lorfds | catdaemon…yes indeed | 00:00 |
---|---|---|
Catdaemon | use key based authentication for good security, don't worry about blocking/changing the ssh port | 00:00 |
lorfds | catdaemon…isnt allow 80/tcp and allow 443/tcp the equivalent of allow http and https? | 00:00 |
sarnold | lorfds: well, blanket-allowing is probably fine, sshd hasn't had a huge problem in ages. | 00:00 |
lorfds | or does ipv6 change things? | 00:01 |
Catdaemon | I like using the names as it adds both rules by itself but it doesn't matter | 00:01 |
lorfds | what do you think about timezone? | 00:02 |
lorfds | is utc best? | 00:03 |
lorfds | i havent set up my own production server in a while, and i dont know what the kids are doing these days | 00:03 |
lorfds | damn kids | 00:03 |
lorfds | :P | 00:03 |
Catdaemon | depends what you're doing I guess | 00:03 |
lorfds | web server | 00:03 |
Catdaemon | I use UTC because it's the same as GMT and I live in london so it's gr8 | 00:03 |
lorfds | serving u.s. mostly | 00:03 |
sarnold | if you have staff/users in multiple timezones then I'd do UTC, but if you're the only admin, local is fine | 00:04 |
lorfds | i am…for now | 00:04 |
Catdaemon | just use UTC so you know it's UTC and don't have to worry about programs being weird | 00:04 |
lorfds | yeah thats why im thinking | 00:04 |
sarnold | Catdaemon: eh? I thought UK did summer-time as well and moves away from UTC for a few months each year? | 00:04 |
Catdaemon | yeah we do have BST but for 6 months of the year the time is correct | 00:05 |
Catdaemon | a broken clock is right twice a day! | 00:05 |
sarnold | :D | 00:05 |
ahmadgbg | hi guys, so i have my ubuntu server and i was thing about backup systems. What do you recommend? Nas with UPS? | 00:24 |
ahmadgbg | Hi guys, i have a ubuntu server and i wonder what is the best way to back it up? NAS with UPS? | 00:37 |
sarnold | ahmadgbg: "best" varies from person to person.. | 00:38 |
sarnold | ahmadgbg: some people like making CDs or tapes of their data, it's easy to store those off-site .. | 00:38 |
sarnold | ahmadgbg: some people like rsync t oanother server, as you've described | 00:38 |
qman__ | Cost, convenience, retention all go into that mix | 00:38 |
sarnold | ahmadgbg: some people like to upload to e.g. amazon glacier | 00:38 |
ahmadgbg | sarnold: So if i back it up with NAS, is that a good solution for ubuntu? | 00:42 |
sarnold | ahmadgbg: it can be, yes | 00:43 |
ahmadgbg | sarnold: how does the backup work? do i need the same drives as in the server (storage)? | 00:43 |
ahmadgbg | sarnold: or will i create a raid in the nas? | 00:44 |
sarnold | ahmadgbg: no, you can use whatever you want in the NAS system | 00:44 |
sarnold | ahmadgbg: you'll run a program like rsnapshot or rsync or amanda or bacula or duplicity or whatever to back up to your NAS system | 00:45 |
ahmadgbg | sarnold: lets say a drive failes in the server in a raid, the NAS drives are seperate from that right? | 00:45 |
ahmadgbg | sarnold: the backup is just the files right? not the whole raid system for the server | 00:47 |
sarnold | ahmadgbg: right, your NAS-based backup should still be there | 00:52 |
sarnold | ahmadgbg: depending upon your backup type, maybe your NAS would have synced from the server and destroyed some of the backup data. | 00:53 |
sarnold | you need to evaluate the software you pick to make sure it can recover what it needs to when you need it | 00:53 |
ahmadgbg | sarnold: okey! thanks! | 00:55 |
zombu2 | evening i m trying to get channel bonding to work on ubuntu server 14.04 but no dice so far | 02:09 |
zombu2 | any help would be apreciated | 02:09 |
Flam | I'm highly confused but for some reason my server can't connect to services at 127.0.0.1. I checked /etc/hosts and it's mapped to localhost. Unsurprisingly, localhost doesn't work either. | 04:45 |
Flam | i.e.: GET http://localhost:3001/socket.io/1/?t=1400301947427 net::ERR_CONNECTION_REFUSED // GET http://127.0.0.1:3001/socket.io/1/?t=1400301947427 net::ERR_CONNECTION_REFUSED | 04:46 |
zombu2 | firewall on? | 04:48 |
Flam | iptables yes | 04:50 |
Flam | but i opened those ports | 04:50 |
Flam | -A INPUT -p tcp --dport 3001 -j ACCEPT | 04:51 |
Flam | -A INPUT -p udp --dport 3001 -j ACCEPT | 04:51 |
zombu2 | hmm | 04:52 |
Flam | wget http://localhost and wget http://127.0.0.1 worked. Weeeird. | 04:52 |
zombu2 | sometimes ufw get in the way too | 04:53 |
Flam | Ah solved it, I'm stupid haha. It was JS running 127.0.0.1, which is ran on my machine | 04:53 |
zombu2 | ah | 04:53 |
Flam | Lol fail | 04:53 |
zombu2 | meh happens | 04:53 |
=== InFierno is now known as InFierno|AFK | ||
=== esde is now known as Guest57172 | ||
eagles0513875 | hey guys I have a number of accounts which are already on my server. What would be the easiest way to set a password expiration on them all at once | 08:03 |
bekks | for acc in account1 account2 account3; do sudo passwd -d $acc; done # untested | 08:05 |
eagles0513875 | bekks: any tested manner? | 08:06 |
bekks | Just test it out. | 08:06 |
bekks | I wont do anything automagically reading from /etc/passwd since you might accidentially disable a needed account, too. | 08:07 |
eagles0513875 | bekks: so in a nutshell you are saying its safer to just do it individually | 08:10 |
bekks | Yes. | 08:10 |
eagles0513875 | ok no problem gives me a good opportunity to clear out old accounts | 08:11 |
=== geowany_ is now known as geowany | ||
lordievader | Good morning. | 09:48 |
=== Guest57172 is now known as esde | ||
rostam | hi during installation of third party kernel module, lttng, I get following error: Can't read private key. Here is the pastebin for it: http://paste.debian.net/100134/ | 11:58 |
=== Ursinha is now known as Ursinha-afk | ||
=== Ursinha-afk is now known as Ursinha | ||
=== ciscam5 is now known as ciscam | ||
=== dw3 is now known as dw1 | ||
catphish | i have some servers where init appears to have gone a little insane at 2.5GB RAM and 80-100% cpu usage, is there any way i can investigate this? | 20:52 |
catphish | i enabled the debug log, it seems to be in a constant loop of "init: job_register: Registered instance /com/ubuntu/Upstart/jobs/network_2dinterface_2dsecurity/network_2dinterface_2fvethQMF01R" with various interfaces | 21:08 |
catphish | i fear there are too many NICs "registered" | 21:14 |
bekks | So how many interfaces are registered? | 21:15 |
catphish | i don't know, how can i find out? | 21:15 |
bekks | ifconfig -a would be a start | 21:15 |
catphish | there are about 350 currently active interfaces | 21:17 |
bekks | In a single server? :) | 21:17 |
catphish | indeed :) | 21:17 |
bekks | Which hardware is that? :P | 21:17 |
dasjoe | Sounds like a docker host | 21:17 |
catphish | it is a lxc host, yes | 21:18 |
catphish | but by itself, that's not a problem, i have a recently rebooted host with the same numbr of instances and no load from upstart | 21:18 |
catphish | so i'm thinking that over time an increasing number of old no longer used interfaces might be getting registered with some database | 21:19 |
catphish | no, on second thoughts, it's not that, that only happens once when changing the log level, i don't know what's actually upsetting it :( | 21:26 |
catphish | i also have another server that's not started any services after a reboot, i'm hoping it's just running a rather long disk check, but it's been an hour :( | 21:40 |
=== Malediction_ is now known as Malediction | ||
xeno2 | Sorry, but this is probably the better place anyway. | 23:05 |
xeno2 | So, the interface file. I don't see a place for that in vbox gui. I"ll ask on #vbox too. | 23:06 |
Yelu | xeno2, hi | 23:06 |
xeno2 | Sorry, but this is probably the better place anyway. | 23:06 |
xeno2 | So, the interface file. I don't see a place for that in vbox gui. I"ll ask on #vbox too. | 23:06 |
Yelu | xeno2, I agree | 23:06 |
xeno2 | Is that in VBoxManage? | 23:06 |
xeno2 | (and actually, these are VBox questions, so perhaps this isn't the best either) | 23:07 |
Yelu | no, we are talking about interfaces file in your guest. - vbox doesn't let you change ips from the outside | 23:07 |
Yelu | xeo2, PM me? | 23:07 |
xeno2 | PM? | 23:09 |
Yelu | xeo2, only a suggestion, if you want to talk privately via "private messages" (PM) here. | 23:09 |
xeno2 | Ok. In /etc/network directory or some such? | 23:10 |
Yelu | xeno2, yes | 23:10 |
xeno2 | Thank you for your patience. | 23:10 |
Yelu | xeno2, I got time, and had similar problems, also it's fun. - You're welcome ;) | 23:11 |
xeno2 | Ubuntu doesn't work with the mouse. | 23:12 |
xeno2 | I see a line: iface eth0 inet dhcp | 23:13 |
xeno2 | In interfaces already. | 23:13 |
xeno2 | Above that auto eth0 | 23:13 |
Yelu | that'S okay | 23:13 |
xeno2 | Then before that lo is defined first. | 23:13 |
Yelu | perfect | 23:13 |
Yelu | so should it be | 23:14 |
Yelu | iterfaces = checked. | 23:14 |
Yelu | next step: the network-manager in your gui | 23:14 |
Yelu | we define eth0 as static interface | 23:14 |
xeno2 | This server doesn't have a GUI. It's not nice like the Debian one. | 23:16 |
Yelu | xeno2, I'm so sorry, my bad. we are on a server then? okay | 23:17 |
xeno2 | Isn't there a plain iface command? You used to be able to use ifconfig to define these, but I've never done it with iface. | 23:17 |
bekks | So just use ifconfig | 23:17 |
Yelu | so we want to change the /etc/network/interfaces with "sudo nano ..." | 23:17 |
Yelu | bekks, why | 23:18 |
bekks | Yelu: cheater ;) | 23:18 |
Yelu | bekks, hi, thank you for the cheater, but why I'm? :) | 23:18 |
bekks | Yelu: Why not? ifconfig works, so no need to learn new commands for a tasks solution with known commands | 23:18 |
bekks | Yelu: Because that was the most obvious approach ;) | 23:19 |
Yelu | bekks, xeno2, so we do it as a team, okay? | 23:19 |
bekks | Consider me being level 2 support at this point ;) | 23:19 |
Yelu | nice | 23:20 |
xeno2 | Okay, I tried a few things from a web example, and so far it rejects. | 23:20 |
Yelu | xeno2, your are awake? | 23:20 |
xeno2 | I cannot pull it off, because no network connection. | 23:20 |
Yelu | ok | 23:20 |
xeno2 | So there is no cut and past of examples, because ubuntu server doesn't handle that well. | 23:21 |
Yelu | xeno2, I'll give you my interfaces, please be patient a short time ... thx | 23:21 |
xeno2 | But if I can see one that works, I can transcribe it. I found http://askubuntu.com/questions/342705/how-to-set-a-static-ip-address, but that multi-line thing doesn't seem to work for me. | 23:21 |
Yelu | xeno2, here you go => http://paste.ubuntu.com/7480860/ | 23:25 |
xeno2 | I will try. | 23:25 |
Yelu | xeno2, you have to pick an ip out of your subnet range of your (real) local lan, which isn't used | 23:26 |
xeno2 | It is saying "Cannot find device eth0" | 23:26 |
Yelu | xeno2, anf thiink about your firewall | 23:26 |
Yelu | xeno2, and think about your firewall | 23:27 |
xeno2 | And I try the syntax, and I get around the restart failures except that. | 23:27 |
xeno2 | No firewall. | 23:27 |
xeno2 | Just behind cable ISP. | 23:27 |
xeno2 | Keep in mind, the original vm works. It's just the clone that doesn't pick up the dhcp. | 23:27 |
donvito | lol ubuntu 12.04 only 64bit? | 23:27 |
xeno2 | That makes me think it's something that gets dropped in the cloning. | 23:27 |
Yelu | what is the outcome of ifdown eth0 and ifup eth0 | 23:27 |
xeno2 | ...I'll try. | 23:28 |
Yelu | yes, you cloned a guest ... mmmh | 23:28 |
xeno2 | interface eth0 not configured. | 23:28 |
xeno2 | That was the ifdown response. | 23:28 |
donvito | lol ubuntu 14.04 only 64bit? | 23:28 |
xeno2 | So 14.04 didn't do this, but Chef server won't work with 14.04. | 23:29 |
a1fa | hello, is there a way to encrypt root file system that will boot system w/o password, but wont allow single user boot w/o password? | 23:29 |
Yelu | rataplan for ifup | 23:29 |
xeno2 | What is rataplan? | 23:29 |
Yelu | if you beat a drum (like at a execution ...) | 23:29 |
Yelu | only joking ... | 23:30 |
xeno2 | I wonder if there is something that just automatically gets dropped from the vm in cloning. | 23:30 |
a1fa | yo-yo! | 23:30 |
xeno2 | It might be something 14.04 and Debian work around fine, but 12.04 Ubuntu didn't work with. | 23:30 |
Yelu | xeo2, another way could be, to power down the vm and delete the interface and set it up as new | 23:31 |
xeno2 | Ok. I'll try that. | 23:31 |
Yelu | xeno2, or to leave the first interface as is and set up an additinal one (which is to add in the guest again) | 23:31 |
xeno2 | Yes. | 23:32 |
xeno2 | Weird. It only allows me one eth, and that's eth0. | 23:33 |
xeno2 | This was a full clone, not a linked, by the way. | 23:33 |
xeno2 | It doesn't want to let me change it through the GUI. | 23:34 |
Yelu | xeno2, but it isn't running? - Then you can't change things there. | 23:35 |
xeno2 | No, it was powered down. | 23:36 |
xeno2 | You cannot use NAT Network at that point. It won't save. | 23:37 |
Yelu | xeno2, ok, another approach would be, to try to give the vm a new interace via VMBoxManage with CLI | 23:37 |
xeno2 | I tried a NAT, and a Local. It won't allow me to add a second eth, like eth1. I only get eth0 Bridged. | 23:37 |
xeno2 | Yes..checking results after boot first. | 23:38 |
Yelu | xeno2, how about changes to eth0 | 23:38 |
Yelu | xeo2, also not possible? | 23:38 |
xeno2 | No, it still blocks on boot for waiting eth0. | 23:38 |
xeno2 | I looked at advanced, and that didn't seem to have anything interesting. Specific suggestions? | 23:38 |
Yelu | xeo2, not atm - thinking ... | 23:39 |
xeno2 | It did not pick up anything for any of my 3 interfaces. | 23:39 |
xeno2 | It's like NICS Aren't Us in Clones. | 23:39 |
Yelu | xeno2, I did never have a vm, which behaved like that ehen it comes to changing interface parmeter and the like ... | 23:40 |
Yelu | ŵhen | 23:40 |
xeno2 | Well, I have seen Ubuntu behave this way otherwise, a little, but I don't have helpful knowledge to fix it. | 23:41 |
Yelu | I'll try to mimic your scenario here in my place - which is your setup? 14.04 Desktop as Vbox-Host? and a 14.04 Server as guest? | 23:42 |
xeno2 | I just checked the original once again, and it boots fine, and gets the network fine. | 23:42 |
Yelu | xeno2, then make a file system copy of the .vdi and change the uuid of the machine , power down the origiinal (if running) nd start the new vm and ceck | 23:43 |
Yelu | ^check | 23:43 |
Yelu | xeno2,if it behaves right, hust power down add or change the interface to your needs and check that. | 23:44 |
xeno2 | Okay,..uuid? | 23:44 |
Yelu | xeno2, please stand by ... | 23:44 |
Yelu | xeno2, vbox manual chapter 8.24 this is a command line interface cloning procedure | 23:47 |
xeno2 | Ok I'll look that up. | 23:47 |
Yelu | xwno2, maybe this gives us also a proof, if it is the GUI function call which is causing your problem | 23:49 |
xeno2 | Okay, you are NOT saying this is what causes the problem, but cloning this way may avoid it? | 23:49 |
xeno2 | The term "registered virtual hard disk image" is confusing me. | 23:50 |
Yelu | xeno2, I'm not sure, as I told you, that this behaviour is also unknown to me. - I wanted to test this next week | 23:50 |
Yelu | xeo2, reading ... | 23:50 |
xeno2 | Yes. Well, it appears I'm deadending on Chef server tonight. I'm sorry. It is better not to burn yourself out when you're not ready. I will try to help you when you have time, and you can reach me at the email I gave you. | 23:51 |
Yelu | xeno2, yes, registered is a machine, which is known by the progrm VirtualBox (you alreay cloned such a first machine) | 23:52 |
xeno2 | But I don't want to pull you in unfairly. | 23:52 |
a1fa | gentlemen, and ladies.. is there such thing as encrypted root fs w/o password, but single user mode would require pass? | 23:54 |
Yelu | xeno2, I've got no boss, so it's up to me, how I spend my time. - But if you want to suspend the work, it's no problem ;) | 23:55 |
xeno2 | I just reviewed the 14.04 clone, and comes up clean and fast. | 23:55 |
xeno2 | So it is apparently specific to the 12.04 Ubuntu. | 23:56 |
Yelu | xeno2, so this would be a good base to start again from? | 23:56 |
xeno2 | But it's only the clone of the 12.04, and not the original, that yields the problem. | 23:56 |
Yelu | xeno2, I see | 23:56 |
Yelu | xeno2, why not stick with 14.04? | 23:56 |
xeno2 | If you can suggest a bunch of combinations to clone by hand, I would be glad to try each one and see how they boot. | 23:56 |
xeno2 | Because chef server does not support it yet. They only have a take home install for 12.04 and earlier. | 23:57 |
xeno2 | Everyone else works off the cloud, and perhaps that's what I should do. However, I'd be happy to try the aforementioned combinations if you want, and it would be better for me to make it work. | 23:58 |
xeno2 | Otherwise, it just means I need to install on my original. | 23:58 |
xeno2 | And I can make more originals. | 23:58 |
xeno2 | So you don't hurt me to stop now, but I'm glad to go forward if you have some combination you'd like me to try. | 23:59 |
Yelu | xeno2, I will give you a cli cloning command i a couple of minutes (have to re-read manual or re-find my script) | 23:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!