sshd..00:55
=== Ursinha is now known as Ursinha-afk
shaunowhat am I missing here?  quantum is complaining I haven't specified an sql_connection, but it's right where I expect it to be; http://paste.ubuntu.com/5666366/02:47
three18tishauno, I don't know the application you'02:53
three18tire trying to configure02:54
three18tibut the sql_connection02:54
three18tisql_connection = mysql://quantum:quantum@192.168.1.10/quantum_db02:54
three18tidoesn't look right to me.02:54
three18tiwhere is the config manual?02:54
shaunohttp://docs.openstack.org/grizzly/basic-install/apt/content/basic-install_network.html  is for a different plugin (ovs), but the same format is used for sql_connection throughout02:56
three18tiI <3 ovs02:56
three18tiwell... it's identical to the manual so... there goes that line of thinking.02:57
shaunothis "Option 'sql_connection' not specified in any config file" feels like it's not even getting that far, and this config file isn't being parsed02:59
resnoi have a python process that should always run. if it fails, i want to reboot it. i remember there being an app to handle it... any suggestions03:03
resnosysserv or something...?03:03
resnodaemontools with supervise?03:05
resnohmm, theres monit too03:13
BlackWebI'm currently using Ubuntu Server 12.04, Which it use to WOL, But then did a update and it killed the WOL function, Which I have the correct entries in /etc/rc.local & ethtool eth0 shows that its enabled but still nothing Does anyone have any IDeas?03:28
dfo1981anyone who can help me with setting up vsftpd ?06:12
dfo1981its not so much the setting up vsftpd, its more the user/permission part of logging into vsftpd06:12
=== jussi01 is now known as jussi
=== smb` is now known as smb
=== rvba` is now known as rvba
=== remix_auei is now known as remix_tj
yolandaDaviey, jamespage, i have several approved MPs for dep-8-tests09:36
Davieyyolanda: super, fancy showing me the first one?09:36
yolandahttps://code.launchpad.net/~yolanda.robla/ubuntu/saucy/postfix/dep-8-tests/+merge/16161009:37
EnichI was looking for a solution to unattended installations of mysql and i came across this..  http://stackoverflow.com/questions/7739645/install-mysql-on-ubuntu-without-password-prompt    My question is this.     in question 2, when the person does the sudo debconf ....<<< '.... password'   will that password stay in the debconf-set-selections permenantly or is it a temporary thing.  It might be a stupid question, but i would rather ask then messing stuff09:38
Enich up ..  i was thiking of using the third answer, with the noninteractive, and then instead of doing a mysqladmin thing, then put in the hashed password directly instead of the changepassword option with mysqladmin09:38
yolandaDaviey, i submitted all the changes to debian for the approved MP, does it make sense to wait until they are included, or do we incorporate in our packages?09:40
rbasakEnich: permanantely, if I understand your question correctly. This is the same as if you had entered in the password by hand on installation. Unless there's a bug, the password is held so that only root can read it, though. This is the same as if you had created a ~root/.my.cnf manually. I think the package might do that anyway?09:41
Davieyyolanda: I think it's reasonable for us to do it in parallel with Debian on most packages09:41
yolandaok, so there is the MP for postfix09:41
Davieyjodh: Are you sponsoring https://code.launchpad.net/~yolanda.robla/ubuntu/saucy/postfix/dep-8-tests/+merge/161610 ?09:43
hXmbtw reading the log i got this http://pastebin.com/TgDCVXPf09:44
hXmit repeats for a long time09:44
Enichrbasak, thanks for the answer..  i wouldnt want the root password floating around in files in plaintext.. even though it might only be readable by root.09:44
hXmis someone trying to do something weird or what? and what can i do09:44
rbasakEnich: I agree. It's what the package does anyway though, I think.09:44
Enichi guess its better having it "float around" less places then.   :)   now for the second question.09:45
rbasakEnich: since mysql doesn't present any other way to get to the server AFAIK, and the package does things like certain upgrades for you, I don't think it has any choice. If you try and go against that, test it carefully because I'm not sure if the packaging will break or not (it may be fine - I just don't know).09:45
rbasakI just noted in the askubuntu.com answer that using "echo ...|" is bad because it may leave your password in the shell history of the unprivileged user.09:45
Enichwe really dont want that.09:46
rbasakBut if you get it into debconf-set-selections securely yourself (eg. in a here doc), you'll get exactly the same result in terms of plaintext passwords floating around as if you had entered it by hand.09:46
EnichWould any of you know of application(with scripting support) that would let me connect to a serial interface, and then send ascii strings (i am basically trying to make a script that connects and sends the initial configuration to a device with a serial interface.)09:48
rbasakecho "foo" > /dev/ttyS009:48
rbasakWith stty first to set the serial parameters up.09:49
Enichiv been looking at miniterm.py  cutecom and a few others09:49
rbasakOr about three lines of python with the pyserial module09:49
Enich/dev/pts/x09:49
Enich rbasak, the echo "foo" > /dev/pts/3   does not work im afraid,  i think i would need a application like miniterm.py, cutecom etc to establish the negotiation etc.10:02
=== cwillu_always_at is now known as cwillu_at_work
RoyKhi all. any idea how to open an ssh tunnel from A to B so that C can reach A through B directly? I'm testing with 'ssh -f -n -N -o ExitOnForwardFailure yes -R 3035:0.0.0.0:22 -D 0.0.0.0:3035 asdf@adsf.karlsbakk.net', but that only makes B listen on 127.0.0.1:303511:16
patdk-lapnot sure what -D does for that11:20
patdk-lapbut it's as simple as, -R localip:localport:Cip:Cport user@b11:21
patdk-lapwait, you want to go from C to A11:21
patdk-lapyou will have to do that ssh from C to B11:22
patdk-lapunless you wanted to do that, double-ssh trick to break through nat11:22
patdk-laphttp://www.howtoforge.com/reverse-ssh-tunneling11:23
RoyKpatdk-lap: testing...11:26
RoyKpatdk-lap: so something like ssh -f -n -N -o ExitOnForwardFailure\ yes -R 0.0.0.0:3035:0.0.0.0:22 u@b ?11:30
RoyKpatdk-lap: tcp        0      0 127.0.0.1:3035          0.0.0.0:*               LISTEN11:30
RoyKsitll11:30
patdk-lapthe first 0.0.0.0 if missing becomes localhost, if you only need to connect from that computer, the second one is the computer the connection should go to (with source b)11:31
patdk-lapmaybe some ssh option limiting it11:31
RoyKGatewayPorts11:33
patdk-lapoh wait, I'm thinking -L not -R11:33
RoyKGatewayPorts yes helped11:33
RoyKpatdk-lap: in sshd_config11:44
=== cyphermox_ is now known as cyphermox
=== freeflyi1g is now known as freeflying
hXmhi12:42
hXmhow can i disallow postfix for external use12:42
hXmi only want from localhost12:42
greppyhXm: you could setup firewall rules, or you could configure it to bind to 127.0.0.112:43
hXmit could be in main.cf?12:44
hXmtalking about postfix12:44
hXmah, inet_interfaces12:44
hXmthanks12:44
NginUSI'm having trouble with xrdp in that it disconnects me as soon as the desktop loads- right after the kdm splash screen. Anyone have ideas as to a solution?12:45
=== wedgwood_away is now known as wedgwood
lamontdf13:05
lamontdoh13:05
RoyK-bash: doh: command not found13:17
Nafallonafallo@wizard:~$ doh13:18
NafalloNo command 'doh' found, did you mean:13:18
Nafallo Command 'dh' from package 'debhelper' (main)13:18
Nafallodoh: command not found13:18
Picizsh: correct 'doh' to 'dot' [nyae]?13:19
zulDaviey:  ping can we look at dropping Samba 3 in favor of Samba 413:23
Davieyzul: i'd rather we went to samba 5!13:24
Davieyzul: it would be good to work out the upgrade path. is smb3 dead upstream?13:24
zulDaviey:  no its just everyone is moving to Samba 4 (i think) and good to have active diretory support13:25
Davieyzul: for sure, especially before the next LTS13:26
mardraumI think "everyone" might be an overstatement; those using samba reliably for simply file/print sharing have work to do13:26
Davieymardraum: do you think smb3 will be supported for the next few years upstream?13:27
mardraumfor security, yeah13:27
mardraumall that said samba4 has been a long time coming, and I bet they want to get it out there...13:27
Davieymardraum: Yeah, I thought it made sense to get it in this release - prior to throwing it into the next LTS release (next)13:29
mardraumyeah, that makes sense13:29
zulDaviey:  its already in universe at least13:30
=== dannf` is now known as dannf
Davieymardraum: that said, if smb3 is still OK upstream - we can keep it in the archive13:30
zulDaviey:  i would see what slangasek would say though as well13:30
Davieyzul: good thinking13:32
jamespageplars, ping re http://summit.ubuntu.com/uds-1305/meeting/21806/servercloud-s-seeded-qa-workflow/13:49
jamespagefirst up this afternoon/morning - are you able to attend and join the g+ please13:49
plarsjamespage: yes, I'm planning to be there, and also pitti and jibel13:49
plarsjamespage: they are the dep8 test experts :)13:49
jamespageplars, marvellous!13:50
jamespagethanks13:50
=== Ursinha-afk is now known as Ursinha
zulyolanda:  https://code.launchpad.net/~zulcss/python-swiftclient/pbr/+merge/16394914:00
=== bladernr` is now known as bladernr
=== blitzkrieg3 is now known as jmleddy
zulyolanda:  https://code.launchpad.net/~zulcss/python-ceilometerclient/ftbfs/+merge/16396114:42
zulyolanda:  couple more https://code.launchpad.net/~zulcss/horizon/ftbfs/+merge/16396715:17
yolandapython-d2to1? first time i see it!15:18
yolandai see a diff of local_settings.py.example , with only the dir names changed, is that ok?15:19
yolandazul ^15:19
zulyeah15:20
paco1hello all!15:35
paco1if anyone can help me. I have a problem with my servers ldap 2.4.28 > => bdb_idl_delete_key: c_del id failed: DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock (-30994) | conn=-1 op=0: attribute "entryCSN" index delete failure15:36
paco1it affects all my ldap servers (15 servers) :s15:37
paco1si quelqu'un a une idée d'oú peut provenir le probleme...15:40
gumaI was asking yesterday about my multicast problem on my new setup 12.10 x64 multi home system. After adding missing static route "route add -net 224.0.0.0/4 dev p1p1" when starting my app server I see in tcpdump that data in coming. But my application does not gets it.15:40
paco1if anyone can point me to the right direction to resolve that issue15:40
gumaSo i have another (two) test apps to send and listen using the same socket settings. If I send data from the same box to p1p1 or 127.0.0.1 and listen on the same box it works15:42
gumabut when I try to send multicast test message from different box my other test app listening on p1p1 does not see that message. but while doing it tcpdump shows such message on the same machine where listener is running on?15:43
gumaI tried to disable rp_filter and that does not have any affect. Any ideas? Is there some setting in 12.10 that is turned off by default?15:44
bcessahi there, can someone point to a channel where I can ask a bit about x509/ssl? I mean other than #openssl, apparently nobody's there15:45
smokiehey guys, is it possible to run weekly backups of a running ubuntu server thats acting as a webserver?15:46
=== egersdorfer_ is now known as egersdorfer
zulyolanda:  https://code.launchpad.net/~zulcss/ceilometer/havana-ftbfs/+merge/16399216:13
gumaIs there something like SELinux on Ubuntu? And how can you turn it off?16:32
roaksoaxguma: we have apparmor16:35
sarnoldguma: https://help.ubuntu.com/community/AppArmor16:35
sarnold.. I bet that's out of date. heh.16:35
roaksoaxguma: https://help.ubuntu.com/13.04/serverguide/apparmor.html16:35
gumaI just found this before your post :). Does this in any way control is app can receive multicast data?16:35
sarnoldguma: no.16:36
sarnoldguma: check /var/log/audit/audit.log or dmesg output to see AppArmor DENIED messages16:36
gumasarnold: Good idea. Did not think about that. Let me check16:37
gumaI have no audit I have auth.log only16:38
sarnoldguma: auditd is responsible for the audit log. if auditd isn't installed, MAC messages go through dmesg/syslog16:40
gumasarnold: Ok I did installed auditd. After it was installed I tail -f on audit.log  dmsg and syslog. After starting my app I see multicast coming in tcpdump but my app does not get it. And no messages of any kind16:44
sarnoldguma: good :) then apparmor isn't involved. :)16:45
gumaI also disabled apparmor. Perhaps he is responsible to write errors?16:45
gumalet me enable it back on and try again16:45
gumasarnold: Just rebooted system get get it back to initial state. And will try on clean16:47
gumasarnold: ok So while tailing on dmsg, syslog and audit logs I did not see any messages when I started my mcast program16:51
gumaso as you stated it is not apparmor16:52
sarnoldguma: yeah. sorry, you'll still have to keep digging :(16:52
gumaif I send test message from same box I can receive just fine. But when coming from another box it is a problem.16:53
gumatcpdump shows activity with correct src IP and multicast addrs16:53
gumasarnold: I was wondering if there are better channels to ask this? Well I keep digging16:54
adam_gjamespage, okay to pull the trigger on these to CA staging and ubuntu -proposed? http://people.canonical.com/~agandelman/ca/folsom/2012.2.4/nova/  http://people.canonical.com/~agandelman/ca/grizzly/2013.1.1/16:55
sarnoldguma: if you can write a program to reproduce the problem in 30~50 lines of code, stackoverflow.com would be ideal. it might take a bit longer than IRC, but there's plenty of smart folks over there, someone might know what's going on16:56
gumasounds like a plan16:56
Davieyzul: You are driving the mysql session in 1hr?16:56
zulyeah i guess so16:57
Davieyjamespage: did we invite any external people to it?16:57
Davieyzul: ^16:57
zulDaviey:  SpamapS said he was coming16:57
jamespageadam_g, grizzly looks OK16:57
SpamapSIndeed I should be there16:57
DavieySpamapS: Greta16:58
DavieyGreat*16:58
* Daviey struggles to think of SpamapS as external to Ubuntu. :)16:59
jamespageadam_g, folsom to - I'm assuming they when through merge proposals first anyway right?16:59
adam_gjamespage, yup16:59
jamespageadam_g, +1 then16:59
SpamapSDaviey: Norvald Ryeng from Oracle will join us too17:00
DavieySpamapS: oh splendid, what is his IRC nick?17:01
SpamapSDaviey: ryeng17:03
SpamapSDaviey: he might only be on OFTC in debian-mysql17:03
DavieySpamapS: when the time comes, can i give you the hangout url and you pass it to him?17:04
SpamapSDaviey: sure.17:05
Davieyta17:05
dlloydhmm mariadb not in ubuntu repos yet?17:07
SpamapSdlloyd: no, but packages are nearly done for Debian17:07
dlloydah, thanks17:07
SpamapSdlloyd: undergoing review right now17:07
dlloydironically this wasnt the channel i meant to ask that in17:07
dlloydbut thanks!17:07
SpamapSooohh the irony17:08
NomadJimso I've got a silent install of mysql using something like: echo mysql-server mysql-server/root_password select PASSWORD | sudo debconf-set-selections17:13
NomadJimand I want to do a silent install of citadel's mail server as well17:13
NomadJimwhere do I look to find the variables to set like "mysql-server/rootpassword select PASSWORD"17:14
NomadJimbut for citadel17:14
rbasakNomadJim: install debconf-utils and then after installation grep the output of debconf-get-selections to see what the config option names are against what you answered.17:15
NomadJimso, I install debconf-utils, then install citadel manually, then grep debconf-get-selections17:15
NomadJim?17:15
rbasakRight.17:16
NomadJimrbasak:  thanks17:16
rbasakDoesn't matter if you install debconf-utils at the end; it'll still work.17:16
NomadJimcool17:16
SpamapSDaviey: FYI, I may be a few minutes late, have an errand to run and not sure it will be completed by 1800 UTC.. will get there ASAP17:16
rbasakNomadJim: note that echoing passwords into commands is bad because it may temporarily show up in a ps listing, and may end up in an unprivileged user's shell history file.17:17
NomadJimis there a secure way for setting debconf-set-selections17:18
rbasakThe debconf-set-selections end is secure. It's the echo end that's not necessarily secure.17:19
rbasakYou can use a heredoc from a script. Then it's down to whether the script can be read by unprivileged users.17:20
NomadJimi guess I could put a file on the server i'm deploying17:20
NomadJimnever heard of heredocs. I'll check that out17:20
rbasakYes - if in a secure file, then "cat /path/to/file|debconf-set-selections" would be secure.17:20
NomadJimrbasak:  sweet thanks17:21
zulDaviey:  mayhe we should have someone from the security team as well17:34
rbasakzul, Daviey: +117:39
zulDaviey:  they are sending two or 3 poeple17:42
* SpamapS returns in time17:51
SpamapSzul: hah, are they bringing torches and pitchforks?17:51
zulSpamapS:  perhaps17:51
hallynstgraber: that lxc-alpine patch is kind of scary.  Does a wget $url | tar x > apk; ./apk18:00
hallynstgraber: could you take a look at bug 1176287 when you get a chance, and comment on whether there's anything in the steam-lxc script which woudl cause this?18:05
uvirtbot`Launchpad bug 1176287 in lxc "lxc-start: Error creating cgroups" [High,Confirmed] https://launchpad.net/bugs/117628718:05
hallynoooh, wait, i wonder...18:07
=== thebwt_ is now known as thebwt
hallynnm, i see the problem the steam guy is having18:17
=== blitzkrieg3 is now known as jmleddy
nedbatI have a web server running as www-data.  I want to spawn subprocesses running as user sandbox, and have the sandbox process killed after a certain amount of real time.18:32
nedbatI tried spawning the process "sudo -u sandbox blah blah", but then I can't kill the process later.18:33
sarnoldnedbat: can you start up fastcgi or something similar as your user sandbox?18:36
nedbatsarnold: i don't understand how fastcgi would help: the sandbox code is not trying to be a web server.18:37
sarnoldnedbat: just that it represents a known way for a web server to interact with code potentially running as another user18:37
nedbatsarnold: an interesting idea.18:38
nedbatsarnold: apart from the web-server nature of the problem, do you know why I can't kill the process, or how I can?18:40
sarnoldnedbat: one user can't kill another user's processes. root can, so perhaps you could write a setuid program to let you kill processes owned by another user..18:40
nedbatsarnold: I'm trying "sudo kill -9 <pid>", and www-data is in the sudoers with: "www-data ALL=(ALL) NOPASSWD:/bin/kill"18:42
nedbatsarnold: it feels like I'm missing one small piece of this puzzle.18:42
sarnoldnedbat: 'kill' is quite often a shell-builtin, try /bin/kill in that command18:43
nedbatsarnold: that sounded really good, but doesn't seem to fix it.  Looking some more...18:44
sarnoldnedbat: anything in the logs?18:46
nedbatsarnold: right now I'm testing this in a Python module running unittests, are there system log files you think might have info?18:47
sarnoldnedbat: sudo will log to /var/log/auth* something at a minimum18:48
* nedbat looks18:49
=== wizonesolutions is now known as lefnire
nedbatsarnold: http://paste.pound-python.org/show/33118/  There's one line there about a failure, I don't know what it means.18:59
=== lefnire is now known as wizonesolutions
sarnoldnedbat: pam_xdg_support is a pam module to set up all that newfangled /run/user/ business. I'm not sure why'd it happen through sudo, and it probably doesn't affect whether or not this works.19:01
nedbatsarnold: and when I run the /bin/kill, I get an exit status of 0, and nothing written to stdout or stderr.19:03
sarnoldnedbat: is the process dead? :)19:03
nedbatsarnold: for the test, the process is just a sleep(5), and it ends naturally after the 5-second sleep.19:04
sarnoldnedbat: can you change to sleep 20 or something and check?19:04
nedbatyes, it's still running.19:06
sarnold:(19:06
nedbatsarnold: in fact, it's python: "sleep(5); print 'Done'", and I get the Done string on the stdout.19:06
nedbatsarnold: i really appreciate you spending time on this.  It seems like it should be possible.19:07
sarnoldnedbat: indeed, I'd expect that to Just Work19:07
jdstrandyolanda: how far along is bug 1089488 to being verified?19:14
uvirtbot`Launchpad bug 1089488 in nova "Meta bug for tracking Openstack Stable Updates" [Undecided,Fix committed] https://launchpad.net/bugs/108948819:14
arosalessmoser, thanks for the update in bug 102069519:20
uvirtbot`Launchpad bug 1020695 in cloud-init "Add variable for local IP address to /etc/hosts manager" [Low,Triaged] https://launchpad.net/bugs/102069519:20
jdstrandjamespage: ^19:22
nedbatsarnold: a new piece of data: the pid I'm trying to kill is not the same as the sleeping process.  Can I kill the process and any that it spawned?19:23
sarnoldnedbat: ah!19:24
sarnoldnedbat: look into cgroups19:24
sarnoldnedbat: that's afaik the only way to track children of a process ..19:25
jdstrandDaviey: ^19:29
yolandajdstrand, we've launched some tests in jenkins, tomorrow i'll work more on it and i expect is done19:29
jdstrandyolanda: cool, thanks. so, we expect this to be out the door this week?19:30
jdstrand(ie, in -updates)19:30
yolandajdstrand, i hope so, tomorrow i'll have more time to work on it19:30
yolandaadam_g, what do you think?19:31
jdstrandyolanda: I have a keystone CVE I'd like to get fixed that is blocked currently19:31
jdstrandbut I don't want to reset you work19:31
jdstrands/you/your/19:31
Davieyjdstrand: Another one aswell?19:31
jdstrandit is the one that came out last week19:32
adam_gyolanda, you said you had tests passing with logs. right? should be good to mark verification done19:32
yolandaadam_g, yes, latest ones were ok19:32
Davieyadam_g: Can you make sure the jenkins results get lots of love?19:33
adam_gDaviey, what do you mean?19:33
Davieyjdstrand: It's looking close enough that it makes sense to base your update on this stuff.19:33
Davieyadam_g: You kicked off a fresh jenkins test for bug 1089488?19:33
uvirtbot`Launchpad bug 1089488 in nova "Meta bug for tracking Openstack Stable Updates" [Undecided,Fix committed] https://launchpad.net/bugs/108948819:33
jdstrandok, cool19:33
* jdstrand rebases keystone on -proposed19:34
adam_gDaviey, yolanda and i have been running tests for whats in precise-proposed, yea19:34
yolandahad a problem with floating ips in some run, but today they worked ok19:34
Davieyadam_g: perfect, thanks19:34
yolandatomorrow morning i'll take care of the logs and update the bug19:36
Davieyyolanda / adam_g: to check, the testing looks good.. we just need to double check the results and update the bug status?19:36
yolandayes, that's it19:37
Davieyjdstrand: we look good :)19:37
adam_gyolanda, its probably EOD for you soon do you want me to post-back the verification and tags after this session is over?19:37
yolandaadam_g, it's ok for me, or i can do it tomorrow morning if that's on time19:38
K4kI'm looking for help with using a ks.cfg for automating ubuntu installs. I've got it working fine but I thought that specifying "url --url http://...." would install the packages from there instaed of the CD. Instead, it seems to still be installing from CD. Has anyone got experience with this or know why it isn't installed from the network mirror?19:39
yolandaleaving for today, bye!19:51
nedbatsarnold: just to close the loop: I got it working by killing the process group, and by using setsid() so that my spawned process was a new process group.  Thanks for the help! :)20:01
codexIs there a way to prevent apt-get dist-upgrade from doing a release upgrade?21:05
codexI am assuming /etc/update-manager/release-upgrades seeting to 'never' would be it, but not sure21:08
dpb1codex: it shouldn't do a release upgrade.  does it?21:08
codexdpb1: my 10.04 lts just did to 11.0421:09
codexi was under the impression that it shouldn't either21:09
codex(ended up running into this: http://aaron-kelley.net/blog/2011/04/grub-prompt-after-upgrade-to-ubuntu-11-04/) which was frustrating21:10
dpb1codex: that should not happen unless the /etc/apt/sources.list* files were changed unintentionally ("lucid" -> "natty")21:11
codexlooking into puppet, it doesn't seem to have been21:12
codexi wonder if there was some sort of a bug. I am looking at the log now and it looks like dist-upgrade had >308 packages that could be upgraded21:13
mdeslaurdist-upgrade never does a release upgrade unless you changed the sources.list file21:13
dpb1so, the only tool that you should run that updates those series names in ubuntu is "do-release-upgrade"21:14
dpb1If the series names get updated, then apt-get dist-upgrade will do something like a full update of your distro, but in a non-managed and non-recommended way. if that makes sense.21:15
codexyea, that was my impression too. I'll check with someone to make sure they didn't modify the sources, but this was definitely "interesting"21:15
=== pgraner` is now known as pgraner
LartzaLet's take a default OpenVZ Ubuntu 13.04 install... or even a disc maybe, what is running in Port 53 that answers to UDP?? :/22:16
sarnoldLartza: I have no idea where you'd get a "default openvz install", but check for dnsmasq22:20
Lartzasarnold, I have a VPS that just got DDOS'ed, and the provider told me it was UDP flood to port 53, but I have nothing installed there, so it must be something default22:21
=== wedgwood is now known as wedgwood_away
sarnoldLartza: flood -to- port 53? or flood -from- port 53?22:23
Lartzasarnold, "it was an udp flood against the port 53 "22:25
LartzaSo umm :S22:26
LartzaDon't know22:26
LartzaDo I need anything publicly accessible in 53?22:26
sarnoldLartza: only if you're intentionally providing authoritative DNS service...22:27
LartzaYeah I'm not...22:27
sarnoldLartza: if you're just providing recursive DNS service on that port, it'd be wise to ensure you only answer queries from your own netblock..22:27
Lartzasarnold, It was just a default install from my VPS provider :/22:27
K4kafter re-mastering an iso and re-creating the iso file with mkisofs, other than unetbootin, is there a way to get the iso onto a usb stick? I tried dd, but that didn't seem to work with the iso formatted in this way.22:28
sarnoldLartza: then no, nothing should be bound to port 53. check with sudo netstat -nlup  | grep :53   to see if anything is listening..22:28
Lartzasarnold, Just sending another message to support wether they could open the server back up before 24 hours... they nulled my IP22:29
sarnoldLartza: ow. do you have console access?22:30
sarnoldnedbat: hey, glad to hear you found a good solution to killing your tasks :) nice.22:30
Lartzaserial console from the VPS panel doesn't seem to work22:30
Lartzasarnold, It's named22:42
Lartza:/22:42
sarnoldLartza: ah. I wonder why you're running named.22:42
Lartzasarnold, I can't make it stop22:43
LartzaUnrecognized service22:43
Lartzaahh22:43
Lartzabind922:43
sarnoldyou might wish to just apt-get purge bind9 and make sure that can't happen again22:44
LartzaYeah I will22:44
sarnold.. if apt tells you something depends upon it, that might give some insight why it was there in the first place..22:44
LartzaNope22:44
LartzaI think I've seen a DNS server on every DNS I've owned...22:44
Lartzasarnold, Just checked my smaller, Debian server, named listening there too :)22:45
sarnoldLartza: o_O22:45
Lartzasarnold, Yeah...22:53
Lartzasarnold, Uninstalled bind9 on both servers, now for some sleep since it's 1:53... Thank you for your help :)22:54
sarnoldLartza: have fun :)22:54
RoyKwhy do some people use 20 drives in a single raid-6?23:22
RoyKoh well, some people like base jumping ;)23:22
Patrickdkroyk, heh, hp limits me to 16 disks per raid set23:38
Patrickdkso max 16 drive raid10, raid6, raid50, ...23:38

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!