/srv/irclogs.ubuntu.com/2014/08/26/#ubuntu-server.txt

sarnold4505 or 4506?00:00
sarnolddelinquentme: does netstat -lnp show something listening on 4505 or 4506?00:00
sarnolddelinquentme: .. if so, is it bound to localhost?00:00
delinquentmesarnold, nope !00:00
sarnolddelinquentme: nmap can only tell if a port is open if a process is actively listening on that port00:01
delinquentmeactually i used $ nmap -v 104.130.135.79 -p 4505 to check it from a remote machine00:01
sarnolddelinquentme: shows closed for me too, but '22' for example is openbecause sshd is listening00:02
delinquentmewell theres a web server called  zeroMQ which should be listening on ports 4505 and 4506 and00:03
delinquentmeand I ran $ sudo ufw allow 4505 && sudo ufw allow 450600:03
sarnolddelinquentme: what does sudo netstat -lnp | grep :450  show?00:04
delinquentmesarnold, nothing00:06
sarnolddelinquentme: okay, how about ps auxw | grep -i z  ? does it show zeromq running? that'll let you know if you need to figure out (a) why it isn't starting or (b) why it isn't listening on the ports you expect00:07
delinquentmezeromq is not showing up00:09
delinquentmedamn.00:09
delinquentmeis there not a way to tell whether a port is open by itself?00:09
sarnolddelinquentme: nc -l 4505   on the host where you want to run zmq, then on another host, run "echo hi | nc <ip address> 4505"  -- if you see 'hi' in your first terminal, then the firewall lets the port through00:11
delinquentmesarnold, check. I got "hi" on the first terminal00:12
delinquentmeso then it could be an issue that zeroMQ is only running while its needed ( this is a infrastructure provisioning software )00:13
sarnolddelinquentme: nice; if you want to make sure your firewall is okay,try again on ports e.g. 4000 or something :)00:13
sarnolddelinquentme: no idea there. from what I know of zmq it seems very unlikely to me that it wouldn't be running all the time..00:13
delinquentmesarnold, yeah cool trick !00:14
delinquentmeright now im trying to sort out why im getting so many hanging instance events on rackspace00:14
delinquentmeIE  I ask for a node and it takes > 10 minutes for it to answer back as being up + provisioned00:14
sarnoldowwwwwww00:15
delinquentmeyeah i was thinking it was rackspace ... but it might have been that I failed to open up the right ports for the software source on the master00:16
delinquentme... but then im not sure why it ever even once provisioned00:16
rostamHI I want to create a local repo of some debian packages with their dependencies what tool would be the best and easiest to do this task? thanks01:51
sudormrfhey guys, trying to figure out which video driver I need.  it is a bit of an odd question since I am running server, but I installed xbmc on my nuc and now xbmc is saying it needs a video driver.  was looking at this package, i965-va-driver.  that look right?02:54
sudormrfthe simple question, which driver do I need for this? 00:02.0 VGA compatible controller: Intel Corporation 3rd Gen Core processor Graphics Controller (rev 09)03:01
Patrickdkintel :)03:02
sudormrfPatrickdk: aye, but which?03:03
sudormrfxorg isn’t installed03:03
cfhowlettsudormrf, this one I believe https://01.org/linuxgraphics/downloads03:03
Patrickdkwhat does xorg have to do with graphics drivers?03:03
sudormrfcfhowlett: is it in the repos?03:04
sudormrfPatrickdk: nothing.  was just mentioning it in case it mattered :)03:04
PatrickdkI never bothered03:04
Patrickdkit *just works*03:04
sudormrfPatrickdk: ?03:04
Patrickdksudormrf, /kernel/drivers/video/intelfb/intelfb.ko03:08
Patrickdkthat is the video driver for it03:08
Patrickdkso if you see intelfb in lsmod, it's loaded03:09
sudormrfPatrickdk: it is not loaded03:09
Patrickdkwell, what are you using?03:09
Patrickdkis this a laptop?03:09
sudormrfan intel NUC03:10
sudormrfsorry had to make some change03:24
sudormrfchanges03:24
sudormrfnot sure where to go from here03:24
sudormrfwould prefer to load using apt03:25
=== apb_ is now known as apb1963
=== Ursinha is now known as Ursinha-afk
=== deegee__ is now known as drussell
lordievaderGood morning.06:18
abhishekcan u tell me why ext4 partition displays 93GB but actual size is 99GB06:51
abhishekI can't understand the mathematics behind it06:51
sarnoldabhishek: echo "1024 * 1000 * 1000 * 99 / (1024 * 1024 * 1024)" | bc -l   :)06:52
abhishekwhat is 1000 here06:53
abhishekactually I am confirmed that this is 1024 as a unit06:53
sarnoldthat's what your drive maker calls a "megabyte" and "gigabyte" :)06:53
abhishekI thought this is taken by some jounaling features06:54
sarnoldoverhead probably does account for some of that..06:54
=== trijntje_ is now known as trijntje
=== melmoth_ is now known as melmoth
=== yofel_ is now known as yofel
=== Lcawte|Away is now known as Lcawte
=== deegee is now known as drussell
=== jpds_ is now known as jpds
kamilboratynskiHello, I installed some caintainers.10:57
kamilboratynskiBut I see some tun-tap cards that are not attached with containers.10:57
kamilboratynskicontainer*10:57
kamilboratynskiSuggestion...?10:57
=== deegee is now known as drussell
pmatulismorning11:24
=== Ursinha-afk is now known as Ursinha
=== moparsthbest is now known as moparisthebest
Aisondoes the order of the files in /etc/apache2/sites-enabled matter?12:30
Aisonsomehow one of my virtual hosts is allways ignored12:30
Aisonthe others are working12:30
andolAison: The order matters in the regards that the first one will become the default vhost.12:32
andolAssuming you are dealing with named vhosts.12:33
Aisonok, this one starts with 00012:33
Aisonandol, yes, i'm dealing with named vhosts12:33
andolYepp, that 000 prefix is often used for the purpose of making sure the default really ends up being the default.12:34
Aisonlooks like the hostname is not submitted to apache12:38
Aisonvery strange12:38
Aison10.0.1.1 - - [26/Aug/2014:14:38:13 +0200] "GET /phpsysinfo.txt HTTP/1.1" 404 516 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36"12:38
Aison"-" no hostname here12:39
RoyKAison: I've seen that happen, but somewhat never understood how to fix it without disabling the "default" site. Try that first.12:43
patdk-wkheh?12:43
RoyKpatdk-wk: heh.12:44
patdk-wkhostname not being submitted when using http 1.1, is invalid, and will cause an error12:44
RoyKAison: can you do wireshark dump of that? hostname should be submitted, but apache may mess it up (or your config may)12:44
patdk-wkand "-" != hostname, that is the referer, by default12:45
AisonRoyK, right, when I disable the default, then everything works12:46
RoyKAison: bingo...12:46
patdk-wknever had an issue with it myself12:46
RoyKpatdk-wk: I have12:47
patdk-wkhmm, I need to figure out how to deal with the apache 2.2 -> 2.4 change12:49
AisonRoyK, and how did you solve it finally?12:49
RoyKAison: removed default config :P12:54
patdk-wkoh wait, you mean just remove 00-default right?12:54
patdk-wkya, I always do that12:54
patdk-wkand make my own12:55
RoyKyes12:55
RoyKperhaps there's something in the catch-all logic there that catches too much?12:56
patdk-wkthink it depends on what you do12:57
patdk-wkI found one server I have the default enabled12:57
patdk-wkon it, I use ip specific vhosts, virtualhost fullip:80 style12:57
LucidGuyOk, I have about 4-5 ubuntu servers mainly serving files/nfs.  I wan't to start monitoring their performance numbers, something straight forward.  Thinking of just installing Munin on each.  Recommendations?12:57
patdk-wkso the ip overrides the default vhost12:57
patdk-wkbut if you make another *:80 vhost, you will have to specify servername and/or serveralias for it12:58
RoyKpatdk-wk: and when that doesn't work either, and it returns to the default, even if the new config is correct?12:59
patdk-wkthat, I haven't seen :)12:59
RoyKthat's what Aison is seeing ;)12:59
Aisonthe funny thing is, I did not change anything in the configs13:00
Aisonthis config worked now for over 2 years13:00
Aisonsuddenly it stopped working...13:00
RoyKAison: a glitch in the matrix? ;)13:02
Aisonall what I did is a reboot of the server....13:02
Aisonso something happened13:02
Aisondo anybody know a good web file manager (maybe with ldap support)13:04
=== Ursinha is now known as Ursinha-afk
Aisondamn, building my raid array takes hours.....13:12
Aisonalready waiting 24h13:12
=== Ursinha-afk is now known as Ursinha
rostamhi  does all the debian files located in the directory /var/cache/apt/archives are installed on my system?13:29
lordievaderrostam: Not per se. It is a temporary place to store .deb files.13:30
lordievaderrostam: Apt places them there when they are downloaded.13:31
rostamlordievader, oh I see thanks13:32
jaminhas anyone here successfully used the text debconf_ui frontend for oem-config on 14.04?13:45
jcastrojamespage, I have an odd problem. The charm-tools in trusty is out of date13:52
jcastrobut the new one, in the PPA, depends on a new package, charmworldlib13:52
jcastrowhich is not in trusty13:52
jcastrois there any option at all for getting a new package in -updates or is it pretty much we're doomed?13:53
thebwt1Hey guys, what package provides ubuntu's sweet stats on login?14:06
lordievaderthebwt1: Seems to be 'update-notifier-common'.14:07
thebwt1thanks lordievader14:08
YamakasYanyone using preseed with the interfaces ?14:08
YamakasYIt's overwriting my /etc/network/interfaces file everytime14:08
thebwt1lordievader: actually it's landscape-client14:11
shreddingcan someone help me on how a curl command should look like if the client_id and api_key of oauth are weird?14:13
lordievaderthebwt1: The scripts that provide the data are all over the place though: apt-file search /etc/update-motd.d14:13
shreddingcurl -X POST -d "grant_type=password&username=Christian&password=secret" 'http://WpDs.u9yrWD3js;fYq?cog;MvTiq0Bj02r8LTL_v:c1W2:PzVsccsIt_G_uxnwE_TC08z14IKqYYKy0DJAok;_B?RvuVashIsARqhGwF=ChoBJveA7LvB;C?IeXyp?0ZiyBtg9;tSwTjVdC.K_f@n=;@V;2:VoX@IhPyiHzC@localhost:8000/o/token/'14:13
shreddingends with curl: (6) Couldn't resolve host 'WpDs.u9yrWD3js;fYq\'14:13
shreddingI understand why that is, but i don’t know how to male it work.14:13
dav1dp0101Does anyone have any expertise troubleshooting Upstart scripts?14:40
Aisonwhy do one of my ubuntu server have got p9p1 as name for the network device15:00
Aisonand the other one eth015:01
Aisonwhere are these settings to change that behavoir?15:01
henkjanAison: check https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/128404315:02
uvirtbotLaunchpad bug 1284043 in biosdevname "udev renaming the same hardware network i/f to different name, breaks networking and firewall (dup-of: 1324558)" [High,Confirmed]15:02
uvirtbotLaunchpad bug 1324558 in biosdevname "[SRU] biosdevname returns identical names for two different devices." [Undecided,Fix committed]15:02
bananapieWhat is the "right" way to connect to generic ssl service ( https, imap, whatever ) and check that the certificate is signed by an authority in /etc/ssl/certs ?15:09
bananapieI can't use my browser because it won't work for anything other than https15:09
bananapieSorry, I got disconnected.15:18
darksiderhi guys, just installed ubuntu server 14.04. On first boot, after installation, the booting process seems to hang, with the harddrive led blinking every second or so. Last line is Adding 4GB swap on /dev/sda215:25
* genii makes more coffee and wanders over to #ubuntu-meeting16:00
smoserutlemming, https://bugs.launchpad.net/ubuntu/+source/walinuxagent/+bug/136047116:10
uvirtbotLaunchpad bug 1360471 in walinuxagent "update walinuxagent to 2.0.7" [Medium,Confirmed]16:10
smoserand, fyi, ubuntu ServerTeam meeting going on irght now in #ubuntu-meeting16:10
=== matsubara is now known as matsubara-lunch
=== matsubara-lunch is now known as matsubara
zulhallyn: ill get to libvirt tomorrow17:38
hallynzul: ok17:39
zoidberg-Hey does anyone run a speedtouch 330 modem on debian, or has done in the past ( i know its an old modem ), http://codepad.org/SFzY5kZL <-- anyone know how to get this working i can't see to get it to grab device like ttyS0?18:52
sarnoldzoidberg-: https://lkml.org/lkml/2002/11/7/186 ... is there still a 'speedtouch' kernel module to load? :)18:56
SierraFor someone that has never worked with cronjobs before, is it possible to create one that'll run this every 30 or so minutes? sudo service apache2 restart & sudo service mysql restart19:02
SierraIt's a temporary fix to an issue a server I'm working on is having, but it'll hopefully help a bit while I workon the main issue19:02
sarnoldSierra: add "0,30 * * * * root /usr/sbin/service apache2 restart ; /usr/sbin/service mysql restart"  to /etc/crontab19:04
RoyKsarnold, Sierra: is it really wise to restart apache and mysql to fix an issue?19:12
sarnoldRoyK: no :)19:12
RoyKSierra: check the logs - they should see what's wrong19:12
sarnoldRoyK: but Sierra promised it's a short-term workaround19:12
RoyKs/see/show/19:12
RoyKsarnold: obviously, yes19:12
SierraRoyk: There seems to be a memory leak somewhere thats causing the server to completely die after ~45 minutes, this is just temporary while I get this fixed19:12
RoyKSierra: what's leaking?19:13
SierraNot certain yet19:13
RoyKSierra: have top running or monitor the problematic processes with munin or something to show their memory use19:13
SierraAll its running right now is a set of wordpress sites, but I've watched the memory usage slowly climb until it hits a point where it stops responding, using htop19:14
SierraProcess wise, it seems to be heavy CPU usage from apache, and growing memory usage from mysq19:14
RoyKSierra: the apache processes or mysql?19:14
RoyKah19:14
RoyKthat's rather bad...19:14
SierraYeah.. Just suddenly started up yesterday, no warning. Nothing was updated or changed beforehand that I'm aware of19:14
RoyKtoo bad wordpress can't use postgresql :P19:14
RoyKSierra: any wordpress or php upgrade happened recently?19:15
RoyKerm... if mysql is eating the memory...19:15
RoyKjust forget that question19:15
SierraI do know there was a wordpress update released, but as far as I know it hasnt actually been updated yet due to the resource issues19:15
RoyKSierra: can you isolate the process(es) leaking?19:16
SierraI'm wondering if there's just a suddenly massive amount of people trying to access the websites or something (Which is odd.. It's nowhere near tax season)19:16
sarnoldhttp://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-5265.html19:17
uvirtbotsarnold: The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. (http://cve.mitre.org/cgi-bin/cv19:17
sarnoldhttp://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-5266.html19:17
uvirtbotsarnold: The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, does not limit the number of elements in an XML document, which allows remote attackers to cause a denial of service (CPU consumption) via a large document, a different vulnerability than CVE-2014-5265. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5266)19:17
SierraRoyK: By the looks of it, a bunch of mysql processes using ~2.5% of memory each, and the number of those processes is stadily growing19:17
RoyKSierra: how is the I/O load?19:18
RoyKgiven by "wio" by "sar" (from sysstat) or "wi" from "top"19:18
RoyKSierra: install sysstat (or munin) if you want to monitor the system over time. using just top doesn't give you history19:19
SierraRoyK: htop, sorted by memory usage: http://i.imgur.com/JSGHNrL.png19:19
SierraIt was just rebooted about 2, 3 minutes ago19:20
RoyKSierra: htop doesn't seem to say much about the I/O load19:20
SierraThe IO monitors for htop seem to not work.. Everything's at 019:20
RoyKuse top19:21
RoyKor just install munin+sysstat19:21
RoyKbtw, there doesn't seem to be any global wio stats from htop19:21
SierraRoyK: Ok, I've got sysstat installed. Did a small google search, should I follow these instructions? http://www.leonardoborda.com/blog/how-to-configure-sysstatsar-on-ubuntudebian/19:25
RoyKSierra: looks ok, although I'm not sure if you need 2min samples - up to you19:26
SierraFor now, might as well, in case the server decides to implode after 5 minutes of running instead of 30 xD19:26
RoyKSierra: also - try munin - it makes nice graphs to help visualising things19:27
RoyKhehe19:27
SierraUbuntu manual pages for munin are showing instructions for two different servers; Not sure what that's about >.<19:28
RoyKSierra: apt-get install munin munin-node # that should do for most19:30
RoyKmunin is pretty good at configuring plugins available for the system19:30
RoyKSierra: by default, it'll setup a /munin place on the webserver - see /etc/munin/apache.conf for the configuration of the web access19:32
SierraRoyK: Well, this just suddenly happened in a split second: http://i.imgur.com/S4fW2sP.png19:32
Sierrai.imgur.com/8K5199J.png19:32
RoyKSierra: run top - check i/o statistics19:33
SierraSo maybe its not a memory leak, somethings causing a ton of threads to suddenly start up from apache and mysql..19:33
SierraAnd the server's not responding again19:33
RoyKSierra: your load is very high, so the problem is probably due to I/O load19:33
RoyKSierra: use top next time - not htop19:33
SierraIs there a way to get the SSH session to have a higher priority or something so the server will still respond to ssh?19:34
SierraIt seems that it is responding, just incredibly slowly..19:34
RoyKusual I/O issue19:35
RoyKprobably swapping the best it can19:36
SierraGonna have to call the guys at the datacenter and have em reboot the box again19:36
SierraOk so it finally responded to a service apache2 stop after ~5, 6 minutes, and everythings running fine again19:37
SierraAlthough the webserver's offline now19:37
SierraRoyK: How do I have top display the i/O stats?19:37
RoyKSierra: echo b > /proc/sysrq-trigger19:38
RoyKthat'll reboot it19:38
RoyKit won't sync the disks or anything, but hopefully, ext4 will sort that out19:38
SierraRoyK: Not sure if the reboots necessary atm as its load dropped down after it finally stopped apache219:38
RoyKSierra: echo s > /proc/sysrq-trigger; echo u > /proc/sysrq-trigger ; echo b > /proc/sysrq-trigger19:38
RoyKthat'll be safer19:38
RoyKok19:39
RoyKSierra: top will report i/o stats by default19:40
SierraUnless its not labelled as io, I'm not seeing it :/19:41
RoyKwi19:42
RoyKtime spent waiting for i/o19:42
RoyKerm19:42
RoyKwa19:42
RoyK%Cpu(s):  0,2 us,  0,2 sy,  0,0 ni, 99,7 id,  0,0 wa,  0,0 hi,  0,0 si,  0,0 st19:42
RoyKthe wa thing there19:42
Sierrahttp://i.imgur.com/HwmcNCi.png19:43
SierraOh there it is19:43
RoyKpress 119:43
RoyKso you get the output of all CPUs19:44
SierraI'm seeing it hitting 60-80%wa on both cores19:47
SierraAnd now 90%19:48
Sierrahttp://i.imgur.com/2ERj1KB.png is what its showing right now19:50
RoyKSierra: lots and lots of swap used - that's the cause19:51
SierraAny idea whats causing the massive spike in resource usage that wasn't occuring before? It happened at the end of tax season (When lots of people were using the site) but nowhere near this bad19:51
SierraThe server still responded back then, at least19:51
RoyKSierra: I'd try with reducing the maximum processes forked by apache19:52
RoyKSierra: 2GB isn't a lot if a webserver is under stress19:53
SierraRoyk: Not certain how to do that. Google search came up with things that seem irrelevant19:54
RoyKSierra: set MaxClients to 50 or something - perhaps less - under <IfModule mpm_prefork_module>19:54
RoyKin /etc/apache2/apache2.conf19:54
RoyKSierra: it certainly looks like a truckload of connections to your webserver that's killing it19:56
RoyKSierra: change that - stop apache and start it again - don't just do a reload19:57
SierraWould help if the router wouldnt keep disconnecting my laptop19:58
sarnoldSierra: are you under constant ddos attack or something?20:01
SierraI have no idea, sure as hell hope not >.<20:02
SierraJust randomly started up yesterday or the day before20:02
sarnoldSierra: netstat -tun  might be useful to determine what's going on..20:02
SierraWell the server didnt even last 2 minutes before I lost access again.. -headdesks-20:03
RoyKSierra: after changing the apache conf?20:04
RoyKSierra: looks like a DDoS to me20:04
SierraI didn't even get so far as to restart apache to load the new config20:04
SierraSo how do I explain what a DDoS attack is to a boss that knows nothing about networking and will probably think its an excuse?20:04
SierraXD20:05
RoyKSierra: what sort of content is on this website? Have you offended some people? ;)20:05
kklimondacontact your ISP asking them to route the ddos to /dev/null? ;)20:05
sarnoldSierra: if it is a DDOS, your ISP can help immensely. give them a call.20:06
sarnoldSierra: they'll probably be happy to help even if you haven't yet figured out what exactly is going on, they'll probably be able to tell in a few seconds if it is network related or not :)20:06
SierraRoyK: It's a series of front end wordpress websites for a united states tax efiling company20:06
sarnoldSierra: .. in the middle of august. heh.20:06
SierraYeah.20:06
SierraThats whats got me wondering. Plus, when tax season hit, it was nowhere near this bad20:07
* Sierra is just the programmer that writes the web code :(20:10
SierraAnd manages the server20:10
kklimondaheh, that's pretty painful position to be in.20:11
kklimondaI'm now trying to train some of my webdevs in the old work to manage servers, and it's not going well :(20:11
SierraWelp, gonna have to see if the datacenter can help with this. That's the only contact I have (That will recognize me as authorized to discuss such issues)20:12
SierraMy supervisor's on a week long vacation. So this is fun XD20:13
kklimondayeah, definitely give them a call if you think it's network related20:13
SierraAlready done, they're going to have another guy call me back20:14
RoyKSierra: better give that VM another few gigs of memory, for a start, and move the database to a dedicated server20:17
=== arosales_ is now known as arosales
SierraRoyK: It's not a VM, it's running on a physical server that my supervisor provided20:17
SierraSitting on a rack at a datacenter20:18
RoyKSierra: a physical server with 2GB of memory?!?20:18
SierraYeah.20:18
SierraI brought that up, was told to just do it20:18
Sierra'This server ran perfectly fine before'20:18
RoyKSierra: my home server has 16GB :P20:18
SierraMy personal VM has 512MB XD20:19
SierraAnd runs better than that damn thing does.20:19
SierraEven when its not having this issue20:19
RoyKSierra: again - start out with decreasing the number of apache processes20:19
RoyKSierra: if you get access to that thing :P20:20
SierraI did manage to get the change made to the file20:20
SierraThe server just kinda.. Died before I could get the apache2 restart out20:20
RoyKSierra: do you have some remote control?20:21
RoyKSierra: remote console?20:21
SierraSSH terminal is my normal method, but that immediately responds with 'Server closed the connection unexpectedly' now20:21
RoyKSierra: most servers have iDRAC or something like that in them, which works well if it's configured correctly20:22
SierraThere was /supposed/ to be a newer server with better hardware setup, but that never actually happened20:22
RoyKIMHO psycial servers should only be used for special purposes :P20:22
RoyK(such as VM hosts)20:22
RoyKwe even run our database servers virtualized - it works20:23
SierraThe issue there is getting my boss (Not the same person as my supervisor) to actually pay for the hardware20:23
RoyKheh20:23
SierraWhenhe's convinced that what we have has been working so if it stops working I can fix it20:23
RoyKthen let the system die and tell your boss why it died20:23
qman__Yeah, I've had servers lock up from improperly tuned apache maxclients, that's probably the situation20:24
qman__Fortunately mine were all VMs, connect to hypervisor, hit ctrl+alt+del or reset20:25
RoyKqman__: wrong answer - servers like these should be virtulised20:25
SierraRoyK: Sadly, that may result in loss of a job20:25
qman__Retune apache, hope for the best20:26
RoyKSierra: not if you play your cards correctly - you can't maintain a server with too little resources20:26
qman__And yes, they should all be virtualized, no reason not to20:26
SierraTbh, if I was actually paid enough, I'd have probably just upgraded the hardware myself20:26
SierraBut I'm not paid enough for that. :<20:26
qman__Running hardware incapable of virt in prod is inexcusable today20:27
SierraTo be fair... I dont think running everything on VMs is a good idea anyway. Head honchos get confused enough with this older stuff as it is20:28
SierraAnd they insist everything I do be something they can understand how to us20:28
Sierra>.<20:28
SierraThere's so many things that could be done better if I just had free reign to get it done right20:28
qman__Its easier to ask forgiveness than permission20:28
qman__If you do it right and prove it works, that normally solves the problem20:29
SierraTried that once. They had me go and redo it the way they wanted20:29
qman__Otherwise, its time to job hunt20:29
SierraOhhh I've been tempted20:29
SierraIf my dad's livelihood didn't depend on this business staying alive, I'd probably be working toward IT at MAcy's. Family friend works there, and has said I'd be great with them (I've even gone with him a couple times as an intern of sorts)20:30
RoyKSierra: I've talked to people running large-scale Oracle databases virtualised - they work20:31
RoyKSierra: running a webserver on physical stuff isn't good20:32
SierraWhat I really want to do is make a living building custom PCs. I enjoy that, it's like super fancy legos20:32
RoyKSierra: also - separate the webserver from the database server20:32
RoyKSierra: a database server have different needs than an apache server - apache+php may need some RAM, but rarely I/O, unless access takes off and it starts swapping20:33
qman__Yep20:33
SierraWell, got this from the datacenter20:35
SierraI have verified with one of our network engineers and we cannot see any indication from your current network usage that would indicate a DDoS from a networking standpoint.  Network activity has spiked, but within norms of the historical data.20:35
qman__Yeah, an improperly tuned server can choke on just normal heavy load, or even a security scanner or web crawler hitting everything20:36
SierraHm... On a random note20:36
SierraThe server's not getting massive resource hits20:36
SierraSomeone recommended a command earlier to check network usages, but I've forgotten what it was.. netstats something or other?20:39
SierraFound it, netstat -tun20:41
SierraIs there a way to have a certain command run when memory usage hits a certain number, say, 1024MB?20:42
SierraHm...20:42
SierraI'm seeing a lot of conenctions from a single IP address with random ports20:43
sudormrfHey guys, I would like to install intel graphics drivers to my NUC running ubuntu server.  I am not sure which package in the repos I should use.  any suggestions?20:44
RoyKSierra: just block that - iptables -I <that ipaddress> -J DROP20:45
SierraRoyK: Not sure if that's normal or not for a webserver, though20:45
sudormrfSierra, setup fail2ban20:46
sudormrfthat way you don't need to do this manually20:46
SierraOk looks like what I was seeing might be norma... Loaded up the website, clicked a couple pages, and now my ip address shows up with the same thing20:46
SierraIsnt fail2ban for failed logins?20:47
qman__Yes20:47
RoyKSierra: you can use it for all sorts of things20:47
sudormrfSierra, I use it to block IPs all the time20:48
sudormrfSierra, what RoyK said20:48
sudormrfI have it looking at the syslog for a certain output and then it blocks the IP it finds in that output20:48
qman__The out of the box config only does SSH logins IIRC but it is very configurable20:49
qman__I have it set up on an asterisk box20:49
* RoyK uses astersk or wind whenever someone points guns at him20:50
* RoyK uses astersk or windows whenever someone points guns at him20:50
qman__That's basically the situation here, inherited a mess, made it work20:51
sudormrfqman__, I believe you are correct.  I have it setup to block a specific type of entry.  was noticing a bunch of easter european IPs trying to do stuff20:51
sudormrfso I stopped them20:51
sudormrffirst I blocked entire IP ranges for those regions...and then some sites stopped working lol20:51
sudormrfhad to scale back20:51
qman__This asterisk server is completely integrated into the ticketing system and email system, so any change is going to be very involved20:55
qman__Email system is an unmaintainable disaster, too20:57
RoyKqman__: is asterisk so full of (some word not allowed on this channel) as earlier?20:57
qman__Yeah, asterisk is...appropiately named20:59
RoyK:P21:00
qman__One of the email servers is running debian etch, and someone decided it'd be a good idea to install random lenny packages, so now its totally non-upgradeable, can't install or remove software21:03
qman__It sits in the middle of the relay path with a custom LDAP+postfix integration that doesn't work in newer versions21:04
geniiRoyK: I find that wind was more apt, since they are a fairly crappy cell provider company21:06
tewardis it possible to configure BIND9, when it acts as a caching/forwarder server, to NOT go hunting for authoritative nameservers to go get data from?  It appears to do this in all cases...21:12
teward(this is all bind9 on Ubuntu Server boxes, hence me asking here)21:13
RoyKteward: DNS is pretty straight-forward - you configure the SOA and it says how long things can be cached21:14
tewardRoyK, i have it only configured as a forwarder, i.e. it forwards all requests to 8.8.8.8 and 8.8.4.4 (google DNS).21:14
tewardBUT, it also is reaching to the root nameservers, then the ccTLD/gTLD nameservers, etc. until it hits one for an authoritative answer21:15
tewardtrying to figure out if there's a way to disable that21:15
qman__Remove the root hints21:15
qman__It can't ask root servers if it doesn't know what they are21:16
sarnoldqman__: haha21:17
sarnoldteward: look around for a setting that might be "forward only" or "don't recurse" or similar21:17
RoyKI have finally discovered what's wrong with my brain; On the left side, there's nothing right, on the right side, there's nothing left!21:30
SierraOk so ufw is proving to just not work. I've blocked an ip address, and netstat -tun is still showing that ip addresses all over the place... Is there a better option for blocking specific IP addresses21:52
sarnoldSierra: probably ufw block rules won't affect already established connections; you can either kill the process that has those sockets open (netstat -tunp can help) or you can nullroute the address, ip route add blackhole <ipaddr>22:02
Patrickdkufw uses conntrack22:06
Patrickdkconntrack will keep existing open :)22:06
Patrickdkuse conntrack tool to fix it22:06
sarnold"conntract tool"?22:07
sarnoldah you can see how my fingers work..22:07
YamakasYare there some good preseed guys in here ?22:18
=== ideopathic_ is now known as ideopathic
=== TDog_ is now known as TDog
=== Tzunamii_ is now known as Tzunamii
=== s is now known as Guest96153
=== Zoey is now known as Zoey142
=== Lcawte is now known as Lcawte|Away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!