| TJ- | lorenz: I think at the shell prompt you'll probably need to do "export quiet=n; set -x" ". scripts/functions" ".scripts/local" "mountroot" | 00:00 |
|---|---|---|
| lorenz | TJ-: Where? | 00:00 |
| TJ- | lorenz: on the kernel command-line it should be "linux .... break=mountroot" | 00:00 |
| lorenz | TJ-: Oh! I thought I needed to modify the maybe_break in init | 00:01 |
| TJ- | lorenz: That'll drop the the shell prompt in /init just before the mountroot is done, so you can then do it manually using the commands above ^^^ | 00:01 |
| TJ- | lorenz: oh! no... they're clever ways for the script to test if you want it to stop at that point, and they use the kernel command-line to find out by looking for "break=xxxx" | 00:01 |
| TJ- | lorenz: if "xxxx" matches a "maybe_break xxxx" then the script stops at that point and drops to the shell prompt | 00:02 |
| lorenz | TJ-: Kernel panic: VFS: Unable to mount root fs on unknown-block(0,0) | 00:05 |
| TJ- | lorenz: hmmm! | 00:06 |
| TJ- | lorenz: possibly a side-effect of not quite having the correct manual steps, but did you get any debug output from the scripts to give us a clue? | 00:07 |
| TJ- | lorenz: when you call "mountroot" that's from "scripts/local", which first calls "pre_mountroot" in the same script file. That should be bombing you with useful info | 00:08 |
| lorenz | TJ-: I got in :) I adjusted my build process for the initrd's a bit | 00:08 |
| TJ- | OK :) | 00:09 |
| lorenz | TJ-: Verbosity level is up, should I now launch mountroot? | 00:10 |
| TJ- | lorenz: do all the steps I outlined above ^^^ | 00:11 |
| TJ- | lorenz: "export quiet=n; set -x" ". scripts/functions" ".scripts/local" "mountroot" | 00:11 |
| lorenz | TJ-: Ok, done. produced a whole lot of output. | 00:12 |
| TJ- | lorenz: And do you have a read/write root file-system? "cat /proc/mounts" | 00:12 |
| lorenz | TJ-: https://imgur.com/3CJKH4c | 00:13 |
| lorenz | TJ-: ext4 ro ... | 00:13 |
| TJ- | OK... so its done that all correctly, so lets see if we can manually complete init | 00:13 |
| lorenz | TJ-: It's still read-only? | 00:14 |
| TJ- | It should be | 00:14 |
| lorenz | TJ-: Ok | 00:14 |
| TJ- | lorenz: I'm trying to figure out an 'easy' way to get that script to pick up where it left off. | 00:15 |
| TJ- | lorenz: actually, I may be wrong there, it might be supposed to be writeable | 00:18 |
| TJ- | lorenz: "mountroot" does, eventually: "mount ${roflag} ${FSTYPE:+-t ${FSTYPE} }${ROOTFLAGS} ${ROOT} ${rootmnt}" | 00:19 |
| lorenz | TJ-: So it should be read-only. But where will it be remounted? | 00:20 |
| TJ- | lorenz: Actually no it ought to be read/write. it's mounted to ${rootmount} right now | 00:20 |
| TJ- | can you do "echo ${roflag}" | 00:21 |
| TJ- | lorenz: That should be "-w" | 00:21 |
| lorenz | TJ-: It is actually -r | 00:21 |
| TJ- | lorenz: Which is set by "${readonly}" ... echo that one too please | 00:21 |
| lorenz | TJ: echo ${readonly}: y | 00:22 |
| TJ- | lorenz: OK, we were correct the first time, the default value is "export readonly=y" | 00:22 |
| TJ- | lorenz: That is also set if "ro" is on the kernel command-line | 00:23 |
| lorenz | TJ-: Yes, that argument is set on the grub cli | 00:24 |
| TJ- | lorenz: OK... so that is good. The switch to read/write will be done when the real root /etc/fstab is read by mountall | 00:26 |
| TJ- | lorenz: OK... I can't see an easy way right now to continue execution in the ./init script, so the best thing to do is reboot it. | 00:27 |
| lorenz | TJ-: Can I execute mountall? | 00:27 |
| TJ- | not from the initrd no, it needs a restart with "break=XXX" | 00:29 |
| TJ- | lorenz: **without** "break=XXX" !!! | 00:29 |
| lorenz | TJ-: break=mountall or without break at all? | 00:30 |
| TJ- | without it at all. It's not given us any better info unfortunately, aside from we know the rootfs isn't having a problem being mounted | 00:30 |
| TJ- | lorenz: so now I'm looking at what happens once the real root-fs /sbin/init starts | 00:30 |
| lorenz | TJ-: Still breaking at plymouth-upstart-bridge | 00:31 |
| TJ- | It's really hard to think it through without being able to explore it directly. | 00:32 |
| lorenz | TJ-: What should I do? | 00:33 |
| lorenz | TJ-: I saw something: EXT4-fs: re-mounted. Opts: (null) | 00:34 |
| lorenz | TJ-: Shouldn't that be remount,rw? | 00:34 |
| TJ- | lorenz: I'm at a loss right now; I'd be looking for ways to monitor the boot scripts to find out what's happening | 00:35 |
| EzeQL | hi, im trying to setup postfix and dovecot. I am getting : Initialization failed: namespace configuration error: inbox=yes namespace missing | 00:36 |
| Macer | i just moved all my gear and it's nice to know that when it came to the ubuntu server all i had to do is turn my UPS on heh | 00:36 |
| Macer | booted, started my containers, done. | 00:36 |
| lorenz | EzeQL: Post your dovecot.conf somewhere | 00:37 |
| TJ- | lorenz: Check the "/etc/fstab" for the root file-system | 00:37 |
| TJ- | lorenz: Here I have "grep remount /var/log/dmesg" "[ 11.136487] EXT4-fs (dm-5): re-mounted. Opts: errors=remount-ro" and "/etc/fstab" "/dev/mapper/Hephaestion-Ubuntu_14.04_rootfs / ext4 errors=remount-ro 0 1" | 00:38 |
| lorenz | TJ-: I got /dev/sda1 / ext4 defaults 0 1 | 00:40 |
| TJ- | lorenz: that'd explain the null, but not why it doesn't remount rw | 00:41 |
| EzeQL | lorenz, http://pastebin.com/C0CNiDbE | 00:44 |
| lorenz | EzeQL: That file does nothing, when you remove the comments it just includes other stuff and nothing else | 00:46 |
| EzeQL | im following this: https://digitalocean.com/community/articles/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassasin | 00:47 |
| EzeQL | when i try to login using pop3: i get -ERR [SYS/TEMP] Internal error occurred. Refer to server log for more informatio | 00:47 |
| EzeQL | n. | 00:47 |
| lorenz | EzeQL: You missed step 4: You need to download the files from Dropbox | 00:48 |
| TJ- | lorenz: do you have in "/var/log/dmesg" or from "dmesg" "EXT4-fs (sda1) mounted filesystem with ordered data mode" for the root file-system ? | 00:49 |
| EzeQL | lorenz, are you sure? https://www.dropbox.com/s/wmbe3bwy0vcficj/etc-dovecot-dovecot.conf.txt compared to mine have some diffs | 00:50 |
| lorenz | TJ-: How should I check that? | 00:50 |
| lorenz | TJ-: Could I inject a custom init-script that prints out stuff? | 00:51 |
| TJ- | lorenz: "dmesg | grep 'ordered' " or "grep 'ordered' /var/log/dmsg" | 00:51 |
| lorenz | TJ-: I don't have access to a shell | 00:52 |
| TJ- | lorenz: of course! Grrr | 00:53 |
| EzeQL | lorenz, any hint? | 00:53 |
| EzeQL | quite tired of working on this | 00:53 |
| lorenz | EzeQL: The guys from digitalocean commented the main namespace out | 00:55 |
| lorenz | EzeQL: I can give you my config | 00:55 |
| EzeQL | lorenz, ok! | 00:56 |
| TJ- | EzeQL: It looks like you uncommented "#inbox = no" in "/etc/dovcot/conf.d/10-mail.conf" but not the surrounding "namespace"... it shouldn't be needed in most cases | 00:57 |
| lorenz | EzeQL: http://paste.ubuntu.com/7525600/ (single file) | 00:57 |
| lorenz | TJ-: It seems like that upstart fails | 01:03 |
| TJ- | lorenz: hmmm | 01:05 |
| TJ- | lorenz: the root-fs is 60GB isn't it? | 01:05 |
| lorenz | TJ-: Yes | 01:05 |
| lorenz | TJ-: The new one is only 40GB | 01:05 |
| TJ- | lorenz: I'm digging but not finding any clues | 01:05 |
| lorenz | TJ-: I booted in verbose mode with --verbose and found out that upstart is starting the services in precisely 5-second-intervals which is exactly the standard respawn limit (http://manpages.ubuntu.com/manpages/natty/man5/init.5.html) | 01:07 |
| TJ- | are the same processes being respawned | 01:09 |
| lorenz | TJ-: Yes | 01:09 |
| TJ- | you know how upstart works? emits events which jobs do things like 'start on filesystem started' | 01:10 |
| lorenz | TJ-: Yes | 01:10 |
| TJ- | I'm wondering if an early job isn't emitting its signal | 01:10 |
| TJ- | The other thing I'm wondering about is how long it is until udev starts | 01:11 |
| lorenz | TJ-: I never saw udev starting | 01:12 |
| TJ- | lorenz: hmmm | 01:13 |
| lorenz | TJ-: It tries to start plymouth-upstart-bridge over and over again | 01:14 |
| lorenz | TJ-: At 86 seconds it first launched mountall and afterwards it handles plymouth-ready events all over the place, but it's still being restarted all the time | 01:15 |
| TJ- | lorenz: and that fires on the "startup" event... I wonder if that is firing repeatedly because, maybe, udev fails to start | 01:15 |
| lorenz | TJ-: It seems that it starts a new service around every 30s and restarting the other ones constantly at a rate of one per 5 seconds. | 01:16 |
| TJ- | I think it's worth trying on the kernel command-line one or both of "nolapic" and "noapic" | 01:22 |
| lorenz | TJ-: No effect, I also tried them before. | 01:24 |
| lorenz | TJ-: I need to get upstart to print errors | 01:24 |
| TJ- | lorenz: it was a long shot... that'd only really apply to bare metal anyhow | 01:24 |
| TJ- | lorenz: http://askubuntu.com/questions/465193/14-04-pxe-slow-boot-process-udev-upstart-systemd | 01:28 |
| lorenz | TJ-: Looks exactly like my issue, besides that mine doesn't start at all | 01:29 |
| TJ- | here's some helpful shell terminal for boot debuging upstart http://upstart.ubuntu.com/wiki/Debugging#Boot_Problems | 01:30 |
| TJ- | lorenz: I recall a critical issue during the last cycle where an upstart script had a syntax error that caused upstart to fail... I wish I could remember the bug ref | 01:33 |
| lorenz | TJ-: Could it help to remove upstart scripts? | 01:35 |
| TJ- | ahhh, that was a SIGSEGV of /sbin/init due to a bad alsa-utils config | 01:37 |
| TJ- | lorenz: Those and sysvinit scripts, but it's a case of figuring out which ones | 01:37 |
| === Gallomimia_ is now known as Gallomimia | ||
| TJ- | lorenz: I wonder, have you tried updating the kernel to a newer release? | 01:44 |
| lorenz | TJ-: I can't do that anymore | 01:44 |
| lorenz | TJ-: I'm going to bed now. At least I know that the problem is upstart. I'll look into it tomorrow. | 01:45 |
| lorenz | TJ-: Thank you for your help, It's very appreciated. | 01:46 |
| TJ- | same here, it's almost 3am | 01:46 |
| Sachiru | Anyone use ZFS on ubuntu for production and manage to get it run stable? How much RAM did it eat up as minimum system requirements? | 05:36 |
| Sachiru_ | Anyone use ZFS on ubuntu for production and manage to get it run stable? How much RAM did it eat up as minimum system requirements? | 05:48 |
| Oplex | anyone running deluge web ui on headless server?? I am trying to figure out why my config file won't save .. | 06:02 |
| === Ursinha-afk is now known as Ursinha | ||
| === Sachiru_ is now known as Sachiru | ||
| jdstrand | soren: hi! did you ever get an answer to your question? | 06:42 |
| MannerMan | Sachiru: I'm running ZFS on Ubuntu 12.04, general recommendation is 1gb of ram per TB of storage for ZFS | 06:45 |
| MannerMan | I have 3 disks alá 1TB, and have dedicated 4gb to ZFS, run without issue for 1.5 year | 06:45 |
| jdstrand | soren: you probably want https://usn.ubuntu.com/usn-db/database.json.bz2 (https://usn.ubuntu.com/usn-db/database.json.bz2.sha256) | 06:47 |
| jdstrand | soren: that will have all active releases. for all releases since we began tracking, you can use database-all.bz2 | 06:47 |
| soren | jdstrand: Hi! | 07:02 |
| soren | jdstrand: No, I didn't get a response yet. | 07:02 |
| soren | jdstrand: I'll take a look at that database. That sounds like exactly what I need. | 07:02 |
| jdstrand | cool (and sorry I missed you before) | 07:03 |
| soren | jdstrand: No worries. I pretty much wandered off right after asking and just came back now, so your timing couldn't have been better. :) | 07:03 |
| soren | jdstrand: Still in Malta, I presume? | 07:03 |
| sarnold | Sachiru: check out #zfsonlinux -- ram usage depends if you turn on deduplication or not. you'll need at least one gigabyte per terabyte of storage that is being de-duplicated. | 07:05 |
| sarnold | Sachiru: there are known issues with memory accouting, you might wish to reduce the size of your ARC from the defaults if you're finding you're under significant memory pressure | 07:05 |
| sarnold | Sachiru: even though some people get zfs on / working, it feels like too much work to me. I'm intending on building a zfs storage box sometime soon and won't bother with zfs on root. | 07:06 |
| ruben23 | hi guys is it possible to ssh tunnel to a multiple web server on a remote server..? scenario is i have 1 firewall(publicIP) and 2 local webserver, and water to access the webpage on this both local webserer using SSL, problem they might be using same port 443 - standard fro SSL | 07:09 |
| Oplex | i'm kinda putoff by deluge, i just want something slim that works and will integrate with other programs like sickbeard / couchpotato etc... | 07:14 |
| soren | Oplex: I think you have the wrong channel. | 07:15 |
| === Lcawte|Away is now known as Lcawte | ||
| jdstrand | soren: yes, which is why I missed you-- sprinting is hard :) | 07:18 |
| morph- | anyone here use symfony? | 08:41 |
| === EzeQL is now known as Guest57558 | ||
| hxm | a spanish framework? | 09:50 |
| hazmat | stgraber, https://github.com/containers/container-rfc | 09:52 |
| Guest57558 | hi | 10:06 |
| === Ursinha is now known as Ursinha-afk | ||
| === EzeQL is now known as Guest97593 | ||
| === Ursinha-afk is now known as Ursinha | ||
| ruben23 | ok i have a windows PC and 2 remote linux server behind firewall..currently Linux1 is port frowarded for port 22 only and linux 2 are not.. this linux are both webserver with using SSL, 1. how to i ssh tunnel to linux1 to be able to display its SSL page on my windows PC browser and at the same time Linux 2 also same scenario, diaply the SSL page on my windows PC. | 11:37 |
| pmatulis_ | morning | 11:39 |
| Tazmain | hi all , does anyone know of a good backup program that can do a backup to a ftp ? | 11:42 |
| OpenTokix | Tazmain: rsnapshot probably | 11:42 |
| Tazmain | OpenTokix, I will have a look at that thank you. | 11:43 |
| OpenTokix | Tazmain: does it have to be ftp? | 11:43 |
| Tazmain | OpenTokix, as far as I am aware that is the only option that the place that hosts our server is giving us. | 11:44 |
| Tazmain | Its a local ftp to them | 11:44 |
| OpenTokix | Tazmain: ok | 11:45 |
| lool | stgraber: Would you know of a workaround or a patch for the unprivileged LXC bug? LP #1322067 | 11:58 |
| uvirtbot | Launchpad bug 1322067 in lxc "3.15.0-1.x breaks lxc-attach for unprivileged containers" [Undecided,Confirmed] https://launchpad.net/bugs/1322067 | 11:58 |
| zul | containers containers containers | 12:03 |
| montekki | hi all. how can i view packets that are dropped by interface? i know that for fedora there is dropwatch but i failed to make it work on ubuntu | 12:06 |
| stgraber | lool: it's already fixed | 12:11 |
| stgraber | lool: just waiting for the security team to fix apparmor so lxc actually migrates to utopic | 12:11 |
| === Mez_ is now known as Mez | ||
| stgraber | (kernel regression is making lxc's adt fail at the moment which in turn prevents cgmanager and systemd from migrating. jjohansen has a patch so this should be resolved soon) | 12:12 |
| lool | stgraber: oh sorry, I wonder why I still hit it | 12:13 |
| lool | stgraber: I'm on utopic | 12:13 |
| sarnold | montekki: if th epacket was dropped by the interface.. doesn't that mean it was -dropped-? as in, never makes it to the kernel? | 12:13 |
| stgraber | lool: unless you're using lxc from utopic-proposed, you don't have the fix, the fix will land in utopic's release pocket only once the utopic kernel is fixed and I can get lxc to pass adt testing again | 12:13 |
| jjohansen | lool: right, it passes the lxc tests, and I am putting together the pull request for the kt, it should go out in a few minutes | 12:14 |
| lool | kt? | 12:14 |
| lool | oh | 12:14 |
| lool | jjohansen: thanks | 12:14 |
| lool | so I guess workaround is to downgrade to older kernel | 12:14 |
| stgraber | lool: that or pull lxc directly from utopic-proposed | 12:15 |
| jjohansen | lool: right, if you drop back to the last 3.13 kernel it will work | 12:15 |
| hxm | hi, I am migrating a server and I want to create exactly the same user as it is in the old server, a part of use the same username, what else do I need to copy, the id and something more? | 12:17 |
| lool | stgraber: ah ok; I thought kernel upload was still pending in utopic; utopic-proposed packages worked | 12:18 |
| lool | thanks all | 12:18 |
| montekki | sarnold: nope in fact not, if kernel drops a packet due to some reason (like ipv6 when the host is not configured for it) this drop will also inc the counter of dropped packets in ifconfig | 12:19 |
| montekki | sarnold: at least i believe it is true for kernels newer than 2.6.something | 12:19 |
| sarnold | montekki: ahhh. thanks. | 12:22 |
| lorenz_ | TJ-: I replaced Upstart with systemd and figured out that udev causes the boot to hang | 12:35 |
| TJ- | lorenz_: Hmmm, is that a permanent fix or a proof of problem? | 12:37 |
| lorenz_ | TJ-: More a proof of problem. systemd also hangs at udev | 12:37 |
| lorenz_ | TJ-: At least it shows where it hangs | 12:38 |
| TJ- | lorenz_: OK. Those PPAs on that system, do any of them add custom udev rules "/etc/udev/rules.d/*" ? | 12:38 |
| TJ- | lorenz_: Or in "/lib/udev/rules.d/*" | 12:38 |
| lorenz_ | TJ-: I tried removing the complete /etc/udev/, replacing it with other versions, no luck. I haven't checked /lib/udev/rules.d yet | 12:39 |
| TJ- | lorenz_: if you can chroot mount the root file-system, you can do "dpkg-query -S /lib/udev/rules.d" to find any packages that add to that location | 12:40 |
| lorenz_ | TJ-: Yes, it worked: udev, consolekit, systemd, libsane:amd64, qemu-system-common, bridge-utils, hdparm, biosdevname, btrfs-tools, crda, keyboard-configuration, gnupg, dmsetup, docker.io, pulseaudio, xserver-xorg-core, util-linux, udisks2, librbd1, colord: /lib/udev/rules.d | 12:40 |
| TJ- | lorenz_: OK... I'm going to point at PPA-packages, like docker.io first as things to read and possibly disable | 12:42 |
| lorenz_ | TJ-: docker.io is from universe, but I'm gonna disable it anyways | 12:42 |
| TJ- | Is it? OK, hadn't realised that. | 12:43 |
| TJ- | lorenz_: Whilst you've got a full chroot, I'm wondering if it may be worth doing "apt-get --reinstall install udev udev libudev1 upstart" in case there is some corruption in the binary installation ? | 12:45 |
| lorenz_ | TJ: Done! I'm trying to boot now. | 12:46 |
| lorenz_ | TJ-: No luck. Still hanging at udev | 12:46 |
| TJ- | lorenz_: This is with systemd-init ? | 12:47 |
| lorenz_ | TJ-: Yes | 12:47 |
| TJ- | lorenz_: OK... have you had chance to use that debug technique I pointed to yesterday, where you start with init=/bin/sh, start a 2nd terminal "getty -8 -n -l /bin/sh 38400 tty2 &", , then do "exec /sbin/init" in the first terminal ? | 12:49 |
| TJ- | lorenz_: If that approach works, then you can move on to running "udevadm monitor ..." in the 2nd terminal | 12:49 |
| lorenz_ | TJ-: Nothing in dmesg, logs were not changed | 12:49 |
| lorenz_ | TJ-: I can do that | 12:50 |
| lorenz_ | TJ-: Hangs at /devices/virtual/vtconsole/vtcon0 | 12:54 |
| TJ- | lorenz_: oooo, real data at last :) | 12:54 |
| TJ- | lorenz_: I'd suggest expanding the usage now you know it works, by doing "udevadm monitor --kernel --property" so we can see the KEY=VALUEs being fed through | 12:55 |
| lorenz_ | TJ-: Ok, doing that | 12:55 |
| TJ- | lorenz_: that report was it very similar to "KERNEL[13.267429] add /devices/virtual/vtconsole/vtcon0 (vtconsole)" | 12:56 |
| lorenz_ | TJ-: Exactly that line (just another time) | 12:56 |
| TJ- | Great... I can follow your progress by viewing my local "/var/log/udev" | 12:57 |
| TJ- | lorenz_: Is the server self-contained, or, does it rely on an external service for authentication, such as using pam_console to query an LDAP server | 12:59 |
| lorenz_ | TJ-: nothing new hangs at the same position but shows now SEQNUM=1910 SUBSYSTEM=vtconsole UDEV_LOG=7 | 12:59 |
| TJ- | UDEV_LOG=7 ... will likely be the "debug" log setting | 13:01 |
| TJ- | Well, now we know what to look at... console.... so, any recent changes to the underlying console drivers, or graphics drivers (drm stuff maybe?) | 13:02 |
| lorenz_ | TJ-: Well, it doesn't have any special graphic drivers (it normally runs without a screen and is installed without a GUI) | 13:03 |
| TJ- | lorenz_: OK... here's what should come next (from my local udev log) http://paste.ubuntu.com/7529123/ | 13:04 |
| lorenz_ | TJ-: Mine stops at vtcon0 | 13:04 |
| TJ- | lorenz_: OK, another tack... how many CPUs have you allocated to the VM guest? | 13:06 |
| lorenz_ | TJ-: 2 CPUs | 13:06 |
| TJ- | Can you try it with 1? | 13:07 |
| lorenz_ | TJ-: Now udevadm monitor outputs "add /module/zswap (module)" as last line | 13:10 |
| TJ- | lorenz_: OK ... so this could be a kernel freeze up then | 13:10 |
| TJ- | lorenz_: what we see from udevadm is the events being supplied by the kernel... looks like they are drying up | 13:11 |
| lorenz_ | TJ-: I have no swap, so zswap is unlikely the issue | 13:11 |
| TJ- | I don't think the events we see are linked to the problem; I think there's something else going on. Are you booting with "debug" on the kernel command-line? I think we ought to be able to capture the kernel boot messages (maybe over a serial console connection) and review them carefully. | 13:14 |
| TJ- | This is where testing alternative kernel versions might help | 13:15 |
| lorenz_ | TJ-: I tried a lot of kernels, didn't help | 13:16 |
| TJ- | lorenz_: Do you have "/lib/udev/rules.d/85-lvm2.rules" | 13:21 |
| lorenz_ | TJ-: No | 13:21 |
| TJ- | OK ... strike one possible cause then :) | 13:22 |
| TJ- | lorenz_: On that 2nd (or a 3rd console) when it hangs can you capture "ps -efly" and let me see it? | 13:24 |
| TJ- | lorenz_: I'm exploring whether udev is modprobe-ing a kernel module which gets stuck | 13:25 |
| lorenz_ | TJ-: ps -efly hangs too | 13:28 |
| TJ- | So... kernel issue then | 13:28 |
| TJ- | so now we need to capture the kernel log (over serial maybe) as I described, and analyse it | 13:28 |
| lorenz_ | TJ-: Ok, so it works. How can I increase the verbosity, because it seems that it doesn't log much more than on the screen | 13:36 |
| TJ- | lorenz_: If you have "debug" on the kernel command-line that'll be max verbosity | 13:37 |
| TJ- | lorenz_: obviously, remove any "quiet" option since that is minimal logging | 13:37 |
| lorenz_ | TJ-: I found https://wiki.archlinux.org/index.php/Boot_debugging, I'm setting it to Heavy Debugging | 13:37 |
| TJ- | lorenz_: OK... the main benefit there is log_buf_len=10M... one thing to bear in mind, if the root issue is a timing issue, then adding too much debug output can actual slow things down enough to workaround the issue so it goes away :) | 13:39 |
| lorenz_ | TJ-: Well, I now get a lot of systemd messages, but still not more kernel messages | 13:44 |
| lorenz_ | TJ-: [ 1.598937] systemd[1]: systemd-random-seed-load.service changed dead -> start [ 1.601965] systemd[1]: Accepted connection on private bus. These are the last two systemd lines | 13:44 |
| TJ- | Grrr @ systemd hijacking the kernel logging | 13:45 |
| hallyn | wtf - rackspace suddenly seems to only have ubuntu 10.04 and 12.04 images for creating a server? | 13:52 |
| hallyn | i seem to be on an ancient view.... newest fedora is 17 | 13:52 |
| hallyn | zul: projected date for new libvirt? | 14:03 |
| Havenstance | is there a working tutorial on how to make mdadm send email notification of a failure event? | 14:07 |
| Havenstance | I know to process it needs a mail client to send with. I have SSMTP up but I can't seem to get it working for whatever reason. | 14:07 |
| raub | So I just updated postfix in my 12.04LTS server. And one of the things it did was to delete http://pastebin.com/0PrTwUkb from my main.cf. Does anyone know why? | 14:19 |
| TJ- | raub: did the postconf ask to replace the existing config file? | 14:20 |
| raub | TJ-: nope. It was completely automatic | 14:21 |
| raub | TJ-: I will not mention it also decided to reset my tls cert | 14:22 |
| TJ- | raub: updates should always prompt if you've changed the config file from standard | 14:22 |
| raub | I do agree, which why this was very, well, not pleasing | 14:22 |
| TJ- | raub: I *think* there should be upgrade logs in /var/log/apt/ or /var/log/dpkg/ or similar... can't recall if 12.04 has those or where they are, though | 14:23 |
| TJ- | raub: which version of postfix? I haven't seen an update in a while | 14:24 |
| raub | The file in question would be /var/log/apt/term.log | 14:24 |
| TJ- | raub: The latest update I have is "postfix (2.9.6-1~12.04.1)" from Febrauary | 14:26 |
| raub | dovecot-postfix 1:2.0.19-0ubuntu2 | 14:26 |
| raub | I will need to check the postfix package version | 14:26 |
| TJ- | Oh... dovcot! | 14:26 |
| lorenz_ | TJ-: I'm going to reinstall. Nothing seems to work :( | 14:26 |
| TJ- | raub: "dovecot (1:2.0.19-0ubuntu2.1)" ... May 14th | 14:27 |
| TJ- | lorenz_: It's very strange... wish I had access I'm intrigued as to what you've got there | 14:27 |
| raub | TJ-: http://pastebin.com/PE3qKqub | 14:27 |
| raub | main.cf is postfix | 14:27 |
| TJ- | raub: that *is* bad!, especially for a silent upgrade | 14:28 |
| TJ- | raub: bug-report it, that's really not good | 14:28 |
| TJ- | raub: I'm not using that package which is why I didn't see it | 14:29 |
| raub | I do not even know about mail-stack-delivery | 14:29 |
| raub | And, I now see I should not have used the postfix-dovecot "helpful" package, instead installing both separately as Xenu wanted | 14:30 |
| TJ- | raub: http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3430.html | 14:31 |
| uvirtbot | TJ-: Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430) | 14:31 |
| raub | I should be running dovecot 2 | 14:31 |
| raub | Lemme check | 14:31 |
| raub | 2.0.19. still behind times (I get mocked at #dovecot a lot) but not 1.1 | 14:32 |
| raub | hmmm, the more I read the CVE the more confused I am about the version number thingie | 14:33 |
| sarnold | heh, yeah, that's not a great summary. | 14:33 |
| TJ- | dovecot has several parallel 'stable' branches | 14:34 |
| raub | AFAIk they do want you to go to 2.X | 14:34 |
| raub | On an unrelated note, does any of you run sudo-ldap in 14.04? It is core dumping on me | 14:36 |
| sarnold | 10.04 LTS EOLs in eleven months, hopefully the few still using it will be upgrading soon :) | 14:36 |
| === swebb is now known as zz_swebb | ||
| raub | sarnold: you are such a joker | 14:36 |
| cloudman1 | happy with 12.04 here at the moment, still having problems installing Virtualmin on 14.04, webmin is ok though on it | 14:37 |
| cloudman1 | On a fresh install of 14.04 seem to be having problems with libapache2-mod-fcgid, wont install for some reason | 14:38 |
| sarnold | raub: hehe yeah, lucid isn't so bad. I was happy to say goodbye to hardy though. :) | 14:39 |
| === Lcawte is now known as Lcawte|Away | ||
| Havenstance | anyone know of a decent tutorial on SSMTP? | 15:04 |
| === Lcawte|Away is now known as Lcawte | ||
| qman__ | I use postfix regardless of how simple or complex the task, because it's easy to set up and widely supported | 15:12 |
| hydruid | Havenstance: the configuration for SSMTP is super simple, not much to it | 15:12 |
| === zz_swebb is now known as swebb | ||
| raub | Havenstance: what do you need to do with it? | 15:18 |
| raub | Of course I mean beyond sending mail out, but the particulars | 15:19 |
| Havenstance | trying to configure MDADM to use it to email failure notifications | 15:19 |
| Havenstance | but with my setup SSMTP will not authenticate properly | 15:20 |
| raub | Can you pastebin a defanged version of the config? | 15:20 |
| Havenstance | I've tried several different versions based on lots of different tutorials i've tried with it | 15:20 |
| Havenstance | If someone could pastebin a working one and I could sub my info maybe that might work? | 15:21 |
| Havenstance | i'll throw in what i have and what the terminal reads tho to help :) | 15:21 |
| raub | Havenstance: http://unixwars.blogspot.com/2013/08/installing-ssmtp-in-redhatcentos.html | 15:22 |
| raub | ignore the redhat/centos part | 15:22 |
| raub | Also has some test thingies | 15:22 |
| Havenstance | This is the pastebin of the config and the terminal readout from the attempted test pastebin.ubuntu.com/7530107/ | 15:30 |
| Havenstance | http://pastebin.ubuntu.com/7530107/ | 15:30 |
| Havenstance | there | 15:30 |
| Havenstance | it does not use SSL/TLS at all either | 15:31 |
| Havenstance | Username & PW Are correct also | 15:31 |
| raub | Can you telnet to mail.royscorner.com port 2626 and send email by hand? | 15:32 |
| raub | Also, I like to do ssmtp -v when testing | 15:32 |
| raub | And, is the machine in question in the internet or behind a firewall natting its way? | 15:33 |
| zul | hallyn: next week | 15:35 |
| zul | 1.2.5 is out next week so thats the next one | 15:35 |
| hallyn | zul: so you're waiting for 1.2.5 for utopic? | 15:36 |
| zul | yep | 15:37 |
| hallyn | suddenly rackspace gives me modern images again. starts building, now sits at 80% created for 3 minutes. | 15:37 |
| hallyn | zul: ok | 15:37 |
| * hallyn should look into digitalocean | 15:37 | |
| arosales | matsubara, I am yet again late on sending out the meeting minutes. I got the blog, email, and wikis updated. However, since this is such late notice that you are up next I am fine with chairing this week unless you would like too :-) | 15:38 |
| raub | Havenstance: testing smtp auth using telnet: http://www.ndchost.com/wiki/mail/test-smtp-auth-telnet | 15:39 |
| zul | hallyn: problems? | 15:40 |
| matsubara | arosales, I can do it. No worries, you paid your due already heh | 15:44 |
| arosales | thank you matsubara :-) | 15:44 |
| === psivaa is now known as psivaa-sprint | ||
| hallyn | zul: 99 | 15:54 |
| zul | hallyn: ? | 15:58 |
| === mrmist is now known as mist | ||
| hallyn | sorry just jokingly referencing http://youtu.be/WwoM5fLITfk | 15:59 |
| hallyn | but yeah rackspace is being very weird today | 16:00 |
| hallyn | and the build (jessie vm) is STILL at 80% built | 16:00 |
| zul | hallyn: are you joining the containers meeting on #openstack-meeting-alt? | 16:01 |
| hallyn | i'd thought this woudl be faster than building msyelf a new vm locally. i was wrong | 16:01 |
| hallyn | zul: hm, i guess. it conflicts :) | 16:01 |
| zul | hallyn: yep | 16:01 |
| FrEaKmAn_ | hi all.. I want to block a request from certain websites.. what is the best way to solve it? firewall? | 16:19 |
| cfhowlett | FrEaKmAn_ or blocked at the router ... | 16:20 |
| FrEaKmAn_ | no, I'm using VPS | 16:20 |
| cfhowlett | FrEaKmAn_ you could also edit your DNS to block | 16:20 |
| FrEaKmAn_ | ubuntu 12.04... | 16:20 |
| FrEaKmAn_ | but I'm no sure if I can block by ip | 16:21 |
| FrEaKmAn_ | but by referrer | 16:21 |
| TJ- | FrEaKmAn_: what do you mean by "block a request"? Web-sites don't generally make requests directly to other servers, their clients do | 16:21 |
| FrEaKmAn_ | http://semalt.com/ | 16:22 |
| FrEaKmAn_ | somebody is using this service to crawl/check my websites | 16:22 |
| FrEaKmAn_ | and it's getting on my nerves because it's killing my metrics | 16:22 |
| gaughen | matsubara, I think you set the new land speed record on getting the irc mtg done ;-) | 16:22 |
| TJ- | FrEaKmAn_: that sounds like blocking based on user-agent, or source IP range | 16:23 |
| TJ- | FrEaKmAn_: This might get you started: http://httpd.apache.org/docs/2.2/rewrite/access.html | 16:23 |
| matsubara | gaughen, heh I tend to rush these thing over. Hopefully I didn't miss anything | 16:23 |
| FrEaKmAn_ | TJ-, thanks.. I will check it out | 16:25 |
| FrEaKmAn_ | other question is which firewall do you recommend? | 16:25 |
| FrEaKmAn_ | I have few apps running at different ports and want to block access | 16:25 |
| TJ- | FrEaKmAn_: the one that's already there! netfilters, controlled by iptables or some higher-level tool | 16:25 |
| FrEaKmAn_ | ok | 16:26 |
| === Ursinha is now known as Ursinha-afk | ||
| hallyn | ahs3: around? | 17:07 |
| hallyn | ahs3: http://people.canonical.com/~serge/netcf-src-0.2.4/netcf_0.2.4-1.dsc appears to be testing well on jessie | 17:11 |
| cloudman1 | Hi apparently I cannot install 12.04 on a new server I got because the hardware is too recent, whats that all about?? | 17:12 |
| hallyn | waiting for some libvirt testing still, but i think it should be ready | 17:12 |
| TJ- | cloudman1: You'll need the HWE kernels (hardware enablement) https://wiki.ubuntu.com/Kernel/LTSEnablementStack | 17:13 |
| cloudman1 | Thanks, will tell my server people | 17:14 |
| cloudman1 | But I guess they will say we dont offer that etc | 17:15 |
| cloudman1 | I think I see theyre point | 17:15 |
| cloudman1 | thier | 17:15 |
| cloudman1 | or is it their | 17:15 |
| TJ- | yes, it is | 17:16 |
| cloudman1 | or they're | 17:16 |
| TJ- | "I before E except after C... except in their! | 17:16 |
| TJ- | they're is short for "they are" ... "their" is the possessive | 17:16 |
| cloudman1 | that i before c is complete nosense | 17:17 |
| cloudman1 | or i before e I mean | 17:17 |
| cloudman1 | its why I dont code | 17:17 |
| ahs3 | hallyn: dude. cool. could you drop me an email with that link in it so i don't forget? i'll see if i can get to it this week. | 17:28 |
| hallyn | ahs3: thanks, will do | 17:30 |
| ahs3 | hallyn: sweet. thx. | 17:31 |
| hallyn | ttyl | 17:31 |
| cloudman1 | TJ is that enable stack ok for 12.04 to 14.04?? | 17:41 |
| TJ- | cloudman1: see https://lists.ubuntu.com/archives/ubuntu-devel/2014-February/038042.html | 17:46 |
| teward | is rbasak alive at all? | 17:59 |
| nikki1 | hi | 18:00 |
| pmatulis_ | strange question teward | 18:00 |
| teward | pmatulis_, strange question because i'm trying to see whether the bug importance change he did on an nginx bug was automated or not :p | 18:00 |
| teward | some of the bug importance changes by people, they seem automated almost :P | 18:01 |
| pmatulis_ | teward: it just looks that way. bug #? | 18:01 |
| teward | give me a minute to grab it, chrome just exploded on me | 18:01 |
| pmatulis_ | ah | 18:02 |
| teward | Bug #1323387 | 18:02 |
| uvirtbot | Launchpad bug 1323387 in nginx "Auth Request module does not seem to be loaded in the "extras" package" [Medium,New] https://launchpad.net/bugs/1323387 | 18:02 |
| teward | not entirely certain that's a 'medium' but meh | 18:02 |
| teward | :P | 18:02 |
| teward | (extras package != main last i checked) | 18:02 |
| Havenstance | raub, it might be working now. I ran a test and it seemed to have went somewhere. took some playing | 18:08 |
| pmatulis_ | teward: is the workaround to load the module manually? | 18:09 |
| teward | pmatulis_, the workaround is a recompile, this isn't apache, so it's not as module-friendly | 18:09 |
| teward | pmatulis_, nginx doesn't have plug-and-play modules like apache does | 18:09 |
| pmatulis_ | ok | 18:09 |
| pmatulis_ | teward: so unable to implement the old username/password stuff on nginx in Trusty? | 18:10 |
| dasjoe | I'm trying to semi-automate a debootstrap deployment, any idea on how to get grub-pc not to ask me where it should install itself? | 18:10 |
| teward | pmatulis_, i... think it might be a bit different than basic username/password auth, AFAICT from the docs, it implements client auth based on the result of a subrequest | 18:11 |
| teward | and based on the status codes returned, access is allowed or refused | 18:11 |
| teward | (basic username/password auth exists as part of the auth basic module) | 18:11 |
| pmatulis_ | ah | 18:12 |
| teward | pmatulis_, i've never had to actually use this module | 18:12 |
| pmatulis_ | teward: why do you need it now? just curious | 18:12 |
| teward | pmatulis_, *points at the bug filer's name* | 18:12 |
| teward | you'll notice a difference between them and me :p | 18:12 |
| pmatulis_ | it's not you? | 18:12 |
| teward | pmatulis_, i'm just tryin to figure out why robie made it a medium | 18:12 |
| teward | pmatulis_, no, my LP is ~teward | 18:13 |
| teward | Thomas Ward (~teward) | 18:13 |
| teward | that != trevor slocum (bug filer) | 18:13 |
| teward | i just watch the nginx bugs like a hawk :P | 18:13 |
| teward | (USUALLY its my handiwork making minor patches for the package) | 18:13 |
| pmatulis_ | teward: we need to understand the impact to increase the importance | 18:14 |
| teward | pmatulis_, my concern is medium is too high | 18:14 |
| teward | not that it needs higher :P | 18:14 |
| pmatulis_ | oh! | 18:14 |
| teward | pmatulis_, two considerations on that: | 18:15 |
| pmatulis_ | teward: then Medium is good | 18:15 |
| teward | ok | 18:15 |
| pmatulis_ | teward: see https://wiki.ubuntu.com/Bugs/Bug%20importances | 18:15 |
| teward | pmatulis_, i'd say low because "moderate impact on non-core" | 18:15 |
| teward | and i'm familiar with bug importances, i do do triage work :P | 18:16 |
| teward | but meh | 18:16 |
| pmatulis_ | gotcha | 18:16 |
| * teward yawns | 18:16 | |
| teward | probably *not* the best thing ot be doing triage while recovering from the flu | 18:16 |
| teward | but i'm bored out of my skull watching netflix >.> | 18:16 |
| pmatulis_ | i watched a ghenkis khan (spelling?) one yesterday | 18:17 |
| teward | heh | 18:17 |
| rbasak | teward: what importance do you think it should be? | 18:17 |
| teward | rbasak, low, because "moderate impact on a non-core application" | 18:17 |
| rbasak | teward: sure. Go eahead and change it. | 18:17 |
| teward | rbasak, and i'm basing that on the nginx-extras package, since it's not the nginx-core package that's in main | 18:18 |
| teward | rbasak, done. | 18:18 |
| pmatulis_ | that's true | 18:18 |
| Havenstance2 | okay so this one is new... http://pastebin.ubuntu.com/7531067/ | 18:18 |
| Havenstance2 | any clues? | 18:18 |
| rbasak | teward: my main concern was to get the size of the server triage queue down. | 18:19 |
| teward | rbasak, true. i think we should be careful just activating arbitrary code though | 18:19 |
| teward | the code probably still exists in the code | 18:19 |
| rbasak | teward: and setting things to Low irks reporters sometimes, so maybe I err on the higher side to avoid getting into that debate. | 18:20 |
| rbasak | teward: is it supposed to be activated? That was what was implied in the bug to me. If not, then Wishlist? | 18:20 |
| teward | rbasak, its listed in the package description supposedly, but I don't have Synaptic on this system to check (only Trusty cli in a very poorly-resourced VBox VM) | 18:20 |
| teward | rbasak, i'm going to poke the changelog to see if it was ever deactivated | 18:21 |
| rbasak | teward: thanks for looking! Please do what you think is best (or leave it if you need to). | 18:23 |
| teward | rbasak, i'm hesitant to turn it on, but i can't check upstream or the PPAs as easily through my non-Ubuntu system | 18:23 |
| teward | (my Ubuntu system is in the middle of a rather large rsync operation backing up /home/* and /etc/ and the package list of what's installed) | 18:23 |
| teward | (in preparation for Precise -> Trusty upgrade) | 18:24 |
| teward | rbasak, the code exists, but it's probably supposed to be on but isn't. | 18:24 |
| teward | hmm... | 18:25 |
| teward | rbasak, this might be wishlist | 18:26 |
| teward | rbasak, according to http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/trusty/nginx/trusty/view/head:/debian/control that module isn't listed under the nginx-extras package description | 18:26 |
| Havenstance2 | Anyone have time to take a peek at something? I'm getting an error with SSMTP and Ubuntu Server | 18:27 |
| Havenstance2 | http://pastebin.ubuntu.com/7531067/ | 18:27 |
| teward | rbasak, FYI, package status -> Incomplete because there's no confirmation on this | 18:29 |
| teward | (I'm curious where they're seeing this, when it's *not* listed in the package) | 18:29 |
| teward | s/package status/bug status/ | 18:29 |
| n88 | afternoon guys... i'm trying to migrate my pure-ftpd users from one server to a replacement server... I apt-got installed pure-ftpd, configured it, added the ftpgroup group and ftpuser user accounts with the same GID and UID of the server i'm migrating from | 18:31 |
| n88 | copied over pure-ftpd.passwd and pure-ftpd.pdb | 18:32 |
| n88 | pure-pw mkdb'ed... but no dice... pure-pw list shows the same accounts on both servers now but the new one isn't allowing login | 18:32 |
| n88 | anyone done this before that can give me a hand ? | 18:33 |
| teward | rbasak, update: they confused the Debian package with the Ubuntu package. this is a Wishlist type bug. | 18:54 |
| RoyK | what's the reason noone's taking care of bug 1171945? | 18:58 |
| uvirtbot | Launchpad bug 1171945 in mdadm "Nested RAID levels aren't started after reboot" [Undecided,Confirmed] https://launchpad.net/bugs/1171945 | 18:58 |
| hxm | is it safe disable sendmail if I use postfix? | 19:03 |
| LearGear1 | Hi - does anyone know if Dell T110 server with Dell SAS 6/iR Raid controller will work out of the box with ubuntu? | 19:18 |
| lamont | hxm: if you install the postfix package, it (1) removes the sendmail package and (2) provides a daemon called sendmail/ | 19:23 |
| hxm | but there is a cron (dont know where) that does this (smmsp) CMD (test -x /etc/init.d/sendmail && /usr/share/sendmail/sendmail cron-msp) all the time | 19:25 |
| hxm | and is still running somehow | 19:26 |
| hxm | apt-get remove sendmail says there is no sendmail package to remove (already previously removed) | 19:26 |
| === Guest97593 is now known as EzeQL | ||
| === alexisb is now known as alexisb_bbl | ||
| Krugger | anyone using any other good centralized authentication mechanism than LDAP + Kerberos? | 20:39 |
| Patrickdk | heh? ldap + kerberos? | 20:40 |
| Patrickdk | one could use ldap, or kerberos | 20:40 |
| Patrickdk | but there is also radius | 20:40 |
| Patrickdk | also saml | 20:40 |
| Krugger | I just needed to authenticate a couple of users in several ubuntu server that are running SSH | 20:43 |
| Krugger | the problem is kerberos doesn't create the home directories and makes sure all user ID are the same across the whole cluster | 20:44 |
| Krugger | so I have to add LDAP in the mix | 20:44 |
| Krugger | and I really hate LDAP | 20:44 |
| Krugger | and NIS is an even worse solution | 20:45 |
| Krugger | was hoping someone had developed a nice solution for it | 20:46 |
| === mjohnson151 is now known as mjohnson15 | ||
| nwilson5 | haven't done anything with lvm before, but I'm assuming it's possible if I took 2 3TB drives to set it up as one 6TB partition ? | 22:21 |
| patdk-lap | nwilson5, sure | 22:30 |
| * genii resists the temptation to smack the crap out of copocaneta | 22:57 | |
| Patrickdk | genii, no need to resist | 23:04 |
| === swebb is now known as zz_swebb | ||
| === thumper is now known as thumper-otp | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!