/srv/irclogs.ubuntu.com/2013/07/03/#ubuntu-server.txt

=== stoner is now known as Guest30554
=== three18t- is now known as three18ti
=== LordOfTime is now known as LordOfTime\|EC2
=== daker_ is now known as daker
roasted	hello friends	01:46
roasted	Question - using mysql as an example, when I install it, I get a password prompt. If I uninstall and reinstall, I get nothing. How do I 100% reinstall the package so I get a password prompt like the initial install?	01:46
sarnold	roasted: try apt-get purge mysql-whatever before installing it	01:46
sarnold	roasted: dpkg --remove removes most of the files, but leaves configuration files around. dpkg --purge removes the configuration files, too. apt-get purge uses the more forceful of the two methods..	01:47
stevePage129	for some reason my brand new VPS in which i havent installed or setup anything hands everytime apt-get install anything on UNPACKING. disk IO write times included in post (but they seem like they check out...) http://askubuntu.com/questions/315672/ubuntu-vps-hangs-constantly-when-unpacking-anything-apt-get-or-dpkg-hangs	01:55
stevePage129	any help would be greatly apprecaited	01:55
stevePage129	hangs*	01:56
roasted	sarnold: I did do a purge... but reinstalling and dpkg-reconfigure does nothing :/	02:01
sarnold	stevePage129: your diskspeed test file is way too small, it might not have even hit disk yet...	02:02
sarnold	stevePage129: also, the upacking and man-db operations work on thousands of small files, not one huge file -- perhaps the filesystem is mounted strictatime, and every little access dirties inodes...	02:03
sarnold	roasted: oh. Maybe I mis-understood which password prompt. I assumed it was something specific to mysql's configuration .. is it the sudo password prompt?	02:04
roasted	sarnold: it's where it asks for the root mysql password 2x.	02:04
sarnold	roasted: aw nuts, then I did understand :) but now I don't know.	02:04
roasted	sarnold: I nuked mysql thinking I'd want to use sqlite for owncloud, but then I found my mysql config I used before, so... I wanted to use that instead.	02:05
sarnold	hehe	02:05
roasted	but now when I try to fire up mysql-server it doesn't ask me for a password	02:05
roasted	tried apt-get remove, apt-get purge, apt-get autoremove, then reinstalled	02:12
roasted	no dice	02:12
stevePage129	sarnold: any suggestion as to a command, or a method of which i could use to, say, test the NFS which my VPS host is using, in order to test for issues and or bottle necks? im seriously having issues just getting the initial software (lamp, webmin, etc) setup for using my new VPS. the idea was to move from shared hosting to VPS to get better performance, not worse. this isnt normal for VPSs is it?	02:13
sarnold	roasted: does /etc/mysql/my.cnf survive the apt-get purge mysql-whatever ?	02:13
sarnold	roasted: note that /etc/mysql/my.cnf is owned by mysql-common, are you purging that package, too?	02:13
sarnold	stevePage129: it depends heavily upon a -lot- of factors. amazon's micro tier has severely penalized IO; bursts go quickly, but sustained IO is heavily penalized. installing an OS on a micro instance can take forever.	02:14
roasted	sarnold: trying that now	02:16
roasted	sarnold: my.cnf isn't around after the purge	02:17
roasted	I assume at this point I should expect an install to work?	02:17
sarnold	roasted: I'd hope so :)	02:17
roasted	ah bingo!	02:17
roasted	you rock	02:17
sarnold	sorry it took me ages to notice the -common package.	02:18
roasted	ha, all good	02:18
roasted	it's done :P	02:18
sarnold	:D	02:18
sarnold	stevePage129: maybe soe cheap tests like timing: for i in `seq -w 1 10000` ; do echo $i > foo_${i} ; done ... that'll generate a huge pile of tiny files...	02:19
roasted	sarnold: out of curiosity, how did you catch that -common was relevant?	02:20
stevePage129	sarnold: i suppose this is a little specific.. but have you ever heard of cinfu.com? i originally moved from GoDaddy's shared hosting becaused they were dropping my connections all the time when transferring files over 25 mb. now i have purchased a VPS, i am having trouble simply setting up the host operating systems software (IO issues?). i really dont have to get a dedicated server just to get something that responds grac	02:20
stevePage129	sarnold: trying that now	02:20
stevePage129	well, will look into those commands some	02:20
sarnold	roasted: I ran 'apt-file search my.cnf" to find the full path to the file, and noticed then that the mysql-common package owned it	02:21
roasted	sarnold: next question would be how you knew my.cnf was relevant?	02:21
sarnold	roasted: I figured that mysql probably stored the root password there..	02:21
sarnold	stevePage129: irc has line length limits; you were cut off at "responds grac"	02:21
sarnold	.. which isn't a very graceful way for irc to respond. hehe. :)	02:22
stevePage129	sarnold: sorry about that, using some cheapskate client	02:22
sarnold	stevePage129: hehehe	02:22
stevePage129	sarnold: really dont have to get a dedicated server just to get something that responds gracefully do i? (you dont have to answer that ^.^)	02:22
sarnold	stevePage129: I'd really hope vps is sufficient, it is the direction industry is headed..	02:24
stevePage129	sarnold: indeed. like for example, i ran sudo apt-get update/upgrade to satisfy several updates which SSH and ubuntu were complaining about. this took almost 2 hours, and i still do not know if it ever finished (machine went to sleep while i was napping connection was lost...)	02:26
sarnold	stevePage129: oh jeeeeeeze	02:26
sarnold	stevePage129: I'd say to install screen or tmux, but I'm afraid how long that would take	02:26
stevePage129	sarnold: will read more up on those now	02:27
stevePage129	host wanted to try moving me to another node, but i wanted to make sure there was nothing i could do first	02:27
stevePage129	if i cant get this working, im going to have to go crawling back to godaddy... lol	02:28
sarnold	stevePage129: take them up on that offer. it ought to be quick..	02:28
sarnold	stevePage129: okay, I signed back into my amazon control panel, created a new micro instance, installed 12.04.2 LTS onto it, and I'm timing an upgrade now...	02:38
sarnold	stevePage129: real1m49.057s	02:39
stevePage129	sarnold: thank you, thank you	02:39
stevePage129	sarnold: ...	02:39
sarnold	stevePage129: that was for 71 megabytes of downloads, 48 upgraded, 3 newly installed	02:40
stevePage129	yeah, something isnt right	02:40
sarnold	stevePage129: that's an amazon US micro instance. (it went faster than I expected)	02:40
sarnold	stevePage129: so make sure what you're paying for can come close.	02:40
sarnold	time for dinner :)	02:40
stevePage129	sarnold: paying for a VPS with dual core 2ghz, 1 gb ram	02:40
stevePage129	100 mbit connection	02:41
stevePage129	and no bandiwtdh monitoring :@	02:41
stevePage129	ty very much tho	02:41
=== NotAww is now known as Aww
centaur5	I want to setup my 1st HA cluster. Anybody have an opinion on best storage options? GlusterFS, corosync, or pacemaker?	03:10
roasted	hi	03:32
sarnold	ay	04:05
roasted	hi	04:27
roasted	I have a really, raelly dumb question	04:27
roasted	www-data is the "webserver user" of apache, no?	04:27
roasted	I'm getting an error from owncloud saying the webserver user needs write access to the apps dir within owncloud, and www-data has rwx perms but I still get the error.	04:27
roasted	failing to see what it's crapping itself over.	04:27
sarnold	roasted: how about the containing directories?	04:29
roasted	the dir above apps?	04:29
sarnold	yeah	04:29
roasted	rwx	04:29
roasted	ah wait	04:30
roasted	I just spotted something in their config that's still pointing to /var/www	04:30
roasted	I changed that	04:30
sarnold	aha :)	04:30
roasted	nice, now I have a blank white screen	04:31
roasted	quick, stab me	04:31
shauno	dr. plum, in the dining room, with the error.log	04:31
roasted	NO WORRIES. WE GOT THIS.	04:33
roasted	I guess I shouldn't have jumped the gun and also changed the sqlite3 entry to mysql	04:33
roasted	I'm using mysql, so, no idea why that is	04:33
roasted	but changing back to sqlite3 worked	04:33
roasted	ty shauno. picked that up in the error.log	04:34
roasted	I really need to not do this crap when I'm in a tired coma...	04:34
shauno	if it's any consolation, you've got me wondering if I ever moved mine off sqlite too	04:35
roasted	with owncloud?	04:35
shauno	yeah	04:36
roasted	yeah if I swithced mine to mysql it crapped itself	04:39
roasted	but back on sqlite3 it's fine	04:39
roasted	yet I'm actually using mysql AS my db....	04:39
roasted	maybe I'm not understanding something, but whatever. It works, so...	04:39
RustyShackleford	so I installed noip2 from noip's website	05:00
RustyShackleford	how do I set it to run at boot?	05:00
RustyShackleford	(ubuntu server 13.04)	05:00
sarnold	RustyShackleford: you've got a few options..	05:03
sarnold	RustyShackleford: if they provided a sysv initscript, you can drop the file into /etc/init.d/ and make the /etc/rc*.d/ symlinks	05:03
sarnold	RustyShackleford: or you can call a program from /etc/rc.local	05:03
sarnold	RustyShackleford: or you can use the @reboot cron specifier if you want to run it as a user accout..	05:04
RustyShackleford	the other thing that's nagging me: can I force comcast to renew my IP	05:13
RustyShackleford	i'd like to test and make sure this works	05:13
sarnold	RustyShackleford: I've had the same comcast IP for years.. I'm pretty sure I've 'release' on the router with no effect	05:14
RustyShackleford	interesting. I haven't really paid attention, so I can't say	05:15
RustyShackleford	sarnold, does it matter what I name the initscript?	05:17
sarnold	RustyShackleford: no	05:17
RustyShackleford	the readme made it seem like it was important	05:18
sarnold	the name matters a lot in the /etc/rc?.d/ directories	05:18
sarnold	Sxxwhatever and Kxxwhatever, where xx are digits..	05:18
RustyShackleford	sarnold, could you explain or tell me what to google?	05:21
sarnold	RustyShackleford: well...	05:23
RustyShackleford	it seems like the numbers correspond to runtime levels?	05:23
RustyShackleford	idk, i"m just guessing	05:24
sarnold	RustyShackleford: you could also write an upstart conf file. that might be a bit more work if the project supplied a sysvinit script, but it'll be much less work if they didn't..	05:24
sarnold	RustyShackleford: .. and upstart is significantly easier to configure than the sysv initscripts	05:24
RustyShackleford	an initscript is written in bash?	05:24
sarnold	RustyShackleford: more usually, sh	05:24
RustyShackleford	they did provide something which I can place in /etc/init.d/rcX.d	05:25
RustyShackleford	what is X?	05:25
RustyShackleford	or how do I find out	05:25
sarnold	RustyShackleford: here's some information writing an upstart configuration: http://upstart.ubuntu.com/cookbook/#concepts-and-terminology	05:25
RustyShackleford	from the readme: "Where the 'X' in rcX.d is the value obtained by running the	05:26
RustyShackleford	following command	05:26
RustyShackleford	grep initdefault /etc/inittab \| awk -F: '{print $2}'	05:26
RustyShackleford	"	05:26
RustyShackleford	sorry, forgot about the newlines	05:26
sarnold	RustyShackleford: in those cases, X -is- runlevel; back in the old days, it was 1 for single user, 3 for multiuser, 5 for multiuser with graphics, 0 for rebooting...	05:26
sarnold	wow, I'm forgetting the levels. acheivement unlocked! :)	05:27
RustyShackleford	i've never had to deal with runlevels	05:27
RustyShackleford	i started with ubuntu 7.10	05:27
sarnold	RustyShackleford: so you'd put symlinks into whichever directories you wanted the service to start and stop on -- in case you wanted it running only when graphics were up, and shut down when going down to 2 ...	05:27
sarnold	RustyShackleford: update-rc.d can help manage all those scripts. but I detest it's manpage. :)	05:28
RustyShackleford	it's a headless server	05:29
sarnold	RustyShackleford: ooh, check out the sysv-rc-conf package. it looks nicer than update-rc.d	05:29
RustyShackleford	i had to install this package manually ("make install")	05:31
RustyShackleford	so I'm not usre this will work	05:32
sarnold	RustyShackleford: try: update-rc.d -n defaults <name of the file in /etc/init.d/>	05:32
sarnold	RustyShackleford: if the output looks good, leave off the -n and re-run..	05:33
RustyShackleford	so just drop it in /etc/init.d/ and not /etc/init.d/rcX.d/	05:33
sarnold	RustyShackleford: right; the /etc/rcX.d/ directories are for the S and K symlinks	05:34
RustyShackleford	output looks good	05:36
RustyShackleford	restarting the server and crossing my fingers	05:36
sarnold	RustyShackleford: did you re-run without the -n ? :)	05:37
RustyShackleford	oh I saw a command on stackoverflow	05:37
RustyShackleford	it didn't include the -n flag	05:37
sarnold	aha, good	05:37
RustyShackleford	did I need to run with -n first?	05:38
sarnold	no	05:38
sarnold	many commands include an -n or --dry-run option to show you what they will do	05:38
sarnold	I'm paranoid and like to see what will happen before running it :)	05:39
RustyShackleford	didn't know that. it does seem useful	05:39
RustyShackleford	unfortunately it doesn't seem to work	05:39
sarnold	RustyShackleford: any error messages in the log files?	05:42
sarnold	RustyShackleford: what permissions are on the script file in /etc/init.d/ ?	05:43
RustyShackleford	yeah I think it might have been permissions	05:43
RustyShackleford	if I start the script manually it works	05:44
RustyShackleford	after setting permissions to 755	05:44
RustyShackleford	sarnold, yep it works	05:46
RustyShackleford	thank you so much	05:46
sarnold	RustyShackleford: woo :)	05:46
RustyShackleford	playing around with servers is fun	05:47
RustyShackleford	but a major timesink	05:47
sarnold	RustyShackleford: too true	05:47
sarnold	it'll get more fun	05:47
sarnold	and ... well, always a timesink :)	05:47
RustyShackleford	does ubuntu server upgrade from version to version well?	05:47
ScottK	Yes.	05:48
RustyShackleford	the desktop version seems less reliable. I usually just wipe and start clean	05:48
ScottK	I run Kubuntu for desktop, so I don't know.	05:48
ScottK	That's reliable enough on upgrade.	05:49
arooni-mobile	my dns resolutoin was messed up on ubuntu; so i edited /etc/resolv.con and put in name severs. but at top of file says: "# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)" so was i not supposed to fix it that way?	05:49
ScottK	I've got a server that's been upgraded since gutsy.	05:49
sarnold	RustyShackleford: I've upgraded machines half-dozen times.. on the desktop side, worst was that unity forgot focus-follows-mouse and auto-raise settings -- but a few releases ago, it did that once every few weeks anyway	05:50
sarnold	RustyShackleford: I'd done machines through seven or eight years of debian, before ubuntu, without troubles..	05:50
RustyShackleford	i chose ubuntu because I'm more familiar with packages etc.	05:51
sarnold	arooni-mobile: depends. :) If you knew what you were doing, that might be the perfect solution...	05:51
RustyShackleford	Seems like debian is more popular for servers. #linux didn't care much for my choice of server OS	05:51
ScottK	IIRC, the only time I've had a server upgrade problem was once when I knew I was trying something studip.	05:51
sarnold	arooni-mobile: but it'll be overwritten next time dhcp brings an interface up or down, so it might not last long	05:51
sarnold	ScottK: hehe :)	05:52
ScottK	One of the main reasons to run Ubuntu over Debian is the security hardening features built into Ubuntu.	05:52
sarnold	arooni-mobile: so perhaps your edits shold be made to /etc/network/interfaces, or /etc/resolvconf/resolv.conf.d/head	05:52
ScottK	The gap narrowed significantly with the release of Wheezy, but Ubuntu is still ahead.	05:52
RustyShackleford	I just like that there is a Java ppa	05:53
RustyShackleford	etc.	05:53
arooni-mobile	my name resolution on my server got royally messed up	05:53
arooni-mobile	so i want to make theses resolutions permenent	05:54
RustyShackleford	certain proprietary things are hard to install on debian. I dislike "make install"	05:54
ScottK	arooni-mobile: /etc/network/interfaces is where I'd put it.	05:54
=== rvba` is now known as rvba
arooni-mobile	ScottK, so i jsut drop in exactly whati put in /etc/resolv.conf?	05:54
arooni-mobile	there	05:54
arooni-mobile	?	05:54
ScottK	What did you put in resolv.conf?	05:55
sarnold	arooni-mobile: no, the format is different, it'd be best to read the interfaces(5) manpage for full details	05:55
ScottK	sarnold: Thanks.	05:57
arooni-mobile	just nameserver stuff	05:57
* ScottK has never messed with resolv.conf directly.		05:57
* ScottK can't figure out why it's even installed on a server with static IP?		05:59
arooni-mobile	how else would domain names get resolved	06:02
arooni-mobile	i mean when you need to dl updates etc	06:02
ScottK	I always just put the information in /etc/network/interfaces.	06:06
=== koolhead11\|away is now known as koolhead17
=== mld_ is now known as mld
jamespage	morning folks!	08:06
feisar_	morning	08:06
caribou	people: is Memory leaks in rabbitmq-server a thing of common knowledge ?	08:18
caribou	I was able to fill up memory of a Raring 2Gb vm overnight with a simple message passing program	08:19
caribou	it seems to be even more severe on Precise	08:19
=== yofel_ is now known as yofel
jamespage	Daviey, smb: iscsitarget dkms fixed up for 3.10	08:49
smb	jamespage, cool	08:50
koolhead17	hi all	08:51
jamespage	Daviey, did you get anywhere with go in backports yesterday?	09:34
Daviey	jamespage: Sort of.	09:43
jamespage	Daviey, fyi I'm looking at the 1.1.1 version thats currently in debian NEW	09:44
Daviey	jamespage: We do need to dig out specific reasons why the juju-core team need a newer golang toolchain	09:45
jamespage	Daviey, they don't need it - the 1.0.x series should be sufficient	09:46
jamespage	but thats not in precise which is the challenge	09:46
jamespage	1.1.1 is preferred and has ARM support unlike 1.0.x which is probably a valid reason to support it	09:46
Daviey	jamespage: 2:1-5 is in precise.. Do we know why that is no good?	09:49
Daviey	also.. they were pretty keen to bump the epoch :/	09:50
jamespage	Daviey, hmm	10:32
jamespage	Daviey, I can't help but think that requested a MRE for a point release on a series no longer supported upstream is stupid	10:38
Daviey	jamespage: Hmm, can you give more details?	10:52
Daviey	jamespage: We need to write all this up..	10:52
jamespage	zul, adam_g, roaksoax_: so - zul has been working on getting the newer version of kombu into the archive	12:33
zul	jamespage: so amqp got uploaded yesterday im in the middle of doing the MIR	12:33
jamespage	follow on question is really around rabbitmq - should we provide a CA backport for havana on 3.1.x as in saucy?	12:34
jamespage	specifically to support non-shared storage active/active deployments	12:34
jamespage	Daviey, still comtemplating	12:35
jamespage	contemplating rather	12:35
zul	jamespage: do we need to backport erlang as well?	12:35
jamespage	no idea	12:35
zul	+1 if we dont have to backport erlang for it, -1 if we do	12:36
jamespage	tbh the erlang backport is probably zero cost	12:36
jamespage	I've done the merges for the last few cycles and its pretty much no-op	12:37
zul	sure merges can be different from backports though (subunit comes to mind)	12:38
zul	jamespage/roaksoax/Daviey: https://bugs.launchpad.net/ubuntu/+source/python-amqp/+bug/1197390	12:39
zul	amqp MIR	12:39
jamespage	zul, I think erlang in 12.04 is probably still OK	12:43
zul	jamespage: +1 from me then	12:43
zul	jamespage: did you +1 swift for the CA yesterday/	12:57
jamespage	zul, probably - lemme +1 it again - URL?	12:57
zul	http://people.canonical.com/~chucks/ca/	12:57
=== wedgwood_away is now known as wedgwood
jamespage	zul: +1	13:29
zul	jamespage: thanks	13:29
Duologic	I have a Ubuntu server "precise" with Samba 3.6.3 running, is it safe to add quantal repositories to apt sources to upgrade to Samba 3.6.6? or at least, will it work?	13:32
sadiq_	No such process quotaon: Quota format not supported in kernel. ? any idea ubuntu 12.04.1	14:11
sadiq_	Quota format not supported in kernel. ? any idea ubuntu 12.04.1	14:13
genii	sadiq_: You could try loading the modules quota_v2 and quota_v1	14:15
sadiq_	how to load them	14:17
sadiq_	thanks for your reply	14:17
genii	sadiq_: sudo modprobe quota_v2 && sudo modprobe quota_v1 ...for instance	14:18
sadiq_	hi	14:20
ndee	hi there, I created a jail for a user and want to mount --bind a directory into his home. How can achieve that the mount will be available after a reboot?	14:44
feisar_	ndee: I haven't created a chroot jail before but assuming it's the same as any other mount then you need to put it in /etc/fstab	14:45
ndee	feisar_, ok	14:45
feisar_	the syntax is a little different from mounting on the command line so check out the fstab man	14:46
ndee	feisar_, I checked the man mount and there was the entry too, but thanks :)	14:46
feisar_	so you have an entry in /etc/fstab but it isn't working?	14:47
ndee	feisar_, I can't test it since I don't want to reboot the server ;)	14:48
ndee	but I added the entry and I will check the next time the server reboots, hope that will be some years from now ;)	14:48
feisar_	you can $ sudo mount -a to test	14:49
feisar_	$sudo mount -a	14:49
ndee	sweetness, it works. Thanks feisar_ !	14:49
feisar_	no probs : )	14:50
feisar_	there's always a way to do it on Linux without rebooting ; )	14:50
ndee	feisar_, true :) it's just about finding the way :)	14:50
=== freeflyi1g is now known as freeflying
=== wedgwood is now known as wedgwood_away
=== wedgwood_away is now known as wedgwood
psivaa	hello, i have been having an issue with most of our server smoke tests today: Unable to ping the VMs from the host	15:14
psivaa	dhclient: execve (/sbin/dhclient-script, ...): Permission denied is shown in syslog	15:15
psivaa	http://pastebin.ubuntu.com/5840606/ contains more logs.	15:15
psivaa	hallyn: jamespage: would you be able to shed some light pls?	15:15
=== Ursinha is now known as Ursinha-afk
hallyn	psivaa: can you ping the vms from the host by ip addrses?	15:35
psivaa	hallyn: there is no ipv4 address allocated to the concerned VMs	15:38
psivaa	hallyn: everything works ok until installation and the issue comes up only when the VM's gets rebooted after the install	15:38
hallyn	psivaa: oh, i see. so dnsmasq is broken on the host. what does ps -ef \| grep dnsmasq show?	15:42
psivaa	hallyn: http://pastebin.ubuntu.com/5840697/ on the host	15:43
hallyn	psivaa: ls -l /sbin/dhclient-script	15:49
psivaa	hallyn: -rwxr-xr-x 1 root root 13005 Nov 7 2012 /sbin/dhclient-script	15:49
psivaa	hallyn: the file has the same permissions in the VMs as well	15:51
=== _ffio_ is now known as bsd_freak
hallyn	psivaa: head -3 /sbin/dhclient-script	15:58
psivaa	hally:	16:01
psivaa	#!/bin/bash	16:01
psivaa	# Explicitly set the PATH to that of ENV_SUPATH in /etc/login.defs and unset	16:01
psivaa	# various other variables. We need to do this so /sbin/dhclient cannot abuse	16:01
psivaa	# the environment to escape AppArmor confinement via this script	16:01
psivaa	# (LP: #1045986). This can be removed once AppArmor supports environment	16:01
psivaa	# filtering (LP: #1045985)	16:01
psivaa	hallyn: ^ sorry for the typo :)	16:01
hallyn	psivaa: do you have auditd running on the host?	16:03
hallyn	psivaa: I'm wondering whether there are any apparmor denial messages hidden anywhere	16:03
hallyn	psivaa: please try running "strace -f -ooutout /sbin/dhclient-script" (as root) and pastebin the resulting outout file?	16:03
psivaa	hallyn: auditd does not seem to be running and the above strace command returns nothing	16:05
hallyn	outout is empty?	16:05
psivaa	hallyn: yes	16:06
=== wedgwood is now known as wedgwood_away
=== wedgwood_away is now known as wedgwood
hallyn	psivaa: which host?	16:17
psivaa	hallyn: aldebaran	16:17
=== bsd_freak is now known as babaji
zul	Daviey: can you seed python-amqp please https://bugs.launchpad.net/ubuntu/+source/python-amqp/+bug/1197390	16:31
uvirtbot	Launchpad bug 1197390 in python-amqp "[MIR] python-amqp" [High,Fix committed]	16:31
=== Ursinha-afk is now known as Ursinha
hallyn	psivaa: grep 'DENIED' /var/log/kern.log ?	16:33
psivaa	hallyn: that too ouputs empty	16:34
psivaa	hallyn: i see Jul 3 16:29:56 aldebaran snmpd[3717]: error on subcontainer 'ia_addr' insert (-1) in syslog but i hear that's not too harmful	16:35
psivaa	hallyn: also this issue does not happen always, it's intermittent	16:39
psivaa	hallyn: there is output for grep 'DENIED' /var/log/kern.log in the client VM though,	16:46
psivaa	kernel: [ 6.185870] type=1400 audit(1372862341.310:8): apparmor="DENIED" operation="file_perm" parent=509 profile="/sbin/dhclient" name="/bin/bash" pid=517 comm="dhclient" requested_mask="r" denied_mask="r" fsuid=0 ouid=0	16:46
hallyn	psivaa: can you ask sarnold to take a look? it sounds to me like dhclient isn't allowed to run /bin/bash - it has special allowance for running /sbin/dhclient-script (see /etc/apparmor.d/sbin.dhclient), so i'd expect...	16:51
hallyn	(or jjohansen )	16:52
hallyn	you might just add /bin/bash rx to /etc/apparmor.d/local/sbin.dhclient and see if that fixes it...	16:52
sarnold	psivaa, hallyn, how interesting, my sbin.dhclient has a /etc/dhcp/dhclient-script Uxr, permission -- that script can do anything is wishes..	16:58
hallyn	sarnold: so does his	16:58
hallyn	(at least on the host)	16:58
hallyn	I see, I looked up the Ux semantics, caught the 'cleaned up', but missed the unconfined. got it	16:59
hallyn	sarnold: but it's /sbin/dhclient-script being run, not /etc/dhcp/dhclient-script,	16:59
hallyn	hm, ahs same thing	16:59
hallyn	*has	17:00
jjohansen	psivaa: do we have a bug to track this?	17:02
psivaa	jjohansen: no i have not open one yet, i could do it in a little while	17:03
theazman	Hey all, quick question. On server 12.04, how do I give a domain account local logon rights?	17:47
psivaa	jjohansen: sarnold: hallyn: reported bug #1197484 for the above issue.	17:49
uvirtbot	Launchpad bug 1197484 in isc-dhcp "Connection requests to saucy server VMs from a precise host fail after fresh VM installs" [Undecided,New] https://launchpad.net/bugs/1197484	17:49
sarnold	psivaa: thanks	17:49
jjohansen	psivaa: okay, thanks	17:49
theazman_	If I try to add the user, it says the user already exists	17:50
psivaa	thank you for your time :)	17:51
theazman_	Anyone?	17:59
wxl	theazman_: ?	18:00
theazman_	How do I give an account local login rights to a 12.04 server	18:00
shollings	erm	18:01
shollings	have you googled that?	18:01
shollings	it's elementary shit, a quick google result would tell you	18:01
theazman	Sorry, some reason my smuxi keeps losing connection to this room. How do I give a domain account login permissions to a 12.04 server without changing the password?	18:04
sarnold	shollings: please don't.	18:05
shollings	sarnold: try and stop me.	18:05
shollings	:)	18:05
Tm_T	shollings: please be helpful when help	18:07
shollings	oh I am. i'm teaching him how to do things himself. that's the most helpful thing you can do.	18:07
Tm_T	shollings: that's not ubuntu way	18:08
shollings	ubuntu doesn't use google?	18:08
theazman_	Anyone able to help me?	18:08
Tm_T	shollings: we don't tell people to google it, if you don't like to help then just don't	18:08
shollings	Please, feel free to help him.	18:10
theazman	So I think I fixed my ping so I won't keep getting kicked off, how do I give a user login access to a 12.04 server?	18:15
tsimpson	theazman_: unless you lock the account a user can already login, ps your connection is _not_ fixed	18:31
theazman_	tsimpson, yea, I noticed my connection isn't fixed, still working on that. The account is a domain account, but not a local account. I cannot su account name, when I try that it just gives me a prompt again	18:32
Daviey	zul: How about you seed it, and I promote it? :)	18:33
zul	well we dont want it on the cd do we?	18:34
Daviey	zul: Yes, but why do you want it in main?	18:34
=== wedgwood is now known as wedgwood_away
zul	Daviey: its a dependency for kombu	18:34
Daviey	zul: Dependency for kombu...	18:34
Daviey	Right, so - can you upload a kombu that depends on it?	18:35
zul	Daviey: already did	18:35
Daviey	Oh	18:35
=== wedgwood_away is now known as wedgwood
tsimpson	theazman_: then I guess you have to configure PAM to allow logins over the domain then, I have no idea how to do that	18:35
theazman	tsimpson, I'm back for now	18:35
Daviey	zul: ah, so yu did - an hr ago. :)	18:36
zul	Daviey: https://launchpad.net/ubuntu/+source/kombu/2.5.12-0ubuntu1/+build/4767352	18:36
Daviey	you*	18:36
Daviey	zul: Not yet showing on the mismtach list.	18:36
zul	Daviey: okies	18:36
tsimpson	theazman: there's a bunch of PAM modules for different authentication mechanisms, search for "libpam" and see what's available to start	18:38
Daviey	zul: done, thanks	18:39
zul	Daviey: thanks	18:39
MAbeeTT	hi!, We have recently aquired a clone computer for being used as server (AMD FX8120 8 cores, 16G RAM, 2x1Tb HDD)	18:42
MAbeeTT	We want virtualize there, deployment and production tomcat+mysql+tcp-adhoc-protocol, and some future similar scenarios.	18:44
MAbeeTT	I would like to full virtualization and containers inside one (or more) of the VMs.	18:44
MAbeeTT	Is there some gui-like solution for ubuntu server 12.02 LTS?	18:45
=== roaksoax_ is now known as roaksaox
=== roaksaox is now known as roaksoax
MAbeeTT	I have seen openstack, juju, but seems bein some for a "farm	18:45
MAbeeTT	"	18:45
MAbeeTT	thanks.	18:45
sarnold	MAbeeTT: perhaps using virt-manager with kvm is about what you're after	18:47
MAbeeTT	could I make virtual nets also? I mean virtuals NICs "plugged"tu a virtual Switch.	18:48
sarnold	MAbeeTT: juju is pretty slick, you could use it with lxc containers on the host; the nice part is you could scale that out to running services on VMs with a private openstack cloud or maas setup or something, but it wouldn't easily move to just having a second computer with lxc containers in the future...	18:48
sarnold	MAbeeTT: linux provides bridge functionality easily, switches require other tools, last I looked at them I wasn't very impressed with what I saw. I hope they've improved..	18:49
MAbeeTT	ok, via bridges, I know them.	18:49
MAbeeTT	ok. The "impression" I have about juju is that is for huge developments. We are a small Research group in a university. Now we use some old computers (Pentium 4, 256/512M).	18:52
MAbeeTT	so, the idea is move, and generate new VMs, but as you can imagine this are not stressed services.	18:53
theazman_	Hey, sorry, no idea what is going on with my connection. In any case, I gave a domain account logon rights to a ubuntu server. When I try to ssh in, the session closes right after it authenticates. What could be causing this?	19:06
sarnold	theazman_: out of curiosity, what is a 'domain account'?	19:07
theazman_	sarnold, an account created on the domain, Windows AD account	19:08
theazman_	Sorry, should have said AD account	19:08
sarnold	theazman_: you can probably find more detailed reasons for the session closing in the log files, /var/log/auth.log would be my first guess..	19:08
theazman_	sarnold, it wasn't showing up in th elogs, I'll look again	19:08
sarnold	theazman_: aha :) which pam modules are you using to do the integration?	19:08
theazman_	sarnold, possibly krb5.so	19:09
theazman_	sarnold, its denying me access to the log	19:10
sarnold	theazman_: can you use sudo or su?	19:10
theazman_	I'm in as root	19:10
theazman_	sarnold, and it shows up blank, and when I do sudo from the admin account, says permission denied	19:11
sarnold	theazman_: .. and you're getting permission denied trying to read the file?	19:11
mnathani	theazman_: have you been rooted?	19:11
theazman_	mnathani, I am under root	19:11
theazman_	sarnold, under root, the log shows up empty	19:11
sarnold	theazman_: mnathani is thinking your system may have a root kit installed	19:11
mnathani	theazman_: I meant is there a virus / malware / rootkit installed on the box	19:11
theazman_	ah, I see	19:11
theazman_	Let me check	19:11
sarnold	theazman_: -crazy-. how about other log files in /var/log ?	19:12
mnathani	compare md5 files for common binaries like ls	19:12
mnathani	*files = sums	19:12
theazman_	sarnold, so auth.log.1 shows up	19:13
theazman_	sarnold, but auth.log shows blank	19:13
sarnold	theazman_: check filesystem free space.	19:13
theazman_	sarnold, the box might need to be rebooted, but that can't be done at this time	19:13
theazman_	sarnold, where do I check that	19:13
sarnold	theazman_: df	19:13
theazman_	mnathani, where do I see the md5 files?	19:13
theazman_	sarnold, the most used is 30% which is /dev/sdal	19:14
theazman_	sarnold, so the logs that show up, the dates stop on Jun 29	19:15
theazman_	sarnold, I think I did an apt-get update and upgrade on that day which might have broken it	19:16
theazman_	sarnold, you still there?	19:17
sarnold	theazman_: hrm. check the .1 log file then, perhaps it's still being used ...	19:18
sarnold	(I'd have expected sshd would close/reopen the log file at log rotate time..)	19:18
theazman_	sarnold, so the auth.log.1 stops on june 29	19:18
sarnold	oh right. sigh.	19:18
theazman_	sarnold, I'm not sure if log rotate is setup	19:19
theazman_	checking on that now	19:19
theazman_	sarnold, it is setup to rotate weekly	19:20
theazman_	sarnold, and syslog is empty, last log in .1 is jun 29 around the same time	19:21
sarnold	theazman_: I wonder if /var was full on jun 29?	19:22
theazman_	sarnold, how do I check that	19:23
theazman_	sarnold, /var doesn't have its own filesystem on here	19:23
sarnold	theazman_: looking through those logs from jun 29 is your best bet, but .. not a very good one.	19:23
sarnold	theazman_: lets try service rsyslog restart -- just a blind, restart the logging service..	19:24
theazman_	sarnold, I had tried that already a bit ago	19:24
theazman_	sarnold, that didn't fix it, I am thinking of doing a restart	19:28
adam_g	zul, any chance at a peak of https://code.launchpad.net/~gandelman-a/ubuntu/saucy/nova/drop_requests_cap/+merge/172709 + https://code.launchpad.net/~gandelman-a/ubuntu/saucy/nova/pyparsing_min/+merge/172639 ?	19:30
zul	adam_g: done	19:32
adam_g	zul, thanks. i had one for kombu requirement but dropped since thats all together already. nice job	19:33
zul	adam_g: thanks	19:33
zul	i should have one for ceilometer tomorrow	19:33
adam_g	zul, im going to poke dolph and see if he can cut a new keystoneclient release so cinder and ceilometer arent version capped on their requirement	19:33
theazman_	sarnold, any other ideas?	19:34
zul	adam_g: cool	19:34
adam_g	zul, also, whats the plan for the neutron rename?	19:34
zul	adam_g: when its done upstream i already have a branch ready for quantum quantum client not yet	19:35
zul	adam_g: https://code.launchpad.net/~zulcss/neutron/neutron-rename	19:36
adam_g	cool	19:37
theazman_	sarnold, I think I found the problem as to why it wasn't logging	19:38
theazman_	sarnold, apparently I accidently changed the owner of the log to a different user account, I changed it back but it still isn't writing to it	19:41
theazman_	sarnold, got the logs working, so now about getting the account to login?	19:45
sy_	I have a 3TB drive where I have created a raid1 set with disk missing to be added in later however mdadm is reporting 2.1TB, any ideas?	19:47
sy_	There is a single partition on the drive containing the full disk	19:48
theazman_	Anyone able to help me figure out why a user can't ssh into the server?	19:54
sarnold	theazman_: hey, glad to hear you've got the logging sorted out. :) are there any instructive errors in hte logs, now that they work?	19:56
=== Aww is now known as [[Aww]]
theazman_	sarnold, not really	19:57
theazman_	sarnold, just session opened and then session closed at the same second	19:58
sarnold	theazman_: how about the user's shell? shell startup files?	19:58
theazman_	sarnold, adding those now	19:59
sarnold	theazman_: off to lunch, good luck :)	20:00
theazman_	sarnold, thanks for your help	20:00
theazman_	Anyone able to tell me why an ssh session closes as soon as I authenticate? There is nothing descriptive in the logs.	20:28
anepanaliptos	theazman_: how about scp?	20:29
anepanaliptos	maybe there is something in your bash/login script?	20:29
theazman_	Well, it also doesn't let me su username when I try to su username from root	20:30
theazman_	anepanaliptos, ^	20:30
anepanaliptos	(yeah it seems like it's just me and you here)	20:30
anepanaliptos	got another linux machine someplace?	20:31
anepanaliptos	see if you can scp a file into your home dir, so do..	20:31
theazman_	I have a bunch, its 12.04 server	20:31
anepanaliptos	scp file.ext username@host.ip.whatever:~	20:31
theazman_	Do I do that from terminal?	20:32
anepanaliptos	yeap	20:32
theazman_	What does that do?	20:32
theazman_	I'm also guessing I need to find a valid file?	20:33
anepanaliptos	it copies a file of your choice from the computer you're sitting at to the home directory of the other host	20:33
anepanaliptos	yeah.	20:33
anepanaliptos	just cd into your desktop and send something from there. do you use terminal often? did you know you can use tab for autocomplete?	20:33
theazman_	What account do I want to try that from, root?	20:34
theazman_	Yea, I know about autocomplete	20:34
theazman_	But I'm not by another linux machine atm	20:35
anepanaliptos	doesnt matter. just see if you can send a file itno that persons home dir	20:35
theazman_	k, sec	20:35
anepanaliptos	if that's the case, there is something wrong with bash	20:35
theazman_	Um, that didn't error	20:36
theazman_	let me check the dir	20:36
theazman_	there is nothing in the home directory of the user	20:36
theazman_	What makes you think it is the bash?	20:37
theazman_	anepanaliptos, not sure what's going on here.	20:38
theazman_	anepanaliptos: You still here?	20:45
tdn	Will software raid1 give me a performance increase in reads?	20:51
theazman_	Anyone able to help me figure out why when I try to ssh as users except the admin the session closes instantly after authenticating. There's nothing descriptive in the logs... Thanks	20:58
anepanaliptos	theazman_: sorry afk	21:00
anepanaliptos	hang on.	21:00
anepanaliptos	ok	21:00
anepanaliptos	so you sent it to userwithproblem@hostwithproblem:~	21:00
anepanaliptos	and then you checked the home dir and it wasnt ehre?	21:00
anepanaliptos	i think its bash because it's a "safty feature" from ssh that there is a shell or _Somthing_ running when you log in	21:01
anepanaliptos	if it doesnt start, or your bash exits abnoramally, that kills teh ssh session	21:02
raub	I know you can do that by limiting which commands you can run when you ssh	21:02
raub	ex: in authorized_keys	21:03
raub	I also think you could setup the shell you are allowed to run	21:03
raub	say, to /bin/fals	21:03
raub	false	21:03
theazman_	YEa, anepanaliptos, it wasn't in the home dir	21:03
theazman_	raub, it doesn't do local logins either	21:04
theazman_	anepanaliptos, ^	21:04
=== algesten` is now known as algesten
theazman_	Everyone disappear?	21:08
theazman_	Anyone able to help me figure out why when I try to ssh as users except the admin the session closes instantly after authenticating. There's nothing descriptive in the logs... Thanks	21:18
theazman_	Anyone able to help me figure out why when I try to ssh as users except the admin the session closes instantly after authenticating. There's nothing descriptive in the logs... Thanks	21:37
=== wizonesolutions_ is now known as wizonesolutions
=== smw__ is now known as smw_

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!