=== Lcawte is now known as Lcawte|Away === stoned is now known as OmegaRugal === OmegaRugal is now known as Rugal === Rugal is now known as RugalBernstein [03:46] Quick question -- as at 10.04, apparmor doesn't work inside LXC. Anybody remember offhand if that got fixed later on? [05:04] twb: you can't currently nest apparmor profiles -- if you want to use apparmor within lxc, you'll need to configure lxc to not use apparmor to confine the container [05:06] twb: lxc currently relies upon apparmor to provide some aspects of the confinement, you'll need to either reproduce those inside the container or understand that it isn't as secure as it could be [05:12] okey dokey [05:16] hey folks what the best way to reload app on the start? [05:16] init? === RugalBernstein is now known as Nyle [05:17] fun: what are you trying to do? [05:18] sarnold: i run some python app I want to make sure it will start in case host happen to restart server for maintance [05:18] maintenance [05:18] fun: would you consider a system service or is it a 'user application'? [05:18] its important service [05:18] got to be up 24/7 [05:18] fun: then an init script is going to be a good approach :) [05:19] fun: there is some advice in writing upstart scripts here: http://upstart.ubuntu.com/cookbook/ [05:19] yes then I add ssh via pam only and server is secure:D [05:19] sarnold: have u ever used ssh with smart card? [05:20] even better than pam but not sure yet how to do it [05:20] fun: no :( I've wanted to try a smartcard for a while [05:22] can it be open pgp? [05:22] to auth? [05:22] fun: I've also thought about using a 2fa token like a yubikey or duo security.. [05:22] https://www.gnupg.org/howtos/card-howto/en/smartcard-howto-single.html#id2456489 [05:39] I just came back. [05:39] Oh [05:39] That replguy left. [05:39] I wonder if he got his issue resolved [05:39] www file permissions etc. [06:50] Good morning. [07:10] hi, not really a ubuntu-specific question, more a hardware question, but maybe someone here has a good idea: I'm going to buy a couple of Lenovo Thinkserver TS140 servers. I need to add a dual NIC. They say I should only use Intel I350-T2 NICs, but they're $130+...can I not just use older gen cards like this? http://www.ebay.com/itm/HP-NC360T-PCI-Express-Dual-Port-Gigabit-NIC-Network-Adapter-412651-001-High-/111342044670?pt=US_Internal_Network_Cards& [07:10] hash=item19ec80c5fe [07:10] link again as it was split: http://www.ebay.com/itm/HP-NC360T-PCI-Express-Dual-Port-Gigabit-NIC-Network-Adapter-412651-001-High-/111342044670?pt=US_Internal_Network_Cards&hash=item19ec80c5fe === Nyle is now known as stoned [08:02] hi - having an issue with the 2nd LAN NIC in an Ubuntu 14.04 server - on reboot eth1 keeps getting renamed - sometimes to em2, sometimes to rename4 [08:03] how can I prevent this ? [08:04] previously it would use info in /etc/udev/rules.d/ [08:04] in 14.04 how can I ensure the device name for eth1 stays constant ? [08:07] on previous version of ubuntu there would be the file generated - /etc/udev/rules.d/70-persistent-net.rules [08:08] that doesn't exist any more [08:09] it doesn't? [08:09] it could be really bad if the other NIC changed - thats part of a BRIDGE used for KVM.. [08:10] no - not on ubuntu 14.04 server [08:10] it does on my kubuntu 14.04 desktop [08:10] my servers are still on 12.04, so i'm not sure what to suggest [08:12] is there a way to generate the file /etc/udev/rules.d/70-persistent-net.rules anyone ? [08:13] Copy it from a previous install? [08:13] https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/1284043 [08:13] Launchpad bug 1284043 in biosdevname "udev renaming the same hardware network i/f to different name, breaks networking and firewall" [High,Confirmed] [08:14] i havent read through all the responses, not sure if theres a fix yet [08:14] Ben64: thanks [08:15] maybe here? https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/1284043/comments/15 [08:15] Launchpad bug 1284043 in biosdevname "udev renaming the same hardware network i/f to different name, breaks networking and firewall" [High,Confirmed] [08:22] is there a way also with ubuntu so that when you reboot the KVM host server the guests just suspend rather than shutdown? [08:26] i.e on centos there is the deamon libvirt-guests which you can set to suspend or shutdown guests when the kvm host reboots. === ABC-XYZ_ is now known as ABC-XYZ [08:26] is there anything similar in ubuntu server ? [08:29] yossarianuk: apt-cache search libvert [08:30] did you mean libvirt ? [08:32] yossarianuk: I did. Sorry. [08:33] owh: thanks - did that already can;t see the same type of deamon. [08:35] yossarianuk: I'd be *very* surprised if it's not in Ubuntu. It may be called something else, or done slightly differently. [08:38] !find libvirt [08:38] Found: libvirt-bin, libvirt-dev, libvirt-doc, libvirt0, libvirt0-dbg, libvirtodbc0, nova-compute-libvirt, python-libvirt, gir1.2-libvirt-glib-1.0, libvirt-glib-1.0-0 (and 8 others) http://packages.ubuntu.com/search?keywords=libvirt&searchon=names&suite=trusty§ion=all [08:53] sure - its just a config thing - [09:02] MM guys anyone know of a website that lets u make *.bla subdomains which u can set DNS on (like old co.cc /co.nr) [09:16] the 'fix' from https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/1284043/comments/15 did the job thanks [09:16] Launchpad bug 1284043 in biosdevname "udev renaming the same hardware network i/f to different name, breaks networking and firewall" [High,Confirmed] [09:23] it seems to be just HP hardwaere ? === RobertLaptop_ is now known as RobertLaptop === dms is now known as Facinorous_away [11:33] morning [11:34] morning! [11:36] how do I make ksm for KVM enabled at boot on Ubuntu ? [11:42] it not enabled in /sys/kernel/mm/ksm/run - i can enable it via 'echo 1 > /sys/kernel/mm/ksm/run' just wondering if one of the init/upstart scripts had the option. === sync0new is now known as sync0pate === Facinorous_away is now known as dms === kees_ is now known as kees === rvba` is now known as rvba [13:32] Is there a way I can see what cloud-init data or other configuration task data is being passed to Ubuntu 14.04? I've got an issue with a specific module of OpenStack. [13:33] If I specify a custom user for creation instead of ubuntu, everything appears fine if I create an instance on its own. But if I create that instance through Heat, the orchestration tool, with the same cloud-config file, the home folder permissions are not set correctly. [13:34] /home/user ends up being owned by root:root and with rwxr-xr-x permissions. [13:35] Actually, the permissions may or may not be an issue here. But the ownership is. === BlackDex_ is now known as BlackDex === Ursinha is now known as Ursinha-afk === PaulePan1er is now known as PaulePanter [14:30] am I allowed to ask a server-unrelated question, as it's quiet? [14:30] I'm wondering what people use for e-mail client [14:31] thunderbird is starting to drag [14:31] Don't think you'd be able to use it, but I use Apple Mail. [14:31] no, I wouldn't [14:31] looking for something on ubuntu [14:31] which is why I asked in here [14:31] even though it's unrelated :\ [14:36] sync0pate: mutt or die [14:36] lol ok... [14:38] I started using kmail as search in thunderbird was so bad [14:38] yeah, it's partly the search that's getting to me [14:38] and partly that it seems to not connect to mail after waking from hibernation [14:38] and just starts taking up more and more memory until I close it [14:39] that said I keep mutt configured just in case I get any akonadi freak outs === Ursinha-afk is now known as Ursinha [15:03] hi all. i have several spare dell power-edge server and would like to create a ubuntu cluster with them mainly for calculating stuff. my idea is to have one server as a hub with lot of Disk Storage that all other nodes can access also. good would be if the nodes could boot the operating system over the network at the startup like over pxe. my question is what for cluster software do you... [15:03] ...recommend for such a case ? what for possibility exist with ubuntu to use spare server mainboards without harddisk but with network card to create a powerfull cluster ? thanks in advance for the suggestions. [15:24] Is there a way I can see what cloud-init data or other configuration task data is being passed to Ubuntu 14.04? I've got an issue with a specific module of OpenStack. [15:24] If I specify a custom user for creation instead of ubuntu, everything appears fine if I create an instance on its own. But if I create that instance through Heat, the orchestration tool, with the same cloud-config file, the home folder permissions are not set correctly. [15:25] /home/user ends up being owned by root:root, which causes many problems with various programs. [15:33] jamespage, does the Ubuntu CI stuff test OpenStack Nova live migration (w/ CEPH) and/or does it test OpenStack Nova Image Resize (which appears to require working nova accounts and shared ssh keys)? [15:34] or is there somewhere I can go read up on which tests you guys are doing on commits/releases? (zul, jamespage , roaksoax )? [15:34] medberry: not really since thats going to be changing in utopic as well [15:35] zul, 'k, thanks. I may ask more ??? next week. [15:35] medberry: sure come hunt me down ;) [15:35] :-) [15:36] zul, what you test is changing or how nova does live mig and resize is changing in utopic? I guess you meant the former. [15:36] medberry: still tbd [15:37] nod thanks [15:47] medberry, we don't test live migration or resize yet [15:47] and resize does require ssh keys for the nova accounts [15:47] jamespage, many thanks. [15:47] that's certainly what we've found [15:47] medberry, this is an optional feature in the charms [15:47] even if it is ceph backended [15:47] juju set nova-compute enable-resize=true [15:47] jamespage, cool [15:47] * medberry is not , erm, um, using the charms.... [15:47] medberry, lol [15:48] medberry, bad boy :-) [15:48] * medberry hides [15:48] medberry, you can of course use the charms as a reference on how to set this up [15:48] medberry, they use root SSH for live migration and nova SSH for resize ops [15:48] jamespage, yep, I've done that for sure in some instances. And should have pointed folks therein yesterday. [15:48] both disabled by default for security reasons [15:49] we don't need root ssh for live migration (it just works with a ceph backend and shared filesystem on /var/lib/nova/instances ) [15:50] shared fs could be NFS, CephFS, sshfs, tin cans and string [15:50] zul, so I'm kind of cranky that sysvinit cannot get past autopackage testing 'cause neutron is not installable (so says infinity). [15:55] rtg: on utopic? [15:55] zul, yup [15:55] rtg: need to fix sqlalchemy today [15:56] rtg: im working on it [15:57] zul, ok, though it has been blocked for 10 days or so. dunno if neutron has been the root of the issue all along, but autopackage tests are failing for reasons outside of sysvinit changes. === wedgwood is now known as Guest3097 [15:58] rtg: yeah its not the root of the issue === wedgwood1 is now known as wedgwood === Lcawte|Away is now known as Lcawte === ryan`c is now known as ryan-c === Facinorous is now known as dms [16:33] where are bugs filed against ubuntu-cloud? [16:34] launchpad? [16:34] medberry: any pointer to a project there? [16:34] looking but not seeing cloud specific projects [16:35] redir, not sure what problem you are seeing. Probably specific to a package. What issue/package has an issue [16:35] ? [16:35] ie, ask more plainly about the issue and we'll get you to file a better bug [16:35] "ubuntu-cloud doesn't work" isn't going to get much eyeball traction [16:36] creating an ubuntu-cloud instance with LXC doesn't create the /etc/ssh/ssh_host_ed25519_key [16:36] medberry: which prevents login [16:37] an known issue in OpenSSH_6.6p1 solution is... [16:37] just don't know where to file it [16:37] or see if it is already known [16:38] so file it with LXC but I thought that worked fine. [16:38] hallyn may have more advice on where/what to file [16:39] OK. I'll put it in LXC to capture the info, can refile later if necessary [16:57] filed === rtg is now known as Guest62870 [17:14] So.. I'm playing with MAAS, but having an issue with trying to commission nodes. They PXE boot ok, and the status in the nodes list changes to "Ready", but I don't have WOL capability on these boards (despite the supermicro motherboard manual stating that it should work despite not having any option to enable it). So the MAAS controller can't turn the nodes on, which is fine I can turn them on myself, but when they boot to PXE after being [17:14] commissioned, they just hang on "trying to boot to blah-blah-blah" [17:15] I tried not booting to PXE post-commissioning but nothing's been loaded on the hard drive to boot to. [17:15] I tried using the ubuntu server install DVD and doing a MAAS setup, but after putting in the MAAS URL, it sigkills and turns off doing nothing productive that I can tell. [17:16] What am I doing wrong? === Ubu is now known as Ubu|miam [17:50] How do I install ssh-server? [17:56] Is it possible to join an Active Directory domain for centralized authentication? Is there an recommended way? (searching the web I can find many variants in blog posts) This is for 14.04. [17:56] Actually I'll ask this in #ubuntu since it's probably not server specific. [17:58] there are many ways to do it [17:59] likewise, sssd, samba, ... [18:00] ldap [18:01] +kerberos [18:01] and automount if the home is on a samba/windows/smb/cifs thing [18:18] I'm seeing something similar to this on 14.04 LTS running on EC2: https://bugs.launchpad.net/ubuntu/+source/linux-lts-raring/+bug/1195474 [18:18] Launchpad bug 1195474 in linux-lts-raring "xennet driver reports "skb rides the rocket" under moderate load" [Undecided,Confirmed] [18:19] Messages are the same, and there's dropped tx packets in ifconfig output. [18:20] Notably, between 13.10 and 14.04, MTU seems to have gone from 1500 and 9000. I've reversed it to 1500 on one of the redundant machines we have deployed and will monitor tonight as we get more load to see if that's the problem. [18:27] Alright, it turns out I got it working, I had to hit "Start node" then boot it quickly by hand. Now I have 2 nodes "Allocated to " [18:28] Which is great! But now attempting to bootstrap juju, I get this error: ERROR bootstrap failed: cannot start bootstrap instance: cannot run instances: gomaasapi: got error back from server: 409 CONFLICT (No matching node is available.) [18:34] Anyone? [18:52] so 14.X moved udev rules to /lib/udev/rules.d from /etc ? [18:53] hey Phibs :) I thought they lived in both for years? [18:54] well the /etc is empty now :) [18:54] ah, perhaps my laptop has some holdovers just because it had them before? [18:55] nod [18:55] shoulda symlinked the damn dir but hey [18:55] ubuntuyolo! [18:57] hmm maybe it was biosdevname [19:00] once I did biosdevname=0 and rebooted /etc/udev/rules.d was populated with the 70-persist ;0 [19:00] weird === mjohnson151 is now known as mjohnson15 [19:34] So, the EC2 machine whose MTU I adjusted to 1500 is running smooth. The one with the default MTU of 9000 is dropping a lot of connections. [19:37] And adjusting the bad one to 1500 just stabilized it. [19:37] stephank: So dont use jumbo frames. [19:38] The switches in the datacenter need to support that too, for reliable connections. [19:38] I'm not really requesting them. This appears to be normal behavior, the MTU on EC2 defaults to 9000 as of 14.04 [19:38] The app is requesting regular tcp sockets [19:45] * Term1nal sigh [19:46] Term1nal: sorry, I missed your question.. [19:46] So I worked through the issue I had before with no one paying any mind. Now I've got something new. I have the MAAS cluster managing DNS, but when I attempt to run juju status, it can't resolve the host. [19:46] Term1nal: you may wish to ask in #juju or #maas [19:46] oh :) === medberry is now known as Guest91632 [20:34] hey folks [20:34] how do you do? [20:35] I get message shutdown system down 3.11.0-19-generi Thu May 8 04:53 - 04:57 (00:03) [20:35] seems like host maintenance? [20:39] hey guys how often is the motd updated via update-motd [20:42] what is motd [20:42] fun: Message of the Day [20:42] message of the day [20:43] You know you're dealing with a Perl programmer when he writes a shell script and the first line is "die() { echo "$@" >&2; exit 1; }" [20:43] oki well I dont know, so far I learned to to use apache, nginx, mysql, maria db some php [20:43] :) [20:43] MTughan: lol [20:46] who here is equally good at IT and fixing car? [20:46] I wonder [20:51] wtf [20:51] sarkis: you? [20:52] well both require logical thinking [20:52] I am making a bit of a research lol === James` is now known as xnull [21:20] sarkis: it's updated at login [21:49] anybody know a workaround for getting python3.4's urllib to honor http_proxy env var? [21:49] Hmm.... ok [21:50] so I downloaded 14.04, installed it, configured MAAS, deployed juju. Now I was going to install openstack, it says to go add-apt-repository cloud-archive:icehouse [21:50] but I get the error: cloud-archive only supported on precise [21:52] Term1nal: apt-get update && apt-get -y upgrade [21:52] apt-get install python-software-properties [21:52] add-apt-repository cloud-archive:havana [21:52] anyone running time machine to Ubuntu 12.04 Server via AFP with no issues? [21:53] parallel21: the instructions given on the 14.04 download page specify using icehouse release? [21:53] Oh... then replace havana with icehouse? [21:53] All my incremental backups to my NAS box are huge, like 5-10GB, after only an hour of working (and nowhere near that many changed files), and the backups become corrupt about once a month. [21:53] ok, I'll try it [21:54] Term1nal: the cloud archive may not be 'supported' until 14.04.1 is released; that's when the updater tool will start suggesting 12.04 LTS users to upgrade to a newer release [21:54] =/ [21:55] :( [21:55] but still, one hopes that there's something available to help ensure 14.04.1 is ready for prime time.. [21:55] Term1nal: perhaps you don't need to use it because the openstack packages in 14.04 LTS are already 'new enough'? [21:56] Pretty cool documentation then.... [21:57] to spend 3 hours getting all this infrastructure all working step by step and dealing with out-of-date and invalid instructions every step of the way [21:57] then to be told to do something that isn't yet ready either. [21:58] /wg 3 [21:58] please file bug reports :) [22:05] * Patrickdk files a bug report [22:06] sarnold irc bot seems defective lately [22:06] Patrickdk: my pandaboard is unhappy :/ I'm ircing from my laptop until I figure out a solution [22:07] Patrickdk: of course my 'solution' in the back of my mind is building a zfs machine of doom with 9-14 drives ... === Lcawte is now known as Lcawte|Away [23:05] I have a comp that keeps dissapearing on the network. It has a valid ip address, no firewall. I keep trying to rsync files over and thats when the computer suddenly goes off the network [23:06] The computer is unable to ping anything and I'm unable to ping it. The network card appears to be fine though. And I can't find anything in the logs to show some sorta misbehavior or shutdown [23:09] parallel21: do other computers on the same switch have any issues? can you stick another computerinto that switch's port and make sure that the port on the switch is alright? does tcpdump on either this machine or other machines at the time of network stopping show naything interesting? [23:10] I had a network card that was broken, unless it was in promisc mode, it wouldn't receive packets correctly [23:10] always fun to diagnose those issues [23:10] Patrickdk: ha, how'd that happen? o_O [23:10] dunno [23:10] "runs tcpdump" *gee looks fine now boss* [23:10] yep :) [23:11] so.... did you leave it in promisc or did you replace the thing? :) [23:11] ran it for a few months in promisc, till Ireplaced it [23:11] * sarnold ^5s Patrickdk [23:11] this was back in like 97 or 98 [23:11] gigabit cards where expensive [23:12] oww [23:12] 100 was still hotness at that point [23:12] ya, 100 didn't last long for me [23:12] < a year [23:14] ya, what was it back then, 3c595 goodness :) [23:14] gigabit isa card [23:15] :) [23:20] Switch is fine [23:20] tcpdump doesn't show anything [23:20] I can reboot the machine and everythign will return to normal [23:20] And then rsync will kill it [23:21] does another machine try to steal this machine's IP address? [23:22] no, in fact this machine that dies is the dhcp server [23:23] but yeah, I'm certain no other machine is stealing the ip. [23:25] Hello. I've a machine running Ubuntu Server 12.04.4 LTS (GNU/Linux 3.2.0-61-generic x86_64). Its installed sshd is : OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012 [23:25] parallel21: that sounds sneakily like a duplicate mac address [23:25] I need to enabled elliptic curve algorithm use, which requires openssh v>= 6.5 [23:26] is it possible to upgrade just the Openssh on the existing server using some upgrade repo? [23:26] shauno: could you elborate? [23:26] *elaborate [23:27] if you have more than one machine with the same mac (it shouldn't happen, but it does), it'll confuse switches when they have to decide which port to route to [23:28] So override the mac-address to something new and see happens? [23:28] just something to keep in mind if you're trawling tcpdump - when it's unreachale, do you see things even arriving on its interface? [23:29] I've rebooted the machine [23:30] shauno: nice guess [23:30] Let see if I can kill it once more [23:30] parallel21: the ipwatchd, arpwatch, and arpalert packages may help catch this in the act if this is what is happening [23:31] oh it is completely a guess. it just sounds very familiar to something I've hit before. if you can't see packets arriving addressed to it, something elsewhere is intercepting them [23:32] a duplicate IP address will make the source machine send them to the wrong place - a duplicate mac address will cause switches in between to act unpredictably [23:37] And now everything suddently works [23:37] I have arpwatch arpalert ipwatchd running [23:38] Haven't rotated the mac-address... [23:39] hey folks I made bash script and added path to it in rc.local [23:39] when I run bash script.sh it works [23:39] on box restart it yet to start [23:39] using ubuntu 13.10 [23:41] fun: rc.local runs using 'sh' instead of 'bash' -- is that a potiential source of trouble for your script? [23:41] fun: the PATH and other environment variables may not have the values you expect; your script should set the variables it needs at the start [23:42] sarnold: oo lol I read online tutorial [23:42] it said make bash script and add path to rc.local [23:43] fun: oh, heh, did you set the permissions on the script to include execute privileges? [23:43] http://serverfault.com/questions/543138/bash-script-execution-through-rc-local [23:43] chmod +x [23:44] I even added exit 0 to the script [23:44] just in ace [23:44] case [23:45] you seem to be using an absolute path (/metadata) in the first instance, and a relative path (just metadata) in the others. are you sure it's running from / ? [23:45] fun: well, that example looks tolerable enough. [23:45] fun: can you pastebin your code? [23:45] yes [23:46] oh hah, 7 months ago, it's not the same script. I'll be quiet :) [23:47] http://pastebin.com/DeFidSkx sarnold [23:48] fun: aha ;) yeah this has a fair number of issues.. [23:48] lol like what? [23:48] it worked fine from terminal when I run bash script.sh [23:49] but as rc.local uses sh not bash hmm [23:49] fun: first, the path to your bitcoind may not be in your PATH at the time this executes; give it the full pathname. second, your current working directory will be / so your 'cd bitcoin-abe' command is likely going to fail -- you should give the full path to this directory, too. [23:49] i have copied bitcoind to /usr/local/bin/ [23:50] fun: the 'sleep 10' is a race condition, but it might be the best you can do. you might want to make it 20 or 30 or something when you finally run this thing for real, just to reduce the chances that you lose the race :) [23:50] so usually I can call it from anywhere but yes can add full path to it [23:50] yeah, /usr/local/bin make not in the PATH at the time this runs during boot [23:50] got it [23:50] roger :D [23:51] remaking [23:51] does that 'python -m Abe.abe --config abe.conf' command return quickly? [23:51] pretty quick [23:51] 1 to 3 seconds [23:55] rebootin [23:56] btw sarnold have u tried to use smart card today? :)