[00:14] <teward> has anyone reported any issues with apache2 and default SSL configs and such?
[00:15] <sarnold> teward: I don't recall seeing any
[00:16] <Patrickdk> I haven't had any issues
[00:16] <teward> sarnold: it may just not be reported, i'm testing in a separate, brand-new EC2 (different deployment) than the VM I was testing in
[00:16] <teward> it might be a misconfiguration on my side, but i'm not certain
[00:16] <teward> for the most part everything was default
[00:16] <Patrickdk> but atleast for me, my ssl config in apache is far from default
[00:17] <teward> right, the issue was in the ports.conf file apparently, but we'll see if that's still the case
[00:19] <teward> blah lag and slowness... >.>
[00:19]  * teward now remembers why he dislikes EC2s
[00:21] <teward> issue confirmed
[00:21]  * teward digs around
[00:22] <teward> (98)Address already in use: AH00072: make_sock: could not bind to address [::]:443 <-- triggered with a2ensite default-ssl; a2enmod ssl; service apache2 restart
[00:22] <teward> with no additional changes
[00:23] <teward> that also triggers if the listen statement is set to 0.0.0.0:443 in the ports.conf
[00:24] <teward> it *looks* like the culprit is ports.conf in apache
[00:24] <teward> since i've confirmed this on two separate, completely-different systems, I'm going to file a bug
[00:29] <teward> just to confirm though...
[00:29]  * teward pokes the instance again
[00:30] <sarnold> haha
[00:30] <sarnold> you've already paid for the hour might as well poke it again? :)
[00:30] <teward> sarnold: thank jose for the instance
[00:31] <teward> 'tis not mine :p
[00:31] <sarnold> oh :) thanks jose :)
[00:31] <jose> no worries :)
[00:31] <teward> sarnold: i'm going to make sure it's just the defaults, though, so i'm spinning up ANOTHER server instance on vbox
[00:31] <jose> sarnold: if you want to confirm I can give you a box
[00:32] <jose> a newly-created box
[00:32] <teward> sarnold: lets wait until i confirm in a brand new vbox again, i noticed a couple extra apache modules getting installed, want to rule those out
[00:32] <sarnold> jose: if teward spots it, I'm sure it's there :) thanks though
[00:32] <jose> no prob
[00:33] <teward> sarnold: I'm an nginx guy, not apache, but this just seemed off
[00:34] <teward> because it works fine in Precise
[00:34] <teward> but goes and explodes in Trusty
[00:34] <teward> so... the interim versions need checking, but if it's in Trusty, there's a problem for defaults.
[00:34] <teward> assuming that the extra apache2 modules weren't the culprit
[00:34] <teward> 'tis why i'm testing :P
[00:35] <teward> 'course, if this third install ALSO triggers the bug, then it's real. :p
[00:37] <teward> i should probably have given it more than 512MB RAM >.>
[00:38] <teward> (slow...)
[00:38] <sarnold> heh, yeah, I give 768 to my vm instances
[00:38] <teward> yeah, but the other VM has 4GB of RAM, so my RAM available to my computer is limited
[00:38] <teward> this isn't a VM cluster-like thing, it's just my laptop
[00:45] <teward> ohhhhhhhhhhh
[00:45] <teward> i seeee
[00:46] <teward> sarnold: it's because of libapache2-mod-gnutls
[00:46] <teward> installing that breaks things
[00:46] <teward> (plain default apache2 without the gnutls module works fine)
[00:55] <teward> sarnold: https://bugs.launchpad.net/ubuntu/+source/mod-gnutls/+bug/1311407 is the relevant bug
[00:55] <teward> i'm not sure if it *is* a bug, but it's behaving differently from Precise.
[00:56] <teward> and I'd know, the same commands to reproduce don't explode on Precise
[00:56] <teward> so somewhere along the line, something changed to explode.
[00:56] <teward> (the bug is not, in fact, in Apache, but the gnutls module)
[00:57] <teward> (and probably just how it's issuing the configuration)
[01:16] <sarnold> teward: \o/ thanks :)
[01:17] <teward> sarnold: you're welcome.
[01:17] <teward> that had me angry at it for a while though
[01:17] <teward> it was preventing me from setting up this one application... :P
[01:29]  * teward facepalms
[01:30] <teward> i feel stupid... i misconfigured my network interfaces again... >.<  there goes an entire 5 VMs... >.>
[03:19] <__dan__> hi there guys congrats on 14.04 release i am wondering what the stability of btrfs is like on 14.04 any experiences? thx
[06:08] <__dan__> hi there guys congrats on 14.04 release i am wondering what the stability of btrfs is like on 14.04 any experiences? thx
[07:35] <DarkStar1> Morning all. Has anyone ever ran into an issue where dovecot wont start at all with 0 output to the logs
[07:35] <DarkStar1> ?
[08:04] <lordievader> Good morning.
[08:40] <MannerMan> Currently I have a 12.04 server running KVM that I manage with virt-manager. Storage consists of ZFS on Linux (3 disks in raidz). Planning to upgrade to 14.04 soon and looking for some alternative virtualization management, more ESX-ish rather than the virtualbox style of virt-manager. Suggestions?
[08:41] <ikonia> how are you running zfs on linux with an ubuntu kernel ?
[08:41] <MannerMan> ikonia: http://zfsonlinux.org/
[08:41] <ikonia> is that a full kernel rebuild or just the zfs module ?
[08:41] <MannerMan> ikonia: the zfs module AFAIK
[08:42] <arrith> MannerMan: possibly openstack. or that like novus cloud tool maybe
[08:42] <ikonia> interesting, I thought you needed more than just the module
[08:43] <arrith> ikonia: feel free to install and experiment. it's crazy-powerful
[08:43] <MannerMan> arrith: Checked openstack - it looks really awesome - however can it be run on a single machine? The Ubuntu example seems to suggest atleast 5 machines
[08:44] <arrith> MannerMan: openstack works fine on one machine, just say like puppet, might be overkill for a person's usage/needs
[08:44] <arrith> MannerMan: MaaS is multiple machines though really
[08:45] <MannerMan> arrith: M'key.. indeed it's something of a beast, but then again i'm looking to step up from virt-manager
[08:45] <MannerMan> I have 20-ish virtual machines
[08:46] <arrith> MannerMan: personally for my 30 or so VM usage will just be virt-manager and odd custom python things. but my VMs are very tied into just one app
[08:47] <MannerMan> arrith: I see.. well there is nothing wrong with virt-manager per say, just missing things like built-in snapshot support, and good network-management. Its really clunky to use over a slow internet connection aswell.
[08:48] <MannerMan> guess I could do the 14.04 upgrade and see if virt-manager gets any fancier
[08:49] <arrith> MannerMan: hm, i did read something about snapshots being added to some new qemu-kvm version on phoronix recently
[08:49] <arrith> MannerMan: a lot of it i use the virsh tool
[08:50] <MannerMan> arrith: It's powerful yes.. for daily tasks it's nice to have a proper GUI though
[08:51] <MannerMan> *sidenote: Anyone looking to run ZFS with KVM - performance is pretty poor (I get ~180 mb/s on the host, but only ~30 ish mb/s for the guest-machines)
[08:52] <arrith> MannerMan: ah, yeah. gui support for snapshots might be in openstack, definitely will be in virt-manager eventually, if not already
[08:52] <MannerMan> arrith: I'll try the 14.04 upgrade and see what happens =)
[09:15] <ziyourenxiang> is there a standard for iptables? i mean, i’ve seen iptables-dump output and a shell script calling iptables in /etc/network/if-pre-up.d. is either of that, or some other style, considered best practice?
[10:07] <freespirit-girl> Hello. I have a question .. I am trying to upgrade Ubuntu using the commandline.. When i get to tripwire i am asked to sign in using my tripwire passphrass..
[10:07] <freespirit-girl> so i enter in my root password.. Is the password different for tripwire than my root
[10:11] <AtuM> Hello. I'm trying to make a local network installation setup. I got the pxe running and it works when it uses the mirrors from the internet.. how do I tell the installer to pick up the local repo (it's an apache site that serves the loop-mounted copy of the 14.04-server iso image)
[10:15] <AtuM> I've already tried using some basic ks.cfg to give it url, but that does not work.. it gets stuck when looking for live-installer on some other server.. like this post here: http://ubuntuforums.org/showthread.php?t=2117445
[10:30] <zetheroo> Fresh install of 14.04 server ... on boot, right after GRUB menu, I get "error: malformed file" - after this system boots up fine. Any ideas as to what this error is referring to!?
[10:31] <zetheroo> also, after sshing into the machine, amongst this info posted upon login there is this line: => There are 3 zombie processes.
[10:31] <zetheroo> Sometimes this is 4, and sometimes the line is not there at all
[10:40] <ikonia> zetheroo: please don't cross post your questions
[10:41] <eagles0513875> hey lordievader :D
[10:41] <lordievader> o/
[10:42] <zetheroo> This seems pretty erratic, which makes me wonder if 14.04 is really ready for production level deployment just yet
[10:42] <eagles0513875> im running apache2-mpm-event + fgcid and php-fpm and for some reason i am seeing these errors in the apache error.log Wed Apr 23 10:36:43 2014] [error] [client 89.248.168.126] FastCGI: comm with server "/usr/lib/cgi-bin/php5-fcgi" aborted: idle timeout (60 sec) [Wed Apr 23 10:36:43 2014] [error] [client 89.248.168.126] FastCGI: incomplete headers (0 bytes) received from server "/usr/lib/cgi-bin/ph
[10:42] <lordievader> eagles0513875: Next time use pastebin.
[10:42] <eagles0513875> it always seems to be from that same ip. I am not sure if its a bot net trying to denial of service the server or what'
[10:42] <lordievader> !paste | eagles0513875
[10:43] <lordievader> eagles0513875: Is 89.248.168.126 your server ip?
[10:43] <eagles0513875> no
[10:44] <ikonia> if it's the same ip - why would it be a bot net
[10:44] <ikonia> as that would be from multiple ip's
[10:45] <eagles0513875> whats strange now whats popped upin the logs is another ip address a 77 ip address along side localhost
[10:45] <lordievader> eagles0513875: Seems to be related to some idle timeout: http://forum.nginx.org/read.php?3,235805
[10:45] <lordievader> Increasing the timeout will probably fix it.
[10:45] <eagles0513875> lordievader: tried it to no avail
[10:45] <eagles0513875> i still get those errors
[10:46] <ikonia> eagles0513875: can I ask why it's worrying you ?
[10:46] <ikonia> what about it concerns you / is a problem
[10:46] <eagles0513875> ikonia: those are bringing down the server with an error 500
[10:47] <ikonia> uses are connecting to your machine - your publicly available machine,
[10:47] <eagles0513875> agreed but the server eventually crashes.
[10:47] <eagles0513875> and i have to restart it
[10:48] <lordievader> eagles0513875: Restart the entire server for a 500? Seems like an overkill.
[10:49] <lordievader> Pun intended :P
[10:49] <eagles0513875> let me clarify
[10:49] <ikonia> eagles0513875: what sort of connections are you getting (numbers)
[10:49] <eagles0513875> i meant apache and php-fpm i restart them and everything is back to working
[10:49] <eagles0513875> ikonia: how can i determine that
[10:49] <ikonia> is it a simple overload situation, or have you just not configured enough resources
[10:49] <ikonia> your logs are a good starting point
[10:50] <eagles0513875> which long in particular
[10:50] <ikonia> the access log will show you how many connections per hour you are getting
[10:50] <ikonia> you can work it out from that sort of pattern
[10:50] <eagles0513875> in access.log nothing is logged
[10:51] <ikonia> then you have setup your web server wrong
[10:51] <ikonia> if nothing is being logged to your access log - but you are getting hits,
[10:51] <eagles0513875> ok :-/
[10:52] <eagles0513875> ikonia: what woudl i be missing seeing as nothing is getting logged?
[10:53] <lordievader> eagles0513875: The settings that tell apache where to log to.
[10:53] <eagles0513875> ok
[10:53] <eagles0513875> lordievader: does it also need to be specified in a websites vhost?
[10:54] <lordievader> If you want a separate logging for each vhost, yes.
[10:55] <ikonia> the vhosts normally have an access/error log per vhost
[10:55] <eagles0513875> ok
[10:58] <eagles0513875> would something like this in a vhost work http://pastebin.com/xUrTBE7P
[11:00] <eagles0513875> this is what i have in terms of settings for the server itself http://pastebin.com/M1pRWEUv
[11:02] <lordievader> eagles0513875: Read http://httpd.apache.org/docs/current/logs.html#accesslog
[11:04] <spidernik> hi guys, any partman expert/developer out there? :)
[11:04] <eagles0513875> lordievader: i already have the mod setenvif
[11:04] <eagles0513875> enabled
[11:05] <lordievader> eagles0513875: It was for the Common Log Format bit.
[11:06] <eagles0513875> lordievader: you are referring to the stuff i had pasted in the first paste for the vhost?
[11:06] <lordievader> There they define a logformat for 'common' and use that for the access log.
[11:06] <eagles0513875> ok
[11:06] <lordievader> eagles0513875: Of course.
[11:07] <eagles0513875> that would explain why that never worked the way i had it
[11:07] <eagles0513875> would you recommend the combined or common format?
[11:09] <eagles0513875> lordievader: CustomLog log/access_log combined  <- do i need to specify the path where i want the logging to take place?
[11:09] <ikonia> is it not set by default ?
[11:09] <ikonia> there should be a path there
[11:10] <eagles0513875> according to the link to apache's docs that is the example they have
[11:10] <eagles0513875> http://httpd.apache.org/docs/current/logs.html#accesslog
[11:10] <eagles0513875> im looking at the combined format
[11:10] <ikonia> do you not want the combined format /
[11:11] <eagles0513875> i do
[11:11] <eagles0513875> im not understand what CustomLog is doing there
[11:11] <ikonia> just change it then
[11:12] <Meerkat> what is the installer in ubuntu server called?
[11:13] <eagles0513875> ubiquity i think Meerkat
[11:14] <eagles0513875> i changed it to be the following CustomLog /var/log/access.log combined
[11:14] <eagles0513875> still nothing is being logged
[11:15] <lordievader> eagles0513875: You've restarted/reloaded the service I take?
[11:15] <eagles0513875> yes i restarted apache do i need to restart php-fpm
[11:16] <lordievader> It's apaches logging that was/is broken.
[11:17] <eagles0513875> lordievader: would pastebinning apache's conf file help to determine why?
[11:18] <NoNameYet_xnox> Meerkat: ubuntu server using "debian-installer", ubuntu desktop uses ubiquity
[11:18] <lordievader> Not to me, allways found apache's logging system a bit vague.
[11:19] <lordievader> The defaults work for me, never bothered (much) to change them.
[11:19] <eagles0513875> lordievader: the default usually and should work let me confirm on another server
[11:20] <sebastianlutter> I want to install linux-server image on my ubuntu 14.04. The kernel article in wiki tells me that since 12.04 the generic kernel is used as server kernel. apt tells me there are virutal image-server packages, but there is no linux-image-server package. Is there no server image optimized for IO throughput available any more? Thanks
[11:20] <eagles0513875> i also have the number of client connections set to 400 for the server which I know i am not getting for sure
[11:20] <eagles0513875> lordievader: it seems to be an issue on all my servers :(
[11:21] <eagles0513875> on my server it doesnt log via the access logs
[11:21] <eagles0513875> lordievader:  and ikonia it does seem to log traffic on other_vhosts_access.log
[11:21] <lordievader> eagles0513875: Are they all set up with the default Ubuntu config?
[11:21] <eagles0513875> lordievader: yes
[11:23] <eagles0513875> the default of what is in other_vhosts_access.log seems to be a combined log of what you showed me and that is logging traffic to the site
[11:23] <lordievader> Here the access logs work just fine (for both servers)
[11:24] <eagles0513875> odd
[11:27] <eagles0513875> what would be the best course of action to help determine those time outs?
[11:28] <ziyourenxiang> change my question from earlier: how do you guys keep your iptable rules? in /etc/network/interfaces pre-up section calling a shell script, in /etc/network/if-pre-up.d/ as a shell script, as a iptables-save output, …?
[11:28] <lordievader> eagles0513875: Try and trigger them yourself. See if it is the php code or that it is some faulty setting.
[11:29] <lordievader> ziyourenxiang: My firewall rules are handled by ufw, the additional rules are in an upstart script.
[11:30] <ziyourenxiang> ok. another style. :-)
[11:30] <ziyourenxiang> just wondering if there is one “best practice” style.
[11:30] <lordievader> What works, works eh.
[11:30] <eagles0513875> lordievader: what i find interesting the ip addresses that appear in the error.log are all trying to access an xmlrpv.php file
[11:30] <eagles0513875> over http 1.0
[11:31] <mardraum> xmlrpc, what is interesting about that bit? you are being probed for vulnerable software.
[11:32] <eagles0513875> mardraum: it seems to be part of wordpress
[11:33] <mardraum> it's part of lots of things
[11:33] <lordievader> eagles0513875: I suppose it is some include?
[11:33] <eagles0513875> lordievader: still doing some probing I am thinking the issue is with the theme to be honest as that has not been updated in a while due to me not using any child themes
[11:33] <lordievader> Backtrack to the page that the user requested and see if you get the same behaviour when you access it.
[11:34] <lordievader> eagles0513875: What makes you think it is a theme? xmlrpc sounds like something core-ish.
[11:34] <eagles0513875> lordievader: im not sure how they are trying to access it to be honest I do not have comments or anythign enabled on the site itself
[11:38] <ziyourenxiang> ok i read the manpage for ufw-framework. seems like a, uh, framework. heh.
[11:41] <eagles0513875> ziyourenxiang: in a nut shell its iptables for dummies makes it easier to maintain ones firewall
[11:41] <eagles0513875> ziyourenxiang: https://help.ubuntu.com/community/UFW
[11:42] <ziyourenxiang> thanks. i come from freebsd, and the pf syntax is much nicer than iptables. i read that linux has this nft thingy that looks somewhat like pf. have never used ufw.
[11:43] <eagles0513875> ziyourenxiang: ufw = ubuntu specific
[11:44] <lordievader> eagles0513875: It's available for Debian too ;)
[11:44] <eagles0513875> wasnt aware of that actually
[11:44] <eagles0513875> nice to see that got upstreamed
[11:45] <lordievader> Thought I installed it on my gentoo box too, hmm can't remember.
[11:49] <eagles0513875> lordievader:  ok it seems like after some time apache decides to spit error 500's and even me just now i triggered the error when trying to login to the back end
[11:51] <lordievader> eagles0513875: Wait, one page errors and then only 500's are served?
[11:51] <eagles0513875> then all sites spit out error 500
[11:51] <eagles0513875> i was trying to get into the back end of this site
[11:51] <eagles0513875> actually ive managed to narrow things down even further
[11:51] <eagles0513875> the issue isnt apache
[11:52] <eagles0513875> its php-fpm
[11:52] <lordievader> Sounds really misconfigured.
[11:52] <eagles0513875> i followed the ubuntu how to on this
[11:53] <eagles0513875> actually i followed lordievader this http://www.howtoforge.com/using-php5-fpm-with-apache2-on-ubuntu-12.04-lts
[11:54] <eagles0513875> lordievader: this goes back to the link you first pasted me :D
[11:54] <bekks> Do you need FastCGI?
[11:54] <bekks> If you arent sure that you need it, you dont.
[11:54] <eagles0513875> bekks: i am using php-fpm which needs it
[11:55] <bekks> fpm is the fastcgi process manager.
[11:55] <bekks> Again: Do you actually _need_ fastcgi?
[11:55] <eagles0513875> bekks:  you still need thefast cgi module though
[11:55] <lordievader> bekks: What he is asking, do your sites require fastcgi?
[11:56] <lordievader> That should be eagles0513875
[11:56] <eagles0513875> sites no but for php-fpm according to the link i pasted above it needs it
[11:56] <bekks> Then uninstall fastcgi and dont use it.
[11:57] <bekks> If you dont need fastcgi, you dont need the fastcgi process manager either.
[11:58] <eagles0513875> bekks: i need it for php-fpm
[11:58] <eagles0513875> they work together
[11:58] <eagles0513875> i have another server with fastcgi which is working just fine
[11:58] <bekks> Again: php-fpm is the fastcgi process manager.
[11:58] <eagles0513875> then why do documentation say that one needs mod fastcgi
[11:58] <bekks> If you do not need fastcgi, you dont need the fastcgi process manager.
[11:58] <bekks> No one needs that.
[11:59] <bekks> And the link you provided installed Apache AND php-fpm. And php works fine without fcgi, which is a mess actually.
[11:59] <eagles0513875> look at step for bekks
[11:59] <eagles0513875> it enables fastcgii
[11:59] <eagles0513875> and now with out fastcgi it wants me to download the php files
[12:00] <lordievader> eagles0513875: In other words why did you install php-fpm instead of the traditional php?
[12:00] <eagles0513875> lordievader: you mean the prefork version and mod php
[12:00] <bekks> lordievader: Yes he did.
[12:00] <eagles0513875> bekks: i installed the apache2-mpm-event actually
[12:01] <eagles0513875> and i fixed the issue now :)
[12:02] <bekks> Why dont you use "libapache2-mod-php5" and "php5"? Do you have any specific reason for using php-fpm since you actually dont use it?
[12:02] <lordievader> eagles0513875: I mean php5-fpm vs php5-common.
[12:02] <bekks> If you dont need fastcgi, uninstall it. And uninstall php5-fpm as well, since you dont need that, too.
[12:02] <eagles0513875> lordievader: others recommended i use php5-fpm
[12:02] <eagles0513875> i solved my problem by the way
[12:03] <lordievader> eagles0513875: Why did they recommend it?
[12:03] <eagles0513875> lordievader: for over all performance
[12:03] <bekks> No sane person on this planet would suggest php-fpm
[12:03] <eagles0513875> well its working btw
[12:03] <bekks> It is known to be a bug written for php.
[12:03] <lordievader> Hehe
[12:04] <eagles0513875> the issue is i set an idle time out in the global configuration of apache so it uses fastcgi for phpfpm according to the how to on how to forge and the idle time out was set to 60 sec i bumped it up to 70 and the errors disappear
[12:04] <bekks> eagles0513875: There you go: https://help.ubuntu.com/community/ApacheMySQLPHP -- no a single word about php.fpm
[12:05] <bekks> eagles0513875: 70s timeout for php? Thats not even a bug, but a headshot.
[12:05] <eagles0513875> fudge monkey
[12:05] <eagles0513875> now the errors are back
[12:05] <lordievader> php5-common is just fine in terms of performance.
[12:05] <lordievader> eagles0513875: Dude, do what bekks says. He knows his stuff!
[12:05] <eagles0513875> ok
[12:05] <bekks> eagles0513875: Follow the link given and get rid of that php-fpm crap.
[12:06] <eagles0513875> bekks: can i stay on the event driven version of apache
[12:07] <AtuM> Hi! Does anyone know of a working solution to the problem where gettys don't show up after boot... on 14.04 with the updated kernel
[12:07] <bekks> eagles0513875: No, php wont work with that - except for that fastcgi crap.
[12:08] <eagles0513875> bekks: the reason for going to this setup was due to how memory hungry prefork tends to be and im on a little vps which is already quite loaded with mail filtering etc
[12:08] <lordievader> bekks: Something tells me you don't like fastcgi :P
[12:08] <AtuM> I only see the first 3 seconds of boot sequence and after that the sceen does not refresh anymore.. switching console doesn't work..
[12:08] <bekks> lordievader: Oh, was that noticable? :P
[12:08] <bekks> eagles0513875: then configure it to not be that hungry.
[12:09] <eagles0513875> bekks: one thing i did notice as well compared to being on brefork is that the sites perform quicker then with prefork
[12:10] <eagles0513875> if im going to be reconfiguring things I am thinking about switching to nginx
[12:10] <bekks> You can configure memory cache modules etc. for php as well.
[12:10] <lordievader> bekks: Not in the least ;)
[12:10] <eagles0513875> ok let me get rid of php-fpm mod fastcgi and install mod php and apache prefork
[12:11] <bekks> Finally :)
[12:12] <eagles0513875> bekks: to make sure im installing the right package on 12.04 its apache2-mpm-prefork correct
[12:14] <bekks> eagles0513875: Yes.
[12:14] <eagles0513875> sorted :d
[12:14] <eagles0513875> :D
[12:15] <eagles0513875> bekks: how can i make sure it doesnt eat up all my ram
[12:15] <bekks> eagles0513875: By configuring the prefork module.
[12:16] <eagles0513875> bekks: http://pastebin.com/pHQcAJXN
[12:16] <eagles0513875> thats what i have right now
[12:16] <eagles0513875> im guessing lowering the number of servers started
[12:16] <eagles0513875> as well as the minimum
[12:16] <bekks> eagles0513875: You should read the apache first.
[12:16] <eagles0513875> bekks: ok what is my suggested reading
[12:17] <bekks> The section about the prefork module...
[12:18] <bekks> eagles0513875: http://httpd.apache.org/docs/2.2/en/mod/prefork.html there you go.
[12:20] <eagles0513875> thanks bekks :)
[12:21] <eagles0513875> hopefully i have things tweaked well
[12:22] <bekks> you're welcome :)
[12:22] <eagles0513875> i think i need to consider migrating to nginx lol :p
[12:22] <eagles0513875> bekks: what are your opinions on nginx
[12:22] <jdstrand> fyi, ufw is not Ubuntu specific, it is in Debian and Arch and others iirc
[12:24] <eagles0513875> jdstrand: that was a my bad on my part as I never really ventured out of the world of ubuntu until recently
[12:25] <jdstrand> the 'u' in ufw makes it sorta seem that was, but fyi /usr/share/doc/ufw/README.gz ("what's in a name?" :)
[12:25] <jdstrand> s/was/way/
[12:27]  * ogra_ bets changing that wikipage name would help a lot :)
[12:34] <bekks> eagles0513875: I am using Apache :)
[12:35] <bekks> eagles0513875: Even on pretty memory constrained systems.
[12:35] <eagles0513875> really how constrained are we talking about
[12:35] <eagles0513875> this vps has 2g
[12:35] <bekks> 1g :)
[12:38] <eagles0513875> my vps's only recently got an upgrade they were on 1g and now they have been bumped up to 2
[12:38] <eagles0513875> ikonia: gave up on that setup and reverted as bekks suggested to mod php and apache prefork
[12:38] <ikonia> I said this to you god knows how long ago
[12:39] <eagles0513875> bekks: i think further tweaking on my part is necessary
[12:39] <bekks> eagles0513875: On 1g, I dont need to tweak :)
[12:39] <eagles0513875> i was at about 900mb of ram usage before with clam av and other email related things running now im up to 1.2g
[12:39] <bekks> And why is that critical? Unused RAM is wasted RAM.
[12:40] <bekks> If you dont want that second gigabyte to be used, ask your hoster to remove it from the config :)
[12:41] <phunyguy> If you are worried about OOM, you can set up a small swap file if you have the space on the VPS
[13:01] <lordievader> eagles0513875: My apache vm only has 512MB, or so.
[13:02] <lordievader> Even on that VM it didn't need to change anything. Ubuntu defaults just work.
[14:00] <cronus> hello, i have a problem with juju. i have installed juju-local. generated and environment and then switched to local provider. now when i run juju status i get ERROR state/api: websocket.Dial wss://10.0.3.1:17070/: dial tcp 10.0.3.1:17070: connection refused. any ideas how to resolve this? thanks.
[14:01] <cronus> I have installed juju earlier and worked nicely. this happened when i reinstalled juju. (14.04)
[14:18] <Skinner1> getting php to run in html or htm files on ubuntu 12.04 anyone know how, try adding a .htaccess file with AddType application/x-httpd-php .html .htm also play with apache2 but no joy, should be a simple matter as I thought php and html were like peas and carrots??
[14:18] <cronus> found it. somehow i managed to delete /usr/local/bin. i created it and now everything is ok. thanks
[14:21] <patdk-wk> Skinner1, why do that?
[14:21] <patdk-wk> why not just do a rewrite from .html to .php
[14:21] <patdk-wk> so much simpler
[14:21] <patdk-wk> and doesn't cause confusion to yourself
[14:23] <Skinner1> If thats the best, they guy who put the question to me has a lot of old tech sites
[14:24] <Skinner1> when you say rewrite to you mean just change extention and call to that
[14:27] <Skinner1> ok thanks
[14:33] <roaksoax>  /win 4
[14:52] <pseudo_> could someone point me towards documentation for setting up a static ip on ubuntu server?
[14:53] <Havenstance> server 13.10 im getting some apt-get errors when i run sudo apt-get update
[14:53] <Havenstance> http://pastebin.ubuntu.com/7315217/
[14:53] <ogra_> pseudo_, man interfaces
[14:54] <Pici> Havenstance: you have duplicate entries.  see lines 21 and 25 and line 10.
[14:55] <pseudo_> ogra_: i have that interface setup, but restarting networking will not give me an ip address.
[14:55] <ogra_> why would you restart networking ? thats really harmful
[14:55] <pseudo_> lol, what?
[14:55] <ogra_> (since it tears out layers under your feet)
[14:55] <pseudo_> i have been able to restart networking on every operating system i have ever used.
[14:56] <ogra_> you want to use ifup/ifdown
[14:56] <ogra_> pseudo_, then you did it wrong and followed bad advise
[14:57] <pseudo_> ogra_: there is no reason not to restart the networking stack if your network configuration changes. unless you are in production and rely on other interfaces staying up, i don't see why it would matter.
[14:58] <ogra_> well, depends what you use
[14:58] <rbasak> pseudo_: it doesn't work. We had a UDS session on this.
[14:58] <ogra_> if there is i.e. dbus involved anywhere everything above it will be torn down
[14:58] <rbasak> pseudo_: it's remarkably complicated because interfaces can be hotplugged, and some interfaces depend on other interfaces.
[14:58] <ogra_> right
[14:59] <ogra_> anyway, forr your initial question ... edit /etc/network/interfaces and use ifup/down to stop start the interface
[15:00] <pseudo_> idk, seems to me like ubuntu is just overcomplicating the network subsystem. Then again I am not a kernel developer, so what do I know.
[15:00] <pseudo_> and yes, ogra_ that worked. thank you.
[15:00] <rbasak> What ogra_ said, but note that you should bring down the old interface using ifdown, then edit /etc/network/interfaces, then ifup.
[15:00] <ogra_> has nothing to do with ubuntu
[15:00] <ogra_> its not different in debian either
[15:01] <Havenstance> Pici, thank you
[15:01] <rbasak> Especially when switching from DHCP to static. Otherwise your old dhcpd won't be killed, and will change your static IP on renewal.
[15:01] <ogra_> just because people tell you on the interwebs that you should restart networking doesnt make it a proper action :)
[15:01] <ogra_> (thats like saying you have to reboot after editing a file in /etc)
[15:01] <rbasak> "restart" networking doesn't really make any sense anyway.
[15:01] <rbasak> If you really want it, then reboot.
[15:05] <pseudo_> well thanks for the help. i am still gonna use the init.d interface to restart networking on all my other distros. if anything blows up i will think back to this conversation and you all will be vindicated.
[15:06] <ogra_> it is like replacing the gearbox every time you switch gears in your car :)
[15:21] <axisys> sdb failed and when I replaced it with a new disk it shows up as sdc
[15:22] <axisys> how do I remove sdb from mdadm ?
[15:22] <axisys> active raid1 sdc2[1] sdb2[2](F) sda2[0]
[15:24] <Emmanuel_Chanel> Hello!
[15:24] <Emmanuel_Chanel> I upgraded my server's OS from Ubuntu 12.04 to Ubuntu 14.04. So its ProFTPd server is upgraded, too. And I cannot upload files bigger than 600MB or so with lftp. How can I help that?
[15:24] <Emmanuel_Chanel> I can upload those files with gftp. But I want to enable lftp to upload them.
[15:52] <eagles0513875_> bekks: you still around
[15:52] <eagles0513875_> bekks: i need to further tune apache damn thing almost ate up all the ram but it for sure ate up all th eswap space :(
[15:53] <lordievader> eagles0513875_: Isn't that wanted? I want apache to use all the ram it can.
[15:53] <eagles0513875_> lordievader: not quite on this server
[15:53] <lordievader> eagles0513875_: Have you read linuxatemyram.com?
[15:53] <eagles0513875_> no but i will now
[15:54] <ikonia> if it's swapping, you're screwed
[15:54] <lordievader> I think/assume it is just cache.
[15:54] <eagles0513875_> ikonia: it is
[15:54] <eagles0513875_> cant i tweak apache or am i screwed either way
[15:54] <ikonia> how agressivly is it swapping ?
[15:54] <eagles0513875_> filled up the entire swap partition
[15:54] <eagles0513875_> when i tried to load a website that is on this server it was getting database errors
[15:55] <eagles0513875_> im not sure if that is related to apache at all or not unable to spawn new processes
[15:57] <belkinsa> Which one are you Peter Matulis?  pmatulis?
[16:00] <ikonia> eagles0513875_: so you're in trouble, stop your apache process
[16:01] <eagles0513875_> ikonia: ok and then what
[16:02] <ikonia> let your machine calm down
[16:02] <ikonia> then asses the problem
[16:02] <ikonia> eg: is it over loaded/under resourced etc
[16:02] <eagles0513875_> ok
[16:03] <eagles0513875_> ok with apache stopped ram usage is 272 mb
[16:03] <eagles0513875_> i think i just needed to tweak the prefork settings a bit more
[16:05] <eagles0513875_> will be  monitoring it throughout the evening
[16:06] <lordievader> Zabbix \o/
[16:07] <eagles0513875_> lordievader: ?
[16:07] <Havenstance> has anyone here ever used zentyal with ubuntu server? I'm asking here as a very last resort btw so I hope I don't upset anyone. If anyone has used it please PM me so we don't congest this channel with non pertinant information.
[16:08] <lordievader> eagles0513875_: Zabbix is a monitoring program.
[16:08] <eagles0513875_> lordievader: i need to setup something ilke that urgently
[16:08] <eagles0513875_> i was suggested to use mon
[16:08] <eagles0513875_> but there are so many. only one i have really worked with is nagious
[16:08] <ikonia> eagles0513875_: I thought you'd stopped using pre-fork ?
[16:08] <eagles0513875_> nagios
[16:08] <eagles0513875_> ikonia: i did but went back to it in this case.
[16:08] <ikonia> so you ignored the advice
[16:08] <ikonia> great
[16:09] <eagles0513875_> no
[16:09] <ikonia> ooh,
[16:09] <ikonia> explain ?
[16:09] <eagles0513875_> bekks: recommended i go back to using prefork and mod php instead of event driven with fastcgi
[16:09] <lordievader> eagles0513875_: We had Nagios + Cacti before but switched Zabbix since it does what those two do.
[16:09] <ikonia> eagles0513875_: ok, so you did follow what bekks said
[16:09] <ikonia> cool
[16:09] <eagles0513875_> ikonia: yes
[16:09] <lordievader> ikonia: Sometimes he listens ;)
[16:10] <eagles0513875_> i didnt have it tweaked very much and it ate up almost all the ram
[16:10] <ikonia> eagles0513875_: whats the reason then, is it over used, or under resourced ?
[16:10] <eagles0513875_> tweaked it a bit more and it seems stable now at around 300mb of ram or so
[16:10] <eagles0513875_> over used in this case.
[16:10] <eagles0513875_> i told prefork to start 2 servers and that is what ate up the ram
[16:11]  * lordievader wonders whats wrong with the defaults.
[16:11] <patdk-wk> I doubt that is what used up the ram
[16:11] <patdk-wk> forks share memory, till the process changes that ram
[16:12] <eagles0513875_> as well here i am running a mail server with all the spam filtering virus scanning etc
[16:12] <patdk-wk> though, I would love to know how you made apache use 280megs of ram
[16:12] <patdk-wk> normally well under 10megs for me
[16:12] <eagles0513875_> patdk-wk: the server isnt running only apache btw
[16:12] <eagles0513875_> there is postfix + dovecot + spamassassin + clamav as well
[16:12] <eagles0513875_> and from what I have read clamav is rather hungry on ram
[16:12] <patdk-wk> postfix, 10megs
[16:12] <patdk-wk> dovecot, maybe 50megs
[16:12] <patdk-wk> spamassassin, heh, 150megs
[16:12] <patdk-wk> clamav, 350megs
[16:13] <eagles0513875_> with all that runing im using 330mb
[16:13] <ikonia> eagles0513875_: how much ram does your server actually have ?
[16:13] <eagles0513875_> 2g
[16:13] <ikonia> what !!!!
[16:14] <ikonia> why are you saying "low ram" then
[16:14] <ikonia> 2G is loads
[16:14] <eagles0513875_> yes but before it was using about 1.8g
[16:14] <patdk-wk> not loads, but *enough*
[16:14] <patdk-wk> you aren't using mod_perl/mod_php/.... are you?
[16:14] <ikonia> eagles0513875_: how busy is your webserver
[16:14] <ogra_> 640k is enough for everyone
[16:14] <ikonia> what sort of hits
[16:14] <lordievader> eagles0513875_: Have you looked at what process was using all that ram?
[16:15] <eagles0513875_> ikonia: havent looked
[16:15] <ikonia> eagles0513875_: perhaps you should look
[16:15] <ikonia> a realistic sizing awareness is critical
[16:15] <eagles0513875_> ok
[16:39] <Lcawte> Can someone tell me how to get rid of the 10.33.248.0 route shown here: http://pastebin.com/AjV3Q95m ? I've tried route del <that ip> and it doesn't work...
[16:42] <patdk-wk> route del -net 10.33.248.0/20 gw 10.33.252.78
[16:44] <Lcawte> patdk-wk: route: netmask doesn't match route address
[16:44] <pmatulis> belkinsa: yes?
[16:44] <belkinsa> You are the driver of the server docs, right?
[16:44] <patdk-wk> maybe it was /21
[16:45] <pmatulis> belkinsa: pretty much, how can i help?
[16:46] <Lcawte> patdk-wk: Thanks, that did it :)
[16:46] <belkinsa> The Doc Team is having the next meeting on May 7at 1800 UTC and since you are the driver of the server side of the docs, you are welcome to add your items to the agenda: https://wiki.ubuntu.com/DocumentationTeam/MeetingAgenda
[16:47] <belkinsa> https://lists.ubuntu.com/archives/ubuntu-doc/2014-April/018875.html
[17:32] <justizin> hm, when i run do-release-upgrade on a freshly installed precise box, it says there are no new distros O.o
[17:32] <pmatulis> belkinsa: thanks for the note.  tip: use a person's irc nick otherwise your msg can easily go unnoticed
[17:32] <pmatulis> justizin: normal
[17:32] <justizin> why isn’t trusty available without -d ?
[17:32]  * justizin looks confused
[17:33] <pmatulis> justizin: there is some built-in logic that requires 14.04.1 to be available in order for a non-dev upgrade to proceed
[17:33] <pmatulis> which is pretty good IMO, but, yes, confusing
[17:34] <justizin> yah i can live with that :)
[17:34] <pmatulis> justizin: rock 'n roll
[17:35]  * justizin is cool with a policy that says: “are you sure you know what you’re doing?” :)
[17:47] <pmatulis> belkinsa: updated
[18:20] <belkinsa> pmatulis, thanks and sorry.
[18:57] <belkinsa> pmatulis, a user (jwcampbell) just commented on the agenda for your items.  I'm just letting you know there are comments that are not public.
[19:20]  * genii smacks sbattey with a large coffee mug
[19:29]  * genii smacks sbattey again
[19:37] <flg_> hi all
[19:37] <flg_> how i can install dolphin-emu in 14.04 ? the repository doesnt have this distro...
[19:37] <Shutterstrom> Good evening. I can't upgrade my Ubuntu 12.04.4 LTS to 14.04 LTS using do-release-upgrade.  I get this msg:
[19:37] <Shutterstrom> Checking for a new Ubuntu release
[19:37] <Shutterstrom> No new release found
[19:38] <Shutterstrom> I read something about using do-release-upgrade -d, but tht is for development release only (right?).
[19:38] <Shutterstrom> *that
[19:38] <flg_> update-manager -d (?)
[19:38] <Pici> !ltsupgrade
[19:38] <Pici> er
[19:39] <genii> Shutterstrom: What says the result of  tail -n1 /etc/update-manager/release-upgrades
[19:39] <Pici> The upgrade path to 14.04 from 12.04 will not be open until 14.04.1 is released.
[19:40] <Shutterstrom> genii: Prompt=lts
[19:40] <genii> Pici: Aaaaaaah
[19:40] <Shutterstrom> Pici: Ahh. Thanks
[19:40] <Shutterstrom> Thanks for the help/info.
[19:41] <Shutterstrom> Any idea of when this is out?
[19:41] <patdk-wk> !releaseschedule
[19:41] <patdk-wk> heh, no factiod for that?
[19:42] <Pici> https://wiki.ubuntu.com/TrustyTahr/ReleaseSchedule
[19:43] <Shutterstrom> Pici: July 24th Ubuntu Ubuntu 14.04.1
[19:43] <Shutterstrom> Thanks!
[19:43] <Pici> np
[19:44] <Shutterstrom> Have a great day all of you, helping out in this fantastic chat!
[19:45] <flg_> how i can install dolphin-emu in 14.04 ? the repository doesnt have this distro...
[19:45] <flg_> any way to use an older distro release?
[19:47] <pmatulis> belkinsa: not public?
[19:53] <DonRichie> Hi community people. Do you know the couchdb Logo? There is a software produkt which has the same logo but the guy on the couch has fallen off. Which Software was that?
[20:04] <flg_> how i can install dolphin-emu in 14.04 ? the repository doesnt have this distro...
[20:07] <pmatulis> flg_: what is delphin-emu ?
[20:07] <patdk-wk> oviously not ubuntu supported software
[20:08] <flg_> https://launchpad.net/~glennric/+archive/dolphin-emu
[20:08] <flg_> https://code.google.com/p/dolphin-emu/downloads/list
[20:08] <flg_> ...
[20:08] <flg_> im trying to resolve package dependency manually now...
[20:09] <pmatulis> wii/gamecube emulator
[20:09] <flg_> *ies
[20:09] <flg_> yess
[20:09] <flg_> like to test it
[20:09] <pmatulis> flg_: you're on your own i'm afraid.  i only see the dolphon file manager
[20:09] <flg_> there are 2 repositories for 13.10 and one for older releases, but not for trusty :(
[20:10] <pmatulis> damn, my fingers don't like that word dolphin
[20:10] <flg_> pmatulis: ;) oki
[20:10] <flg_> i understand :D
[20:12] <genii> flg_: That PPA seems fairly well maintained, they did a build only 3 days ago for instance. Probably just have to wait now until they add Trusty
[20:12] <pmatulis> flg_: how to use an older release?  you install it.  that PPA appears to work on Saucy, so install Saucy and and then the PPA
[20:13] <flg_> ... yeah ...
[20:33] <supton> ipv6 question: disabling ipv for all/default/lo interfaces successfully in sysctl.conf appears to be insufficient to prevent applications configured to listen on IPv6 from doing so?
[20:34] <supton> I want to disable IPv6 completely, but it appears I need to deal with these for all sorts of applications one-off, for nginx, sshd, postfix, munin-node -- all apparently listening on :: or ::1
[20:35] <patdk-wk> supton why not disable it in sysctl?
[20:35] <supton> patdk-wk: already did… services still listening....
[20:36] <supton> # lsof | grep LISTEN | grep IPv6
[20:36] <supton> this is on 14.04
[20:36] <patdk-wk> so?
[20:36] <supton> just appears that sysctl changes necessary, not sufficient
[20:36] <patdk-wk> listening already doesn't matter
[20:36] <supton> is is clutter and and a file descriptor open
[20:37] <patdk-wk> after you disabled ipv6 in sysctl, did ipv6 work?
[20:37] <patdk-wk> was something able to use it?
[20:38] <supton> patdk-wk: no, not routable
[20:38] <supton> e.g. no route to ::1
[20:38] <supton> but still clutter in terms of used file descriptors and noise-to-signal
[20:38] <patdk-wk> so ipv6 is disabled and doesn't work
[20:38] <patdk-wk> noise-to-signal? there is no signal
[20:38] <patdk-wk> linux is not analog
[20:39] <supton> patdk-wk: lsof | grep LISTEN | grep IPv6
[20:39] <supton> lists a bunch of lines I want gone
[20:39] <patdk-wk> don't see the problem
[20:39] <supton> so ipv6 is not totally disabled
[20:39] <patdk-wk> unload ipv6 module
[20:39] <patdk-wk> if that is what you want
[20:40] <patdk-wk> but that isn't going last you long
[20:40] <patdk-wk> ipv6 is going be required, very very soon
[20:41] <supton> patdk-wk: my gripe is only that all these services defaut configs listen on :: or ::1
[20:42] <supton> if I unloaded ipv6 in kernel, I suspect I might just see a bunch of things failing to start with getaddrinfo problems or similar, so I have to edit 6+ config files anyway instead of merely sysctl.conf
[20:43]  * supton marches off to the tedium
[20:44] <patdk-wk> no, instead of listening on ipv6+ipv4 they will just be on ipv4 only then
[20:46]  * supton works for an org flush in IPv4 space… has more addresses than Willy Wonka has candy
[20:46] <supton> but yeah, using both ipv4+ipv6 will be everybody's problem soon enough.
[21:29] <tgm4883> Is there some sort of web frontend for searching mail logs of a postfix server? I'm trying to replace our sophos email gateway but I've got some admins that aren't linux savvy
[21:29] <tgm4883> I just need them to be able to search messages sent though the server
[21:41] <bekks> tgm4883: Teach them how to use grep / egrep :)
[21:41] <tgm4883> bekks: if only...
[21:43] <huttan> tmwsiy: u could make that from scratch in 10ish min if ur savvy :)
[21:48] <huttan> tgm4883 rather
[22:11] <tgm4883> huttan: yea, I was hoping that I could get something that is supported by another company and not me :)
[22:52] <parallel21> I have winbind setup, and now I'd like to restrict the access to a security groups
[22:52] <parallel21> *group singular
[22:52] <parallel21> I have the sid and am using required_membership_of=sid
[22:52] <parallel21> But it doesn't seem to take