[00:00] lorenz: I think at the shell prompt you'll probably need to do "export quiet=n; set -x" ". scripts/functions" ".scripts/local" "mountroot" [00:00] TJ-: Where? [00:00] lorenz: on the kernel command-line it should be "linux .... break=mountroot" [00:01] TJ-: Oh! I thought I needed to modify the maybe_break in init [00:01] lorenz: That'll drop the the shell prompt in /init just before the mountroot is done, so you can then do it manually using the commands above ^^^ [00:01] lorenz: oh! no... they're clever ways for the script to test if you want it to stop at that point, and they use the kernel command-line to find out by looking for "break=xxxx" [00:02] lorenz: if "xxxx" matches a "maybe_break xxxx" then the script stops at that point and drops to the shell prompt [00:05] TJ-: Kernel panic: VFS: Unable to mount root fs on unknown-block(0,0) [00:06] lorenz: hmmm! [00:07] lorenz: possibly a side-effect of not quite having the correct manual steps, but did you get any debug output from the scripts to give us a clue? [00:08] lorenz: when you call "mountroot" that's from "scripts/local", which first calls "pre_mountroot" in the same script file. That should be bombing you with useful info [00:08] TJ-: I got in :) I adjusted my build process for the initrd's a bit [00:09] OK :) [00:10] TJ-: Verbosity level is up, should I now launch mountroot? [00:11] lorenz: do all the steps I outlined above ^^^ [00:11] lorenz: "export quiet=n; set -x" ". scripts/functions" ".scripts/local" "mountroot" [00:12] TJ-: Ok, done. produced a whole lot of output. [00:12] lorenz: And do you have a read/write root file-system? "cat /proc/mounts" [00:13] TJ-: https://imgur.com/3CJKH4c [00:13] TJ-: ext4 ro ... [00:13] OK... so its done that all correctly, so lets see if we can manually complete init [00:14] TJ-: It's still read-only? [00:14] It should be [00:14] TJ-: Ok [00:15] lorenz: I'm trying to figure out an 'easy' way to get that script to pick up where it left off. [00:18] lorenz: actually, I may be wrong there, it might be supposed to be writeable [00:19] lorenz: "mountroot" does, eventually: "mount ${roflag} ${FSTYPE:+-t ${FSTYPE} }${ROOTFLAGS} ${ROOT} ${rootmnt}" [00:20] TJ-: So it should be read-only. But where will it be remounted? [00:20] lorenz: Actually no it ought to be read/write. it's mounted to ${rootmount} right now [00:21] can you do "echo ${roflag}" [00:21] lorenz: That should be "-w" [00:21] TJ-: It is actually -r [00:21] lorenz: Which is set by "${readonly}" ... echo that one too please [00:22] TJ: echo ${readonly}: y [00:22] lorenz: OK, we were correct the first time, the default value is "export readonly=y" [00:23] lorenz: That is also set if "ro" is on the kernel command-line [00:24] TJ-: Yes, that argument is set on the grub cli [00:26] lorenz: OK... so that is good. The switch to read/write will be done when the real root /etc/fstab is read by mountall [00:27] lorenz: OK... I can't see an easy way right now to continue execution in the ./init script, so the best thing to do is reboot it. [00:27] TJ-: Can I execute mountall? [00:29] not from the initrd no, it needs a restart with "break=XXX" [00:29] lorenz: **without** "break=XXX" !!! [00:30] TJ-: break=mountall or without break at all? [00:30] without it at all. It's not given us any better info unfortunately, aside from we know the rootfs isn't having a problem being mounted [00:30] lorenz: so now I'm looking at what happens once the real root-fs /sbin/init starts [00:31] TJ-: Still breaking at plymouth-upstart-bridge [00:32] It's really hard to think it through without being able to explore it directly. [00:33] TJ-: What should I do? [00:34] TJ-: I saw something: EXT4-fs: re-mounted. Opts: (null) [00:34] TJ-: Shouldn't that be remount,rw? [00:35] lorenz: I'm at a loss right now; I'd be looking for ways to monitor the boot scripts to find out what's happening [00:36] hi, im trying to setup postfix and dovecot. I am getting : Initialization failed: namespace configuration error: inbox=yes namespace missing [00:36] i just moved all my gear and it's nice to know that when it came to the ubuntu server all i had to do is turn my UPS on heh [00:36] booted, started my containers, done. [00:37] EzeQL: Post your dovecot.conf somewhere [00:37] lorenz: Check the "/etc/fstab" for the root file-system [00:38] lorenz: Here I have "grep remount /var/log/dmesg" "[ 11.136487] EXT4-fs (dm-5): re-mounted. Opts: errors=remount-ro" and "/etc/fstab" "/dev/mapper/Hephaestion-Ubuntu_14.04_rootfs / ext4 errors=remount-ro 0 1" [00:40] TJ-: I got /dev/sda1 / ext4 defaults 0 1 [00:41] lorenz: that'd explain the null, but not why it doesn't remount rw [00:44] lorenz, http://pastebin.com/C0CNiDbE [00:46] EzeQL: That file does nothing, when you remove the comments it just includes other stuff and nothing else [00:47] im following this: https://digitalocean.com/community/articles/how-to-configure-a-mail-server-using-postfix-dovecot-mysql-and-spamassasin [00:47] when i try to login using pop3: i get -ERR [SYS/TEMP] Internal error occurred. Refer to server log for more informatio [00:47] n. [00:48] EzeQL: You missed step 4: You need to download the files from Dropbox [00:49] lorenz: do you have in "/var/log/dmesg" or from "dmesg" "EXT4-fs (sda1) mounted filesystem with ordered data mode" for the root file-system ? [00:50] lorenz, are you sure? https://www.dropbox.com/s/wmbe3bwy0vcficj/etc-dovecot-dovecot.conf.txt compared to mine have some diffs [00:50] TJ-: How should I check that? [00:51] TJ-: Could I inject a custom init-script that prints out stuff? [00:51] lorenz: "dmesg | grep 'ordered' " or "grep 'ordered' /var/log/dmsg" [00:52] TJ-: I don't have access to a shell [00:53] lorenz: of course! Grrr [00:53] lorenz, any hint? [00:53] quite tired of working on this [00:55] EzeQL: The guys from digitalocean commented the main namespace out [00:55] EzeQL: I can give you my config [00:56] lorenz, ok! [00:57] EzeQL: It looks like you uncommented "#inbox = no" in "/etc/dovcot/conf.d/10-mail.conf" but not the surrounding "namespace"... it shouldn't be needed in most cases [00:57] EzeQL: http://paste.ubuntu.com/7525600/ (single file) [01:03] TJ-: It seems like that upstart fails [01:05] lorenz: hmmm [01:05] lorenz: the root-fs is 60GB isn't it? [01:05] TJ-: Yes [01:05] TJ-: The new one is only 40GB [01:05] lorenz: I'm digging but not finding any clues [01:07] TJ-: I booted in verbose mode with --verbose and found out that upstart is starting the services in precisely 5-second-intervals which is exactly the standard respawn limit (http://manpages.ubuntu.com/manpages/natty/man5/init.5.html) [01:09] are the same processes being respawned [01:09] TJ-: Yes [01:10] you know how upstart works? emits events which jobs do things like 'start on filesystem started' [01:10] TJ-: Yes [01:10] I'm wondering if an early job isn't emitting its signal [01:11] The other thing I'm wondering about is how long it is until udev starts [01:12] TJ-: I never saw udev starting [01:13] lorenz: hmmm [01:14] TJ-: It tries to start plymouth-upstart-bridge over and over again [01:15] TJ-: At 86 seconds it first launched mountall and afterwards it handles plymouth-ready events all over the place, but it's still being restarted all the time [01:15] lorenz: and that fires on the "startup" event... I wonder if that is firing repeatedly because, maybe, udev fails to start [01:16] TJ-: It seems that it starts a new service around every 30s and restarting the other ones constantly at a rate of one per 5 seconds. [01:22] I think it's worth trying on the kernel command-line one or both of "nolapic" and "noapic" [01:24] TJ-: No effect, I also tried them before. [01:24] TJ-: I need to get upstart to print errors [01:24] lorenz: it was a long shot... that'd only really apply to bare metal anyhow [01:28] lorenz: http://askubuntu.com/questions/465193/14-04-pxe-slow-boot-process-udev-upstart-systemd [01:29] TJ-: Looks exactly like my issue, besides that mine doesn't start at all [01:30] here's some helpful shell terminal for boot debuging upstart http://upstart.ubuntu.com/wiki/Debugging#Boot_Problems [01:33] lorenz: I recall a critical issue during the last cycle where an upstart script had a syntax error that caused upstart to fail... I wish I could remember the bug ref [01:35] TJ-: Could it help to remove upstart scripts? [01:37] ahhh, that was a SIGSEGV of /sbin/init due to a bad alsa-utils config [01:37] lorenz: Those and sysvinit scripts, but it's a case of figuring out which ones === Gallomimia_ is now known as Gallomimia [01:44] lorenz: I wonder, have you tried updating the kernel to a newer release? [01:44] TJ-: I can't do that anymore [01:45] TJ-: I'm going to bed now. At least I know that the problem is upstart. I'll look into it tomorrow. [01:46] TJ-: Thank you for your help, It's very appreciated. [01:46] same here, it's almost 3am [05:36] Anyone use ZFS on ubuntu for production and manage to get it run stable? How much RAM did it eat up as minimum system requirements? [05:48] Anyone use ZFS on ubuntu for production and manage to get it run stable? How much RAM did it eat up as minimum system requirements? [06:02] anyone running deluge web ui on headless server?? I am trying to figure out why my config file won't save .. === Ursinha-afk is now known as Ursinha === Sachiru_ is now known as Sachiru [06:42] soren: hi! did you ever get an answer to your question? [06:45] Sachiru: I'm running ZFS on Ubuntu 12.04, general recommendation is 1gb of ram per TB of storage for ZFS [06:45] I have 3 disks alá 1TB, and have dedicated 4gb to ZFS, run without issue for 1.5 year [06:47] soren: you probably want https://usn.ubuntu.com/usn-db/database.json.bz2 (https://usn.ubuntu.com/usn-db/database.json.bz2.sha256) [06:47] soren: that will have all active releases. for all releases since we began tracking, you can use database-all.bz2 [07:02] jdstrand: Hi! [07:02] jdstrand: No, I didn't get a response yet. [07:02] jdstrand: I'll take a look at that database. That sounds like exactly what I need. [07:03] cool (and sorry I missed you before) [07:03] jdstrand: No worries. I pretty much wandered off right after asking and just came back now, so your timing couldn't have been better. :) [07:03] jdstrand: Still in Malta, I presume? [07:05] Sachiru: check out #zfsonlinux -- ram usage depends if you turn on deduplication or not. you'll need at least one gigabyte per terabyte of storage that is being de-duplicated. [07:05] Sachiru: there are known issues with memory accouting, you might wish to reduce the size of your ARC from the defaults if you're finding you're under significant memory pressure [07:06] Sachiru: even though some people get zfs on / working, it feels like too much work to me. I'm intending on building a zfs storage box sometime soon and won't bother with zfs on root. [07:09] hi guys is it possible to ssh tunnel to a multiple web server on a remote server..? scenario is i have 1 firewall(publicIP) and 2 local webserver, and water to access the webpage on this both local webserer using SSL, problem they might be using same port 443 - standard fro SSL [07:14] i'm kinda putoff by deluge, i just want something slim that works and will integrate with other programs like sickbeard / couchpotato etc... [07:15] Oplex: I think you have the wrong channel. === Lcawte|Away is now known as Lcawte [07:18] soren: yes, which is why I missed you-- sprinting is hard :) [08:41] anyone here use symfony? === EzeQL is now known as Guest57558 [09:50] a spanish framework? [09:52] stgraber, https://github.com/containers/container-rfc [10:06] hi === Ursinha is now known as Ursinha-afk === EzeQL is now known as Guest97593 === Ursinha-afk is now known as Ursinha [11:37] ok i have a windows PC and 2 remote linux server behind firewall..currently Linux1 is port frowarded for port 22 only and linux 2 are not.. this linux are both webserver with using SSL, 1. how to i ssh tunnel to linux1 to be able to display its SSL page on my windows PC browser and at the same time Linux 2 also same scenario, diaply the SSL page on my windows PC. [11:39] morning [11:42] hi all , does anyone know of a good backup program that can do a backup to a ftp ? [11:42] Tazmain: rsnapshot probably [11:43] OpenTokix, I will have a look at that thank you. [11:43] Tazmain: does it have to be ftp? [11:44] OpenTokix, as far as I am aware that is the only option that the place that hosts our server is giving us. [11:44] Its a local ftp to them [11:45] Tazmain: ok [11:58] stgraber: Would you know of a workaround or a patch for the unprivileged LXC bug? LP #1322067 [11:58] Launchpad bug 1322067 in lxc "3.15.0-1.x breaks lxc-attach for unprivileged containers" [Undecided,Confirmed] https://launchpad.net/bugs/1322067 [12:03] containers containers containers [12:06] hi all. how can i view packets that are dropped by interface? i know that for fedora there is dropwatch but i failed to make it work on ubuntu [12:11] lool: it's already fixed [12:11] lool: just waiting for the security team to fix apparmor so lxc actually migrates to utopic === Mez_ is now known as Mez [12:12] (kernel regression is making lxc's adt fail at the moment which in turn prevents cgmanager and systemd from migrating. jjohansen has a patch so this should be resolved soon) [12:13] stgraber: oh sorry, I wonder why I still hit it [12:13] stgraber: I'm on utopic [12:13] montekki: if th epacket was dropped by the interface.. doesn't that mean it was -dropped-? as in, never makes it to the kernel? [12:13] lool: unless you're using lxc from utopic-proposed, you don't have the fix, the fix will land in utopic's release pocket only once the utopic kernel is fixed and I can get lxc to pass adt testing again [12:14] lool: right, it passes the lxc tests, and I am putting together the pull request for the kt, it should go out in a few minutes [12:14] kt? [12:14] oh [12:14] jjohansen: thanks [12:14] so I guess workaround is to downgrade to older kernel [12:15] lool: that or pull lxc directly from utopic-proposed [12:15] lool: right, if you drop back to the last 3.13 kernel it will work [12:17] hi, I am migrating a server and I want to create exactly the same user as it is in the old server, a part of use the same username, what else do I need to copy, the id and something more? [12:18] stgraber: ah ok; I thought kernel upload was still pending in utopic; utopic-proposed packages worked [12:18] thanks all [12:19] sarnold: nope in fact not, if kernel drops a packet due to some reason (like ipv6 when the host is not configured for it) this drop will also inc the counter of dropped packets in ifconfig [12:19] sarnold: at least i believe it is true for kernels newer than 2.6.something [12:22] montekki: ahhh. thanks. [12:35] TJ-: I replaced Upstart with systemd and figured out that udev causes the boot to hang [12:37] lorenz_: Hmmm, is that a permanent fix or a proof of problem? [12:37] TJ-: More a proof of problem. systemd also hangs at udev [12:38] TJ-: At least it shows where it hangs [12:38] lorenz_: OK. Those PPAs on that system, do any of them add custom udev rules "/etc/udev/rules.d/*" ? [12:38] lorenz_: Or in "/lib/udev/rules.d/*" [12:39] TJ-: I tried removing the complete /etc/udev/, replacing it with other versions, no luck. I haven't checked /lib/udev/rules.d yet [12:40] lorenz_: if you can chroot mount the root file-system, you can do "dpkg-query -S /lib/udev/rules.d" to find any packages that add to that location [12:40] TJ-: Yes, it worked: udev, consolekit, systemd, libsane:amd64, qemu-system-common, bridge-utils, hdparm, biosdevname, btrfs-tools, crda, keyboard-configuration, gnupg, dmsetup, docker.io, pulseaudio, xserver-xorg-core, util-linux, udisks2, librbd1, colord: /lib/udev/rules.d [12:42] lorenz_: OK... I'm going to point at PPA-packages, like docker.io first as things to read and possibly disable [12:42] TJ-: docker.io is from universe, but I'm gonna disable it anyways [12:43] Is it? OK, hadn't realised that. [12:45] lorenz_: Whilst you've got a full chroot, I'm wondering if it may be worth doing "apt-get --reinstall install udev udev libudev1 upstart" in case there is some corruption in the binary installation ? [12:46] TJ: Done! I'm trying to boot now. [12:46] TJ-: No luck. Still hanging at udev [12:47] lorenz_: This is with systemd-init ? [12:47] TJ-: Yes [12:49] lorenz_: OK... have you had chance to use that debug technique I pointed to yesterday, where you start with init=/bin/sh, start a 2nd terminal "getty -8 -n -l /bin/sh 38400 tty2 &", , then do "exec /sbin/init" in the first terminal ? [12:49] lorenz_: If that approach works, then you can move on to running "udevadm monitor ..." in the 2nd terminal [12:49] TJ-: Nothing in dmesg, logs were not changed [12:50] TJ-: I can do that [12:54] TJ-: Hangs at /devices/virtual/vtconsole/vtcon0 [12:54] lorenz_: oooo, real data at last :) [12:55] lorenz_: I'd suggest expanding the usage now you know it works, by doing "udevadm monitor --kernel --property" so we can see the KEY=VALUEs being fed through [12:55] TJ-: Ok, doing that [12:56] lorenz_: that report was it very similar to "KERNEL[13.267429] add /devices/virtual/vtconsole/vtcon0 (vtconsole)" [12:56] TJ-: Exactly that line (just another time) [12:57] Great... I can follow your progress by viewing my local "/var/log/udev" [12:59] lorenz_: Is the server self-contained, or, does it rely on an external service for authentication, such as using pam_console to query an LDAP server [12:59] TJ-: nothing new hangs at the same position but shows now SEQNUM=1910 SUBSYSTEM=vtconsole UDEV_LOG=7 [13:01] UDEV_LOG=7 ... will likely be the "debug" log setting [13:02] Well, now we know what to look at... console.... so, any recent changes to the underlying console drivers, or graphics drivers (drm stuff maybe?) [13:03] TJ-: Well, it doesn't have any special graphic drivers (it normally runs without a screen and is installed without a GUI) [13:04] lorenz_: OK... here's what should come next (from my local udev log) http://paste.ubuntu.com/7529123/ [13:04] TJ-: Mine stops at vtcon0 [13:06] lorenz_: OK, another tack... how many CPUs have you allocated to the VM guest? [13:06] TJ-: 2 CPUs [13:07] Can you try it with 1? [13:10] TJ-: Now udevadm monitor outputs "add /module/zswap (module)" as last line [13:10] lorenz_: OK ... so this could be a kernel freeze up then [13:11] lorenz_: what we see from udevadm is the events being supplied by the kernel... looks like they are drying up [13:11] TJ-: I have no swap, so zswap is unlikely the issue [13:14] I don't think the events we see are linked to the problem; I think there's something else going on. Are you booting with "debug" on the kernel command-line? I think we ought to be able to capture the kernel boot messages (maybe over a serial console connection) and review them carefully. [13:15] This is where testing alternative kernel versions might help [13:16] TJ-: I tried a lot of kernels, didn't help [13:21] lorenz_: Do you have "/lib/udev/rules.d/85-lvm2.rules" [13:21] TJ-: No [13:22] OK ... strike one possible cause then :) [13:24] lorenz_: On that 2nd (or a 3rd console) when it hangs can you capture "ps -efly" and let me see it? [13:25] lorenz_: I'm exploring whether udev is modprobe-ing a kernel module which gets stuck [13:28] TJ-: ps -efly hangs too [13:28] So... kernel issue then [13:28] so now we need to capture the kernel log (over serial maybe) as I described, and analyse it [13:36] TJ-: Ok, so it works. How can I increase the verbosity, because it seems that it doesn't log much more than on the screen [13:37] lorenz_: If you have "debug" on the kernel command-line that'll be max verbosity [13:37] lorenz_: obviously, remove any "quiet" option since that is minimal logging [13:37] TJ-: I found https://wiki.archlinux.org/index.php/Boot_debugging, I'm setting it to Heavy Debugging [13:39] lorenz_: OK... the main benefit there is log_buf_len=10M... one thing to bear in mind, if the root issue is a timing issue, then adding too much debug output can actual slow things down enough to workaround the issue so it goes away :) [13:44] TJ-: Well, I now get a lot of systemd messages, but still not more kernel messages [13:44] TJ-: [ 1.598937] systemd[1]: systemd-random-seed-load.service changed dead -> start [ 1.601965] systemd[1]: Accepted connection on private bus. These are the last two systemd lines [13:45] Grrr @ systemd hijacking the kernel logging [13:52] wtf - rackspace suddenly seems to only have ubuntu 10.04 and 12.04 images for creating a server? [13:52] i seem to be on an ancient view.... newest fedora is 17 [14:03] zul: projected date for new libvirt? [14:07] is there a working tutorial on how to make mdadm send email notification of a failure event? [14:07] I know to process it needs a mail client to send with. I have SSMTP up but I can't seem to get it working for whatever reason. [14:19] So I just updated postfix in my 12.04LTS server. And one of the things it did was to delete http://pastebin.com/0PrTwUkb from my main.cf. Does anyone know why? [14:20] raub: did the postconf ask to replace the existing config file? [14:21] TJ-: nope. It was completely automatic [14:22] TJ-: I will not mention it also decided to reset my tls cert [14:22] raub: updates should always prompt if you've changed the config file from standard [14:22] I do agree, which why this was very, well, not pleasing [14:23] raub: I *think* there should be upgrade logs in /var/log/apt/ or /var/log/dpkg/ or similar... can't recall if 12.04 has those or where they are, though [14:24] raub: which version of postfix? I haven't seen an update in a while [14:24] The file in question would be /var/log/apt/term.log [14:26] raub: The latest update I have is "postfix (2.9.6-1~12.04.1)" from Febrauary [14:26] dovecot-postfix 1:2.0.19-0ubuntu2 [14:26] I will need to check the postfix package version [14:26] Oh... dovcot! [14:26] TJ-: I'm going to reinstall. Nothing seems to work :( [14:27] raub: "dovecot (1:2.0.19-0ubuntu2.1)" ... May 14th [14:27] lorenz_: It's very strange... wish I had access I'm intrigued as to what you've got there [14:27] TJ-: http://pastebin.com/PE3qKqub [14:27] main.cf is postfix [14:28] raub: that *is* bad!, especially for a silent upgrade [14:28] raub: bug-report it, that's really not good [14:29] raub: I'm not using that package which is why I didn't see it [14:29] I do not even know about mail-stack-delivery [14:30] And, I now see I should not have used the postfix-dovecot "helpful" package, instead installing both separately as Xenu wanted [14:31] raub: http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-3430.html [14:31] TJ-: Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430) [14:31] I should be running dovecot 2 [14:31] Lemme check [14:32] 2.0.19. still behind times (I get mocked at #dovecot a lot) but not 1.1 [14:33] hmmm, the more I read the CVE the more confused I am about the version number thingie [14:33] heh, yeah, that's not a great summary. [14:34] dovecot has several parallel 'stable' branches [14:34] AFAIk they do want you to go to 2.X [14:36] On an unrelated note, does any of you run sudo-ldap in 14.04? It is core dumping on me [14:36] 10.04 LTS EOLs in eleven months, hopefully the few still using it will be upgrading soon :) === swebb is now known as zz_swebb [14:36] sarnold: you are such a joker [14:37] happy with 12.04 here at the moment, still having problems installing Virtualmin on 14.04, webmin is ok though on it [14:38] On a fresh install of 14.04 seem to be having problems with libapache2-mod-fcgid, wont install for some reason [14:39] raub: hehe yeah, lucid isn't so bad. I was happy to say goodbye to hardy though. :) === Lcawte is now known as Lcawte|Away [15:04] anyone know of a decent tutorial on SSMTP? === Lcawte|Away is now known as Lcawte [15:12] I use postfix regardless of how simple or complex the task, because it's easy to set up and widely supported [15:12] Havenstance: the configuration for SSMTP is super simple, not much to it === zz_swebb is now known as swebb [15:18] Havenstance: what do you need to do with it? [15:19] Of course I mean beyond sending mail out, but the particulars [15:19] trying to configure MDADM to use it to email failure notifications [15:20] but with my setup SSMTP will not authenticate properly [15:20] Can you pastebin a defanged version of the config? [15:20] I've tried several different versions based on lots of different tutorials i've tried with it [15:21] If someone could pastebin a working one and I could sub my info maybe that might work? [15:21] i'll throw in what i have and what the terminal reads tho to help :) [15:22] Havenstance: http://unixwars.blogspot.com/2013/08/installing-ssmtp-in-redhatcentos.html [15:22] ignore the redhat/centos part [15:22] Also has some test thingies [15:30] This is the pastebin of the config and the terminal readout from the attempted test pastebin.ubuntu.com/7530107/ [15:30] http://pastebin.ubuntu.com/7530107/ [15:30] there [15:31] it does not use SSL/TLS at all either [15:31] Username & PW Are correct also [15:32] Can you telnet to mail.royscorner.com port 2626 and send email by hand? [15:32] Also, I like to do ssmtp -v when testing [15:33] And, is the machine in question in the internet or behind a firewall natting its way? [15:35] hallyn: next week [15:35] 1.2.5 is out next week so thats the next one [15:36] zul: so you're waiting for 1.2.5 for utopic? [15:37] yep [15:37] suddenly rackspace gives me modern images again. starts building, now sits at 80% created for 3 minutes. [15:37] zul: ok [15:37] * hallyn should look into digitalocean [15:38] matsubara, I am yet again late on sending out the meeting minutes. I got the blog, email, and wikis updated. However, since this is such late notice that you are up next I am fine with chairing this week unless you would like too :-) [15:39] Havenstance: testing smtp auth using telnet: http://www.ndchost.com/wiki/mail/test-smtp-auth-telnet [15:40] hallyn: problems? [15:44] arosales, I can do it. No worries, you paid your due already heh [15:44] thank you matsubara :-) === psivaa is now known as psivaa-sprint [15:54] zul: 99 [15:58] hallyn: ? === mrmist is now known as mist [15:59] sorry just jokingly referencing http://youtu.be/WwoM5fLITfk [16:00] but yeah rackspace is being very weird today [16:00] and the build (jessie vm) is STILL at 80% built [16:01] hallyn: are you joining the containers meeting on #openstack-meeting-alt? [16:01] i'd thought this woudl be faster than building msyelf a new vm locally. i was wrong [16:01] zul: hm, i guess. it conflicts :) [16:01] hallyn: yep [16:19] hi all.. I want to block a request from certain websites.. what is the best way to solve it? firewall? [16:20] FrEaKmAn_ or blocked at the router ... [16:20] no, I'm using VPS [16:20] FrEaKmAn_ you could also edit your DNS to block [16:20] ubuntu 12.04... [16:21] but I'm no sure if I can block by ip [16:21] but by referrer [16:21] FrEaKmAn_: what do you mean by "block a request"? Web-sites don't generally make requests directly to other servers, their clients do [16:22] http://semalt.com/ [16:22] somebody is using this service to crawl/check my websites [16:22] and it's getting on my nerves because it's killing my metrics [16:22] matsubara, I think you set the new land speed record on getting the irc mtg done ;-) [16:23] FrEaKmAn_: that sounds like blocking based on user-agent, or source IP range [16:23] FrEaKmAn_: This might get you started: http://httpd.apache.org/docs/2.2/rewrite/access.html [16:23] gaughen, heh I tend to rush these thing over. Hopefully I didn't miss anything [16:25] TJ-, thanks.. I will check it out [16:25] other question is which firewall do you recommend? [16:25] I have few apps running at different ports and want to block access [16:25] FrEaKmAn_: the one that's already there! netfilters, controlled by iptables or some higher-level tool [16:26] ok === Ursinha is now known as Ursinha-afk [17:07] ahs3: around? [17:11] ahs3: http://people.canonical.com/~serge/netcf-src-0.2.4/netcf_0.2.4-1.dsc appears to be testing well on jessie [17:12] Hi apparently I cannot install 12.04 on a new server I got because the hardware is too recent, whats that all about?? [17:12] waiting for some libvirt testing still, but i think it should be ready [17:13] cloudman1: You'll need the HWE kernels (hardware enablement) https://wiki.ubuntu.com/Kernel/LTSEnablementStack [17:14] Thanks, will tell my server people [17:15] But I guess they will say we dont offer that etc [17:15] I think I see theyre point [17:15] thier [17:15] or is it their [17:16] yes, it is [17:16] or they're [17:16] "I before E except after C... except in their! [17:16] they're is short for "they are" ... "their" is the possessive [17:17] that i before c is complete nosense [17:17] or i before e I mean [17:17] its why I dont code [17:28] hallyn: dude. cool. could you drop me an email with that link in it so i don't forget? i'll see if i can get to it this week. [17:30] ahs3: thanks, will do [17:31] hallyn: sweet. thx. [17:31] ttyl [17:41] TJ is that enable stack ok for 12.04 to 14.04?? [17:46] cloudman1: see https://lists.ubuntu.com/archives/ubuntu-devel/2014-February/038042.html [17:59] is rbasak alive at all? [18:00] hi [18:00] strange question teward [18:00] pmatulis_, strange question because i'm trying to see whether the bug importance change he did on an nginx bug was automated or not :p [18:01] some of the bug importance changes by people, they seem automated almost :P [18:01] teward: it just looks that way. bug #? [18:01] give me a minute to grab it, chrome just exploded on me [18:02] ah [18:02] Bug #1323387 [18:02] Launchpad bug 1323387 in nginx "Auth Request module does not seem to be loaded in the "extras" package" [Medium,New] https://launchpad.net/bugs/1323387 [18:02] not entirely certain that's a 'medium' but meh [18:02] :P [18:02] (extras package != main last i checked) [18:08] raub, it might be working now. I ran a test and it seemed to have went somewhere. took some playing [18:09] teward: is the workaround to load the module manually? [18:09] pmatulis_, the workaround is a recompile, this isn't apache, so it's not as module-friendly [18:09] pmatulis_, nginx doesn't have plug-and-play modules like apache does [18:09] ok [18:10] teward: so unable to implement the old username/password stuff on nginx in Trusty? [18:10] I'm trying to semi-automate a debootstrap deployment, any idea on how to get grub-pc not to ask me where it should install itself? [18:11] pmatulis_, i... think it might be a bit different than basic username/password auth, AFAICT from the docs, it implements client auth based on the result of a subrequest [18:11] and based on the status codes returned, access is allowed or refused [18:11] (basic username/password auth exists as part of the auth basic module) [18:12] ah [18:12] pmatulis_, i've never had to actually use this module [18:12] teward: why do you need it now? just curious [18:12] pmatulis_, *points at the bug filer's name* [18:12] you'll notice a difference between them and me :p [18:12] it's not you? [18:12] pmatulis_, i'm just tryin to figure out why robie made it a medium [18:13] pmatulis_, no, my LP is ~teward [18:13] Thomas Ward (~teward) [18:13] that != trevor slocum (bug filer) [18:13] i just watch the nginx bugs like a hawk :P [18:13] (USUALLY its my handiwork making minor patches for the package) [18:14] teward: we need to understand the impact to increase the importance [18:14] pmatulis_, my concern is medium is too high [18:14] not that it needs higher :P [18:14] oh! [18:15]