[00:00] <znf> instead of using multiple packages
[00:00] <znf> you should just use dnsmasq
[00:00] <sarnold> genitrust_: anyway, you can do that if you're assigning addresses with dhcp, you can tell them to use an IP for DNS that way
[00:00] <znf> dnsmasq does everything you need, perfect for small lans
[00:00] <znf> dns, dhcp, tftp etc.
[00:03] <genitrust_> all of the machines are static
[00:04] <genitrust_> i guess we will just have to set them up on each machine :(
[00:20] <genitrust_> How to get iptables saved after rebooting??
[00:55] <tarvid> tasksel: aptitude failed (100)
[00:56] <tarvid> apt-get install -f throws errors
[00:58] <tarvid> apt-get purge dictionaries-common restores equanimity
[01:09] <mdeslaur> soren: dude, happy birthday. :P
[01:26] <ddsss_> say I wrote a daemon. Right now it's just a binary that forks, syslogs and does some work inside of a while(1) loop. How would I create a .deb package with separate logging file in /var/log/mydaemon and config in /etc/mydaemon or something?
[02:09] <jrwren> ddsss_: write a makefile which follow DFHS (or use autotools to do the same) and then  make a tarball out of that and use dh_make to debianize it
[02:09] <jrwren> see the new maintainers guide for details
[03:07] <riz0n> Is Ubuntu 12.04.1 released yet?
[03:08] <riz0n> errr 14.04.1
[03:09] <sarnold> riz0n: not yet, no
[03:10] <riz0n> Thanks. Was just wondering so I could update my 10.04 server to it
[03:11] <riz0n> Looks like the schedule date is July 24th.
[03:23] <teward> sarnold: wouldnt he have to go to 12.04 before 14.04?  Or did I misunderstand LTS-to-LTS upgrade paths
[04:07] <Kawaiola> Hey guys so I built a ubuntu server 14.04 and I made a habit of always logging in as root which was fine until I had a co worker ftp into the server and need access to files as sudo
[04:08] <Kawaiola> So I changed the owner and the group to the sudo account now when I try to do anything as sudo or as root I get this error messege
[04:08] <Kawaiola> sudo: /etc/sudoers is owned by uid 100, should be 0
[04:09] <Kawaiola> Anyone have an idea of what I have done and if it is possible to fix it in all honesty this is my first run at linux I know enough to get around because all the phone systems I work on are unix based
[04:09] <Kawaiola> So I read a lot and knew how to get around enough to make it work but I can't do anything at this point
[04:13] <Kawaiola> I went online and looked around before I came to this channel and it looks like people have fixed it in a few ways but none of them seem to work for me and I think it might be because I'm running ubuntu server on a vm but I'm not sure if that makes a difference or not
[04:58] <soren> mdeslaur: Thanks :9
[04:59] <soren> mdeslaur: Um, that was meant to be a ":)" :)
[05:04] <Oplex> anyone awake in here
[05:04] <mardraum> looks like you are
[05:04] <Oplex> yo
[05:05] <caitanya> up and running :)
[05:05] <Oplex> is there anything out there already that can parse distrowatch for all netboot installation links
[05:05] <Oplex> trying to create a mega menu for a home pxe server
[05:06] <caitanya> mega menu ?
[05:07] <caitanya> ouh. got it
[05:07] <Oplex> yah.. seems fun enough
[05:09] <caitanya> dämn. i called my isp tech support cause i wanted own domain and a reversr-dns but it was not  possible for normal consumers
[05:09] <caitanya> i gave some feedback to them
[05:10] <caitanya> allready paying 60e a month to them
[05:11] <caitanya> 2 phones and a 4g internet with open ports
[05:13] <caitanya> one dynamic ip but a fixed ip would cost +8e a month but didnt take it if i cant get a reverse-dns
[05:13] <caitanya> :(
[05:15] <Oplex> been using cloudflare's service with dd-wrt ddns feature
[05:15] <Oplex> https://cloudflare-updater.appspot.com/
[05:15] <caitanya> i'd buy a cheap vps but i like more of the idea of having a own ssh-sever in my own apartment
[05:15] <soren> caitanya: You don't need reverse dns for that.
[05:16] <caitanya> soren: i want it to be "displayed" in irc so i need reverse
[05:17] <caitanya> i got dyndns offcourse
[05:18] <caitanya> i dont even need vhosts like *.skizo.fi, just *!*@skizo.fi would satisfy me
[05:20] <caitanya> its hard to get other admins to op people cumming from my dhcp-dns address
[05:21] <caitanya> and i primarily use IRCnet
[05:22] <caitanya> stupid ircnet, but most are just too lazy to use multiple ircnets
[05:23] <soren> caitanya: Sounds like you have an IRC problem, not a ISP problem to be honest.
[05:25] <caitanya> soren: no, if i connect from my sh server and have my own domain my isp makes r-dns allways to their hostname
[05:25] <soren> caitanya: I understand.
[05:26] <soren> caitanya: Just like EVERONE ELSE ON THE PLANET.
[05:27] <caitanya> i think my isp is stupid. they dont want my moneys :D
[05:27] <soren> caitanya: And for everyone else on the planet, it's not a problem.
[05:27] <soren> caitanya: You have a problem with IRC that you're trying to fix by talking to your ISP.
[05:27] <caitanya> soren: ok. now im interested
[05:29] <caitanya> how do i get my host <hidden>.allowed.org to be seen as my irssi users reverse-dns in IRCnet or any ircnet ?
[05:30] <soren> caitanya: You should talk to IRCnet about this.
[05:30] <caitanya> k
[05:32] <caitanya> but the same problem is also with every ircnet
[05:33] <caitanya> i really dont understand how could i fix this
[05:33] <caitanya> gotta google
[05:37] <caitanya> http://superuser.com/questions/439483/is-the-reverse-dns-lookup-performed-by-irc-networks-usually-validated-against-th
[05:37] <caitanya> damn tablet. hard to use copy/paste
[05:38] <caitanya> ok so it is a problem with ircnets and not my isp
[05:38] <caitanya> but the solution would still be to have isp set r-dns pointing to my domain
[05:39] <caitanya> or then just make ircnets to allow "spoofing" by giving users tonpoint rdns to domains they dont even own
[05:40] <caitanya> *to point
[05:40] <caitanya> after reading that superuser.com article
[05:54] <Oplex> is there a all preseed links on distrowatch
[06:05] <soren> caitanya: That's nonsense.
[06:05] <soren> caitanya: Why would IRCnets fake something to fool their own checks?
[06:05] <soren> caitanya: Look, for Freenode, for instance, I just register when I log on. Using a password.
[06:06] <soren> caitanya: Sorry, not register. Identify.
[06:06] <soren> caitanya: And then my hostname gets replaced with ubuntu/member/soren. For others, it'd be something else.
[06:09] <caitanya> soren: freenode just supports hostname cloaking but i am talking about reverse dns not ircnets abilities
[06:10] <soren> caitanya: But you say you want reverse dns because of something related to IRC, right?
[06:10] <caitanya> yeah
[06:10] <soren> Ok, so that doesn't make any sense, does it?
[06:11] <caitanya> but if id had reverse dns done/allowed by my isp then it would be seen every were that checks reverse
[06:11] <soren> You're say you're talking about reverse dns, not ircnet's abilities, but you're wanting to deal with reverse dns, *BECAUSE* of ircnet's abilities.
[06:11] <caitanya> soren: true reverse dns
[06:13] <caitanya> did u read that superuser.com article and u understand that my ip allways is pointing to my isp's hostname
[06:14] <soren> caitanya: I didn't read it, no.
[06:14] <soren> caitanya: But EVERY ISP ON THE PLANET DOES THINGS THIS WAY.
[06:14] <soren> caitanya: You're trying to fix the wrong problem.
[06:16] <soren> ...and this is about as much time I'm willing to spend convincing you of that. If you insist on fixing the wrong problem, enjoy and good luck. You'll probably not succeed, but if you do, you'll be forever stuck with that ISP, because you'll be avoiding this (wrong) problem.
[06:17] <Ben64> how is any of this an ubuntu server issue?
[06:17] <caitanya> off topic
[06:17] <soren> Yeah, there's that, too.
[06:18] <Ben64> if you want a reverse dns, get an ip that you can do that with. problem solved
[06:19] <soren> She (he?) doesn't want reverse dns. She (he?) wants... to have ops on IRCnet or something along those lines.
[06:19] <soren> Phrasing it as a reverse dns problem is disingenuous.
[06:19] <soren> Basing any sort of security on reverse DNS lookups is mental. Noone does that.
[06:19] <Ben64> i kind of skimmed it but it really seems like more of a rdns thing
[06:19] <soren> Because you can change it. that's the whole point.
[06:20] <soren> This problem has exactly nothing to do with rdns. Nothing. Not a bit.
[06:21] <caitanya> soren: propably every isp in finland allways makes rdns to their stupid hostname no matter how many domains or fixed ip's i'd own
[06:21] <soren> caitanya: EVERY ISP ON THE PLANET.
[06:21] <Ben64> caitanya: what is your actual goal
[06:21] <caitanya> ffs
[06:22] <caitanya> knows
[06:22] <caitanya> again: having a fixed ip from my isp and getting rdns to my domain
[06:23] <Ben64> then get an ip from somewhere that allows you to do that, done
[06:24] <soren> YOU DONT NEED REVERSE DNS!
[06:25] <Ben64> hey if caitanya wants rdns, whats the problem with that
[06:25] <soren> caitanya: Ok, suppose you got an IP and set your rdns to point to foo.caytanya.fi or whatever.
[06:25] <caitanya> ben64:  and how could i get my isp allowing me to get ip from not them if i'm stuck using their fixed or dynamic ip and theyr dns server which makes my rdns record ?
[06:25] <soren> Suppose I do THE EXACT SAME THING.
[06:26] <soren> CAn you trust that reverse dns for anything? No.
[06:26] <soren> Does anyone in their right mind trust it for anything? No.
[06:26] <ben64_> see, i got rdns. it's super sweet
[06:26] <soren> I give up. This is a joke. You're fixing the wrong problem. Have fun with that.
[06:26] <Ben64> caitanya: if your isp doesn't let you change the rdns, then you can't change it. find somewhere (usually datacenters and other hosting things) that will let you
[06:27] <soren> Ben64: WRONG PROBLEM!
[06:27] <Ben64> soren: i really think you're misunderstanding it.
[06:27] <soren> Pray tell.
[06:27] <caitanya> ben64: that is the idea
[06:27] <Ben64> i re-read the whole thing, seems like caitanya just wants it
[06:27] <Ben64> not for any specific purpose, besides it looking cooler
[06:27] <caitanya> i agree with ben64 soren
[06:27] <soren> caitanya: Of course you do.
[06:27] <soren> caitanya: You're human.
[06:28] <soren> Hmm.. At least I think you are.
[06:28] <soren> Anyway..
[06:28] <caitanya> no, im a fallen arch-angel ;)
[06:28] <soren> caitanya: Humans are much more likely to agree with anything that reinforces views they already hold, regardless of reason or facts.
[06:28] <caitanya> at least i believe
[06:29] <soren> caitanya: Do you want rdns because it looks cool or do you think having rdns will solve some problem for you?
[06:29] <caitanya> it does not solve anything. period.
[06:30] <caitanya> except my irc-shell hosting would have a neat hostame every where that rdns is checked
[06:31] <Ben64> then the real answer is get a real server in a real datacenter and stop using residential connections for servering
[06:31] <caitanya> even on myip.is rdns check just to clarify
[06:31] <caitanya> ben64: i have said that already above
[06:31] <caitanya> i have a vps
[06:31] <maswan> Or get a real ISP to deliver service to your home instead of a crappy second class citizen residental ISP
[06:31] <caitanya> and 2 domains
[06:32] <Ben64> vps isn't real
[06:32] <soren> Netflix doesn't exist?
[06:32] <caitanya> and im below eu-defined poverty definition
[06:33] <caitanya> so getting vps is and option but i have 3 users on my sever in home
[06:33] <caitanya> so a vps eould be overkill
[06:34] <caitanya> dämn tablet "keyboard"
[06:36] <caitanya> and im not gonna make accounts on my vps that is reserved for my commercial projects
[06:37] <caitanya> i dont even use it to irc because it cant be updated because its an old gentoo with broken portage
[06:37] <caitanya> so has many security issues because i cant get security updates
[06:39] <caitanya> and calling my vps provider would charge me too much if id want ubuntu server and all data and confugurations to work
[06:40] <caitanya> and downtime costs money
[06:40] <caitanya> which i dont have
[06:40] <caitanya> every thing would be ok if that stupid portage would work
[06:41] <Ben64> so you have commercial products on a broken vps
[06:41] <Ben64> lol.
[06:41] <caitanya> *every* thing broken on portage
[06:42] <caitanya> ben64: not that much commercial
[06:45] <caitanya> ben64: one solution with out downtime would be to buy another vps and doing it manually but overlapping vps prives are too much for my budget
[06:45] <caitanya> *prices
[06:45] <Ben64> so your solution is to be completely insecure. good plan
[06:45] <caitanya> ben64: there are no remote exploits
[06:45] <caitanya> just local
[06:46] <caitanya> so giving access there for my "friends" is not an option cause im paranoid by security
[06:47] <Ben64> not paranoid enough if you don't care about updates
[06:47] <caitanya> ben64: no remote exploits and a broken gentoo
[06:48] <caitanya> just local exploits so giving access is something that makes me loose my ability to sleep
[06:49] <caitanya> i have already said that chancing gentoo to ubuntu would fix every thing but is takes too much money and configuration time
[06:52] <caitanya> i have a solution for my home ssh server
[06:52] <caitanya> calling tech support today
[06:56] <HackVictim1001> evening y'all
[12:53] <caribou> smoser: rbasak: I'm listening to yesterday's systemd UOS session and just had a wild idea : woudn't it be possible to kexec to systemd from upstart ?
[13:02] <histo> lol
[13:05] <rbasak> caribou: possible - yes, I guess. But what would be the advantage over a reboot? Some saved time?
[13:06] <caribou> rbasak: mostly for interim test purposes
[13:06] <caribou> rbasak: especially for cloud instances if possible
[13:07] <caribou> rbasak: a bit like what smoser talked regarding reboot after kernel upgrade
[13:07] <rbasak> caribou: from the point of view of the distribution on the system (both kernel and userspace), I guess a kexec is pretty much identical to a reboot.
[13:07] <rbasak> So I think it could work and you can do it.
[13:08] <caribou> rbasak: well, you save on instantiation time on cloud & H/W + F/W initialization on bare metal
[13:08] <caribou> rbasak: again, this could be just a kludge for testing the migration to systemd
[13:08] <caribou> rbasak: I'll keep it in the back of my mind & try to test it if I get time
[13:10] <rbasak> caribou: my concern is that, as a hack, it might be difficult to tell the difference between an issue with the systemd setup in distro, and an issue caused by the kexec attempt.
[13:10] <caribou> rbasak: true
[13:10] <rbasak> caribou: for testing, I think I'd prefer to just hack the image and modify /sbin/init or something.
[13:11] <rbasak> caribou: smoser's mount-image-callback makes this easy and scriptable
[13:12] <caribou> well both this talk & the simplestreams demo made my day; was well worth the time reviewing the recording
[13:13] <rbasak> Thanks! kexec is a neat idea - I'm just not sure what it gains us in this particular situation.
[13:15] <jamespage> coreycb, looking at 2014.1.1 now
[13:16] <coreycb> jamespage, thanks
[13:17] <jamespage> coreycb, just hit fixed bugs in the NSX support in neutron :-)
[13:18] <jamespage> coreycb, hmm - the icehouse branch has utopic entries....
[13:19] <coreycb> jamespage, yeah...
[13:19] <coreycb> jamespage, wasn't sure about that
[13:19] <jamespage> coreycb, its because we don't do an new upload with just the Vcs fields changed at the opening of utopic
[13:20] <jamespage> we should do
[13:21] <coreycb> jamespage, ok - btw  I think only neutron has utopic entries
[13:22] <jamespage> coreycb, tis OK - I can fix it
[13:22] <coreycb> jamespage, thanks
[13:29] <Kully> Hey all; how can I set up a bind to run at startup?
[13:31] <ikonia> Kully: it does by default
[13:31] <ikonia> the init script launches it at startup
[13:36] <jamespage> coreycb, urgh - looks like six>=1.6.0 is all over the place
[13:37] <coreycb> jamespage, oh?
[13:38] <jamespage> coreycb, yeah - looks like it synced in from global requirements
[13:38] <jamespage> coreycb, we only have 1.5.2 in trusty
[13:38] <coreycb> jamespage, can we get 1.6.0 into trusty?
[13:39] <jamespage> coreycb, no
[13:40] <coreycb> jamespage, should they all get patched to 1.5.2?
[13:40] <smoser> caribou, yeah, i had that same kind of thought.
[13:40] <jamespage> coreycb, just thinking about it
[13:41] <smoser> hm..
[13:41] <caribou> smoser: I'll take that as a compliment ;-)
[13:41] <smoser> it would work/
[13:41] <smoser> right now we dont have kexec in our images
[13:41] <smoser> so that means 'apt-get install kexec-utils'
[13:41] <smoser> which is a pain
[13:41] <smoser> but it could work.
[13:41] <smoser> xnox, ping
[13:41] <smoser> had a quesiotn on systemd
[13:42] <smoser> will we support systemd as /sbin/init ?
[13:42] <smoser> for this idea of "boot upstart, tell cloud-init to reboot into systemd"
[13:42] <caribou> smoser: btw, since I've been adding kdump remote dump functionalities, I was also thinking of creating a subordinate charm to enable remote dumping
[13:42] <smoser> that would work for grub
[13:42] <smoser> but would not work for lxc
[13:42] <caribou> smoser: this would also require adding kexec-tools. not related though
[13:42] <smoser> or some other case where the kernel loader is external
[13:43] <smoser> but cloud-init could dpkg-divert /sbin/init and hook up systemd there
[13:43] <smoser> and then we'd be good to go
[13:43] <smoser> and we could test just as easily in lxc as we kvm.
[13:48] <xnox> smoser: holla =)
[13:48] <xnox> smoser: at the moment to boot with systemd one must pass kernel cmdline option init=/lib/systemd/systemd
[13:49] <xnox> smoser: at the moment we do not support installing systemd-sysv with upstart for e.g. systemd to take over /sbin/init binary.
[13:49] <xnox> smoser: you can crudely do $ cp /lib/systemd/systemd /sbin/init
[13:49] <xnox> smoser: that would break booting user-session desktop =) but you wouldn't care about that ;-)
[13:50] <xnox> smoser: i believe/hope that in 16.04 /sbin/init will ifact be systemd binary.
[13:54] <genii> Is there any way to revert from using biosdevname to the 70-persistent-net.rules ?
[13:57] <smoser> xnox, well, sure i'd hope that too for 16.04
[13:57] <smoser> but containing "what is the init system" *INSIDE THE SYSTEM* is just cleaner
[13:57] <smoser> i'd probably dpkg-divert rather than 'cp'
[13:58] <smoser> i do see that as easier than poking around at grub config.
[14:00] <xnox> smoser: grub config is easy.
[14:01] <xnox> smoser: we have now /etc/default/grub.d where one can drop your own snippets and they get applied.
[14:01] <xnox> GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT init=/lib/systemd/systemd"
[14:01] <xnox> and update-grub
[14:02] <xnox> if that at all works with grub-<ec2 thing variant>
[14:04] <xnox> smoser: whilst reboot into systemd is interesting, the more fun case would be to boot the cloud-image into systemd direct.
[14:04] <xnox> smoser: when booting cloud-image with e.g. lxc-container or qemu one can typically pass the init= param
[14:04] <xnox> and then if all cloud-init stuff just works(tm) we are good to go.
[14:10] <zul> jamespage: ping
[14:10] <jamespage> zul, hey
[14:11] <zul> jamespage:  can you check to see if im missing anything obvious? https://jenkins.qa.ubuntu.com/job/utopic-adt-neutron/43/ARCH=i386,label=adt/
[14:11] <smoser> xnox, grub-config is not easy.
[14:11] <smoser> 'update-grub' is about 1000 times more overhead than 'dpkg-divert'
[14:11] <jamespage> zul, apt0t-neutron-daemons FAIL non-zero exit status 1
[14:11] <xnox> smoser: yeah.
[14:11] <jamespage> zul, look at the bug report that pitti assigned you
[14:12] <zul> jamespage:  oh
[14:12] <smoser> and, yeah, on amazon we also have that 'grub-legacy-ec2' thing that updates /boot/grub/menu.lst
[14:12] <smoser> and it does not (and argubly should not) read /etc/default/grub.d
[14:12] <jamespage> zul, basically unless the service is fully configured, it will exit on startup
[14:12] <zul> jamespage:  right
[14:12] <smoser> (since that is grub2 config and it is a grub1 config writer :)
[14:13] <smoser> also, the fact that running 'update-grub' a.) wont work in lxc
[14:13] <smoser> b.) wouldn't do what you wanted even if it didnt fail
[14:13] <smoser> (maybe it doesn't fail nay more , but at one point it would fail, exiting non-zero)
[14:14] <smoser> so that really leads me to want to change my /sbin/init
[14:14] <jamespage> coreycb, nova + neutron did not resync but everything else did :-(
[14:15] <coreycb> jamespage, ok I'll refresh the rest of the branches with requirements.txt patches
[14:15] <jamespage> coreycb, +1 thanks
[14:15] <coreycb> jamespage, no problemo
[14:15] <jamespage> coreycb, I'll hold off uploads until we have the complete set :-
[14:16] <coreycb> jamespage, sounds good
[14:20] <Kully> ikonia: sorry for the delay; I'm trying to run a mount --bind /vol/bind/www /var/www at startup, this doesn't happen automatically
[14:21] <ikonia> ahh you mean a bind mount point
[14:21] <ikonia> sorry
[14:21] <ikonia> I thought you mean bind as in the named application
[14:21] <Kully> sorry for not being clean
[14:21] <ikonia> put it in fstab, I 'think' the file system type is "bind" but you'd need to check that
[15:54] <Kully> ikonia: thanks! added /olddir /newdir none bind 0 0 to fstab
[15:54] <Kully> worked great
[15:56] <zul> jamespage:  btw ceilometer doesnt ship a configuration file anymore
[15:57] <jamespage> zul, interesting - why not?
[15:58] <zul> jamespage:  gate failures looks like it https://github.com/openstack/ceilometer/commit/7dab3be0175fd9214fc2b40e112e53573a6d5362
[15:59] <jamespage> zul, "bash tools/config/generate_sample.sh -b . -p ceilometer -o etc/ceilometer"
[15:59] <jamespage> lets generate it instead!
[15:59] <zul> yeah
[16:57] <sarnold> teward: probably for an important machine I'd be conservative and upgrade 10.04 to 12.04 before 14.04.
[17:08] <Yaannnn> Hi !
[17:09] <Yaannnn> I have trouble NATing 10gbits with 1000 1-to-1 rules and many flows
[17:09] <Yaannnn> it doesn't reaches 10gbit/s
[17:10] <Yaannnn> reach *
[17:11] <Yaannnn> I tryed with normal iptables, XTables with rawdnat and DNETMAP, tc
[17:18] <Yaannnn> Did anybody experience with this kind of setup ?
[17:37] <smoser> hallyn, ping
[17:37] <smoser> say i were to do this:
[17:38] <smoser>  qemu ... -serial pty
[17:38] <smoser> it makes a pty for me.
[17:38] <smoser> any easy way to connect to that ?
[17:40] <hallyn> smoser: hm, i usually do it over a tcp server
[17:40] <hallyn> i.e. -serial tcp:192.168.0.2:4444  (from manpage)
[17:57] <coreycb> jamespage, I've pushed the rest of the 2014.1.1 branches
[18:09] <chuck__> hallyn:  no change
[19:01] <iman> Hi, I have ubuntu server and some times in a day my server gets slow, I am thinking someone is attacking my server, can u let me know how can I monitor server bandwidth or something like that to understand what happen for my server
[19:01] <iman> I use nload but i just show me incoming and outgoing
[19:06] <Rimminen> Erm, how can I enable mcrypt on my PHP/apache setup? I've installed it with apt-get but it doesn't show up on php5 --version.