/srv/irclogs.ubuntu.com/2014/04/15/#ubuntu-server.txt

sarnoldRunemoro: 'whois rebornlegend.tk' both on my machine and at geektools.com/whois.php doesn't return any NS information.00:01
sarnoldoh jeeze. no. I can't read.00:01
Runemorosarnold, that's unusual...00:01
sarnoldRunemoro: sorry, it just isn't in the format I expected and apparently I can't read :)00:02
RunemoroThis is what I get: http://pastebin.com/WrBqpLyF00:02
sarnoldRunemoro: how healthy is REBORNLEGEND.NO-IP.ORG? I can't ping it, I can't query it for dns00:04
Runemorosarnold: I can, here's what I get: http://pastebin.com/B5iN5zMJ00:05
sarnoldRunemoro: when I traceroute to your IP, here's the last machine to respond to pings 199.127.224.6800:07
sarnolds/to pings//00:07
Runemorosarnold, For me it gets to the end (199.127.226.65)00:08
Runemorosarnold, Could it be because the reverse DNS isn't set up correctly?00:10
sarnoldRunemoro: probably not broken reverse dns.. I just can't communicate with your dns server. if you have a webserver on that machine, downforeveryoneorjustme.com also can't get there: http://www.downforeveryoneorjustme.com/rebornlegend.tk00:12
__dan__hi there guys, anyone got any info on the status of btrfs / zfs on linux with the upcoming 14.04 release?00:12
__dan__i'm thinking of replacing a freebsd box and robust filesystem is very important, i'm a big fan of zfs00:13
Runemorosarnold, Yes, I do have a webserver, and it's not working because the DNS request isn't completing...00:14
sarnold__dan__: you may do better in #zfsonlinux -- I haven't heard any 14.04 specific reports yet, but it feels like users who try to use zfs for root and /boot wind up fighting things, but just using it for a storage pool works well enough.00:16
__dan__cool sarnold thanks for the info :)00:16
sarnoldRunemoro: any chance you can talk with the administrators of 199.127.224.68 and ask why traceroute doesn't get any further than their router?00:16
sarnoldRunemoro: http://paste.ubuntu.com/7252676/00:17
Patrickdkcause icmp is evil00:17
sarnoldPatrickdk: we hates it nassty nassty packets00:17
Patrickdkwait, your attempting to run a dns server at home?00:19
Patrickdklikely, like smtp, and everything else, it's blocked00:19
Patrickdkdon't do that00:19
Runemorosarnold, I'm able to connect to my webserver by connecting to the IP directly. Just traceroute doesn't work00:19
RunemoroPatrickdk, no, It's on a VPS00:19
sarnoldRunemoro: oh crazy. http to the ip works fine.00:19
Patrickdkya, dns is not working00:20
vonsyd0wfirewall?00:20
sarnoldnor is icmp. sigh. stupid broken providers...00:20
Runemoroiptables maybe?00:20
sarnoldRunemoro: do you need to fiddle with security groups on the thing to open up udp and tcp 53 and icmp?00:20
Runemorosarnold, I don't understand the question...00:21
RunemoroI'm clearing all iptables rules right now to see if it works00:21
sarnoldRunemoro: AWS has a pile of 'security groups' -- you need to ask them to open up ports to specific IP ranges, etc00:21
sarnoldRunemoro: I'm wondering if your VPS provider has something similar, a firewall that is enforced separate from your host-based firewall00:22
Runemorosarnold, No, I used the iptables command to set them up00:22
=== justizin_ is now known as justizin
Runemorosarnold, after I've run "iptables --flush", traceroute is working00:23
RunemoroAND DNS TOO! :D YAY!00:23
sarnoldwoo :)00:23
sarnoldRunemoro: both wfm :) nice00:24
RunemoroThank you for your help :D00:25
sarnoldI'm glad you got it :) have fun00:25
pmatulishow do i prevent a kernel from being upgraded?  all the tricks i found via google do not work00:54
sarnoldpmatulis: dpkg 'hold' too?00:55
kirklandhmm, what's wrong with this squid line?00:56
kirklandFATAL: Bungled /etc/squid3/squid.conf line 1056: http_access allow localnet00:56
kirklandthat's exactly how it's written in the inline comments...00:56
kirklandhttp_access allow localnet00:56
pmatulissarnold: i've tried 'echo linux-image-3.2.0-56-generic hold | sudo dpkg --set-selections'00:56
kirklandlifeless: ^ any ideas?00:56
sarnoldpmatulis: oh, nuts. that was my best shot.00:57
sarnoldkirkland: does the previous line look sane? is there a localnet acl defined?00:58
kirklandsarnold: that was it, thanks01:00
sarnoldwoo :)01:00
DavidBorgInstalling Ubuntu 13.10 Server and getting "Continue without a default route" error.01:06
DavidBorgCan someone tell me how to proceed?  I am not clear on what a "default route" is.01:06
pmatulisDavidBorg: it's the default gateway.  where packets are sent in the absence of a specific routing rule01:07
DavidBorgI'm using internet sharing with my Mac01:07
DavidBorgDon't have an ethernet cable long enough right now.01:08
DavidBorgShould I manually input default route?01:08
DavidBorgpmatulis thanks!01:08
mwhudsonum01:08
mwhudsonsounds like there's something funny about your network01:08
DavidBorgYes, clearl.y01:08
DavidBorg:)01:08
DavidBorgShould I just let it go without a default route so I can get the install going?01:09
DavidBorgWill this be something I will regret not fixing now?01:09
mwhudsonso you have (internet)<-(wifi)->mac<-(cable)->server you are installing?01:09
mwhudsoni dunno, if the server is going to be in a different network when you're really using it i guess you don't need to fix it now...01:10
DavidBorgYea, it's just a stupid hack due to a cable shortage01:11
DavidBorgIt's for a simple minecraft box01:11
DavidBorgNothing too high-tech01:11
sarnoldDavidBorg: do you have a keyboard and monitor that you can hook up to it when you -do- move it?01:11
DavidBorgNo real need for security.01:11
DavidBorgYes01:11
sarnoldwoo :)01:11
DavidBorgIt's setup on a KVM01:11
sarnoldDavidBorg: good good. when the time comes, check out /etc/network/interfaces and configure it as needed01:12
DavidBorgKK, partitioning now.  :)01:17
DavidBorgI hope I don't regret configuring it like this.01:17
sarnoldDavidBorg: fixing networking parameters is easy enough as long as you can actually get a shell prompt :) hehe01:18
=== peter is now known as Guest33665
DavidBorgI am using 13.10 and want to autoconfig the eth0 network settings.01:45
DavidBorgHow do I do this?01:45
pmatulissarnold: fyi, http://paste.ubuntu.com/7252966/01:46
vonsyd0wDavidBorg, you mean obtain an IP via DHCP instead of setting it static?01:48
DavidBorgYes01:48
DavidBorgI believe that is what I need to do01:48
DavidBorgI'm on a rather odd ad hoc network that is a shared connection with a Mac.01:49
DavidBorgWIFI -> MacBook Pro -> Ethernet Port -> Unmanaged Switch -> Ubuntu Server01:49
vonsyd0wDavidBorg, https://help.ubuntu.com/12.04/serverguide/network-configuration.html walks you through both static and DCHP01:50
sarnoldDavidBorg: the interfaces(5) manpage is a bit verbose, but something like "iface eth0 inet dhcp" would be a good start01:50
DavidBorgYes, I am novice with the CLI01:50
sarnoldpmatulis: ah! cool :) thanks01:51
DavidBorgvonsyd0w, this is the solutions, it seems - "To configure your server to use DHCP for dynamic address assignment, add the dhcp method to the inet address family statement for the appropriate interface in the file /etc/network/interfaces. The example below assumes you are configuring your first Ethernet interface identified as eth0."01:51
sarnoldvonsyd0w: nice, that's a lot easier to read than interfaces(5) :)01:51
DavidBorgHow do I "add the dhcp method" to the inet address family statment?01:52
vonsyd0wDavidBorg, do you know how to use nano or any CLI text editor?01:52
vonsyd0wyou want to open /etc/network/interfaces and edit it as stated in the web link i provided. You're at the right section of that web page01:53
DavidBorgWhat do I edit?  How do I edit it?01:54
sarnoldsudo nano /etc/network/interfaces01:54
DavidBorgI went to interfaces.d01:54
sarnoldignore interfaces.d, that directory is to make tool-based network interface management easier, or help configure systems with many network interfaces01:55
DavidBorgI am in the nano editor now, and it looks to already be configured for auto DHCP01:56
DavidBorgI can't ping google.com01:56
sarnoldDavidBorg: so, if you run 'ifup eth0' or 'ifdown eth0', does the right thing appear to happen?01:58
DavidBorgsarnold, when I type ifup, I get "failed to open lockfile"01:59
sarnoldDavidBorg: try again with 'sudo'02:00
vonsyd0wyou need to be root, so use sudo02:00
sarnold(sorry I left it out, there's a certain number of commands that require administrative privileges to run, and I forget that not everyone knows which ones those are..)02:00
DavidBorgeth1 already configured02:01
DavidBorg"ignoring unknown interfae eth002:01
sarnoldDavidBorg: okay, how about ifconfig -a ? does that show that you've got a reasonable-looking IP address and netmask?02:02
DavidBorgsarnold, I'm trying the alternate port02:02
DavidBorgPerhaps I'm mixing them up02:02
DavidBorgugh, nothing still02:03
vonsyd0wDavidBorg, deep breaths :)02:05
DavidBorgShould I reboot the server now that I've flip flopped the ethernet ports?02:06
DavidBorgI think I may have had it plugged into the wrong port, and now it is working - however, it isn't giving me any IP address, only IPv602:06
sarnoldDavidBorg: run ifup for the interface you just moved to02:06
DavidBorgAlready configured02:06
sarnoldDavidBorg: I hate rebooting as a debugging method, but that might be the easier approach to take to get your NICs into an expected state. probably both are running dhclient or similar at this point, and only one of them -should- have an address, etc. a reboot is a quick way to tear it all down again and bring it allback up...02:07
lifelesskirkland: 3.2 IIRC adds more builtin acls, so you can't redefine them03:14
kirklandlifeless: thanks03:15
lifelesskirkland: see squid.conf.default which will have different comments around there ;)03:21
=== dv81 is now known as dv812
guzzlefryhello05:06
guzzlefryI just upgraded openssl, and I'm getting this: Server should be SSL-aware but has no certificate configured05:06
guzzlefry^ when trying to restart apache. :/05:06
guzzlefryanyone?05:07
dv81                   | thelamest thomi three18ti thumax        │ bekks          │                   | tom[] TREllis trevorj Tribaal tsimpson ttx TWWOC txomon|home tych0 tyhicks Tzunamii ubottu ubuntulog ulkesh Underbyte   │ bekks05:36
dv81omg05:36
dv81sry :(05:36
=== RaptorJesus_ is now known as RaptorJesus
=== dv81 is now known as wo0f
=== wo0f is now known as dv81
=== dv81 is now known as teaj
=== teaj is now known as wo0f
i5150pchello, how long does it take for Ubuntu Server to complete the boot process?09:03
sheptard your question is awfully subjective09:04
i5150pcI don't see it on my network09:04
sheptardthen go check the console09:05
i5150pcHow can I do that if the signal coming out of the machine is out of my monitor's range?09:06
hxmhi in the webdav server what are the correct permissions?09:07
i5150pcoh and I cannot ssh to it09:08
i5150pcRephrase: How may I access the console if it doesn't respond to crtl + alt + f109:15
i5150pc?09:15
sheptardis the computer on?09:20
=== a1berto_ is now known as a1berto
i5150pcsheptard: I hear it humming09:25
bekksi5150pc: boot into rescue mode, and/or use nomodeset kernel parameter09:47
=== a1berto_ is now known as a1berto
hxmi have a webdav, I can see the list of files but not its content09:59
hxmowner of files is www-data09:59
hxmwhat I do wrong?09:59
hxmthis is what I get Mac-mini-de-hXm:webapp hxm$ cat header.php10:01
hxmcat: header.php: Interrupted system call10:01
bekkshxm: that indicates a proboem which has nothing to do with the owner.10:12
bekks*problem10:13
RoyKhxm: interrupted system call?10:18
RoyKcheck dmesg10:18
hxmwhat can be? Sandbox: webdavfs_agent(487) deny mach-lookup com.apple.networkd10:18
Guestwhohi guys how do i set up ssh auth sock in ubuntu 13.10?10:33
bekksWhats "ssh auth sock"?10:33
Guestwhossh_auth_sock environment varible i need it so when i am using filezilla my cloud server ip will use it.10:34
Guestwhonormally you can add i to filezilla but filezilla wants the format to be in ppk which is the puttykeygen ptivate key format.  but i generated my private key using ssh key-gen so its not in a .ppk filde type10:35
bekksWhy do you need to set that var at all?10:36
bekksAnd a ppk file is a putty private key, not a socket.10:36
Guestwhobekks i never said it was a socket.10:38
Guestwhoi need it to use the private key to connect to my cloud server10:38
Guestwhofilezilla ONLY access .ppk file type which is generated by putty key gen10:38
Guestwhothe alternative is to set up a ssh_auth_sock variable10:39
bekksGuestwho: filezilla accesses all valid keyfiles, no matter wether generated by putty or not.10:39
Guestwhobekks go to "Edit"-> settings and click on SFTP. try adding on of your private key file that doesnt end with .ppk and see what happens10:40
bekksThe file extension is irrelevant. It doesnt tell you anything about the content.10:41
Guestwhoit will say  is not in a format supported by filezilla10:41
bekksYou can use any key generated from whatever as long as you name it .ppk - so filezilla checks the file extension, not the content.10:42
Guestwhoif you have a passprase it will also say protected keyfiles are not supported by filezilla yet10:42
Guestwhobekks thanks10:47
hxmSegmentation fault occurred at 00000021000025ae in /usr/lib/apache2/mpm-prefork/apache2[apache2:9646] uid/euid:33/33 gid/egid:33/33, parent /usr/lib/apache2/mpm-prefork/apache2[apache2:18982] uid/euid:0/0 gid/egid:0/010:59
hxmthis ocurrs when I try to reach the content of a file trought a webdav10:59
wellyHello all - repeating the same question I put to #ubuntu:11:14
wellyRunning an ubuntu 12.04 development server on our network. I'm finding network activity just a little bit laggy/slow compared with other machines on our network. Not really sure why this might be. It's wired directly rather than using wifi. Is there anything I can do to test or check what might be causing this lag?11:14
wellySpecifically, when I do a git pull or push on the dev server to bitbucket, it's not that responsive whereas when I run the same git pull/push on my mac which is on the same network, it responds pretty much immediately11:15
ikoniahave you benchmarked your network performance in general on the ubuntu host11:16
ikoniaor just using those commands11:16
wellyikonia, no just those commands. Haven't done any benchmarking. I'm hoping someone might be able to suggest how11:16
ikoniawelly: a basic test is to just use the server to do some basic things, such as downloads, domain look ups etc etc, see how each responds11:17
ikoniathe most common things you describe is poor name server response11:18
wellyyeah.. that would make sense. I wonder if the name server settings are incorrect11:19
ikoniawho said they are incorrect11:19
ikoniahave you checked them ?11:19
ikoniatest them11:19
wellyi shall do this11:19
wellyikonia, ok looks like the nameservers in resolveconf.d/base were incorrect or at least there was an additional nameserver was isn't a nameserver. it feels a little more "snappy"11:26
vegntis there an easy way in ubuntu to do link aggregation of two internet connections?11:30
Patrickdkdefine easy?11:31
Patrickdkoh, no11:31
Patrickdkyou can't link aggregation of internet11:31
Patrickdkunless, you are using the same ip address on both internet connections11:32
vegntPatrickdk, i might be reading the wiki article incorrectly but here's a snippet "In addition there is a basic layer-3 aggregation (available at least from Windows XP SP3),[12] that allows servers with multiple IP interfaces on the same network to perform load balancing, and home users, with more than 1 internet connection, to increase connection speed by sharing the load on all interfaces."11:46
vegnthttp://en.wikipedia.org/wiki/Link_aggregation#Microsoft_Windows11:46
vegntthis obviously for windows, but if it's doable in win, should be doable in ubuntu11:47
Patrickdkit's not that simple11:48
Patrickdkmost websites don't like it when you login from multible ip addresses11:48
Patrickdkand that is not link aggregation11:49
Patrickdkthat is multi-homed nat11:49
trijntjeHi all, i need to run a simple server on the internet to serve 2-10 MB files to users, what program should I use?11:52
zApache.11:52
trijntjez thanks, ill check it oiut11:57
=== a1berto_ is now known as a1berto
vegntPatrickdk, what about failover - use the first connection and it stops working, start using the second one12:02
zvegnt: I think you're confusing link *aggregation* which is a L2 concept, with L3 load balancing.12:06
zvegnt: most L2 aggregation is done using L2/L3 hashing but at least in the case of 802.3ad both devices (on each end) must support it, and Linux's balance-alb or balance-tlb doesn't really work in a Dual WAN situation12:07
zvegnt: you *could* do it on a session-based basis so each flow goes out either Link A or out of Link B12:08
zbut each WAN address is likely to be different so you have a masquerading (NAT) issue, and if the link properties (latency, throughput) aren't close/identical you may end up with a sucky user experience in active/active and want to do active/passive instead.12:09
ztl;dr - its entirely possible, it requires quite a lot of work, you could just look at pfSense or buy a box (i.e. a Firebrick) which does it for you12:10
maveasFor some weird reason my server hasn't been logging to kern.log, syslog and messages since last monday. Anyone experienced this?12:28
mardraummaveas: no.12:33
mardraumeveryone's syslog didn't just break on the same day. You need to investigate what is wrong with yours.12:34
vegntz, pfSense is something i stumbled upon - i might give it a try12:38
zuljamespage:  this is going to be fun cinder rc3 is out12:42
jamespagezul, \o/12:45
maveasOwnership of the mentioned logs had been changed.. very weird.12:47
zuljamespage:  i just pushed cinder rc3 i dont expect to see any more rc from now until thursday13:04
jamespagezul, excellent13:04
zulsmb: awesome changelog for xen ;)13:06
smbzul, Glad to be of entertainment value :)13:06
zuljamespage:  libvirt im going to leave as is in the CA since yesterday's change is going to break on precise13:07
jamespagezul, it needs to be synced again - otherwise first security update has todo it13:08
jamespageeven if its just to revert that change ontop of our existing delta13:08
zuljamespage:  ok13:10
iri-Hi Folks, I'm having some trouble updating the kernel on my AWS instances, because update-grub-legacy-ec2 refuses to update /boot/grub/menu.lst, even though it finds the newer kernels.13:20
iri-`debconf-get-selections | grep grub-l`  gives `grub-legacy-ec2    grub/update_grub_changeprompt_threeway          select    install_new` which I interpret as "use the new configuration"13:20
iri-I've also tried setting UCF_FORCE_CONFFNEW=1 when running update-grub-legacy-ec2, with no luck.13:20
iri-Finally, I've tried e-mailing the cloud-init maintainer to ask for directions from here, but I've had no luck13:20
rbasakiri-: can you reproduce this on a fresh EC2 instance?13:21
iri-rbasak: I've spun up new instances and encountered the problem, yes, it has been going on for some time and it happens reliably to all of my instances.13:22
iri-rbasak: I havevn't spun up an instance for the purpose of *just* checking this though13:22
rbasakiri-: if you can figure out a way that somebody else can independently reproduce the problem, then you can file a bug against cloud-init13:23
rbasak(well, you can anyway, but that probably won't help much)13:23
iri-rbasak: trying now. In any case I need some pointers for backing out of this trouble if possible13:24
rbasaksmoser: so http://pastebin.ubuntu.com/7255270/ is what I had to do just now to get cloud instances started with automatic updates. How do you feel about adding a boolean flag that achieves this?13:25
iri-since I need to upgrade the machines I have now13:25
rbasakiri-: I can only suggest stepping through the code. Or trying to reproduce on a fresh instance to get to a root cause, which could result in pointers.13:25
smoserrbasak, why the runcmd ?13:25
smoseri dont have an issue with a toggle that accomplishes that13:26
rbasaksmoser: unattended-upgrades is seeded via software-properties-common13:26
rbasaksmoser: thus it's already there, so needs a reconfigure13:26
iri-rbasak: we've tried stepping through the code, it's a debconf thing, and it is very non-intuitive. It seems that debconf or UCF decide not to update the file, but we couldnt' find a root cause13:26
iri-*very* strangely, if you interrupt update-grub-legacy-ec2, then it updates the file.13:26
rbasakiri-: works for me, so it's pretty hard to guess what your issue might be.13:27
smoserrbasak, ah.13:28
smoserisnt that then an example of 'debconf-as-a-registry' bug ?13:28
iri-rbasak: what works? When I run update-grub-legacy-ec2, it *looks* like it is working, it lists all of the kernels, correctly, but then it doesn't actually update /boot/grub/menu.lst13:28
iri-I'm just trying on a fresh instance now.13:28
rbasakiri-: I just ran update-grub-legacy-ec2, and my /boot/grub/menu.lst was updated.13:29
rbasakAt least it said it updated it and it had a current timestamp afterwards.13:29
iri-rbasak: aha! It *SAYS* it does, I actually get output that looks like it is doing so, and it updates the timestamp, but the contents are unchanged13:29
iri-I see "Updating /boot/grub/menu.lst ... done" and everything13:29
rbasaksmoser: a bug? debconf is working as designed here I think. debconf-set-selections isn't supposed to reconfigure packages if they're already installed.13:30
iri-rbasak: and unsurprisingly, I can't reproduce on a fresh instance. But I have a suspicion as to what might be happening, perhaps.13:30
rbasakiri-: then it sounds like it's enumerating the kernels wrong or soething?13:30
iri-rbasak, no, because when it lists the kernels the list is correct13:30
rbasakOr have you modified it?13:30
iri-I haven't modified /boot/grub/menu.lst13:30
iri-However, when I first ran "apt-get dist-upgrade" on the machine I did so from salt, i,e, not from a terminal13:31
iri-and since I just ran apt-get dist-upgrade from a terminal on this new one, it asked me what I wanted to do about the file, the default was to keep the package maintainer's version13:31
shafoxHi, I have this use case. server1 has php application running under apache, and server2 has nginx for front-end app, What I want to do is from front-end it sends a request i.e. server2 to server1 to create a virtualhost in server2, for the virtualhost part i have a bash script file that will create the vhost, so my question is how do i connect to server2 from server1 i.e.(the flow is server2 sends post request to server1 with subdomain name, server113:31
shafoxparses it and runs the bash script that is located in server2 and gets response and sends the response back to the server2 ?13:31
smoserrbasak, it is an example of using debconf as a registry13:33
rbasakshafox: this is the the sort of problem that juju solves really well13:33
smoseri think13:33
shafoxrbasak, we are not using juju, but if you can tell me how to do it with ssh or any other way that would be great.13:34
rbasaksmoser: I don't see how. To change the answer to any question asked with debconf, you always have to run debconf-set-selections and then dpkg-reconfigure.13:35
rbasakThat's how it's supposed to work.13:35
smoserbut you're not supposed to store data in debconf.13:36
rbasaksmoser: an alternative would be to write out /etc/apt/apt.conf.d/20unattended-upgrades by hand.13:36
smoserchanging the file is "the right way" to do it.13:36
rbasaksmoser: I'm not storing data. I'm *setting* the answer to the question "yes, automatic updates please".13:36
smoserbecause as it is right now, if the user changes that file, and then dpkg-reconfigure gets run, it will destroy the data they wrote there.13:36
rbasakIf it did that, then *that* would be a bug.13:37
smoserwell, it clearly is.13:37
smoserhow else could it work ?13:37
smoseryou're giving it a value, and running dpkg-reconfigure13:37
rbasakucf conffile handling? I hope that's what it's doing.13:37
smoserand its going to write that value into that file.13:37
rbasakVia ucf I hope.13:37
smoseri dont think ucf changes anything.13:37
smoseryou now have 2 places where a user can  set the value.13:38
rbasakIndeed, it's via ucf.13:38
smoserpreseed or file.13:38
rbasakIf the user sets the file by hand, the postinst won't touch it, thanks to ucf.13:38
rbasakdebconf is helping with just the packaging *preference*.13:38
rbasakThe user is still king in /etc/13:39
rbasakTHe rigiht way to set the default is via packaging preference, via debconf via ucf.13:39
rbasakThen the user won't be told that he changed the file on upgrade.13:39
rbasakIt will just remember his debconf preference.13:39
smoserok. i think you've convinced me.13:40
rbasak:)13:40
smoserany idea why i'd see this;13:40
smoserhttps://launchpadlibrarian.net/172834901/buildlog_ubuntu-precise-amd64.subunit_0.0.18-0ubuntu7%7Ectools0_FAILEDTOBUILD.txt.gz13:40
rbasakIs --shebang a new dh_python3 thing in >precise?13:41
smoserah.i htink i know.13:41
smosersubunit doesn't build-depend on dh_python313:41
smoserso the newer version (which is available there) doesn't get installed13:42
smoserbut must already be in the build root13:42
rbasakLooks like --shebang is new13:42
iri-rbasak: that advise was relevant to me, too. I did debconf-set-selections and dpkg-reconfigure, but it really seems that /boot/grub/menu.lst isn't being updated because ucf or debconf doesn't feel like it13:43
iri-so how can I diagnose problems with debconf or ucf?13:43
rbasakiri-: it sounds like your debconf might have remembered that you "said no" to updating the file, because that was the default.13:43
rbasakiri-: install debconf-utils, then run "dpkg-get-selections", and see if you can spot the relevant answer there.13:44
iri-rbasak, but I've set it in the debconf-set-selections..13:44
rbasakiri-: if that's the case, then you can override it with debconf-set-selections13:44
smoserhm.. no that doens't make sense.13:44
iri-rbasak: that was the first thing I pasted when I arrived13:44
iri-grub-legacy-ec2grub/update_grub_changeprompt_threewayselectinstall_new13:44
smoserrbasak, i have trusty-level dh-python in that archive.13:44
iri-so I've chosen install_new, and it seems to be ignoring me13:44
rbasakiri-: do you get a prompt if you set DEBIAN_PRIORITY=low13:45
rbasak?13:45
rbasaksmoser: I'm a little confused that I don't see a dh-python build-dep in trusty13:48
rbasaksmoser: that looks broken to me. Try adding one?13:50
smoserrbasak, yeah, thats what i'm doing.13:50
smoseri think thats the bug.13:50
smoserits just inside build roots13:51
rbasakI agree.13:51
iri-rbasak, and then say dpkg-reconfigure, or update-grub-legacy-ec2?13:51
rbasakiri-: update... I think13:51
rbasakAssuming that's what prompted you the first time?13:51
rbasak(that you didn't see)13:51
jamespagesmb, nice changelog comment btw13:54
iri-rbasak, no prompt13:54
smbjamespage, ta. :)13:54
zuljamespage:  ok libvirt/xen uploaded13:55
zulsmb/hallyn: no more please ;)13:55
hallynhm?13:55
zulhallyn:  no more libvirt changes ;)13:56
smbzul, Oh and I wanted to do another libvirt just for fun. :-P13:56
smbjust kidding13:56
zulsmb:  nooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo13:56
iri-rbasak: is there any other way to get dpkg-reconfigure to re-ask questions?14:05
iri-I can't get it nor update-grub-legacy-ec2 to ask.14:06
shafoxrbasak, can I do it with ssh ?14:06
iri-rbasak: on my fresh machine, I just edited the grub configuration and now update-grub-legacy-ec2 refuses to update it14:07
rbasakiri-: I don't know, sorry. There is a "seen" flag associated with each question you should be able to reset.14:08
rbasakiri-: but I don't see why setting what you need with debconf-set-selections doesn't change behaviour.14:09
iri-rbasak: any idea where I can find the "seen" fflag?14:20
erictr1ckone of my servers seems to be the target of an attack. in my access logs there are tons of requests for various ad networks, including ads.yahoo.com, ads.mediafem.com, ads.sonital.com, and many others. i was able to stop the attack by tightening up my firewall rules. however, im not too sure how or why this could have been happening. any suggestions on where i should start looking to try and figure this out?14:24
patdk-wknot without seeing the entries in your access log14:26
iri-ah, found it, it's in /var/cache/debconf/config.dat14:28
rbasakiri-: that's exactly what debconf-get-selections and debconf-set-selections manipulate by default, AFAIK14:28
iri-removing it didn't cause me to me reprompted14:28
iri-(the Flags: seen line)14:29
erictr1ckpatdk-wk: an example one from ip address 142.91.245.140 "GET http://pm.5188bh.com/header53621.php HTTP/1.0" 301 462 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"14:29
erictr1ckthe ip addresses are from the most part different as well14:29
=== benrodrigue is now known as brod
patdk-wkerictr1ck, that is a proxy request14:31
patdk-wkdo you have proxy enabled? cause you shouldn't14:31
erictr1ckpatdk-wk: it doesnt look like the apache proxy mod is enabled. but they still must be proxy requests14:34
caribousmoser: I see that you're chairing today's meeting.14:35
caribousmoser: just wanted to let you know that I will not be able to attend, nothing particular to bring up14:35
patdk-wkerictr1ck, what ip is the server at?14:36
erictr1ckpatdk-wk: it is at 184.106.91.248. but it is behind a load balancer and to block the requests, i now only allow requests from the load balancer14:37
patdk-wkah14:38
patdk-wkthe lb ip then?14:38
patdk-wkor did doing that stop it all?14:38
erictr1ckdoing that stopped it, they were hitting that one server directly14:39
erictr1ckthe load balancer is at 198.61.151.1014:39
patdk-wkthe lb is doing strange things to it14:40
erictr1ckpatdk-wk: how so?14:40
patdk-wkit's not really fixing it, it's just they haven't noticed they need to use your lb instead of direct14:40
patdk-wkthe good thing is, yes, your protected, and not doing someting stupid14:41
patdk-wkand there isn't much you can do about it, people will always request junk14:41
patdk-wkyou could setup a rewritecond to match those url's, like anything starting with http, and return a 403 if you want14:42
patdk-wkthis url might help you, https://wiki.apache.org/httpd/ProxyAbuse14:42
patdk-wkbut it's not a security issue, just random internet junk14:42
erictr1ckpatdk-wk: i see, thanks for the help. i'll have to dig deep and see why it is accepting proxy requests. it doesnt look like mod_proxy is enabled.14:44
patdk-wkit's not accepting them14:45
patdk-wkit's just receiving them14:45
patdk-wkand following the rules you setup14:45
patdk-wkbut your currently rules don't notice a proxy request, so it's just making a mess of it :)14:46
erictr1cki see....14:46
DavidBorgHow do I disable the encryption pass phrase on boot?  It is causing the system to halt prior to booting, and I really regret setting it up that way.14:47
DavidBorgCan someone help me with removing the passphrase for encryption on boot?14:52
DavidBorgI love you all.14:56
DavidBorgAnyone here?15:01
lordievaderDavidBorg: Jup, many. But most idle.15:01
lordievaderAlso see !patience.15:02
lordievader!patience15:02
ubottuDon't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/15:02
DavidBorgDon't ask for help too frequently in an idle chatroom.  The lurkers may get upset.  LOL15:03
patdk-wkhmm, 2 days before the world ends15:14
zuljamespage:  im running the stable/havana triggers fyi15:18
jamespagezul, oh good15:18
jamespagezul, glance is still not accepted btw15:18
zuljamespage:  crappers15:19
jamespagezul, did you see taskflow update is blocked in proposed in trusty?15:32
zuljamespage:  no15:32
zulim on it15:32
smosercaribou, thanks for the heads up.15:34
jamespagezul, promoting wahts in staging havana -> proposed now15:35
zuljamespage:  ack15:36
jamespagezul, was there a keystone release btw?15:36
zuljamespage:  for keystone?15:36
zulsorry for havana?15:36
zuljamespage:  yes for havana15:36
jamespagezul, its not in any queues15:36
zuljamespage:  lemme check15:37
zuli uploaded it15:38
=== Havenstance2 is now known as Haven|Work
zulcoreycb: can you check to see if you got a reject message for keystone?15:38
zulcoreycb: keystone-2013.2.3-0ubuntu115:38
coreycbzul, no, I didn't15:38
zulalright lemme re-upload this then15:40
zuljamespage:  re-uploaded it...i could have swore i uploaded it though15:41
jamespagezul, lolz15:41
jamespagezul, it was not rejected so must be a wetcode error15:42
zuljamespage:  black hole15:42
jamespagezul: "dput /dev/null keystone_...._source.changes"15:43
coreycbjamespage, zul: btw I don't think I get reject messages.  likely b/c I don't push?15:43
jamespagethat works in no way I can imagine15:43
jamespagecoreycb, as the changer you should have15:43
jamespagecoreycb, did you get a pending approval message?15:43
zuljamespage:  its like that disney movie15:43
coreycbjamespage, I get messages for merge approved/denied and things like that15:45
DavidBorgHow do I force dependencies to be downloaded and installed when running apt-get install?15:56
DavidBorgI'm trying to get apt-get install php*15:57
DavidBorgDependencies are causing it to error out.15:57
pmatulislooks like we'll be stuck with ancient openldap software for another 5 years...16:30
=== lutostag is now known as lutostag-away
jamespagezul, cinder and swift in16:53
jamespagestill waiting on neutron16:54
zuljamespage:  i saw16:54
zuljamespage:  taskflow fixed just doing one more test18:32
esdeFresh install of ubuntu server 13.10 on both boxes. Both boxes appear to be running fine, and doing their jobs well. However, I noticed whoopsie in htop on both boxes. When I end the whoopsie process, these entries keep showing up in syslog "GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.NetworkManager was not provided by any .service files". Any idea how I can track down what's crashing???18:40
tonyyarussoI have a bit of a security dilemma.  I have a VPS that I'd like to use encrypted disks for, encrypting /home, /tmp, /var/lib, /var/log, swap, and certain portions of /etc.  (Not /boot or the whole /)  The problem is the console access is through VNC, so during boot I'd have to enter the encryption passphrase over an unsecured VNC session.  How might I be able to boot a minimal system that would be enough for me to make an SSH ...19:25
tonyyarusso... connection and then mount the encrypted containers from there?19:25
bekkstonyyarusso: a) as long as someone has access to the physical host of the vps, he/she has full access to you vps b) encryption doesnt change a), c) not encrypting the whole system is fairly nonsense in terms of d) security by obscurity, which encryption of a vps basically is.19:28
tonyyarussobekks: Well, the tinfoil-hatted thinking is if something came up such that I suspected the data was going to be targeted, I could shut the system down, and the encryption would kick in at that time.  I'm aware that it's useless while booted up.19:33
sarnoldperhaps your vps image would be snapshotted while it is running, keeping the key nice and legible in memory?19:34
sarnoldI'd spend some more time thinking about what problems you're trying to solve -- who are your adversaries, what mechanisms do they have at their disposal, and how much can you mitigate against them?19:35
DavidBorgI can't get LightDM to work via SSH using a Mac to Ubuntu Server 13.1019:43
DavidBorgCan someone tell me what command I should type after logging in with the ssh -X user@name command?19:44
=== Ursinha is now known as Ursinha-afk
blkperlDavidBorg: you can't xforward Lightdm, you will need to use VNC for a graphical session or XDMCP19:51
=== Ursinha-afk is now known as Ursinha
=== Rich__ is now known as Muesli_
=== Muesli_ is now known as Muesli3
OverandIs there a more 'fresh' build of the ubuntu-server installer for the beta than the march ~27 'beta 2' one?  Didn't see one under the dailies20:47
Overander, installer?  i meant ISO20:47
andolhttp://cdimage.ubuntu.com/ubuntu-server/daily/current/20:49
Overandha- that makes sense!20:51
resnook, so everyday my ubuntu server loses its static ip set and gets a dhcp setting22:26
resnoif i do ifdown eth0 && ifup eth0 it gets the static ip back again22:26
resnothis is on ubuntu 14.0422:26
* resno yawns22:37
mwhudsonresno: is dhclient still running?22:37
sarnoldresno: please file bug :) though I don't know what to file it against23:12
sarnoldresno: that doesn't sound like sometihng that should happen.23:12
resnosarnold: heh ok, im not even sure what details to include23:14
sarnoldresno: if you can catch the dhcp client in action, that'd be nice..23:14
resnoi know something is making it do it, because it happens at about the same time everyday23:14
resnoya, its dhclient23:16
sarnoldhrm, there's lots of half-baked ways I can think of to tyr to figure out which process is kicking off dhclient, but none of them are quite what I'd like to suggest to someone else :)23:18
resnomwhudson: dhclient is not installed23:18
mwhudsonresno: special23:18
resnosomehow in the los dhclient is receving the request for the ip23:19
=== sz0 is now known as sz0`
mwhudsonresno: the package is called isc-dhcp-client fwiw23:20
mwhudsonthe binary is dhclient though23:20
mwhudsoni assume you must have some kind of dhcp client installed, or getting a dhcp address would be pretty amazing :)23:20
resnoyes it would23:21
resnoi magically get ips from dhcp through space23:21
resnoim just curious though how it would ignore the conf23:21
mwhudsonsarnold: i think i've seen things where i've modded /etc/network/interfaces to change eth0 to static, ifdown ifup and dhclient is still running23:21
mwhudsonsarnold: is that possible?  expected?  a bug?23:21
mwhudsoni was pretty confused about what was going on when i saw this though23:22
sarnoldmwhudson: if you didn't ifdown the interface before editing interfaces, I wouldn't be too shocked.23:22
mwhudsonresno: anything in syslog?23:22
mwhudsonsarnold: oh, ifdown would only kill dhclient if the config still said auto?23:22
mwhudsonthat probably is what happened23:22
resnomwhudson: ya, it mentions get the dhcpoffer23:23
mwhudsonsomehow i like to leave the gap between ifdown and ifup as short as possible, even if i'm editing on the serial console :)23:23
sarnoldmwhudson: as far as I'm concerned, there is much magic going on, and while we may hope for the best :) I suspect it's a bit cranky about details23:23
resnoheh, cranky23:24

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!