/srv/irclogs.ubuntu.com/2013/12/09/#ubuntu-server.txt

gdi2k	@andygraybeal did you try a reconfigure?	00:02
andygraybeal	on postgres yes	00:02
gdi2k	no interactive questions?	00:02
andygraybeal	but it didn't pop up any message saying to set a paassword or anything	00:02
andygraybeal	i'm going to purge	00:02
gdi2k	ok	00:03
andygraybeal	yea, no interactive quesitons	00:03
andygraybeal	thank you for the response	00:03
gdi2k	I have RT4 installed too, but can't remember how I installed it	00:03
andygraybeal	yea, i've done it several times	00:04
andygraybeal	you use it?!!?!!	00:05
gdi2k	yes! :)	00:05
andygraybeal	awesome!!	00:05
andygraybeal	^5	00:05
andygraybeal	i love it	00:05
andygraybeal	i can't be without it myself.	00:05
andygraybeal	i just bought a linode host, and i have it up and running over on an ec2 instance.	00:05
gdi2k	it's a bit clumsy and ugly, but it flexible beyond belief	00:05
gdi2k	yeh, that's what I do, EC2	00:05
andygraybeal	i agree with the clumsy and ugly.. but i still love it...	00:06
andygraybeal	can you recommend the best way to purge stuff in ubuntu?	00:06
andygraybeal	i want to start over again :)	00:07
andygraybeal	without setting up another instance	00:07
gdi2k	ah, I hate package management... sudo apt-get remove --purge package ?	00:07
andygraybeal	k	00:07
andygraybeal	thank you	00:07
gdi2k	I think it will only remove the package you specify, so you have to figure out dependencies. I think aptitude may be cleverer at figuring it all out	00:08
gdi2k	you can check your apt logs though	00:08
andygraybeal	aah aptitude....	00:08
andygraybeal	i'm not used to that	00:09
andygraybeal	gah.. it keeps bitching about sqlite, and i never installed it	00:11
andygraybeal	i was trying to use postgres....	00:11
andygraybeal	i hate this stuff	00:11
andygraybeal	i'll just try different things and be persistent...	00:11
=== markthomas_zz is now known as markthomas
andygraybeal	yay!!!!!!! gdi2k it worked... i was doing apt-get purge.... and aptitude made all the idfference	00:19
=== markthomas is now known as markthomas_away
itzikb	Hi, is this the right place to ask about bug in cloud-archive?	01:48
lifeless	itzikb: its a fine place to ask that	01:50
itzikb	Thanks. I opened two bugs: https://bugs.launchpad.net/cloud-archive/+bug/1255420 , https://bugs.launchpad.net/cloud-archive/+bug/1257732 and I wonder how can I help to solve them	01:52
uvirtbot	Launchpad bug 1255420 in cloud-archive "Neutron Mellanox plugin package is missing" [Undecided,Confirmed]	01:52
=== markthomas_away is now known as markthomas
=== markthomas is now known as markthomas_away
=== thumper is now known as thumper-afk
=== markthomas_away is now known as markthomas
=== gfrog_afk is now known as gfrog
=== thumper-afk is now known as thumper
Free_psyBNC	I am now offering free psyBNC access type !bnc to learn more.	04:39
Free_psyBNC	I am now offering free psyBNC access type !bnc to learn more.	04:42
cfhowlett	!spam\|Free_psyBNC,	04:42
cfhowlett	Free_psyBNC, please stop spamming the channel	04:43
cfhowlett	Free_psyBNC, and stop PM spamming me	04:43
KnownSyntax	No one wants a free bnc including one that no one has no idea about.	04:45
KnownSyntax	..	04:45
cfhowlett	KnownSyntax, suspect that's a bot, but you are spot-on	04:45
=== markthomas is now known as markthomas_away
zzxc	Hey do I set the default sound card?	05:10
=== thumper is now known as thumper-afk
=== gfrog is now known as gfrog_meeting
=== markthomas_away is now known as markthomas
=== markthomas is now known as markthomas_away
=== markthomas_away is now known as markthomas
=== gfrog_meeting is now known as gfrog
=== geser_ is now known as geser
=== thumper-afk is now known as thumper
=== ikonia_ is now known as ikonia
=== hXm is now known as hxm
=== wizonesolutions_ is now known as wizonesolutions
=== Tribaal_ is now known as Tribaal
jamespage	zul, libunwind build failure is isolated to just test-01	11:00
jamespage	so I've bypassed it and backported manually for the time being	11:01
jamespage	openvswitch is fine in icehouse-proposed so ignoring that issue for the time being as well	11:01
jamespage	zul, adam_g: gonna sync up icehouse-proposed	11:03
jamespage	zul, it would be good if we can get the other packages through into trusty	11:04
rbasak	jamespage: http://status.ubuntu.com/ubuntu-t/group/topic-t-servercloud-overview.html seems incomplete? Eg. https://blueprints.launchpad.net/ubuntu/+spec/servercloud-1311-maas is missing from it. Do you know what we need to do to hook everything up?	11:29
rbasak	jamespage: I was looking for a mongodb/arm64 work item to assign myself to it, but I can't find anything easily right now.	11:29
jamespage	rbasak, its on https://blueprints.launchpad.net/ubuntu/+spec/servercloud-1311-juju	11:30
jamespage	I thought that only approved blueprints got onto status.ubuntu.com	11:30
jamespage	but it seems that's not the case	11:30
jamespage	arosales, ^^ any ideas?	11:30
rbasak	jamespage: thanks!	11:30
rbasak	jamespage: I'll start on the mongodb package, I assume, and then we can port any patches to juju-mongodb?	11:31
jamespage	rbasak, yes - but you will need to make it use the embedded libv8 copy	11:31
rbasak	It looks like a first step would be to switch to gcc intrinsics for everything, which I can test (as best as is possible) on armhf too, and then send upstream.	11:31
jamespage	(that's what we do for the juju-mongodb package currently stuck in -proposed due armhf build failure :-))	11:32
rbasak	v8 looks like a major porting effort :-/	11:33
rbasak	I don't see any 32-bit arm implementation either. Am I missing something?	11:34
rbasak	Ah. The archive's v8 source has it, but not mongodb's embedded source.	11:35
jamespage	rbasak, there is a 32 bit arm version in upstream v8	11:52
rbasak	jamespage: yeah, spotted it, thanks.	11:52
jamespage	that appears to have been stripped our as part of vendorfication	11:52
rbasak	jamespage: so from my initial look, it seems to me that v8 has no interpreter mode, and doing the JIT stuff involves a major porting effort.	11:53
jamespage	rbasak, mwhudson is looking at whether we can drop the v8 requirement for un-ported archs	11:53
jamespage	and run without that bit of the mongo shell	11:53
jamespage	might work	11:53
rbasak	jamespage: OK, shall I focus on the non-v8 part for now, then?	11:53
rbasak	That bit I can chug through, I think.	11:54
jamespage	rbasak, I think that would be good	11:54
jamespage	+1	11:54
jamespage	zul, did you miss horizon last week intentionally?	11:55
jamespage	or do I still need to ack a MP	11:55
jamespage	I probably do don't I	11:55
jamespage	zul, commented on https://code.launchpad.net/~zulcss/horizon/2014.1.b1/+merge/197957	11:56
jamespage	zul, I don't see an upload for glance either - although the MP is merged	11:57
jamespage	yolanda, that sounds better - yes	12:03
yolanda	ok	12:03
yolanda	i will do a try	12:03
yolanda	jamespage, nova is FTBFS? wanting to add the patch there, but cannot build	12:08
jamespage	yolanda, can you leave this until icehouse-1 is out of the door - should be today/tomorrow	12:08
yolanda	jamespage, ok	12:08
jamespage	there is a pending MIR that needs to complete	12:09
yolanda	can i do it with other packages?	12:09
jamespage	yolanda, nova ftbfs?	12:12
jamespage	that was one that did go through	12:12
jamespage	yolanda, oh - in the lab?	12:13
yolanda	yes, in the lab	12:13
yolanda	jamespage, using the ubuntu-server-dev packages to add the banners, am i right?	12:13
jamespage	yolanda, well you could fix that problem at the same time - its probably just a patch refresh or drop	12:13
yolanda	ok, i'll take a look	12:15
=== Ursinha-afk is now known as Ursinha
yolanda	jamespage, what do you think should be the best way to show distribution on python? as i cannot send a var to precompiler as other languages, I was thinking in patching the file i need with some placeholder, and then do a sed to replace with right vars on debian/rules	13:16
yolanda	can you think on something better?	13:16
ice9	when I try to install zram-config on Ubuntu 13.04 VPS I get this error:	13:21
ice9	invoke-rc.d: initscript zram-config, action "start" failed.	13:21
=== gary_pos` is now known as gary_poster
patdk-lap	ice9 what did you expect? that seems a very valid result	13:30
jamespage	yolanda, not quite sure what you are trying to achieve patching python itself?	13:30
jamespage	or is this a general how do I do the banner for a python app thing?	13:30
ice9	patdk-lap, you mean because 13.04 doesn't support zram?	13:30
patdk-lap	no, cause you are using a vps	13:31
yolanda	jamespage, patch is done in wsgi.py file, but i don't want to hardcode ubuntu	13:31
yolanda	so i was looking for a way to dynamically set that	13:31
yolanda	in other packages i was just sending a var to preprocessor using makefile, but with python i'm not sure on how to do it	13:31
ice9	patdk-lap, so now how do I remove zram from apt-get is it's not installed and still giving an error when installing any other package	13:36
patdk-lap	that I don't know	13:36
zul	oh my god i hate the winter	13:38
jamespage	yolanda, http://paste.ubuntu.com/6545838/ - that's what I see as test coverage for heat right now	13:41
yolanda	mm, let me check if i haven't pushed	13:41
jamespage	zul, cinder and nova need a dependencies version review - how's that tool coming along?	13:44
zul	jamespage: delayed	13:44
jamespage	staging to proposed is a great place to spot these things	13:44
zul	jamespage: six?	13:44
yolanda	jamespage, are you grabbing from here? ~yolanda.robla/charms/precise/heat/trunk/	13:44
zul	2cheeks	13:44
yolanda	i don't have anything to push, and my coverage shows 85%	13:44
jamespage	zul, yup	13:45
jamespage	ditto on wsme	13:45
zul	jamespage: ack	13:45
zul	jamespage: we need to fix something for horizon after i get it uploaded today	13:45
yolanda	i see heat_context tests differently: heat_context 34 8 76% 27, 34-40, 43-44	13:45
zul	jamespage: http://pastebin.ubuntu.com/6545845/	13:46
jamespage	zul, oh great	13:46
jamespage	that old chestnut	13:46
zul	yep	13:47
zul	jamespage: i opened #1259166 because of it	13:49
jamespage	bug 1259166	13:50
uvirtbot	Launchpad bug 1259166 in horizon "Fix lintian error" [Undecided,New] https://launchpad.net/bugs/1259166	13:50
=== Pici` is now known as Pici
zul	jamespage: https://code.launchpad.net/~zulcss/horizon/2014.1.b1/+merge/197957	14:01
jamespage	zul, you need to include the new assets	14:01
zul	argh	14:02
zul	jamespage: done..	14:38
zul	jamespage: wrt to waittress, the tests run fine locally but doesnt run in a build, ive added dep8 tests for them and ill ping mterry about it	14:39
zul	jamespage: lemme know when you get back	14:47
hallyn_	zul: bug https://bugs.launchpad.net/ubuntu/+source/ipxe/+bug/948323, do know what path xen looks for for ipxe roms? does it look for /usr/share/qemu or /usr/lib/ipxe?	15:09
uvirtbot	Launchpad bug 948323 in ipxe "Rom images for e1000 and ne2k missing vendor and device id" [Low,Fix released]	15:09
hallyn_	i'm wondering whether we still need that delta from debian	15:09
zul	/usr/share/qemu i think	15:09
zul	smb: ^^^	15:10
smb	hallyn_, Probably yes as long as the xen build getting those for xm path	15:10
smb	And yes, I think /usr/share/qemu	15:10
zul	hallyn_: i should have an updated libvirt for you today...if my uploads to the ppa wouldnt timeout	15:10
smb	zul, Would your updated libvirt be actually tested with xen?	15:10
smb	zul, As it is segfaulting fight now	15:11
zul	smb: nope i dont have xen installed	15:11
zul	smb: 1.2.0?	15:11
smb	zul, May I slap you a little bit?	15:11
zul	smb: no :)	15:11
smb	Wishful thinking	15:11
zul	you can wish for a little bit longer then :)	15:12
smb	Nothing to do with libvirt upstream as with a mis ported patch of mine	15:12
zul	doh	15:12
zul	smb: well patches welcome	15:12
smb	Right now I got it to be ok with xl stack but not working yet with xm	15:12
smb	Theoretically we should move to xl as default anyways	15:13
smb	Though xl has pxeboot issues	15:13
hallyn_	smb: yeah if you want tested with xen beforehand i think you need to have zul ping you when he's merging, as he does me . (cause i' not gonna test xen either :)	15:13
smb	hallyn_, That would be some progress at least	15:14
smb	:-P	15:14
smb	Better than to find out when I actually want to do something else	15:14
zul	hallyn_: maybe we should keep smb in the loop when we merge a new version	15:14
jamespage	zul, bug 1259203	15:14
uvirtbot	Launchpad bug 1259203 in python-wsme "require versioned dependency on python-six" [Undecided,New] https://launchpad.net/bugs/1259203	15:14
smb	zul, Thats what he said	15:15
zul	jamespage: arrgh	15:15
smb	zul, translating US to CA... ;)	15:15
smb	or vice versa	15:15
zul	smb: yes we actually use english ;)	15:15
smb	zul, So give me a sec. The patch might not yet be good but better than before	15:16
zul	smb: ack	15:16
zul	jamespage: on it	15:16
jamespage	zul, good man!	15:16
jamespage	zul, they don't need an immediate upload btw - they can wait for other things	15:16
smb	zul, chinstrap:~/smb/ubuntu-xend-probe.patch	15:17
zul	jamespage: ok i talked to mterry about webtest its on his todo list for today	15:17
jamespage	zul, thanks	15:17
hallyn_	zul: sounds worthwhile :) (keeping him in the loop)	15:17
=== wedgwood_ is now known as wedgwood
zul	jamespage: also ill have a nova merge for you shortly (just buidling locally for any surprises)	15:18
lfaraone	smoser`: did you have a chance to check out that script?	15:18
jamespage	zul, ok	15:18
smb	zul, If you can point me (or drop me) your 1.2.0, I can switch fiddling around with that	15:19
zul	smb: https://launchpad.net/~zulcss/+archive/libvirt-1.2.0	15:19
smb	zul, thanks	15:20
smoser`	lfaraone, i'm sorry. its on my todo list.. i just wrote it there again today :)	15:20
smoser`	lfaraone, link ? and i'll take a quick look now.	15:20
=== smoser` is now known as smoser
lfaraone	smoser: neat, thanks. https://bazaar.launchpad.net/~lfaraone/+junk/configure-interfaces/view/head:/configure-cloud-interfaces	15:21
smoser	lfaraone, fwi, there is '#cloud-init' channel also	15:21
smoser	not that your comments are inappropriate here	15:22
smoser	but that they my be more appropriate there.	15:22
lfaraone	k, joined.	15:24
=== freeflying is now known as freeflying_away
zul	jamespage: https://code.launchpad.net/~zulcss/nova/icehouse-sqlalchemy/+merge/198278	15:38
jamespage	yolanda, the problem is that openstack does not have the same concept as apache	15:47
yolanda	jamespage, zul, so my thought about a var in config file also, is that the way that openstack is deployed, with puppet or other tools, will make that this var is just ignored	15:47
jamespage	I'd prefer that we have something config driven so that users can disable it - but that might not meet the objectives for this blueprint	15:47
yolanda	people won't be adding any extra vars	15:47
jamespage	as its easily disabled	15:47
jamespage	yolanda, well you could have a sane default	15:48
yolanda	mm, but then it will be done in runtime	15:48
yolanda	if i check if var is not set,and then check for distribution... it will be wasting a lot of time	15:49
jamespage	yolanda, for example platform.dist() return a tuple of useful information	15:49
yolanda	but that's runtime, right?	15:49
jamespage	yolanda, yes	15:49
yolanda	so imagine that extra call for each api call...	15:49
yolanda	i don't think that's a good idea	15:50
jamespage	its probably cached	15:50
jamespage	or maybe not	15:51
jamespage	yolanda, I agree that sucks	15:51
yolanda	and setting a var in keystone.conf will be mostly ignored, don't you think?	15:51
yolanda	problem on what i did now is that is not easily movable upstream	15:52
yolanda	so jamespage, zul, what alternatives do we have?	16:03
zul	yolanda: i still think if you do keystone --version thats good enough	16:04
yolanda	but that's not the objective for server banners	16:04
zul	true but its not always a good idea to do it in server banners	16:05
yolanda	mm i checked with jamespage and we decided that this wasn't good, so we need some agreement	16:06
a1fa	hello	16:39
a1fa	in terms of monitoring cpu utilization, should one focus on %sys or %idle and or %soft?	16:39
a1fa	on cpu load, should i really care about %idle versus anything else? how about si or hi?	16:57
zul	roaksoax: ping maas doesnt use beautifulsoup does it?	17:05
roaksoax	zul: np[e	17:06
roaksoax	nope	17:06
zul	roaksoax: awesome	17:06
=== freeflying_away is now known as freeflying
zul	Daviey: ping	17:42
hallyn_	zul: all right, qemu 1.7 working for me. if you want to look at it before i push to trusty, shout	18:00
hallyn_	oh wait, gotta look for a new version of linaro patchset. heh.	18:00
zul	hallyn_: sure why not	18:00
zul	hehe	18:00
hallyn_	zul: ok, it (without linaro patchset) is in github.com/hallyn/qemu branch ubuntu_1.7.0+dfsg-2	18:01
yolanda	so zul, jamespage, i'll need some feedback about it. We have several options, not sure what will be best, also smoser sent some feedback: https://code.launchpad.net/~yolanda.robla/keystone/icehouse_fix-distribution/+merge/198275	18:12
smoser	yolanda, was i wrong ?	18:13
smoser	surely something loaded in that wsgi.py is only loaded once, right?	18:13
yolanda	but it should be loaded on every api call	18:13
smoser	no...	18:13
smoser	are you saying you'd want it to be ?	18:14
smoser	or are you saying that wsgi.py will actually be loaded by python on every api call	18:14
smoser	i could be wrong, but i surely wouldn't expect that it would be. and if it is, we can find somewhere else to put the DISTRIBUTION	18:14
yolanda	smoser, i think wsgi should be loaded on each api call	18:15
yolanda	but i'm not sure at this moment anyway	18:15
yolanda	also we were discussing about using a config var for it	18:16
smoser	sure. config var is no different. i'm fine with that.	18:16
smoser	if you have something up, you can easily check if wsgi.py will be loaded on every call.	18:16
yolanda	problem with config var, is as openstack is normally deployed using puppet or other tools, won't be easily used, people willl override it	18:16
smoser	you just do open("/tmp/mfile.txt", "w+").write("loaded")	18:17
yolanda	one solution that jamespage also proposed, is to set that in config, and it not present, default it with some python call (for example the approach you told)	18:17
smoser	and if every api call gets appended to that file, then i'm wrong	18:17
yolanda	yes, i was thinking in testing it	18:17
yolanda	also zul suggested just to patch the --version call, so we have several alternatives	18:17
smoser	personally, i might just do it like a "config" that is a dict	18:18
smoser	and allows you to specify 'X-Distribution: foo-bar'	18:18
smoser	as well as	18:18
jefgy	I have a server using a near-offset mdraid 1 I need to convert it to a far-offset raid 10. There don't see anyway to do this without basically taking the machine down for a full rebuild and copying the data over. any better suggestions?	18:18
smoser	'X-GoCubsGo: cubswintoday'	18:18
smoser	and update the dict with the config value	18:19
smoser	ie, it doesn't 'have to be distribution specific at all.	18:19
smoser	just "additional headers"	18:19
yolanda	smoser, and also you would add a section in .conf files for that?	18:20
smoser	well, a config variable.	18:22
smoser	so you'd ether have a config variable value tha tis then an array (or dictionary)... I think there are some values that are ',' delimited	18:22
smoser	already	18:22
smoser	ie, which have been 'shoved' into a single string	18:22
smoser	or you can just refer to a file that has this data in it json encoded.	18:23
smoser	the file reference is what I did for "vendor data" in openstack.	18:23
smoser	s/openstack/nova/	18:23
smoser	https://review.openstack.org/#/c/37964/	18:23
smoser	that might be overkill here. as may be my generic "additional_headers"	18:28
smoser	but it is very functional	18:28
yolanda	ok, i'll take a look	18:32
bogeyd6	a.net	18:57
frojnd	Hi. What ftp server do u suggest? So Users could upload to /var/www/servers/ ?	18:57
frojnd	Preferably users without shell and access to upload only to /var/www/servers/user1/ ?	18:58
sarnold	frojnd: ftp is a horrible protocol, I'd rather offer sftp through sshd.	18:58
frojnd	anyways if that filezilla supports I'm good with it?	18:59
frojnd	it does..	18:59
frojnd	Ok So I have only 2 demands. User can not ssh to server but is able to upload to /var/www/servers/user1/ directory and all subdirectories	18:59
frojnd	Also this directory has following rights: drwxr-xr-x 10 www-data www-data	19:00
frojnd	This means only www-data is able to write	19:00
sarnold	frojnd: look at sshd_config(5), especially ForceCommand and internal-sftp	19:01
sarnold	frojnd: I'd change the directory's owner and group -- you do not want your web server to be able to write to this directory, do you?	19:02
frojnd	Nope. What is the common group user for websites on ubuntu?	19:03
sarnold	I'd make a new group, myself, since I don't care for the use of www-data for both the webserver process -and- the webserver data files.	19:04
hallyn_	sarnold: if i want to allow ext* and xfs mounting, do you know offhand if i can just say "mount fstype=ext* xfs," ?	19:14
sarnold	hallyn_: try "fstype in (ext*,xfs)" -- though you might need (ext2,ext3,ext4,xfs) ...	19:16
hallyn_	sarnold: in an apparmor profile?	19:17
hallyn_	(the 'in' seems out of character)	19:17
hallyn_	eh, i'll just list them out - clearer anyway. thanks :)	19:17
sarnold	hallyn_: yeah, the 'in' was introduced because 'mount' is funny -- we wanted something more flexible than "this exact set of options" to allow "anything in this list of options". so 'in' was introduced.	19:18
hallyn_	in what release?	19:18
sarnold	sorry, I don't recall.	19:18
sarnold	sigh I need to set up some more-featured chroots, 'bash: man: command not found" ...	19:19
hallyn_	yeah i need to tweak my canonical-containe-creation scripts to add things like that, as well as divert dpkg	19:21
hallyn_	not today :)	19:21
sarnold	:)	19:21
sarnold	.. when waiting six seconds for a vm to spin up and ssh in is just too painful ..	19:22
hallyn_	stgraber: well that was weird.	19:24
sarnold	hallyn_: looks like precise has the mount 'in' rules. Not lucid, no real surprise there I guess.	19:24
hallyn_	on 3.12 kernel, i did 'dd if=/dev/zero of=xxx bs=50M'. when it got to 5.5G i ran out of disk	19:24
hallyn_	sarnold: do you have a link to docs on it?	19:24
hallyn_	dude htis happens on host too	19:25
sarnold	hallyn_: nothing better than apparmor.d(5), sorry: http://manpages.ubuntu.com/manpages/precise/en/man5/apparmor.d.5.html	19:25
hallyn_	oh, heh. i see what i did there	19:25
hallyn_	well, i need a reboot. biam	19:26
sarnold	.. you actually ran out of disk, right? :)	19:26
hallyn_	yup	19:28
hallyn_	stgraber: when you get a chance could you look at my debdiff to https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1257389 ?	19:38
uvirtbot	Launchpad bug 1257389 in maas "cannot run maas-import-ephemerals inside lxc container" [Undecided,Confirmed]	19:38
roaksoax	jamespage: silly question.. but do you think it would be better to rename maas-region-controller-min to maas-region-controller-common?	19:40
stgraber	hallyn_: do you actually need to allow nesting in the -with-mounting profile?	19:42
hallyn_	stgraber: not necessarily, but since you can't "combine" features, i thought i'd go for the lowest common denominator	19:42
hallyn_	smoser: the containers wher eyou'd want to mount blockdevs, you wouldn't be using cgroups there right?	19:43
stgraber	hallyn_: I think it'd be best to have the with-mounting profile only allow mounting and not allow nesting (so drop start-container, cgroup, proc, sys and the rw,bind of dev/shm)	19:43
stgraber	hallyn_: if someone actually wants both, they should just add an extra profile which includes both with-nesting and with-mounting	19:44
smoser	hallyn_, um... i don tthink so, but i'm not sure.	19:45
hallyn_	stgraber: ok will update the debdiff on the bug	19:48
hallyn_	stgraber: are you pushing soon to trusty with your new config layout?	19:49
hallyn_	do you want to just add this to your upload if so?	19:49
stgraber	hallyn_: next upstream push will be next Tuesday with the release of beta1	19:51
stgraber	(17th)	19:51
TeraJL	i have a small USB (500mb) drive, is there any way to install ubuntu server? online instalation or something?	19:53
fuga	hi i have some problem to receiving mail on my postfix/dovecot server...	19:54
fuga	http://paste.ubuntu.com/6547378/	19:54
sarnold	TeraJL: I've got to run out the door.. but perhaps try one of the 'mini' images on your usb stick, just dd the thing, that might do a live instance for you in the tiny space..	19:55
hallyn_	stgraber: all right i'll push lxc with that fix, then. i'll work upstream for the lxc-ubuntu-* template option to specify apparmor profile. (if i can think of a good way to specify one)	20:02
stgraber	hallyn_: I just applied a commit from caglar that adds that kind of documentation to ubuntu.common.conf, so you probably just want to add a section in there.	20:07
hallyn_	ok	20:10
fuga	no one to help me?	20:20
rdw200169	fuga: it is extremely probable that your ISP is blocking port 25	20:23
rdw200169	fuga: try telneting from a remote host that is nowhere near you, like from a amazon ec2 micro instance or something back to your ip:25 with postfix running	20:24
fuga	my port are open...i've already a web server on the same computer using port 80 and i have opened 25 and 143 by the same way	20:25
rdw200169	fuga: true, most ISPs allow you to open port 80 and host a page no problem; port 25 is another matter, though. port 25 and an MTA leave you wide open with the standard configs as a spam relay host, which will trash your IPs reputation, and by proxy of that your ISP	20:26
fuga	on my ISP/modem i have open the port..it's possible the portsstill close despite this?	20:30
=== freeflying is now known as freeflying_away
rdw200169	fuga: yup; email is a horrible dangerous game to play, and most ISP's don't want to see their customers bandwidth get aggregated to the hilt with spam traffic to some subscribers open MTA	20:32
fuga	how can i do to have my domain email adress....like john@mydomain.com?	20:33
rdw200169	fuga: just trust me on this one, but give up trying to run your own mail server out on the open internets; it's fine if you want to send email to remote SMTP servers, just not receive	20:33
rdw200169	fuga: you can, off the top of my head, use google apps; go daddy and most of the big registrars as well will host email for your domain	20:34
fuga	di you have some help links for me?	20:35
fuga	go daddy? i don't understand...	20:35
rdw200169	fuga: godaddy.com	20:35
fuga	ok just...it's a free solution?	20:36
fuga	because money it's a problem to^^...	20:36
rdw200169	fuga: probably not; there was a time when google apps was free, and that is when i got in, but i don't know if it is free any more	20:36
ScottNYC	question, why is it that Ubuntu Servers guided LVM install creates a sperate ext3 /boot partition? Why isnt it part of /roots' logical volume or at least its own logical volume, why ext3?	20:36
fuga	ok i look that	20:36
ScottNYC	is it to make the boot partition easier to access?	20:37
rdw200169	ScottNYC: that is probably an old doc; regardless, separating your partitions is always a good idea; particularly between variable and non-variable data	20:37
rdw200169	ScottNYC: mostly it has to do with old versions of the boot loader (grub) and its idiosyncrasies regarding what types of partitions and whatnot it could read the boot stuff off of; my understanding now is that Grub2 can access pretty much anything, to include inside a mdadm raid array	20:38
rdw200169	ScottNYC: And i am almost certain that there was a time when grub could not access partitions inside of LVM for the stage2 file	20:39
ScottNYC	yeah that makes sense, thx rdw200169	20:41
Pryath	I'm going to attempt to configure my iptables for ubuntu server, but I'm worried I'll end up locking myself out or screwing up the rules. This paste is basically two examples I found mashed up together into one (with an extra part at the bottom I'd manually add). Can anyone tell me if this will work or give me advice on how to improve it? http://pastebin.com/EsR9ZFpH	20:53
frojnd	sarnold: I've used internal-sftp	20:54
frojnd	sarnold: the problem is that when I try to login with newly created user that has only rights in /var/www/server/this_server he can also see other stuff	20:55
frojnd	He can only write or do stuff in /var/www/server/this_server but still... I thought I've chrooted it properly	20:56
frojnd	One newbie question. Let say I chroot sftpuser. Can this chrooted user still have access to read other directories?	21:07
frojnd	if other directories have -r flags for other?	21:07
soren	frojnd: Depends on where they are.	21:10
frojnd	soren: if they are in /var/www/servers/server1/ ?	21:10
frojnd	I'd like to create a sftp option for one user that wish to upload new stuff for site	21:11
frojnd	directly to site	21:11
frojnd	And I already this is a bad ieas since now while I'm testing it I can locate .crt, .key, .csr files	21:12
soren	frojnd: WEll, they can only access things that are in the chroot.	21:12
frojnd	soren: but I can go out of there	21:12
frojnd	I can actually go to /	21:12
soren	frojnd: Then you're not chrooted.	21:12
frojnd	hm	21:12
soren	That's what chroot means.	21:12
soren	It redefines the meaning of /.	21:12
frojnd	Yeah, I thought so	21:12
frojnd	First I've created user: sudo useradd --home-dir /data/incoming --no-create-home sftpuser	21:13
frojnd	ANd then add a passwrd.	21:13
soren	So if you have a process that's been chroot('/var/www/whatever')'ered, that process will see /var/www/whatever as its /.	21:13
frojnd	mhm ok I understand	21:13
frojnd	I fucked something up on the way then	21:13
soren	It won't see "/var/www/whatever" mentioned anywhere and just be blocked from going further up (or down, whichever way you typically visualise it) the tree.	21:14
frojnd	anyways after creating a new user without shell I've chown already created directory: sudo chown /var/www/servers/server1/public_html	21:14
soren	So when you say it can go to /, what do you mean?	21:14
frojnd	It can actually go to / :) and go to /home/ and see all the users with shell	21:15
frojnd	it can also go to /etc/nginx/ssl :P	21:15
soren	Ok.	21:15
frojnd	so I must have mispeeld or did something wrong	21:15
soren	What did steps did you take to attempt to chroot it?	21:15
frojnd	ok	21:15
frojnd	1) created a user: sudo useradd --home-dir /data/incoming --no-create-home sftpuser	21:15
frojnd	2) gave it a password..	21:15
frojnd	3) chowned dir: /var/www/servers/server1/public_html	21:16
frojnd	4) edited /etc/ssh/sshd_config to look like this: Subsystem sftp internal-sftp	21:16
frojnd	and added this: http://sprunge.us/LIhG	21:17
frojnd	And after it I've restarted ssh service	21:17
frojnd	and I found something..	21:18
frojnd	I made a typo :S	21:18
soren	Can you paste the output of "ls -l..."	21:18
soren	oh	21:18
soren	Never mind, then :)	21:18
frojnd	in sshd	21:18
frojnd	let me try it	21:18
frojnd	yeah	21:19
frojnd	it was a typo, I didn't properly wrote sftp username in sshd	21:20
soren	Looked ok to me?	21:20
frojnd	I forgot to add sftpuser[server1] here	21:21
frojnd	This is a nice feature. Chroot	21:22
frojnd	Hm	21:29
frojnd	Pam is douing a problem	21:29
frojnd	or not	21:30
=== freeflying_away is now known as freeflying
ScottNYC	does it matter the order in which u create logical volumes? for example After creating logical volumes root, swap. and home, when viewing the partitions I just created, their listed from top to bottom, home, then root then swap.	21:43
jpds	ScottNYC: No.	21:43
ScottNYC	ok thx	21:43
=== aarcane_ is now known as aarcane
Pryath	welp I locked myself out of my server. It's a good thing it's non persistent (through restarts)	21:55
jkyle	I'm noticing exceptionally long ifup -a times	22:38
jkyle	over 5 minutes	22:38
jkyle	is there some logs to help me narrow down what's stalling?	22:40
PryMar56	jkitchen, ps aux \| grep dhclient	22:44
PryMar56	jkyle, meant for you	22:44
PryMar56	I had a new server setup where dhclient was missing	22:45
jkyle	yeah, I think I nailed it down to that. fella that set up the vm didn't bridge the interface so it wasn't serving dhcp	23:15
jkyle	PryMar56: ^	23:16

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!