=== thumper-afk is now known as thumper [00:57] I setup postfix+dovecot starting with mail-stack-delivery, and virtual users are not working. Bounces all mail but that addressed to the mail username that matches my local username. The %d in mail_home and mail_location doesn't seem to be expanding. === rcj` is now known as rcj === markthomas is now known as markthomas|away === Sachiru is now known as Guest6649 === tempnick is now known as Sachiru [02:15] Logos01: thanks, changing bootdev to the dev path (/dev/sdb) worked. === lionel_ is now known as lionel [02:53] hi guys, how are you? [04:23] anyone have any experience with rebuilding broken RAID arrays? I had a drive fail completely in an mdadm array 5 and now when I boot my server it boots into initramfs prompt. I believe I need to boot from a CD to get into root, but dont know where to go from there [04:49] HI I am using ubuntu 14.04. I have used debootstrap --downloadonly to download required packages for debootstrap. It works fine, but I see some of the packages have naming convention I do not understand: For example: zlib1g_1%3a1.2.8.dfsg-1ubuntu1_amd64.deb, But not all the packages have this issue, could someone please help me? thx [05:20] rostam: I assume it is a : from epoch versioning, 1:1.2.8.dfsg-1ubuntu1 === arrrghhhAWAY is now known as arrrghhh [06:29] Good morning. [06:34] hi [06:35] is it possible, that ufw is just for simple settings? [06:35] Aison: Imo, yes. [06:36] You can do simple things, like allow/drop/reject connections but anything more complex... well then you have to write iptables rules. [06:36] yes, I know how to write iptables rules, but my problem is also, that ufw is not removing my custom rules after "ufw disable" [06:38] maybe it's best to use ufw just for filtering of incoming connections [06:39] What custom rules are you talking about? Those created with ufw? [06:39] eg. things like that: [06:39] -A POSTROUTING -o bond0.2 -s 10.35.0.0/16 -j SNAT --to-source 212.51.145.89 [06:39] many of those [06:40] Aison: I take that you created those outside of UFW, ofcourse it won't remove those. [06:40] yes, when I take them outside, then it is my responsibility :) === kickinz1|afk is now known as kickinz1 === kickinz1 is now known as kickinz1|afk [07:47] how to know if i am vulnerable to shellshock? [07:48] there are various tests on the web [07:49] hxm: If you regularly update your machine you should no longer be vunerable, given you run a supported version. [07:49] hxm: making sure your run updates is a good way [07:49] i am updated, i just wanted to know [07:49] you know, panic attack [07:51] hxm: https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-shellshock-bash-vulnerability === kickinz1|afk is now known as kickinz1 [07:59] argh, wie liest man ipv6 netzmasken?!? muss ich verschiedene subnetze so schreiben 2a02:168:200f:0001::/56, 2a02:168:200f:0002::/56, 2a02:168:200f:0003::/56 [07:59] oder so 2a02:168:200f:0100::/56, 2a02:168:200f:0200::/56, 2a02:168:200f:0300::/56 [08:01] damn, sorry, wrong channel [08:01] lol === kickinz1 is now known as kickinz1|afk [08:02] Aison: sipcalc is a nice utility for ipv6 addresses/netmasks === kickinz1|afk is now known as kickinz1 [08:02] i run the bash version GNU bash, versiĆ³n 4.2.45(1)-release (x86_64-pc-linux-gnu) [08:02] is that the lastest one? [08:02] i try to upgrade bash and it says is the latest [08:02] Aison: see output https://p.6core.net/p/Yk3YdNzzdosBDVWhW1WYbtE2 [08:03] :D [08:04] np fixed === kickinz1 is now known as kickinz1|afk [08:35] adam_g, comments on mp - missing patch? === bilde2910|away is now known as bilde2910 [10:00] zul, coreycb: hmm the ironic driver landed in nova for c1 [10:00] rc1 rather [10:07] adam_g, ironicclient sync from debian (1.2.x) [10:07] sorry 0.2.x === Lcawte|Away is now known as Lcawte [10:56] HI I see some of the ubuntu packages have extra field: "1%3a" for example zlib1g_1%3a1.2.8.dfsg-1ubuntu1_amd64.deb. Is this epoch version? in any case does it have any difference with the package which does not have that extra characthers? The problem I have I can not use those packages in my http server to download them, the extra packages break the download process. Thanks [11:15] rostam: yes, it's for the epoch. The ':' character is in the filename but gets escaped due to HTTP requirements. [11:21] rbasak, if I rename the package (removing extra 1%3a) would cause any issue, or is there a better way doing this? thanks [11:22] rostam: a better way of doing what? [11:23] rbasak, I want to remove the "1%3a" from package name? [11:24] zul, stevedore internal versioning was causing issues so I uploaded 1.0.0 and 1.0.0.0 so that I can actually test glance properly [11:25] bah [11:27] rostam: '1:' is part of the version, not part of the package name. [11:32] Odd_Bloke, ok, so when package is downloaded through http, the "1:" changes to "1%3a" ?? [11:32] rostam: ':' is not a legal character in URL paths so it's encoded to %3a. [11:34] Odd_Bloke, thanks, now I got it. [11:35] rostam: :) [11:37] coreycb, look at you on your IPv6 address :-) [11:37] * jamespage stops poking coreycb [11:40] lordievader: ufw by default does not flush the primary chains since it by default does not manage the primary change. you should be able to adjust /etc/default/ufw to have MANAGE_BUILTINS=yes, but this may have other side-effects. see /etc/default/ufw for details [11:41] s/primary change/primary chains/ [11:43] jdstrand: I don't use UFW ;) [11:43] oh whoops [11:44] Aison: ^ === Lcawte is now known as Lcawte|Away === Lcawte|Away is now known as Lcawte === Lcawte is now known as Lcawte|Away [12:07] zul, coreycb: almost have nova and glance done [12:54] jamespage, heh :) [12:54] coreycb, hello [12:54] jamespage, hey [12:58] jamespage, would you mind taking a look at this to see if it looks good so far? https://code.launchpad.net/~corey.bryant/ceilometer/2014.2-rc1/+merge/236610 [12:58] jamespage, I think I need to pip install to verify some things [12:59] jamespage, oh and I can take ironic [12:59] coreycb, adam_g already did [12:59] jamespage, oh sweet, thanks adam_g ! [13:00] coreycb, interesting - http://specs.openstack.org/openstack/ceilometer-specs/specs/juno/ipmi.html [13:02] jamespage, yeah pretty cool [13:03] zul, sigh [13:03] VersionConflict: (oslo.config 1.4.0.0-a5 (/usr/lib/python2.7/dist-packages), Requirement.parse('oslo.config>=1.4.0')) [13:03] dealing with it now [13:03] nova? [13:08] zul, no glance [13:10] zul, I've uploaded new versions of stevedore, oslo.config and oslo.rootwrap with additional .0's to deal with final release/pre-release versioning stuff [13:10] ack [13:19] bug 1373714 [13:19] Launchpad bug 1373714 in openstack-dashboard "openstack-dashboard next charms don't properly support vip_cidr" [High,New] https://launchpad.net/bugs/1373714 [13:36] zul, gah - boto and eventlet are also causing problems... [13:36] * jamespage sighs [13:36] * zul shakes his head [13:36] as in how? [13:41] zul, for some reason bits of glance use pbr for stuff, and boto and eventlet don't match from a version perspective [13:42] jamespage: gah...you should be able to get around that by patching the requirements.txt [13:42] zul, yeah - but the eventlet problem is in oslo.vmware as well [13:42] I can fix that [13:42] ok [13:42] but its a pita [13:42] jamespage: i feel your pain [13:43] zul, bumping eventlet to 0.15.2 is a 25k diff [13:43] lots of py3 compat work [13:43] makes me nervous [13:43] boto might not be so bad [13:44] zul, boto - 22k diff [13:44] again lots of py3 compat [13:59] utlemming: bug 1375252 interests me. Is cloud-init resetting the hostname as I'd expect here, based on what Azure says, or is walinuxagent supposed to be doing something extra-clever here? [13:59] Launchpad bug 1375252 in walinuxagent "Hostname change is not preserved across reboot on Azure Ubuntu VMs" [Undecided,Confirmed] https://launchpad.net/bugs/1375252 [14:05] jamespage, sorry those openstack charm bugs I filed were not descriptive, I was filing them on the spot. Now that I am back I'll get you more info. [14:06] jcastro, awesome [14:06] jamespage, you don't have an orange box do you? [14:06] jcastro, nope [14:10] zul, coreycb: We are scheduled to publish 2014.1.3 on Thurs Oct. 2nd for [14:10] wowser [14:10] ^^ gaughen :-) [14:11] jamespage, ok yep [14:11] jamespage, busy week!~ [14:11] coreycb, yes indeed [14:14] jamespage, so if something is in universe it can't be a dep in debian/control? [14:15] coreycb, well it can but will need a MIR [14:15] coreycb, which one? [14:16] tox is required to generate ceilometer.conf [14:16] jamespage, ^ [14:16] great... [14:17] jamespage, and tests get fubar if I don't include python-pysnmp4 in build-depends [14:17] but maybe that's just a rules file change, not sure [14:17] coreycb, pysnmp4 is already under MIR - waiting for security team review [14:17] jamespage, ah, cool [14:18] jamespage, guess I should have remembered that, my name is in the bug [14:18] :) [14:23] coreycb, hmm tox [14:25] jamespage, hmm.. tox.. [14:26] jamespage, can we try to MIR? [14:27] coreycb, use "bash tools/config/generate_sample.sh -b . -p ceilometer -o etc/ceilometer" [14:27] and bypass tox [14:31] jamespage, nice, that works [15:24] jamespage, ceilometer is ready for review - https://code.launchpad.net/~corey.bryant/ceilometer/2014.2-rc1/+merge/236610 === hxm is now known as Guest63200 [15:51] http://pastebin.com/H9LALpSP [15:51] Last lines are actually on different lines, just got malformed when pasted [15:53] Packets are marked: [15:53] 194 15982 MARK icmp -- * br0 0.0.0.0/0 0.0.0.0/0 MARK set 0x15 [15:59] Anyone? === Azelphur_ is now known as Azelphur === baggar11_ is now known as baggar11 === Locke2002 is now known as Guest15594 === ikonia_ is now known as ikonia === Pici` is now known as Pici === Lcawte|Away is now known as Lcawte [16:51] I guess isc-dhcp-server-ldap is not supporting DHCPv6? [16:52] at least in the schema file there is no dhcpSubnet6 [17:00] <|\n> what should i check first of all, if i see "dhclient.c:2277: Failed to send 300 byte long packet over fallback interface." [17:05] coreycb, zul: can you guys handle the remaining rc1's please [17:05] I have a load of charm review/work to finish for eod tomorrow and need to switch focus [17:05] jamespage, sure [17:05] jamespage: sure [17:15] rbasak, http://blog.oddbit.com/2013/10/04/automatic-dns-entries-for-libvirt-domains/ [17:15] stubled across that . and thought of uvt [17:15] does parsing of leases file. [17:19] that is actually really nice. and combined with 'incron' as suggeted. really neat === Lcawte is now known as Lcawte|Away [17:30] smoser: I hate things that involve modifying /etc/hosts [17:30] smoser: but an nss module would be nice! [17:31] rbasak, it doesn't require modiying /etc/hosts [17:31] well, the whole solution does. [17:32] but you could just use the parsing libvirt for domain->ip [17:33] smoser: My apologies, what are you trying to do? (Catch me up) [17:34] well, determine an ip address for a libvirt domain. [17:35] You could nuke the need for network manager by just sticking w/ dnsmasq and using pkill -SIGHUP dnsmasq whenever there's an inotify event. [17:35] i have no need of network manager. [17:35] I'm reading the oddbit.com blog page. [17:36] mostly i was just interested in parsing of libvirt xml and dnsmasq. [17:37] dnsmasq is pretty straightforward in these things. [17:37] ? [17:37] the problem is [17:38] a.) you start a domain in libvirt named 'smfoo'. it dhcp's and gets an ip address. [17:38] If I understand it you want to be able to obtain the ip address of an arbitrary libvirt domain/guest. [17:38] b.) you want to ssh to 'smfoo' [17:38] Right. [17:38] but smfoo is not resolvable dnswise. [17:38] so you have to do that. [17:38] And there are ways to make that viable. [17:38] which do not require guest modification? [17:39] Nope. [17:40] I am in the habit of using dnsmasq as a local DNS cache on my boxes. [17:40] So my resolv.conf points to 127.0.0.1 [17:40] This allows me to have whatever upstreams I like -- I could for example have my local dnsmasq instance reference the libvirt dnsmasq as an upstream. [17:41] only issue with that is, no dnssec support [17:41] The libvirt upstream one will provide responses for its dhcp clients (or at least their leases) [17:41] Logos01, no it wont. [17:41] patdk-wk: dnsmasq can do dnssec. [17:42] it will provide dns for those that provided it with a hostname on dhcp request. [17:42] and if you launch 10 instances of a disk image that have 'foo' in /etc/hostname it fails. [17:43] avahi is the other guest modification way to publish your name. [17:43] which is what uvtool uses now. but i dont want the guest modification. [17:43] I'm not in the habit of reusing hostnames during provisioning. [17:44] smoser: I'm basically doing the same parsing inside uvtool. [17:44] oh. i didn't know that. [17:44] :) [17:44] smoser: writing /etc/hosts dynamically just feels bad to me. [17:44] So you want systems to have a shared local hostname, not have that be modified during dhclient lease acquisition, and still have the ability to address a system by hostname upon startup ? [17:44] smoser: for example, have fun with guests inserting interesting hostnames :) [17:44] Logos01, "provisioning". [17:44] i want no "provisioning". [17:44] smoser: Then you want no systems. [17:45] Zeroconf solves the problem. [17:45] i have cloud-init and ubuntu cloud images. [17:45] Manual provisioning is still provisioning. [17:45] i download them and run them. [17:45] i dont modify them. [17:45] But avahi-daemon+libnss-mdns didn't seem reliable enough. [17:45] That's a form of provisioning. [17:45] thats what i want to avoid. [17:45] "guest modification" [17:45] Then let dhclient assign the hostname. [17:46] I want sensibly named hosts. [17:46] THat I specified at the commandline [17:46] Yeah, there's a meaningful part of the conversation missing here. [17:50] rbasak, actually, the dhclient being run with the hostname [17:50] is more doable now. [17:50] and in the future the nocloud data source would be able to set that. === Lcawte|Away is now known as Lcawte [17:50] the change is that now in utopic, the neworking will not come up until after cloud-init has searched local datasources [17:51] oh? when did dnsmasq get dnssec [17:52] Not sure when, but: http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html [17:52] "It can be configured to do DNSSEC validation." [17:53] http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2014q1/008086.html <-- looks like it was Q1 2014. [17:54] Made it into 14.04 w/ dnssec support. [17:58] Logos01, what did you mean by "let dhclient assign the hostname" ? [17:59] eh [17:59] smoser: I mean you have your dhcp server assign hostnames for the guests. [18:00] i dont know that i follow. [18:00] whathttp://askubuntu.com/questions/104918/how-to-get-hostname-from-dhcp-server [18:00] 2 seconds in google [18:00] i didnt read it [18:01] guest modification, tafa2. [18:01] smoser I came late... but you want to give dhcp clients hostnames server by your dhcp server? [18:02] *served [18:03] never mind. [18:14] it seems this could be fairly well solved with a dnsmasq '--script' or '--luascript'. [18:15] libvirt runs dnsmsasq with dhcp-hostsfile and addn-hosts . the script could then read libvirt, and populate the dnsmasq specific hosts with the new entry. [18:15] you'd still have to query the dnsmasq nameserver to get the response, but youcoudl do it ther.e [18:15] smoser: That is not guest modification. [18:15] Guest modification is something done by an automatic provisioning process. [18:16] Allowing dhcp server to assign hostnames when dhclient is run is a different story. [18:16] but you ahve to modify the guest. [18:16] to make it set its hostname. [18:16] i dont know. maybe i'm missing something. === kickinz1|afk is now known as kickinz1 === markthomas|away is now known as markthomas [18:47] smoser: dhclient *should*, if 'instructed' to do so by the dhcp server, assign the hostname for the dhclient guest. [18:48] You have to configure your dhcp server to instruct the dhclient binary to set the hostname. [18:49] really ? i dont think that generally sounds like good advice. [18:50] what if i have 2 NICS both dhcp on different networks with different lease times. [18:50] seems unpredictable. === kickinz1 is now known as kickinz1|afk === Guest15594 is now known as Locke2002 [19:20] i prefer cloud-init setting my hostname :p === bilde2910 is now known as bilde2910|away === bilde2910|away is now known as bilde2910 === bilde2910 is now known as bilde2910|away === bilde2910|away is now known as bilde2910 === Guest63200 is now known as hxm [20:51] <[F_F]> Ubuntu = Linux + Cancer + Aids [20:51] <[F_F]> specially AIDS [20:54] haha, all curable and revolutionary === bilde2910 is now known as bilde2910|away === bilde2910|away is now known as bilde2910 [21:08] hi [21:08] i have apache2 running, the 80 port is busy, now i have a process with webinterface that i want to run in port 80 too [21:09] i changed the listening host but it still says is in use [21:09] how can i do that? === bilde2910 is now known as bilde2910|away [21:21] hxm: You changed the port for apache to something else? [21:21] no, i found a solution using proxy_mod and proxypass [21:23] Ah, good. [21:48] how can I run a dhcpv6 server and dhcpv4 server at the same time?!? [21:50] the strange thing is, i've got a isc-dhcp-server in /etc/init.d/ [21:50] and a isc-dhcp-server.conf and isc-dhcp-server6.conf in /etc/init [21:50] ...- [21:52] <[F_F]> I guess you need both static IP's first [21:52] <[F_F]> IPv4 static and IPv6 static [21:54] yes, i've got both, but somehow isc-dhcp-server have got no ipv6 version [21:55] <[F_F]> hmmm [21:55] <[F_F]> that's odd [21:55] <[F_F]> http://knowledgelayer.softlayer.com/learning/adding-ipv6-ubuntu-systems [21:56] <[F_F]> https://secure.evorack.com/portal/knowledgebase.php?action=displayarticle&id=17 [21:56] <[F_F]> hope that helps [21:57] when I try to start, I get subnet6 statement is only supported in DHCPv6 mode. [21:59] works now :) [22:00] <[F_F]> Where does 2 links helpful? [22:00] <[F_F]> or not? [22:00] not directly, the addresses were correctly set [22:01] but the config file had the wrong name ^^ [22:01] <[F_F]> awwww :( [22:08] jdstrand: any complaints to /sys/firmware/devicetree/** r, in the libvirt-qemu template? [22:08] (this is for bug 1374554) [22:08] Launchpad bug 1374554 in libvirt "ppc64el virsh start fails" [High,Confirmed] https://launchpad.net/bugs/1374554 [22:11] hallyn: none [22:11] thanks, pushing [22:17] Bug 1358925 still being an annoyance :/ [22:17] Launchpad bug 1358925 in postfix "root alias does not get set" [Undecided,New] https://launchpad.net/bugs/1358925 === bilde2910|away is now known as bilde2910