/srv/irclogs.ubuntu.com/2013/07/02/#ubuntu-server.txt

=== Aww is now known as NotAww
adam_groaksoax, just pushed a first pass the template-driven https reconfig to lp:~gandelman-a/charms/precise/cinder/pyrewrite00:58
adam_groaksoax, one gotcha i ran into is that we need to a2ensite new apache configs after tempaltes have been rendered, but before the restart_on_change wrapper restarts things.00:59
adam_gzul, any word on kombu?  requirements.txt got updaed across all projects (i think) and it broke us good02:01
=== pgraner-afk is now known as pgraner
STurtleCan anyone advise me on which version of server has apache 2.4 support02:14
GH0None of them02:19
GH0It isn't in debian, you can build it yourself from source. I asked this same question a while back, and this was the answer I got.02:19
GH0STurtle, ^02:20
TimRcan anybody tell me why port 21 is not listening on my 12.04.2 lts server when I got vsftpd installed03:01
centaur5I want to setup my 1st HA cluster. Anybody have an opinion on best storage options and why? GlusterFS, corosync, or pacemaker?04:55
jamespagezul, adam_g: hows havana looking in staging? I'd quite like to get something out to updates this week if possible08:01
mndohi, i am trying to adding access to a host  folder on an guest I am getting this error when trying to start the guest: Virtio-9p Failed to initialize fs-driver with id:fsdev-fs0 and export path: <my host folder>09:18
sebrockI have a general question in how to setup my server. I got one physical ethernet connection on the server. I would like to use this connection both in plain and have it connect to a VPN service. Next I would like my webservices to traffic the plain connection while other services use the VPN connection. How is this managed?09:24
ikoniasebrock: you'll need to setup routing for that09:36
sebrockYes I noticed, on my way :)09:36
SenorIs there tcp server network stress test tools ?10:02
jamespageSenor, iperf is useful for benchmarking but not really for stress testing10:34
=== _thumper_ is now known as thumper
Senorjamespage:so how do I do stress test for my tcp server ? simulate?10:51
jamespageSenor, with iperf you run iperf -s on one host and then iperf -c <IP of first host> on another10:52
jamespageit transfers data between the hosts and measures the network performnce10:52
SenorDoes this reflect  the  stress holding capability?10:55
jamespageSenor, no - its just a benchmark11:16
SenorCan you give a definition for stress holding ability ?11:49
zuljamespage:  im ready needs some testing11:56
=== eagles0513875_ is now known as eagles0513875
maruqHi guys12:37
maruqI've been handed an ec2 server running 8.04 LTS, which is obviously EOL now12:38
maruqI'm looking to upgrade via `sudo do-release-upgrade`, but keep hitting problems12:38
maruqit's failing to fetch the lucid listings12:39
maruqhttps://gist.github.com/markbate/caa93cd62521e1146d3a12:40
maruqany ideas?12:40
RobCWDudleymaruq: IIRC there are legacy apt repos that you can use to "step" up through the versions till you hit support12:43
RobCWDudleymaruq: but may be quicker just to rebuild12:44
maruqRobCWDudley: I think it was actually the apt sources. they were set as us.ec2.archive.ubuntu.com, I changed to archive.ubuntu.com & can update apt12:45
maruqRobCWDudley: yeah, if I could, I'd just deploy a 12.04 server, but need to keep this one going :(12:46
RobCWDudleymaruq: ah ok guess the amazon mirrors are kept pretty well pruned back then.12:46
maruqRobCWDudley: I think also there might be separate us-east & us-west ones now, but not sure12:47
maruqRobCWDudley: I updated apt & installed apparmor, things seem to be upgrading now12:48
RobCWDudleymaruq: cool - good luck getting it up to 12.04 :)12:50
maruqRobCWDudley: haha, thanks.12:50
=== wedgwood_away is now known as wedgwood
g0tchahey guys, i have a quick question, how can i add access to a certain directory to a specific user?14:08
RobCWDudleyg0tcha: chown14:24
rbasaksmoser: around? I have a cloud-init hostname setting question. "getent hosts `facter fqdn`" seems to fail by default with cloud-init and Openstack.14:27
g0tchaRobCWDudley, can you be more specific please? im not that savvy with that14:28
RobCWDudleyg0tcha: not without more info. Which directory, which user and what kind of restirciton14:29
g0tchaRobCWDudley, the directory is called /data/ , its in /var/www/owncloud/data/ .. its owned by www-data www-data with  drwxr-xr-x14:30
g0tchai want to keep the same permission but add access to user 'gotcha'14:30
RobCWDudleyok does www-data need write perms?14:31
=== aaa is now known as koolhead11
g0tchaRobCWDudley, owncloud says the ownership of the folder should have full access to run php as owner so it sets the apache user for it14:34
RobCWDudleyg0tcha: ok well a folder can only have one owner so you can't keep those perms and add access to another14:35
RobCWDudleyg0tcha: you need to add write perms to the group and add your new user to that group14:35
RobCWDudleyeg chmod 775 /var/www/owncloud/data14:36
RobCWDudleyg0tcha: and adduser gotcha www-data14:36
g0tchachmod 775 doesnt make it less secure by any chance?14:36
RobCWDudleyg0tcha: only to the group level. Gives Owner and Group RWX perms. World still has RX14:37
mardraumit's already able to be written by the main attack vector, your web server :P14:37
RobCWDudley^14:37
g0tchaso what youre saying is giving ownership to the apache user is vulnerable?14:39
mardraumof course14:39
g0tchai thought its the best way of doing it :p14:39
mardraumbest of a bad lot?14:39
RobCWDudleyonly if you a) don't have updated apache or b) have vulnerable scripts accesible from the web14:39
RobCWDudleyb) is much more likely tbh14:40
mardraumyeah b) is 99% of it14:40
RobCWDudleyand if you're worried then that's why things like Chroot exist14:40
RobCWDudleybut still not 100% secure14:40
g0tchai believe nothing is 100% secure, but i also believe that someone should do their best to make it atleast 99% secure14:41
g0tchaand those scripts youre talking about could be some WordPress plugin or anything like that, am i right?14:41
RobCWDudleyg0tcha: absolutely14:41
g0tchaouch14:41
RobCWDudleyof courze wordpress will work fine with no write to the web directory14:42
g0tchayeah ofcourse.. just an example14:42
RobCWDudleybut you lose a lot of handy stuff - auto update, plugin & theme install and caching get's trcky14:42
zuljdstrand:  ping ufw question for you15:04
jdstrandzul: fire away15:05
zuljdstrand:  so apache-2.2-common has gone away in saucy mind if i stick things in /etc/ufw/applications.d/apache2/15:06
jdstrand/etc/ufw/applications.d/apache2/? you mean /etc/ufw/applications.d/apache2?15:07
zulyes15:07
jdstrandzul: sure, that's fine15:07
zuljdstrand: cool just checking15:08
jdstrandzul: thanks15:08
zuljamespage/roaksoax: https://code.launchpad.net/~zulcss/swift/swift-1.9.0/+merge/17259715:29
jamespagezul, +115:48
zuljamespage:  thanks15:52
jamespagezul, np - lets get that uploaded to havana staging ASAP as well.15:52
zuljamespage:  ack15:53
FuzzyThorHello, I'm trying to setup auto screen with ssh login for my ubuntu server using http://taint.org/wk/RemoteLoginAutoScreen an when ever i input the code at the end of the bash file i always get a syntax error15:56
FuzzyThorI dont know what im doing wrong15:57
FuzzyThorCan someone shed some light on this?15:57
zuljamespage:  http://people.canonical.com/~chucks/ca/15:58
jamespagezul, just spotted "Nump" but that was an earlier change16:00
zuljamespage:  heh16:00
adam_gjamespage, havana is in a tough spot atm since a bump to kombu > 2.4.7 last week16:02
jamespageadam_g, upstream bump right?16:02
adam_gjamespage, yea16:02
jamespageadam_g, was that post h1?16:02
jamespagei.e. is what's in staging OK whilst we fix that up16:03
adam_gjamespage, ya. wasn't sure if you meant you wanted to get h1 out to updates or to resync staging with more recent first16:03
jamespageadam_g, first option (h1->updates)16:03
stevePage12912:04:13 PM - stevePage129: need help with setting up a cluster server / high availability / NFS / etc, post is on askubuntu, and would appreciate help. thanks guys!16:04
stevePage12912:04:15 PM - stevePage129: http://askubuntu.com/questions/315491/setting-up-cluster-configuration-using-an-existing-web-server-as-a-primary-node16:04
adam_gjamespage, ah, ok. running a smoke from -staging now to see whats what.16:05
jamespageadam_g, thanks v much16:05
centaur5I want to setup my 1st HA cluster. Anybody have an opinion on best storage options and why? GlusterFS, corosync, or pacemaker?16:08
adam_gzul, jamespage https://code.launchpad.net/~gandelman-a/ubuntu/saucy/cinder/anyjson_min/+merge/172455 + http://people.canonical.com/~agandelman/ca/havana/python-anyjson_0.3.3-1~cloud0/ if you get a sec16:09
zuladam_:  +1/+116:10
jamespageadam_g, just as an aside - you don't need to bump the package version number if the branch is still marked as UNRELEASED16:12
adam_gjamespage, ah, ya. 'dch -i'16:14
jamespageadam_g, dch -t is the trick16:14
adam_gty16:14
jamespagefor team stuff16:15
jamespageyolanda, ipxe fix uploaded - thanks!16:15
yolandagreat!16:16
roastedhello friends16:30
roastedI have an SSD that is throwing tons of I/O errors. I'm pulling an image from it now to put on another SSD, but the disks utility is showing me that, so far, 45 MB of data is unreadable and replaced by zeros. Is there any way to match up what areas are unreadable and what data resides there? I'm betting no, but, figured I'd ask in case anybody has any tricks.16:31
ogra_hallyn, poke16:43
ogra_Setting up lxc (0.9.0-0ubuntu16) ...16:43
ogra_chfn: PAM: System error16:43
ogra_adduser: `/usr/bin/chfn -f LXC dnsmasq lxc-dnsmasq' returned error code 1. Exiting.16:43
ogra_dpkg: error processing lxc (--configure):16:43
ogra_hallyn, did you ever encounter something like the above ? (thats inside a chroot)16:44
hallynogra_: jikes.  no.16:47
hallynogra_: what does /var/log/dpkg.term.log or wahtever show?  any actual error from the chfn ?16:47
ogra_hallyn, well, hard to tell, thats during a package build16:48
hallynwhat the...  why is package build doing that?16:48
ogra_it is a kind of weird setup ... it is a scritp inside a source package that debootstraps  a fakechroot, installs a few packages and then runs update-initramfs16:49
ogra_ubuntu-touch-generic-initrd16:49
roastedany opinion of using swap on an SSD for a server?16:49
ogra_my last change added a package to the packages installed inside the chroot that depends on lxc16:49
stevePage129cluster/NFS/HA question (any help would be greatly appreciated....): http://askubuntu.com/questions/315491/setting-up-cluster-configuration-using-an-existing-web-server-as-a-primary-node16:49
hallynogra_: it looks like it's missing some quotes around "LXC dnsmasq"16:50
hallynlemem check the saucy source16:50
hallynogra_: so that's coming out of lxc.postinst.  package build should nto be doing that16:50
ogra_hallyn, i wonder if the lxc.postinst probably just needs single quotes16:50
ogra_on the other hand there is a "PAM: System error" above16:52
hallynogra_: but why is postinst being executed during package build?16:52
hallynyeah16:52
hallynsomething's messed up16:52
ogra_it is executed inside the fakechroot i use for building16:53
ogra_not during package build16:53
hallynoh, well the PAM error may just be from a hook at chfn16:53
ogra_lxc is simply installed as a dep16:53
hallyn16:48 < ogra_> hallyn, well, hard to tell, thats during a package build16:53
hallynoh i see16:53
ogra_right16:53
hallyngotcha16:53
hallynok lemme try building and see what i get <shrug>16:53
hallynoh, do you have a custom pam stack?16:53
ogra_note that this is armhf only16:53
ogra_nope16:54
ogra_all i do is: debootstrap under fakechroot ... then chroot into that and apt-get install three packages16:54
ogra_run update-initramfs and then dpkg collects the resulting initrd from inside of the chroot16:55
hallynok, i'll try building on arm too (but amd64 first - who nows i may have effed it up)16:55
ogra_lxc is simply pulled in as dep of one of the three16:55
hallynnote the same should be true of libvirt which does the exact same thing16:56
ogra_well, the only thing that comes to mind is the space in the gecos data ... the error doesnt really look like the quotes are respected at all16:57
hallynagreed16:57
hallynbut i don't see why ' would be respected if " was not16:57
hallynit soudns to me like some script is doing the wrong thing16:57
ogra_' are always higher level than "16:57
hallynthey prevent expansion of variables inside them, but we're talking about something else not respecting them...16:58
ogra_yeah16:58
ogra_          my($gecos_name,$gecos_room,$gecos_work,$gecos_home,$gecos_other)17:03
ogra_            = split(/,/,$gecos);17:03
ogra_thats what adduser uses internally t call chfn17:03
ogra_*to17:03
cyberjoseHi to all17:13
cyberjosei have a question ...17:14
cyberjoseAnyone know how to put confirmation when replacing files in ubuntu server?17:14
Picicyberjose: During what sort of operation?17:16
cyberjoseHi Pici, yes, for example when i replace a file "cp file1 file2" .. cp: overwrite `file2'?17:19
cyberjosein ubuntu server only be replaced without any confirmation17:19
cyberjosein ubuntu server I do not see "cp: overwrite 'file' ?"17:20
cyberjoseand in red hat is usuary see that confirmation17:21
sarnoldcyberjose: use cp -i instead17:22
cyberjoseohh... i want to test17:22
sarnoldcyberjose: cp -i /etc/passwd /tmp  ; cp -i /etc/passwd /tmp17:23
cyberjoseTHANK YOUUUUUUUUUUUUUU17:24
cyberjose:-)17:24
sarnold:)17:25
hallynogra_: I can't reproduce it on amd64 at least.  does stgraber have the same setup you do so he can try?17:25
* hallyn goes to find his arm laptop17:25
ogra_hallyn, i cant reproduce it in a local build either17:26
ogra_(on arm)17:26
ogra_i just gave back the package ... https://launchpad.net/ubuntu/+source/ubuntu-touch-generic-initrd/0.7/+build/4764556 ...17:26
ogra_probably it is a byuildd hiccup17:27
ogra_*buildd17:27
hallynok17:27
ogra_bah17:30
ogra_same error17:30
stgraberogra_: looks like all the chfn calls fail but it's only fatal for lxc17:32
ogra_hmm17:32
stgraberogra_: dnsmasq-base's adduser call fails too (a few lines before lxc's)17:32
ogra_hmm17:33
ogra_auth            sufficient      pam_rootok.so17:33
ogra_might be that17:34
ogra_(from /etc/pam.d/chfn)17:34
ogra_i'm running under fakechroot inside a builder chroot17:34
ogra_i dont really get why i cant reproduce it alt all17:37
roastedHello friends. Problem with Ubuntu Server 12.04.2. When I log into it via CLI @ main screen, it just loops back to login. Is this a home dir issue?17:46
sarnoldroasted: probably a lot of things can lead to this. can you log in via ssh and look through logs?17:47
roastedsarnold: I can't SSH at the moment to it. I p ulled the SSD out of it to take with me and run a full scan on my laptop as I'm on the go today. The scan failed so I did an image backup and deployed it to an identical unused SSD I had available.17:48
roastedsarnold: then I found a spare desktop, put it in, fired it up, and here we are.17:48
sarnoldroasted: ah, so you could mount the thing from another machine and check logs that way?17:48
roastedsarnold: good call. Let me try that17:49
roasted sarnold there's nothing in the syslog beyond 4 hours ago.17:50
roastedearlier than 4 hours ago, I should say17:50
sarnoldroasted: -nothing-? o_O17:52
roastednot in /var/log/syslog17:52
roastedmy SSD was dying, mind you17:52
roastedthe image pull left out 108 MB of unreadable data and replaced it with 0's17:52
sarnold/var/log/auth.log ?17:52
sarnoldroasted: ouww :(17:52
roastedbut I deployed it anyway on the off-chance that maybe it would work17:52
roastedit was one of those 'why not' things17:52
sarnoldhehe17:52
roastedauthlog stops around the same time syslog did17:53
roastedme thinks I might be burned to do a fresh install :(17:53
roastedI cannot put into words how little interest I have in doing that.17:53
roastedI thought maybe my home dir got messed up17:54
roastedand I'd have to recopy skel or something17:54
roastedbut maybe that's just on the regular GUI variants of distros17:54
rbasakhallyn: is there an easy way I can, from the host, run a command in an already-running system lxc container? Or do I have to go the route of arranging something over ssh or similar?17:58
rbasakhallyn: nm. I found lxc-attach.17:59
roastedsarnold: can you think of any reason as to why the login would fail? I'm at a loss.18:01
sarnoldroasted: locked account in /etc/shadow, missing account in /etc/shadow or /etc/passwd, non-executable shell in /etc/passwd, one of the shell's dynamic libraries fails to load at link time, shell .rc files exit rather than continuing on, apparmor MAC rules may be confining shell or getty or pam_apparmor could be invoked in the PAM stack...18:02
sarnoldroasted: perhaps home directory missing or incorrect permissions, but that seems less likely18:03
roastedhome dir is intact, but I cannot tell permissions from my laptop18:04
sarnoldoh, if the filesystem is busted, a process trying to traverse directories and open files might cause the kernel to kill the process in the event of kernel crash..18:05
roastedI'm in root recovery. Things look good on the home dir front.18:06
tdnI need help debugging NFSv4. I have created some exports on the server. I can see the mounts on the client using showmount -e. When I try to mount shares, however, it just hangs on the client. I mount with: mount.nfs4 corvina:/exports/video /net/video    I have disabled firewall. I do not see anything in the logs. What to do next?18:07
adam_gjamespage, b1 in havana-staging is a bit roughg18:08
adam_g*rough18:08
roastedsarnold: I see at 9:48 AM this morning an entry says Kernel logging (proc) stopped.18:09
sarnoldroasted: machine shutdown? or .. otherwise?18:11
hallynrbasak: ack18:13
roastedsarnold: at 9:48 AM this morning the system was running. That could be when the SSD began crapping out again.18:13
roastedsarnold: I didn't pull the drive until about 11 AM18:13
adam_gjamespage, deployment fails on install-errors on keystone and nova. keystone packaging issue addressed since b1, this addresses the nova: https://code.launchpad.net/~gandelman-a/ubuntu/saucy/nova/pyparsing_min/+merge/17263918:20
adam_gzul, ^18:20
adam_gnot sure if it makes sense to retroactively fix whats in -staging now, or press on trying to get -staging updated with something more recent18:21
zuladam_: i think it makes more sense getting ready for havana2 rather than havana118:22
adam_gzul, ya. so whats the plan with kombu18:24
zuladam_:  well i uploade da new py-amqp this morning, get that reviewed by an archive admin, then get the MIR, promote it, and upload a new kombu18:25
zuladam_:  sound good?18:27
adam_gzul, ah, cool18:27
adam_gzul, when does h2 come?18:27
zuladam_:  next week i think18:27
adam_gzul, is that enough time?18:28
zuladam_:  yeah18:28
adam_gor do we patch requirements.txt?18:28
zuladam_:  it will be enough ill make sure of it18:28
zulactually havana2 is on the 18th18:28
adam_gzul, im going to propose a patch to requirements.txt so we can continue testing havana. its totally busted without, until kombu is updated18:33
zuladam_:  ack sounds good18:33
=== _ffio_ is now known as ffio
adam_gjamespage, thoughts on setting up tarmac to land approved changes to packaging branches? we'd need to get the bot commit access to the lp:~ubuntu-server-dev branches19:49
zulbbl19:51
zuladam_:  do it19:51
Chocobowould anyone mind taking a look at my bootchart?  It seems like each node in my cluster takes forever to boot but I am having a hard time nailing down the service that is slowing it down:  http://i.imgur.com/fi9Pd4r.png  (warning, large image!)20:00
G55321hello guys, anyone familiar with NewRelic monitoring? I am trying to monitor a tomcat application but I have no idea where to put the files21:37
adam_gjdstrand, heya, around?21:37
jdstrandadam_g: hey, for a few minutes. what's up?22:14
adam_gjdstrand, nothin urgent just wondering if there was anything that needed to be done to progress https://bugs.launchpad.net/ubuntu/+source/python-markdown/+bug/118719122:16
jdstrandpinging me wsa good. I'll get someone (me or someone else) on it22:17
adam_gjdstrand, oh, cool. :)22:18
wxlquick question. does the installer install the basic ubuntu server task and then run tasksel for additional packages or will installation necessarily result in having lamp?22:58
sarnoldwxl: installation gets you very little by default; you can install what you need with apt-get install or tasksel as you wish22:59
sarnoldwxl: if you're automating many installs, preseed files let you specify additional packages to include22:59
wxldanke sarnold23:00
wxli don't want much to begin with :)23:00
sarnold:)23:00
wxlis networking handled automatically or will i need to set it up?23:01
sarnoldwxl: iirc, you get asked for dhcp vs manual configuration, and it's left at that.23:01
=== koolhead17 is now known as koolhead17|zzZZ
wxlsarnold: great, thanks a ton!23:02
sarnoldwxl: have fun :)23:07
=== wedgwood is now known as wedgwood_away
r0thathis could do more harm than good but I'm trying to figure out what happened.  1) installed xen 2) didn't really utilize it 3) added static IP entry in /etc/network/interfaces23:37
r0tha4) restarted networking 5) nothing changed (assume arp was kept around) 6) rebooted box got static IP23:37
r0thathe strange part was that when I tried to use domain names rather than IP addresses I got hanging i.e ping google.com had no response but ping 8.8.8.8 worked as expected....anyone seen this before?23:38
sarnoldr0tha: check the resolvers in /etc/resolv.conf and make sure you can reach them -- perhaps your gateway, netmask, or default route is misconfigured23:39
r0tha*after removing the virtual bridge / xen-tools everything "magically started working"23:39
r0thasarnold: before I restarted this had 8.8.8.823:40
r0thai might have to just charge this to the game and read more docs meh23:40
sarnoldcan't go wrong with reading more docs, hehe :)23:41
sarnoldbut it would seem funny to me if you could ping your resolver but not actually resolve hosts with the resolver..23:41
r0thaaha, dns-nameservers would be hella important for eth023:43
r0thaha, that's totally it if i remove it and restart networking i see similar behavior23:45
r0thaalthough this time ping says "unknown host"  instead of just hanging23:46

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!