[01:00] <teward> is there a reason ssh wouldn't try and serve my ssh key to a server automatically, when the filename is a custom filename?  it works fine when sshing to my servers from Ubuntu, but when SSHing to my servers from one of my other servers, it fails...
[01:09] <sarnold> teward: check group ownerships
[01:09] <sarnold> teward: ssh is super picky about who can read or write files, and it won't go to the effort of figuring out that you're theonly user in your group..
[01:09] <teward> sarnold: *what* group permissions?
[01:09] <teward> the permissions are 0600 user:user
[01:10] <teward> (where the user has their own group)
[01:10] <sarnold> teward: on everything :) key, authorized_keys, etc
[01:10] <teward> sarnold: i checked...
[01:10] <sarnold> drat.
[01:10] <teward> sarnold: the same key file works *fine* when it's id_rsa / id_rsa.pub
[01:10] <teward> but when it's a customized name, like, for me, since i have 4 different keys...
[01:10] <teward> it fails
[01:11] <teward> and ssh -vvvv shows it's never even *attempted*
[01:11] <sarnold> teward: does your ~/.ssh/config contain match statements that match the host and say to not try?
[01:11] <teward> sarnold: should i be concerned when ~/.ssh/config doesn't exist?
[01:12] <sarnold> teward: no
[01:16] <teward> sarnold: adding `IdentityFile ~/.ssh/keyfilename` to ~/.ssh/config worked
[01:16] <teward> i guess i'll just need to add all the key files to that then
[01:16] <sarnold> teward: or add them with ssh-add when you need them
[01:16] <sarnold> your choice
[01:18] <teward> true
[01:29] <teward> sarnold: any idea why on a Desktop setup of $any_supported_ubuntu_release it automatically tries all the identity files in `/home/$USER/.ssh/` even though I haven't done ssh-add on those keys?  Or should I poke #ubuntu asking that?  (you seem to know the underlying ssh stuff though, hence the question)
[01:32] <sarnold> teward: sorry, no idea there. :/
[01:39] <teward> sarnold: meh.
[01:39] <teward> it works now, so it's less of an issue
[01:39] <sarnold> :)
[01:39] <teward> thanks though
[03:47] <MavKen> I have phpmyadmin installed on my vps, have 12 domains hosted.  How can I limit it so that phpmyadmin can only be accessed via my primary domain?
[08:31] <iggi> Anyone have experience with multipath iscsi? Everything I can find says it is setup correctly, yet when I do a test only one NIC is ever used.
[10:25] <_root_> hello
[10:25] <_root_> I followed https://help.ubuntu.com/community/Postfix to set an mail delivery agent
[10:27] <_root_> But i am at lost here because I have a cms needs SMTP server and port and SSL/TLS choice to send the verification emails and I have no idea what port i have for smtp or even if i have SMTP server
[10:27] <_root_> could someone give a clue as to have should I do?
[10:28] <caribou> _root_: did you look in the Ubuntu Server Guide ?
[10:28] <caribou> _root_: there is a chapter on postfix
[10:28] <caribou> s/chapter/section/
[10:28] <_root_> caribou: which one you mean i am on https://help.ubuntu.com/community/Postfix
[10:29] <caribou> _root_: this one : https://help.ubuntu.com/13.04/serverguide/index.html
[10:29] <caribou> _root_: even better URL : https://help.ubuntu.com/13.10/serverguide/email-services.html
[10:29] <_root_> caribou: is it the same as 12.4.04 LTS
[10:30] <caribou> _root_: there is one for 12.04, just put 12.04 in the URL above
[10:31] <caribou> who maintains the cloud-tools repo ???
[10:34] <_root_> caribou: what you gave me is the same as https://help.ubuntu.com/community/Postfix that i used
[10:34] <_root_> but still what are my smtp server value port and so on
[10:34] <caribou> _root_: could be, I didn't check the content on both
[10:35] <_root_> SMTP server should be localhost but what about port and which one do i use SSL/TLS
[10:38] <caribou> _root_: don't know if that can help, but SSL/TLS default port is 465; but I'm nowhere near an expert in MTA setup
[10:41] <TJ-> If you're using the localhost, then there's no reason not to connect on port 25
[11:48] <catphish> if i need to run a much newer kernel on ubuntu 12.04 (because the default kernel has a lot of lxc functionality missing), would i be better off using linux-image-3.11 from the repos, or a mainline kernel from the kernel-ppa?
[11:48] <TJ-> Use the LTS hardware enablement packs
[11:49] <catphish> interesting, haven't see those
[11:49] <TJ-> see https://wiki.ubuntu.com/Kernel/LTSEnablementStack
[11:51] <catphish> so i likely want linux-generic-lts-saucy?
[11:52] <catphish> actually that just depends on linux-image-3.11 which makes perfect sense
[11:53] <catphish> thanks!
[12:24] <adac> Does anyone experience problems with falsh player on ubuntu 12.04 desktop? I get a real high load average, even though memory and cpu are not used at all
[12:24] <adac> this happens within firefox as well as chromium
[12:29] <catphish> adac: i think this is probably the wrong channel, try #ubuntu
[12:29] <catphish> adac: you may have disk IO issues
[12:30] <catphish> that's the most common cause of high load, though flash could be doing something unusual
[12:31] <adac> catphish, How can i debug a disk IO issue? is it hard to detect?
[12:32] <catphish> "iostat -x 1" will quickly show you your disk usage %
[12:32] <catphish> or top will show "%wa", the percentage of cpu time spent waiting for disk IO
[12:35] <adac> catphish, here is a short excerpt: https://gist.github.com/anonymous/8974324 can you see a problem here already?
[12:35] <catphish> adac: %util is 0% so it's not disk IO
[12:36] <catphish> now run "top" and see what the various % at the top say
[12:37] <adac> catphish, https://gist.github.com/anonymous/8974364
[12:39] <catphish> your CPU load is reasonable, your load isn't "high"
[12:40] <adac> catphish, isn't >1 already high?
[12:41] <catphish> not particularly, i'd class that as "busy" but not problematic
[12:41] <catphish> flash isn't particularly efficient
[12:41] <catphish> use top see how much CPU flash itself is using
[12:46] <adac> catpish it is about 13% it is not that much.
[12:49] <catphish> adac: well i guess you have a few different things going on, but a load of 1.0 for an in-use system playing flash seems very reasonable
[13:42] <stefg> Hello channel, is anyone in here using a SSD-cache like bcache/flashcache/dmcache/enhanceio and likes to share some experience? I have a spare 40GB SSD partition on my xbmc-box/NAS running 12.04/32bit with a 3TB raid 1 as storage and wonder if it's worth to use that 40GB of SSD as  cache.
[14:18] <caribou> smoser: is there a way to tell cloud-init to use some squid-deb-proxy cache ?
[14:18] <caribou> smoser: other than writing the entry in /etc/apt/apt.conf
[14:22] <zul> jamespage:  oh so cinder needs a new dep
[14:24] <rio_zenta> Hello folks
[14:25] <rio_zenta> My VPS provider recently switched nodes and changed my IP address, after reconfiguring my domain records, I am still unable to access my domain at the new IP address. They recommended that I reconfigure networking, does anyone know what that means?
[14:26] <mardraum> what's the domain
[14:27] <mardraum> rio_zenta: they probably mean check you are really using the new IP. or did they do that all for you?
[14:27] <rio_zenta> the domain is: platform.devcroo.com
[14:28] <rio_zenta> I personally changed the ip address at my domain provider, but I am still unable to access the domain
[14:28] <mardraum> is "192.3.180.54" the new IP?
[14:28] <rio_zenta> mardraum: they changed the ip address for me.
[14:29] <rio_zenta> mardraum: Yes, that is the new ip address.
[14:30] <mardraum> did the gateway IP change as well? does the vm have internet access?
[14:30] <mardraum> log into it with whatever out of band access they provide (eg vnc) and check the networking
[14:31] <mardraum> in ubuntu, that is in /etc/network/interfaces
[14:32] <rio_zenta> mardraum: I see that my provider is using SolusVM for the interface/control panel
[14:32] <mardraum> does it provide some sort of "console" access?
[14:32] <rio_zenta> mardraum: It has a link to VNC
[14:33] <mardraum> great, are you logged into it?
[14:33] <rio_zenta> mardraum: On the page that shows the VNC info, it has an address that is different to my IP address (with a port and password too). Is this the gateway IP?
[14:34] <mardraum> no, that will probably be the vnc host
[14:34] <mardraum> allowing you to connect to it and access your vm
[14:34] <mardraum> you should use a vnc client to do so.
[14:35] <rio_zenta> oh ok. Will I be able to access the VNC from the commandline?
[14:35] <mardraum> the command line of what?
[14:36] <rio_zenta> mardraum: I use linux as my client distro. The commandline being something like Terminal (the application).
[14:36] <mardraum> you generally need some sort of software to connect to a VNC server
[14:36] <mardraum> no, terminal won't do it
[14:36] <rio_zenta> Okay so I need to find myself a VNC client
[14:39] <highclasshole> Can you use anything other than vnc?
[14:39] <highclasshole> perhaps ssh
[14:40] <highclasshole> oh sorry I didn't follow the whole conversation my bad, is there not a browser based java client to connect to the console for your VPS?
[14:42] <mardraum> java, ugh
[14:43] <rio_zenta> highclasshole: I see that the interface on the web provides a plugin, which isn't visible to me because I am missing a java plugin ( :-( )
[14:44] <highclasshole> just install that you should be good to go
[14:44] <mardraum> just install a basic vnc program
[14:44] <rio_zenta> after checking the plugins, it says I need to install the Java runtime environment
[14:44] <highclasshole> yeah just install java on your local machine
[14:44] <highclasshole> and then bring up the console
[14:44] <highclasshole> nbd
[14:44] <mardraum> don't encourage people to install java plugins, jesus
[14:44] <highclasshole> really?
[14:44] <highclasshole> I mean...
[14:44] <mardraum> worlds most exploited browser plugin ever
[14:44] <rio_zenta> highclasshole, I think I have java installed though. I suppose it has to do with the different javas (7 and 6 make java weird)
[14:44] <highclasshole> only run applets from trusted sources
[14:45] <highclasshole> and use shit like noscript
[14:45] <highclasshole> if you need it, you need it, just be smart about it
[14:45] <mardraum> don't enourage java. ever.
[14:45] <highclasshole> oh man fun
[14:45] <highclasshole> I work in a huge java shop
[14:45] <highclasshole> so its a little funny for me
[14:46] <mardraum> I'm specifically talking about the web plugin
[14:46] <mardraum> it's nice your java shop is huge
[14:46] <rio_zenta> After Java 7 came out, it probably confused developers too.
[14:46] <mardraum> but don't encourage people to install that broken shit. Hell ubuntu only just managed to get the latest version in after missing a openjdk security version or two across versions dating back to 12.03
[14:47] <mardraum> 12.04*
[14:47] <rio_zenta> I'm confused about it too. Oracle is worse than MS.
[15:03] <smoser> caribou, cloud-init supports 'apt_proxy' 'apt_http_proxy' and 'apt_ftp_proxy'.
[15:04] <caribou> smoser: fine, thanks
[15:04] <smoser> it also supports the more general 'apt_config'
[15:05] <smoser> apt_config is just put whatevery you want and it will write that to /etc/apt/apt.conf.d/94cloud-init-config
[15:05] <smoser> caribou, the best way to find out such things is to just grep liberally through
[15:05] <smoser> doc/examples/cloud-config.txt
[15:06] <caribou> smoser: yeah, I got that page on my browser
[15:50] <cocoa117> how did someone setup IP like this, without a brocast address?
[15:50] <cocoa117> eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
[15:50] <cocoa117>     link/ether f2:07:01:ff:ff:fd brd ff:ff:ff:ff:ff:ff
[15:50] <cocoa117>     inet 192.168.1.254/24 scope global eth0
[15:50] <cocoa117>     inet 1.15.255.254/13 scope global eth0
[15:57] <toyotapie> Can I run xinetd on a port not mentioned in /etc/services ?
[15:58] <toyotapie> it keeps telling me 'service/protocol combination not in /etc/services'
[15:59] <toyotapie> nevermind, I added type = UNLISTED
[16:33] <cocoa117> is tcpdump be able to listen to traffic before firewall filter it?
[16:36] <catphish> cocoa117: yes
[16:36] <cocoa117> catphish, is it on by default?
[16:37] <catphish> yes, tcpdump connects to an interface, so it sees everything on that interface before it gets in to the firewall
[16:37] <cocoa117> catphish, great, got it, thanks
[17:02] <Guest11875> hey ubuntu
[17:04] <Guest11875> I've got an instance on EC2 running the latest ubuntu server, but it seems to think it's Ubuntu 12.04. When I do `lsb_release -a` it says 12.04, and when I do `sudo do-release-upgrade` it says "No new release found". what gives?
[17:15] <shauno> Guest11875: LTS will consider itself current until there's a new LTS.  the setting is in /etc/update-manager/release-upgrades  Prompt=lts vs Prompt=normal
[17:16] <shauno> Guest11875: otherwise 12.04 *is* the most recent LTS until 14.04 releases
[17:16] <Guest11875> shauno: ahh I getcha
[17:17] <Guest11875> is there any way to stop upgrades from constantly breaking my ldap auth?
[17:17] <Guest11875> I always have to fix ldap authentication after doing an aptitude upgrade
[17:20] <zul> hallyn:  ping
[17:25] <hallyn> zul: .
[17:25] <zul> hallyn:  we already have that aarch64 patch
[17:26] <hallyn> zul: ok, cool.  we do seem to get a lot of redundant requests for those...
[17:26] <hallyn> zul: did you get the ftbfs straightened out?
[17:26] <zul> hallyn:  just uploaded it
[17:27] <hallyn> cool, thanks.  fwiw dannf gave me a patchset to make qemu-user-aarch64 work as well, so we're doing pretty well for aarch64 in trusty
[17:28] <zul> sweet
[17:28] <hallyn> zul: now the big thing in the new libvirt is the nwfilter locking patch right?
[17:29] <hallyn> i.e. no fix there for bug 1274995 ?
[17:29] <zul> hallyn:  yeah im going to wait on that patch until the next release is out
[17:29] <hallyn> ok
[17:29] <zul> i think im missing something else with regards to that patch
[20:16] <ruben231> hi guys i have 60 units and same specs wanted to install ubuntu desktop at one time, any idea how to do it..?
[20:18] <SJr> With a static ip address setup how do I configure a dns server, I tried putting it in my /etc/network/interfaces file, but resolv.conf is empty. resolv.conf also gets rewritten by something on reboot, and I can't set chattr +i on it for some reason
[20:20] <genii> ruben231: Probably then a pxe boot server and lots of switches
[20:20] <sarnold> SJr: the resolvconf package is doing the re-writing; you can either work with it or uninstall it
[20:20] <sarnold> SJr: check out the resolvconf(8) manpage, look for dns-nameservers
[20:20] <SJr> Ah I was missing the s
[20:21] <sarnold> fatal flaw of the silly thing, it's too easy to make pointless typos there because it doesn't match the syntax used elsewhere. sigh.
[20:22] <sarnold> ruben231: investigate preseed files and investigate fai-quickstart
[21:03] <smoser> hallyn, around ?
[21:03] <hallyn> smoser: yup
[21:03] <smoser> can you quick verify for me that if i run an lxc container, by defualt there is no cgroup limiting cpu or disk io or anything
[21:03] <smoser> right?
[21:03] <smoser> ie, it should have all the performance of the host
[21:04] <hallyn> smoser: we don't set default  limits.  however, there is something about all tasks in a cgroup being scheduled as one entity
[21:04] <smoser> hm.. i dont knwo what htat means.
[21:04] <smoser> can i turn that off ?
[21:04]  * knoxy is away: auto-away
[21:04] <hallyn> smoser: no.  and I don't knwo if it depends on our chosen scheduler
[21:05] <hallyn> might ask in #ubuntu-kernel.  it's possible it's nothing, i've just heard it mentioned somehwere
[21:05]  * knoxy is back (gone 00:00:53)
[21:05] <hallyn> smoser: but what it would mean is that if you  have 10 non-lxc tasks and 10 lxc tasks, the 10 lxc tasks would get as much cpu time as oen of the non-lxc taskss
[21:06] <smoser> really?
[21:06] <smoser> that sounds not good generally.
[21:08] <sarnold> hallyn,smoser, I think you might be recalling the kernel's sched_autogroup_enabled feature
[21:09] <hallyn> sarnold: is that off by default?
[21:09] <hallyn> smoser: waht i can tell you is that a kernel build in a contaienr is much faster than kernel buidl in kvm on the same machine...  if that helps
[21:10] <sarnold> hallyn: on by default, iirc
[21:10] <smoser> hallyn, is it also faster on amd64 than a a 486 ?
[21:10] <smoser> (ie, i would have expected that :)
[21:10] <smoser> sarnold, can i turn it off?
[21:10] <hallyn> smoser: <shrug>
[21:10] <hallyn> i would've expectd it to be closer than it is
[21:11]  * hallyn googles
[21:11] <sarnold> smoser: echo 0 > /proc/sys/kernel/sched_autogroup_enabled
[21:11] <hallyn> would have been nice if that was availalbe through /sys/fs/cgroup/cpu/cpu.*
[21:12] <smoser> sarnold, thanks.
[21:14] <smoser> hallyn, would i need to start a new container for that to take affect ?
[21:14] <smoser> the change of sched_autogroup_enabled
[21:14] <hallyn> smoser: don't thinkn so
[21:14] <smoser> i suspect not
[21:14] <smoser> yeah. ok.
[21:14] <hallyn> looks like a global sysctl
[21:15] <hallyn> i'm looking through /proc/$$/autogroup right now, trying to figure out what it means
[21:16] <hallyn> someone forgot to write the Documentation/ for it
[21:17] <hallyn> hm, does it require CONFIG_FAIR_GROUP_SCHED for that to make a difference?
[21:24] <Joe_knock> Hello, I am trying to VNC into my VPS using RealVNC but I get this error: main:        unable to connect to host: Connection refused (111)
[21:26] <sarnold> Joe_knock: do you have firewall rules on your host that would prevent it? does your ISP have firewall rules that would prevent it (see also amazon's "security groups")? Is the VNC daemon running on your host?
[21:27] <Joe_knock> sarnold: I am not sure. I suppose there must be a firewall installed. What the VPS provider did was to move most of the nodes and change the IP addresses, since then I am unable to access my domain.
[21:28] <hallyn> smoser: so does experiment show that it works?
[21:28] <sarnold> Joe_knock: was your instance rebooted during the move?
[21:28] <hallyn> I did notice a 3.12 bug report about setting it to 0 crashing the host, so i'm gun-shy :)
[21:28] <Joe_knock> I think so sarnold. I've tried rebooting it myself from the web-based CP
[21:29] <sarnold> hallyn: hahaha
[21:29] <sarnold> hallyn: yeah...
[21:29] <sarnold> Joe_knock: oh, okay, well that means it ought to have had a chance to re-bind to the correct IP on the way back up. perhaps it doesn't automatically restart?
[21:30] <smoser> hallyn, i'll let you know in a bit. but i dont think i'll know for sure really.
[21:30] <hallyn> ok - thanks
[21:30] <Joe_knock> sarnold, I installed the JDK web-based plugin and now I am in VNC from the web-based JDK tool. Do you know how to reconfigure networking?
[21:31] <smoser> since i'm not (by design) heavily affecting the outside-container
[21:31] <sarnold> Joe_knock: ifdown <interface name> ; ifup <interface name>
[21:32] <Joe_knock> interface name?
[21:33] <sarnold> Joe_knock: yeah, whatever your network interface name is .. edit /etc/network/interfaces to make whatever changes you need to make..
[21:35] <Joe_knock> sarnold okay I went into cd /etc/network and I see if-down.d and if-up.d
[21:35] <sarnold> Joe_knock: those directories allow you to run scripts when interfaces come up and down
[21:36] <Joe_knock> I see interfaces but I can't cd into it for some reason. Would it be a file?
[21:37] <sarnold> yes, it is
[21:37] <Joe_knock> So in order to reconfigure networking I need to run if-down first and then if-up ?
[21:38] <sarnold> Joe_knock: be aware that when you run ifdown, it -means- it. you need to have an ifup command already queued up and ready to execute, or have access to the console via some other mechanism.
[21:39] <Joe_knock> sarnold: I am currently accessing via VNC and there is no other way to get in (I tried SSH). Can you tie the 2 commands together?
[21:39] <sarnold> Joe_knock: ifdown foo ; ifup foo
[21:39] <sarnold> Joe_knock: some administrators will put an 'ifup' command in a cronjob or at job just incase..
[21:40] <Joe_knock> sarnold, I can't seem to find the interface name. When looking in /etc/network/ the only name I see is "interfaces"
[21:40] <sarnold> Joe_knock: "ip addr" should show you
[21:40] <sarnold> Joe_knock: see "man 5 interfaces" for more information on that configuration file
[21:42] <Joe_knock> damn this is confusing. lol
[21:46] <sarnold> Joe_knock: what are you trying to accomplish? there might be a better way there..
[21:47] <Joe_knock> sarnold, according to my VPS, I need to "reconfigure networking". in the web-based CP, it is a single button, but it keeps giving me an error, although the logs say it is complete. So now I am trying to do it from within the server itself.
[21:48] <sarnold> Joe_knock: ah. it might be worth asking your VPS what your "reconfigure networking" is supposed to achieve :)
[21:49] <Joe_knock> sarnold: The problem is that they don't communicate very well. I'm pretty much on my own (based on the price I pay).
[21:50] <sarnold> Joe_knock: do you need to do this because they assigned new IPs?
[21:51] <Joe_knock> Yes, they moved me to a new node and changed my IP address
[21:51] <Joe_knock> sarnold: ^
[21:52] <sarnold> Joe_knock: aha. so, you need to change your ip -- and maybe netmask? nameserver? -- in your /etc/network/interfaces file.. then bring the interface down and up and hope it works..
[21:53] <Joe_knock> hmmm, I think I will be able to do that sarnold. So it is a 3-step process. Change interfaces file, find interface name and run if-up, if-down.
[21:54] <sarnold> Joe_knock: right
[22:00] <Joe_knock> sarnold: I checked interfaces file, all seems okay there. (showing new ip address, gateway, etc.)
[22:00] <sarnold> Joe_knock: nice
[22:04] <Joe_knock> sarnold: I left the QEMU window open and hit the "Reconfigure Networking" button to see what it is doing. It looks like it reset the server and logged me out.
[22:05] <sarnold> Joe_knock: hahahahahahaha
[22:05] <sarnold> sigh :)
[22:05] <sarnold> well
[22:05] <sarnold> so much for being 'gentle' about it..
[22:06] <Joe_knock> sarnold, I think it is working almost all the way, but in the end it gives me an error message.
[22:12] <Joe_knock> sarnold, well the least I can say from this experience is that it is taking me out of my comfort zone (and I am learning).
[22:34] <Joe_knock> sarnold: It suddenly started working now :'D
[23:37] <sarnold> Joe_knock: sweet! yes, it's great to be pushed a little bit from time to time; it's just nice if you get to plan for it when you've got some spare time to work on things..