/srv/irclogs.ubuntu.com/2013/05/21/#ubuntu-server.txt

energizer	This is my first server. I just ran "sudo apt-get install apache2". Now when I navigate to localhost, I get "it works!" When I go to my host's IP from a different computer, I get nothing ("taking too long to respond".) What do I need to do?	03:50
qman__	apache listens on all addresses out of the box, and the firewall is accept-all out of the box too	03:53
qman__	so either you configured something to block it, or you're going through a router that's not set up right, etc	03:53
energizer	Oh i didnt even think about the firewall. I had ufw enabled. Thanks!	03:54
energizer	I set up an apache server, put an episode in /var/www and now I'm downloading it from another computer. Downloaded 39% in a few seconds, and hasnt made any progress for a long time. Its a 180MB file. Any suggestions.	04:30
airtonix	energizer: use nginx instead?	05:20
=== pug is now known as Guest90499
adam_g	jamespage, https://code.launchpad.net/~gandelman-a/charms/precise/nova-compute/early_keystone/+merge/164836 one last bug fix to the bash charms before they get merged. hit this when i changed up ordering of relations in deployer config	05:26
energizer	How do i get my index.html to list all of the files in /var/www ?	05:49
rustx	energizer: you really want do that in html ?	05:50
andol	energizer: If you want a directory listing the easiest is generally to not have any index.html, and make sure that your web server has its indexing option enabled.	05:50
energizer	So if I jsut delete index.html, that will automatically happen?	05:51
andol	energizer: That all depends on how your web server is configured.	05:51
energizer	I guess so! Thanks. Is there any reason not to do that? (Just making sure I understood rustx's comment correctly)	05:54
greppy	energizer: it may expose files or directory structure that you don't want others to see.	05:56
energizer	ok thanks	05:57
rustx	energizer: well: You could use DirectoryIndex, but i advise you to configure your Allow from rules to be sure not to expose file directory structure to the whole world (as greppy said)	06:01
energizer	Is it correct that I'm only exposing /var/www and subfolders?	06:04
energizer	rustx if i want to make files available to friends, is this a reasonable and secure way to do it?	06:06
rustx	yep, could be	06:08
rustx	energizer: you have 2 choices : either use Allow From rules, and match the exact IP your friend have at home (or any IP they use)	06:08
rustx	energizer: this will make directory list avaiable only from the IPs you configure	06:09
rustx	energizer: or, the second choice, more simple, would be to use a .htaccess and htpasswd to provide them a password without restriction on IPs to use ..	06:09
rustx	energizer: the second choice can be simple if your friends don't have a static ip	06:10
rustx	energizer: most of IPs provided by ISP can be dynamic, and in that case, the first choice is more complex	06:10
energizer	Whats the difference between these two methods? (http://bit.ly/13DFYdk)	06:14
energizer	rustx: That looks helpful-- thanks. In the Ubuntu community page (https://help.ubuntu.com/community/EnablingUseOfApacheHtaccessFiles), it recommends using the main server configuration file instead of htaccess files. If I want to try the 'recommended' way, is it the same procedure as .htaccess? Any ideas?	06:26
rustx	energizer: let me check your links	06:29
rustx	energizer: 2 sec	06:29
energizer	rustx thanks	06:29
rustx	energizer: ok	06:30
rustx	energizer: when using apache, you can create several virtualhosts	06:30
rustx	energizer: if you only have one, you can password protect the default virtualhost (which is in /etc/apache2/sites-avaible/default) by using the following directives	06:31
rustx	.htaccess can be also used, but the simplier for you is the following	06:31
rustx	energizer: http://pastebin.com/xMCyLg6r	06:33
rustx	on that way, each time apache will look to serve your default virtualhost, it will check the password file in /var/www/.htpasswd	06:33
rustx	then, to create your user/pass in that file, you have to use the following command : htpasswd -cm youruser	06:33
rustx	the shell will ask for your password twice, and when it's ok, your directory will be protected	06:34
rustx	energizer: if you need to add another account to that password file, just remove the 'c' option from htpasswd command (as c option is to create the file ...)	06:34
rustx	energizer: to add friends, the command to use will be htpasswd -m myfrienduser	06:34
rustx	energizer: is that clear enough to you ?	06:34
energizer	thanks. lemme give it a look-over	06:35
rustx	energizer: in my pastebin, i just forgot the Option +DirectoryIndex	06:35
rustx	Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch +DirectoryIndex	06:35
rustx	it will work fine, trust me ;)	06:35
rustx	energizer: of course, when you change your directory cofniguration, you need at least to reload apache	06:37
rustx	or restart ^ ^	06:37
energizer	rustx so by default i have this stuff (http://pastebin.com/4n4J4psw) in my sites-available/default. I'm supposed to replace it with your pastebin?	06:38
rustx	energizer: exactly	06:43
rustx	energizer: just the <Directory /var/ww> part to ... </Directory>	06:44
energizer	I'll give it a shot. Thank you!	06:47
rustx	energizer: you're welcome	06:50
energizer	rustx you still here?	07:18
rustx	energizer: yep	07:20
rustx	still at work, so still there :)	07:20
energizer	rustx cool. When I restart apache, i get 'illegal option DirectoryIndex'	07:22
rustx	energizer: yep, my bad/ Replace 'DirectoryIndex' by 'Index' and it will be fine	07:23
rustx	Options Indexes is enough for what you want to do	07:24
rustx	which means directory listing, ..	07:24
energizer	rustx ok I restart apache successfully with '+Indexes'. Now when i try to access localhost, i get '500 local server error'	07:27
rustx	ok	07:28
rustx	energizer: do 'a2enmod rewrite '	07:29
rustx	htpasswd needs rewrite mod to be enabled	07:29
rustx	you can have all enabled mods thanks to : apache2ctl -M	07:29
rustx	i guess you missed the rewrite module activation to use htpasswd\|htaccess	07:29
rustx	then restart apache .. and it should work :)	07:30
rustx	3 time i say you this .. jejeje ..	07:30
rustx	but i am also working on puppet stuff at the same time	07:30
rustx	sorry for the mistakes i forgot to fix before answering	07:31
rustx	energizer: but this is making you having a good starting knowledge about apache2 :)	07:31
rustx	which is also great : the one that don't do mistake ... don't learn nothing :)	07:32
energizer	so i ran 'a2enmod rewrite' and restarted apache. same 500 error.	07:33
rustx	paste me errors logs please ?	07:36
rustx	hooo .. dit you make the password file ?	07:36
rustx	htppasswd -cm /var/www/.htpasswd energizer	07:36
rustx	sorry, htpasswd -cm /var/www/.htpasswd energizer	07:36
rustx	this is the reason why : no .htpasswd file to read :)	07:36
rustx	500 errors sounds like no file to read for password ...	07:37
rustx	we wil get it	07:37
rustx	you make me reminds my apache knowledge. That makes long time I switched to nginx ..	07:38
energizer	rustx It works beautifully. I had put my password in the wrong folder.	07:40
energizer	rustx wait not so fast	07:40
=== Guest97906 is now known as smokie
energizer	rustx ya it works wonderfully.	07:44
rustx	energizer: good then	07:45
rustx	energizer: happy you could learn how to set htpasswd protection on apache ;)	07:45
energizer	rustx Thanks very much! I suppose I should ask-- what is the difference between your pastebin and the code in here: https://help.ubuntu.com/community/EnablingUseOfApacheHtaccessFiles	07:47
rustx	energizer : the difference between your setup and ubuntu web page concerns particular directory into a main directory. In your case, your password protection was done on the main root document /var/www	07:48
rustx	energizer: in apache, you can set different rules for each directory inside /var/www by putting a .htaccess file inside	07:49
rustx	each time apache browse a directory inside /var/www, it will check if .htaccess rules exists, so that to apply those into the directory - or not ...	07:49
rustx	we did a 'default conf', but if you need different rules for different directory, then you should use .htaccess file	07:50
rustx	energizer: at the end, the .htaccess file overrides your default rule inside an apache directory .. :)	07:50
rustx	energizer: this is the way apache works. But, having a file read inside each directory is not so good for performances. According to me, it is better to set all particular rules into your vhost configuration	07:51
rustx	energizer: only depends what you need to do at the end	07:51
rustx	energizer: is that clear enough ? for that explanation about .htaccess ?	07:51
energizer	That is very good. Thank you very much!	07:55
energizer	rustx ^^	07:55
rustx	energizer: you're welcome dude	07:56
energizer	rustx Last thing. I think that i could stream video from the server before i put up the password. It doesnt seem to work now. Did these settings disable that?	08:08
rustx	nope	08:08
rustx	hum, maybe because of the directory index	08:09
rustx	you maybe can't list file, and read them in the server	08:09
rustx	the server certainly ask you to download those ..	08:09
rustx	you have to choose, or set a DirectoryMatch rules, so that not to index the directory that serves the files on the which one you want to go with streaming	08:10
energizer	rustx i want to double-check that i can do it without the index	08:11
energizer	rustx so now even without +Indexes streaming doesnt work	08:18
rustx	energizer: brb	08:29
energizer	rustx np	08:29
rustx	energizer: what are the options you are using at the end ?	08:31
energizer	rustx Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch +Indexes	08:31
rustx	energizer: try with remove -Multiviews option ..	08:34
rustx	reload apache .. and streaming should work	08:34
energizer	rustx didnt work	08:37
rustx	:(	08:37
energizer	mp3, mp4, avi -- none work	08:37
energizer	rustx i found this thread. bottom comment seems to solve it for him, but im not sure how to apply it here	08:40
energizer	rustx http://ubuntuforums.org/showthread.php?t=2142911	08:40
caribou	Daviey: regarding the rsyslog SRU (bug: LP#1169740), I added a comment	09:53
caribou	Daviey: I'm not able to reproduce the race condition with the modified script	09:53
Daviey	caribou: It sounds like the test script never worked to identify the issue :)	09:55
Daviey	caribou: But, it also looks like it doesn't make the situation worse.	09:55
caribou	Daviey: that's my assumptio	09:55
caribou	Daviey: yeah, that's what I discussed with Adam, hence marking it verification-done	09:56
SirT	Hi there, i have just set up ubunut server on a virtual machine, but when i boot into it i get to the command line instead of the GUI. I have tried to use apt-get install ubutnu desktop, but get a 403 Forbiddon error	10:33
SirT	can anyone help?	10:33
=== Solarra is now known as katsy
edenist	by default, ubuntu server is CLI only	10:38
edenist	you can install a desktop	10:38
simosx	SirT, Ubuntu Server comes by default with the command line.	10:38
edenist	what version of ubuntu server?	10:38
edenist	you may be better off installing a desktop version of ubuntu if that is what you require. Every package that runs on server can be installed on Desktop version as well	10:38
simosx	edenist, do we recommend to use Zentyal for those who require an easier management experience?	10:39
* RoyK recommends learning the commandline		10:39
edenist	SirT, if you are getting a 403 forbidden error, it sounds like your network hasn't been configured correctly during install. In which case, you wont be able to install any packages.	10:41
SirT	Thank you for you help	10:43
SirT	i think it seems to be a firebox firewall issue	10:43
SirT	i will add an exception and let you know	10:43
SirT	IT was a firewall problem - :)	10:52
edenist	glad thats working now	10:53
resno	its always the firewall	11:10
Solarra	stupid question: do you folks know a linux piece of software that provides a similar functionality to TVersity Media server?	11:18
resno	what do you want it to do?	11:19
resno	what is the "similar functionality" you want	11:19
Nafallo	Solarra: something like minidlna?	11:19
edenist	there's quite a few. google "linux DLNA server". Some I have used are fuppes, ps3mediaserver.....	11:22
Solarra	do those also support on the fly encoding?	11:24
edenist	they do, but not all of them support it natively themselves. I believe most just use FFMPEG	11:25
edenist	or MPLAYER	11:25
edenist	mediatomb as well is another I have used, was a few years ago now though so I dont know if it is still maintained. I've never used on the fly encoding though.	11:26
germanstudent	I'm having problem mounting sshfs on Ubuntu 12.04 at startup. Does someone know a good tutorial or something?	11:40
Madkiss	cheers	11:54
Madkiss	how do I set the DefaultTime2Retain global value for TGT storage volumes?	11:54
SirT	im tryin gto edit the interfaces file to make my ubuntu server static ip. i have opened and edited in nano - how can i save this? i have tried to change it in editor, but it says i do not have permissions.	11:54
hXm	SirT: press ctrl+o	12:07
hXm	if you dont have permissions you need open it with root privileges	12:08
=== gary_poster is now known as gary_poster\|away
ak5	hi, how do I add repositories? according to google there is something called apt-add-repository but not for my 12.04 system	12:14
zul	yolanda: https://code.launchpad.net/~zulcss/nova/noava-ftbfs-refresh/+merge/164650	12:15
yolanda	hi zul	12:15
yolanda	ok	12:15
rbasak	ak5: http://stackoverflow.com/questions/13018626/add-apt-repository-not-found	12:15
=== gary_poster\|away is now known as gary_poster
=== Solarra is now known as Solarra_
ak5	ty	12:18
ak5	although thats weird that one fix works for some another for others	12:18
ak5	the accepted answer didn't work for me	12:18
ballock	Hello, guys :)	12:39
ballock	as advised I posted this authentication stuff to ubuntu-devel-discuss	12:39
ballock	https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2013-May/014518.html	12:39
ballock	Perhaps I can get some of your attention?	12:39
jcastro	I skipped to the bottom. :)	12:41
jcastro	I've deployed a bunch of machines with auth too and remember doing a similar analysis	12:41
jcastro	ballock: hey so I think the first step is to shove this all into a blueprint	12:42
jcastro	and then submit it for discussion at the next virtual UDS.	12:43
ballock	jcastro: you mentioned some of your analyses, were those published?	12:44
jcastro	yeah but it was around ubuntu 7.10ish	12:44
jcastro	let me dig it up	12:45
ballock	sssd wasn't pretty much there yet	12:45
jcastro	oh this is way before	12:45
ballock	but the rest should pretty match	12:45
qman__	samba 4 wasn't around either, and it's a real game changer	12:45
ballock	qman__: I wouldn't necessarily agree	12:46
qman__	for a pure linux environment I can see why you would not want to use it	12:46
qman__	but for cross-platform compatibility it's the obvious choice	12:46
jcastro	at the time I just used AD	12:46
ballock	If you think that Microsoft is supposed to be the Directory server then perhaps so.	12:47
qman__	you don't need any microsoft servers to use it	12:47
qman__	it's just microsoft compatible	12:47
ballock	But I wouldn't base my decision on something from that stable.	12:47
ballock	I know you can have a Samba4 DC now	12:48
qman__	it's not from that stable, it's a completely open source software	12:48
jcastro	plus remember you have like a year until the next LTS	12:48
ballock	I am aware of it.	12:48
jcastro	so, now's probably the time to talk about it	12:48
ballock	But still Samba4 will need to follow Microsoft's footsteps	12:49
ballock	because that's their primary goal	12:49
ballock	- to create a Microsoft-compatible domain controller	12:49
ballock	and client support	12:49
qman__	yes, which will ensure continued cross compatibility in the future	12:49
ballock	If Microsoft decides to change the protocol, Samba will again behind it.	12:50
ballock	Of course Microsoft	12:50
ballock	"fearing" the monopoly problems with EC or the US something	12:50
qman__	Microsoft isn't going to do anything to purposely break samba; they helped the samba guys get it working	12:50
jcastro	Last I checked all their specs were open and they were working with the Samba guys	12:50
qman__	at this point, microsoft is all for it	12:51
qman__	and they really don't stand to gain anything by doing a 180	12:51
ballock	will "support" samba to dismiss the accusation of monopoly in this market.	12:51
qman__	it isn't about trust, it's about simple business sense	12:51
qman__	and even if they do, the current product will continue to work with all existing products	12:51
ballock	I do not think the Samba team managed to port all the AD management products like the Group Policy Editor	12:52
ballock	I mean, the mechanisms with RPC are there	12:52
ballock	but you are supposed to manage it with Microsoft's products anyway	12:53
ballock	there comes a licensing problem	12:53
ballock	aside from the patenting stuff	12:53
ballock	i.e. that Android tax you might have heard of	12:53
ballock	I wouldn't be shocked to hear Microsoft has a patent for CIFS or for its subset.	12:54
ballock	I admit I haven't checked how Samba4 client behaves in my environment.	12:55
ballock	I wish them the best.	12:55
ballock	But as Microsoft is providing an LDAP and Kerberos interface to its directory, why not use that instead?	12:55
ballock	It's an open standard and fits for a more generic case -	12:56
ballock	not only for AD.	12:56
rbasak	ballock: thanks for sending that email, and for doing all the work and research behind it.	13:03
jamespage	hallyn, does this commit for qemu have SRU potential? http://lists.nongnu.org/archive/html/qemu-stable/2013-05/msg00066.html	13:04
rbasak	ballock: it's great to see somebody driving this, especially somebody who is managing production deployments.	13:05
hallyn	jamespage: hm, i'm not sure. it's a perf improvement, not a fix for any sort of crash	13:06
hallyn	jamespage: are you talkign about to precise, or to raring (which has 1.4.0) ?	13:06
jamespage	hallyn, I think precise is probably not realistic - but raring might be OK?	13:07
ballock	rbasak: thanks for appreciation, I hope to have some progress on it	13:07
hallyn	jamespage: i assume you're asking bc you or someone else reported impressive gains with it?	13:07
hallyn	if so, i can give it a whirl. though this week, starting today, i was goign to first merge 1.5.0 into saucy	13:08
jamespage	hallyn, someone asked me in #ceph on OFTC	13:08
rbasak	ballock: I used to work in this area in a former job. But now I'm a full time developer, and so I can't be as up-to-date with this stuff as you are.	13:08
jamespage	hallyn, work on 1.5.0 first	13:08
ballock	I have no access to change the actual packages nor have the contacts to ask who is able to fix stuff	13:08
ballock	besides it is supposed to be discussed first, that's what I am trying to achieve	13:09
hallyn	jamespage: oooh, i see. it mainly affects rbd. i missed that from the description :)	13:09
ballock	Is the post in the right list to get attention or should I post links to some other lists or channels?	13:10
ballock	Perhaps I should inform some individuals?	13:10
ballock	The vUDS idea is good, but I think there are things to check before getting there.	13:10
rbasak	ballock: right. If you get it agreed in a blueprint after discussion at the next vUDS, and you then provide patches to packages that are acceptable to Ubuntu developers, then you should be able to get your patches sponsored. It does take longer to get things reviewed that way, but we are all keen to make sure that this route is available to you.	13:11
hallyn	jamespage: applies cleanly (2 line offset) to 1.4.0, queued this up for next monday	13:12
rbasak	ballock: and in time you can become an Ubuntu developer yourself.	13:12
jamespage	hallyn, thanks muchly	13:13
jamespage	do you need a bug report to go with that?	13:13
SirT	im trying to run sudo /etc/init.d/networking restart command, however i get an error saying couldnt read interfaces file	13:17
SirT	anyone have any ideas?	13:17
rbasak	SirT: the installer creates /etc/network/interfaces for you. Perhaps you've lost or renamed this file? Try restoring it from backup.	13:19
rbasak	Or see the interfaces man page to recreate one from scratch. It's not very complicated.	13:19
ballock	rbasak: thanks, I'll copy the stuff to a blueprint... there's some naming convention for that, right?	13:20
ballock	And again, should this be the server, foundations or... community?	13:21
rbasak	ballock: there is. But I'm not sure what to do here, especially as we've just had UDS.	13:22
hallyn	jamespage: I'll need it for SRU of course. I can submit one myself, but having it come from someoen else should be helpful	13:22
rbasak	ballock: perhaps start with a wiki page proposal? The blueprint is really for when it's ready for UDS - you can start the discussion and specification first.	13:23
psivaa	hallyn: lxc smoke test for saucy appears to have some hanging issue, http://pastebin.ubuntu.com/5686913/	13:23
ballock	rbasak: well, I can create a blueprint and get other things done	13:23
hallyn	smb: bug 1180281 sounds like your cup of tea	13:23
uvirtbot	Launchpad bug 1180281 in libvirt "“Unable to connect to libvirt” when using xl toolstack with Xen 4.2.1" [Medium,Confirmed] https://launchpad.net/bugs/1180281	13:23
psivaa	hallyn: the vm is in aldebaran now if you'd like to investigate	13:24
hallyn	psivaa: virbr0 is not related to lxc0... it sounds like your host is a bit hosed	13:25
rbasak	ballock: I don't think there's any need for a formal process until you're ready to get the details agreed on in a session. It's fine just to use wiki.ubuntu.com and mailing list discussions until then.	13:25
hallyn	psivaa: is the 'lxc-list' output from the host, or the utah vm guest?	13:25
psivaa	hallyn: it's from the utah vm host	13:26
rbasak	ballock: until then, the main thing to do is to work towards a solid proposal, and then provided that there aren't any objections you should be set to go at the next UDS.	13:26
hallyn	psivaa: none of the test code actually runs on the vm host right?	13:28
hallyn	psivaa: it sounds like /bin/init's rootfs was deleted...	13:28
hallyn	(not necessarily /, but /proc/1/root)	13:28
psivaa	hallyn: the lxc test code is only run in the vm host installed by utah	13:28
SirT	rabsak: Thanks for the reply	13:29
hallyn	psivaa: oh. ok, i call that the vm guest	13:30
psivaa	hallyn: ok :), so the test code actually runs in the vm guest which is saucy and not in vm host which is a precise installation	13:32
hallyn	psivaa: phew :)	13:32
psivaa	hallyn: :)	13:33
jamespage	hallyn, I asked the reported to raise a bug	13:40
jamespage	reporter that is	13:41
hallyn	jamespage: thanks	13:42
hallyn	psivaa: that vm really seems hung	13:43
hallyn	i'm goign to try simple testcases on fresh saucy box	13:44
psivaa	hallyn: ack, thanks	13:48
=== wedgwood_away is now known as wedgwood
hallyn	psivaa: oooh. i see. the messages you saw in dmesg are innocuous	14:00
hallyn	psivaa: upstart on the host is getting net-device-up messages for the network interfaces in the containers. Tries to deal with them, but /sys/class/net/$nic does not exist on the host. so it logs and ignores	14:00
hallyn	psivaa: As I said the utah guest seems to have completely hung for me - I'm not sure if that's a connection issue, an issue on aldebaran itself, a qemu issue, or what.	14:01
psivaa	hallyn: ohh ok, i was able to ssh to it though, i have the lxc test output now	14:02
hallyn	oh, the vm went away.	14:02
hallyn	ok	14:02
hallyn	psivaa: and did the tests fail?	14:02
psivaa	hallyn: yea the jenkins job collected the jobs destroyed the vm and one of the tests fail	14:02
hallyn	psivaa: one of the tests failed bc i killed it i think	14:03
SirT	trrying to run active directory membership, it keeps telling my password is incorect - do i need to set this somewhere?	14:04
psivaa	hallyn: http://pastebin.ubuntu.com/5687029/ is the failure , not sure if that's related to the killing	14:04
SirT	this is for domainjoin-gui	14:04
hallyn	psivaa: /usr/share/lxc/templates/lxc-ubuntu: line 257: 23822 Terminated flock -x 200	14:05
hallyn	psivaa: ^ yeah that was me :)	14:05
psivaa	hallyn: ack :)	14:05
TheLordOfTime	Daviey: server team meeting still on for today?	14:05
Daviey	TheLordOfTime: sure is!	14:06
TheLordOfTime	what time is it at again?	14:06
* TheLordOfTime needs to balance his time before the meeting so he can go vote :/		14:06
Daviey	TheLordOfTime: in 1hr50 mins	14:10
TheLordOfTime	eesh that means i need to get to the voting place now... o.O	14:10
TheLordOfTime	Daviey: any action items or points of interest I should read up on before the meeting?	14:16
Daviey	TheLordOfTime: we are quite early in the dev cycle, so nothing too juciy	14:20
Daviey	TheLordOfTime: but, https://wiki.ubuntu.com/ServerTeam/Meeting	14:20
TheLordOfTime	Daviey: mind if i steal some time during open discussion RE including nginx as an option on either tasksel or some screen within the installer, or would that be better suited for another team's meeting? (per https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1177919/comments/3)	14:21
uvirtbot	Launchpad bug 1177919 in nginx "Merge nginx 1.4.1-1 (universe) from Debian unstable (main)" [Wishlist,Fix released]	14:21
TheLordOfTime	(btw thanks for handling that merge!)	14:21
TheLordOfTime	(assuming it was you)	14:21
TheLordOfTime	s/handling/sponsoring/	14:22
Daviey	TheLordOfTime: yes, it was me. And sure, that is a good spot.	14:25
TheLordOfTime	okay, i've got a mental list of pros and cons	14:25
TheLordOfTime	a few big cons too	14:25
TheLordOfTime	Daviey: it's in #ubuntu-meeting, right?	14:28
Daviey	TheLordOfTime: yes	14:29
zul	yolanda: https://code.launchpad.net/~zulcss/ceilometer/ceilometer-pbr/+merge/164907	14:30
samba35	Sub-process /usr/bin/dpkg returned an error code (1) how do i fix this problem when i try to download package	14:30
TheLordOfTime	samba35: we need more than just the "subprocess returned an error" output, it's likely explained a little earlier in the output...	14:33
yolanda	zul, i see python-testtools is added as depends but not listed in changelog?	14:34
zul	yolanda: doh ill add that	14:34
samba35	dpkg: error processing openvas-server (--configure):	14:35
samba35	subprocess installed post-installation script returned error exit status 10	14:35
samba35	Errors were encountered while processing:	14:35
samba35	openvas-server	14:35
samba35	E: Sub-process /usr/bin/dpkg returned an error code (1)	14:35
zul	yolanda: fixed	14:45
samba35	i think there is temp files with openvas server how do i clean up dpkg temp	14:48
zul	jamespage: ping around?	14:52
jamespage	zul, ping yes	14:52
zul	jamespage: https://code.launchpad.net/~zulcss/horizon/horizon-pbr/+merge/164914	14:53
=== koolhead17\|afk is now known as koolhead17
zul	jamespage: crap	15:14
Daviey	zul: horizon would really benefit from a dep-8 test IMO :)	15:17
zul	im sure it would	15:18
Daviey	One that shows that GET / returns 200 :)	15:18
Daviey	(under apache / mod_wsgi, not just djanog dev server)	15:18
zul	Daviey: that ould be my next commit i just want to get the builds going again	15:18
Daviey	yeah	15:20
SirT	can anyone here help me with likewise AD settings?	15:36
Rallias	Is there any way I can force br1 to wait until lxc container vpn is booted and running?	15:45
zul	yolanda/jamespage: https://code.launchpad.net/~zulcss/python-swiftclient/fbtfs-testr/+merge/164927	15:48
Daviey	yolanda: zul wants to add dep8 tests to swiftclient, and i suspect is asking for some assistance. Specifically a --help test.	15:50
Daviey	Right zul ? :)	15:50
TheLordOfTime	Daviey: i might be late to the meeting, since now is the first chance I can get to vote...	15:50
TheLordOfTime	:/	15:50
zul	Daviey: actually i just want to get them building again	15:50
Daviey	TheLordOfTime: don't worry, AOB happens right at the end	15:50
Daviey	adam_g: Are you chairing ?	15:51
yolanda	zul, i have some tests to use as sample that use a "--help" to test the client, do you want to see them?	15:51
zul	TheLordOfTime: well which is more important voting or the ubuntu server meeting ;)	15:51
zul	yolanda: yes please	15:51
Daviey	zul: turn your pep8 upside down into a dep8.	15:51
zul	Daviey: that really messes with my dyslexia	15:52
Daviey	yolanda: ooo, something generic ? Can i see?	15:52
yolanda	Daviey, i just wrote some for tgtadmin: https://code.launchpad.net/~yolanda.robla/ubuntu/saucy/tgt/dep-8-tests	15:52
TheLordOfTime	zul: voting, my dad's in the election for judge :P	15:53
Daviey	yolanda: is the exit code not safe enough?	15:53
yolanda	Daviey, what do you mean? maybe i add an exit 0?	15:54
Daviey	yolanda: sorry, I mean.. something like, http://pb.daviey.com/Wwew/som	15:58
yolanda	Internal Server Error!	15:58
Daviey	erk	15:59
Daviey	yolanda: try again?	15:59
Daviey	oh	15:59
Daviey	bad paste	15:59
yolanda	i've tried lots of times	15:59
Daviey	http://pb.daviey.com/Wwew/	15:59
yolanda	:)	15:59
Daviey	Who needs 404, when 500 will do.	16:00
Nafallo	418	16:00
yolanda	this looks better than my solution :)	16:00
Daviey	yolanda: I don't know.. see what smoser thinks	16:03
Daviey	he'll probably want to use traps	16:03
Daviey	:)	16:03
smoser	i like traps	16:04
yolanda	Daviey, if the client fails for a failing depends for example,as we had with ceilometer and stevedore, your solution will work?	16:04
yolanda	(we can try it anyway)	16:04
Daviey	I'd have thought so..	16:05
Daviey	yolanda: not saying exit code necessarily is better.. but it certainly feels more generic and chance of false positive is lower.	16:05
yolanda	Daviey, yes, i agree with you	16:06
=== VD is now known as Guest94874
zul	jamespage/yolanda: https://code.launchpad.net/~zulcss/quantum/quantum-pbr/+merge/164941	16:17
yolanda	zul, what are these <<TREE and >>MERGE-SOURCE in changelog diff?	16:24
zul	yolanda: bad merges...quantum?	16:25
yolanda	zul, yes, in quantum merge :https://code.launchpad.net/~zulcss/quantum/quantum-pbr/+merge/164941	16:26
zul	yolanda: its targeted at the wrong branch sigh	16:27
zul	yolanda: https://code.launchpad.net/~zulcss/quantum/quantum-pbr/+merge/164942	16:27
yolanda	that one looks better :)	16:29
psivaa	hallyn: there is another VM in aldebaran that's hung on lxc test	16:56
hallyn	psivaa: pls mark the bug confirmed, and leave the vm up. i'll take a look thsi afternoon.	16:57
hallyn	psivaa: i suspect a kernelbug, but nto sure yet	16:57
psivaa	hallyn: ok, will do. thanks	16:58
TheLordOfTime	rbasak: as an FYI, on the nginx issue: http://people.canonical.com/~ubuntu-security/cve/pkg/nginx.html	17:11
TheLordOfTime	it's got a few CVEs that are eithier (a) being ignored upstream, or (b) have been idle upstream (debian upstream, or nginx upstream) for a while	17:11
TheLordOfTime	http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-4968.html <-- that one's probably being ignored	17:12
uvirtbot	TheLordOfTime: RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968)	17:12
TheLordOfTime	http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-2070.html was fixed in saucy, but i have yet to dig for a fix	17:12
uvirtbot	TheLordOfTime: RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070)	17:12
sarnold	TheLordOfTime: the patch for CVE-2013-2070 looks to be the 'patch.2013.proxy.txt' here: http://www.openwall.com/lists/oss-security/2013/05/13/3	17:17
uvirtbot	sarnold: RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2070)	17:17
sarnold	dear uvirtbot: please rate-limit your lookups. thanks.	17:17
TheLordOfTime	sarnold: forgive me if i go digging in upstream instead for the patch	17:17
TheLordOfTime	sarnold: i don't know if the patch you listed on that mailing list was an upstream patch or not	17:17
sarnold	TheLordOfTime: nginx.org isn't upstream enough? :)	17:17
* TheLordOfTime missed that		17:17
TheLordOfTime	sarnold: balancing thirty things at once	17:17
* sarnold throws in a few chainsaws for fun		17:17
sarnold	TheLordOfTime: I'll update our UCT, thanks :)	17:18
* TheLordOfTime shoots the chainsaws with phasers		17:18
TheLordOfTime	sarnold: remind me what UCT is again?	17:18
zul	yolanda/jamespage: https://code.launchpad.net/~zulcss/keystone/havana-refresh/+merge/164954	17:18
=== gary_poster is now known as gary_poster\|away
sarnold	TheLordOfTime: the database used to generate http://people.canonical.com/~ubuntu-security/cve/ -- and of course, mdeslaur beat me to it. hehe. :)	17:20
TheLordOfTime	sarnold: yeah i pinged -hardened about it already :p	17:21
TheLordOfTime	but that one "being ignored" bug I don't have upstream confirmation on an ignore	17:21
TheLordOfTime	so you can't mark it as "ignored"	17:21
sarnold	TheLordOfTime: 20 months without movement is close enough.. :)	17:21
TheLordOfTime	:P	17:22
sarnold	TheLordOfTime: we may wish to distro-patch that. have you tested that patch in your ppa?	17:22
sarnold	TheLordOfTime: .. or perhaps debian may wish to carry it..?	17:22
TheLordOfTime	sarnold: which patch for which?	17:22
sarnold	TheLordOfTime: to add ssl certificate validation on proxy	17:22
TheLordOfTime	sarnold: i'll check later, in the mean time i'm busy focusing on creating an LP bug for 2013-2070 so i can track fixing as I prep debdiffs for currently supported releases.	17:23
* TheLordOfTime doesn't like bzr for some reason		17:24
sarnold	TheLordOfTime: thanks	17:24
TheLordOfTime	sarnold: and the PPAs are based off of Debian, so unless Debian adopts it the fix is existent in the nginx ppas	17:24
TheLordOfTime	s/existent/not existent/	17:24
jcastro	ballock: heya, maybe you should start sitting in on our meetings?	17:30
jcastro	I was thinking we could start bringing your issues to light	17:30
rbasak	TheLordOfTime: thanks	17:31
=== gary_poster\|away is now known as gary_poster
schnitzel-	hi. i need a raid0 geek....	18:04
schnitzel-	its about software raids in general (yes i red the stuff in the internetz) and whether they are bootable. performance also interests me.	18:04
blkperl	schnitzel-: ask your question, and someone may know the answer	18:05
schnitzel-	i dont have a particular question...i mean....my problem is kinda weird. ;)	18:06
schnitzel-	i have some asus zenbook. ux51vz if you want to google.	18:06
blkperl	what are you tryin to accomplish?	18:07
schnitzel-	the raid controler is blocked by asus, you cant access it. but i am fucking sick of wondoze. want back to ubuntu.	18:07
schnitzel-	is it possible to make a software raid which can dualboot win8 and soem ubuntu	18:07
schnitzel-	what are the disadvanteages.	18:07
schnitzel-	does it make sense to break the raid0.	18:07
schnitzel-	etc..	18:07
schnitzel-	can i maybe even partition the raid0/format the drives without breaking it?	18:08
blkperl	so you have 2 disks in a raid0 via asus's hardware raid	18:10
schnitzel-	2 ssds	18:10
schnitzel-	yes	18:10
schnitzel-	raid0	18:10
blkperl	do you want ubuntu on one ssd and win8 on the other?	18:10
schnitzel-	2x128gb ssd asus hardware raid (raid controller some intel shit - intel mobile express chipset raid controller)	18:10
schnitzel-	no. that would be easy	18:10
schnitzel-	i want 1 big ssd - better performance as far as i red	18:11
schnitzel-	then split it into 3 drives. linux/win8/ntfs files....	18:11
schnitzel-	+swap ofc	18:11
blkperl	ok. well you can't software raid and expect win8 to be able to understand it	18:11
schnitzel-	thats what i thought. :(	18:11
schnitzel-	so a software raid is more a "fake" raid for linux only...	18:12
schnitzel-	what would you do....i mean...nobody need swrite speed of 2 raid0 ssds. so i am thinking of breaking the raid0. but i am not sure since i cant rebuild it. what is asus thinking by disabling access to the raid controller? stupid.	18:13
schnitzel-	and 128gb each os would be nice....but i am not fully convinced yet	18:13
zul	adam_g: https://code.launchpad.net/~zulcss/keystone/havana-refresh	18:14
sarnold	schnitzel-: it might be a rubbish controller..	18:14
schnitzel-	sarnold what do you want to say?! :p break the raid and use the two ssds as seperate drives?	18:15
blkperl	schnitzel-: I think I would do each OS on one disk, but that implies having access to make a raid0 of one disk (and it sounds like you don't have access to the hardware controller)	18:15
schnitzel-	blkperl why do i need a raid0 if i want to make 1 os each disk?	18:16
blkperl	because the hardware raid controller is presenting one "device" with two disks at the moment right?	18:16
sarnold	schnitzel-: you could do something a bit .. cumbersome: make three partitions on each drive. sda0 gets win8 boot, sdb0 gets linux boot. sda1 and sdb1 get raided together for windows data. sda2 and sdb2 get raided together for linux data.	18:17
schnitzel-	blkperl yes.	18:17
blkperl	schnitzel-: you may be able to dual boot that then, if linux plays nice with the hardware controller	18:18
schnitzel-	blkperl but i think i can kill it with gparted. i would just format every drive..	18:18
blkperl	you can't disable a hardware raid with software, you have to do it in the bios/raid controller	18:19
schnitzel-	sarnold this would be a waste of space :D i usually have my files on 1 ntfs drive. we are talking about some movies, few mp3s documnts...stuff like this. access from win and linux would be nice...you get the point. ;)	18:19
schnitzel-	blkperl now we are talking! :D thats good to know...i have red some forums. problem is that there are very few "geeks". some have managed to install 1 os on each drive. but same person says, that the acess to the raid controller is disabled.	18:20
schnitzel-	i wonder what he did.... :(	18:20
blkperl	you should backup all your data to an external device and try to install a dual boot configuration	18:21
schnitzel-	ahh. befor i forget i can acess in bios: disable the raid. make it ahci	18:22
schnitzel-	thats all i can do. i think this implies that i cant rebuild the raid0. at least everybody says that (who tried it...)	18:22
schnitzel-	blkperl yes...i am thinking about trying exactly this. but i wanted to discuss the option with the software raid. but as you told me...it wont work with win	18:23
schnitzel-	which is sad.	18:23
blkperl	well raid0 is no redundancy so it doesn't make sense to rebuild one	18:23
blkperl	if a disk dies in a raid0, all of your data is gone	18:23
schnitzel-	what you mean with that?	18:23
schnitzel-	well sure	18:23
blkperl	so there is no "rebuilding" process	18:23
schnitzel-	ofc. what i mean with "rebuild" is: make 1 big drive again. ;)	18:24
schnitzel-	if i dont like 128gb ssd each OS.	18:24
blkperl	you should be able to recreate the raid0 as long as you have access to the raid controller, it will destroy your data though	18:25
schnitzel-	i have never had a raid controller. what exactly does "access" mean. are the options in the bios. where to config it, etc..	18:26
schnitzel-	can yu give me an idea what i am looking for?	18:26
blkperl	there should be a key combination during the boot process, like press "crt-c" to access raid controller	18:27
sarnold	schnitzel-: often the raid controller will have its own bootsplash screen for a second after the main bios splash screen	18:27
schnitzel-	everything is locked down. i just have "asus" then soon the windows logo.	18:27
blkperl	can you access the bios?	18:28
sarnold	if you hit 'esc' wihle booting can you get psat the pretty graphics screen and return to good old fashioned bios boot screen? :)	18:28
schnitzel-	i can access the bios.	18:28
schnitzel-	Sargun no ;P	18:29
user01	hey. i am schnitzel. gonna restart the other machine.	18:30
schnitzel-	..	18:30
user01	well. i hit enter. and enter the setup.	18:30
user01	i access the tab "advanced"	18:31
user01	there i can see "sata configuration	18:31
user01	"sata mode selection" --> RAID. i can change that to AHCI and IDE	18:32
schnitzel-	back	18:34
user01	so any ideas what this means?	18:38
blkperl	nope	18:41
adam_g	roaksoax, https://blueprints.launchpad.net/ubuntu/+spec/servercloud-s-openstack-charms	18:42
user01	k. thanks anyways. ima try some more stuf :)	18:52
adam_g	roaksoax, all but nova-cloud-controller are pretty small charms and low hanging fruit.	18:52
resno	ok, im trying to setup a new server. i was given an ip. and i cant get it to respond.	18:52
resno	neither can i ping out	18:53
resno	i have edited the interfaces but i'm not sure what is wrong	18:53
adam_g	roaksoax, i'd prefer any new charm work that happens this cycle does so with a dependency on lp:charm-helpers, so we are pulling helper code from there instead of copying it around ourselves like we have been	18:54
roaksoax	adam_g: ok cool. I'l;l pick one and start working on it	18:54
Guest51469	Hey, I'm new to ubuntu and currently downloading the server (12.04.2 LTS) How can I also install the GUI? I want to learn Apache server, MySQL and MySQL workbench...	19:01
Shogoot	Any chmod chown guru taht can help me troubleshoot? I got this /var/html/www location for a simple website, but i cant get it to work proper. And my educated guess is that is a permission issue	19:08
Shogoot	Forbidden You don't have permission to access /smn.php on this server. Apache/2.2.22 (Ubuntu) Server at 192.168.1.166 Port 80	19:09
resno	yes, permission error	19:11
resno	do ls -ll in that folder	19:11
Shogoot	total 0	19:11
Shogoot	sorry	19:12
Shogoot	let me se	19:12
resno	ehm	19:12
resno	should see xrw--- etc	19:12
Shogoot	-rwxr-xr-x 1 smn smn 33 Apr 8 19:47 smn.php	19:12
resno	ah	19:12
resno	chown www-data:www-data or root	19:13
Shogoot	but i have to do taht for the whole www directory, dnt i?	19:14
Shogoot	I changed permision to -rwxr-xr-x 1 www-data www-data 33 Apr 8 19:47 smn.php	19:16
Shogoot	but i still get same error	19:16
sarnold	Shogoot: how about the directories that contain smn.php and the directories above it?	19:22
Daviey	rbasak: seen bug 1182613	19:24
uvirtbot	Launchpad bug 1182613 in puppet "puppet completely broken on saucy" [Undecided,New] https://launchpad.net/bugs/1182613	19:24
Shogoot	sarnold, the parent director looks lke this drwxr-xr-x 7 www-data www-data 4096 Apr 28 23:01 www	19:25
sarnold	Shogoot: aha. check /var/log/audit/audit.log or /var/log/syslog to see if you have AppArmor DENIED messages.	19:25
Shogoot	sarnold, http://paste.ubuntu.com/5688065/	19:29
Shogoot	.	19:37
RoyK	;	19:47
adam_g	Daviey, you still around? i've got some rebuilt proposed packages for UCA that need to go in, but there are also security updates that need to get out to -updates.	20:03
adam_g	jamespage, http://people.canonical.com/~agandelman/ca/folsom/2012.2.4_rebase/ + http://people.canonical.com/~agandelman/ca/grizzly/2013.1.1_rebase/ . these will UCA proposed's with ubuntu proposed	20:21
adam_g	zul, Daviey ^	20:22
zul	adam_g: need me to +1?	20:22
adam_g	zul, at some point but we actually need to push something thru the pockets before those can go in	20:22
zul	adam_g: sigh ok cool	20:23
Daviey	adam_g: ho	20:27
Daviey	adam_g: can you outline what needs doing, and i'll take a look in the morning.	20:28
Shogoot	sarnold, http://paste.ubuntu.com/5688065/	20:32
=== guntbert_ is now known as guntbert
sarnold	Shogoot: ah. that might need fixing, but will be unrelated to your apache problems. :)	20:51
Shogoot	sarnold, im kinda lost anyway	20:52
Shogoot	any clues ? :)*	20:53
sarnold	Shogoot: do you have any more-specific logs in /var/log/apache* that might indicate why permission was denied?	20:55
Shogoot	from apache2/error.log http://paste.ubuntu.com/5688342/	20:57
sarnold	Shogoot: nice, that's probably concrete enough to eventually fix it.	20:58
Shogoot	seems chineese	20:58
sarnold	Shogoot: look through your apache configuration, try to find what might block your hosts from accessing the directory or virtual host or whatever...	20:58
jcastro	roaksoax: yeah! I see celery is done?	21:01
roaksoax	jcastro: yeah so just wait 7 days for it to be accepted in -updates	21:01
jcastro	is the wait serial?	21:01
jcastro	so like 7 for celery, then another 7 for maas?	21:01
roaksoax	jcastro: nope	21:03
roaksoax	jcastro: once something is mark verification-done you just wait 7 days to get accepted into -updates, though that obviously depends on whomever processes the queue	21:04
jcastro	ack	21:04
Shogoot	sarnold, i dont see shit in there :)	21:08
sarnold	Shogoot: darn :/ the first thing that comes to mind would be something like allow, deny directives.	21:09
Shogoot	seems a perfectly fine apache2.conf	21:10
Shogoot	sarnold, what if www-data:www-data should be root instead, or www-data has not the correct permissions	21:15
Shogoot	?	21:15
sarnold	Shogoot: www-data ought to work. (I disklike it, but that's a rant for another day.)	21:15
sarnold	Shogoot: the webserver is probably running as www-data, right?	21:16
Shogoot	no idea	21:16
Shogoot	how to check?	21:16
sarnold	Shogoot: ps auxw \| grep -e http -e apache	21:16
Shogoot	sarnold, http://paste.ubuntu.com/5688391/	21:17
sarnold	Shogoot: first column, www-data	21:17
Shogoot	this does not say me anything	21:18
sarnold	Shogoot: the first oclumn in that output is the username of the process; all your apache workers are running as www-data	21:19
Shogoot	sarnold, what about this one then? root 1484 0.0 1.0 399304 22432 ? Ss 00:11 0:03 /usr/sbin/apache2 -k start	21:19
sarnold	Shogoot: that process starts and stops the workers as load goes up and down	21:20
Shogoot	and on line 10 theres anotehrone with root	21:20
Shogoot	ah ok	21:20
sarnold	iirc, line ten was your grep command	21:20
Shogoot	ah i se that now	21:21
Shogoot	i just want my little page to display :_/	21:21
qhartman	I am trying to get a Cisco ASA to do dynamic DNS updates to bind9 server running on Ubuntu 12.04. Everything seems to be working correctly on the DNS server, but the dynamic updates are failing.	21:22
qhartman	When I run named with -d 4 I get this output: https://gist.github.com/anonymous/5623356	21:22
Shogoot	sarnold, when i use http://www.cthulhuisevil.net/smn.php i get another error thoguh.. "Not Found The requested URL /smn.php was not found on this server."	21:22
qhartman	that's what I see when the ASA requests a DNS update. Any thoughts?	21:22
Shogoot	sarnold, never mind i forgot to omitt the "www."	21:23
qhartman	I've set this sort of thing up in the past using ISC DHCP and it's more or less "just worked". It's unclear to me if the problem is with the bind config, or the ASA config	21:33
Monotoko	can anyone here help with BIND? I've just got a new freelance job and it's confusing me to hell :(	21:40
qhartman	Monotoko, I can probably help with some of it, but I'm currently struggling with getting synamic updates to work myself	21:41
qhartman	s/synamic/dynamic/	21:42
qhartman	But I'll ask for a cut....	21:42
qhartman	:D	21:42
Monotoko	we have a script that's putting zone files in automatically: this one goes to the domain (but won't resolve via dig?) http://pastebin.com/wrJ89HDc	21:42
Monotoko	this one isn't doing anything even though it's the same, it's just failing instantly... http://pastebin.com/nAZqaUji	21:43
Monotoko	I don't understand what's happening... but I'm guessing they need rewriting	21:43
qhartman	I assume you're bouncing the bind process after placing those files?	21:44
Monotoko	yeah, it's been bounced and I've turned the server off and on again... :)	21:45
qhartman	heh	21:45
qhartman	what about the serial number, is that incrementing correctly?	21:45
sarnold	Monotoko: do you get any error messages in the logs?	21:45
Monotoko	sarnold, if I could find the log on this damn server I'd look... two secs	21:46
qhartman	you probably want to look in /var/log/syslog	21:47
qhartman	fwiw, I just tried to look up the used guitars one and it worked fine	21:48
qhartman	so did copydoodle	21:49
Monotoko	interesting...	21:49
Monotoko	May 21 21:47:54 ip-10-195-98-37 named[9331]: client 75.151.85.53#40660: query (cache) 'copydoodle.co.u/A/IN' denied	21:49
qhartman	yeah, that's me	21:50
qhartman	but I got a response	21:50
Monotoko	so why's the server saying you were denied? Something's not going right here...	21:50
Monotoko	sorry this wasn't part of the original job desc... my client just asked if I'd have a look because his previous programmers were his words I'm not allowed to say here	21:51
qhartman	http://forums.cpanel.net/f5/why-named-logging-query-cache-denied-var-log-messages-170302.html	21:52
qhartman	oh wait	21:52
qhartman	that denied was a typo on my part	21:52
qhartman	notice the ".co.u" , "not ".co.uk"	21:53
Monotoko	ahhh, so do you get a response through dig too?	21:53
sarnold	heh, I figured that was just limiting the length of logging..	21:53
qhartman	that's why you would be getting the denied message	21:53
qhartman	yeah	21:53
qhartman	onymous/5623581	21:54
qhartman	https://gist.github.com/anonymous/5623581	21:54
Monotoko	interesting, might just be the network I'm behind then... is there anything I can do to improve this setup, or should I just leave it as it is?	21:54
qhartman	it seems ok from here	21:54
Monotoko	brilliant, il report that back to the client - thanks :)	21:54
sarnold	0 msec? wow.	21:54
sarnold	oh, local cache?	21:54
qhartman	yes	21:55
qhartman	my first query took 2196 msec	21:55
sarnold	that's more like it :)	21:55
sarnold	well, slow, but still.	21:55
qhartman	now, since we've gotten the bind user's attention, anyone manage to get dynmaic DNS updating from a CISCO ASA to talk to bind?	21:56
sarnold	for a moment I wondered if you two happened to share a datacenter with bonkers internal networking :)	21:56
qhartman	heh	21:56
qhartman	I've gotten the devices to talk to each other, and queries of manual entries work fine, but the dynamic updates from the ASA fail, with no explanation I can find on either side	21:57
Monotoko	heh, this is on Amazon!	21:58
Monotoko	AWS - it should be good damnit -.-	21:58
qhartman	I'm on the verge of giving up on the ASA DHCP server and spinning up ISC on another box	21:59
* Monotoko bangs head against wall		22:01
Monotoko	"It's not just you! http://usedguitarreviews.com looks down from here."	22:01
qhartman	oh	22:01
qhartman	I bet it's not a DNS thing	22:01
qhartman	I bet it's vhost	22:01
qhartman	you are redirecting usedguitar... to www.usedguitar... and there's no DNS entry for www	22:02
qhartman	but you do have a wildcard in there, so it should catch it	22:02
qhartman	check your webserver, that's probably the probleem	22:03
Monotoko	hmmm	22:03
qhartman	yeah, the wildcard isn't catching the www	22:03
qhartman	I can get the apex, but not www	22:04
Monotoko	... why isn't the wildcard catching www? >.<	22:04
qhartman	It is catching it for copydoodle, which seems odd.	22:04
Monotoko	exactly... it's baffling me	22:05
qhartman	Is the wildcard a new entry for guitars?	22:05
qhartman	in the interim, I'd put in a www entry and see what happens	22:05
qhartman	and/or make the webserver answer on the apex rather than redirecting, if that's an option	22:06
qhartman	that way you can get the site up and fight with this at your leisure	22:06
qhartman	and remember to increment the serial, if you're not using a tool that does it automatically	22:06
Monotoko	hmmm alright, could it be propagation? I'm not sure when my bosses client actually moved this one	22:06
qhartman	possible, but if it's a new entry	22:07
qhartman	that shouldn't be an issue, it should be a cache miss, and queries should get directed to the authoritative server	22:07
qhartman	yeah, if I query your server directly, I get an answer for www	22:08
qhartman	but my usual server doesn't know who it is	22:08
Monotoko	ahh... so if I add "www IN A 174.129.247.93" to it, it should be fine?	22:09
qhartman	so it likely is a propagation issue	22:09
Monotoko	ahh brilliant	22:09
Monotoko	il check it tomorrow I guess	22:09
qhartman	alright, I'm AFK for a bit...	22:10
Monotoko	cheers pal	22:10
sarnold	good luck qhartman :)	22:11
adam_g	roaksoax, where in maas can i configure the apt server to use, or disable ?	22:26
roaksoax	adam_g: if you are using raring on the webui under settings	22:27
adam_g	roaksoax, quantal	22:27
roaksoax	adam_g: in one of the preseeds: /usr/share/maas/preseeds/generic	22:27
adam_g	roaksoax, thanks	22:28
Daviey	adam_g: if you find yourself bored.. fancy adding href's to the c-a versions report, under ubuntu column?	22:34
Daviey	adam_g: https://launchpad.net/ubuntu/+source/${package}/${version}	22:34
adam_g	Daviey, at some point soon yea. where is this security-proposed pocket you were talking about?	22:34
adam_g	Daviey, im trying to think of a good way to visualize scenario where: -proposed is > ubuntu but ubuntu's security update really makes it > -proposed	22:36
Daviey	adam_g: Ah, doesn't look like it's quite ready	22:36
adam_g	maybe just split the 'ubuntu' cells into $ubuntu-updates and $ubuntu-security	22:37
Daviey	adam_g: We can make the staging PPA always empty, so if ${pacage} is in staging it's always higher, irrelevant of version number?	22:37
Daviey	Hmm	22:37
Daviey	that is a good idea.. you can verify if secuirty.ubuntu.com >= archive.ubuntu.com (-updates), then we need to care.	22:38
Daviey	adam_g: Separately, we need a Havana report soon.	22:39
adam_g	Daviey, well currently we use the staging PPA as the definitive list of what is in the rest of the pockets. are you saying flushing packegs from that PPA or just not including them in report?	22:40
Daviey	adam_g: if there is a security-staging PPA, that can be flushed to only keep inflight packages	22:41
Daviey	Not saying that is the best way.. just a suggestion	22:41
=== wedgwood is now known as wedgwood_away
adam_g	Daviey, as soon as https://launchpad.net/~ubuntu-cloud-archive/+archive/havana-staging gets populated we can start reporting	22:42
=== wedgwood_away is now known as wedgwood
sarnold	Daviey: https://launchpad.net/~ubuntu-security/+archive/ubuntu-security-staging	22:42
Daviey	adam_g: We probably need to seed that with the contents of grizzly?	22:42
Daviey	sarnold: This is the cloud archive, ubuntu-cloud.archive.canonical.com .. not primary archives	22:43
sarnold	Daviey: ah :)	22:43
Daviey	sarnold: At the moment, we are trying to see how we can make our reports easier to track	22:44
adam_g	Daviey, thats how i think we did it last time. synced essex staging -> folsom staging, tracked against quantal and relevant bits of the report go red. then update accordingly	22:44
Daviey	adam_g: done	22:47
adam_g	Daviey, thanks	22:50
Daviey	adam_g: I'll sync this up to -proposed and -updates aswell?	22:57
adam_g	Daviey, yeah.. waiting for the PPA to publish those	22:57
=== wedgwood is now known as wedgwood_away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!