[00:00] <apb1963> well, I'm not quite as worried about my ISP... i'm more interested in why MY machine is sending out perpetual bootp requests.
[00:00] <apb1963> Or more exactly..... dhclient.
[00:02] <apb1963> And more importantly... how to make it stop.... other than killing dhclient... which I presume I need running.
[00:14] <apb1963> sarnold: strace output - http://fpaste.org/84551/94583190/   Nothing jumps out at me, but then I don't really know what I'm looking for....
[00:17] <teward> sarnold: unrelated: with the NGINX MIR, who else needs to review it?  And should I poke them, or just wait?
[00:18] <jrwren> its normal of dhclient to continuously do that when you have short lease times
[00:18] <apb1963> sarnold: I'm also not sure how valid that strace is... since it forks a child and exits
[00:19] <apb1963> jrwren: 15 seconds?
[00:19] <jrwren> that is excessive
[00:19] <jrwren> it is always and continuous every 15seconds?
[00:19] <sarnold> teward: good question; since infinity has already done an earlier review he may be ideal for finishing; he's on the MIR team, is familiar with the results and the packaging
[00:20] <apb1963> jrwren: which is why I'm here :)
[00:20] <sarnold> apb1963: yeah, I wondered what was happening in that child.. nothing else seems to stand out. maybe ltrace would be more instructive, we might see some library calls (strcmp, for example) that would be instructive
[00:20] <teward> yeah he helped getting the FFe for the 1.4.6 merge into Trusty so that we have the latest, I"ll poke him and have him do a review of the debdiff
[00:20] <teward> if all goes well, the debdiff that's uploaded to launchpad now might just be all that we have to do for this.
[00:21] <teward> (the nginx twitter has already retweeted my post that only the nginx core modules are getting main inclusion, so at least we have that)
[00:45] <apb1963> sarnold: it's a good idea... struggling with pastebin now, the file is very large so I've been stripping off lines to pare it down to something "reasonable", but I'm not sure how useful a pared down file is going to be.  problem is I still don't know what I'm looking for... I mean can grep for strcmp, but the question still remains
[00:45] <apb1963> sarnold: In any event, that's what I did... so here's that: http://paste.ubuntu.com/7076719/
[00:46] <sarnold> apb1963: hahaha, that's an awesome paste :)
[00:46] <apb1963> is it?
[00:46] <sarnold> apb1963: it's a question I've never thought to ask, "what do all the strcmp calls in this program look like?" :)
[00:47] <apb1963> I don't like using that pastebin... it has no expiration... that's why I was struggling with fpaste
[00:47] <apb1963> sarnold: I got the idea from you
[00:47] <apb1963> sarnold: so you get 98% of the credit
[00:47] <sarnold> apb1963: have you see pastebinit? it's pretty helpful for pasting huge things and lets you pick different pastebins
[00:48] <apb1963> sarnold: yeah... but it doesn't work with fpaste (despite it being on the list)... and you still can't set expiration time... or at least I certainly don't know how.
[00:48] <sarnold> apb1963: aww. :/
[00:49] <apb1963> sarnold: yeah there's even bugs reported against it for the same reason -along with a claim that it's fixed... but it's not.
[00:50] <sarnold> apb1963: it looks mostly like this captures the internals of the bash shell script interpreter, I'm guessing that different tokens get hashed into a certain hash bucket and then bash walks the chain of entries looking for the correct command; e.g. "echo" looks up "else" "elif" "esac" "echo"...
[01:00] <apb1963> sarnold: yeah well... to be honest I'm burnt out on filing  bugs at this point.
[01:00] <sarnold> apb1963: ha, I know the feeling.
[01:00] <apb1963> sarnold: maybe i'll get annoyed enough at some point to overcome the annoyance of filing yet another bug report
[01:00] <apb1963> sarnold: Thanks for your help though!  I learned a new tool... never saw ltrace before.  Catch you another time :)
[01:01] <sarnold> apb1963: have fun! take care :)
[01:01]  * apb1963 exits stage left
[03:17] <GeekD00d> apb1963: earlier you referred me to a channel #php. That channel is invite only?
[05:22] <Midion_> What does everyone here recommend for setting up a server? I just want something with a control panel. I was using virtualmin with webmin and I was told ubuntu no longer supports webmin.
[05:23] <Midion_> I'll just reload the server and try vestacp again.
[05:30] <Midion_> Is there a server setup with ubuntu that includes a control panel and ftp?
[05:38] <kriskropd> Midion_: I just learned about this channel, but I prefer working with my server via ssh - I run bash shells inside of tmux sessions so I can reconenct and continue from where I leave off
[05:38] <kriskropd> s/reconenct/reconnect
[05:39] <kriskropd> you probably are going to want to learn to do the same if you plan on using unix or unix-like servers - while some GUI cpanels exist for this-and-that they tend to be flaky and easily broken
[05:41] <Midion_> I'm just on more of a time crunch. I'm on day 2 of googling every other command i try to put into command line.
[05:42] <Midion_> I still don't have my backed up site up yet. If I had a gui like cpanel which I don't have the money for currently. I would have had my site up by the dealine I set.
[05:43] <Midion_> I'm just stressed. Just so many commands and ofcourse alot have to have something else installed previously just to use that command.
[05:43] <kriskropd> Midion_: you might find commands easier to use and learn if you learn to read the man pages - googling will take too long and often give you information that might be incorrect for your system - also if you are learning something robuts, you might find a channel on irc for that specific topic, for instance #bash or #awk or #sed
[05:44] <kriskropd> s/robuts/robust
[05:45] <kriskropd> Midion_: my suggestions is to take the command thing as slow as you need to, but make the effort to learn it - you will kick yourself for relying on gui once you familiarize with even just the basics of cli :)
[05:45] <kriskropd> Midion_: unfortunately, I don't have any good suggestions on speeding up such a tasking learning process :(
[05:46] <Midion_> I have learned alot more about command line. Using nano, vi, importing my sql through command line. I can only connect to my vps with ssh at this point.
[05:48] <Midion_> I just lost my job after getting in a car accident. So im just trying to get this site up and running as a source of revenue. Its more for personal reasons that im stressing.
[05:50] <Midion_> Thankyou for all of the advice and help.
[05:55] <kriskropd> Midion_: Sorry I can't make things any easier, but I do promise if you can get over the hurdle of cli, you will find things immensly easier as your mind starts to adapt to the more traditional unix-like system
[05:56] <kriskropd> also you have my condolences, I hope things turn out for the best and fortune comes your way :)
[06:04] <arrith> Midion_: i'm not sure if it applies but you see cpanel around
[06:05] <arrith> Midion_: taking a while to read the ubuntu server guide is the best way to do it
[06:05] <sarnold> ugh please not cpanel, might as well just publish your root password on your website..
[06:05] <arrith> haha
[06:09] <kriskropd> Midion_: webmin did at one point work very well and was, AFAIK, one of the better choices, but that was years ago and it was starting to fall apart by the time I actualyl got to try it for the first time
[06:10] <sarnold> ugh not webmin either please :)
[06:10] <kriskropd> sarnold: I'm not supportign webmin :) I used it once, and it never has worked for me
[06:10] <sarnold> I dunno what it is about those control panels, but most 'generic' control panel things have absolutely horrid code quality
[06:10] <sarnold> kriskropd: good good :)
[06:11] <sarnold> perhaps some ISP has a nice home-rolled thing somewhere, but it surely hasn't been well publicised :)
[06:11] <kriskropd> sarnold: I've the feeling that most of them are developed with good intentions, but somewhere along the way the developers realize they are working really hard to build an ineffective wrapper around a very flexible system
[06:12] <sarnold> kriskropd: yeah, I suspect they didn't set out to be a fertile field for remote exploits.. :)
[07:38] <Midion_> now i just have to make sure i setup sftp correctly.
[09:56] <lordievader> Good morning.
[12:07] <pmatulis3> morning
[12:14] <Midion_> mornin
[12:31] <Kully> Hey guys; I'm having issues with a new set up ubuntu pptp server; the vpn server can communicate to all nodes, lan and vpn-lan, vpn-lan nodes can ping to the nodes behind the server, but not the other way around... also nodes on the vpn cannot ping each other. Any help is appreciated!
[13:45] <stetho> The company I worked for was acquired and my users have all been recreated on the parent company's servers. This means all their login names and UIDs/GIDs have changed. Short of recreating everyone is there a way I can give them access to our old NFS shares? Some mount -o user=fred.smith option that I can't find in the man pages for example?
[13:49] <rbasak> stetho: NFSv4 has http://manpages.ubuntu.com/manpages/precise/en/man8/idmapd.8.html. I know nothing more about the topic though.
[13:51] <andol> stetho: Might you not want to update the uids the NFS server, or do you have other systems still relying on the old uids?
[14:19] <stetho> andol: There are other systems.
[14:19] <stetho> rbasak: Thanks, I'll take a look.
[14:49] <DammitJim> silly question. I just set up my server to have a static IP address, but the DNS servers aren't being updated
[14:49] <DammitJim> is there something I need to do to kickstart the update process? My /etc/resolv.conf still says the old servers
[14:49] <DammitJim> even though I added dns-search and dns-nameservers to /etc/network/interfaces
[15:09] <pmatulis3> DammitJim: what did you do ito restarting networking?
[15:10] <DammitJim> sudo /etc/init.d/networking restart
[15:10] <DammitJim> then I did service resolvconf restart
[15:10] <DammitJim> but none of those are doing anything
[15:10] <pmatulis3> DammitJim: what release of 'buntu?
[15:11] <DammitJim> 12.04 TLS server
[15:11] <DammitJim> unless I was supposed to add my dns entries in /etc/resolvconf/resolv.conf/base ?
[15:11] <DammitJim> I"m confused... there are so many places that the internet sites tell you to do it at
[15:11] <rbasak> DammitJim: https://www.stgraber.org/2012/02/24/dns-in-ubuntu-12-04/ is a good source, written by an Ubuntu core developer
[15:12] <rbasak> DammitJim: the correct and easiest way is to "ifdown eth0" (or whatever), change /etc/network/interfaces and "ifup eth0" again. With care, since if you're remote you won't be connected after the first step.
[15:12] <rbasak> DammitJim: but I'm not sure what state your system is in now to fix it from where you are, sorry.
[15:16] <DammitJim> I can go to the machine and make those changes
[15:16] <DammitJim> brb
[15:16] <DammitJim> rbasak, but you are saying if I did the changes in interfaaces, it should all update, right?
[15:16] <rbasak> DammitJim: when the interface is brought up, yes.
[15:18] <DammitJim> I did that, but after bringing the interface back up, it didn't work
[15:18] <DammitJim> maybe I'm missing something
[15:19] <DammitJim> http://pastie.org/8911642
[15:19] <DammitJim> that's my interfaces entry
[15:23] <DammitJim> WEIRD, I ended up rebooting the server and that did it
[15:23] <DammitJim> maybe there is some other service that needs to be restarted when making changes like this
[15:31] <coreycb> jamespage, hi, for bug 1289935 we're missing an upstream patch in our icehouse keystone branch.  to fix that would we need to add the patch to debian/patches?
[15:43] <tomixxx5> hi i have inserted my usb-stick with a ubuntu server 12.04.04 iso image because i want to split my current ubuntu partition. what should i select in the main window. I can only see "Install Ubuntu Server", "Multiple server install with MAAS", "Check disc for defects", "Test memory", "boot from first hard disk", "Rescue a broken system"
[15:43] <tomixxx5> i follow this guide: http://www.howtogeek.com/114503/how-to-resize-your-ubuntu-partitions/
[15:50] <jamespage> coreycb, we should probably cherry pick that fix
[15:51] <coreycb> jamespage, ok, so put it into debian/patches?
[15:51] <jamespage> coreycb, yes
[15:51] <coreycb> jamespage, alright I'll work on that
[15:56] <pmatulis3> DammitJim: restarting networking bits is not obvious unfortunately.  if you can reproduce the behaviour please open a bug
[16:16] <jamespage> hallyn, not getting much more running the test individually
[16:17] <jamespage> hallyn, gonna gdb it
[16:21] <hallyn> jamespage: since this is only happening in ppa, i woudl assume it's either an old-kernel or permissions problem
[16:21] <jamespage> hallyn, I get it in a local schroot as well
[16:21] <hallyn> jamespage: ok that's good then :)
[16:21] <jamespage> so thats precise schroot on trusty
[16:21] <hallyn> since a precise container on trusty kernel on precise userspace didnt' work for me,
[16:21] <hallyn> i assume it has to do with a missing Depends?  maybe...
[16:27] <jamespage> hallyn, might be
[16:27] <jamespage> coreycb, responded on the db sync ticket
[16:27] <coreycb> jamespage, thanks
[16:28] <jamespage> coreycb, yeah - we should fix it the same way everywhere imho
[16:28] <coreycb> jamespage, ok
[16:45] <jamespage> hallyn, its failing in virNetSocketNewConnectSockFD I think
[16:45] <jamespage> src/rpc/virnetsocket.c:899
[16:48] <hallyn> jamespage: and what kind of socket is it trying to connect to there?
[16:48] <coreycb> jamespage, something is wrong with the keystone package repository -- first odd thing I notice is 'dch -i' generates a version with '1:2014.1~b3+master-0ubuntu2'
[16:49] <hallyn> oh i see it in the test,
[16:49] <jamespage> coreycb: we use that notation when we've had todo something based on trunk changing
[16:49] <jamespage> coreycb, I had to refresh the patches to fix the trunk builds earlier today
[16:50] <jamespage> coreycb, I would suggest that you just work against ubuntu:keystone for this change - we can merge it back in later
[16:50] <jamespage> (as changelog only if you see what I mean)
[16:51] <coreycb> jamespage, ok so that's not the issue but building the source package failed too.  I'll try ubuntu:keystone.
[16:51] <jamespage> coreycb, yeah - you would need to pull the master tarball
[16:51] <jamespage> coreycb, I have  script that does that
[16:52] <hallyn> jamespage: can you get an error printed from virNetSocketNew ?
[16:52] <jamespage> coreycb, http://paste.ubuntu.com/7080211/
[16:52] <coreycb> jamespage, thanks!
[16:54] <jamespage> hallyn, trying to
[16:54] <jamespage> coreycb, generally I update the version to include +master and then run that inthe branch
[16:56] <coreycb> jamespage, ok..  so is it ok if I work off this branch?
[16:56] <jamespage> coreycb, as that needs to go to distro now its easier if you work from ubuntu:keystone
[16:56] <jamespage> we can sort out the changelog later
[16:57] <coreycb> jamespage, ok
[16:57] <jamespage> coreycb, or you could just work from the previous revision of the ubuntu-server-dev branch and merge it back in
[16:57] <jamespage> either would work
[17:11] <coreycb> jamespage, is ubuntu:keystone lp:ubuntu/keystone ?
[17:37] <jamespage> coreycb, yes
[17:39] <coreycb> jamespage, ok because it was last modified in oct 2013
[17:39] <jamespage> coreycb, urgh
[17:39] <jamespage> might be out of date
[17:39] <jamespage> sometimes that happens
[17:39] <coreycb> jamespage, yeah looks to be
[17:39] <jamespage> coreycb, http://package-import.ubuntu.com/status
[17:49] <coreycb> jamespage, I guess I'll send an email to  ubuntu-distributed-devel
[18:30] <rostam> HI Is there any reference on how to install ubuntu server with secure boot enabled?
[18:32] <sarnold> rostam: I think you just grab a 12.04.4 installer and go... no?
[18:34] <rostam> sarnold, I am using official 12.04.3 (will try .4 if that is the issue). The secure boot is enabled in BIOS but I do not see /sys/firmware/efi   in the filesystem?
[18:36] <sarnold> rostam: I think the .3 should have had support as well..
[18:37] <rostam> sarnold,  may be I need to check the BIOS configuration again.
[18:38] <sarnold> rostam: note that our "secure boot" efforts are just to get the machines running using ubuntu, there's no integrity checking in the kernel for e.g. loaded modules..
[18:38] <rostam> sarnold,  is there a plan to support it in the next release of LTS (14.04) ?
[18:39] <sarnold> rostam: here's a huge pile of miscelaneous notes.. https://wiki.ubuntu.com/SecurityTeam/SecureBoot
[18:39] <sarnold> rostam: I don't think so
[18:39] <sarnold> rostam: it'll be the same "enablement" but not "enforcement"
[18:39] <rostam> sarnold, thanks, for the info.
[18:45] <tych0> hi hallyn, (smoser?) if i want to write some data to /etc/cloud/cloud.cfg.d/ on an LXC i'm creating, is there a nice way to do that?
[18:46] <tych0> i see there are clone hooks
[18:46] <tych0> but i'm afraid it is a little opaque for me
[18:48] <smoser> in the end the only way to do it to my knowledge is to write files there.
[18:48] <smoser> the clone hook would be able to run some code on every clone of the given container
[18:48] <tych0> ok, that's what i was afraid of
[18:48] <smoser> which could do that for you
[18:55] <hallyn> tych0: the dir /etc/cloud/cloud.cfg.d/ would be on the host, or in theh container?
[18:56] <tych0> sorry, in the container
[19:13] <delete> question, I deployed an image from ec2 into another cloud, it boots fine but it gets stuck for 5 minutes after some ec2 script that I am not able to find to deactivate. syslog output http://pastebin.ca/2655826
[19:22] <delete> any idea?
[19:22] <delete> ssh doesn't start for quiet some time
[19:28] <Kully> anyone ever seen connecting to a vpn bog out a machine?
[19:28] <Kully> especially running sudo commands and such
[19:29] <Kully> non-sudo seems to run at normal speed, but sudo nano etc takes for ever to load, and all sites on tomcat/apache load VERY slow
[19:31] <pmatulis3> Kully: do you use any remote (ldap) user management/authorization?
[19:36] <Kully> eh; tomcat hit's a database, but that's just for the websites
[19:36] <Kully> I can barely get hte sites to load, when they do there is a time out between the database connection I can see in the logs
[19:37] <Kully> but even when I was using tomcat-users for authentication I was still seeing the server bog
[19:38] <Kully> if I work as root it speeds up the commands; but sites still take to long to load etc. when I close the vpn it's still really slow until I reboot, then everything is back to normal
[19:42] <pmatulis3> maybe the server is using the vpn when it shouldn't, dunno, sniff traffic on the wire (tcpdump)
[19:43] <Kully> I don't think I know enough to do that :/ I wouldn't really know what I'm looking at
[19:44] <Kully> know any alternative VPN clients I could try for ssl vpn? right now I'm using netExtender for dell ssl vpn
[19:44] <Kully> we have a sonic wall
[19:44] <pmatulis3> openvpn
[19:44] <Kully> cool
[19:44] <Kully> thanks
[19:44] <markthomas> Kully, for starters, check the routing table before opening the VPN connection and then again after it's closed.  They should be identical.
[19:44] <Kully> i'll give that a show
[19:44] <Kully> ok
[19:45] <markthomas> +1 for OpenVPN
[19:48] <Kully> http://pastebin.com/iHMMjP0X
[19:48] <Kully> they're not the same
[20:00] <pmatulis3> before and after, not during and after
[20:09] <jamespage> hallyn, it might be related to http://osdir.com/ml/libvir-list/2013-10/msg00871.html
[20:09] <jamespage> but I'm not 100% convinced
[20:09] <Kully> http://pastebin.com/eZXYjDGY
[20:10] <Kully> still different, what does that mean
[20:54] <mgw> I'm having an issue getting dnsmasq and resolvconf to play nicely
[20:54] <mgw>  /etc/resolvconf/resolv.conf.d/base has my name servers in it
[20:54] <mgw> but they're not propagating to /var/run/dnsmasq/resolv.conf
[21:32] <mgw> I'm having an issue getting dnsmasq and resolvconf to play nicely
[21:32] <mgw>  /etc/resolvconf/resolv.conf.d/base has my name servers in it
[21:32] <mgw> but they're not propagating to /var/run/dnsmasq/resolv.conf
[21:44] <el_seano> I'm playing around with lib-virt, and deployed a vanilla precise-server image.  However, upon trying to connect to the VNC console after finishing the install, the console stops just before the login screen
[21:45] <el_seano> I installed openssh during the installation, and can ssh into the system, but it requires me having to sift through my logs to find which ip it nabbed via dhcp
[21:45] <el_seano> tried switching from vnc to spice with the same result, and getting it to play nice via serial console is giving me a headache
[21:45] <el_seano> any suggestions?
[21:46] <el_seano> primarily using virt-manager on 14.04 beta
[22:21] <thumper> hallyn: when running lxc-create, man page doesn't mention -B best, but people are talking to me about it
[22:21] <thumper> right now I'm special casing btrfs
[22:21] <thumper> what is the logic behind -B best?
[22:22] <hallyn> thumper:         char *best_options[] = {"btrfs", "zfs", "lvm", "dir", NULL};
[22:23] <hallyn> it tries in that order to pick a backing store
[22:23] <thumper> we have zfs?
[22:24] <hallyn> sure, i've used it with the zfs module at least
[22:24] <thumper> right now I can determine btrfs by asking the OS
[22:24] <thumper> and juju logic currently says "if not btrfs, use aufs"
[22:24] <thumper> is it worth special casing lvm?
[22:24] <thumper> and if so, how would I know?
[22:25] <thumper> hallyn: so as a side note, man page for lxc-create needs to mention "best"
[22:25] <hallyn> yup (or we remove it :)
[22:26] <hallyn> lvscan?
[22:26] <hallyn> but, if you use -B best then you don't need to check it yourself
[22:26] <thumper> if we use lvm backing we need extra params as well don't we?
[22:26] <thumper> I'm just thinking on the clone side
[22:26] <hallyn> only if you don't like the defaults
[22:26] <thumper> kk
[22:27] <thumper> however, I need to work out when on clone to specify "aufs"
[22:27] <thumper> I can use "-B best" on create
[22:27] <hallyn> stgraber: i suppose aufs should be added to the -B best set ^
[22:27] <thumper> juju now always specifies "--snapshot" for clone
[22:28] <hallyn> no wiat,
[22:28] <thumper> and if not btrfs, specifies "-B aufs"
[22:28] <Midion_> Is there anyway for me to test why my site is down? I ping the name and it points to the ip used for my server.
[22:28] <thumper> but that won't help lvm backing
[22:29] <hallyn> thumper: *or* you could just say that btrfs is highly recommended, and use only copy clone dir backed containers otherwise
[22:29] <hallyn> let the user specify a custom lxc path (i.e. /opt/juju) where they can mount btrfs, but leave it at that
[22:29] <hallyn> that would simplify debugging imo
[22:30] <hallyn> just bc lxc provides all those other optiosn doesn't mean you should support all of them
[22:30] <thumper> true that
[22:30] <thumper> I'm going to keep things explicit I think
[22:31] <thumper> other mount dirs can come later
[22:31] <thumper> btrfs aware juju, and defaulting to aufs will be fine for this version IMO
[22:31] <thumper> thanks
[22:32] <hallyn> thumper: well i was suggesting not even doing aufs...
[22:32] <thumper> nah, aufs is too cool
[22:32] <thumper> keeping that :)
[22:32] <hallyn> alrighty
[22:32] <thumper> thanks
[22:32] <thumper> no doubt we'll iterate on the lxc goodness inside juju
[22:32] <hallyn> just had someone on precise on 3.13 kernel report some host hangups with aufs....
[22:32] <thumper> but this is good enough for now
[22:32] <thumper> we are doing this for trusty ++ only
[22:32] <thumper> and only for the local provider
[22:33] <thumper> not lxc inside other machines
[22:33] <hallyn> well this was a kernel bug;
[22:33] <hallyn> but presumably will be fixed
[22:33] <hallyn> heck lemme see if i can reproduce that right now
[22:34] <Midion_> I went to http://www.downforeveryoneorjustme.com/ and it says my site is down. I am ssh'ed into my ubuntu server. When I ping my site with command prompt it is also giving the ip for my server.
[22:35] <flaccid_> i setup juju per the docs for amazon. when i do juju bootstrap it returns, ERROR environment has no access-key or secret-key, but those are set. is this a bug?
[22:39] <Midion_> went to http://www.whyismywebsitedown.com/ and it says: Your site is responded with a message of 503: Service Unavailable
[22:40] <coreycb> jamespage, 1289935 is ready but I haven't done a merge request because it looks like a merge against lp:~ubuntu-server-dev/keystone/icehouse will have conflicts
[22:40] <Midion_> Site was only working a few hours. Maybe it was hacked because I have done nothing on it but post articles on my blog.
[22:40] <sarnold> Midion_: excellent :) look through your logs in /var/log/ and try to find that 503 response..
[22:40] <Midion_> ty
[22:41] <coreycb> jamespage, due to stepping back 1 revision
[22:49] <Midion_> maybe i got ddoss attacked.
[22:49] <Midion_> most likely spelled that wrong....
[22:52] <sarnold> Midion_: ddos shouldn't cause 503
[22:52] <Midion_> named[26827]: client 65.55.37.36#27785: query (cache) 'ns1.saptraining4all.com/A/IN' denied
[22:52] <Midion_> I see this in my log over and over and over
[22:53] <Midion_> i have no idea what ns1.saptraining4all.com is.
[22:54] <sarnold> that could be trying to use your dns as part of a ddos, yeah
[22:55] <sarnold> I hope your dns recursor isn't wide-open?
[22:56] <Midion_> i have no idea what a dns recursor is. i have been battleing with ubuntu for 3 days just to get my site up and finally a few hours ao it was up and now its down.
[22:56] <sarnold> hrm, why are you running bind?
[22:57] <Midion_> im using vestacp
[22:57] <Midion_> i think it includes bind
[22:57] <flaccid_> maybe there is some crazy problem with juju not working on os x. i guess i'll try it on ubuntu. everything is certainly configured correctly!
[23:01] <Midion_> should i install CSF + LFD???
[23:14] <Midion_> Is there anyway to get my site back?
[23:16] <sarnold> Midion_: did you find the source of your 503 errors?
[23:19] <Midion_> the only thing I can tell is on_> named[26827]: client 65.55.37.36#27785: query (cache) 'ns1.saptraining4all.com/A/IN' denied was showing up over and over for many many hours.
[23:20] <Midion_> im wondering of that is the problem.
[23:20] <Midion_> if
[23:21] <sarnold> Midion_: it can't be good. if you don't know why you have bind instlaled, I'd go to some effort to turn it back off again. it's nothing but trouble.
[23:22] <Midion_> is bind for nameservers?
[23:22] <sarnold> yes
[23:23] <Midion_> that what it must be for then.
[23:23] <Midion_> I followed this tutorial. http://www.servermom.org/add-new-website-vesta-cp/1066/
[23:24] <sarnold> Midion_: so, at step 2, what DNS servers did you put for your domain?
[23:24] <Midion_> i have ns1.mydomainname.com and ns3.mydomainname.com in my configuration.
[23:24] <sarnold> Midion_: do you host those servers yourself?
[23:24] <Midion_> i mean 2
[23:25] <Midion_> i changed my nameservers at internetbs.net to those 2.
[23:25] <sarnold> do you host those servers yourself?
[23:25] <Midion_> i guess not
[23:25] <Midion_> i was just following what the tutorual says and it just used my same ip.
[23:26] <sarnold> then I'd turn off named :) you don't want to run bind.
[23:26] <sarnold> and if your configpanel thingy doesn't make that easy, I'd kill the vm instance and start over, their intsall script scribbles over a -lot- of settings
[23:27] <sarnold> (to be fair, their intsall script wasn't as horrible as I feared, but there's way too much downloading without integrity and authenticity checking for my tastes.)
[23:28] <Midion_> ok i think its off now.
[23:30] <Midion_> but my site still down. i can only get to it from the ip.
[23:31] <Midion_> i just understand because if i ping my domain name it also gives me my ip.
[23:31] <Midion_> dont understand i mean
[23:32] <sarnold> Midion_: did you find the reason for the 503 in your web server logs yet?
[23:36] <Midion_> this is what i see http://pastebin.com/pDVzHbip
[23:38] <sarnold> Midion_: check your web server logs, either /var/log/nginx/* or /var/log/apache*/*
[23:38] <Midion_> ok ty
[23:41] <Midion_> http://pastebin.com/G4BtyqUM
[23:48] <sarnold> Midion_: it doesn't look like a particularly clean config, but no real errors either. one bad file descriptor from a client socket is hardly the end of the world..
[23:48] <sarnold> Midion_: check the other logs in that directory? something has to have logged that 503.
[23:49] <Midion_> ok
[23:56] <Midion_> http://pastebin.com/k3yJuJkF