/srv/irclogs.ubuntu.com/2013/11/20/#ubuntu-server.txt

tc0nn_Beatstreet: logrotate00:08
=== freeflying_away is now known as freeflying
tc0nn_or move the file, restart rsyslog00:09
=== robbyf_ is now known as RobbyF
=== thumper-afk is now known as thumper
=== tc0nn_ is now known as tc0nn
=== Mapley is now known as Mapley|group
=== Laogeodritt| is now known as Laogeodritt
sondHowdy all.. has anyone here installed ScriptCase manually on a headless Ubuntu Server ?05:28
sond* installed ScriptCase on a headless Ubuntu Server05:30
ancasterHi! I have a server with an external USB backup drive (flakey, I know). I'd like to mount it somehow so if the drive is removed, my backups don't fill up the disk where the mount point is.05:37
jkitchenanyone else have issues with ganglia-monitor and upstart on 13.04?06:11
jkitchenI would assume I need to have daemonize = no in gmond.conf for upstart06:12
jkitchenbut starting, stopping, whatever is just hanging there doing seemingly nothing.06:12
Carbon_MonoxideHi! I use USB thumb to install Ubuntu Server. The installation screen freezes on 'Language Selection' after I chose 'Basic Server Install'. It shows the language list but I can't move the highlight.06:33
=== Guest69245 is now known as bitnumus
RoryCarbon_Monoxide: Do you have access to a PS/2 keyboard instead of USB?09:29
Carbon_MonoxideRory: Not yet. This is what I'm going to try tonight after I read one of the question in Stackoverflow09:31
Carbon_MonoxideRory: I was using a Thinkpad USB keyboard which is not really common. It has a trackpoint on it.09:32
RoryI think there's some sort of bug with USB keyboards09:40
RoryI remember reading one shortly after 13.10's release, but I can't remember what all the affected systems had in common, besides using a USB keyboard09:40
=== freeflying is now known as freeflying_away
Carbon_MonoxideRory: Thanks for the hint!10:52
jamespagerbasak, you got these on your list for merging? - http://paste.ubuntu.com/6447537/10:55
TazmainianDevilhi all I need some help with running a program that is similar to git at startup.11:26
TazmainianDevilI am having a problem with perforce I am running ubuntu 12.04 when I put the command /Perforce/p4d in the /etc/rc/local file the server starts but it does not start correctly. As in I cannot access the server although it is running. When log into the server and cd /Perforce and then ./p4d it works perfectly.11:32
=== freeflying_away is now known as freeflying
=== io is now known as IdleOne
gyre007guys....when I use --verify-passphrase can I still use /etc/crypttab to automatically mount encrypted device on boot ? ie does it have any effect on crypttab ...I dont want to be entering password on every boot...12:24
=== chuck__ is now known as zul
TheOspreyHi all13:05
makarado I need to restart an EC2 instance if I've added a port to the security group it is part of?13:35
=== exekias_ is now known as exekias
rbasakjamespage: they're both on the report. I will look at them, but probably not for a couple of weeks. yolanda: is https://code.launchpad.net/~yolanda.robla/ubuntu/saucy/libnss-ldap/debian_merge/+merge/174993 relevant here? Was that supposed to have landed?13:42
mardraummakara: no, just apply the change to the security group.13:43
yolandarbasak, that's merge i did on summer and was approved, wasn't landed in the package?13:43
yolandai don't have permissions to do it, but i assumed it landed13:43
mardraummakara: the security group is like a firewall in front of your instance, it has nothing to do with the instance itself.13:43
rbasakyolanda: I don't think it did: https://launchpad.net/ubuntu/+source/libnss-ldap13:43
makaramardraum, so it should be instantaneous?13:44
mardraumwhen you apply the change, yes13:44
makarabecause nmap shouldn't show the port I just opened13:44
mardraumperhaps nothing is listening our your connection is filtering outbound to it?13:44
makarawhen I nmap localhost from ssh it shows the open port13:47
yolandarbasak, looks strange. version in trusty i see is 264-2.2ubuntu4, but version in my MP is (264-2.5ubuntu1. Not only my change, but some others are missing then13:48
makaraminus the ports 110 and 2113:48
zuljamespage:  i get to use dh_autoreconf today lucky me14:01
jamespagezul,\o/14:02
makaraholy cow14:15
makaramardraum, corporate firewall was blocking my nmap scan to that port14:15
makarais there a script I can run to check which ports my firewall is blocking?14:17
Novato__Hi people14:35
Novato__i have big problem in my server ubuntu 12.04 : Not found Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 8014:35
Novato__I canot enter to asterisk and zoneminder because always i have this error Not found Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 8014:36
RoryNovato__: Where are you seeing that error?14:36
RoryNovato__: Are there any errors in the apache error logs?14:36
Novato__in my server ubuntu example: I want enter to zoneminder: http: ip/zm  =  Not found Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 8014:36
Novato__Http:ip:8088  (asterisk)   =  Not found Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 8014:37
Novato__Rory: is apache14:37
Novato__ohh! so can repair this14:37
Novato__I´m  new in this14:37
Novato__but I want to learn14:37
RoryNovato__: That is probably a 404 error (page not found)14:37
Novato__i want ubuntu because is the best14:37
Novato__Rory:  helpm me please!14:38
RoryNovato__: You say you're going to http://ip/zm - did you already configure zoneminder under a directory called "zm" ?14:38
RoryNovato__: Can you please paste your apache error log files (found in /var/log/apache2)14:38
Rory!paste14:38
ubottuFor posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.14:38
Novato__yes! i´m installed zoneminder14:38
Novato__Rory: http://paste.ubuntu.com/6448414/14:39
RoryNovato__: Can you please paste your apache error log files (found in /var/log/apache2)14:39
RoryNovato__: That what you showed me was an error from some web browser14:39
Novato__ok! i´m in my server14:39
RoryNovato__: I need you to run "sudo apt-get install pastebinit"14:40
Novato__in my server==??14:40
Novato__why=?14:40
Rorywell i want you to pastebin your apache error logs14:40
RoryI don't care how you do it lol14:40
RoryThat's just the easiest way14:40
Novato__Rory:  ok14:42
RoryNovato__: so a quick way to do that is this command14:43
Rorysudo sh -c 'cat /var/log/apache2/*error*' | pastebinit14:43
Novato__Rory: so first sh -c14:43
Novato__wait please14:43
RoryNo, this whole command, copy and paste it14:43
Rorythat entire line:14:44
Rorysudo sh -c 'cat /var/log/apache2/*error*' | pastebinit14:44
Novato__my server not respond14:44
patdk-wkif I get asked to witelist 10.10.x.x one more time!14:44
Novato__Rory: http://imagebin.org/27803614:45
RoryNovato__: i need the paste.ubuntu.com url that is produced by running the command above14:46
Novato__Rory: http://paste.ubuntu.com/6448414/14:47
Novato__this is error14:47
RoryNovato__: I can't help you any more without that information14:47
Novato__Rory:  but this is error:14:48
Novato__Opera's connection attempt to 192.168.5.188 was rejected. The website may be down, or your network may not be properly configured.14:48
RoryNovato__: Please can you install the "pastebinit" program (sudo apt-get install pastebinit) and then show me your Apache error logs with the command: sudo sh -c 'cat /var/log/apache2/*error*' | pastebinit14:48
Novato__The requested URL /zm was not found on this server.  Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 8014:48
RoryOK I'm done here :)14:48
Novato__Rory: i´m used wuindouxxxx14:48
Novato__in my laptop14:49
Novato__my server is ubuntu 12.0414:49
Novato__Rory: http://paste.ubuntu.com/6448414/14:49
Novato__Rory:  http://paste.ubuntu.com/6448475/14:50
Novato__i canot enter to y softwares in my server ubuntu 12.0414:50
makarawhy does htop show multiple PIDs for mysql for example14:51
Rorymakara: because it spawns multiple child processes14:51
ogra_makara, it shows one line for each thread by default14:51
Roryogra_: Is that the case?14:51
=== Jikan is now known as Jikai
Roryogra_: I thought they were actual real UNIX processes?14:51
ogra_makara, go into the htop settings and disable userlan threads in the display options14:51
Novato__Rory:  so=??14:52
Novato__help me o no=?14:52
makaraogra_, how to edit htop settings?14:52
RoryNovato__: Please can you install the "pastebinit" program (sudo apt-get install pastebinit) and then show me your Apache error logs with the command: sudo sh -c 'cat /var/log/apache2/*error*' | pastebinit14:52
RoryNovato__: Do the above on your server14:52
makaraok14:53
ogra_makara, see at the bottom ... "setup"14:53
Novato__Rory: http://paste.ubuntu.com/6448508/14:55
Novato__Rory: check the web =?14:56
Roryok Novato__ so I can see when you browse to "http://yoursite/zm" then Apache is looking in the folder /var/www/zm but that doesn't exist.14:56
makaraogra_, should 8 Apache2 workers still be showing, cos I see them14:56
RoryNovato__: how did you install zoneminder, were you following a guide?14:57
Novato__Rory:  i´m used guide for the other server is ok14:57
ogra_makara, well, it will only switch off threads, if there are separately started processes they will indeed show14:57
Novato__is teh same guide14:57
RoryNovato__: Could you link me the guide so I can see?14:57
Novato__Rory: http://www.zoneminder.com/wiki/index.php/Ubuntu_Server_12.04_64-bit_with_Zoneminder_1.25.0_the_easy_way14:58
RoryNovato__: Did you follow every step? Could you please run the command "pastebinit /etc/apache2/conf.d/zoneminder.conf"14:59
Novato__the diferent in the guide in the step of IP14:59
RoryIt looks like you probably missed at least one step. ignore IP14:59
Novato__because my ip is dhcp not is IP14:59
Roryyes that isn't the problem here14:59
RoryThe problem is that apache has no idea where zoneminder is. Can you run that command above so I can see the apache config file for zoneminder?15:00
Novato__Rory:  tell me the command for repair the apache15:02
=== Jikai is now known as Jikan
Novato__o check the apache15:02
Rory"pastebinit /etc/apache2/conf.d/zoneminder.conf"15:02
Novato__Rory:  I dont have nothing15:03
Novato__all is black jejeje15:04
RoryNovato__: OK then you have missed a step from the tutorial15:04
Novato__Rory: v15:04
Novato__any words or numbers15:04
RoryNovato__: It looks like you ran the command: ln -s /etc/zm/apache.conf /etc/apache2/conf.d/zoneminder.conf15:04
RoryNovato__: But you need to run that with sudo, like this: sudo ln -s /etc/zm/apache.conf /etc/apache2/conf.d/zoneminder.conf15:04
Roryand then "sudo service apache2 reload"15:04
Novato__Rory:  http://paste.ubuntu.com/6448553/15:05
Novato__this is ok!15:05
RoryNovato__: Ok so now does it work?15:06
Novato__wwwwwwwwwwwwwwwwwwwwwwwuuuuuuuuuuuuuuuuuuuuuuuuuuuueeeeeeeeeeeeeeeeeeeeeeeeeeee15:06
Novato__yupi congratulations15:06
Rory!yay15:06
ubottuGlad you made it! :-)15:06
Novato__Rory:  thnaks boy15:06
Novato__thanks15:06
Novato__wue wue15:06
Novato__;)15:06
Novato__gracias!15:06
Novato__danke!15:06
RoryNo problem15:07
Novato__Rory:  so the asterisk is same15:07
xpistoshey all. is there some way I can lighten the load on my home server. when I ssh in it says the load is higher than 2.0?15:07
RoryNovato__: What is that?15:08
RoryNovato__: again, you need to make sure there is a configuration file for it15:08
Novato__ok! the asterisk I can install all ok but15:08
Novato__error 404 dont found15:09
Roryxpistos: if you run the "top" or "htop" commands do you see any processes using a high CPU% ?15:09
Novato__the same error of zm15:09
RoryNovato__: Are you following a guide to install it?15:09
Novato__yes15:09
Novato__wait please15:09
Novato__Rory:  http://www.joseschenone.com.ar/2012/11/instalacion-de-asterisk-en-10-sobre.html15:09
Novato__Rory:  if do you have other web site best that this !15:10
xpistosRory: init15:10
Novato__o best guide!15:10
RoryNovato__: Asterisk has its own web server it doesn't use apache. You need to go to http://yoursite:8080 not http://yoursite/808015:11
Novato__yes! mi http:ip/808815:11
Novato__Rory:  The requested URL /8080 was not found on this server.15:11
Novato__Rory:  Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 8015:11
Rory You need to go to http://yoursite:8080 not http://yoursite/808015:11
RoryThat is a : not a /15:12
Novato__Rory: This webpage is not available15:12
Novato__Rory: The connection to 192.168.5.188 was interrupted.15:12
Novato__same15:12
xpistosRory: Also Landscape jumps ump and down as well15:12
RoryNovato__: "sudo service asterisk restart"15:12
Novato__: o with /15:13
Novato__same error15:13
RoryNovato__: What is the output of "sudo service asterisk restart" ?15:13
Novato__Rory: http://paste.ubuntu.com/6448592/15:14
RorySorry Novato__ it is http://ip:808815:15
RoryNovato__: From the guide: Para acceder al panel de administración web, ingresamos a http://ip_del_servidor:808815:15
RoryNovato__: You can see what port it is using by editing the file /etc/asterisk/http.conf15:16
Novato__Rory:  hablas español=?15:22
RoryNo15:22
Rory!es15:22
ubottuEn la mayoría de los canales de Ubuntu, se habla sólo en inglés. Si busca ayuda en español entre al canal #ubuntu-es; escriba "/join #ubuntu-es" (sin comillas) y presione intro.15:22
Novato__ubottu:  no hablo contigo15:22
ubottuNovato__: I am only a bot, please don't think I'm intelligent :)15:22
Novato__ubottu:  family of kubot ahhhhhhhhhhhhhhh15:23
ubottuNovato__: I am only a bot, please don't think I'm intelligent :)15:23
Novato__Rory:  nothing15:23
Novato__Rory:  i´m reinstal astrisk ok15:23
Novato__asterisk15:23
RoryNovato__: "pastebinit /etc/asterisk/http.conf"15:23
Novato__ok15:24
Novato__Rory: http://paste.ubuntu.com/6448640/15:25
RoryNovato__: i suppose you could try reinstalling asterix15:26
Novato__Rory:  check the web of pastebin15:27
Roryyes Novato__ I saw that15:27
RoryNovato__: Can you double-check you are typing it properly, go to http://ip:808815:28
Novato__Rory:  so reinstall asterisk15:28
Novato__how eraser the asterisk15:28
Novato__because canot reinstall15:28
hispeed67anybody know if there has been any success with wnda3100 v2 usb wireless working?15:29
Novato__Rory: if install asterisk =  asterisk is already the newest version.15:29
RoryNovato__: sudo apt-get install --reinstall asterisk15:29
Novato__Rory:  you are genous15:30
Novato__genious15:30
Novato__jejeje15:30
Novato__ ;)15:30
Rorygenius*15:30
RoryAnd yes, yes I am15:30
Novato__Rory:  in 15 minutes i´m send the message15:30
Novato__sotrry for my english15:30
Roryit's OK15:30
Rorytry #ubuntu-es also15:31
gyre007is it me or is LUKS simply BROKEN ?? https://gist.github.com/milosgajdos83/756557015:57
gyre007why is it giving me some NONEXISTENT UUID ?15:57
gyre007arrghh15:57
xnoxgyre007: because symlinks are not updated by udev, when you reformat with cryptsetup?15:58
xnoxgyre007: and a new uuid is generated when you format it.15:58
xnoxgyre007: reboot and check again.15:58
gyre007is there any way to reload udev then ?16:00
gyre007without rebooting ?16:00
gyre007this is confusing the hell out of me16:00
gyre007also is that the UUID I should be using in fstab to mount the encrypted device automatically ?16:01
Novato__Rory:  fail! the asterisk16:07
Novato__dont up!16:07
Novato__s down :(16:08
Novato__kell me ! bum16:08
Novato__Rory: where arledy=?16:10
gyre007xnox: I found out that the mapper device after reboot totally disappears w00000t ?!16:21
ancasterHey all. I've got a server in our lab backing up to external USB drives and NFS shares (rsnapshot).16:21
gyre007mapper device created by cryptsetup16:21
ancasterIs there anyway to ensure the drives/shares are mounted before backup begins so that if not the drive they are mounted on doesn't fill up?16:21
ancasterFlaky set up, I know.16:21
zerickancaster, maybe this could help http://stackoverflow.com/questions/17612004/linux-shell-script-how-to-detect-nfs-mount-point-or-the-server-is-dead16:33
ancasterzerick: thanks. I just also found the 'mountpoint' utility. returns true if a path is a mount point.16:36
tonyyarussoYou could also start by reading /etc/mtab or the 'mount' output16:37
ancasterzerick: I also considered placing the mount points in a tmpfs filesystem so that, worst case, the tmpfs filesystem fills up.16:37
ancastertonyyarusso: ... and just grepping it. yeah, okay that works too.16:43
novatohi!16:57
novatonext of install ubuntu server what can doit in this server for segurity16:57
novatofortinet o firewall=?16:57
novatowhat='16:57
novatorecommendations please16:58
gyre007anyone has seen that dm-crypt device would disappear after reboot ?16:59
novato=?16:59
gyre007thats basically the reason why my luks encryption isnt working16:59
gyre007for some reason dev mapper device just disappears after reboot16:59
gyre007w000t16:59
smoserhallyn_, do you have thoughts on this:17:00
smoserhttp://askubuntu.com/questions/376345/allow-loop-mounting-files-inside-lxc-containers17:00
hallyn_smoser: can you get dmesg output by chance?17:02
smoserI probably *can* :)17:02
hallyn_smoser: the two first possibilities would be (a) apparmor and (b) the loop file is one with partitions.17:03
smoserhallyn_, 'b' is not true17:05
smoseri'll see if i can't reproduce17:05
hallyn_smoser: so something has done an losetup i assume?17:06
smoserwell, 'mount -o loop,ro' does17:07
smoserbut, yeah.17:07
hallyn_well at the end there is17:07
hallyn_root@maaslxc2:~# mount /dev/loop0 /mnt17:07
hallyn_mount: block device /dev/loop0 is write-protected, mounting read-only17:07
smoserthat was as a simple example17:08
hallyn_man the messed-up syslog is really being a pain17:17
hallyn_smoser: it's simply apparmor.  add a rule to allow mounting anything to /mnt to a custom profile, and it works.17:20
smoserhallyn_, example ?17:23
hallyn_smoser: well simplest is to just set lxc.aa_profile = unconfined,17:23
hallyn_but you can also just add17:23
hallyn_'mount,' to /etc/apparmor.d/lxc/lxc-default-with-nesting17:24
hallyn_or 'mount -> /mnt/**, mount -> /mnt/'.17:24
smoserhallyn_, the /mnt confuses me.17:25
smoserthats interpreted in the containerized namespace ?17:25
hallyn_yes17:27
smoserhow is that even useful ?17:28
hallyn_don't you want to be able to mount /dev/loop0 to /mnt in the container?17:28
smoserwell, i dont really care where it is mounted to. most likely i want to mount it into a tmpdir17:28
hallyn_then you'll have to allow mounting to '/tmp/**'.17:28
smoserit just seems odd to me that apparmor would interpret the targets from the containerized namespace17:29
hallyn_it has pivot_root.  it's the pathname, period.17:30
hallyn_*pivot_root()ed17:30
hallyn_that means / in the container does not have a parent dir17:31
hallyn_(if it did, then the classic chroot escape would work, barring LSM)17:32
gyre007guys anyone knows why would luks dm-crypt device disappear after the reboot ?17:32
hallyn_(and /proc/self/maps and related output would show the whole pathanme)17:32
gyre007I just dont get it17:32
hallyn_do you need to  load a module that isn't being autoloaded?17:32
smoserhallyn_, "mount fstype=fuse.*,"17:33
smoserisn't that generally a lot more dangerous than loopback mount ?17:33
smoserand its enabled (apparently) by default17:34
hallyn_smoser: any unprivileged user on host can use fuse, therefore it is not an escalation.17:34
hallyn_smoser: the difference is, loopback mounts let you exercise the in-kernel superblock parser for all built-in filesystems17:34
hallyn_fuse sb parsers are in userspace17:34
smoserreally?17:35
smoserfuse is allowed by default?17:35
hallyn_that's what i'm told.  stgraber ^ ?17:35
hallyn_smoser: plus, what we absolutely positively want to avoid is /proc and /sys being remounted elsewhere (and debugfs, securityfs, etc).17:36
hallyn_until we can specify per-fstype apparmor rules17:36
hallyn_probably "mount fstype=ext*," would be safe to allow in containers, imo17:37
smoserwell, that is possibly/likely explolitable into kernel crash17:38
smoserat least as i'm told such things are possible (if you can mount a bad filesystem, that checks are limited)17:38
hallyn_smoser: yes, but i like to think that ext2/3/4 are safer than others.  maybe i'm delusional.17:40
hallyn_somebody does need to vet those at some point!  :)17:40
stgrabersmoser: fuse sure is enabled by default, that's how all of the gvfs mounts on the desktop works and how sshfs and others work too17:40
jdstrandhallyn_: apparmor.d tells me that fstype is supported in mount rules (I've not done it personally)17:47
jdstrandhallyn_: man apparmor.d that it17:47
jdstrandis*17:47
stgraberjdstrand: yeah, that's already how we allow fuse mounts (fstype=fuse.*)17:48
hallyn_jdstrand: yeah i wasn't saying apparmor doesn't allow it - *we* don't yet allow it :)17:54
hallyn_(fstype = ext*, that is)17:54
sarnoldman, is fuse better than ext in that respect?17:55
sarnoldI've always worked under the assumption that fuse could wedge a machine solid, anyway. is that an incorrect assumption?17:55
smosersarnold, i kind of had that same feeling.17:55
hallyn_i hope it's an obsolete assumption17:55
=== cmagina is now known as cmagina-lunch
sarnoldobviously something that needs some investigating17:56
hallyn_agreed.  i've not looked into it in years17:56
smoserhallyn_, so what is the difference between17:57
smoser /etc/apparmor.d/abstractions/lxc/container-base17:57
smoserand17:57
smoser /etc/apparmor.d/abstractions/lxc/start-container17:57
smoseri understand (i think) the reason for such things17:57
smoserbut both are included from /etc/apparmor.d/lxc/lxc-default-with-nesting17:57
stgraberstart-container is the profile used for lxc-start, container-base is the profile used for the actual container17:58
sbeattiesmoser: can I ask what the need for loopback mounting is; is it a use case that wouldn't be satisfied by bsdtar?17:58
stgraberwith-nesting needs both as the container will also call lxc-start17:58
smoserstgraber, so how is one profile chosen?17:58
hallyn_lxc-default is the default, if you want to run nested containers then you must change it to lxc-default-with-nesting17:59
smosersbeattie, you're suggesting that bsdtar can read an ext4 filesystem in a file ?17:59
hallyn_which is, obviously, much less sfae17:59
smoserhallyn_, how do you change it ?18:00
stgraberlxc.aa_profile in the config18:00
sbeattiesmoser: it can read iso9660, I can't remember if it can read ext4 (probably not)18:00
smoseri didn't realize it could read iso9660, thats pretty neat. i'm not aware of any general user-space extX filesystem implementation.18:01
* hallyn_ chuckles, something about using qemu :)18:01
hallyn_but obviously you really want to ship zfs, and use zfs-fuse in the container18:02
sarnoldblech please no zfs-fuse. yes it's an amazing accomplishment, no it isn't a replacement for ZoL. hehe.18:03
hallyn_sarnold: ah, but zfs-fuse would be allowed by default in the container, is my point18:03
smoserhttps://github.com/gerard/ext4fuse might be able to accomplish what i need. but fuse.18:03
sbeattiesmoser: there's also fsarchiver, which claims to handle ext4 and btrfs, but I've forgotten how it well works, and it also advertises itself as not being ready for production use.18:03
sarnoldhallyn_: ah. still. fuse.18:04
hallyn_:)18:04
sarnold:)18:04
sbeattieoh hrm, not thinking very well, fsarchiver might not handle non-block devices18:05
* sbeattie really wants good solutions for pulling files from filesystems stored as images that don't require root privileges.18:06
sarnoldhear hear18:06
smoser⟫ ls /var/lib/lxc/18:06
smoserls: cannot open directory /var/lib/lxc/: Permission denied18:06
smoseris that expected ?18:06
smosersbeattie, libguestfs really is a good solution18:06
smoserits just heavy18:06
jamespagejdstrand, are you able to attend the juju -> main session right now?18:07
smoserit uses really well tested filesystem drivers (inside the linux kernel!)18:07
smoserhallyn_, ^.18:07
jdstrandjamespage: no-- mdeslaur is there18:07
sarnoldjamespage: mdeslaur and I are attending18:07
jdstrandjamespage: and sarnold18:07
smoseris it expected that /var/lib/lxc is non-readable by non-root ?18:07
jdstrandsarnold: hah :)18:07
jdstrandsmoser: yes, that is a recent change18:08
hallyn_smoser: yes.18:09
hallyn_smoser: you can change it once and lxc won't re-set it for you, but alas it sort of has to be that way18:09
hallyn_the curse of setuid bit.  if only we could do away with it18:09
smoserhm... /me just finds it easiest to 'chmod 4755 /bin/bash'18:11
sarnoldlol18:12
hallyn_when i want information, i just get the username/password from any nsa employee willing to hand them over (which is most of them) and use their account to look at full history of, well, every bit xferred on the net.18:13
* hallyn_ grumbles something about millions spent on security evaluations by nsa, only to have their employees hand over pwds...18:13
hallyn_(in other words, why NOT just chmod 4755 /bin/bash)18:14
sarnoldbecause bash defeats that. bash is no fun.18:15
hallyn_lol18:17
smoserit does ?18:17
hallyn_yeah18:17
hallyn_which really has messed me up in the past when i tried testing file capabilities wrt scripts.18:17
jrwrensmoser: i missed the cloud-images session :(  I wanted to share my list of packages which I find superfluous. aptitude, os-prober, ppp, rsync, tcpd, usbutils, wirelesstools, wpasupplicant18:20
sarnoldrsync? really?18:21
smoserjrwren, thanks for the input. those are definitely useful input.18:21
smoseraptitude was on my list.18:21
jrwrenone can always apt-get it. it certainly isn't needed for many cloud systems.18:21
smoserapparently lots of people use it though.18:21
jrwreni just wanted to share. some were strange to me, if not removed maybe some docs around why they are there. especially the wireless and wpa18:22
smoserjrwren, the primary issue with just removing stuff is that cloud-image is superset of server. server is superset of standard ...18:22
smoserthats where a bunch of them come in.18:22
smoserwe can do some things though.18:22
smoserthanks for your input.18:23
smoser(many things end up getting pulled in from 'recommends by default')18:23
jrwreni see. i didn't know it was superset of server18:23
smoserit always has been. there isn't a *huge* reason for that.18:24
jdstrandjamespage: mdeslaur filled me in on the outcomes. sounds very reasonable. thanks! :)18:46
jamespagejdstrand, np18:46
vlad_sta_Question: Having Ubuntu 12.04.3 LTS. MD RAID 1. After reboot got this in syslog: "md1: detected capacity change from 0 to 999069384704" and "md1: unknown partition table". It waited awhile and then booted successfully. Is it a bug or anything I should worry about? Thnx.19:14
=== Jikan is now known as Jikai
=== cmagina-lunch is now known as cmagina
=== Jikai is now known as Jikan
Roryvlad_sta_: If it boots sucesfully from your RAID array, then it is obviously working. They're usually warnings, not errors19:37
Roryvlad_sta_: If you really had an invalid partition table there wouldn't even *be* a syslog to read :)19:37
vlad_sta_Rory: OK:)19:37
jamespagemdeslaur, reflecting on the fact that 5.5 is support until 2018 makes me reticent to jump to 5.6 for 14.0420:02
mdeslaurjamespage: yeah, I agree20:03
mdeslaurjamespage: although...that would still leave us with a year without support possibly20:03
mdeslaur14.04 -> 19.0420:03
mdeslaurproblem is we have no idea what the security fixes are, so there's no way for us to backport them even if we wanted to during that year20:04
=== Ursinha is now known as Ursinha-afk
henkjanjamespage: what are the arguments against 5.6?20:10
lifeless5.6 of? mysql?20:13
Novatohi people20:17
Novatohow I can reinstall asterisk20:17
=== Ursinha-afk is now known as Ursinha
Novatobecause when I write to terminal:  sudo apt-get install asterisk   =   asterisk is already the newest version.20:18
NovatoRory: hi! how are you=??20:19
NovatoRory: remember the command of reinstall  asterisk20:19
Novato=?20:19
Novatohelp me with asterisk in ubuntu please20:21
NovatoI need reinstall this software20:21
=== Jikan is now known as Jikai
leecallen35Greetings fellow ubuntunians...20:30
leecallen35I am configuring some ubuntu servers for headless operation, for use in places where they cannot easily be accessed.20:30
leecallen35What strategies can I use to minimize the chance of a corrupted filesystem throwing the system into maintenance mode?20:30
leecallen35(besides booting from read-only media, which seems to be too onerous to set up)20:31
=== Jikai is now known as Jikan
leecallen35Okay I will start...20:44
leecallen35What I can think of: separate partitions for / /boot /usr /home and data...20:45
leecallen35use mirroring, and a fs like ext4 with journalling20:45
leecallen35and zfs for my big data filesystem (which will be a media server)20:46
leecallen35(oops left out /var -- definitely a separate partition for /var)20:49
Arrick!lamp20:59
ubottuLAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process.20:59
tonyyarussoSo...does anyone understand the merits "UsePAM yes" vs "UsePAM no" in sshd_config?  It looks like "yes" is the default, but I'm having some things that don't work unless it's set to "no", and I don't understand PAM well enough to understand why.21:05
Arrickok... whats the LAMP-server package called today? trying to install it on 12.04 lts21:07
tonyyarussoArrick: By today, do you mean in 13.10?21:07
tonyyarussooh, no21:08
tonyyarussoReading fail21:08
Arrickno, 12.04 lts21:08
Arricklol21:08
ArrickI tried lamp-server and nada.21:08
Arrickfirst two lines of https://help.ubuntu.com/community/ApacheMySQLPHP work... it shows the root of the server though.21:08
tonyyarussoArrick: lamp-server^ - the ^ apparently marks it as a "task".21:09
Arrickahh... Ok, I used the tasksel install lamp-server and it installs... but when I drop an info.php file into the root, it doesnt display when I point at it directly21:10
tonyyarussoWhat does it do instead?21:11
Arrickpage cannot be displayed21:11
Arrick404 error21:11
tonyyarussohuh21:11
tonyyarussoI would think both ways should work the same...21:12
Arricklol21:16
ArrickI forgot to change the default directory of the default site.21:16
tonyyarussoha21:16
tonyyarussoThat'll do it21:16
=== Mapley|group is now known as Mapley
=== Mapley is now known as Guest20302
=== Guest20302 is now known as Mapley
Arrickhey tonyyarusso what command do I run to tell me the current permissions of a directory?21:34
tonyyarussoArrick: ls -ld /path/to/directory21:35
tonyyarussoDrop the d if you want the permissions of the stuff IN the directory rather than the dir itself, or replace it with a if you want to see both at once21:36
Arrickso... refresh my memory, what does this mean? drwxrwxrwx 47 root root 4096 Nov 20 15:5721:38
Arrickroot user, root group I understand...21:38
PiciWhich part is confusing?21:38
patdk-lap4721:38
Arrickis that 755, or 777?21:38
Arrickand what is 4721:39
Arrickcorrect21:39
PiciThats 777, rwx for u g and o21:39
Arrickok21:39
Arrickwhats the 47?21:39
patdk-lapinode?21:39
Pici47 is the number of links to the path.21:40
Picier, inode21:40
patdk-laplinks to the path, that is funny :)21:40
Arrickok21:40
TheLordOfTimei see an "Out of memory: Kill process #### (processname) score 549 or sacrifice child" error, what does the score mean there, and how is that the deciding factor for the OOM kill?22:09
TheLordOfTime(that message was in dmesg)22:09
Patrickdkbetter than it used to be22:13
PatrickdkOOM kill used to just pick one at random, or the one using most memory22:13
Patrickdkbad idea to kill mysql, cause it uses a lot of memory, on a mysql dedicated machine22:13
sarnoldTheLordOfTime: http://lxr.linux.no/#linux+v3.12.1/Documentation/filesystems/proc.txt#L136622:39
RoryTheLordOfTime: or... or *sacrifice child*23:07
RoryI'd just like to point out that interesting recommendation by oom-killer there23:08
joeyywere is the 32bit server img at for usbstick install23:35
sarnoldjoeyy: try this? http://www.ubuntu.com/download/server/thank-you?distro=server&bits=32&release=lts23:37
joeyywas loooking for img for usb stick or can i just dd that img23:38
=== freeflying is now known as freeflying_away
xnoxjoeyy: all our .isos can be dd to usb-stick.23:41
xnoxjoeyy: and they will work in both BIOS and UEFI and SecureBoot modes.23:41
xnox(well you need 64-bit one for UEFI & SecureBoot)23:41
joeyyah ok23:41
joeyywhat would u recmmend 32 bit or 64 bit on atom d510 1.66ghz with 2 gig ram23:42
xnoxjoeyy: well that processor is 64-bit and 64-bit images are our default. But since it's only 2 gig of ram, you will have lower memory usage if you go with 32-bit image.23:45
sarnold.. but then you've got more restricted registers in the compiled code. I'd probably go for 64 bit just to keep parity with other 64 bit devices I've got, but wouldn't really care one way or another23:46
xnoxyes, I value keeping environment homogenious. all my machines are 64-bit regardless of RAM size, it means that i can self-compile / recompile software once and deploy to all machines.23:47

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!