=== jeffreylevesque_ is now known as jeffreylevesque
=== arrrghhh is now known as arrrghhhAWAY
=== Ursinha is now known as Ursinha-afk
=== Ursinha-afk is now known as Ursinha
[03:00] <z1haze> how can i add another ssh key to my authorized keys? how does that process work?
[03:00] <z1haze> im basically trying to rsync between 2 servrs that boht use key authentication, im just thinking that if both servers accept the same key from me then ill be able to do that?
[04:07] <tortib> Hello can someone help me with this issue with cacti I'm having?  I have outlined the details here: http://askubuntu.com/questions/514072/blank-cacti-graphs
=== thumper is now known as thumper-afk
=== darkness is now known as Guest26571
[07:22] <halvors> Hi! I'm trying to setup a tunnel to tunnelbroker.net form my Ubuntu box. The problem is that when i add a ipv6 address to my interface statically, it seems to ignore the route thru the tunnel. How can i fix that?
[07:24] <ikonia> halvors: what does your routing table show
[07:30] <halvors> ikonia: Here is my Ipv6 routing table. http://pastebin.com/byXJjmDP
[07:31] <halvors> Where 2001:470:27:436::1 is the tunnelbroker endpoint and 2001:470:27:436::2 is my address.
[07:33] <ikonia> halvors: so your default is the tunnel device
[07:37] <halvors> Yes.
[07:39] <ikonia> seems odd that it would ignore the default route
[07:40] <halvors> http://pastebin.com/Fxhwaug1
[07:40] <halvors> ikonia: That is my configuration.
[07:41] <ikonia> halvors: sady I've not setup a tunnel like that before so I don't know if that's right or wrong
[07:41] <Abhijit> how can i stop ubuntu to make me retpye the password second time at installation even if i mention it as plain text in preseed file?
[07:41] <halvors> ikonia: Ok.
[07:42] <Abhijit> it ask it by sayng it want me to be sure about spelling.
[07:42] <ikonia> Abhijit: you have to confirm the password or have it configured in your auto deployment
[07:42] <Abhijit> ikonia, i have configured it in my preseed file.
[07:42] <halvors> ikonia: But let's say that i have a statically assigined ip address that is provided by he.net. Then it should default route thru the tunnel without a gateway set on the interface?
[07:42] <ikonia> Abhijit: doesn't sound like it
[07:43] <Abhijit> ikonia, what does these two lines sound like? d-i passwd/root-login boolean true
[07:43] <Abhijit> d-i passwd/root-password password mypasshere
[07:43] <ikonia> halvors: you have a static ip address, and you connect to something not on that network iti will use the default route
[07:43] <ikonia> Abhijit: that doesn't look right, but I don't have an example heere to share with you
[07:43] <halvors> Yes, that's what i thought, but my problem is that it doesn't _)
[07:44] <halvors> :(
[07:44] <ikonia> halvors: I'm wondering if the 6->4 translation is confusing the route
[07:44] <halvors> possible...
[07:44] <ikonia> but it should still use the 6 default, by default
[07:45] <Abhijit> ikonia, I will be highly appricatie if you tell me whats wrong in those two lines.
[07:45] <ikonia> Abhijit: I've not got anexample here to share, but that syntax doesn't look as I've remembered it
[07:46] <Abhijit> ikonia, when you remeber those examples kindly edith this page here at https://help.ubuntu.com/12.04/installation-guide/example-preseed.txt
[07:46] <ikonia> Abhijit: I could be wrong I don't have a reference here, but it doesn't look right
[07:47] <Abhijit> ikonia, sure. np. i am just requesting you so that next time someone like me visits that page can use the right example not just me. if i got the correct syntax i will updathe the page.
[08:12] <halvors> ikonia: Got it working now :) Had an ip6tables configuration file that was loaded and dropped traffic :(
[08:12] <halvors> ikonia: Thank you very much for help, appirciate it ;)
=== deegee is now known as drussell
=== mld_ is now known as mld
[08:33] <ikonia> hallyn: so it was going out of the default route, just getting dropped
=== Lcawte|Away is now known as Lcawte
=== thumper-afk is now known as thumper
[10:50] <hxm> hi
[10:50] <hxm> what is this? 014 Aug 21 12:49:49 datatec PAM service(sshd) ignoring max retries; 6 > 3
[10:52] <hxm> is someone trying to bruteforce ssh?
[11:03] <YamakasY> hxm: I think Putin tries too
[14:51] <bitfury> Hey guys, so I have this server which was pegged at 93% memory use this morning.. stopped the responsible service but the box memory usage still high (3.1G/4G)
[14:52] <bitfury> nothing else is using this much memory
=== JanC_ is now known as JanC
[15:01] <bitfury> ha, cleared cached/buffers and came back to normal
[15:18] <RoyK> bitfury: how was the swap use? and how did you clear the cache/buffers?
[15:30] <Free95> hey all, random question: how would I recover the options I used when running ./configure for a package?
[15:31] <Free95> I tried using "history" but there are too many potentials
[15:46] <RoyK> Free95: probably the last one in 'history' ;)
[15:46] <RoyK> Free95: not sure if all packages store the configure string - I don't remember
[15:47] <bitfury> RoyK: box wasn't swapping at all, cleared it with 'free && sync && echo 3 > /proc/sys/vm/drop_caches && free'
[15:47] <RoyK> bitfury: wierd - that shouldn't affect system performance
[15:47] <bitfury> what shouldn't?
[15:48] <RoyK> memory used for buffers/cache
[15:49] <bitfury> isn't buffers/cache how much space applications are currently using?
[15:50] <bitfury> cached memory
[15:50] <RoyK> no. buffers/cache is whatever applications aren't using. it's what's used for buffering/caching block devices/filesystems
[15:50] <RoyK> linux can't tell an application to free memory
[16:00] <bitfury> I've seen it happen a few times now
[16:00] <bitfury> really weird
[16:01] <bitfury> tomcat uses the most memory on this server, it starts low and builds up
[16:01] <bitfury> maybe a memory leak
[16:02] <bitfury> no idea why clearing the cache helps bring system memory down though
[16:02] <RoyK> I've seen linux machines with lots of memory, but high memory load, start to swap early just to get room for more buffers/cache, even if it reduces performance. linux isn't always to smart on such systems. reducing vm.swappiness to 10 or so remedies this, but that looks to me more like a workaround than a fix
[16:02] <bitfury> after stopping tomcat of course
[16:03] <RoyK> I guess restarting tomcat was what made it better. java is a memory hog
[16:04] <bitfury> I stopped tomcat but memory was still high
[16:04] <RoyK> btw. testing with 14.10, I have some issues with systemd:
[16:04] <RoyK> root@u-dev:~# systemctl -l
[16:04] <RoyK> Failed to get D-Bus connection: No connection to service manager.
[16:04] <RoyK> bitfury: do you have the output of "free" after stopping tomcat?
[16:05] <bitfury> let me check if my terminal buffer still has it
[16:06] <bitfury> RoyK: http://pastie.org/9491947
[16:07] <RoyK> 4190044 free
[16:07] <RoyK> after subtracting what's used for buffers/cache, which will be released anyway, if needed
[16:07] <RoyK> what does "free" say at this point?
[16:07] <RoyK> uh
[16:07] <RoyK> sorry
[16:08] <RoyK> that was top (and I pasted the swap)
[16:08] <bitfury> right
[16:08] <RoyK> did you have the output of the command "free"?
[16:08] <bitfury> yep one sec
[16:08] <RoyK> it gives more detail
[16:09] <bitfury> RoyK: http://pastie.org/9491956
[16:10] <RoyK> -/+ buffers/cache:     325400    3723020 <-- plenty of free memory, hardly any swap used - shouldn't be a problem
[16:10] <RoyK> maybe sshd hadn't been used in a while and thus had swapped out pages?
[16:11] <bitfury> that's buffers/cache though, Top reported 3.4G of memory used!
[16:12] <RoyK> linux usually swaps out things not in use - it's no reason to keep everything in memory when memory can be better used for caching than holding processes not currently in use
[16:12] <RoyK> so does free: Mem:       4048420    3105368     943052, but that's really irrelevant
[16:12] <RoyK> you don't *want* free memory - you want it to be used for cache and buffers to avoid reading from a slow disk too much
[16:13] <bitfury> im confused, so you're telling me not to trust Top "used" report
[16:13] <bitfury> cause it's irrelevant
=== mip5__ is now known as mip5
[16:13] <RoyK> top shows what's used by both processes, cache and buffers
[16:14] <RoyK> free also does that, but has this -/+ buffers/cache line that shows you how much free when not counting what's used by buffers and cache
[16:14] <RoyK> that's far more relevant
[16:14] <bitfury> brb - got called into a meeting
[16:15] <RoyK> if you want your system not to use swap unless it's not strictly needed, set vm.swappiness = 1
[16:16] <RoyK> but then - in *most* cases, it's better to let Linux do what it wants - it may take a second or two to ssh into the box if some of sshd's pages have been swapped out, but only the first time
[17:20] <bitfury> RoyK: my confusion mostly comes from the system reporting ~3.4G in used and buffers/cache reporting 3.7 available for use
[17:21] <RoyK> bitfury: that's normal - really - there's a lot of questions about this topic
[17:21] <bitfury> you're saying the system had plenty of memory but top is reporting it didn't :(
[17:22] <RoyK> bitfury: see 'free' output - that reports it correctly. "free" memory as reported by "top" is memory that's not in use by anything, but you *want* the memory to be used for caching if apps aren't using it.
[17:32] <bitfury> RoyK: cool thank you, it's kind of confusing but I guess is just a misunderstanding of terms. This is a good page on the topic: http://www.linuxatemyram.com/
[17:34] <RoyK> ubottu: linux ate my ram is http://www.linuxatemyram.com/
[17:34] <bitfury> like you said earlier, clearing the cache shouldn't affect system performance or amount of RAM in use
[17:35] <bitfury> so very weird memory dropped when I cleared it
[17:35] <RoyK> bitfury: not wierd at all - you removed everything from the cache
[17:35] <RoyK> bitfury: that system call is meant for developers wanting to benchmark things - not for users or admins
[17:36] <Pici> RoyK: we actually already have !ram setup to include that site :)
[17:36] <RoyK> Pici: ah
[17:36] <RoyK> !ram
[17:36] <ubottu> If you are wondering why some tools report your system has very little free memory, have a look at http://www.linuxatemyram.com/ | A short primer on Linux memory management can be found here: http://sourcefrog.net/weblog/software/linux-kernel/free-mem.html
[17:36] <RoyK> Pici: thanks
[17:36] <Pici> np :)
[17:37] <RoyK> erm
[17:37] <RoyK> The requested URL /weblog/software/linux-kernel/free-mem.html was not found on this server.
[17:37] <bitfury> RoyK: got, thanks again :D
[17:37] <bitfury> it
[17:39] <RoyK> Pici: seems that page doesn't exist anymore :P
[17:40] <Pici> o.  I'll update it.
[17:41] <Pici> !memory =~ s/|.*$//
[17:41] <ubottu> Nothing changed there
[17:41] <RoyK> (perhaps !mem?)
[17:41]  * Pici pesters ubottu in private
[17:41] <RoyK> (or !ram)?
[17:41] <RoyK> hehe
[17:41] <bitfury> RoyK: in other words, it's good to see cached memory allocated from free memory apps are not using, top will report this as used memory but it really isn't.. as applications need more memory it will grab what it needs back from cache.
[17:42] <RoyK> bitfury: bingo - it's used - but for caching/buffering - which is good. memory not used isn't good
[17:42] <bitfury> im horrible at explaining it, but think I got it :P
[17:43] <bitfury> got it
[17:43] <RoyK> bitfury: linux will just free it whenever a malloc() is issued. what you saw, was probably sshd's pages swapped out, which isn't a big deal, it just takes a second or two to get them back when you login the first time
[17:46] <bitfury> I see, learned something new today.. I can sleep happy tonight
[17:46] <RoyK> :)
[17:48] <RoyK> if you have a linux system with high memory load (lots of memory traffic), you *may* see it start to use large amount of swap for some (to me) unknown reason. If you do, change vm.swappiness (sysctl) to a lower level than the default value of 60
[18:00] <bitfury> haven't seen this box do that even though it does use a lot of ram due to tomcat and the java app running but will keep that in mind, thx.
[18:06] <RoyK> bitfury: haven't seen it with application servers either, but sometimes with file servers with heavy load
[18:08] <bitfury> heh, file servers are evil
[18:13] <RoyK> if you have 5k+ users on a file server, I/O patterns will be somewhat awkward
[18:15] <bitfury> fun
[18:46] <mip5> Hi - running ubuntu 14.04.1 server, 2@ 2.4 GHz qc cpus, 12 gbs ram, 6 @300 GB 15K drives (raid 6), LSI SAS 9260-8i raid controller. The server is a mysql slave, and also an nfs server for rsnapshot backups from ubuntu vms. nfs-kernel-server keeps stopping during the  rsnapshot jobs, and is causing the clients to get hung. Sudo service nfs-kernel-server start *appears* to work (doesn't throw...
[18:46] <mip5> ...any errors on the cli), but service nfs-kernel-service reports nfsd not running. The only way to restart nfs-kernel-service is with a server reboot. /etc/exports options are: (rw,sync,no_root_squash,no_subtree_check). Any ideas why this would happen? How would I increase the logging to try to track this down? Thanks!
[18:48] <sarnold> mip5: does this describe the situation? https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1356361
[18:48] <uvirtbot> Launchpad bug 1356361 in nfs-utils "rpc.mountd crashed with SIGSEGV (dup-of: 1355829)" [High,Confirmed]
[18:48] <uvirtbot> Launchpad bug 1355829 in nfs-utils "rpc.mountd segfaults after upgrading to 1:1.2.8-8ubuntu1" [Undecided,Confirmed]
[19:00] <mip5> I'm running 1:1.2.8-6ubuntu1.1 -
[19:01] <mip5> though the symptoms seem the same. I don't know *why* or *what* is causing the crash though, so I can't be sure the bug affects me. It did start happening after I got the latest package last friday, 8/15
[19:19] <mip5> What repository would I need to add so that I could get the nfs-common_1.2.8-9, nfs-kernel-server_1.2.8-9?
[19:56] <mip5> maybe I'm barking up the wrong tree. What would be the recommended fix for this issue?
[20:19] <bananapie> If I use iproute2 to route packets, do they still go through netfilter ( iptables -t nat POSTROUTING ) ?
[20:26] <bananapie> Here is my iptables firewall and my ip route show. Packets going out on eth1 are not being mangled and are keeping the IP 192.168.0.x. Ignore the 192.168.36.x network
[20:26] <bananapie> http://pastebin.com/Fn6z84Gk
[20:26] <bananapie> Why isn't iptables doing nat on my packets?
[20:31] <SCHAAP137> ┏━╸╻┏┓╻╻┏━╸╻ ╻╺┳╸
[20:31] <SCHAAP137> ┃╺┓ ┃┗┫┃┃╺┓┣━┫ ┃
[20:31] <SCHAAP137> ┗━┛ ╹ ╹╹┗━┛╹ ╹ ╹
[20:31] <SCHAAP137> ah, wrong window lol
[20:31] <SCHAAP137> :D
[20:44] <bananapie> instead of eth0 why not localnet ?
[20:44] <bananapie> Why don't we use arbitrary names for network adapters in linux, like windows does?
[20:44] <bananapie> descriptive*
[20:53] <keithzg> You can, if you want.
[20:54] <keithzg> Although I wouldn't choose localnet, personally . . . sounds and looks too much like localhost!
[20:56] <keithzg> But you can certainly just set up, for example, a udev rule that specifies an arbitrary name for an adapter.
[21:07] <bananapie> ok, example name was perhaps bad.
[21:08] <keithzg> Well, and the fundamental issue IMHO is that any automatic system isn't likely to know what connection the user would conceptualize it as, necessarily.
[21:10] <keithzg> And the usage of "eth" for ethernet, "br" for bridge and "wlan" for wireless LAN, then enumerating the connections as eth0, eth1 etc if there are multiples, is probably the best that's reasonable from a fully automatic point of view.
[21:11] <bekks> bridges and wlan are ethernet devices too. from that point of view, "eth" as naming scheme would be enough - unless you have devices which arent ethernet.
[21:11] <bananapie> If I setup policy routes with ip ( iproute2), do my packets cross iptables -t nat POSTROUTING table?
[21:12] <keithzg> bekks: welllll, technically true, but the system *does* tend to know if it's using wired versus wireless drivers, and if it's a bridge. Thus it can, and on most distros does, automatically name accordingly, which IMHO is a good thing.
[21:13] <bananapie> So, is it a good idea for a sysadmin to rename his/her network cards to be more "user-friendly" ?
[21:14] <keithzg> Personally I name any bridges I create, but leave any wired adapters as just ethX . . . in no small part because there don't tend to be more than two, and usually just one.
[21:14] <bekks> bananapie: the best thing would be to work with data links, instead with physical interfaces (which are in fact irrelevant to know).
[21:14] <bananapie> data link = IP right ?
[21:15] <bananapie> so work with IPs instead of names like 'eth3' and 'bond0' ?
[21:15] <bekks> Nope. Data link = "path" of data through you computer, from the physical interface, up to the application working with that data.
[21:15] <bekks> It is not bound to have an IP.
[21:16] <bananapie> ah ok
[21:16] <bananapie> I'm learning iproute2, apparently I've been doing it wrong. I was using ifconfig and route.
[21:17] <bananapie> iproute2 commands give output that looks very similar to bsd
[21:17] <keithzg> I dunno, as a sysadmin I find the physical interfaces pretty damn important to know on a nearly daily basis, heh. Obviously scenarios may vary (company I work for is very small but tech-intensive, scraping by with cobbled together consumer hardware).
[21:18] <bekks> keithzg: When working with data links, you define them once, and you never have to care about the physical interfaces again.
[21:19] <keithzg> bekks: That's working under the assumption that the physical networking hardware isn't failing due to age and a scary, scary electrical system in the building :P
[21:19] <bananapie> bekks, what do you use for a firewall? Do you not specify physical links in your iptables commands?
[21:20] <bekks> keithzg: Well, you will know the hardware failed when your data link fails. And the data link will tell you which interface failed. So no need to know that before it gets important. :)
[21:20] <bekks> bananapie: I am using iptables, but the concept of datalinks isnt implemented in linux at all ;)
[21:21] <bananapie> ah'
[21:21] <keithzg> bekks: Fair enough. Not really sure what help 'data links' would be in my scenario anyways, though. It's not like things don't Just Work as long as the interfaces are up!
[21:30] <mip5> gotta cruise
=== jeremy_carroll__ is now known as jeremy_carroll
[22:39] <StolenToast> if I want two public keys on my server do I simply add each as one line in authorized_keys?
[22:40] <StolenToast> wait it worked, my problem was I didn't specify the login name
=== Lcawte is now known as Lcawte|Away