/srv/irclogs.ubuntu.com/2013/09/24/#ubuntu-server.txt

=== freeflying is now known as freeflying_away
=== freeflying_away is now known as freeflying
delinquentmebest way to explicitly allow a python script to write image files into a directory?02:59
delinquentmeshould I be giving the user executing the python files chown of the script and the dir?02:59
=== freeflying is now known as freeflying_away
=== freeflying_away is now known as freeflying
gartralhey all, I've been fighting with some remote service issues and I can't get my SSH keys to be used, every time I push/change a key, log out and back in in, the server is asking for a password even though i know for a fact a valid key exists on both the server and my desktop04:59
gartralthis happens even when I do a raw SSH connection05:00
gartralresno: that depends on your needs and your funds. how worried are you about data security?05:01
=== peter is now known as Guest60662
kevireillyHola. I am migrating a couple sites from a cPanel server to an ubuntu server and I need to setup email accounts for each domain. I don't have to make it super easy to maintain or anything, but is anyone aware of any guides or anything specific to look for on this subject?06:33
=== caribou_ is now known as caribou
=== smb` is now known as smb
kevireillyI am able to telnet localhost 25 but I am not able to telnet domain.com 25 from my local computer. I've checked the firewall (iptables) and it appears to be appropriate. Even without any rules defined I find the same result. Trying to figure out what else might be at play08:16
kevireillyany random stabs in the dark?08:16
kevireillyIt seems I am able to send mail out, but still unable to confirm that a response can be received back08:17
kevireillyah, my ISP is blocking port 2508:23
kevireillyand the return email has been received.. delicious08:23
ivoksdoes anyone has any experience with eurephia plugin for openvpn? :)08:31
HSakaHello, I've instaled mkfs.xfs on my raid, and I'm reciviing this message : http://pastebin.com/rVWnpwwN08:43
HSakaWhat can I do to fix the problem?08:43
=== freeflying is now known as freeflying_away
psivaahallyn: is there any plan to fix bug 1207675, causing smoke failure on saucy server..09:30
psivaahttp://reports.qa.ubuntu.com/smokeng/saucy/server/4419/lxc/429415/09:30
uvirtbotLaunchpad bug 1207675 in ubuntu-test-cases "test_lxc_api test fails during container creation " [Undecided,New] https://launchpad.net/bugs/120767509:30
=== freeflying_away is now known as freeflying
=== aqwxcv is now known as T4h
litsandhello,I want to search all the file with attr ---i----,but  find command seems could not do that.11:02
litsandmy server has been hacked.and I found some file with the attr --i----.so I want to search all the file .11:04
Slinglitsand: you mean the immutable bit?11:05
litsandyes.11:05
Ben64if your server has been hacked, you should wipe it and reinstall11:05
Ben64theres no sure way to tell if you got rid of all the stuff11:06
Slingyou could just navigate to the root of the directory structure you want to search and use lsattr -R | grep "-i-"11:06
Slingas a quick hack11:06
SlingBen64: thats not really an option usually :)11:06
Ben64it should be11:06
Slingalso you don't know what security measures are in place11:06
Ben64apparently not enough11:06
Slingfor example I use chrooted webfolders for shared servers11:06
Slingsingle site gets hacked due to an old CMS or guessed/leaked password, only 1 site is compromised11:07
Slingno need to reinstall the server due to that11:07
ikoniayes there is11:07
Ben64if they got root who knows what they could have done11:07
ikoniaas you don't know what the exploit has done11:07
Slingof course you will need to do additional checks, have some form of intrusion detection system, external logging11:07
ikoniait is the only way to have confidence11:07
ikoniayou can't "check" after the exploit11:07
Slingyes you can11:08
Slingits called forensics11:08
Ben64what if they modified executables11:08
ikoniaI'm sorry but I disagree as the tools you use are not to be trusted11:08
litsandSling thanks.thanks all~11:08
Slingwho says you use tools on that system11:08
Slingdon't assume so much :)11:08
Slingand Ben64, they didn't get root in that case11:08
ikoniayou have to be realistic abou tit11:08
ikoniayou're not going to start pulling disks out of other machines11:08
Slingmost 'hacks' are not due to root access being compromised11:08
Slingbut due to FTP accounts being compromised11:09
Slingdepends on the situation of course, but from my experience with shared hosting setups11:09
Ben64assuming best case scenario is asking for trouble11:09
ikoniayou don't know though11:09
ikoniayou can't assume they didn't get root11:09
ikoniaor they didn't do something11:09
Sling..11:10
ikoniait's all "guess" or "hope" the only way is to do a clean install or as you say move the data to another machine and check it properly11:10
Slingdid you read what I wrote?11:10
Slingexternal logging, forensics11:10
Ben64the time it would take to go through every file and make sure its ok, you could have reinstalled everything already11:10
Slingalso, there is selinux/grsecurity and mounting system files readonly, etc11:10
ikonianot on ubuntu11:10
Slingyou don't need to go trough every file11:10
Slingikonia: what not on ubuntu?11:11
ikoniaselinux by default11:11
Slingno, not by default11:11
litsand^ ^.I think it is a hard way to clean a hacked server.But there is also a way to do it.It depends on your skills.11:11
uvirtbotlitsand: Error: "^.I" is not a valid command.11:11
ikoniayou'd need to set that up - which doing so post copromise seems invalid11:11
Slingbut a default install is not what you use in a hardened production environment11:11
Slingif you do use the default, then sure reinstall11:11
Slingand of course you dont do that post hack, obviously11:11
Ben64and you say i'm assuming too much...11:11
ikoniapretty much everyone who says "I've been hacked" in this channels is due to using defaults11:11
Slingperhaps im not used to the ubuntu level of sysadmins :)11:12
ikoniaSling: yes, you'll find the people who know what they are doing/don't use defaults are not in a channel asking "I'm hacked what do I do"11:12
litsandall right.thanks for your help.I got what i want.11:14
=== Guest4285 is now known as Lartza
aandyhi guys, i've used BIND (named) and dnsmasq for a while now, and i'm contemplating setting up a nameserver for a new domain i've purchased. no question i can set it up with BIND, but i'm wondering if others have (good) experience with another name server soft?12:08
ikoniaaandy: the "internet" uses bind....for a reason12:19
aandye.g. that it managed large zones ;)12:20
andolaandy: There are some people who prefer PowerDNS, since it allows them to user other backends than flat files.12:21
aandyandol: ah, hadn't heard of powerdns. i'll check it out, thanks12:22
andolaandy: But most important, do you know why you want to run your own authorative DNS servers, instead of just going with a DNS hosting provider? There are some good reasons to run your own DNS, but it does require a bit of an effort to get it good enough that you actually benefit from it.12:23
andolaandy: Of course, learning can itself be a good enough reason :)12:24
aandyandol: yes, i'm aware. i'll might need an "easier" way to administrate subdomains. i also might not, but either way i'd like to give it a go :) so yeah, learning is a big part of it12:31
aandyi've run some reverse dns zones before, and two domain zones (both in bind), i just wanted to check if there were alternatives - not because bind sucks ;)12:32
andolaandy: Fair enough. Just throught that last comment out there since you never know with random people on IRC, and because I have definetly seen people who shouldn't run their own DNS do so.12:34
aandyandol: hehe, duely noted, and i appreciate your concern. depending on how this project pans out, we might not even need it. but we probably will12:39
=== s is now known as Guest72408
jamespageadam_g, how much have you tested the havana support across the charms? hitting a context call ordering issue with neutron13:09
jamespageneutron < nova and neutron packages get called in the nova context....13:09
jamespage(nova-compute charm)13:09
zuljamespage: new novaclient coming down the pipe13:12
jamespagezul, great13:12
hallynpsivaa: oh, hm.  please do mark those as also affecting lxc, else i don't find them.13:12
hallynNot obvious from the report what is actually failing, will have to reproduce13:12
psivaahallyn: ok, ill mark it as affecting lvm13:15
psivaa*lxc13:15
zuljamespage: btw i got the glance tests working again on friday so i can melt your laptop for you13:15
zuljamespage/roaksoax: https://code.launchpad.net/~zulcss/python-novaclient/2.15.0/+merge/18723313:18
resnofor people with servers in a datacenter, do you do backups onsite? off site? and where do you handle montiroing?13:34
ikoniadepends on many things, it's part of estate planning13:37
zuljamespage/roaksoax: https://code.launchpad.net/~zulcss/keystone/oauth-refresh/+merge/18723913:46
jamespageadam_g, urgh - I'm getting lost in how the quantum/neutron stuff works in nova-compute13:56
=== freeflying is now known as freeflying_away
hallynpsivaa: remind me, is the utah testsuite only run on saucy?14:23
psivaahallyn: no, as a host raring, precise also work14:24
psivaahallyn: i mean utah can be installed and run on raring as well and our test servers are precise machines14:26
hallynpsivaa: test servers are precise, but they run the tests on saucy vms don't they?14:26
psivaahallyn: right14:27
=== hatch_ is now known as hatch
ihreI've mounted the backuppc pool on a seperate raid1 disk, yet it seems that space used on /var/lib/backuppc is also being count on the actual /var partition: http://dpaste.com/1394441 Why is this happening, and how should I fix it?14:41
andolihre: the ncdu output you are wondering about?14:55
andolI mean, the df output looks like of as expected?14:56
ihreandol: well, after I've unmounted /var/lib/backuppc, df -h still shows 14G in use on /var, while ncdu reports ALOT less14:59
andolihre: Perhaps you really have 14G under /var, not counting /var/lib/backuppc?15:00
andolihre: That the problem being that ncdu isn't diplaying that for some reason. Also, instead of looking at /var from within you might get a truer result by looking at from the outside, like doing ncdu /var alt du /var.15:03
andolihre: Could possibly also being an issue with unlinked inodes still being kept alive due to some process still having a hold on them, that being reported differently by (nc)du vs. df15:04
psivaahallyn: i assume you've been able to reproduce the bug?15:05
ihreandol: I'm running du -hsx /var at the moment, i'll report it asap15:05
hallynpsivaa: a bug, yes.  just pushed a fix, now to test it :)15:05
psivaahallyn: ack, thanks :)15:05
ihreandol: du -hsx /var: 2.7G    /var/15:05
ihreandol: How can I check for unlinked inodes, then?15:06
andolNot sure what the best option is, but I've used lsof now and then to figure such things out.15:08
andolDepending on the machine in question you could always reboot of course :)15:08
ihresure, but this is the second time it is happening now15:10
hallynpsivaa: yeah that fixed the lxc_test_api which was the first failure I hit.  I'm going to mark it fix resolved in the bug, but if you hit another one pls do reopen.15:11
andolihre: In that case I don't know.15:11
psivaahallyn: ok, will do15:12
hallynthanks :)  ttyl15:12
* hallyn biab15:12
ihreandol: thanks anyway, i'll start digging into unlinked inodes then15:12
arosalessmoser, jamespage fyi I added caribou to a the meeting for a regular slot on "Server and Cloud bugs" that need some focus on, and aren't covered in the development section15:39
arosaleshttps://wiki.ubuntu.com/ServerTeam/Meeting updated15:40
jamespagearosales, ok15:40
linuxrHi all. I have a question related to the nice piece of software known as AppArmor. Is it somehow possible to list the apparmor rules for a process currently being active ?16:06
linuxr(I need to make sure that all my rules have been properly loaded)16:06
adam_gjamespage, the idea was that places where things had been named quantum-* (eg, config-get quantum_plugin , relation-get network_manager) would first query for the new neutron_* variation, then legacy quantujm_*16:08
jjohansenlinuxr: list what is in the kernel? No, they are compiled into a an atomata. Saucy's kernel has a new feature that exports a hash value for each profile, you can use a userspace tool to compare the userspace compile to what is in the kernel16:08
jamespageadam_g, getting my head around it slowly16:08
jamespage*its hard*16:08
jamespageadam_g, I just pushed a few more havana fixes for glance and cinder16:09
jamespagethe keyring for ceph was getting created with restricted permissions causing the daemons to stop16:09
linuxrjjohansen, who is saucy? :)16:13
jjohansenlinuxr: sorry saucy salamander is the development name of ubuntu 13.1016:14
linuxrah lol..okay jjohansen , thanks!16:14
zuladam_g: something weird with your merge request for troveclient16:15
adam_gjamespage, http://paste.ubuntu.com/6150766/ this should be what determines whether or not nova-compute is using quantum, neutron, or flatdhcp16:19
adam_gjamespage, _network_config() is basically just getting ['network_manager', 'neutron_plugin', 'quantum_plugin'] from the cloud-compute relation16:19
jamespageadam_g, gotcha16:20
jamespageadam_g, hitting a bug right now with havana16:20
jamespage/etc/neutron is not created by the time the charm tries to write neutron.conf16:21
adam_gjamespage, you got a paste by chance?16:23
ancasterHi. I'm in charge of techy stuff in a small university lab with several workstations. Authentication is done by NIS on our fileserver (10.04). If this server dies for whatever reason, no one can log in, obviously, but how do I go about making a local admin account (perhaps root) that CAN log in without NIS?16:28
ancasterI've setup a local user in /etc/passwd, but logging in with that user when the NIS server is down, just hangs16:29
Slingancaster: your /etc/nsswitch.conf file determines what authentication backends are used16:38
Slingwhat does it look like now?16:38
ancasterpasswd/group/shadow are all compat16:38
Slingno references to nis ?16:39
ancasterno.the last line in the workstations' /etc/passwd file is: +::::::16:39
ancasteri was under the impression that that signifies an NIS lookup16:40
Slingit does, but its not really the 'modern' way of configuring this ;)16:42
Slingit doesnt allow for shadow passwords, also it needs to query the NIS server every time a UID/GID is looked up16:42
ancasteri see16:43
Slingso you might want to investigate using nsswitch instead, which allows to you specify 'nis files' to try file-based authentication when nis is unavailable16:43
ancasterah, lovely.16:44
Slingor 'files nis' if you want to use file-based auth primarily, and use NIS for any accounts that aren't present in /etc/passwd16:44
ancasteryeah, i think that's how i'd like it to work.16:44
ancasterI was looking at the ubuntu wiki for help, but i guess it's misleading: https://help.ubuntu.com/community/SettingUpNISHowTo16:45
ancasterAs it talks about setting up the /etc/passwd file as we have16:45
Slingits outdated I reckon16:45
Slinghttp://tldp.org/HOWTO/NIS-HOWTO/settingup_client.html#AEN31316:46
ancasterAs a general rule do you normall go to tldp for up to date documentation?16:46
Slingno, this was just from googling16:46
Slingi usually just go to the project's own documentation site/wiki/whatever16:47
ancasterokay.16:47
ancasterthanks so much for your help.16:47
Slingno problem16:47
ccabreyHi all, I'm trying to configure a KVM bridge for a KVM host. The twist is that the primary interface I want to use a bridge with is a bond (802.3ad). I'm having trouble getting this to work and there seems to be a sparse amount of information on this topic online. Any thoughts?17:40
gartralhello all, i'm having an issue working with SSH keys, no matter what I've tried my desktop is always asking me for a password when SSHing out to another machine I have 4 machines that i really need ssh access too, one is for a private git18:17
gartrali'm to the point of nearly crying over why I cant f***ing ssh into any, ANY machine from my desktop18:17
sarnoldgartral: does ssh-add -l show your key added to the local keychain?18:19
gartralsarnold: yes18:19
sarnoldgartral: are permissions on your home directory, ~/.ssh/, ~/.ssh/* directories and files all correct on the servers you're trying to log in to? (sshd is very picky, group write access is not allowed...)18:20
gartralsarnold: yes, i ran chmod -R 600 ./.ssh on the server and my desktop18:22
sarnoldgartral: hrm, 600 isn't right either :) 700 for ~/.ssh, 644 for ~/.ssh/authorized_keys 600 or 400 for ~/.ssh/id_rsa...18:25
smoserutlemming, manjo had a qustion for you about our cloud images and arm.18:31
zuladam_g:  https://code.launchpad.net/~zulcss/python-novaclient/2.15.0/+merge/187233  https://code.launchpad.net/~zulcss/cinder/cinder-fix-ftbfs/+merge/187236 and https://code.launchpad.net/~zulcss/keystone/oauth-refresh/+merge/18723918:31
smoseri'm not sure ifyou can answer or not... wish rbasak was around.18:32
adam_gzul, ack18:32
adam_gzul, any luck with python-cliff?18:32
zuladam_g:  yeah just trying out now18:32
utlemmingmango: what's up?18:33
utlemmingmanjo: ^18:33
manjoutlemming, trying to use our armhf builds to boot on ARM using kvm/qmeu but I don't seem to be able to get a prompt ... followed the wiki & smoser 's blog18:33
manjoutlemming, ci images18:33
gartralsarnold: it's STILL asking for my damn password!18:33
manjoutlemming, so the Q is does our std build ci images work on arm ?18:33
utlemmingmanjo: it should....it defaults to the serial console though18:34
utlemmingmanjo: are you on bare metal?18:34
manjoutlemming, I set serial to stdout18:34
utlemmingmanjo: what is the device type that you're using?18:34
manjoutlemming, dev/kvm ?18:35
utlemmingmanjo: so this is kvm on arm?18:35
manjoyes that is correct18:36
manjoARM system using dev/kvm booting armhf ci images using qemu18:36
manjoutlemming, I used smoser 's instructions on wiki and his blog .. both seem to print some messages wrt to audio drivers and then no promt18:37
gartralwhy is something that used to be so freaking simple being such a pain now18:37
manjoso I get bunch of messages about ALSA etc ... and then nothing more18:37
utlemmingmanjo: can you file a bug with what you're seeing?18:37
adam_gzul, did anything come of that patch to avoid the oauth requirement?18:37
manjoutlemming, yep can do right away .. who would I assign that to ?18:37
utlemmingmanjo: me18:38
manjook great will do18:38
smosermanjo, you get the kernel to boot ?18:38
smosermanjo, get a kernel console log. boot with a serial device logging to a file.18:39
manjosmoser, I am guessing it is booting coz it prints some alsa messages .. which I am guessing comes from the kernel18:39
manjosmoser, ack18:39
manjosmoser, I did something like -serial stdio18:39
manjosmoser, so can I say -serial /tmp/foo ?18:40
smoser-serial file:serial.log18:41
manjosmoser, ack18:42
gartralsarnold: any other ideas?18:51
manjosmoser, -serial file:log does not have anything written to it18:51
sarnoldgartral: try ssh -v to see if there's helpful messages?18:51
smosermanjo, how are you running it ?18:52
manjoudo qemu-system-arm -machine vexpress-a15 -cpu cortex-a15 -enable-kvm -m 512M -kernel /boot/vmlinuz -append "console=ttyAMA0 earlyprintk=serial root=/dev/mmcblk0  ro rootfstype=ext4" -serial file:serial.log -initrd /boot/initrd.img -drive if=sd,cache=writeback,file=./disk.raw -net nic -net user,hostfwd=tcp::2223-:22 -display none18:52
gartralsarnold: I have hang on http://paste.ubuntu.com/6151087/18:53
manjosmoser, does that look sane ?18:54
smoserwell i would teel the kernel to write to ttyS018:56
smosernot ttyAMA018:56
smoserbut i really dont know anything.18:56
manjosmoser, cat /proc/cmdline18:56
manjoconsole=ttyAMA0 nosplash18:56
sarnoldgartral: are you sure your server supports DSA keys?18:57
gartralsarnold: I've tryied both rsa and dsa keys18:57
manjosmoser, does not make a diff with ttyS0 either18:57
gartralsarnold: and it isn't saying key refused, it's *JUST* giving me a password prompt, with keys that aren't passworded18:58
gartralsarnold: also, this is happening on ALL servers that i'm trying too connect to18:58
sarnoldgartral: do the servers log anything?18:58
smosermanjo, what ubuntu release is 'disk.raw' ?18:59
manjosaucy18:59
manjocurrent18:59
manjogenerated as per instructions on wiki page https://help.ubuntu.com/community/UEC/Images#ARM_Images19:00
manjosmoser, don't know why serial captures nothing either19:00
zuladam_g:  http://people.canonical.com/~chucks/ca/19:01
manjoutlemming, smoser so you are able to use std ci images on intel with kvm/qemu ?19:02
manjowith saucy is what I meant to ask19:02
adam_gzul, +119:03
adam_gzul, what was the review for the keystone patch that made extension's python deps optional?19:04
adam_gcan't seem to find it19:04
zuladam_g: gimme a sec19:04
smosermanjo, cloud images work fine on intel with kvm. yes.19:04
adam_gzul, wait19:04
adam_gzul, dont upload! :)19:04
smoserintel (amd64 or i386)19:04
zulkeystone?19:04
utlemmingmanjo: I have a mtg, but i'll look at this after19:04
adam_gzul, cliff19:05
adam_gzul, it just ftbfs in precise PPA19:05
utlemmingmanjo: if you can give me a few hours, I'll get you an answer19:05
manjook19:05
zuladam_g: yeah it needs to depend on a newer version of cmd219:05
zuljust noticed lemme fix this in saucy and then ill re-upload it to the ca19:05
=== kenneth is now known as Guest93406
izanagisanif I make a symlink to a file, can I edit it though FTP transparently?19:19
izanagisanthrough*19:19
sarnoldizanagisan: some ftp servers may chose to not follow symlinks.19:21
zulhallyn:  ping19:22
izanagisancrap. I just don't want to FTP directly to the config folder where this particular file is19:22
izanagisanit's caused hell in the recent past19:23
hallynzul: .19:25
zulhallyn:  if you specify a lxc.console = in your lxc config does the file get created for you when the container starts?19:25
hallynzul: no19:27
zulhallyn:  ok just double checking im doing the write thing here19:27
hallynmaybe19:28
hallynzul: yeah it creates it if it doesn't exist19:29
hallyn(actually, if it can't write to it)19:30
zulah cool19:30
zulone less step for me19:30
=== Ursinha is now known as Ursinha-afk
=== Ursinha-afk is now known as Ursinha
=== kenneth is now known as Guest80819
=== SJrX is now known as SJr
utlemmingmanjo: did you file a bug?20:35
utlemmingmanjo: I'm able totake a look at it now20:35
autojackanyone here have experience with cloud-init in EC2? I am trying to create a custom AMI based on the official Ubuntu Precise AMI. when I start up my new AMI, cloud-init does not seem to trigger. I want it to run, set up puppet and trigger a run. I'm creating the AMI  by launching an instance, letting cloud-init and then puppet run to configure it, and using the ec2-bundle-vol command.20:35
manjoutlemming, sorry got pulled into a call ... I will file asap and ping you20:36
=== mikal is now known as annegentle_proxy
=== annegentle_proxy is now known as mikal
=== ancaster is now known as NinjaCoder12
=== NinjaCoder12 is now known as acidburn
urthmoveris it possible to force a server to identify specific physical disks as specified /dev/sda /dev/sdb?  I have a system with 10 disks and I'd like 2 specific physical disks to be identified (which happen to be different make/models) as /dev/sda /dev/sdb21:26
urthmoverI realize after the disks are identifed I can use UUID....but right now I'm building software RAID arrays using mdadm....and having things "orderly" might help my sanity21:27
=== freeflying_away is now known as freeflying
patdk-wkurthmover, check out udev21:39
patdk-wkreally though, I wouldn't bother21:39
urthmoverok21:52
urthmoverthanks patdk-wk21:52
autojackanyone here have experience with cloud-init in EC2? I am trying to create a custom AMI based on the official Ubuntu Precise AMI. when I start up my new AMI, cloud-init does not seem to trigger. I want it to run, set up puppet and trigger a run. I'm creating the AMI  by launching an instance, letting cloud-init and then puppet run to configure it, and using the ec2-bundle-vol command.21:54
gholmsIf you're bundling something that has already booted you might have to clear state out of /var/lib/cloud, IIRC.21:55
autojackI did that. I exclude /var/lib/cloud/instance and instances.21:57
autojackwhat's the best way to re-run cloud-init?22:00
gholmsYou could probably just re-run the init script.22:01
autojackI'm doing that and it seems to do nothing.22:01
gholmsSo much for that idea, then.22:02
autojackreturns 0 and logs nothing.22:02
* gholms lets someone more knowledgeable about cloud-init+upstart answer22:02
autojackheh, thanks :)22:02
autojackoh here we go22:06
autojackthe log says  config-puppet already ran config22:07
autojackI feel like there must be some other lockfile that is stopping it from running.22:09
autojackI wish I could figure out a debug mode.22:09
Guest80819sudo reboot <<< for the 5th time today, thinking of running jest plain debian wheezy already..... rant22:10
sarnoldautojack: there's always something interesting on smoser's blog posts, but I don't know off-hand if he's written anything targetted directly at what you're doing.. check this out though: http://ubuntu-smoser.blogspot.co.uk/2013/02/using-ubuntu-cloud-images-without-cloud.html22:11
autojacksarnold: thanks! I don't see anything in there that applies though. I AM running this on EC2. I'm just trying to create a modified instance.22:13
sarnoldautojack: one of the comments abour changing user / group information looked more useful than the contents of that specific post..22:14
autojackaha22:15
autojackAHA22:18
autojackI figured it out!22:18
autojackas the Angry Video Game Nerd would say, "ASSSSSSSSSSS!" in a mid-west accent.22:18
autojackfirst of all, I needed to exclude /var/lib/cloud/sem from my manifest.22:18
autojacksecond, I needed to exclude /var/lib/puppet/ssl apparently.22:18
autojacksheesh.22:19
Guest80819how do i get my ubuntu server to cook me some bacon?22:20
sarnoldsudo make me a sandwich^W^Wbacon22:20
Guest80819haaaa yes thats the command I was looking for thank you.....22:21
=== freeflying is now known as freeflying_away
=== freeflying_away is now known as freeflying
smoserautojack, cloud-init should "just work" and re-run first boot stuff after being captured.23:39
smoserthere is not necessarily a reason to rm -Rf /var/lib/cloud, but its fine to do that.23:39
=== freeflying is now known as freeflying_away
smoserautojack, config-puppet really should run "per-instance".23:41
smosermeaning it should run any time there is a new instance-id found.23:41
=== freeflying_away is now known as freeflying

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!