blottofacesarnold: apache complains after I restart that the Alias directive will likely never be reached because it overlaps an earlier alias.  I can't for the life of me find any other Alias directives for apache.  I even went so far as to disable the 000-default site.00:03
sarnoldblottoface: grep -ri alias /etc/apache* or something? :)00:04
sarnoldgrab the big guns..00:04
blottofacehrm, I'll have to take a look at this tomorrow.  That's a pretty bad bug in the package.00:10
zzxcHey guys, I'm trying to get my a machine running 12.04 server to play audio and keep getting this message 'ALSA lib pcm_dmix.c:1018:(snd_pcm_dmix_open) unable to open slave' anyone have a where to start to fix this?00:15
PryMar56zzxc, install alsa tools?00:43
PryMar56can you open the ncurses mixer?00:44
PryMar56zzxc, I run xmms2+abraca00:44
PryMar56works headless00:45
zzxcPryMar56: Yeah ALSA works fine there is 3 cards outputs listed but it works00:45
zzxcxmms2+abraca what is it?00:45
PryMar56xmms2 is a server and abraca is a frontend which can x11 forward00:45
PryMar56xmms2 plays all digital formats+icecast+online radio00:46
zzxcPryMar56: Mmmm, yeah Its less an issue of that part. More of an issue of everything gives me that same message.00:47
zzxcPryMar56: I'm running MOCP and pianobar, and was hoping to get airplay enabled so I can play sound through my speakers. But I'm currently having some issues with that.00:48
zzxcIts been a while since I'm worked on a server isntance that had physical hardware.00:48
PryMar56zzxc, login as users , do groups: are you member of audio and video?00:51
zzxcvideo no audio yes00:52
zzxcGot the speakers to pop. Scared the shit out of me. Also most likely in the wrong jack from the looks of it00:53
basketballdoes anyone have a server that i can you real quick i want to test a setting02:54
=== Ursinha is now known as Ursinha-afk
=== Ursinha-afk is now known as Ursinha
=== thumper is now known as thumper-cooking
fiasco_avertedI have two-factor authentication setup in Ubuntu 13.10 using pam.d and google-auth. It prompts me for username then password then two-factor-auth token. I'd like it to only be two total prompts, one for username, and one for password+2FA-token.05:36
fiasco_averted(10:23:11 PM) fiasco_averted: Any idea how to set that up? I assume it's a line or two in /etc/pam.d/sshd, but after trying a few examples from blog posts and reading the man page on pam.d I haven't found a working solution. Thanks. Next step is to hook it up to openvpn as well, and I believe that'll require the pasword+token setup as well.05:36
=== justizin_ is now known as justizin
sarnoldfiasco_averted: hrm, I wouldn't expect there to be any easy way to get only two prompts05:52
sarnoldfiasco_averted: without having investigated at all :) I expect the answer would be to write or find a PAM module that does exactly what you want05:52
sarnoldfiasco_averted: since PAM is .. finicky .. and vital I'd be scared to do it myself05:53
fiasco_avertedsarnold: I'm pretty sure its possible just within the pam.d sshd file configuration. That's how I set it initially. Others with other OSes seem to just be editing that file, but then calling different authentication .so files that ubuntu doens't have (on OSX for example). I'm testing this out in a snapshotted VM first, so I'm more than willing to break everything without causing any issues.05:58
sarnoldfiasco_averted: hooray for vm-testing :)06:01
sarnoldfiasco_averted: you actually had password+2fa token working in one prompt somehow earlier?06:01
fiasco_avertedyes, with three prompts. 1. username 2. password 3. 2FA06:02
sarnoldah, okay06:03
fiasco_avertedsarnold: its dead simple to setup on ubuntu 13.10 http://fiascoaverted.blogspot.com/2014/03/configuring-two-factor-authentication.html06:03
fiasco_avertedI just want to condense the second two prompts into one.06:03
sarnoldfiasco_averted: yeah, that's the part that I think will be difficult to do without writing your own pam module; none of the pam modules I found in the archive via "apt-cache search two-factor" have a mention in their description that they could accept both unix password and token in one prompt -- you'd think it'd be a selling point of the module if it could do that..06:06
sarnoldoh, I see that's your blog :) nice post06:06
fiasco_avertedthanks. Its up in a million different places, but I hadn't seen it confirmed with the default spelled out for 13.10 and this is less verbose than others, so felt I should document it. I'm going to setup a openvpn a few different ways and document that on the blog as well, but I want to get this one line password+token first.06:13
=== RaptorJesus is now known as BassToMouth
=== BassToMouth is now known as RaptorJesus
grekhi i have this situatiuon http://superuser.com/questions/732971/virtualbox-no-suitable-module-for-running-kernel-found07:35
grekplease help07:35
JiHui_Choiubuntu 13.10, cron makes two pids for one job. Is it normal?07:36
JiHui_Choi  ├─cron,102207:36
JiHui_Choi  │   └─cron,219107:36
JiHui_Choi  │       └─sh,2193 -c php -f /home/foo/bar.php07:36
JiHui_Choi  │           └─php,2195 -f /home/foo/bar.php07:36
JiHui_ChoiOf  course not, I think. please let me know how to fix this.07:37
=== mrpink is now known as misterpink
|usefedoraHi, I'm running precise server on a laptop, and I need some daemons to remain running when I shut the lid.08:23
|usefedoraDoes anyone know how one might go about making that happen?08:23
smbzul, I know, that is on my list. Yes, it is called code (and a bit of documents in the various doc subdirs in the source).08:34
memoryleaki discovered a screen session running as root with the " while true; do echo -n "$(date) : "; echo "$(dig +short www.beaverbrooks.co.uk @dns0.star.co.uk)"; sleep 1; done" command running :(08:39
Simon818Hi. Anyone around for a quick install-related question?09:00
Simon818lol I guess IRC will always be a place for idle people09:05
bluefrogask your question first. comment after09:12
* Simon818 nods09:12
ubottuSimon818,: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience09:13
Simon818So I'm wondering what to expect when installing Ubuntu server. I ask this because I am a blind computer user and want to make sure I even can09:13
cfhowlettSimon818, be aware that the default is no graphic user interface ...09:14
Simon818I definitely wasn't impatient, just haven't had to venture onto IRC for a long time. Sorry if it seemed that way. Anyways, onward09:14
cfhowlettSimon818, no worries.09:14
cfhowlettmemoryleak, I'd suspect you have a script somewhere invoking that dig command.  definitely NOT ubuntu default so ...09:15
memoryleakcfhowlett: I suspect the server is compromised09:16
Simon818Actually not having a GUI is better. But I do wonder whether I can, say, connect via SSH and then complete the install process. I gues I could try and mess with the server machine to get seakup running or something but, seems kind of pointless if said thing is possible.09:16
cfhowlettmemoryleak, based on this alone?09:16
cfhowlettSimon818, ssh is out of my area of experience ...09:17
memoryleakcfhowlett: It's at least a good reason to investigate further09:17
Simon818Hmm ok09:18
cfhowlettmemoryleak, agreed.09:18
memoryleakcfhowlett: Especially because it's in a infinite loop09:18
cfhowlettSimon818, repost at intervals and someone should answer09:18
cfhowlettmemoryleak, yeah, that's typically a good sign of foul play.09:18
Simon818I'd assume that the install process is something like a standard comand line installer with prompts and such09:18
cfhowlettSimon818, indeed - CLI all the way09:19
bluefrogSimon818, if you want to access a server via ssh then what is your problem? what you have on screen will be read by your system, no?09:19
Simon818wonder if server comes with sound drivers... somehow I think not09:19
memoryleakcfhowlett: There are so many users on that server with SSH access, develoepers, wannabe sysadmins and so on.09:19
cfhowlettSimon818, I don't recall but they're easily added09:19
cfhowlettmemoryleak, infinite loops seems like a kiddie script.  hiding it in the root processes seems malicious ...09:20
Simon818bluefrog: I need a way to INSTALL the server to begin with, so was just trying to determine whether I could install the server OS onto machine 2 using machine 1 for SSH access09:20
cfhowlettSimon818, http://www.unixtutorial.org/2009/05/ubuntu-ssh-how-to-enable-secure-shell-in-ubuntu/09:21
ubottuSimon818,: SSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSH for client usage. PuTTY is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. See also !scp (Secure CoPy) and !sshd (Secure SHell Daemon)09:22
cfhowlettSimon818, as I said, someone on this channel has done installation via ssh - just not me09:23
Simon818Hmm yeah, PuTTY is what I use generally too09:23
shreddingIf i want to upload or download stuff to my ubunto server and am logged in with ssh, I have to log out and reloing to sftp and after that logout and relogin with ssh to continue work.09:24
shreddingis there a faster way?09:24
bluefrogSimon818, have no way to test a server install right now. might take me 30 minutes before i can do that09:24
Simon818t's no big deal, I'm having a look at some resources I know of in the meantime, because I know people have done this before.09:24
bluefrogSimon818, am downloading a server. will test that in 30 minutes if you stick around09:27
shreddingOr is there a way to upload stuff via ssh?09:27
Simon818I should be here, I'm already up late, no reason to bother changing that now. lol09:27
bluefrogSimon818, i assume you will have speakers hooked up to the machine used for servers...09:28
Simon818sure, easy enough to do. It's just an old junk desktop that can't run windows worth a crap, so figured I'd play with Linux and familiarize myself with it more09:29
Simon818I've used Linux for years in a VPS type situation, so I suppose this is experimental as much as anything09:29
mardraumSimon818: easiest way is to use scp09:31
Simon818for what exactly?09:31
mardraumSimon818: sorry, responding to earlier questions about upload/download09:32
Simon818Oh I think that was someone else09:32
* mardraum takes reading classes09:32
Simon818it happens. Lol09:32
mardraumshredding: look into scp, it's easy and you can do it in either direction09:33
shreddingah, so scp is a command that is executed from within ssh?09:34
shreddingmardraum: But I cant scp to my local computer?09:35
mardraumfrom your shell, yes09:35
mardraumshredding: assuming you make ssh available on your local connection, you can09:35
mardraumshredding: you can also run multiple windows within a ssh session, look into tmux or screen09:36
shreddingWhat does it mean to „make ssh available“ on my local machine? I’m on a mac and want to download log files to my local machine or upload stuff without having to open cyberduck or other clicky-dicky stuff.09:37
shreddingi have ssh installed and can login via ssh from my mac, does that mean i have it „available"?09:37
mardraumjust open a new terminal and use sftp or scp?09:38
bluefrogshredding, yes you have ssh scp sftp on mac09:38
bluefrogmac is linux09:38
bluefrogproprietary linux :)09:38
mardraumwell, it's not actually linx09:39
shreddingSo if I connect from my mac to my ubuntu server ...09:39
bluefrogyeah bsd09:39
bluefrogshredding, yes09:39
shreddingWhat would be server in that case: scp file  user@server:/targetdirecotry/09:39
shredding(if i want to download file)09:40
bluefrogshredding, scp user@server:/targetdirecotry .09:40
bluefrogshredding, to download the target blah blah into your current dir09:40
mardraumshredding: assuming your local machine does not listen on port 22 on the internet, or have it forwarded, it's going to be easier to run from a local shell09:40
Simon818someone mention me for a sec? I want to make sure I have the sound working09:40
Simon818for some reason it wasn't before.09:41
shreddingbut „server“ is not correct, isn’t it?09:41
bluefrogSimon818, no09:41
Simon818good times09:41
Simon818bluefrog: thanks09:41
shreddingit should be an ip or so, but my local computer does not have a static ip.09:41
shredding(sorry if i do not get the obvious)09:41
mardraumshredding: open a new terminal on your local machine, and do "scp user@server:/some/path/file.txt ."09:42
bluefrogshredding, server=address of the server, either a FQDN or IP09:43
shreddingI understand that, I’m talking vice versa.09:44
shreddingIf I’m logged in on my ubuntu, how woul i push a file to my local machine?09:44
shreddingWhat would be „server“ in that case?09:44
mardraumyour local machines has to have ssh open to the world09:44
mardraumusually on home connections by port forwarding09:44
mardraumwe have no idea how your network is setup.09:45
bluefrogshreddinged and you will need to know your public IP09:45
shreddingWell, there is no network setup.09:45
shreddingI connect to my wlan router and thats it.09:45
mardraumreally? you appear to be here09:45
shreddingYeah, it’s a network.09:45
shreddingBut my ssh is not open to the world.09:46
bluefrogshredding, but actually it seems you may have to learn a bit more before tring to scp whatever09:46
mardraumit's going to be easier for you to pull from the server09:46
mardraumforget about the other direction, you are not setup for it.09:46
shreddingI already learned a lot, but once you open a door, a whole new world pops off and I feel like not knowing anything ;)09:46
shreddingWhere can i read about that topic?09:47
mardraumport forwarding?09:47
shreddingI have port forwarding setup on my local computer.09:48
shreddingEven though i did not fully understand what it does, but i have an idea.09:48
shreddingSo basically i guess i have to pick up the greater topic.09:49
Simon818local computer ... port forwarding .... *WHAT*?09:49
shreddingI’m not sure.09:51
shreddingI guess i will start by reading the scp man page.09:51
shreddingthanks for the input, all.09:51
bluefrogSimon818, out of curiosity, how do you activate speakup on a normal install?10:06
bluefrogSimon818, trying the server install. there's no speakup option when starting it. you will need someone to do the install for you10:09
bluefrogSimon818, or you could set up a network install, preseed and launch a stand alone server install10:11
Simon818bluefrog: your last option sounds somewhat promising, I have n oidea how to go about doing that though10:20
Simon818bluefrog:  sorry, I was afk for a few. I know people have done this, it can't be impossible.10:21
bluefrogSimon818, https://help.ubuntu.com/community/Installation/Netboot10:24
bluefrogSimon818, http://searchitchannel.techtarget.com/feature/Performing-an-automated-Ubuntu-install-using-preseeding10:25
Simon818bluefrog:  both of these look useful, checking now. thanks10:25
Simon818bluefrog: It looks like kickstart is probably the best option. I'd like to investigate the idea of accessing the server installer remotely somehow so I can install it myself in the right circumstances, but this is no different from the way we have to do windows installs, so I'm used to it. Thanks a lot for investigating this, I really wouldn't have known where to look.10:35
rostamHI I am using LTS 12.04. I like to upgrade the grub to the version released with 12.10. Is this possible? if so how I can do that? thx10:40
cfhowlettrostam, sudo apt-get distp-upgrade10:40
cfhowlettrostam, will update ALL your currently installed packages to current levels in the repos10:40
rostamcfhowlett,  Thanks for info, but I like to stay with LTS release, I want to upgrade only grub if it is possible???10:42
cfhowlettrostam, that WILL keep the lts release10:42
bluefrogrostam it will upgrade for 12.04 not 12.1010:42
cfhowlettrostam, sudo apt-get install grub210:43
ubottuGRUB2 is the default Ubuntu boot manager. Lost GRUB after installing Windows? See https://help.ubuntu.com/community/RestoreGrub - For more information and troubleshooting for GRUB2 please refer to https://help.ubuntu.com/community/Grub210:43
cfhowlettsee the RestoreGrub option10:44
rostamcfhowlett, bluefrog  oh thanks, so far I have been using "apt-get upgrade"  I was not aware of "distp-upgrade", what are the differences? thx10:44
rostamapt-get disp-upgrade is not valid so I missed something here...10:46
cfhowlettrostam, apt-get dist-upgrade   my apologies - fat finger syndrome10:46
bluefrogrostam, apt-get dist-upgrade and man apt-get to read about the differences10:47
rostamthank you all.10:47
=== hggdh_ is now known as hggdh
=== Ursinha is now known as Ursinha-afk
zuljamespage:  i just noticed the neutron migration script got merged13:13
=== Ursinha-afk is now known as Ursinha
hallynzul: do you have a rig on which you could set up some nova stress testing for bug 1228977?14:18
uvirtbotLaunchpad bug 1228977 in nova "n-cpu seems to crash when running with libvirt 1.1.1 from ubuntu cloud archive" [High,Confirmed] https://launchpad.net/bugs/122897714:18
hallynor do yo uknow who does?14:18
hallyni think just an hour of a script creating/starting/destroying instances should suffice14:18
zulhallyn:  yeah gimme a sec14:18
zulhallyn:  saucy or precise?14:19
hallynzul: saucy14:20
zulhallyn:  yeah gimme a sec14:20
hallynawesome, thanks14:20
hallynoh look, gaughen didn't update the meeting page, she gets to run the meeting again :)14:20
zulhallyn:  what do you need me to do?14:25
zulhallyn::  yeah gaughen  has to run it again14:25
hallynzul: well the test case is a bit vague, so i think simply setting up a small openstack with libvirt-proposed, and making sure that heavy instance create/start/destroy doesn't crash anything and all instances start up,14:27
hallynwill suffice.  we can at least say it absolutely did not regress, and appears to ahve been solved14:27
zulhallyn: this one has the load fix as well?14:28
hallynzul: the one dberrange pointed us to, yeah14:28
zulhallyn:  ok14:28
hallynthen once mdeslaur pushes the new security fix i've got 3 more bugs to sru to saucy :)14:29
hallynwhen does saucy eol again?  april?14:29
hallynjuly, ok, so worth it14:29
gaughenhallyn, damn it14:32
gaughenI guess I do get to run it, as penance  <-- hallyn, zul14:33
zulgaughen:  i did14:33
zulgaughen:  i had to run it twice because i forgot to update the wiki page14:34
gaughenzul, it's fair14:34
gaughenzul, are you really next?14:34
zulgaughen:  no i dont think so14:34
[conrad]Hello everyone. I'm using 12.04 and just recently installed a new NIC, and now my LTSP doesn't work anymore. Specifically the DHCP server isc-dhcp-server. I originally thought it wass because my interface went from eth1 to eth4, but I got that resolved ( it's now eth1 ). Trying to start the server via init or service results in a failure, and there is nothing in syslog, just "error code 1" in kern.log .14:34
ubottuLTSP is the Linux Terminal Server Project, which adds thin-client support to Linux servers. See chapter 3 of the !edubuntuhandbook, http://www.ltsp.org and/or http://en.wikipedia.org/wiki/Linux_Terminal_Server_Project14:35
hallynzul: you should move yourself to the back then :)  i did assume iw as next after gaughen14:36
=== mjohnson15_2 is now known as mjohnson15
ogra_[conrad], you might want to try #ltsp too14:36
zulhallyn:  even better if i remove myself from that list :)14:36
[conrad]cfhowlett: If that was for me, again it's just the DHCP server at this point that is the problem.14:36
cfhowlett[conrad], OK.  completely over my head ...14:37
=== kermit1 is now known as kermit
atpa8awhich upstart job executes init.d stuff?..14:53
=== kermit is now known as Guest69209
=== Guest69209 is now known as kermit
=== mjohnson15_2 is now known as mjohnson15
jodhatpa8a: /etc/init/rc.conf (see http://upstart.ubuntu.com/cookbook/#the-rc-job)15:08
atpa8arc-sysinit rather15:09
caribougaughen: I might be slightly late to the meeting. I have nothing to bring up this week15:19
gaughencaribou, thanks for the heads up. I try to move fast.15:20
rostamHI I am using 12.04 LTS. I need to use grub2-common pkg which comes with 1210. I need to port this package to 12.04. How is this possible? thx15:40
hallynzul: jdstrand: there is a patch on today's livirt m-l to make vfio work (fixing bug #1276719).  i'll probably merge it in when i push the fix for the trusty machine type15:41
uvirtbotLaunchpad bug 1276719 in libvirt "apparmor denies VFIO passthrough: RLIMIT_MEMLOCK and /dev/vfio/XX" [Medium,Confirmed] https://launchpad.net/bugs/127671915:41
bluefrogrostam try your luck with backport repo15:42
jamespagezul: great!15:42
rostambluefrog: you said "luck" that scares me. Thx15:43
bluefrogrostam, don't know if there's a backport for that15:43
zulhallyn:  ack15:44
rostambluefrog,  thanks,15:45
jamespagecoreycb, zul: either of you have capacity to look at https://jenkins.qa.ubuntu.com/view/Trusty/view/AutoPkgTest/job/trusty-adt-python-boto/5/15:53
jamespagethat's blocking boto -> release for 14.0415:53
coreycbjamespage, sure15:55
coreycbjamespage, what package is this for?15:55
zetherooAfter performing an update and rebooting the server will no longer boot up .. trying in recovery mode it comes to the point "Gave up waiting for root device." and dumps me into initramfs ... :P16:12
zetherooAbove it says "Alert! /dev/disk/by-uuid/*UUID* does not exist.16:12
timmytimtimoi choosed Server Virtualization for my final project. i want to use ubuntu server 12.04, how can i get kvm and libvirt-bin to install16:13
timmytimtimoi need help?16:14
cfhowletttimmytimtimo, not going to do your homework for you ---16:14
cfhowlett!info !kvm > timmytimtimo,16:15
cfhowlett!info kvm > timmytimtimo,16:16
timmytimtimocfhowlett, please how can i install kvm and libvirt-bin?16:16
cfhowletttimmytimtimo, have you installed server?16:17
cfhowletttimmytimtimo, have you installed any additional software on the server?16:18
cfhowlettsudo apt-get install16:18
timmytimtimoit said install can not be found on E:16:20
cfhowletttimmytimtimo, time for you to stop being lazy "ubuntu + server + install + kvm" in your favorite search engine16:21
jpdstimmytimtimo: sudo apt-get install kvm libvirt-bin -y # done.16:21
gaughenso is it zul or hallyn running the meeting next week?16:22
timmytimtimoam new in ubuntu server16:22
hallyngaughen: put me down, move zul to right in front of you at the back16:22
gaughenthanks hallyn, done!16:23
zulthats fair16:23
timmytimtimowhere can i download libvirt-bin?16:25
coreycbjamespage, when you have a chance: https://code.launchpad.net/~corey.bryant/charm-helpers/1294140/+merge/21243016:25
jamespagecoreycb, something is wonky with your branch16:28
coreycbjamespage, hmm16:29
coreycbjamespage, I have parent branch: bzr+ssh://bazaar.launchpad.net/~openstack-charmers/charms/precise/nova-compute/icehouse/16:29
jamespagewrong target - lp:~openstack-charmers/charm-helpers/icehouse16:29
jamespageyeah - you are targetting a nova-compute update against the charm-helpers branch16:30
jamespagecoreycb, ^^16:30
coreycbjamespage, that's right.. the last fix I proposed was for charm-helpers and I re-used that16:31
jamespagecoreycb, good-oh16:31
coreycbjamespage, https://code.launchpad.net/~corey.bryant/charms/precise/nova-compute/1294140/+merge/21266716:37
jamespagecoreycb, +1 merged16:51
coreycbjamespage, np thanks!16:51
zulhallyn:  looks ok so far17:13
hallynzul: awesome, thanks.  if you add a comment to the bug i'll add the verification-done tag17:14
zulhallyn:  bug number again?17:14
hallynbug 122897717:14
uvirtbotLaunchpad bug 1228977 in nova "n-cpu seems to crash when running with libvirt 1.1.1 from ubuntu cloud archive" [High,Confirmed] https://launchpad.net/bugs/122897717:15
zulhallyn:  done17:15
hallynexcellent, thx17:16
hallynmdeslaur: ^ how long will the saucy-security package percolate?17:17
hallyn(i'll make a note to push the next 3 patches to -proposed the day after)17:17
mdeslaurhallyn: it depends how long it's going to take me to test it...it's lxc fixes17:18
mdeslaurhallyn: there's a test script for the lxc backend, right?17:19
mdeslaurhallyn: let me build it and stick it in the security team proposed PPA, and I'll let you know17:20
hallynmdeslaur: oh feh, i don't expec tthose to work now17:20
mdeslaurhallyn: oh har har, another cve popped up17:22
mdeslaurhallyn: forget it, push your changes to -proposed, it's going to take me a while to get to it17:22
hallynmdeslaur: ok - if you need to drop these no big deal (these should be pretty simple).17:23
hallynthanks, ttyl17:23
utlemmingsmoser: i386 cloud images are failing to build: http://paste.ubuntu.com/7152440/18:25
utlemmingsmoser: it looks like libc6-xen requires a version a libc6 that is older than what is already installed/required18:27
uvirtbotLaunchpad bug 1271534 in eglibc "libc6-xen:i386 installation can cause panics on boot" [High,Fix released]18:27
smoserthat is what did it18:27
Valduarehey guys how do I setup a reverse ssh tunnel that auto re-connects18:47
andolValduare: s/ssh/autossh/18:58
Valduaregoogling that18:59
andolActs as a wrapper around ssh, but also establishing an additional tunnel loop which it uses to check whatever the connection is still alive, reconnecting if neccesary.19:00
=== Ursinha is now known as Ursinha-afk
Valduareandol: hmm19:21
Valduarefollowing this guide19:21
Valduarehaving trouble19:23
=== Ursinha-afk is now known as Ursinha
Saur0_hi can anyone help me set up lvm with 4 tb disks?19:32
patdk-wkis there no way to know the current users home directory in apparmor?19:42
sarnoldpatdk-wk: none, sorry19:42
sarnoldpatdk-wk: if you use the 'owner' rule with the @{HOME} variable, you can at least confine them to scribbling over their own files..19:42
patdk-wkno that doesn't work19:42
patdk-wkpeople keep setting things owned by the www-data group19:42
patdk-wkthen other users are screwing with them19:43
patdk-wkfigured if I could use apparmor to rmeove access to other home folders, solved19:43
sarnoldpatdk-wk: 'owner' wouldn't allow them to screw with each other via the www-data group owner, they really would need to be the -owner-19:44
patdk-wkfor some reason the users think www-data needs write access19:45
sarnoldpatdk-wk: i really do think something like "profile user_shell { owner @{HOME}/ rw, owner @{HOME}/**/ rw, owner @{HOME}/** rw, } would go a long way towards knocking off that kind of crap :)19:47
patdk-wkwhat does that owner flag do?19:48
patdk-wkhaven't see nthat in my reading19:48
patdk-wkah, ya, that should do it19:48
jjohansenpatdk-wk: it only permits access to files who oid == the tasks fsuid19:48
patdk-wknow, hmm, I wonder what shell I run these users as :)19:49
patdk-wkhow does the matching work?19:50
patdk-wkfirst to match? last to match?19:50
sarnoldpatdk-wk: depends; for 'x' rules, that's a most-specific-rule-wins; the other rules in a policy accumulate19:51
sarnoldpatdk-wk: if you want your users to get a confined shell on login but don't want to confine /bin/bash (you don't :) -- check this out: http://wiki.apparmor.net/index.php/Pam_apparmor_example19:52
patdk-wkok, just wondering how to add in a /home/shared folder19:52
sarnoldpatdk-wk: that'd be something like "/home/shared/ r, /home/shared/** rw,"  -- just leave off the 'owner' qualifier19:52
patdk-wkbut then how will that interact with the owner /home/**/ rw,19:53
patdk-wkthat is what I'm wondering19:53
sarnoldpatdk-wk: it should Just Work; the 'owner' rules will grant some accesses, the /home/shared/** rule will grant other accesses, and the union of all the rules should work out just as you expect19:55
raj__within bash script I use "for file in /xx/* " to refer to all files within /xx but to refer to all files within "xx" as well its subfolders in the for statement, what can I use ?20:01
sarnoldraj__: check out the 'globstar' entry in bash(1) -- I think that enables the ** feature from zfs20:02
sarnolderr, not zfs, zsh20:02
sarnoldstupid brain :)20:02
larsemili am running ubuntu on several servers. I mount an nfs share to different servers. It works fine on all except 2 servers. On the host i get: [ 1706.286305] lockd: server mail not responding, timed out20:22
larsemilfor that and the other server.20:23
larsemilany takes?20:23
raj__sarnold: thanks sarnold, that worked out!20:23
raj__sarnold: could I probably filter all files  to  "   .xyz" files within folder & subsequent subfolders ?20:25
patdk-wksarnold, almost works20:27
patdk-wkI have it so users can't read other users folders at all20:28
patdk-wkbut they can still write to them :(20:28
coreycbzul, jamespage: can you take a look when you get a chance?  https://code.launchpad.net/~corey.bryant/ubuntu/trusty/python-boto/jenkins-2014-02-26/+merge/21272220:43
jamespagecoreycb, what's the rationale for dropping the assertion in the unit test?20:47
coreycbjamespage, that assertion was failing20:48
jamespagecoreycb, do we know why?20:48
coreycbjamespage, not exactly...20:48
dragooniscurl https://monitoring.api.rackspacecloud.com/pki/agent/linux.asc | sudo apt-key add -21:02
dragoonisThe program 'curl' is currently not installed.  You can install it by typing:21:02
dragoonisapt-get install curl21:02
dragoonisE: Package 'curl' has no installation candidate21:03
dragoonisHelp ?21:03
Valduarehi guys21:24
Valduareanyone here know how autossh works21:24
coreycbjamespage, it looks to me like the assertion should be testing for True, if I understand MagicMock correctly21:28
=== beisner is now known as beisner-afk
sarnoldraj__: probably /foo/**.zyx21:29
sarnoldpatdk-wk: hrm; can you pastebin your profile? I'll give it a look21:29
=== beisner-afk is now known as beisner
patdk-wkwell, it is fixed21:32
patdk-wkexcept if a user knows the exact path they have permissions to write to21:33
patdk-wkit's probably, good enough21:35
patdk-wkjust not perfect21:35
sarnoldpatdk-wk: nice :)21:38
=== YamakasY_ is now known as YamakasY

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!