=== Aww is now known as AWW
=== AWW is now known as Aww
failmasterguys, i have a problem trying to switch passphrase to keyfile authorization for root partition, while it works flawlessly for others on 13.04, however, the end-goal scheme used to work fine on 12.04 https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/238163/comments/18 anyone?03:04
uvirtbotLaunchpad bug 238163 in cryptsetup "keyfile doesn't work in initramfs" [Undecided,New]03:04
frezeare there any vps guides?04:02
frezelike a frist-step guide on what to do after getting into the server04:02
frezei.e. setting up ssh etc.04:03
frezedoes apt-get have a user friendly package management04:45
anepanaliptosit is user friendly.04:46
anepanaliptosif you're running gnome 'software center' -- if you're on kde, 'package manager'04:46
anepanaliptosor aptitude from the command line.04:47
frezeI meant like aptitude04:47
anepanaliptosbut most people just use apt-get install package04:47
anepanaliptosor apt-cache search text | grep some nicer filter04:47
failmasterso as i expected i end up with unbootable system dropped into initramfs environment04:48
anepanaliptosfailmaster: oooo, i wish i could help you. but when it comes to that stuff, im clueless.04:49
anepanaliptospost a little more info, what's up?04:49
failmasteranepanaliptos, attention to the subject in more than i could expect04:49
failmasteri have a problem trying to switch passphrase to keyfile authorization for root partition, while it works flawlessly for others on 13.04, however, the end-goal scheme used to work fine on 12.04 https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/238163/comments/1804:50
uvirtbotLaunchpad bug 238163 in cryptsetup "keyfile doesn't work in initramfs" [Undecided,New]04:50
failmasteri suspect this issue is the same one04:50
failmasterpretty much similar setup with the only difference that in filed case he had a key on root fs and was mounting another non-root drive04:51
failmasterbut i see connection between things especially after i've read answers of maintainers https://answers.launchpad.net/ubuntu/+source/cryptsetup/+question/3717604:53
failmastermost probably i'm wrong, but it's a bug, definitely, besides this debian wheezy and 13.04 server have a common issue not including usb drivers necessary to provide usb keyboard working at the stage when i'm craving for it in order to enter luks passphrase after first reboot =)04:55
failmasterbut that's an old story04:56
failmasterno options but 12.04 actually04:56
failmasterthe most smooth setup of such configuration atm04:57
hanumani am installed kvm lvm based virtualmachine with dhcp, how can i get that virtual machine console05:23
hanumani installed kvm lvm based virtualmachine with dhcp, how can i get that virtual machine console05:44
SpinningWheelsi keep getting a message of "E: Internal Error, No file name for libssl1.0.0" when i attempt to apt-get -f install05:48
frezewhat kernel does 13.10 run?05:48
=== smb` is now known as smb
jcsarnold: Just to follow up on last night, my plan worked!06:48
jcsarnold: Renumbered new server from a 10.0.4.x/ address to a 10.3.0.x/ address, reconfigured the switch port and updated DNS, and it magically eliminated that ten-second connect delay06:49
jcsarnold: I hate DNS :/06:49
frezeshould I disable the root userr?06:49
andolfreze: Well, you definitely want to have the root user in one capacity or another, but it might be worth disabling root logins, at least remote ones.06:53
frezeandol by remote you mean ssh ones?06:54
andolfreze: That would be the most common yes, unless you have set something additional up.06:54
frezeandol: got it. sudo login root doesn't work by default right?06:57
andolfreze: Not sure I follow...06:58
frezeas in   "$sudo login root"06:59
andolNot sure, have never tried using the login command that way. Still, if you have full sudo right you can always do something like "sudo -i", and get a full root shell07:00
frezethat works07:01
frezeI did: sudo apt-get --purge remove apache207:12
frezethen I checked ps -A and apache2 is still running? How's possible if I uninstalled it.07:12
andolfreze: I assume you still have a package apache2-mpm-something?07:13
andolfreze: I'd say the easiet way to delete all apache2-related packages would be removing the apache2.2-common package. Just double that apt then don't also removes more than you want it to.07:14
frezehmm not sure. This ubuntu image game with apache2 preinstalled07:14
andolfreze: dpkg --list | grep -i apache07:15
frezeandol: that helps  I see a ton of apache packages07:15
frezeI'll uninstall them07:15
andolfreze: By the way, familiar with the | thingy? (Usually refered to as a pipe)07:17
frezeI's this a good idea sudo apt-get remove apache2*07:17
Semorhow to install systemtap on ubuntu precise1 kernel ?07:51
bobz_zghi, anyone can help please. I have trouble with permissions on files i upload over FTP, i'm in group www-data, but when I upload filss over FTP they have have permissions 600, instead of 644 or 755. any advice?08:04
lotiahello all. working on an upstart job for ubuntu 12.04 LTS and am using the setuid directive within the job. I need to make sure certain directories exist, and can use the pre-start section, but the user being set may not have privileges to create the directories.08:10
lotiais the normal pattern to have another upstart task that creates directories and have that run as root?08:11
jodhlotia: yes08:17
lotiajodh: thanks08:18
frezecan I safely delete usr/games08:23
rbasakjamespage, yolanda: are you aware of squid3's dep-wait on libecap2-dev in saucy-proposed?08:48
yolandarbasak, no, first notice08:48
yolandarbasak, no, sorry, yes, i forgot it08:49
yolandai filed a MIR for it08:49
uvirtbotLaunchpad bug 1200173 in libecap "[MIR] libecap" [Undecided,New]08:50
rbasakthanks yolanda!08:51
rbasakmdeslaur: ^^08:51
=== zz_DenBeiren is now known as DenBeiren
Rapid2214Hello, Has anyone got experience with HP DL360p and Ubuntu 12.04 with bonding?10:36
rbasak!anyone | Rapid221410:40
ubottuRapid2214: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.10:40
Rapid2214Ok thanks, When setting up a bond on this hardware, it does not come up, whereas on a G7, the bond is initialises correctly10:44
jamespageRapid2214, its possible that the G8 hardware works better with a newer kernel version that 3.2 as in 12.0411:08
jamespageRapid2214, see https://wiki.ubuntu.com/Kernel/LTSEnablementStack on how to install later kernels on 12.04 in a supported manner11:09
mardraumRapid2214: you should also run the latest hp fimrware update dvd/usb on the hardware11:09
Rapid2214mardraum, I have updated all the firmware from HP - just did a test running: ifenslave bond0 eth0 - and it forces it in, normal ifup or boot doesn't seem to be adding the device - I will look at the kernels11:10
Rapid2214jamespage, intended for use on x86 hardware at this time :/11:12
Rapid2214Thinking the resolution to this bug will fix it, will let you know https://bugs.launchpad.net/ubuntu/+source/linux/+bug/99636911:16
uvirtbotLaunchpad bug 996369 in linux "bond slave interface sometimes does not come up on boot" [Medium,Confirmed]11:16
=== DenBeiren is now known as zz_DenBeiren
mdeslaurrbasak: thanks11:26
=== zz_DenBeiren is now known as DenBeiren
pimpfsomeone alive? need bit help12:31
xerxasHi all12:36
xerxasI would like apport / whoopsie to send me an email when a program has core dumped12:36
xerxasis it possible ? if so , how ?12:36
rbasak!ask | pimpf12:36
ubottupimpf: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience12:36
DenBeirenis there a known working tut to enable bonding in 12.04?12:55
zuljamespage:  hey half the sqlalchemy patch that we are carrying i pushed upstream12:57
smoserhallyn, around ?13:01
Rapid2214DenBeiren, I've been spending all morning on that - What do you need?13:02
smoserhallyn, http://paste.ubuntu.com/5962517/ is my rework of lxc-ubuntu-cloud to support clone13:04
smoserbut i dont think clone is calling my lxc.clone.hook13:04
smoserstgraber, maybe ?13:08
qman__xerxas, I don't know if apport has that sort of feature, but you could write your own script which uses inotify to watch apport's log directory and sends you an email when a new file is created13:09
xerxasqman__: right, thanks. I think apport or whoopsie (don't know which one) , should have this sort a feature ... ;)13:10
hplcis it possible to get a more server-like interface?, somewhat a server console where i can control and configure common server software?13:16
Rapid2214hplc, a command line, what do you have at the moment?13:18
hallynsmoser: sorry, i'm here13:18
hplcRapid2214: a base ubuntu server install with gnome running on top of it13:18
Rapid2214hplc, just open terminal or use SSHD to connect to a terminal session remotely13:19
Rapid2214<3 CLI13:19
hplcbut kinda want the "classical" gui interface, where ftp cifs rsync and such is gatheresd13:19
smoserhallyn, you see that ?13:19
smoserit just doesn't seem to invoke me on clone13:19
hplcwell CLI console would do too for that matter13:20
hallynsmoser: I think it'd be better to just ship a standard clone hook in /usr/share/lxc/hooks13:20
hallynrather than have the template write it out13:20
Rapid2214hplc, not sure what you mean about a classic gui, terminal is the best imo13:21
smoserok. i didn't know of /usr/share/lxc/hooks.13:21
smoseri'm ok with that.13:21
smoserbut its not getting called anyway :)13:21
hallynstill looking13:21
hallynsmoser: which lxc version are you running?13:21
stgraberhallyn: not sure if you saw sarnold's comment on the MIR bug, anyway, I'll take care of getting LXC to build with the right hardening flags (not sure why it's not already the case ...)13:22
hallynstgraber: I did see it.  I won't be ENTIRELY surprised if something breaks with those flags13:22
hallyn(i.e. some clone bits)13:22
hallynbut hopefully it just works13:22
* hallyn wishes add-apt-repository were installed byd efault in containers13:24
hallynsick of guessing the source package based on release :)13:24
smoserhallyn, ppa from yesterday13:25
hallynthanks, setting that up13:26
hplchmm CLI it is then, what ftp server to go for? its on the inside, wont ever get in touch with external net, just need to be fast to setup13:29
hallynsmoser: hm, ubuntu-cloud requires uuidgen, guess we should add that to Depends13:30
pimpfhave a question on how to install varnish on ubuntu13:33
pimpfi follow a tutorial and in this he write up "Create the file http://repo.varnish-cache.org/ubuntu/ precise varnish-3.0 and put the following in it:"13:34
pimpfwhat means this? and who i have to upload the "file" ???13:34
lotiapimpf: that is a repo definition. It should be put in a file in /etc/apt/sources.list.d13:35
lotiashould be named something like varnish.list13:35
hallynsmoser: it runs for me.  at least at lxc-clone -o c1 -n c2.13:36
hallyni cut-pasted your hookfile contents to /usr/share/lxc/hooks/cloud, and added lxc.hook.clone = /usr/share/lxc/hooks/cloud to c1's config13:36
hallynnow you're also wanting to run the hook at lxc-create.  that's a semantic stretch that i don't really like...13:37
pimpfthx lotia13:37
hallynsmoser: doh!  you have 'lxc.hook.mount' , not 'lxc.hook.clone'13:38
rbasakzul: http://www.theregister.co.uk/2013/08/08/google_backs_mariadb/ - how's the mysql alternatives blueprint going?13:41
zulrbasak:  waiting for debian13:42
zulSpamapS: ^^^13:42
DenBeirenRapid2214: it's been a while since i last played with bonding,.. i remember that i didn't get it to work :-)13:42
DenBeireni'd like the two nice to work together to double the throughput13:42
hplcisnt it carp thats supposed to handle nic fallback/failover?13:43
rbasakzul, SpamapS: do you think we'll have it done for Saucy? Assuming that Oracle don't address the pain points we summarised at the UDS, I don't want to see the door closed for switching to mariadb in main for T.13:43
zulrbasak:  totally13:44
zulrbasak:  im not sure done though since mysql mailing lists on debian are filled with spam13:45
=== medberry_ is now known as med_
jamespagezul, https://code.launchpad.net/~james-page/heat/redux/+merge/17919714:00
Rapid2214Quick question, if I have installed a package using dpkg -i package.deb, will aptitude upgrade it when it has an update? I am guessing so? (Needed to install some networking packages from virtual iLO floppy)14:04
jamespagezul, we probably want to push a snapshot asap-ish so we can drop quantumclient in full14:04
jamespageRapid2214, yes14:04
zuljamespage:  reading14:05
zuljamespage:  +1 you have restored my faith in humanity and my sanity14:06
Rapid2214Thanks James14:07
zuljamespage:  if you want to upload a snapshot for heat that would be cool with me just make sure you do python setup.py sdist14:17
jamespagezul, yeah - just done one14:18
jamespagewill upload shortly14:18
zuland then i can stop cursing14:18
koolhead17alex88, hola14:20
alex88koolhead17: oh hi man :)14:21
koolhead17am gud you tell me?14:21
alex88yeah I'm fine man, tons of work due some near milestones :D14:21
alex88have to be fast  :D14:21
jamespagezul, uploaded14:31
zuljamespage:  cool dont forget about the CA14:31
jamespagezul, yeah - I'll let it pass the autopkgtests first tho!14:31
zuljamespage:  ack14:34
smoserhallyn, ok. so that was me being wrong there.14:39
smoserbut it exposed and issue i think14:39
smoserthe clone hook is specified in the config as /var/lib/lxc/precise-amd64-source/config14:40
jamespagezul, blimey - tests failed14:40
* jamespage sighs14:40
jamespagezul, I'll limit the concurrency and try again14:40
zuljamespage:  im not really surprised14:40
smoserbut when 'clone' happens, the replace of 'old-root' to 'new-root' has already occurred, so it says14:40
smosersh: 1: /var/lib/lxc/ephem2/ubuntu-cloud-clone-hook: not found14:40
jamespagezul, I've seen similar issues with other projects14:40
jamespagehigh levels of concurrency seem to bork things up14:40
zuljamespage:  ah yes14:40
zulrbasak:  ping14:41
smoserhallyn, i think its reasonable for a hook to be in the directory for the container, and that seems impossible here.14:41
derrikwhats the best linux administrator book?14:44
hallynsmoser: I put the hook in /var/lib/lxc/c1/ and called it from there, still works14:45
hallynsmoser: does /var/lib/lxc/ephem2/ubuntu-cloud-clone-hook in fact exist?14:46
smoserhallyn, http://paste.ubuntu.com/5962884/15:00
hallynwill look in a bit, lemme <scribble> finish this other thing15:01
smoserhallyn, other thing...15:11
smosername=ephem1 section=lxc hooktype=clone rootfs_mount=/usr/lib/x86_64-linux-gnu/lxc rootfs_path=overlayfs:/var/lib/lxc/precise-amd64-source/rootfs:/var/lib/lxc/ephem1/delta015:11
smoserthose are the args i get passed to my clone hook15:11
smosererr... args and environment variables15:11
smoseri dont find 'rootfs_mount' or 'rootfs_path' terribly useful in that state.15:11
smoseri can surely fiture out how to parse 'overlafs:....:' (which actually breaks if there is a ':' anywhere in the persons path), but it seems silly for me to do that.15:12
hallynsmoser: oh, copying the hook is not done by default, you have to say '-H'.15:15
hallynmaybe that's silly15:15
hallynbut it doesn't try to guess based on pathanme what you wanted,15:15
hallyn(which would get very complicated and fragile),15:15
hallynso if you're using /usr/share/lxc/hooks/cloud-clone, and you said lxc-cloen -H, then it would copy cloud-clone into your container dir15:16
jamespagezul, OK - heat passed the dep8 tests now15:16
smoserhallyn, i'm saying i can copy it.15:16
smoserbut it should'nt lie to me and change it.15:16
smoserthe config i said to clone said that the hook was '/var/lib/lxc/precise-amd64-source/ubuntu-cloud-clone-hook'15:17
smoserbut lxc decided it should run a completely different program15:17
smoser /var/lib/lxc/ephem1/ubuntu-cloud-clone-hook:15:17
smoserthat seems arbitrary.15:17
hallyni thought i just got rid of that yesterday actually15:17
zuljamespage:  just got the email15:18
zuljamespage:  \o/15:18
* jamespage dances around a bit15:18
smoserhallyn, ok. so for rootfs_path=overlayfs:/var/lib/lxc/precise-amd64-source/rootfs:/var/lib/lxc/ephem1/delta015:18
smosercould you give me something more useful as the 'LXC_ROOTFS_PATH'15:18
smoserand what is LXC_ROOTFS_MOUNT15:19
hallynsmoser: i do.  use rootfs-mount15:19
hallynrootfs-mount is where the path gets mounted15:19
smoserthat is less useful15:19
smoser /usr/lib/x86_64-linux-gnu/lxc15:20
hallynit's where you can update your rootfs15:20
hallynhave the hook do an ls of that.  it certainly should be.15:20
hallyngets mounted at lxccontainer.c:181315:21
zuljamespage/roaksoax: https://code.launchpad.net/~zulcss/nova/nova-tests-refresh/+merge/17921515:24
smoser❭ sudo lxc-clone -B overlayfs -o precise-amd64-source -s -n ephem115:24
smoseryou're telling me that /usr/lib/x86_64-linux-gnu/lxc is my root directory ?15:25
jamespagezul, I'm going to have to backport python-boto as well to support heat in the CA15:25
stgraberhallyn: I fixed the lxc packaging branch (again) :)15:25
hallynsmoser: whiel you're running the clone hook, yes15:25
hallynstgraber: ?15:25
stgraberhallyn: ubuntu:lxc was 6 uploads behind the archive15:25
hallynhow?  noone's been updating it by hand have they (we/me)?15:25
zuljamespage:  ack15:25
zulwasnt it already thre?15:25
smoserhallyn, ok.  you were right.15:26
smoseris that racy ? or am i in some alternative namespace15:26
jamespagezul: http://people.canonical.com/~jamespage/ca/havana/15:27
jamespagezul, no - I was slightly surprised as well!15:27
zuljamespage:  +115:28
zuljamespage:  we should be ok for autopkgtests for openstack now should we? no surprises right15:29
hallynsmoser: does that suffice then?15:29
smoserhallyn, it would seem to, but is that racy ?15:29
hallynsounds like i'll need to update the lxc.conf manpage15:29
smoseror am i in an alternative namespace15:29
smoser(and yes, those variable names are wierd too)15:29
hallynyo'ure in a separate namespace so that the mount will get cleaned up15:29
hallyni didn't come up with them :)15:30
smosersince 'rootfs_path' is not the "root filesystem path"15:30
hallynit's the root filesystem src i suppose15:30
hallyncan be a directory, blockdev, or now more complicated blobs15:30
hallyni'm not sure we can safely change that now without impacting existing users15:31
hallyn'lxc.rootfs' has menat what it means since 2007 or so15:31
smoseri dont care. but at least you shooud update the man page to explain them better it hink15:31
smoserexmamples would help also15:31
jamespageyolanda, not sure I understand your question re emails+MIR?15:33
Davieyjamespage: solved.. ~ubuntu-server needed to be added as a bug subscriber for a MIR package15:34
jamespageDaviey, ack15:34
jamespagedoes that mean squid3 is now unblocked?15:35
Davieyjamespage: almost..15:35
hallynsmoser: marked todo15:36
stgraberhallyn: sure enough, turning on the hardening flags makes LXC ftbfs :)15:39
stgraberhallyn: warning: the use of `mktemp' is dangerous, better use `mkstemp' or `mkdtemp'15:39
hallynstgraber: can you pb a list of all the warnings and i can address them this afternoon?15:40
stgraberhallyn: well, actually that one warning is a false positive as we use mktemp to get a random name and not to get filename we'd then open15:41
stgraberhallyn: so I need to figure out how to override this one :)15:41
hallynexcellent then i can whip up the unprivileged nic use for lxc program instead!15:43
hallynthough i really need to go through the coverity warnings at some point15:43
hallynsome of the new ones were valid15:43
stgraberhallyn: gah, there's apparently no way to override a linker warning? ...15:44
hallynkees: ^ what burnt offerings to we throw the linker's way to appease it?15:45
hallyniow we don't want mkstemp or mkdtemp bc we dont' want a file/dir created15:46
stgraberhallyn: I think I'll just cheat and copy the gettemp function from bionic and use that instead of mktemp ;)16:02
hallynsecurity misfire16:02
stgraberwell, I'l also drop anything that deals with files in there as we clearly don't care about that16:02
=== Ursinha-afk is now known as Ursinha
sarnoldstgraber: heh, thanks for silencing that mktemp warning, too. :)16:27
stgrabersarnold: well, it looks like it's causing a FTBFS so I don't really have a choice ;) though it actually seems odd for that warning to be the cause of the ftbfs.16:31
stgrabersarnold: https://launchpadlibrarian.net/147098836/buildlog_ubuntu-saucy-amd64.lxc_0.9.0-0ubuntu19~ppa1~saucy1_FAILEDTOBUILD.txt.gz thoughts?16:31
jamespagerbasak, did you notice that there is a mysql-5.5 update stuck in proposed?16:32
sarnoldstgraber: ow! that seems needlessly draconian. :)16:33
sarnoldstgraber: granted, this may be the one safe use of mktemp() left :) but .. ouch.16:34
stgraberso I'll take a look at this tomorrow (EOD here and got to leave), I think the right way to fix that is to create a mkifname function which essentially does the same as mktemp but for interface names, so takes a template, replaces X by a random char, then check that /sys/class/net/<name> doesn't exist16:37
roaksoaxDaviey: if you have the chance, could you review 'dlm' from the new queue? It is an entirely new package that I need in the archive. Debian doesn't have it yet cause I need to forward the packaging16:37
stgraberit's going to be racy but there's no way around that and it's already going to be much better than our current mktemp (and won't trigger the warning)16:37
roaksoaxand till it hits the debian archives can take foreever16:37
sarnoldstgraber: have a good night :)16:38
Davieyroaksoax: not right now.. but tomorrow i can.16:45
roaksoaxDaviey: works for me :). Thanks!16:45
rbasakjamespage: no16:52
* rbasak looks16:52
rbasakjamespage: I'm not sure what's going on there. I can't find the Jenkins failure log.16:53
jamespagerbasak, I can even start mysql from proposed right now16:54
rbasakjamespage: http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html16:54
rbasakjamespage: it says one Jenkins job failed and another is running16:54
rbasakjamespage: I'll look at it tomorrow if nobody else does by then.16:59
jamespagerbasak, thanks much appreicated16:59
peteywould a 500 internal server error be from going through bandwidth?17:26
patdk-wka 500 error is *very specific*17:27
patdk-wkno responce from cgi17:27
peteyah okay17:28
peteyserver overload?17:28
peteycould it possibly be a server overload, not enough memory or CPU ?17:29
SpinningWheelsi tried this rm -R folder[1-10] intending to delete folders folder1 ... folder 10, it says cannot remove folder[1-10]17:41
sarnoldSpinningWheels: the shell won't turn [1-10] into 1, 2, 3, ...17:43
hggdhhum. bug 1160490 seems to be interesting17:43
uvirtbotLaunchpad bug 1160490 in ifupdown "race condition updating statefile" [Undecided,Confirmed] https://launchpad.net/bugs/116049017:43
SpinningWheelshttp://www.codecoffee.com/tipsforlinux/articles/26-1.html ?17:43
sarnoldSpinningWheels: you could either run: for i in `seq 1 10` ; do rm -R folder${i} ; done   or you could run: rm -R folder10 folder[123456789]   -- at least I think that second one would work17:44
=== p0wp0w is now known as p0wp0w|AWAY
=== p0wp0w|AWAY is now known as p0wp0w
=== p0wp0w is now known as p0wp0w|AWAY
=== p0wp0w|AWAY is now known as p0wp0w
qman__you could also do rm -R folder[1-9] folder1017:51
SpinningWheelslol. my range isnt actually 1-10, that was for example. the for i in seq works fine :)17:52
qman__the point is, the regex you selected is a character match, not a counter17:52
SpinningWheelsyeah i see what i did now.17:52
qman__so it only applies to one digit at a time17:52
jefgymy root device is /dev/md5.  it's defined in fstab as /dev/md5.  I'm receiving a warning when I run update-intiramfs "cryptsetup: WARNING: failed to detect canonical device of /dev/md5"  should I be referencing the uuid for md5 instead of the device itself? I.E.  $ blkid /dev/md5  /dev/md5: UUID="5d79c9fb-b720-4895-b48a-4404b1ec9358" TYPE="ext4"18:22
smosertell me what you think of that.18:22
smoseri've not actually tested all the way though yet.18:22
SpamapSrbasak, zul: Don't wait for _ME_ to do anything for MariaDB. Join the debian packaging team and review the packages Otto K has already produced and help us get them uploaded.18:47
SpamapSrbasak, zul: I barely have time to upload security fixes.18:47
qman__jefgy, yes, you should use UUIDs for all drives in fstab, as the device names change depending on order of disk detection and other conditions in udev18:54
qman__you can't count on the device nodes being the same between boots18:54
SpamapSqman__: another option is filesystem labels19:11
SpamapSwhich gives you a way to move root filesystems without changing /etc/fstab19:11
hallynsmoser: sorry, looking19:49
smoserhallyn, great.19:54
smoseri will try to build a ubuntu package and instlal and see how it goes.19:54
hallynsmoser: you have 'return 1' from clone()...  that 1 doesn't actually do anything right?20:08
LargePrimehi all20:37
LargePrimeI have an ssh user i want to give sudo to20:37
LargePrimewhat do i need to know20:37
* hallyn going out for a walk, intend to be on a lot tonight - \o20:55
LargePrimesee ya20:56
LargePrimeo /20:56
LargePrimeok was using visudo and lost connection21:01
LargePrimenow visudo is busy21:01
LargePrimehow do i kill it21:01
Rapid2214killall <command>21:04
LargePrimeso "killall visudo" ?21:07
LargePrimeRapid2214:  how do i know the process name21:08
qman__LargePrime, lsof | grep /etc/sudoers21:09
qman__unless it names it something else21:09
qman__that works but you can also kill the editor process21:12
qman__visudo copies /etc/sudoers to a sudoers.tmp file, and then opens that with editor (a symlink to your default editor)21:13
qman__once that editor process ends, it determines what to do21:13
qman__if you save and the file validates, it copies over sudoers21:13
qman__if not, it just deletes the tmp file21:13
LargePrimeThanks qman__  and Rapid221421:16
LargePrimeI am doing this21:16
LargePrimeto enable sudo over ssh with keys21:16
LargePrimebut it is not workig21:17
qman__seems a little too complicated, what's your use case?21:36
qman__for example, I use backuppc to back up my systems, and it needs an unprivileged user with sudo access over SSH to cooy all files, so I add a line to sudoers that allows it to use the one specific command it needs without a password21:37
patdk-wkgod helps if someone gets qman's backuppc user account :)21:43
patdk-wkin my case, I do the oppisite21:43
patdk-wkuser logs and sudo both require 2factor21:43
patdk-wkpublickey is ok to login, but not for sudo21:44
qman__that's true, but that's why it has no password and a key21:45
qman__I trust that key to be pretty strong and well guarded21:46
patdk-wkI don't21:48
patdk-wkI trust it is as well guarded as their password21:48
patdk-wknot at all21:48
sarnolda backup key is different than a human-controlled key21:50
sarnoldhow does your bacula connect to other hosts? :)21:51
patdk-wksarnold, depends on how well the server that has the backup key is controlled21:52
patdk-wkopen access to the internet? or via proxy21:52
patdk-wkjust have habbits, and those habbits go as wide as possible, with rare exceptions21:53
blkperlwhere can I find ubuntu cloud images in QCOW2 format>22:01
sarnoldblkperl: qemu-img convert  may be able to help you22:02
blkperlthe ubunto cloud image website is really good at redirecting to itself :S22:02
LargePrimeqman__: I just need to give a ssh user sudo22:03
LargePrimeAnd i have passwords disabled22:03
LargePrimeand I am a total noob22:03
LargePrimeDo i just need to give him the sudo password22:03
LargePrimeor can i have him auth vs his key22:04
LargePrimeor perhaps i should ask, WTF should i be doing?22:04
sarnoldhehe :)22:04
sarnoldLargePrime: sudo normally uses their user password, from /etc/shadow. you can configure sshd to require publickey for login and not allow passwords (no point to the brute-force ssh login attempts..)22:05
sarnoldLargePrime: but the user can still have a password that is used for sudo22:05
LargePrimethat is what i have.  no pass auth22:05
LargePrimeand how do i set that password for sudo22:05
blkperlby giving the user a password22:06
blkperlas long as password auth is disabled they won't be able to use to login22:06
LargePrimeok then22:06
sarnoldif the user does not yet has a password, "sudo passwd <username>"22:06
LargePrimebut CAN i configure it to use a key22:06
LargePrimeand would that be a seperate key22:07
sarnoldLargePrime: hrm. I don't see any packages matching my keyword guesses for that, not quite like the webpage you found..22:09
LargePrimeok so that worked22:14
LargePrimethanks sarnold22:16
sarnoldLargePrime: cool :)22:17
LargePrimedont have key auth22:18
LargePrimebut i can go forward22:18
LargePrimeI want you all to kow that I really appreciate your vollenterring22:18
LargePrimeand that you don't make fun of my spelling22:19
sarnoldLargePrime :D woot22:20
qman__patdk-wk, it's my key, stored on my server, no one else has access to it22:29
qman__except maybe NSA spooks, but you know22:29
frezewhere do you all store your sites? /usr/share/nginx/site.com is that a good folder with rwxr-xr-x (751) permissions?22:30
qman__point being, if they can manage to steal that key, they can manage to get in anyway22:30
qman__I trust it to be strong enough that brute force is not feasible22:30
sarnoldfreze: (a) use whatever works for you (b) i'd put them in /var/www/ or /srv/www ... I like /usr to be completely controlled by the distribution22:31
sarnoldfreze: granted, /usr/local/ isn't under control of the distribution, but those are pretty rare for me anyway22:32
qman__agree, I don't touch anything in /usr except /usr/local22:32
qman__for servers with sites that are all managed by me, I put them in /var/www/sitename22:32
qman__for servers with user-managed sites, I usually have a homedir based setup22:33
frezeqman_ every user gets a directory in /home/ for sites ?22:33
qman__they can, depends on how you set it up22:34
frezeGot it. What do you mean by /usr is completely controlled by the distribution?22:35
qman__if you start changing files around in /usr, you might get your changes overwritten by software packages / updates22:35
qman__because the package manager assumes that (most) everything in there is part of a package22:35
qman__with the notable exception of /usr/local which is generally left for you to mess with (but not always, some packages still do stuff there)22:36
zerick Is it possible to resize, create partitions on hot ?22:52
sarnoldzerick: investigate lvm, it may do what you want22:53
failmasterzerick, define "on hot"22:55
zerickfailmaster, alive maybe ?22:57
failmasterzerick, they become alive technically after they were recognized by bios22:58
frezeis 25MB memory for aplain system sound about right?23:04
zerickfailmaster, well, I was refering doing it while the system is UP23:04
zericknot using a live-cd23:04
sarnoldfreze: 25M feels awfully tiny. why so small?23:05
failmasterzerick, btrfs is a nice suggestion for that case, but i'm not familiar with it mostly because i prefer the very stable things in general terms, like ext23:05
failmasterbroken fs is a bigger problem rather than unstable software from my subjective point of view23:06
frezesarnold: I have nothing but the default installation running23:06
zerickfailmaster, isn't Ubuntu porting that on a future as the main fs ?23:06
failmasterzerick, sometimes it is a good idea to "draw the whole picture" for community, maybe there are another ways to achieve the end goals, who knows23:07
failmasterzerick, maybe, but again, i personally don't trust that much to such statements "it was ported as main == it's stable enough for sure"23:09
failmasterthat's just me anyways23:09
zerickfailmaster, well, I heard that a long time before, that Ubuntu, well, Canonical, was investing on it23:10
qman__zerick, it's possible depending on the filesystem23:10
qman__with ext[234] you can expand but not shrink while mounted23:10
failmasterzerick, they also were investing in unity and all that stuff i consider totally pointless, but again, it's just me =)23:16
frezedoes this make sense: * 10800 IN CNAME @    I want all the subdomains to point to my a record23:23
freze@ 10800 IN A
Patrickdkfreze, sure, but that won't do that23:25
frezePatrickdk: the CNAME wont work? I'm following and that's how they have it setup which confused me, because I didn't think you could have at @ symbol for the address in * 10800 IN CNAME @23:28
Patrickdkoh, no, the cname will *work*23:28
Patrickdkbut it will have other side effects23:28
frezeWill it point all subdomains to the domain, which will then route to the IP specified in the A record23:29
Patrickdkdepends on the dns server23:30
Patrickdka cname redirects ALL lookups, not just A23:30
Patrickdkso it will also redirect NS, MX, ....23:30
qman__wildcard DNS causes a lot of issues in general, and I recommend against it23:31
qman__makes troubleshooting in particular rather difficult23:31
frezeI just want all subdomains to point to my domain. Is the better way to do it this:  * 10800 IN CNAME mydomain.com23:35
frezewould that prevent NS,MX redirection..23:35
arooni-mobile__how can i upgrade my ubuntu 10.04 LTS to 12.04 LTS?23:37
qman__NS and MX records are defined in the SOA nameserver23:37
qman__the only way to redirect or change them is to intercept DNS and specify changes, which you as the site owner have no control over regardless23:37
qman__arooni-mobile__, sudo apt-get update; sudo apt-get dist-upgrade; sudo do-release-upgrade23:38
qman__the latter does the actual release upgrade, but you should update your 10.04 first23:39
qman__freze, a better question is, why do you want to do this? I can't think of any task or situation where wildcard DNS is a good idea23:42
=== Ursinha is now known as Ursinha-afk
arooni-mobile__how long does that take23:45
arooni-mobile__i'm having trouble with DNS resolution.  theres nothing in /etc/resolv.conf23:45
arooni-mobile__i tried adding to /etc/network/interfaces '    dns-nameservers'  ... but i'm getting no name resolution23:45
frezeqman__ I guess that is a good point. Since the main website is: example.com I thought it would be good for users who type www.example.com or by accident wwww.example.com to be redirected to example.com23:45
sarnoldarooni-mobile__: that'll only change /etc/resolv.conf when interfaces come up or down. change /etc/resolv.conf directly ..23:46
qman__freze, in my opinion it would be better to simply create a www cname, and set up your web server to redirect to the main site23:46
sarnoldfreze: URL rewriting or redirects would be far better..23:46
frezehow about a permanent redirect fro www -> example.com23:47
frezefrom www.example.com23:47
arooni-mobile__sarnold, but on a restart or something wont that go away?23:47
sarnoldarooni-mobile__: sure, but you can fight that later :)23:47
arooni-mobile__sarnold, ok i got it working now by editing resolv.conf;  should my addition to /network/interfaces work on restart?23:48
sarnoldfreze: http://en.wikipedia.org/wiki/HTTP_30123:48
sarnoldarooni-mobile__: probably, yes23:49
frezesarnold: yeah that looks like the best option instead of having the webserver handle the redirection. I'll do it from the dns page23:50
=== Ursinha-afk is now known as Ursinha

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!