[00:09] I managed to fuck up some on mine server... believed I didn't need apparmor... removed it and with it followed LOT stuff :O [00:10] included gnome... now it seems desktop window are borked === bradm_ is now known as bradm [00:15] blueking: please try to control your language [00:18] sorry ikonia [00:19] no problem, just a nudge [00:39] jrwren, http://pad.ubuntu.com/server-seed-review [00:39] that is jamespage seed review notes. [00:39] i was / am adding yours [00:55] thanks. [01:29] hello all. I'm the defacto sysadmin for a uni neuroimaging lab. We have 15 pretty powerful workstations and one server, all ubuntu. [01:30] We have more workstations on the way. all are clustered together using sun grid engine, but also seat humans during the day. [01:31] I'm thinking about a better way to provision everything and keep bits of software and whatnot coordinated across all the machines. [01:31] I've been playing with ansible, and now recently with MAAS to manage PXE booting (something we don't do). [01:32] Is MAAS overkill for a 20+ desktop stations? is there something more apt I could be using? [01:32] Does it make sense to combine MAAS and ansible to manage configurations? === jp__ is now known as ancaster === worth is now known as mushtar === Gnubie is now known as Guest28707 === Guest28707 is now known as Gnubie_ [02:20] ancaster: MaaS is for rolling out machines on a regular basis. that doesn't sound like what you're doing [02:25] pmatulis: thanks. Okay, I guess I just thought it might be helpful for getting PXE booting up and running. [02:25] pmatulis: do you think this is something better to just roll my own? [02:26] ancaster: try cobbler [02:27] ah, i'd seen that but read somewhere that for ubuntu it was the basis of MAAS so just when directly there. [02:27] *went [02:27] pmatulis: so cobbler runs well on/for ubuntu then? [02:28] ancaster: that's what MaaS used to have under the hood i'm quite sure. but now MaaS contains rewrites of just the necessary bits that cobbler gave MaaS [02:28] pmatulis: ah, I see. [02:28] please, don't use cobbler [02:28] maas will work fine here [02:28] bigjools: oh? [02:29] cobbler is ancient and has more holes than swiss cheese [02:30] bigjools: hmmm. is there something better? [02:30] you can provision with maas and use landscape for package management [02:30] landscape costs $$ right? I'm not sure our lab admin will spring for that. [02:31] it's free up to so many seats IIRC [02:31] (even though they'll happily pay for my time to sort all this cruft out) [02:31] ah, okay. [02:31] failing that you might try puppet [02:31] but ymmv [02:32] i've been playing with ansible for most of the post install setup actually. seems easy enough. [02:34] the only way landscape can be free is for a trial account, which expires after 30 days [02:38] ah [02:44] so uhhh [02:44] ayone else have like major issues setting up xen on ubuntu-server [02:45] cause i most certainly have been having a miserable time with it [02:45] lol [02:46] bigjools: pmatulis: okay, thanks for your ideas. I'll consider. === gfrog is now known as gfrog_busy === gfrog_busy is now known as gfrog [04:29] Anyone have experience with preseeding ubuntu installs? [04:33] !ask | parallel21 [04:33] parallel21: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience [04:33] kk === TDog_ is now known as TDog [04:46] I'm getting an error when at the end of my preseed on the command `d-i finish-install/reboot_in_progress node` failed with exit code 127 === freeflying_away is now known as freeflying [07:03] Can anyone point me at a method to block all (or at least most) Tor traffic? [07:27] TheLordOfTime: As in blocking traffic from tor exit nodes? https://www.torproject.org/docs/faq-abuse.html.en#Bans [08:59] hey all I have a postfix dovecot mysql with virtual user and domain and for some reason two mac mail clients cannot connect to outgoing postfix smtp server using tls and port 587 [09:00] Where does the iptables save the configuration to in 13.10 ? [09:10] mac_nibblet: To wherever you have iptables-save output it. [09:11] mac_nibblet: https://help.ubuntu.com/community/IptablesHowTo#Configuration_on_startup [09:13] i see [09:13] thanks [10:01] Hi, is it possible to create new directories with the owner being the owner of the parent directory instead of the user that created the sub directory? [10:11] maroloccio: yes. See: http://en.wikipedia.org/wiki/Setuid#setgid_on_directories [10:22] hi! [10:22] rbasak, I've already tried setgid and acl, will attempt one more time once my backups is done. Going to attempt acl recursive, hopefully that will sort it out as at the moment it is not doing what I want [10:23] Help me with manual partitioning raid on uefi [10:23] http://ubuntuone.com/35paRglcvXUeGxZooESxaP [10:24] but uefi don't see grub [10:28] maksymov, can't really help, I don't have systems with uefi but this link could be a starting point http://askubuntu.com/questions/355727/how-to-install-ubuntu-server-with-uefi-and-raid1-lvm also try doing a search on google, it might help you come up with something. [10:37] zul, I poked the precise-icehouse archive full of the main staging archive in the lab [10:37] however I did lose the backports you had already done - I'll try sort that out now [10:52] jamespage: added you to ~ubuntu-reports-dev [10:53] Daviey, thanks - opening report for icehouse cloud-archive [10:53] Daviey: does this https://code.launchpad.net/~james-page/ubuntu-reports/cloud-archive-icehouse/+merge/197337 look OK? [10:54] cloud-init ported to FreeBSD [10:54] jamespage: yeah, ideally... it might make sense to consider a bzr controlled wrapper script.. the cronjob is getting mental. [10:55] crontab* [10:55] ttx, yeah - I saw that [10:55] ttx: Yeah, and based on the windows codebase.. found that odd, personally [10:55] ported or re-implemented [11:11] Daviey: Licensing concerns, perhaps. [11:11] Daviey: Those guys seem to avoid anything that even smells of GPL (in any of its many varieties) like the plague. [11:30] soren: ah! [11:30] could well be [11:30] Daviey: I haven't actually looked, but I'm guessing the windows edition is Apache licensed or something. [11:31] it is [11:34] Downloaded Ubuntu Alternate Server 12.04 , In my server there are 4 HDD, How can i Configure Software RAID5 in it . [11:35] just came to realise that maybe acl isn't what I need, it seems to give write permission which is good but what I need is a way to create directories owned as the owner of the parent directory instead of as myself === wickedpuppy3 is now known as wickedpuppy [11:36] I need the newly directories to be foobar:user instead of user:foobar, anyone care to help me or at least point me in the right direction [11:38] Would like for foobar to be constant whenever I create a directory, I could chown but that becomes tedious after the fifth to tenth time [11:38] marcolino: Just set the sgid bit on the parent directory. [11:39] marcolino: sudo chmod g+s /path/to/directory [11:41] soren, tried that didn't see a difference when creating test directories even tried u+s which is what I need, yet newly directories are still owned by me also tried acl since this is what google pointed me to. I think it is a combination of both, however, the problem is getting it to work [11:42] Oh, sorry, I misread. [11:43] Yeah, setuid on directories won't work. setgid will. [11:44] I will be happy to just be able to create a sub directory as foobar instead of myself or maybe I am just going around this the wrong way... === jml_ is now known as jml [11:45] marcolino: What are you trying to do? [11:49] soren, just built an ubuntu development server, quite happy with the current initial basic setup. The problem I have is with /var/www which is owned by www-data, I am a member of it, however, drupal doesn't like the permission user:www-data, so I am attempting if possible to swap it around without having to chown all the time [11:50] since I've been using ubuntu I have never so far managed to do this, but I've decided I should look into it, it is actually tedious when apps expect www-data and not me as the user and acl, set(gid/ui) is not helping === gazoombo_ is now known as gazoombo === seiflotfy_ is now known as seiflotfy === mrmist is now known as mist [12:23] smoser, if you are happy with the initial list I've prepared for seed review, I'll circulate that via email as well. [12:27] zul, how about using {upstream_version}+master when we rebase patches on trunk etc... [12:33] zul, https://code.launchpad.net/~james-page/python-heatclient/ftbfs-1/+merge/197354 [12:52] zul: https://code.launchpad.net/~james-page/python-ceilometerclient/icehouse-ftbfs/+merge/197361 === gary_pos` is now known as gary_poster [13:29] jamespage: +1 [13:43] zul, ta [13:43] jamespage: git seems broken [13:44] zul, yeah - its stuck in new in -proposed [13:44] I pinged in -release to get it accepted [13:44] ack [13:44] question about amp [13:45] how to downgrade from php 5.4 to 5.3 [13:48] jamespage: its too early in the morning how do you wrap and sort again [13:48] zul, wrap-and-sort [13:48] jamespage: duh [13:49] zul, do you reckon smb would include your LDFLAGS export fix for the cloud-archive in the xen package? [13:50] jamespage: probably [13:50] jamespage, If smb knew anything about those [13:50] looks failry no-op for trusty imho === jibel_ is now known as jibel [13:52] zul, Which xen version is in cloud-archive anyway? [13:52] smb: the latest that was in saucy [13:53] zul, The one in saucy should actually need no LDFLAGS patch naymore after I merged back some Debian changes [13:54] I believe there was some chunk in there which caused them correctly to get passed on for userspace [13:55] smb: i think i ran in the ldflags issue when i was building for precise though memory is hazy right now because of lack of caffine [13:57] zul, It might be. I feels like a while ago and I think to remember that there was a version in between which at least had issues. Cannot remember either whether that was the final one or a previous. [13:57] Probably best to re-try current and we would see [13:58] (given enough caffeine) [13:58] jamespage: libvirt 1.2.0 is out as well (with the python split) [14:02] jamespage: https://code.launchpad.net/~zulcss/python-novaclient/d2to1/+merge/197373 [14:08] jamespage, i added some things. [14:08] i know that some of them are annoying (in that the're dependencies from other places) [14:21] jamespage: https://code.launchpad.net/~zulcss/python-glanceclient/d2to1/+merge/197380 [14:46] rbasak, ping [14:47] smoser: pong [14:47] https://code.launchpad.net/~smoser/maas/maas.ubuntu.com.images-ephemeral.saucy-generic/+merge/196790 [14:47] had you seen that ? [14:47] smoser: I have. I've been speaking to others on the Canonical hyperscale team who I thought would validate it. I'll check with them. If not, I can check it. [14:48] smoser: I mean it looks good in principle; just not verified that it actually works for us. [14:48] we have a hyperscale team ?!? [14:49] smoser: also, what do we need to validate releases other than saucy? Or will that change only affect saucy images? [14:49] if my team doesnt scale to the workload, can i offload some of it to the hyperscale team then ? [14:49] ;) [14:49] ogra_: juju add-unit :-P [14:49] lol [14:49] rbasak, well, i verifed all releases with diff. [14:49] smoser: oh, that's handy. [14:50] i thought i might try this morning to do a "compare-output" [14:50] that did all i did manually to just compare what youv'e built to what is on cloud-images [14:50] (diff was of the .manifest files) [14:50] which should ble sufficient here. [14:50] smoser: sounds like you've done much more of the validation I thought I'd need to do. [14:51] smoser: I guess I can do a run through of my other Saucy fixes from scratch, but use your patch instead of my workaround, and see if that works, and then we'll be good. [14:51] k. [14:51] i will try to put together a compare script for easier validation === gary_poster is now known as gary_poster|away === gary_poster|away is now known as gary_poster [15:35] Does anyone know why "df -H /" would show a drastically different number for space used than "du -s /"? I'm showing 20GB used when using df, but only 11GB used when using du. [15:39] savid: duckduckgo search for du v. df gives top 2 answers both with great explainations [15:40] tl;dr: usually its an open file descriptor that has been deleted, but not closed. (hence, open) [15:43] jamespage/hallyn: ping when you are both available (re: libvirt-python bindings) [15:43] jrwren, cool, thanks === freeflying is now known as freeflying_away [15:52] Hi there. What could be the equivalent on Ubuntu of this Suse command? chkconfig --list |grep -i sendmail Thanks [15:53] I know how to enable/disable services with update-rc.d , now I want to check if the service is already enabled [16:03] jodh, ^^ chkconfig for Ubuntu? I think I know the answer [16:06] jamespage/caraconan: no chkconfig as yet. An equiv would be "sudo initctl show-config sendmail|grep -q 'start on' || echo DISABLED" [16:13] What about services using init.d on Ubuntu, rather than upstart? [16:17] can anybody tell me how I would be able to mount an other hard drive to my server [16:35] anybody? [16:36] TimR: where is that hard drive? what options are available to you? [16:37] man lj1's connection resets are annoying... [16:38] I dont know I just want to know how to mount an other hard drive [17:00] TimR: mkdir -p /mnt/other_drive ; mount /dev/sdh1 /mnt/other_drive (replace /dev/sdh1 with whatever disk and partition the kernel reports for the drive in dmesg output or from sudo lshw -class disk [17:01] zul, adam_g: when icehouse archive pockets get populated this report will complete - http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/icehouse_versions.html [17:03] jamespage: ack...ill start queueing stuff up and making sure it builds locally [17:03] smoser, I uploaded the juju-core SRU that just got accepted into saucy into the cloud-tools staging area [17:03] zul, nice [17:03] you might have problems with ipxe [17:03] not sure that debhelper format 9 is supported on 12.04 [17:03] jamespage: nice [17:04] oh - no - I am mistaken [17:04] probably ok [17:28] smoser, I'm drafting the seed review email to -devel -server -cloud [17:28] want to put that in an etherpad ? [17:28] do you think I should include the pad contents or just refer people to the pad? [17:29] include the changes we are dicussiong [17:29] you can link to the padd for more info if you'd like [17:29] but people responding there will want to respond to something inline. [17:30] smoser: http://pad.ubuntu.com/server-seed-review [17:43] any manual on how to install openstack on 13.10, all I found is for 12.04 [17:53] szaus18, broadly the instructions are the same - just skip the bits about enabling the cloud-archive for 12.04 [17:53] its all in distro [17:53] szaus18, fwiw the recommended platform is 12.04 [17:54] 13.10 works just fine - but you only get 9 months before you have to upgrade [17:56] jamespage: thanks, trying here. I need 13.10 as I'm trying this on a powerpc 64b server [17:56] szaus18, that sounds like a good reason to use powerpc [17:56] 13.10 rather [17:57] (cloud-archive for 12.04 does not support powerpc port) [17:57] i could spin devstack for a quick try, which i normally do on x86, but powerpc does not have nodejs [17:57] szaus18, really interested to see how that goes for you - we don't get to many powerpc openstack users [17:58] szaus18, the nodejs requirement in horizon is no longer present in havana [17:58] it uses python-lesscpy [17:58] really? devstack havana branch still complains no nodejs package [17:58] szaus18, that sounds like a devstack bug to me [17:58] let me try python-lesscpy on powerpc then see if that gets devstack going [17:58] thanks! [17:59] np [18:01] Package nodejs is not available, but is referred to by another package. [18:01] this is for powerpc/13.10, let me see if i can workaround this in devstack, it's good to know nodejs is no longer mandatory [18:02] is there any somewhat-easy method to set up the firewall to block tor traffic? [18:02] i want to block tor traffic on a specific port (which a specific web-facing service runs on) [18:09] TheLordOfTime: The link I gave you earlier today, that didn't cover it for you? [18:10] andol, missing in the scrollback [18:10] because i don't have a ton of scrollback lines set here. [18:10] (for good reason, if i set it to the 20000 lines i'd need the ZNC would OutOfMemory) [18:10] https://www.torproject.org/docs/faq-abuse.html.en#Bans [18:11] andol, that's a half answer [18:11] no better than the tards at ServerFault who never specified a way to translate the exit node lists into actual firewall rules [18:12] TheLordOfTime: The the specific way you do that all depends on your specific setup. Nothing Tor specific about that. [18:12] andol, then i guess i'm not getting any useful data from here, either... what I have are multiple tor exit node lists available to me. [18:13] what I need is to get those into firewall rules [18:13] so far all i've been getting are lists of IPs. [18:13] with no way to turn those to iptables rules other than me doing everything by hand [18:13] and with large lists that seems somewhat inefficient [18:14] Script something, and put the block list in a dedicated chain? [18:15] jamespage, do you tihnk 'w3m' could be dropped ? [18:15] i think it makes sense to at least to add it to the list of candidates. its listed as "Documentation", but I don't think i've ever used 'w3m' for doc on a server. [18:15] (or anywhere else) [18:17] :( I use w3m for both local documenation and troubleshooting-web-browsing.. [18:31] hallyn: i have libvirt 1.2.0 built [18:32] jamespage: i 'fixed' devstack and now it's running on powerpc ；) [18:33] did not read release notes carefully and it's good to know nodejs is no longer mandatory [18:33] will do a patch [18:40] what's fastest filetransfer method between two pc's (server + pc) on local net gigabit net ? [18:43] are there ftp server for ubuntu that support multipart ? [18:45] mdeslaur: hey they new libvirt 1.2.0 splits off the python bindings into its own package...just thought you would want to know [18:45] zul: ah, thanks [18:51] I'm having some trouble with LDAP authentication. There's a machine running 12.04 that a former coworker set up, and as far as I can tell he did it right and it seems to match our other clients, but 'getent passwd' only returns the local accounts. I have confirmed connectivity to our LDAP server with ldapsearch. Thoughts? [18:55] tonyyarusso: does /etc/nsswitch.conf look right? [18:55] sarnold: yeah. passwd: files ldap [19:10] sarnold: Know of any other troubleshooting I can try? [19:11] hallyn: ping [19:12] tonyyarusso: sorry, that was my one shot :) [19:12] aww :P [19:18] zul: . [19:19] hallyn: i have libvirt 1.2.0 and libvirt-python 1.2.0 packaged, ill put it in a ppa for you to test [19:19] zul: ok, thanks. [19:20] i'll set up a test vm, lemme know when ppa is ready [19:21] hallyn: https://launchpad.net/~zulcss/+archive/libvirt-1.2.0 when built [20:01] nfs server, it can share /home// ? and require one to logon it with password from windows pc with mapped network drive? [20:02] jamespage: do you want to take care of ceph and openvswitch? [20:03] jamespage: er for the CA [20:03] blueking, you'd probably get more mileage with samba [20:03] HiddenDjinn: wasn't fast enough with samba :/ [20:04] HiddenDjinn: got only 28MB/s on samba [20:10] sarnold: Dumb mistake. Typo in our domain... [20:43] so i've got multiple different-sized drives in mdadm RAID1 configuration [20:43] over top of which I have an LVM, so they all show up as 1 big drive [20:44] that's entirely mirrored so a single hard drive failure doesn't lose any data [20:44] i'm planning on adding LUKS encryption to this setup, but where should I add it? [20:45] so, right now, ext4 -> LVM -> RAID1 -> physical disks [20:45] and I think my choices are ext4 -> LUKS -> LVM -> RAID1 -> physical disks [20:45] or [20:45] ext4 -> LVM -> LUKS -> RAID1 -> physical disks [20:47] I guess technically 'ext4 -> LVM -> RAID1 -> LUKS -> physical disks' is an option too, but it doesn't sound like the best one [21:00] moparisthebest: your reasoning is correct. last one is a pain, as you'd need to enter password for each physical disk. [21:00] moparisthebest: forlast, is good if you want to have _all_ LMV volumes encrypted [21:00] moparisthebest: the first one is good if you still want to have unecrypted volues. [21:02] I don't want any unencrypted volumes, and I'll be using keyfile(s) instead of passwords so that's not an issue either [21:11] I also think btrfs could replace ext4, LUKS, and MDADM RAID1, entirely, but I'm not sure if it's ready to be used like that yet === jemurray_ is now known as jemurray === Ursinha_ is now known as Ursinha [21:21] what is wrong with apt-get install nis ? I get 3 issues -> initctl: unknown job: rpcbind, initctl: unknown job: ypbind, initctl: unknown job: ypserv <- something wrong or can keep on installation ? [21:27] blueking: You could take a look which files are actually installed by that package. === PaulePan1er is now known as PaulePanter [21:32] bekks: how I do that ? [21:32] dpkg-query -L nis [21:36] bekks: when do apt-get install rpcbind i get initctl: unknows job: rpcbind [21:37] !info rpcbind [21:37] rpcbind (source: rpcbind): converts RPC program numbers into universal addresses. In component main, is optional. Version 0.2.0-8.2ubuntu2 (saucy), package size 40 kB, installed size 152 kB [21:37] blueking: Well, then look at the content of that package :) [21:38] but what does initctl do ? [21:41] hmm think I have problem with D-Bus [21:41] blueking: look at the first three lines of the installed files: http://packages.ubuntu.com/raring/amd64/rpcbind/filelist [21:41] that are the "jobs" you may start/stop. [21:43] I get error messages when run initctl reload-configuration [21:48] When I save oneliners to my collection I usually do this for variables (is there a shorter way?) /sbin/udevadm [..] --name=`read -p "Device (sda): " r; echo -n ${r:-sda}` [21:57] zul: will do [22:46] hi, i need help for a raid5 recovery, here is what happend : RAID5 mdam with 3 disks and a lvm on it. A disk was disconnected because of a bad connection (the sata went away). So i received a notification and i plugged back the disk without doing anything else. Later i had to reboot the system (install requirement), but i'm stuck after GRUB, there is only a black screen ! [22:46] (ubuntu server 12.04) [22:48] Nox_404: drop to root shell (recovery boot option) [22:48] Nox_404: read mdadm man pages online [22:49] Nox_404: do --scan & --add devices to assemble the array back together. [22:49] it will need a resync. [22:50] ok i'll try but why it doesn't boot, it's a raid5 so i can still use the 2 others no ? === mibofra- is now known as mibofra [22:52] Nox_404: depends on what happened, depends if "boot_degrated=true" was configured / set. [23:00] xnox: Can you tell me the procedure ? [23:04] Nox_404: you're not running your root file system on the raid array are you ? [23:06] i do.... why ? [23:06] well, that will make it harder and a chicken and egg situation [23:06] everything is on the raid5 exept GRUB [23:06] I'm assuming your root file system is under lvm control on the aray [23:06] /boot can't be ? [23:08] /boot is not on the raid [23:08] ok good [23:08] and yes there is a lvm [23:08] putting the root on the raid makes it a bit more complex under lvm control [23:08] try to assemble the array from a livecd [23:08] i said it stop after grub so it's not that bad === gary_poster is now known as gary_poster|away [23:13] 6 hours..... [23:13] window 14 [23:13] oops [23:13] but thanks for your help [23:18] so, I'm getting periodic and very hard to track down failures with apt-cacher-ng. they've just cropped up recently in our deploys...could be version related, but not sure. [23:18] they generally look something like: apt-cacher.err:Mon Dec 2 14:37:09 2013|uburep/pool/main/c/cpio/cpio_2.11-7ubuntu3_amd64.deb storage error [500 Server reports unexpected range], last errno: Operation now in progress [23:18] the error is the same, but hte package (or packages) are always different [23:19] they only happen once, restarting the debian installer or runnign apt-get install again resolves the issue [23:19] and it doesn't come back till the next fresh start [23:20] from what I can tell from the acng source, this error means the range header it received was not complete [23:21] so anyone else seen this? [23:27] tonyyarusso: oh, good! thanks for reporting back :) [23:28] jkyle: https://bugs.launchpad.net/ubuntu/+source/apt-cacher-ng/+bug/1234946 [23:28] Launchpad bug 1234946 in apt-cacher-ng ""Size mismatch" caused by writing wrong data" [Undecided,Confirmed] [23:32] sarnold: nice, didn't find that one when searching [23:32] found one for disablign range header checks that was pushed in a previous version [23:33] but that sounds _exactly_ like what I'm seeing [23:34] jkyle: yeah, I went nuts for a few hours as I tried to figure out what was broken in my setup, and when I started checking the data on disk against what I could see from the mirror I was using apt-cacher-ng was the highest point of failure for me. [23:35] hallyn: any ideas? http://paste.ubuntu.com/6511799/ [23:35] jkyle: since it had worked fine for me from 12.04, 12.10, 13.04, I didn't suspect it as quickly as I should have when it failed for me under 13.10... [23:35] sarnold: well, if it makes you feel any better I'm on 12.04 [23:36] 0.7.11-1~ubuntu12.04.1 [23:36] but this is definitely it [23:36] seen the sum mismatch and the bad header errors [23:36] jkyle: oh! cool! you've probably got a much smaller potential diff [23:37] so 0.7.10 clears it up? [23:37] the funny version number makes me think that's quite likely [23:37] if it does, that'd be very useful to -know- [23:37] we'v eben on 12.04 for quite a while and this really is a recent development [23:38] relatively. like the last few weeks I'd say [23:38] roaksoax: looks like lxcbr0 doesn' texist :) [23:38] hot servers dont' seem to show it, so it'd only crop up on new deployments that had an empty cache [23:38] roaksoax: what's in host's /var/log/upstart/lxc-net.log? [23:38] hallyn: dnsmasq: failed to create listening socket for 10.0.3.1: Address already in use [23:39] roaksoax: is this a nested container? [23:39] hallyn: the thing is i installed, it worked jhust fine. Didn't use lxc in couple of days and it doesn't work [23:39] sarnold: was wondering if squid-deb-proxy works during an unattended install [23:39] hallyn: not it is not [23:39] roaksoax: so what is using 10.0.3.1? [23:39] roaksoax: pastebin 'ifconfig -a' output [23:39] hallyn: that is from lxc-net.log.1.gz [23:40] hallyn: so noone is using 10.0.3.1 now [23:40] roaksoax: so if you do 'sudo start lxc-net' what do you see? [23:40] sarnold: it's failing at line# 438 : http://git.fsinf.at/apt/apt-cacher-ng/blobs/d656c645d99ac99b0045e663492f0824d8cfee2e/source/fileitem.cc [23:40] hallyn: start: Job is already running: lxc-net [23:40] roaksoax: and you're telling me lxcbr0 does not exist? [23:41] hallyn: i just restarted and after that it *now* exists [23:41] hallyn: apparently not creating it on machine restart [23:41] that might be the cause [23:41] reboot and prove it :) [23:41] roaksoax: do you have ufw instlaled and running/ [23:41] jkyle: hrm, I don't think I ever got log messages, I just had corrupted data. [23:42] hallyn: i do, let me reboot [23:42] sarnold: well, to be honest that error might be a red herring [23:42] jkyle: sorry, no direct ideas re: squid-deb-proxy during an install, but I -hope- it does, it just looks like a standard http proxy.. [23:42] roaksoax: if you have ufw enabled then actually this is a real bug - iptables call in lxc-net.conf needs to add -w to args list. [23:42] s/is/could be/ [23:44] hallyn: uhmm rebooting this time had br0 [23:44] err [23:44] lxcbr0 [23:46] roaksoax: was there really nothing in /var/log/upstart/lxc-net.log ? [23:46] roaksoax: if it is the ufw race, then it'll be a once-in-awhile thing [23:46] hallyn: the file didn't even exist, only a .gz one which was old [23:46] sarnold: well, I'll know in about 30m hehe [23:46] hallyn: that might be it indeed [23:46] roaksoax: ok, well let me open a bug for that and we'll go from there - thanks [23:46] hallyn: cool thanks! [23:48] roaksoax: bug 1257117 [23:48] Launchpad bug 1257117 in lxc "lxc-net must use -w flag for iptables" [High,In progress] https://launchpad.net/bugs/1257117 [23:48] squid-deb-proxy seems to work easily/well enough. [23:48] jkyle: I didn't have good success with the squid-deb-proxy-client package, fwiw; I just hard-coded the proxy into my clients. It's not ideal, but I didn't feel like fighting avahi at the time. [23:49] sarnold: that's what I'm doing. it's easy enough to set the proxy in the preseed [23:50] besides, I don't want my servers bypassing the cache server if it can't find it. I'd rather they fail and alert me to a problem. Also, pretty sure setting the proxy in the preseed is required if you want the client to pull down packages from the cache during install [23:50] and, fix for that pushed to trusty, but waiting on saucy sru [23:51] roaksoax: you were on saucy i hope? [23:53] hallyn: yes. so a few days ago i create a saucy container, destroyed it. rebooted machine and tried to create a trusty container.. then it failed to start as i showed you [23:53] hallyn: but yes, this was saucy [23:54] jkyle: cool :D [23:55] roaksoax: ok, thanks. ttyl [23:55] sarnold: hey! is that a bored look on your face? :) [23:56] hallyn: uhoh :) what's up? :) [23:56] sarnold: so there's a bit of code up at github.com/hallyn/cgmanager [23:57] sarnold: in particular, the cgmanager_move_pid and get_scm_cred() functions in cgmanager.c, and the movepid.c standalone test program... [23:57] hallyn: no kidding? man you're quick ;) [23:57] sarnold: movepid sends a dbus request, then tries to send an scm_credential after the dbus message [23:57] but there's much raciness going on in the scm_credential sending. [23:58] as you know (sigh) you have to setsockopt() to so_passcred before the other end can send you an scm-crednetial [23:58] so i'm trying to have the receivig end first send a character with write(sock, buf 1) so the client knows its safe to send. that never gets received... [23:58] so anyway, i'm just asking if you know anything about the state of the underlying socket fd while you're doing dbus junk :) [23:59] hallyn: hrm, I don't see any _move_ functions in cgmanager.c [23:59] oh, sorry, you have to git co dec2.1 [23:59] hallyn: ah, that's easier, I don't know much about the dbus implementation :( [23:59] i should set a default branch :)