/srv/irclogs.ubuntu.com/2013/10/07/#ubuntu-server.txt

=== zexcriz is now known as Guest88976
=== stiv2k_ is now known as stiv2k
=== peter is now known as Guest5090
=== Guest88976 is now known as zexcriz
The_Acid_Toyhow do i set multiple ipv6 addresses on the same interface02:41
=== HisaoNakai_ is now known as HisaoNakai
Paulus68_1how can I install ubuntu server 13.04 on a HP proliant ML310? I have problems with the iSCSI raid configuration03:36
TripSecsudo apt-get install git. how do i access once it has dl'd04:51
raubIs 01-mail-stack-delivery.conf an ubuntu/debian-specific dovecot config file?04:57
Paulus68_1how can I install ubuntu server 13.04 on a HP proliant ML310? I have problems with the iSCSI raid configuration05:50
=== HisaoNakai_ is now known as HisaoNakai
raubPaulus68_1: elaborate?05:59
Paulus68_1raub: I have a sata raid enabled through bios06:27
Paulus68_1raub: during install I get the notification that it found sata raid and if I wan to activate06:28
Paulus68_1raub: then I get the question  to configure ISCSI volumes and on the next tab I need to enter and IP and port for source and target and there I don't know what to enter especially when both drives are inside the server06:29
Indexa06:36
Indexa06:36
Indexa06:36
Indexa06:36
Indexa06:36
Indexa06:36
Indexa06:36
Indexa06:36
Indexa06:36
Indexa06:36
Paulus68_1Index: stop that06:36
Indexhahha06:36
Indexi am indo haxor06:37
Indexu here? http://irclogs.ubuntu.com/2013/10/07/%23ubuntu-server.txt06:37
Paulus68_1!ops06:41
ubottuHelp! Channel emergency! soren, lamont, mathiaz, Pici, Daviey, Tm_T or pmatulis06:41
MyrttiPaulus68_1: er, why?06:41
Paulus68_1Myrtti: Index is hacking here06:41
Tm_Tthat's not hacking, just ignore it06:42
Paulus68_1Myrtti: and flooding without any reason06:42
Paulus68_1http://irclogs.ubuntu.com/2013/10/07/%23ubuntu-server.txt06:42
Myrttiyes, and I can't see either06:42
tsimpsonMyrtti: it was a few minutes before you joined06:43
Myrttiprobably was06:43
Paulus68_1thanks anyways06:43
Myrttibut since I joined nothing has happened and now there's several ops awake, so I fail to see why the need to call ops again...06:43
Myrttianyway, going back to work06:44
Paulus68_1like I said thanks anyway06:44
Indexhttp://www.regiohits.com/ina.php06:45
Indexhttp://zone-h.org/archive/notifier=Index%20Php list hacked :)06:46
MyrttiIndex: do you have a support question or are you here just to paste links?06:47
RoryHe's here to be a waste of the global ipv4 address space07:19
=== psivaa-afk is now known as psivaa
Paulus68_1how can I install ubuntu server 13.04 on a HP proliant ML310? I have problems with the iSCSI raid configuration09:35
=== freeflying_away is now known as freeflying
zexcriz_i have to deploy 20 ubuntu machines in my college lab, which is the best way to implement such that, 1. no user can chroot that machine and access the root access. 2. only necessary application's like firefox and terminal runs.10:14
zexcriz_i thought of controlling this machine use one server which controls all the 20 machines.10:15
zexcriz_any  rough idea which will be the correct thing to do ?10:20
TJ-zexcriz_: Sounds like a job for Puppet, Chef, Salt and the like10:21
zexcriz_TJ-, the main prob is that students chroot in and get the root access how can i prevent them ?10:25
TJ-zexcriz_: Sounds like you have a severe permissions problem then, if regular unprivileged user accounts can gain root10:27
zexcriz_TJ-, what they do is use a live cd chroot into the current installation10:30
zexcriz_and change config files10:32
TJ-zexcriz_: So block the use of the liveCD in the system BIOS/firmware by enabling adminstrator password and locking down what regular users can do, or else use LUKS encrypted systems that either require manual entry of the pass-phrase by a sysadmin (and an automatic penalty for any student rebooting the PC) or dropbear in the initrd to get the pass-phrase from a remote server and log the reboot(s)10:36
zexcriz_TJ-, nice info reading it multiple times to understand clearly.10:46
zexcriz_TJ-, i can10:48
zexcriz_TJ-, i can't understand this  line "  dropbear in the initrd to get the pass-phrase from a remote server and log the reboot(s) "10:49
TJ-zexcriz_: "https://matt.ucc.asn.au/dropbear/dropbear.html10:50
TJ-zexcriz_: But your simplest route is to use the Motherboard BIOS/Firmware security options to prevent boot from CD or USB or even PXE10:51
zexcriz_disabling USB would not be possible as they require to copy their programs on the the USB drives.10:51
zexcriz_so the USB ports are enabled.10:51
TJ-zexcriz_: Protect against PXE else students could simply move the ethernet cable to a device they control that provides BOOTP/TFTP services10:52
TJ-zexcriz_: You can often have the disabled in BIOS but Linux will still find/use them when it has loaded10:52
zexcriz_nice point.10:52
TJ-zexcriz_: Your best weapon is severe penalties, clearly explained, to each student10:53
TJ-zexcriz_: With good logging to a remote syslogd and active scripts monitoring those logs for systems going offline unexpectedly10:53
zexcriz_implementing SElinux would help ?10:53
TJ-zexcriz_: How?10:53
TJ-zexcriz_: Your problem is not with Linux... your problem is *before* the operating system even loads10:54
zexcriz_yeah correct10:54
TJ-zexcriz_: Have you secured the power and reset buttons? made them non-operational?10:54
zexcriz_no i have not done anything to power and reset button, can i make then non-operational ? i was not knowing this before.10:55
TJ-zexcriz_: As I said, you can spend a lot of time trying to come up with technical measures to prevent this, or your institution can set clear rules with penalties for anyone breaking them, and then all you need is good active monitoring to catch reboots as they occur.10:55
zexcriz_i can manage those machines from a server, and boot the machines when the period is there and shutdown as it get's over, this is one thing i can do by setting power and reset button non-operational.10:57
eagles0513875_hey guys what is the reason there are 3 php ini files on ubuntu server one for apache one for php and a 3rd for php-fpm if you use that sort of setup?10:58
zexcriz_TJ-, thanks for the guidance :)11:00
Paulus68_1how can I install ubuntu server 13.04 on a HP proliant ML310? I have problems with the on board iSCSI raid configuration11:01
AntelopeSaladi have an upstart question, if i make a script that looks like this: http://askubuntu.com/a/25158112:07
AntelopeSaladand i have an init.d script to make sure a process loads on boot up will they still conflict?12:07
=== psivaa is now known as psivaa-afk
rbasakAntelopeSalad: yes. You should either have an init.d script, or use an upstart script to both start a service on boot and to respawn it. You shouldn't have both.12:21
babinlonstonthere are 20 machines in a local area network and all machines are installed with ubuntu 12.04, now i want to access the current users screen graphically how can i get connect and they too need to work at same time12:21
rbasakOnce you have an upstart script, symlink /etc/init.d/your-service to /lib/init/upstart-job (debhelper does this automatically).12:22
AntelopeSaladrbasak: i can't just remove the init.d script?12:22
rbasakbabinlonston: try #ubuntu for desktop questions. This is a server channel.12:23
AntelopeSalador will the symlink carry over when i update the package?12:23
babinlonstonrbasak: i asked there same issue and they said me to come here .. so what came here sir12:23
rbasakbabinlonston: sorry you're being messed around. If you can't get help in #ubuntu, see http://www.ubuntu.com/support/community for other community support options.12:25
babinlonstonok12:25
koolhead11hi all12:25
zulhallyn:  so +1 for libvirt12:33
=== psivaa-afk is now known as psivaa
=== gary_poster|away is now known as gary_poster
hallynzul: yeah, i guess.  except for the lateness factor, and the proliferation of CVEs for the first month or two of recent releases12:51
AntelopeSaladi can't believe how complicated upstart is haha12:52
AntelopeSaladeven huge tools don't have upstart scripts available12:52
rbasakAntelopeSalad: really? I find upstart scripts remarkably simple to write. Especially compared to init.d scripts.12:54
mdeslaurAntelopeSalad: in what way are they complicated?12:54
AntelopeSaladi've spent close to 7 hours trying to figure out how to get process monitoring12:54
AntelopeSaladand i got no where12:54
rbasakDefine "process monitoring"12:54
AntelopeSaladredis, postgres, elasticsearch -- none of these things have upstart scripts available12:54
rbasakupstart keeps track of whether the service is running.12:55
AntelopeSaladthey have non-official gists that are untested12:55
AntelopeSaladi simply want 2 things to happen with a few processes12:55
AntelopeSalad1. start when the machine boots , 2. reload if the process crashes for unknown reasons12:55
rbasakThat's pretty much built in. Write an upstart script and "respawn" will work with it.12:55
mdeslaurAntelopeSalad: that's what upstart does pretty much by default12:56
zulhallyn:  yeah hmmm..12:56
AntelopeSaladyeah but those 3 tools i have do not have upstart scripts available to download12:56
AntelopeSaladand i'm in position to write one with zero knowledge12:56
AntelopeSalad*no position12:56
rbasakIn what way is that a problem with upstart?12:56
AntelopeSaladbecause i thought it was some widely used tool12:56
rbasakAnd how does that make upstart "complicated"?12:56
rbasakhttp://upstart.ubuntu.com/cookbook/ is a great guide12:56
AntelopeSaladevery single vendor seems to use the other version12:56
AntelopeSaladthe init.d ver12:56
hallynzul: i'm hoping this morning to figure out the virsh add-device problem...  would like that fixed before release!12:57
rbasakWell that's fine. Ubuntu works with init.d scripts too.12:57
rbasakJust use the init.d script then.12:57
AntelopeSaladyeah but init.d won't do the reloading right?12:57
rbasakNo it won't.12:57
AntelopeSaladthe reloading part is most important to me12:57
rbasakSounds like "every single vendor" isn't making that feature available to you then.12:58
zulhallyn:  thats cool im fixing ftbfses this morning (yay!)12:58
hallynglamorous :)12:58
AntelopeSaladyeah which makes me think upstart has no traction and is unused12:58
AntelopeSaladpostgres, redis and elasticsearch are pretty popular tools, yet none of them have a conf available12:59
rbasakThat's because upstart works fine with init.d scripts12:59
rbasakPeople tend to write upstart scripts when they need some functionality that upstart provides; otherwise the init.d script suffices fine on an upstart-using system.12:59
rbasakIt sounds like nobody is using service supervision on your specific tools.13:00
mdeslaurAntelopeSalad: upstart is used by RHEL6 and by Ubuntu...both combined represents a pretty big market share :P13:00
rbasakOr else they do it themselves and don't share their config.13:00
AntelopeSaladi guess they don't share their configs13:01
AntelopeSaladare there other alternatives?13:01
rbasakAn upstart job for a well-behaved daemon is about five lines. Perhaps they consider so trivial that they don't think it's worth sharing?13:02
AntelopeSaladit would likely be available somewhere13:02
AntelopeSaladif i search for upstart scripts for all 3 of those tools there's very little coverage13:02
AntelopeSaladthere's a couple of gists where people say it doesn't work, or it has issues, etc.13:03
AntelopeSaladin elasticsearch's case i couldn't even find a single one13:03
AntelopeSaladjust a random newsgroup post where the guy says up front it doesn't work13:03
TJ-AntelopeSalad: I recommend reading this http://jtimberman.housepub.org/blog/2012/12/29/process-supervision-solved-problem/13:05
TJ-AntelopeSalad: Also, "apt-cache show runit" and read the documentation13:07
AntelopeSaladTJ-: does runit have wide vendor support?13:08
TJ-AntelopeSalad: You need to ask the vendor's. runit is a solution for process supervision that can run alongside sysv init scripts.13:09
AntelopeSaladat this point it seems easier to just forget using monitoring13:10
=== gary_poster is now known as gary_poster|away
rbasakI fail to understand the real need for this. Need HA? Do proper HA. Need to fix things when they're broken? Monitor your actual service (rather than just a process) and redeploy your instance.13:11
AntelopeSaladredeploy your instance?13:12
rbasakYes. You do have your deployment automated, right?13:12
AntelopeSaladit seems really common to me that something like postgres might crash out of the blue13:12
AntelopeSaladit seems really reasonable to me to have a script setup to detect and fix that without me having to ssh to the server and manually restart it13:13
rbasakIf it does then I suggest that you have bigger problems. Hiding it under the carpet doesn't really solve anything. Have you actually had postgres crash out of the blue? I never have.13:13
AntelopeSaladautomated deployment in what sense? i use git to push code to the server13:13
AntelopeSaladsetting up the server instance from scratch wasn't automated, i just have a million things written down that i planned to move into puppet or something else later on13:14
rbasakIn the sense that your entire deployment (server, services, scripts) deploys automatically.13:14
rbasakIf you really have a process crashing problem your process will continue to crash and be restarted and you'll just have a less reliable service, instead of actually fixing it.13:14
AntelopeSaladit's never crashed randomly for me but it didn't seem impossible13:15
rbasakI suggest you focus on automating your deployments first, and worry about process crashes later.13:15
AntelopeSaladi've had ES occasionally lockup13:15
AntelopeSaladwhat's your definition of automated deployment?13:15
rbasakGoogle "devops".13:15
AntelopeSaladi mean, i type "git push production master" and it gets deployed13:15
jrwrenheroku style! <313:16
AntelopeSaladbut that really involved almost nothing to setup and it's still very simple13:16
rbasakYour server gets stolen / your service provider goes bust / whatever. What do you do?13:16
AntelopeSaladwell13:16
rbasakOne command = devops.13:16
AntelopeSaladif my ec2 instance gets stolen then i expect amazon to do something about it13:16
rbasakHa ha13:16
AntelopeSaladif ec2 goes out then i'm SOL i guess13:17
rbasakEC2 instances are defined to have an expectation of doing away at any time.13:17
AntelopeSaladand since this is my first project, i haven't looked into setting up the actual server automatically, that was next on my list after i got everything setup13:17
jrwrenand they do, even if you don't run your own chaos monkey13:17
rbasakI suggest you defer worrying about process crashes then.13:17
rbasakJust use the init.d scripts for now.13:18
AntelopeSaladthat feels really wrong but i'll take your advice and forget about it13:18
jrwrenuser-data with cloud-config can get you a long way.13:18
AntelopeSaladit feels like flying blind with no monitoring13:19
rbasakI suggest you set up external monitoring instead.13:19
rbasakCheck that the actual service works, rather than some process.13:19
AntelopeSaladit's not so much the monitoring, it's having to fix the problem manually13:19
rbasakWorry about automation of fixing *after* you've had to fix the same thing a few times manually.13:19
rbasakOtherwise you waste effort on fixing things that never go wrong anyway.13:19
AntelopeSaladi just incorrectly assumed upstart was widely used and ridiculously easy to setup for common services13:20
rbasakIt is.13:20
AntelopeSaladgoogle says otherwise haha13:20
jrwrenthe manual is really good.13:21
AntelopeSaladif you searched for terms like "restart postgres automatically ubuntu" you'll find dozens of people having issues and no real good solutions13:21
rbasakThat's because the people really using postgres in production don't have that problem.13:22
rbasakThey monitor whole instances.13:22
rbasakThey implement real HA.13:22
AntelopeSaladso you think all of those people asking the questions are newbies like myself who think they need it but actually don't?13:22
rbasakThey don't implement band-aid solutions.13:22
AntelopeSaladat the very least i should set it up for my application13:23
jrwrenwhy would you want to restart postgres automatically?13:23
rbasakYes, or they've implemented something themselves (daemontools, upstart's "respawn", whatever) without further comment.13:23
AntelopeSaladi could easily see a node or rails app dying but then working fine if it gets restarted13:23
rbasakOr they fix the root cause of postgres crashing.13:23
jrwrenpostgres crashes?13:24
jrwrenwe've had instance run for years.13:24
rbasakIf postgres really is crashing, and you're using it in real production, then you'll fix the root cause, or have a support contract with someone else to fix the root cause.13:24
AntelopeSaladso the moral of the story is trust vendors that their software is rock solid?13:24
jrwrenhahahaha13:25
AntelopeSaladat least the popular ones like nginx/postgres/redis/etc.13:25
rbasakThe moral of the story is to monitor your actual service, and fix problems that really happen, rather than theoretical ones that never do.13:25
jrwrenAntelopeSalad: no, 1000x no. also, none of those things are vendors. they are open source projects.13:25
rbasakFor real production use, you bring in people with experience, or have support contracts with people who have real experience, who can tell you what to focus on.13:25
rbasakFor a newbie, worrying about postgres crashing is not one of them.13:26
rbasak(unless it actually is crashing)13:26
rbasakAnyway, I have work to do...13:26
AntelopeSaladjrwren: sure but the end result is the same, they are widely used services that are supposedly battle hardened13:26
jrwrenAntelopeSalad: i'm not sure where you get those impressions and suppositions.13:27
AntelopeSaladit's easy to get caught up in monitoring because if you google on the topic there's many different tools/etc.13:27
jrwrenwidely used compared to what?  certainly NOT widely used compared to apache/mysql/php/memcached13:27
AntelopeSaladi don't have a usage chart handy13:28
jrwrenmonitoring is great. I say yes to monitoring. If someone tells you that you don't need monitoring, tell htem, yes, and they don't NEED coffee, but it is great to have.13:28
AntelopeSalada quick stat check says nginx is being used on about 22 million sites13:29
jrwrenAntelopeSalad: getting back to nginx/postgres/redis, I've use the first two quite a bit. The reason I don't monitor them directly is that in my experience, they don't go down. I monitor my apps which use them.13:29
patdk-wkwhat does popularity have to do with stability?13:30
AntelopeSaladso you have absolutely nothing in place for those tools?13:30
=== gary_poster|away is now known as gary_poster
rbasakAntelopeSalad: monitoring that your web site is up indirectly monitors nginx. There's no need to monitor it specifically.13:30
jrwrenthat is right, absolutely nothing. I've also never had an outage where monitoring those would have helped.13:30
AntelopeSaladpatdk-wk: if ~20 million people are actively using something there's a very good chance all parts of the code gets stressed, bugs emerge and get fixed, etc.13:30
rbasakWhat matters is that your web site is working. Not whether nginx is running or not.13:30
patdk-wkAntelopeSalad, not true13:31
AntelopeSaladcompare that to a home grown web server that you wrote in a weekend , chances are it will be less stable than nginx13:31
jrwrenAntelopeSalad: you'd think there is a very good chance, but then see java, windows, adobe flash, other common zero day attack vectors.13:31
patdk-wkeven in high usage,  I doubt 50% of it's capabilities are used13:31
jrwrenless stable? so lets say I did write a web server in a weekend, I built it off libevent's evhttp and I put some sane limits on request size. What would make it less stable?13:32
AntelopeSaladjrwren: could you prove that it's equally as stable as a widely used server?13:32
jrwrenprove?13:33
patdk-wkheh13:33
patdk-wkI have seen extreemly stable software in high usage, crash horrible on idle servers13:33
jrwrenproof of code correctness is not something I'm interested in, nor willing to spend time doing. I respect others who do it. It is not for me.13:33
patdk-wkonly took me 2 years, for them to agree it was a bug that should be fixed13:34
AntelopeSaladjrwren: btw are you using upstart scripts for your actual application or something else?13:34
jrwrenan upstart configuration, yes.13:35
jrwren+1 for this converstation. It made me realize I should probably figure out how to use it with respawn.13:35
jrwrenor wait, no. I think I'm using an older style init.d script.13:35
jrwrenits just a trivial uwsgi config. I've not spent time investigating how to start it with upstart, because I have not needed it.13:36
patdk-wkI have moved all my stuff to upstart awhile ago13:37
jrwrenAntelopeSalad: all of the above opinions stated, you should consider your goals and your values. If your organizational values are to solve these kind of problems first, in favor of a feature release time, then by all means, follow those values. Do the monitoring.13:37
jrwrenpatdk-wk: uwsgi configs to upstart? can you share how you did it?13:37
jrwrenAntelopeSalad: and then, when you do have some monitoring in place for all of it, share it with the rest of us :)13:38
patdk-wkuwsgi? dunno what that is13:38
AntelopeSaladjrwren: that's a fun topic in itself because i spent about 15 hours total setting up this machine13:39
AntelopeSaladit could have been better spent13:39
jrwrenAntelopeSalad: if it could have been better spent, sounds like its not mixing with your values.13:39
AntelopeSaladworking on features, etc. but i didn't treat this as something to compared vs an hourly wage, i wanted to be able to provision an ec2/vps instance and learning has an expense13:40
jrwrenwith the best payoff, IMO13:40
AntelopeSaladi don't mind spending time on certain things but i really did get hung up for a silly amount of time on the topic of monitoring13:40
AntelopeSaladinstalling everything was really straight forward with no problems13:40
jrwreni'm curious, is this based on past experience? or something else?13:41
AntelopeSaladno, all of this is happening right now13:41
AntelopeSaladif i already had a solution and things were smooth i wouldn't be in this channel13:41
jrwrenI mean to ask, do you know what caused you to get hung up for a silly amount of time on the topic of monitoring?13:42
jrwrenwhy did you even think about it?13:42
AntelopeSaladoh, i was just reading general information on system deployment13:42
AntelopeSaladand i like automating things, it seemed like a good idea to make sure my web server could self heal13:42
AntelopeSaladi didn't want to have that feeling that i need to keep checking in on it13:43
jrwrenCan you share what you were reading? I'm just curious.13:43
AntelopeSalador checking my inbox all the time for errors that my app sent13:43
AntelopeSaladjrwren: i spent a while over a few days just generally googling for deployment for xyz runtimes13:45
AntelopeSaladi don't have a specific link13:45
jrwrenI'd guess that it was a lot of trade rag and academic stuff.13:51
AntelopeSaladjrwren: mostly just blog posts13:53
AntelopeSaladthe other bits came from sites like SO13:53
AntelopeSaladi started with the highest level topics like deploying a server to ec2 and they introduced tools like upstart/etc.13:54
hallynjdstrand: zul: so fwiw, virsh attach-device runs virt-aa-helper differently in saucy than raring:  http://paste.ubuntu.com/6205041/14:03
zuljamespage:  https://code.launchpad.net/~zulcss/glance/precise-ftbfs-rc1/+merge/18961314:09
garrettkajmowiczGreetings! I have a server which I've upgraded from 10.04LTS to 12.04LTS. Upon doing so, the server now kicks me to the busybox shell on boot. The old kernel still boots fine. When kicked to the busybox prompt, I can simply mount the RFS without a problem. How can I debug this issue?14:22
zuljamespage:  just rebuilding libvirt now14:22
jamespagezul, great14:23
hallynno, false alarm.  that doesn't appear to be the problem14:24
hallyni guess i can try the raring apparmor userspace package14:24
zuljamespage/hallyn: builds fine14:34
jamespagezul, good-oh14:34
jamespagezul, I'm not comfortable with skipping that glance test14:35
jamespageI'm concerned its pointing at something wrong14:35
zuljamespage:  thinking about it im not either14:35
zuljamespage:  lemme just fix libvirt and ill poke at it again14:35
jamespageadam_g, roaksoax: I just hit a nasty bug in the glance charm14:35
jamespagetwo contexts both using the 'ceph' interface naming14:35
jamespageI fixed it to specialize the glance CephContext -> CephGlanceContext with a new interface name ceph-glance14:36
jdstrandhallyn: virt-aa-helper is being called wrong14:40
jdstrandhallyn: /usr/lib/libvirt/virt-aa-helper -h14:40
jdstrand    -f | --add-file <file>         add file to profile14:40
jdstrandhallyn: the apparmor userspace won't make a difference14:40
jdstrandhallyn: some commit made it so libvirt doesn't recognize that it needs to pass -f14:41
=== freeflying is now known as freeflying_away
hallynjdstrand: the thing is when I install the libvirt package from raring into saucy, it still doesn't do the right thing14:48
hallynand when i isntall saucy's pkg on raring, it does14:48
hallynjdstrand: my paste was wrong.  -f /tmp/d.img *is* being added with sauc's package14:50
hallyn(there are 3 calls, one with -f /tmp/d.img)14:50
jdstrandhallyn: that is... weird15:03
jdstrandhallyn: are there any denials? "grep DEN /var/log/syslog"15:04
garrettkajmowiczI have a server which I've upgraded from 10.04LTS to 12.04LTS. Upon doing so, the new kernel image now kicks me to the busybox shell on boot. The old kernel still boots fine. When kicked to the busybox prompt, I can simply mount the RFS without a problem. How can I debug this issue? I've run fsck. The SW RAID driver (RAID0) mdadm shows the array as healthy.15:09
TJ-garrettkajmowicz: That could be caused by several issues. What have you checked so far?15:11
garrettkajmowiczTJ-: The health of the RAID device, the health of the filesystem. Everything mounts fine. I don't know why I'm being dumped to the busybox prompt.15:12
TJ-garrettkajmowicz: How is the rootfs specified in the GRUB config? By UUID, device mapper name?15:13
TJ-garrettkajmowicz: "cat /proc/cmdline" should help there15:13
hallynjdstrand: not for virt-aa-helper or apparmor_parser.15:13
hallynjdstrand: I just got apparmor_parser to stop before actually laoding the profile;  and /tmp/d.img rw *is* in the libvirt-$uuid.files file15:14
garrettkajmowiczTJ-: root=/dev/md0 ro15:14
jdstrandhallyn: are there any denials related to libvirt?15:14
jdstrandhallyn: also, remind me what the exact problem is?15:15
hallynjdstrand: http://paste.ubuntu.com/6205324/15:15
hallynjust a sec15:16
jdstrandhallyn: oh15:16
hallynyeah so that is the root of the problem :)15:16
jdstrandhallyn: can you paste /etc/apparmor.d/libvirt/libvirt-7d781722-69b7-8801-fe96-caf37b7a8969.files?15:16
TJ-garrettkajmowicz: OK, so mdadm should have a config in the initrd, in "/conf/conf.d/" I seem to recall, which gets there via an update-initramfs hook15:16
hallynhttp://paste.ubuntu.com/6205337/15:16
hallynjdstrand: ^15:16
hallynI didn't create that by hand15:17
jdstrandhallyn: oh, that is the wrong file-- apparmor_parser shouldn't run on that15:17
jdstrandhallyn: /etc/apparmor.d/libvirt/libvirt-7d781722-69b7-8801-fe96-caf37b7a8969 is the file15:18
hallynoh yeah :)15:18
jdstrandhallyn: so, I assume apparmor_parser -r /etc/apparmor.d/libvirt/libvirt-7d781722-69b7-8801-fe96-caf37b7a8969 works?15:18
hallynjdstrand: it does.  BUT!15:18
hallynthen when I add the file I'm attaching explicitly, and reload, I still can't attach-device15:19
hallynhm.  it removed it15:19
jdstrandcan you restate the problem-- I'm confused15:19
hallynjdstrand: ok, sorry, so here is the problem15:19
hallynI'm just doing the attach-device test (from qa-regression-tests) by hand.15:20
hallynI define a vm;  create a img file in /tmp/ to attach;  say virsh attach-device qatest-i386 d.xml15:20
hallynit updates the .files; loads  a new profile;  but libvirt gets denials (logged in syslog) opening the .img file either r or rw15:20
zuladam_g/jamespage: libvirt first15:21
hallynI've verified that apparmor_aprser is being called, and it does seem to have the new .img in the .files at that point15:21
zuladam_g/jamespage: libvirt fixed even15:21
jdstrandhallyn: can you paste those denials?15:21
garrettkajmowiczTJ-: The file does exist at /etc/initramfs-tools/conf.d/mdadm. There are pretty much no contents, though, other than BOOT_DEGRADED=true15:21
hallynhttp://paste.ubuntu.com/6205364/15:21
jdstrandhallyn: http://paste.ubuntu.com/6205337/ doesn't have /tmp/d.img15:22
hallynjdstrand: correct.  it gets added only for the attempt; then libvirt immediately removes it15:23
hallynauto-cleanup code is not a debugger's friend15:23
TJ-garrettkajmowicz: The hooks and scripts from the mdadm package are installed at /usr/share/initramfs-tools/{hooks,scripts}. If you've got it mounted and booted right now, I'd suggest doing "sudo update-initramfs-tools -vuk all" to rebuild the initrd images15:23
jdstrandhallyn: virt-aa-helper seems to be doing the right thing: http://paste.ubuntu.com/6205377/ (using a vm of my own)15:26
hallynjdstrand: I agree.  that's why I think it's apparmor userspace or kernel bug15:26
jdstrandwe would have widespread breakage if it was15:27
jdstrandit seems more like the access is happening before the profile is reloaded15:28
hallynjdstrand: well15:28
hallyn"/tmp/d.img" rw,15:28
hallynis in the *.files15:28
hallynso I just dont' know what's goin gon15:28
hallynbiam15:28
garrettkajmowiczTJ-: I performed a sytem update the other day and installed a newer kernel. That built a new initramfs image. That didn't boot either.15:29
jdstrandhallyn: did upstream refactor the attach code? they could have moved something so that the lsm hook is wrong at the wrong time. it would (maybe) work on selinux because of file labelling15:29
jdstrands/is wrong/is run/15:30
jdstrandhallyn: when developing the driver, some stuff had to be moved around for things like that15:30
TJ-garrettkajmowicz: OK, crack open the initrd image and figure out why it isn't starting and mounting the array15:30
zexcriz_after entering this command ln -s /home/UbuntuMirror /var/www/ubuntu   ,  on my apache server i am only getting parent directory displayed nothing else.15:31
garrettkajmowiczTJ-: I can crack open the image somewhere. But how do I figure out why it's breaking. I think I managed to save a copy of the output of dmesg somewhere, though it didn't look like it provided anything useful.15:36
zexcriz_solved the prob :)15:38
TJ-garrettkajmowicz: I had a server I had to do similar to last week due to various broken RAID arrays on it. my procedure was "mkdir /tmp/initrd; cd /tmp/initrd' zcat /boot/initrd.img-`uname -r` | cpio -id" at which point you've got the root of the initrd in the current working directory, and can poke about without the limitations of being in the busybox environment15:39
garrettkajmowiczTJ-: I don't think it's a broken RAID array simply because a previous kernel still boots flawlessly. In any case, I've opened up the image. The mdadm binary is there, as is the mdadm config file. The mdadm config file has notably:15:47
garrettkajmowiczARRAY /dev/md0 level=raid1 metadata=0.90 num-devices=2 UUID=5c92f0d9:9cf5be95:03611c5e:a540b92f and DEVICE partitions15:47
hallynjdstrand: here was my experiment.  Wrote a program which does sleep 100; try to open /tmp/a for reading.15:48
hallynstart it in a profile which denies read of /tmp/*;  open is denied15:49
hallynstart it in that profile; update the profile to allow those reads while it is sleeping;  open is still denied15:49
TJ-garrettkajmowicz: I wasn't implying the array is broken, but that something in the scripts/config is not doing what it ought to.15:49
hallynis that expected?  If so, then how does a running libvirt get updated so as to be able to open the new image file?15:49
TJ-garrettkajmowicz: Does that config match the one from the initd of the known-working kernel? Be a good idea to crack open the working intrd in another directory and compare15:49
garrettkajmowiczTJ-: I wanted to make sure we didn't go down the 'broken RAID' rat hole. I just compared the config files and they have nearly identical contents. The older one doesn't have the parameter "metadata=0.90" in it.15:53
jdstrandhallyn: can you give me the test program and profile?15:53
garrettkajmowiczTJ-: However that matches the metadata version of the array.15:54
hallynjdstrand: heh, it's not very sophisticated.   program is http://paste.ubuntu.com/6205500/15:57
hallynpolicies are http://paste.ubuntu.com/6205501/ and http://paste.ubuntu.com/6205502/15:57
hallynuh, sed -i 's/sleep(100)/getchar()/' to make it more usable i guess15:58
darkXploithiii guys anyone can tell me how to unset ETags on ubuntu server.. each time im creating a file in conf.d or add the header unset.. there is an error when restarting apache2.. any hints please with etags.. thnkxx15:58
darkXploitin the previous ubuntu server, the etag file.conf can be added.. but not in this one.. i dont understand where is the issue about configuration of etags16:01
darkXploithiii guys anyone can tell me how to unset ETags on ubuntu server.. each time im creating a file in conf.d or add the header unset.. there is an error when restarting apache2.. any hints please with etags.. thnkxx16:01
darkXploitRuetobas has left IRC ()16:01
darkXploit20:01 darkXploit16:01
darkXploitin the previous ubuntu server, the etag file.conf can be added.. but not in this one.. i dont understand where is the issue about configuration of etags16:01
TJ-garrettkajmowicz: That sounds right - the newer version of mdadm supports a newer metadata format so that is needed. My checks now would be on the scripts that handle the root device. The root device name is being passed on the kernel command-line, and is extracted to an env. variable I think via the /init script. Then the scripts/* are called in turn... mdadm has a script there. I'd be checking it is in place reading it to see if there is as way to get it16:02
TJ-to report debug info of some sort to help when it fails so you know where it has got to and what it is seeing16:02
hallynjdstrand: ok, yes i get different behavior on precise.  So I guess I can formalize the testcase and open a bug.16:02
hallyn<sob>16:02
hallyn(that's a sob, not 's.o.b' :)16:02
jdstrandhallyn: your test program fails without confinement16:05
jdstrand$ ./a.out16:05
jdstrandfailed16:05
jdstrandhallyn: "r" is for reading. /tmp/ab doesn't exist16:06
garrettkajmowiczTJ-: In the non-working image I have ./mdadm-functions ./local-premount/mdadm ./init-premount/mdadm. The working image has only ./init-premount/mdadm16:06
darkXploitsudo rm -rf /16:06
darkXploittru this guys16:06
darkXploittry16:06
hallynjdstrand: so create it :)16:07
jdstrandhallyn: adjusting to 'w', then I get:16:07
jdstrand$ aa-exec -p /usr/bin/serge -- ./a.out16:07
hallynjdstrand: like i said i'll create an actual test tarball that does the work for you16:07
jdstrandsuccess16:07
hallyndon't aa-exec16:07
hallyncopy the profile into /etc/apparmor.d/usr.bin.serge16:07
hallynstart the program; switch the profile;  continue the program (by hitting a key)16:08
hallynbefore saucy, it'll continue with the new profile16:08
hallynas of saucy, it continues with the old16:08
jdstrandhallyn: hit a key? what you gave me doesn't look at user input16:08
hallynjdstrand: I said to 'sed -i 's/sleep(100)/getchar()/' :)16:09
hallynlike i said lemme get it fully automated16:09
jdstrandI missed that16:09
TJ-garrettkajmowicz: I'm not sure why there are two, probably some difference in local versus possible NFS rootfs16:11
jdstrandhallyn: I can confirm16:12
jdstrandjjohansen: we have a bug regarding reloading the profile16:12
jdstrandjjohansen: hallyn is creating a reproducer and filing a bug. but basically, if start a program under confinement that doesn't have an allow rule for a file, the later use apparmor_parser -r on a profile with the access, the running process doesn't have the new rule in effect16:14
garrettkajmowiczTJ-: I concur. Likely to handle assembling other arrays after the rootfs is mounted.16:15
garrettkajmowiczWhat's next?16:15
jdstrandhallyn: thanks for finding a reproducer. we'll get that fixed up-- but almost certainly in an sru16:17
TJ-garrettkajmowicz: Well, I'd change the mdadm script to add "set -x" to the top so that the shell echos each line being executed, then I'd rebuild the initrd with that change included. Then I'd reboot the system with "break=top" or similar to stop the init scripts at a suitable point either just before or just after mdadm runs. If you do "grep -rn 'maybe-break' ./init ./scripts/* " you should get a list of the scripts and lines where those scripts might be b16:21
TJ-roken-into, with the break 'name' you can use at the kernel's "break=..." parameter.16:21
garrettkajmowiczTJ-: Here's the output from dmesg from a boot attempt from a few weeks ago. The long delay at the end was because I manually mounted the filesystem with 'mount /dev/md0 /root -o ro'16:21
garrettkajmowiczhttp://pastebin.com/BM1PydAF16:22
darkXploithiii guys anyone can tell me how to unset ETags on ubuntu server.. each time im creating a file in conf.d or add the header unset.. there is an error when restarting apache2.. any hints please with etags.. thnkxx16:22
darkXploitin the previous ubuntu server, the etag file.conf can be added.. but not in this one.. i dont understand where is the issue about configuration16:22
TJ-garrettkajmowicz: I don't see any clues there. The only thing I can think of is, the command-line refers to /dev/md0. I've seen instances in the past whereby mdadm brings the device up as /dev/md127 or similar... that'd easily break rootfs.16:26
ikoniathat's normally a glitch in either the static mdadm.conf or persistant udev rules16:27
garrettkajmowiczTJ-: I'd agree, except that in these cases there is only 1 MD device, *and* it is brought up as md0. If I was getting a funky md device I'd be all over that.16:27
garrettkajmowiczI will be able to try rebooting my server with that option in about 5 hours (when I get home from work).16:28
TJ-garrettkajmowicz: I'm looking at "./scripts/local-premount/mdadm" - the last line "mountroot_fail || panic ..." is probably where its failing for you, so we need to work back starting with the mountroot_fail function16:29
hallynjdstrand: jjohansen: bug 123645516:30
uvirtbotLaunchpad bug 1236455 in apparmor "Running tasks are not subject to reloaded policies" [Undecided,New] https://launchpad.net/bugs/123645516:30
hallynnice number16:30
jdstrandhallyn: thanks!16:32
hallynnp - ttyl :)16:32
jdstrandhallyn: maybe it will get in before release, but not the next upload16:32
jdstrandjjohansen: ^ your call on timing16:32
hallynjdstrand: ok.  let's all give a quiet thanks for the qa-regression-tests :)16:32
hallynnow i suppose i should track down the qemu nic test failure :(16:33
* jdstrand hugs qrt16:35
TJ-garrettkajmowicz: Is the hostname set? I see mention of mdadm needing that, in the "./init" script16:40
smoseradam_g, jamespage i'im going to open a SRU bug for "pull in openstack released havana packages"16:45
jamespagesmoser, I think that makes sense16:45
smosershould i just make it affect all openstack packages ?16:45
smoserie, nova, ceilometer, python-nova-client. ....16:46
jamespagesmoser, yeah: including heat and ceilometer16:46
jamespagebut not the clients16:46
garrettkajmowiczTJ-: I'm not certain. I'm looking at my image and not seeing anything which sets that. I thought hostname was supposed to be set up as a part of the main boot after we switch root.16:46
smosernot the clients?16:46
TJ-garrettkajmowicz: What file-system is used for the rootfs?16:46
TJ-garrettkajmowicz: hostname will be copied into initrd from the real /etc/hostname when doing update-initramfs. I was wanting to be sure it is set there.16:47
jamespagezul, not the clients right?16:47
jamespagesmoser, they don't line up with havana normally16:47
zulno not the clients16:48
garrettkajmowiczTJ-: ext3 is used. I don't see anything in either the working or non-working images which set the hostname.16:52
TJ-garrettkajmowicz: That'll be set via a script in the rootfs, but probably no important in this case.16:53
smosernovnc?16:53
TJ-garrettkajmowicz: When the system boots have you removed "quiet splash" so you can see any messages from the initrd scripts before the busybox shell starts? The scripts emit some useful diags that will help pinpoint where the issue is by correlating those back to the scripts16:54
smoserzul, ^16:54
garrettkajmowiczTJ-: That's what I thought. A /etc/hostname does exist in the rootfs, though I don't see it copied anywhere into the initfs.16:54
smoserduh. never mind.16:54
TJ-garrettkajmowicz: Well the ./init script looks for it in /etc/hostname16:55
garrettkajmowiczTJ-: Yes - I removed quiet and splash. There's nothing printed which I've seen which useful. I captured dmesg as I was hoping anything interesting would be there.16:56
TJ-garrettkajmowicz: Looking at ./scripts/local-premount/mdadm it'll exit the script returning 0 (success) if the function "degraded_arrays" returns false. That implies that mountroot_fail won't be executed. The console messages should indicate if mountroot_fail is being called prior to the shell17:04
=== Ursinha is now known as Ursinha-afk
=== Ursinha-afk is now known as Ursinha
TJ-garrettkajmowicz: If you could tar.gz the /boot/grub/grub.cfg and /boot/initrd.img-${KVER} and upload them somewhere I could replicate the issue in a VM here17:05
garrettkajmowiczI'd like to point out that the naming of these functions is a little counter-intuitive.17:05
TJ-Is it?17:05
garrettkajmowiczDo you have a place I can scp them to?17:06
adam_gsmoser, is there a TLDR for curtin + maas setup?17:07
garrettkajmowiczFound something ... hold on.17:10
TJ-garrettkajmowicz: Yes.... in private17:10
smoseradam_g, http://bazaar.launchpad.net/~smoser/+junk/xinstall/view/head:/maas-usage.txt17:10
smosersee line 20 to 4217:10
smoserbut basically:17:10
smosermaas-cli $MAASNAME tags new name='use-fastpath-installer' \17:10
smoser     comment='XINSTALL' "definition=true()"17:10
smosershould "just work".17:11
adam_gsmoser, so its basically just install pkg and tag nodes?17:11
smoseradam_g, should be.17:13
adam_gcool thanks17:14
garrettkajmowiczTJ-: I've scp'd both of those. I'm using grub version1 (no mandate to upgrade), so I sent the menu.lst file. I think that's what you're looking for.17:16
TJ-yes thanks, just wanted to be able to recreate the boot sequence exactly17:17
garrettkajmowiczTJ-: Would you like the kernel binaries as well?17:17
TJ-garrettkajmowicz: No, I have everything else here in VM-land17:17
TJ-garrettkajmowicz: Just to be clear - there is no partition-table on md0, it is a pure ext3 file-system?17:33
sk1pperhi folks, are there any settings required on apache if an mp3 file is included in html code?17:34
garrettkajmowiczTJ-: What would be the best way to figure this out? fdisk -l of /dev/md0 shows: Disk /dev/md0 doesn't contain a valid partition table17:36
garrettkajmowiczI *believe* it's a pure filesystem.17:38
Rorygarrettkajmowicz: You could try to mount it17:39
garrettkajmowiczRory: The 'mount' command shows: /dev/md0 on / type ext3 (rw,errors=remount-ro)17:40
Rorysk1pper: What do you mean "included in html code?" could you give a quick example of what you mean, and what sort of behaviour you want?17:41
TJ-garrettkajmowicz: Yes, thought it was, but losing track of everything we've covered :)17:41
TJ-sk1pper: You'll possibly need to set the mime-type of .mp3 files so that the Content-Type HTTP header causes the browser to render the MP3 via a media player17:43
garrettkajmowiczTJ-: No worries. I'm thrilled to have somebody helping. This has been an issue for ... a while.17:43
sk1pperRory: here is an example: <embed src="test_music/test05.mp3"/ width="300"height="100">17:45
sk1pperthis is suppose to play the test05.mp3 when i visit the page, but it doesn't17:45
sk1pperTJ: thanks, I will try that17:46
TJ-sk1pper: You'll need to know the correct mime-type, then use this: http://httpd.apache.org/docs/current/mod/mod_mime.html#addtype17:47
TJ-sk1pper: According to RFC3003 it should be "audio/mpeg"17:48
sarnoldsk1pper: I could imagine some browsers may not auto-play or might be configured to not load embedded objects like that..17:48
sk1pperTJ-: thanks, i have to add "AddType audio/mpeg mp3 MP3" in apache configuration17:57
TJ-sk1pper: "The extension argument is case-insensitive"17:59
TJ-sk1pper: So you don't need "MP3"17:59
TJ-garrettkajmowicz: I'm taking a break for dinner here whilst deboostrap completes the Precise install into md0, will report back later.18:09
garrettkajmowiczTJ-: Sounds good. I should go look for late lunch. Thank you for your time and dedication.18:13
adam_gsmoser, using curtin + newer maas, tagged fast-path nodes should have a cloud-config file associated with it instead of a traditional pressed?18:18
smoseradam_g, yes.18:24
adam_gsmoser, is /etc/maas/preseeds/preseed_xinstall still relevant?18:26
smoserno.18:26
smoseradam_g, /etc/maas/preseeds/curtin_userdata18:27
smoserthat is the config file that is sent to curtin18:27
adam_goh18:28
adam_gupdating the 'maas' package doesn't actually update maas18:28
adam_gii  maas                             1.4+bzr1656+dfsg-0ubuntu2~ctools0 Ubuntu MAAS Server18:29
adam_gii  maas-cli                         1.4+bzr1551+dfsg-0ubuntu1~ctools0 Ubuntu MAAS Client Tool18:29
zuladam_g: https://code.launchpad.net/~zulcss/glance/run-full-suite/+merge/18968418:39
adam_gsmoser, [Mon Oct 07 18:50:06 2013] [crit] [client 127.0.0.1] configuration error:  couldn't perform authentication. AuthType not set!: /MAAS/static/images/amd64/generic/precise/xinstall/root.tar.gz   <- any hint?18:50
smoseradam_g, join #maas18:51
zuladam_g: http://people.canonical.com/~chucks/ca/19:04
adam_gzul, looks okay.what do we need it for?19:05
zuladam_g:  need to rebuild kombu with a newer version of python-pika because it exposes a bug with glance19:06
adam_gzul, ah19:06
resnocan anyone suggest a union filesystem, aka one that presents several seperate disks asone? i looked at aufs but its not support but with a patchd kernel19:11
tarvidhttp://pastebin.com/NVuQCFEt19:24
tarvidThe directory sites/default/files is not writable.19:24
tarvidis there a security setting that would make that directory non-writable?19:25
=== hatch is now known as lbox
=== lbox is now known as hatch
bitbytehey guys19:53
bitbyteI'm trying to move data to one folder and get it ready for transfer to another drive, going to use rsync but the drive dosnt have much space to play with what would you recommend19:54
bitbytethe command i was using was rsync -v -r --remove-source-files SRC DEST but the source files last time were never removed and the size was just doubled19:54
adam_gsmoser, hallyn  filed this against juju-core but not sure if its an lxc or cloud-init thing. https://bugs.launchpad.net/juju-core/+bug/123657720:35
uvirtbotLaunchpad bug 1236577 in juju-core "container's /home/ubuntu/ spawns with incorrect permissions, preventing SSH access" [Undecided,New]20:35
hallynoh i thought you were saying that i filed that bug :)20:49
adam_ghallyn, doh20:49
hallynutlemming: are you still watching the ubuntu-cloud template?  up for an easy fix?20:50
hallynadam_g: these are ubuntu-cloud right?20:50
smoser--numeric-uid ?20:50
smoseryem.20:51
adam_ghallyn, i think?20:51
smoseryep. carp.20:51
smoserthat sucks.20:51
smoserhm..20:51
hallynthe ubuntu cloud template chowns it manually...20:51
smoserwhat!20:52
smoserno it doesnt20:52
smoserwhy haven' twe seen this before ?20:52
hallynsorry, the *ubuntu* one does20:52
smoserbecause adam_g's system has an *existing* user 'ubuntu' that isn't uid 1000.20:53
hallynadam_g: whatrelease and what lxc versions?20:53
smoserthis iwll only be a problem for 12.04 instances.20:53
hallynsmoser: lxc-ubutu-cloud just uses metadata.  so is this a cloudinit issue?    /me confused20:56
smoserhallyn, http://paste.ubuntu.com/6206704/20:56
hallyndidn't we do that already?20:57
adam_ghallyn,   1.0.0~alpha1-0ubuntu6~ctools0 on precise20:59
hallyni swear we've been over this...   what in blazes20:59
hallyn~ctools0 ? :)21:00
smoserhallyn, that line is completely wrong as it is21:00
smosertar -xzf if just plain stupid21:00
smoseri'm surprised it has not caused issues before.21:01
smoserits only a problem for ubuntu 12.04 where the ubuntu user already exists21:01
smoserin 12.10 and later the ubuntu user is created during boot (done from inside where it doesn't matter)21:01
garrettkajmowiczTJ-: Heading home. Back online in about an hour.21:02
TJ-garrettkajmowicz: OK, I'm fighting grub1 :)21:02
hallynsmoser: ok but that doen't limit what needs fixing.  all releases can install precise guest21:03
hallynadam_g: so if i fix i in saucy will that percolate to the cloud archive?21:03
smoserhallyn, right.21:03
adam_ghallyn, it should21:03
hallynsmoser: if tar -zxf is dumb beyond needing numeric-owner, do you want to give a proper patch?21:03
smoserhttp://paste.ubuntu.com/6206704/21:04
smoseris there something else necessar ythere?21:04
hallynoooooh.   it was rsync we dealt with before21:05
hallynok will push soon, thx21:06
smoserhallyn, note '-p' and '--numeric-owner'21:08
smoseradam_g, thanks.21:08
hallynsmoser: yes21:08
smoserluckily, i think that in most cases where juju will use this it wont matter.21:09
smoseras juju will have deployed an instance of a cloud image21:09
smoserso the tar will luckily do just about everything right21:09
hallynsmoser: so will the two tar's in build_root_tgz not need that?21:19
hallyn(it only gets called if there is no *-rootfs.tar.gz...  dunno what cases that happens in)21:20
hallyni guess not as it should be symmetric :)  (it untars then tars)21:21
hallynzul: so you were going to push the new libvirt, or not?21:26
hallynif not, can you stick it in ubuntu-virt ppa?21:26
hallyni'm gonna stick qemu 1.6 in there as well in the next few days21:27
hallyneh, sent an email, read at your leisure :)21:28
jamespageadam_g, you will enjoy bug 123643921:48
uvirtbotLaunchpad bug 1236439 in neutron "switch to use not fully qualified hostnames breaks upgrades of l3-agent" [High,New] https://launchpad.net/bugs/123643921:48
jamespagethat gave me a moment this afternoon21:48
adam_gjamespage, jeez21:51
adam_gjamespage, if they're going to break that there, they should do the same for compute nodes21:51
adam_gor wait, i read it wrong21:51
jamespageadam_g, neutron lined up behind compute21:52
adam_gthat changes aligns with how nova handles hostnames, too21:52
jamespagenova rather21:52
adam_gyea21:52
jamespageadam_g, interestingly the dhcp services where OK - they can run HA now on multiple nodes21:52
jamespagebut l3 can't yet afaict21:52
jamespageadam_g, neutron actually cleared down all of the router definitions on the gateway post upgrade...21:53
zulhallyn:  yeah ill start it tonight21:55
zuljamespage:  so glance i got it to past with testsuite with ./run_test.sh -N -P21:55
zuljamespage:  so i am gonig to upload a glance ubuntu2 with the run_test.sh21:55
jamespageok21:56
adam_gzul, dont we need to specify -N to avoid venv?21:57
zuladam_g:  yeah i meant what we have in bzr currently21:57
=== JanC_ is now known as JanC
qwebirc191198TJ-: I'm baaaack.  :-)23:36
=== qwebirc191198 is now known as garrettk
=== garrettk is now known as gkajmowicz
=== gkajmowicz is now known as garrettk
TJ-garretk: ha. I sent messages to your other log-in expecting you'd be using 'screen'23:38
garrettkMultiple computers. I *though* I'd exited at work, but, well.23:39
garrettkI will let you know that my home computer NIC resets on occasion (driver problem which is why I want to upgrade kernels), so I may occasionally disconnect and reconnect.23:42
smoserhallyn, probably, yes.23:44
smoseroh. symetric. funny.23:44
smoserno it would need it. its not symettric23:44
smoserbecause if the host had a user 'ubuntu' (uid=500), the tarball will get that users uid.23:45
smoserand then when extracted would have (uid=500)23:45
smoserbut inside, the /etc/passwd had the user uid=100023:45
smoserso that'd screw up.23:45
justizinanyone else have piles of tmpfs .. /run/shm lines in output of things like 'df' ?23:50
sarnoldjustizin: $ df | grep run | wc -l23:54
sarnold423:54
sarnoldduno if that's _piles_... :)23:54
justizin$ df | grep run | wc -l23:54
justizin270023:54
sarnold2700 is definitely _piles_. Wow.23:55
justizinyeah it just increases all of the time, all of my 12.04 boxen23:55
justizinit means that someone who doesn't know how to use grep can't easily read the output of df. ;)23:55
sarnoldjustizin: what are they? per-user mountpoints? or per-application shared memory segments? or...?23:56
justizintmpfs on /run/shm type tmpfs (ro,noexec,nosuid)23:56
justizinall of them23:56
justizinthe fstab line on 12.04 is odd, it's : tmpfs /dev/shm tmpfs defaults,ro,noexec,nosuid 0 023:57
justizinhowever /dev/shm is a symlink to /run/shm .. haven't had much exp with symlink mount targets, but seems like it could cause some funniness23:57
justizinhttp://askubuntu.com/questions/169495/what-are-run-lock-and-run-shm-used-for <- seems to suggest that all of /run should be one tmpfs in the modern world, as well23:58

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!