/srv/irclogs.ubuntu.com/2014/06/13/#ubuntu-server.txt

znfinstead of using multiple packages00:00
znfyou should just use dnsmasq00:00
sarnoldgenitrust_: anyway, you can do that if you're assigning addresses with dhcp, you can tell them to use an IP for DNS that way00:00
znfdnsmasq does everything you need, perfect for small lans00:00
znfdns, dhcp, tftp etc.00:00
genitrust_all of the machines are static00:03
genitrust_i guess we will just have to set them up on each machine :(00:04
genitrust_How to get iptables saved after rebooting??00:20
tarvidtasksel: aptitude failed (100)00:55
tarvidapt-get install -f throws errors00:56
tarvidapt-get purge dictionaries-common restores equanimity00:58
mdeslaursoren: dude, happy birthday. :P01:09
ddsss_say I wrote a daemon. Right now it's just a binary that forks, syslogs and does some work inside of a while(1) loop. How would I create a .deb package with separate logging file in /var/log/mydaemon and config in /etc/mydaemon or something?01:26
=== Guest68322 is now known as medberry
jrwrenddsss_: write a makefile which follow DFHS (or use autotools to do the same) and then  make a tarball out of that and use dh_make to debianize it02:09
jrwrensee the new maintainers guide for details02:09
=== med is now known as med__
riz0nIs Ubuntu 12.04.1 released yet?03:07
riz0nerrr 14.04.103:08
sarnoldriz0n: not yet, no03:09
riz0nThanks. Was just wondering so I could update my 10.04 server to it03:10
riz0nLooks like the schedule date is July 24th.03:11
tewardsarnold: wouldnt he have to go to 12.04 before 14.04?  Or did I misunderstand LTS-to-LTS upgrade paths03:23
KawaiolaHey guys so I built a ubuntu server 14.04 and I made a habit of always logging in as root which was fine until I had a co worker ftp into the server and need access to files as sudo04:07
KawaiolaSo I changed the owner and the group to the sudo account now when I try to do anything as sudo or as root I get this error messege04:08
Kawaiolasudo: /etc/sudoers is owned by uid 100, should be 004:08
KawaiolaAnyone have an idea of what I have done and if it is possible to fix it in all honesty this is my first run at linux I know enough to get around because all the phone systems I work on are unix based04:09
KawaiolaSo I read a lot and knew how to get around enough to make it work but I can't do anything at this point04:09
KawaiolaI went online and looked around before I came to this channel and it looks like people have fixed it in a few ways but none of them seem to work for me and I think it might be because I'm running ubuntu server on a vm but I'm not sure if that makes a difference or not04:13
sorenmdeslaur: Thanks :904:58
sorenmdeslaur: Um, that was meant to be a ":)" :)04:59
Oplexanyone awake in here05:04
mardraumlooks like you are05:04
Oplexyo05:04
caitanyaup and running :)05:05
Oplexis there anything out there already that can parse distrowatch for all netboot installation links05:05
Oplextrying to create a mega menu for a home pxe server05:05
caitanyamega menu ?05:06
caitanyaouh. got it05:07
Oplexyah.. seems fun enough05:07
caitanyadämn. i called my isp tech support cause i wanted own domain and a reversr-dns but it was not  possible for normal consumers05:09
caitanyai gave some feedback to them05:09
caitanyaallready paying 60e a month to them05:10
caitanya2 phones and a 4g internet with open ports05:11
caitanyaone dynamic ip but a fixed ip would cost +8e a month but didnt take it if i cant get a reverse-dns05:13
caitanya:(05:13
Oplexbeen using cloudflare's service with dd-wrt ddns feature05:15
Oplexhttps://cloudflare-updater.appspot.com/05:15
caitanyai'd buy a cheap vps but i like more of the idea of having a own ssh-sever in my own apartment05:15
sorencaitanya: You don't need reverse dns for that.05:15
caitanyasoren: i want it to be "displayed" in irc so i need reverse05:16
caitanyai got dyndns offcourse05:17
caitanyai dont even need vhosts like *.skizo.fi, just *!*@skizo.fi would satisfy me05:18
caitanyaits hard to get other admins to op people cumming from my dhcp-dns address05:20
caitanyaand i primarily use IRCnet05:21
caitanyastupid ircnet, but most are just too lazy to use multiple ircnets05:22
sorencaitanya: Sounds like you have an IRC problem, not a ISP problem to be honest.05:23
caitanyasoren: no, if i connect from my sh server and have my own domain my isp makes r-dns allways to their hostname05:25
sorencaitanya: I understand.05:25
sorencaitanya: Just like EVERONE ELSE ON THE PLANET.05:26
caitanyai think my isp is stupid. they dont want my moneys :D05:27
sorencaitanya: And for everyone else on the planet, it's not a problem.05:27
sorencaitanya: You have a problem with IRC that you're trying to fix by talking to your ISP.05:27
caitanyasoren: ok. now im interested05:27
caitanyahow do i get my host <hidden>.allowed.org to be seen as my irssi users reverse-dns in IRCnet or any ircnet ?05:29
sorencaitanya: You should talk to IRCnet about this.05:30
caitanyak05:30
caitanyabut the same problem is also with every ircnet05:32
caitanyai really dont understand how could i fix this05:33
caitanyagotta google05:33
caitanyahttp://superuser.com/questions/439483/is-the-reverse-dns-lookup-performed-by-irc-networks-usually-validated-against-th05:37
caitanyadamn tablet. hard to use copy/paste05:37
caitanyaok so it is a problem with ircnets and not my isp05:38
caitanyabut the solution would still be to have isp set r-dns pointing to my domain05:38
caitanyaor then just make ircnets to allow "spoofing" by giving users tonpoint rdns to domains they dont even own05:39
caitanya*to point05:40
caitanyaafter reading that superuser.com article05:40
Oplexis there a all preseed links on distrowatch05:54
sorencaitanya: That's nonsense.06:05
sorencaitanya: Why would IRCnets fake something to fool their own checks?06:05
sorencaitanya: Look, for Freenode, for instance, I just register when I log on. Using a password.06:05
sorencaitanya: Sorry, not register. Identify.06:06
sorencaitanya: And then my hostname gets replaced with ubuntu/member/soren. For others, it'd be something else.06:06
caitanyasoren: freenode just supports hostname cloaking but i am talking about reverse dns not ircnets abilities06:09
sorencaitanya: But you say you want reverse dns because of something related to IRC, right?06:10
caitanyayeah06:10
sorenOk, so that doesn't make any sense, does it?06:10
caitanyabut if id had reverse dns done/allowed by my isp then it would be seen every were that checks reverse06:11
sorenYou're say you're talking about reverse dns, not ircnet's abilities, but you're wanting to deal with reverse dns, *BECAUSE* of ircnet's abilities.06:11
caitanyasoren: true reverse dns06:11
caitanyadid u read that superuser.com article and u understand that my ip allways is pointing to my isp's hostname06:13
sorencaitanya: I didn't read it, no.06:14
sorencaitanya: But EVERY ISP ON THE PLANET DOES THINGS THIS WAY.06:14
sorencaitanya: You're trying to fix the wrong problem.06:14
soren...and this is about as much time I'm willing to spend convincing you of that. If you insist on fixing the wrong problem, enjoy and good luck. You'll probably not succeed, but if you do, you'll be forever stuck with that ISP, because you'll be avoiding this (wrong) problem.06:16
Ben64how is any of this an ubuntu server issue?06:17
caitanyaoff topic06:17
sorenYeah, there's that, too.06:17
Ben64if you want a reverse dns, get an ip that you can do that with. problem solved06:18
sorenShe (he?) doesn't want reverse dns. She (he?) wants... to have ops on IRCnet or something along those lines.06:19
sorenPhrasing it as a reverse dns problem is disingenuous.06:19
sorenBasing any sort of security on reverse DNS lookups is mental. Noone does that.06:19
Ben64i kind of skimmed it but it really seems like more of a rdns thing06:19
sorenBecause you can change it. that's the whole point.06:19
sorenThis problem has exactly nothing to do with rdns. Nothing. Not a bit.06:20
caitanyasoren: propably every isp in finland allways makes rdns to their stupid hostname no matter how many domains or fixed ip's i'd own06:21
sorencaitanya: EVERY ISP ON THE PLANET.06:21
Ben64caitanya: what is your actual goal06:21
caitanyaffs06:21
caitanyaknows06:22
caitanyaagain: having a fixed ip from my isp and getting rdns to my domain06:22
Ben64then get an ip from somewhere that allows you to do that, done06:23
sorenYOU DONT NEED REVERSE DNS!06:24
Ben64hey if caitanya wants rdns, whats the problem with that06:25
sorencaitanya: Ok, suppose you got an IP and set your rdns to point to foo.caytanya.fi or whatever.06:25
caitanyaben64:  and how could i get my isp allowing me to get ip from not them if i'm stuck using their fixed or dynamic ip and theyr dns server which makes my rdns record ?06:25
sorenSuppose I do THE EXACT SAME THING.06:25
sorenCAn you trust that reverse dns for anything? No.06:26
sorenDoes anyone in their right mind trust it for anything? No.06:26
ben64_see, i got rdns. it's super sweet06:26
sorenI give up. This is a joke. You're fixing the wrong problem. Have fun with that.06:26
Ben64caitanya: if your isp doesn't let you change the rdns, then you can't change it. find somewhere (usually datacenters and other hosting things) that will let you06:26
sorenBen64: WRONG PROBLEM!06:27
Ben64soren: i really think you're misunderstanding it.06:27
sorenPray tell.06:27
caitanyaben64: that is the idea06:27
Ben64i re-read the whole thing, seems like caitanya just wants it06:27
Ben64not for any specific purpose, besides it looking cooler06:27
caitanyai agree with ben64 soren06:27
sorencaitanya: Of course you do.06:27
sorencaitanya: You're human.06:27
sorenHmm.. At least I think you are.06:28
sorenAnyway..06:28
caitanyano, im a fallen arch-angel ;)06:28
sorencaitanya: Humans are much more likely to agree with anything that reinforces views they already hold, regardless of reason or facts.06:28
caitanyaat least i believe06:28
sorencaitanya: Do you want rdns because it looks cool or do you think having rdns will solve some problem for you?06:29
caitanyait does not solve anything. period.06:29
caitanyaexcept my irc-shell hosting would have a neat hostame every where that rdns is checked06:30
Ben64then the real answer is get a real server in a real datacenter and stop using residential connections for servering06:31
caitanyaeven on myip.is rdns check just to clarify06:31
caitanyaben64: i have said that already above06:31
caitanyai have a vps06:31
maswanOr get a real ISP to deliver service to your home instead of a crappy second class citizen residental ISP06:31
caitanyaand 2 domains06:31
Ben64vps isn't real06:32
sorenNetflix doesn't exist?06:32
caitanyaand im below eu-defined poverty definition06:32
caitanyaso getting vps is and option but i have 3 users on my sever in home06:33
caitanyaso a vps eould be overkill06:33
caitanyadämn tablet "keyboard"06:34
caitanyaand im not gonna make accounts on my vps that is reserved for my commercial projects06:36
caitanyai dont even use it to irc because it cant be updated because its an old gentoo with broken portage06:37
caitanyaso has many security issues because i cant get security updates06:37
caitanyaand calling my vps provider would charge me too much if id want ubuntu server and all data and confugurations to work06:39
caitanyaand downtime costs money06:40
caitanyawhich i dont have06:40
caitanyaevery thing would be ok if that stupid portage would work06:40
Ben64so you have commercial products on a broken vps06:41
Ben64lol.06:41
caitanya*every* thing broken on portage06:41
caitanyaben64: not that much commercial06:42
caitanyaben64: one solution with out downtime would be to buy another vps and doing it manually but overlapping vps prives are too much for my budget06:45
caitanya*prices06:45
Ben64so your solution is to be completely insecure. good plan06:45
caitanyaben64: there are no remote exploits06:45
caitanyajust local06:45
caitanyaso giving access there for my "friends" is not an option cause im paranoid by security06:46
Ben64not paranoid enough if you don't care about updates06:47
caitanyaben64: no remote exploits and a broken gentoo06:47
caitanyajust local exploits so giving access is something that makes me loose my ability to sleep06:48
caitanyai have already said that chancing gentoo to ubuntu would fix every thing but is takes too much money and configuration time06:49
caitanyai have a solution for my home ssh server06:52
caitanyacalling tech support today06:52
HackVictim1001evening y'all06:56
=== HackVictim1001 is now known as Quoexl
=== psivaa-afk is now known as psivaa
=== Lcawte|Away is now known as Lcawte
=== Lcawte is now known as Lcawte|Away
=== Trey is now known as Guest79972
=== psivaa is now known as psivaa-afk
caribousmoser: rbasak: I'm listening to yesterday's systemd UOS session and just had a wild idea : woudn't it be possible to kexec to systemd from upstart ?12:53
histolol13:02
rbasakcaribou: possible - yes, I guess. But what would be the advantage over a reboot? Some saved time?13:05
caribourbasak: mostly for interim test purposes13:06
caribourbasak: especially for cloud instances if possible13:06
caribourbasak: a bit like what smoser talked regarding reboot after kernel upgrade13:07
rbasakcaribou: from the point of view of the distribution on the system (both kernel and userspace), I guess a kexec is pretty much identical to a reboot.13:07
rbasakSo I think it could work and you can do it.13:07
caribourbasak: well, you save on instantiation time on cloud & H/W + F/W initialization on bare metal13:08
caribourbasak: again, this could be just a kludge for testing the migration to systemd13:08
caribourbasak: I'll keep it in the back of my mind & try to test it if I get time13:08
rbasakcaribou: my concern is that, as a hack, it might be difficult to tell the difference between an issue with the systemd setup in distro, and an issue caused by the kexec attempt.13:10
caribourbasak: true13:10
rbasakcaribou: for testing, I think I'd prefer to just hack the image and modify /sbin/init or something.13:10
rbasakcaribou: smoser's mount-image-callback makes this easy and scriptable13:11
caribouwell both this talk & the simplestreams demo made my day; was well worth the time reviewing the recording13:12
rbasakThanks! kexec is a neat idea - I'm just not sure what it gains us in this particular situation.13:13
jamespagecoreycb, looking at 2014.1.1 now13:15
coreycbjamespage, thanks13:16
jamespagecoreycb, just hit fixed bugs in the NSX support in neutron :-)13:17
jamespagecoreycb, hmm - the icehouse branch has utopic entries....13:18
coreycbjamespage, yeah...13:19
coreycbjamespage, wasn't sure about that13:19
jamespagecoreycb, its because we don't do an new upload with just the Vcs fields changed at the opening of utopic13:19
jamespagewe should do13:20
coreycbjamespage, ok - btw  I think only neutron has utopic entries13:21
jamespagecoreycb, tis OK - I can fix it13:22
coreycbjamespage, thanks13:22
=== khaitanya is now known as kaitanya
KullyHey all; how can I set up a bind to run at startup?13:29
ikoniaKully: it does by default13:31
ikoniathe init script launches it at startup13:31
jamespagecoreycb, urgh - looks like six>=1.6.0 is all over the place13:36
coreycbjamespage, oh?13:37
jamespagecoreycb, yeah - looks like it synced in from global requirements13:38
jamespagecoreycb, we only have 1.5.2 in trusty13:38
coreycbjamespage, can we get 1.6.0 into trusty?13:38
jamespagecoreycb, no13:39
coreycbjamespage, should they all get patched to 1.5.2?13:40
smosercaribou, yeah, i had that same kind of thought.13:40
jamespagecoreycb, just thinking about it13:40
smoserhm..13:41
caribousmoser: I'll take that as a compliment ;-)13:41
smoserit would work/13:41
smoserright now we dont have kexec in our images13:41
smoserso that means 'apt-get install kexec-utils'13:41
smoserwhich is a pain13:41
smoserbut it could work.13:41
smoserxnox, ping13:41
smoserhad a quesiotn on systemd13:41
smoserwill we support systemd as /sbin/init ?13:42
smoserfor this idea of "boot upstart, tell cloud-init to reboot into systemd"13:42
caribousmoser: btw, since I've been adding kdump remote dump functionalities, I was also thinking of creating a subordinate charm to enable remote dumping13:42
smoserthat would work for grub13:42
smoserbut would not work for lxc13:42
caribousmoser: this would also require adding kexec-tools. not related though13:42
smoseror some other case where the kernel loader is external13:42
smoserbut cloud-init could dpkg-divert /sbin/init and hook up systemd there13:43
smoserand then we'd be good to go13:43
smoserand we could test just as easily in lxc as we kvm.13:43
xnoxsmoser: holla =)13:48
xnoxsmoser: at the moment to boot with systemd one must pass kernel cmdline option init=/lib/systemd/systemd13:48
xnoxsmoser: at the moment we do not support installing systemd-sysv with upstart for e.g. systemd to take over /sbin/init binary.13:49
xnoxsmoser: you can crudely do $ cp /lib/systemd/systemd /sbin/init13:49
xnoxsmoser: that would break booting user-session desktop =) but you wouldn't care about that ;-)13:49
xnoxsmoser: i believe/hope that in 16.04 /sbin/init will ifact be systemd binary.13:50
geniiIs there any way to revert from using biosdevname to the 70-persistent-net.rules ?13:54
smoserxnox, well, sure i'd hope that too for 16.0413:57
smoserbut containing "what is the init system" *INSIDE THE SYSTEM* is just cleaner13:57
smoseri'd probably dpkg-divert rather than 'cp'13:57
smoseri do see that as easier than poking around at grub config.13:58
xnoxsmoser: grub config is easy.14:00
xnoxsmoser: we have now /etc/default/grub.d where one can drop your own snippets and they get applied.14:01
xnoxGRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT init=/lib/systemd/systemd"14:01
xnoxand update-grub14:01
xnoxif that at all works with grub-<ec2 thing variant>14:02
xnoxsmoser: whilst reboot into systemd is interesting, the more fun case would be to boot the cloud-image into systemd direct.14:04
xnoxsmoser: when booting cloud-image with e.g. lxc-container or qemu one can typically pass the init= param14:04
xnoxand then if all cloud-init stuff just works(tm) we are good to go.14:04
zuljamespage: ping14:10
jamespagezul, hey14:10
zuljamespage:  can you check to see if im missing anything obvious? https://jenkins.qa.ubuntu.com/job/utopic-adt-neutron/43/ARCH=i386,label=adt/14:11
smoserxnox, grub-config is not easy.14:11
smoser'update-grub' is about 1000 times more overhead than 'dpkg-divert'14:11
jamespagezul, apt0t-neutron-daemons FAIL non-zero exit status 114:11
xnoxsmoser: yeah.14:11
jamespagezul, look at the bug report that pitti assigned you14:11
zuljamespage:  oh14:12
smoserand, yeah, on amazon we also have that 'grub-legacy-ec2' thing that updates /boot/grub/menu.lst14:12
smoserand it does not (and argubly should not) read /etc/default/grub.d14:12
jamespagezul, basically unless the service is fully configured, it will exit on startup14:12
zuljamespage:  right14:12
smoser(since that is grub2 config and it is a grub1 config writer :)14:12
smoseralso, the fact that running 'update-grub' a.) wont work in lxc14:13
smoserb.) wouldn't do what you wanted even if it didnt fail14:13
smoser(maybe it doesn't fail nay more , but at one point it would fail, exiting non-zero)14:13
smoserso that really leads me to want to change my /sbin/init14:14
jamespagecoreycb, nova + neutron did not resync but everything else did :-(14:14
coreycbjamespage, ok I'll refresh the rest of the branches with requirements.txt patches14:15
jamespagecoreycb, +1 thanks14:15
coreycbjamespage, no problemo14:15
jamespagecoreycb, I'll hold off uploads until we have the complete set :-14:15
coreycbjamespage, sounds good14:16
Kullyikonia: sorry for the delay; I'm trying to run a mount --bind /vol/bind/www /var/www at startup, this doesn't happen automatically14:20
ikoniaahh you mean a bind mount point14:21
ikoniasorry14:21
ikoniaI thought you mean bind as in the named application14:21
Kullysorry for not being clean14:21
ikoniaput it in fstab, I 'think' the file system type is "bind" but you'd need to check that14:21
=== medberry is now known as Guest18630
=== psivaa-afk is now known as psivaa
=== TDog__ is now known as TDog
=== Lcawte|Away is now known as Lcawte
Kullyikonia: thanks! added /olddir /newdir none bind 0 0 to fstab15:54
Kullyworked great15:54
zuljamespage:  btw ceilometer doesnt ship a configuration file anymore15:56
jamespagezul, interesting - why not?15:57
zuljamespage:  gate failures looks like it https://github.com/openstack/ceilometer/commit/7dab3be0175fd9214fc2b40e112e53573a6d536215:58
jamespagezul, "bash tools/config/generate_sample.sh -b . -p ceilometer -o etc/ceilometer"15:59
jamespagelets generate it instead!15:59
zulyeah15:59
=== TDog__ is now known as TDog
sarnoldteward: probably for an important machine I'd be conservative and upgrade 10.04 to 12.04 before 14.04.16:57
YaannnnHi !17:08
YaannnnI have trouble NATing 10gbits with 1000 1-to-1 rules and many flows17:09
Yaannnnit doesn't reaches 10gbit/s17:09
Yaannnnreach *17:10
YaannnnI tryed with normal iptables, XTables with rawdnat and DNETMAP, tc17:11
YaannnnDid anybody experience with this kind of setup ?17:18
smoserhallyn, ping17:37
smosersay i were to do this:17:37
smoser qemu ... -serial pty17:38
smoserit makes a pty for me.17:38
smoserany easy way to connect to that ?17:38
hallynsmoser: hm, i usually do it over a tcp server17:40
hallyni.e. -serial tcp:192.168.0.2:4444  (from manpage)17:40
coreycbjamespage, I've pushed the rest of the 2014.1.1 branches17:57
chuck__hallyn:  no change18:09
=== chuck__ is now known as zul
=== TDJACR is now known as Guest34058
imanHi, I have ubuntu server and some times in a day my server gets slow, I am thinking someone is attacking my server, can u let me know how can I monitor server bandwidth or something like that to understand what happen for my server19:01
imanI use nload but i just show me incoming and outgoing19:01
RimminenErm, how can I enable mcrypt on my PHP/apache setup? I've installed it with apt-get but it doesn't show up on php5 --version.19:06
=== Ursinha is now known as Ursinha-afk
=== Ursinha-afk is now known as Ursinha
=== Ursinha is now known as Ursinha-afk
=== Ursinha-afk is now known as Ursinha

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!