mgw | is there some reason do-release-upgrade is reporting no new release (on precise)? | 00:13 |
---|---|---|
=== sz0 is now known as sz0` | ||
sarnold | mgw: I believe it will wait until 14.04.1 before offering to upgrade precise users | 00:34 |
=== Ursinha is now known as Ursinha-afk | ||
=== Ursinha-afk is now known as Ursinha | ||
mgw | sarnold: ok, thanks | 01:03 |
mgw | i used -d | 01:03 |
mgw | but thought it was strange | 01:03 |
sarnold | mgw: it does seem strange to me too; it feels like if you've asked for it, it should do it.. | 01:06 |
ns5 | I'm try to use PROMPT_COMMAND to change the title of windows putty window, ubuntu server 12.04.4. It does not work, any idea? | 02:08 |
sarnold | ns5: are you confident your putty is configured to allow changing window title? | 02:10 |
ns5 | sarnold: yes it is, setting console title works on my putty with other hosts (Arch linux, CentOS, etc.) | 02:11 |
sarnold | ns5: nice, I love it when you've got easy test cases :) | 02:14 |
sarnold | ns5: so, what do you set your PROMPT_COMMAND to? | 02:14 |
ns5 | sarnold: PROMPT_COMMAND='echo -ne "\033]0;SOME TITLE HERE\007"' | 02:16 |
sarnold | ns5: nice. same thing works for urxvt :) | 02:17 |
sarnold | ns5: I got it to work by doing this: PS1='`echo -ne "\033]0;SOME TITLE HERE\007"`\$ ' | 02:17 |
sarnold | ns5: .. no idea why PROMPT_COMMAND didn't do it though :( | 02:18 |
ns5 | sarnold: I found the answer, you have to comment "PS1="\[\e]0;${debian_chroot..." in your .bashrc | 02:23 |
ns5 | http://askubuntu.com/questions/22413/how-to-change-gnome-terminal-title | 02:23 |
sarnold | ns5: AH! sigh. I've even seen that before. :) | 02:24 |
ns5 | sarnold: yeah same happens to me. Sometimes we just need to have the patience to read it through | 02:30 |
sarnold | ns5: *nod* finding the right reference is definitely wonderful though :) | 02:31 |
sarnold | ns5: have a good night :) | 02:31 |
ns5 | sarnold: it's morning here actually. Have a good night! :) | 02:32 |
=== zz_nhayashi is now known as nhayashi | ||
med_ | are cloud-images painfully slow (to non-existently slow) tonigh? | 03:01 |
med_ | where tonight is western US | 03:01 |
med_ | gaughen, kirkland ^ | 03:03 |
=== Paulus68_ is now known as Paulus68 | ||
=== sz0` is now known as sz0 | ||
=== sz0 is now known as sz0` | ||
mischief | can i upgrade from 12.04 lts server to 14.04 lts server? | 04:13 |
sheptard | sure | 04:14 |
Guegs | You can, but I would wait until the 14.04.1 release. | 04:15 |
Guegs | Ensures that almost every bug is ironed out. | 04:15 |
Guegs | And 12.04.1 has a few more years of support left on it. No need to upgrade right away. :-) | 04:16 |
arrith | i do wonder if people will come to expect that of the .1 release of an LTS, so it will be the real .0, then .2 will become the real .1 | 04:34 |
arrith | soon none of it is stable, there will be anarchy in the streets | 04:34 |
=== nhayashi is now known as zz_nhayashi | ||
=== zz_nhayashi is now known as nhayashi | ||
=== nhayashi is now known as zz_nhayashi | ||
=== zz_nhayashi is now known as nhayashi | ||
lordievader | Good morning. | 06:55 |
ice9 | I need a solution to backup configuration files of different services so I can build another server same like the original one | 07:06 |
arrith | ice9: possibly etckeeper | 07:08 |
arrith | ice9: or do the initial setup with puppet/chef/salt/ansible, to make it repeatable | 07:08 |
ice9 | arrith: I guess puppet is the most famous and used one right? | 07:09 |
arrith | ice9: yes but you should at least look into comparison articles about their pros/cons. some are a lot heavier or lighter weight | 07:10 |
arrith | ice9: if you just need <10 config files you could do a shell script even | 07:10 |
=== xnox is now known as NoNameYet_xnox | ||
Tazmian | hi all, I have msmtp install, and I can use php -d sendmail_path="/usr/bin/msmtp -C ~/.msmtprc -t" test.php. that works, but If I make php file and access it from the browser it wont send, nor does the mediawiki, says unkown php mail() error, anyone have any ideas ? | 08:24 |
=== psivaa-afk is now known as psivaa | ||
sebastianlutter | I have a 3 year old server in our office (i7, 32GB RAM) that startet with ubuntu 10.04 and now runs 13.10. I got terrible IO errors in the last three month. With high IO load the IO blocks completly. Using 4 HDDs (a root hdd, and a raid5 with luks partition on the other three). Smart shows the hdds are ok. When error appears I got in dmesg: https://dpaste.de/5GLN . I got various different | 08:51 |
sebastianlutter | stacktraces, they all have a flush process involved. The server worked well the first two years with ubuntu 10.04. What do you think is this? Controller Error? Kernel Bug? Cosmic rays? Thanks a lot | 08:51 |
sebastianlutter | Is there a tool to check special for sata controller issues? Or how do you check IO hardware errors? | 08:51 |
=== Tazmian is now known as Tazmain | ||
Thete | anyone know of any good hardening guides? | 09:01 |
verdeP | >>insert joke here<< | 09:02 |
Thete | lol | 09:02 |
=== sz0` is now known as sz0 | ||
hxm | good morning | 09:16 |
hxm | using a webdav server i can see the files but not its content | 09:16 |
hxm | why is that mistery? | 09:16 |
andol | hxm: file system permissions, on the directory vs. the files? | 09:17 |
hxm | -rw-r--r-- 1 www-data www-data 1667 abr 21 23:57 template-irclog.php | 09:17 |
hxm | supposed it has permissions or no? | 09:17 |
hxm | or may be the webdav.conf? | 09:18 |
andol | Yeah, that should be readable by the filesystem, so I guess the issues is more webdav specific then, which I'm afraid I will be less helpful in regards to. | 09:18 |
hxm | http://pastebin.com/raw.php?i=g8YUUuFz this is the config | 09:18 |
bxz | Has anyone tried to upgrade 12.04 to 14.04 on XenServer 6.2? After reboot VM can't start and shows me this: Apr 22, 2014 12:33:32 PM Error: Starting VM 'zabbix' - The bootloader for this VM returned an error -- did the VM installation succeed? Unable to find partition containing kernel | 09:35 |
zetheroo | fresh install of 14.04 server ... configured NIC in /etc/network/interfaces with static IP ... rebooted server ... still DHCP IP is assigned ... | 10:42 |
bekks | Your keyboard is defective. It repeats . 12 times in one sentence. | 10:43 |
zetheroo | mine? | 10:43 |
bekks | Yes, yours. | 10:43 |
bekks | Can you pastebin your /etc/network/interfaces? | 10:43 |
zetheroo | is it still doing it? | 10:44 |
zetheroo | bekks: http://paste.ubuntu.com/7306081/ | 10:45 |
bekks | Can you pastebin "cat /tetc/issue" as well please? | 10:46 |
zetheroo | ifconfig -a : http://paste.ubuntu.com/7306084/ | 10:46 |
andol | zetheroo: What you want is iface p255p1 inet static | 10:46 |
zetheroo | Ubuntu 14.04 LTS \n \l | 10:46 |
bekks | I am wondering why your interface is actually named like that :) | 10:47 |
zetheroo | andol: oh ... doh! thanks :P | 10:47 |
zetheroo | bekks: yes, me to ;) | 10:47 |
zetheroo | bekks: there are two onboard NIC's and one add-on card ... | 10:48 |
bekks | zetheroo: are you using systemd? | 10:48 |
zetheroo | bekks: not sure ... this is a fresh install ... so it would be using defaults ... | 10:48 |
bekks | Ah, your keyboard is defective again. :P | 10:48 |
andol | Regarding the naming, http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/ | 10:48 |
zetheroo | bekks: I don't see it ... :( | 10:49 |
bekks | zetheroo: just stop pressing . three times in a row. | 10:49 |
zetheroo | bekks: really? I always used to do that | 10:49 |
zetheroo | what does it do? | 10:50 |
bekks | zetheroo: Which is a bad habbit. | 10:50 |
zetheroo | ha | 10:50 |
bekks | andol: All my 14.04 installs have udev 204 (from the ubuntu repos) but use ethX for the network interface naming. | 10:50 |
zetheroo | bekks: but if you do three periods in a row what does it do? | 10:51 |
bekks | zetheroo: It annoys people, actually. :) | 10:51 |
andol | bekks: I haven't looked into it heavily myself, but I *guess* it depends on the specific driver being used, and that it's a gradual transistion. | 10:51 |
zetheroo | bekks: previous to 14.04 we were using 12.04, and all the NIC's were named with ethX | 10:52 |
bekks | andol: Hmm. Well, I'd investigate 80-net-name-slot.rules then :) | 10:52 |
zetheroo | is it possible to rename the NIC from p255p1 to eth0 ... ? | 12:35 |
Tazmain | Network interface card ? | 12:36 |
zetheroo | yes | 12:36 |
zetheroo | since changing from 12.04 to 14.04 we have these p255p1 names for the interfaces ... | 12:38 |
zetheroo | it would be nice to have it like the previous ethX naming | 12:38 |
patdk-wk | ya, solved that last night | 12:40 |
patdk-wk | remove biosdevname | 12:40 |
patdk-wk | update-initramfs -u | 12:40 |
patdk-wk | reboot | 12:40 |
zetheroo | "remove biosdevname" - from where? | 12:40 |
patdk-wk | you may need to remove stuff from /etc/udev/rules.d also | 12:40 |
patdk-wk | apt-get remove | 12:40 |
zetheroo | patdk-wk: there is only a README file in that location | 12:45 |
patdk-wk | that is good then | 12:47 |
patdk-wk | you did the apt-get remove? | 12:47 |
zetheroo | ok, rebooting then | 12:47 |
zetheroo | yes | 12:47 |
patdk-wk | and the update-initramfs -u | 12:47 |
zetheroo | yes | 12:47 |
patdk-wk | ok | 12:47 |
zetheroo | I forgot to change the interfaces file accordingly ... so it's waiting for the network configuration | 12:52 |
zetheroo | ok, now it's back to using the ethX names :) | 12:53 |
zetheroo | one other thing I noticed on boot is that right after the GRUB menu there is this message: error: malformed file | 12:54 |
zetheroo | what is this referring to? | 12:54 |
Tazmain | zetheroo, so they moved to the new way of naming the adapters. | 12:54 |
zetheroo | Tazmain: yep - but IMHO the previous way was simpler | 12:55 |
zetheroo | ;) | 12:55 |
Tazmain | zetheroo, definitly | 12:55 |
zetheroo | so after changing the interfaces file to reflect the change on NIC name, I do 'service networking restart', but this doesn't seem to get things going | 12:57 |
zetheroo | in 12.04 I would use '/etc/init.d/networking restart' and that worked great! So what's the 14.04 equivalent? | 12:58 |
patdk-wk | you where never suppost to do networking restart | 12:59 |
patdk-wk | use ifup | 12:59 |
zetheroo | ok | 13:00 |
ogra_ | yeah, thats like replacing the chassis of your car just to switch gears | 13:00 |
zetheroo | I just noticed that now eth0 is the add-on card ... and eth1 and eth2 are the on-board NIC's ... can I change this? | 13:00 |
=== wickedpuppy2 is now known as motd | ||
=== wickedpuppy2 is now known as wickedpuppy | ||
=== Ursinha is now known as Ursinha-afk | ||
=== Ursinha-afk is now known as Ursinha | ||
zetheroo | I have an NFS export on a 12.04 machine and am mounting it on a 14.04 machine via fstab. It mounts but I cannot view the contents of the mount on the destination machine's mountpoint - I get "ls: cannot open directory .: Permission denied" | 14:58 |
zetheroo | this was working fine from 12.04 to 12.04 ... | 14:59 |
=== wedgwood is now known as Guest26994 | ||
=== wedgwood1 is now known as wedgwood | ||
DarkStar1 | I have installed and configured ( or at least configured) dovecot yet when I start the service I get no output to logs (mail.log) even though I enabled logging dovecot.conf | 15:19 |
tom[] | where would make sense to keep a custom script that /etc/bash.bashrc will pull in? | 15:20 |
jamescarr | can you guys help me out with a silly ssl issue? It's driving me nuts. Not heart bleed related | 15:23 |
jamescarr | curl https://www.campaignmonitor.com/forums/feed/rss/ | 15:23 |
jamescarr | the ssl cert is valid. I am running 13.10, I upgraded the ca-certs, curl, libssl-dev and openssl packages | 15:23 |
jamescarr | still gives me error | 15:23 |
jamescarr | curl: (60) SSL certificate problem: unable to get local issuer certificate | 15:24 |
tom[] | jamescarr: who signed the cert? | 15:24 |
jamescarr | RapidSSL | 15:24 |
tom[] | did they give you a chain cert file, or make one available? | 15:26 |
zul | coreycb: i started the packaging branches for juno lp:~ubuntu-server-dev/<project>/juno | 15:26 |
tom[] | jamescarr: is that what you meant by "upgraded the ca-certs" ? | 15:27 |
jamescarr | tom[]: I don't own the server. Hitting that url from a browser works, hitting it from curl on the latest OSX works, but hitting it via curl on our ubuntu 13.10 boxes doesn't work | 15:27 |
jamescarr | tom[]: sudo apt-get install ca-certificates | 15:27 |
coreycb | zul, excellent, need anything from me? | 15:27 |
jamescarr | after an apt-get update | 15:27 |
zul | coreycb: nope | 15:27 |
tom[] | jamescarr: download the latest cert file from mozilla | 15:27 |
zul | coreycb: just keeping you in the loop | 15:27 |
tom[] | jamescarr: and direct curl to use that | 15:28 |
coreycb | zul, thanks | 15:28 |
jamescarr | well to be fair if I use http://www.whynopadlock.com/check.php | 15:30 |
jamescarr | it tells me bad intermediate cert. | 15:30 |
med_ | is launchpad.net ... down? | 15:31 |
jamescarr | tom[]: come again? download latest cert file from mozilla? | 15:32 |
tom[] | jamescarr: moz curates a top level ca cert file. it's used in firefox and lots of other stuff. you can try using curl with it | 15:33 |
jamescarr | this one? http://curl.haxx.se/ca/cacert.pem | 15:33 |
tom[] | jamescarr: yes but that looks like a downstream. return to the source | 15:34 |
tom[] | jamescarr: it's possible an intermediate cert is bad. some browsers cache their decision about a server cert because it can be safer to do so than to check every time against the supposedly trusted network of signers | 15:35 |
tom[] | jamescarr: a horrible thought but it makes a kind of sense | 15:36 |
rbasak | jamescarr: instead of works/doesn't work, try considering whether the different options a) validate the cert and succeed, b) fail to validate the cert and fail the download, or c) fail to validate the cert but silently continue anyway. | 15:37 |
rbasak | jamescarr: could it be that Ubuntu is doing b, and all the alternatives are doing c? Firefox tells me that the https:// URL is not secure. | 15:39 |
rbasak | jamescarr: if you don't care about security, curl does have a --insecure option that might work for you. | 15:39 |
jamescarr | rbasak: well I'm trying to understand a larger problem. Since SSL certificate rotations by a number of vendors thanks to heart bleed, a handful of sites are having this problem | 15:40 |
rbasak | jamescarr: I've seen sysadmins fail to correctly put the full certificate chain in replacement pem files following rotation after heartbleed. | 15:42 |
rbasak | Could that be it? | 15:42 |
tom[] | jamescarr: but rbasak is right that the larger problem may only be understandable by understanding the specifics | 15:42 |
jamescarr | rbasak: that could be it. That would allow browsers to be blissfully unaware, wouldn't it? | 15:42 |
rbasak | Not sure. | 15:42 |
jamescarr | fails with the mozilla cacert.pem too via curl | 15:42 |
jamescarr | hmmph | 15:42 |
jamescarr | what a mystery | 15:43 |
rbasak | "openssl s_client -connect foo.example.com:80" is a pretty good diagnostic. | 15:43 |
tom[] | this is what firefox shows me: http://i.imgur.com/aRdivtP.png | 15:43 |
rbasak | It also supports pointing to specific CA root certificates, etc. | 15:43 |
jamescarr | does "curl https://www.campaignmonitor.com/forums/feed/rss/" fail for you all too? | 15:43 |
tom[] | which appears to be different from what rbasak said | 15:44 |
rbasak | tom[]: that's what I got. No encryption claimed. | 15:44 |
tom[] | but it's not an invalid cert | 15:44 |
rbasak | I also see a failure with curl. | 15:44 |
rbasak | If firefox had no problem, it should tell you that the connection is encrypted, surely? | 15:45 |
rbasak | Though I wonder if there's some special case handling due to it being RSS maybe? | 15:45 |
jamescarr | λ ~ → openssl s_client -connect www.campaignmonitor.com:443 | 15:45 |
jamescarr | gave me this | 15:45 |
jamescarr | Verify return code: 21 (unable to verify the first certificate) | 15:45 |
DarkStar1 | has anyone encountered this error before with dovecot : doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-auth.conf line 122: Recursive include file: /etc/dovecot/conf.d/auth-sql.conf.ext | 15:46 |
jamescarr | def think this might be on their end | 15:46 |
tom[] | jamescarr: sounds like it | 15:47 |
tom[] | there's a revocation issue that i do not understand. after rekeying i found that different browsers said different things about the trust of my servers for a couple of days. it all sorted itself out in a couple of days. i put it down to the time it takes for revocation of the old cert to propagate but i don't know if that makes sense | 15:47 |
rbasak | jamescarr: looks to me that they're not sending their certificate chain. Compare against www.google.com:443 for example. | 15:49 |
tom[] | which would be a case of the sysadmin fail you mentioned earlier | 15:50 |
smb | arosales, Weirdly bug 1275620 was marked as fix committed. Not sure how fixed it really is. | 16:33 |
uvirtbot | Launchpad bug 1275620 in gccgo-go "gccgo-go segfaults, something related to alternatives" [High,Fix committed] https://launchpad.net/bugs/1275620 | 16:33 |
arosales | smb: hmm perhaps dave thinks that is fixed in gcc-go 4.9 .. . | 16:34 |
smb | That is the weird part because right before he says no to that | 16:34 |
=== jamespag` is now known as jamespage | ||
arosales | smb: well I can say from our usage testing that we are consistently hitting bug 1304754 | 16:36 |
uvirtbot | Launchpad bug 1304754 in gccgo-4.9 "gccgo on ppc64el using split stacks when not supported" [Medium,Confirmed] https://launchpad.net/bugs/1304754 | 16:36 |
smb | arosales, That is the other one | 16:37 |
arosales | we are having to revet to the -08 kernel which seems to not experience the seg faults | 16:37 |
arosales | smb: fwiw https://bugs.launchpad.net/bugs/1307289, looks related | 16:38 |
uvirtbot | Launchpad bug 1307289 in juju-core "Go panics when running tests on ppc64" [High,Triaged] | 16:38 |
arosales | smb: one suggestion from apw is to seek if 4k page sizes ontop of a more recent kernel also seg faults. | 16:40 |
arosales | it may just take longer to get to the problem therby masking it, but its another data point | 16:40 |
apw | arosales, how did you pick -8, that seems rather arbitrary | 16:45 |
smb | arosales, It sounds like that ppc64 issues are actively worked on but people with more knowledge of the architecture. | 16:46 |
arosales | apw: smb: that is the kerenel that we haven't seen seg faults on | 16:47 |
apw | arosales, and which of the later ones have you tested | 16:47 |
arosales | apw: smb: we can confirm that -08 doesn't seem them as we do see them in -08 and greater | 16:48 |
apw | so -09 has them ? | 16:48 |
arosales | it was a suggestion from davidC to try the -08, I guess from the 4k page size theorgy | 16:48 |
arosales | *theory | 16:48 |
arosales | apw: I haven't tested -09 | 16:48 |
arosales | apw: would you like me to give -09 some run time or a more recent kernel with 4k page size ? | 16:49 |
apw | arosales, ok but your statement "-09 and greater" is inaccurate and confusing | 16:49 |
arosales | apw: good point | 16:49 |
arosales | let me see if I can see the kernels we have seen the seg faults on | 16:49 |
apw | arosales, as ogasawara pointed out, -15 is when it was changed, so -09 has 4k pages | 16:49 |
apw | arosales, which is why -14/-15 are interestined test cases to see if it is page size etc | 16:50 |
arosales | -18 and -23 we have seen seg fautls | 16:50 |
apw | -14 was the last 4k page size one, -15 the first 64k page size one | 16:51 |
arosales | apw: so in theory -09 should jsut work and -15 should fail | 16:51 |
arosales | which would help with bisceting | 16:52 |
arosales | or better yet -14 and -15 | 16:52 |
arosales | apw: do you have links handy to those .deb and matching initrams I could test with? | 16:52 |
apw | arosales, only if page size is the reason indeed | 16:53 |
apw | which there is no proof currently, which is why the tests matter | 16:53 |
arosales | agreed | 16:53 |
apw | there should be .deb's under the +source/linux page, to get initrds you need to install the .deb | 16:53 |
arosales | apw: thanks. | 16:54 |
arosales | I'll update bug with my findings, may not be till later tonight though. | 16:54 |
arosales | bug 1304754, that is | 16:54 |
uvirtbot | Launchpad bug 1304754 in gccgo-4.9 "gccgo on ppc64el using split stacks when not supported" [Medium,Confirmed] https://launchpad.net/bugs/1304754 | 16:54 |
arosales | apw: smb: thanks | 16:55 |
apw | arosales, great thanks | 16:55 |
=== sz0 is now known as sz0` | ||
=== sz0` is now known as sz0 | ||
=== ogasawara_ is now known as ogasawara | ||
MTughan | I'm trying to set up an Ubuntu 14.04 cloud release image in a private setup of OpenStack, and it freezes after cloud-init has run init. I get a description of the network devices in use, preceeded by "ci-info" on each line, but it goes nowhere after that. Anyone know what might be going on? | 17:49 |
MTughan | This is what I'm seeing on the console. It gets to this point about 10 seconds after booting and goes no further, even after 10-15 minutes. https://dl.dropboxusercontent.com/u/44769998/ubuntu-openstack.png | 17:53 |
RoyK | MTughan: could you get into the box via console? it'd be nice to see what dmesg had to say | 17:54 |
MTughan | RoyK: I can't get to a console, which is part of the problem. SSH isn't up at this point, and the image above is what the console output is. | 17:55 |
RoyK | try a netconsole or a serial console | 17:55 |
MTughan | I'll see about a netconsole. Serial is impossible as this is a VM. | 17:56 |
RoyK | ok | 17:56 |
gnuoy | YYou And Me Sonttee | 17:57 |
gnuoy | You And Me Song76! | 17:57 |
sarnold | gnuoy: are those passwords? | 17:57 |
MTughan | RoyK: Not sure if I'll be able to get a netconsole; bootloader seems to go by too quickly. I do have this though, which I think is the entire output from the console. I don't see any errors in it though. http://pastebin.com/cvVFEPT9 | 17:59 |
RoyK | can't see any issues there - strange | 17:59 |
MTughan | Yeah, it all looks fine to me too. | 18:00 |
MTughan | The IP information and routing tables are correct, and I can ping the VM, so it looks like the network stack does come up, but nothing beyond that. | 18:03 |
RoyK | icmp etc is deep in the kernel, so it'll come up even without the services you want | 18:04 |
MTughan | Makes sense, but it has to have an external IP that can be reached to ping externally. | 18:04 |
RoyK | that's just routing | 18:05 |
gnuoy | sarnold, thanks for the ping. I had a really odd lock screen issue, the monitor was showing the lock screen but not accepting input as far as I could tell but obviously my keystrokes were getting through to irc just fine :( Password changed now | 18:06 |
sarnold | gnuoy: sigh :/ | 18:06 |
sarnold | gnuoy: 14.04? https://bugs.launchpad.net/ubuntu/+source/unity/+bug/1292217 | 18:07 |
uvirtbot | Launchpad bug 1292217 in unity "screen lock has triggered but keyboard is still connected to the main session" [High,Incomplete] | 18:07 |
gnuoy | sarnold, looks like a direct hit, thanks | 18:07 |
MTughan | RoyK: You know, one thing I've noticed while trying to boot up some other instances is that it tries to reach 169.254.169.254, which is apparently an IP for EC2 instance data. Those requests are failing right now. Does 14.04 expect that IP to exist before booting? | 18:13 |
=== also is now known as also_ | ||
dubrewski | I just have a quick question for anyone with the know how to answer it. | 19:28 |
dubrewski | I am working on setting up a home server and I am not sure if I should utilize KVM. When done the server will act as a media/web/email server with vpn. Right now I only have one website to host and dont plan on adding more anytime soon. Would there be any benefit for me to set up the email, web, and media sections on their own vm? | 19:28 |
sarnold | dubrewski: I'd be content without the VMs because I'd do AppArmor profiles on the internet-facing services | 19:31 |
sarnold | dubrewski: but the VMs do provide some nice belt-and-suspenders isolation -- while there are qemu breakout bugs from time to time, when run via libvirt there are apparmor profiles on the qemu processes, which can help confine the scope of potential qemu bypasses | 19:33 |
dubrewski | ok, I havent researched apparmor to much | 19:35 |
dubrewski | but basically what your saying is the hassel isnt worth the reward for such a small set up | 19:36 |
sarnold | dubrewski: It depends upon which hassle you'd rather deal with :) setting up some apparmor profiles on your services or just burning a bit extra ram and using kvm :) | 19:37 |
dubrewski | ok, looks like i have some reading to do on apparmor. Thanks for the advice | 19:39 |
tom[] | where would make sense to keep a custom script that /etc/bash.bashrc will pull in? right in /etc itself? | 19:54 |
rbasak | tom[]: yes, or maybe /usr/local/share/<something>/ | 20:26 |
tom[] | /usr/local/etc isn't a linux thing? | 20:27 |
bekks | tom[]: /usr/local/ is application dependant. Applications may store stuff there at will :) | 20:28 |
tom[] | i am not an app so maybe that's not the place | 20:28 |
bekks | tom[]: All my scripts, etc. are stored under /usr/local/ and they use their needed/wanted directory structure under /usr/local/ | 20:29 |
tom[] | ok | 20:31 |
keithzg | Hmm. Since the upgrade to 14.04, one of my machines can't start smbd or nmbd . . . and nothing is written to their respective log files :/ | 21:03 |
keithzg | ...no ideas? Damn. | 21:56 |
keithzg | Can't quite figure out how to debug something when there's not even a log or any output other than "start: Job failed to start". | 21:56 |
=== RaptorJesus_ is now known as RaptorJesus | ||
sarnold | keithzg: dmesg? | 22:21 |
keithzg | sarnold: Naw, that was the second or third place I checked and it had nothing. In the end I just backed up my smb.conf and then purged and reinstalled and it's working again now; bugs me that I don't quite know *why* it wasn't working, but oh well! | 22:22 |
sarnold | keithzg: ugh. that bugs me too. I'm glad you're going again though | 22:23 |
mortrca | Is there a rule against posting forum links? | 22:36 |
RoyK | !rules | 22:36 |
ubottu | The guidelines for using the Ubuntu channels can be found here: http://wiki.ubuntu.com/IRC/Guidelines | 22:36 |
RoyK | mortrca: afaik, no | 22:36 |
mortrca | Okay, I posted in the "Virtualisation" forum, but I'm thinking I should have posted in the server section: http://ubuntuforums.org/showthread.php?t=2218691 | 22:38 |
RoyK | libvrit is the common stuff | 22:39 |
mortrca | RoyK: Can you expand upon that? | 22:39 |
RoyK | no need | 22:39 |
sarnold | mortrca: with libvirt you're responsible for providing iso images and so forth | 22:41 |
sarnold | mortrca: uvtool wraps a bunch of the libvirt stuff to automate finding images, validating signatures, etc | 22:41 |
mortrca | That's it? | 22:41 |
keithzg | Used to use vm-builder to create VMs, but it's been broken for the past bunch of releases :( | 22:43 |
keithzg | https://bugs.launchpad.net/ubuntu/+source/vm-builder/+bug/1037607 | 22:44 |
uvirtbot | Launchpad bug 1037607 in vm-builder "vmbuilder completely fails on Quantal due to kernel pae detection failure" [High,Triaged] | 22:44 |
keithzg | I seriously love how the Bug Bot at one point goes: | 22:44 |
keithzg | 'The attachment "an ugly hack to work around the problem" of this bug report has been identified as being a patch.' | 22:44 |
sarnold | keithzg: haha, that's great :) | 22:45 |
RoyK | it'd be nice to do nested raids with ubuntu, though | 22:53 |
sarnold | RoyK: crazytalk! | 22:54 |
RoyK | sarnold: heh - just like it'd be fine with cetos or debian or whatnot where it just works ;) | 22:55 |
sarnold | RoyK: I think part of the problem is that the folks who would be most motivated to fix it just move to zfs anyway | 22:56 |
RoyK | sarnold: a 2yo bug unfixed - nasty | 22:57 |
sarnold | RoyK: yes :( | 22:57 |
RoyK | sarnold: should be easy for someone that knows upstart well | 22:58 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!