[03:24] <mdev> is ubuntu gonna ship TLS_FALLBACK_SCSV soon?
[03:24] <mdev> https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=cf6da05304d554aaa885151451aa4ecaa977e601
[06:55] <ochoroch> Good morning.... i have an issue regarding login, after roughly 1 day i cant login anymore. On console i can see some message: http://picpaste.com/Bildschirmfoto_2014-10-15_um_08.26.21-QunlBobe.png
[06:56] <ochoroch> How can i investigate this issue ? (couldnt find anything in the logs)
[07:05] <lordievader> Good morning.
[07:06] <lordievader> ochoroch: I suppose your login process hangs and gets killed after a while.
[07:08] <ochoroch> lordievader: ok... this is what i experience when i try to login :-) . How can i determine the reason for this and fix it?
[07:09] <lordievader> ochoroch: Good question, is there another way you can login? (keybased or something)
[07:10] <ochoroch> lordievader: i can restart the maschine (its a VM running on HyperV) and login afterwards ...
[07:11] <lordievader> ochoroch: You said there was nothing in the logs, what log did you check?
[07:11] <ochoroch> kern.log and syslog
[07:11] <ochoroch> and searched overall logs for "Not tainted" ...
[07:11] <lordievader> ochoroch: Ok, anything in the auth.log?
[07:13] <ochoroch> lordievader:
[07:13] <ochoroch> Oct 15 02:00:01 web CRON[27834]: pam_unix(cron:session): session opened for user getmail by (uid=0)
[07:13] <ochoroch> Oct 15 02:00:01 web CRON[27834]: pam_unix(cron:session): session closed for user getmail
[07:13] <ochoroch> Oct 15 02:00:22 web CRON[27833]: pam_unix(cron:session): session closed for user root
[07:13] <ochoroch> Oct 15 08:32:10 web sshd[1396]: Server listening on 0.0.0.0 port 22.
[07:13] <ochoroch> Oct 15 08:32:10 web sshd[1396]: Server listening on :: port 22.
[07:13] <ochoroch> Oct 15 08:33:01 web CRON[2660]: pam_unix(cron:session): session opened for user root by (uid=0)
[07:13] <lordievader> !paste
[07:13] <ochoroch> this is from the auth.log
[07:13] <ochoroch> lordievader: sorry ...
[07:13] <ochoroch> lordievader: http://paste.ubuntu.com/8563353/
[07:13] <ochoroch> Oct 15 08:32:10 is after the reboot
[07:14] <lordievader> No errors?
[07:14] <ochoroch> no...
[07:14] <lordievader> Hmm.... I'm not sure how to debug this.
[07:15] <ochoroch> double checken auth.log ... no errors at all....
[07:16] <lordievader> Can you login to ssh?
[07:16] <lordievader> While monitoring that log ;)
[07:16] <ochoroch> yes atm i can login via ssh
[07:16] <ochoroch> ;-)
[07:17] <lordievader> You should get something like: sshd[7332]: pam_unix(sshd:session): session opened for user lordievader by (uid=0)
[07:18] <ochoroch> yep, this is what i'm getting ...
[07:18] <lordievader> Okay, so that looks good...
[07:20] <ochoroch> fyi, fail2ban is installed ... but its the same setup on 2 different maschines with same configuration ...
[07:26] <ochoroch> lordievader: this looks like the issue (same Ubuntu version, same kernel running on HyperV): https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1292400
[07:32] <lordievader> ochoroch: Confirm that the bug affects you too.
[07:34] <ochoroch> yep ... /me doesnt like the face that 1 of the 3 Sister-maschines does not behave like the other 2
[07:34] <lordievader> It's a strange bug indeed...
[07:43] <ochoroch> lordievader: THANKS for our help! ...
[07:43] <ochoroch> :-)
[07:43] <lordievader> ochoroch: No problem, I hope it gets fixed ;_
[07:44] <ochoroch> soone or later it'll be fixed. I think the wouldnt happen on KVM as Host ... :-)
[07:45] <lordievader> \o/ KVM :D
[08:38] <lkthomas> hey guys
[08:38] <lkthomas> after update kernel, I got fail boot up
[08:38] <lkthomas> now I am on initramfs console
[08:38] <lkthomas> what should I do ?
[08:38] <lkthomas> since I am running console redirect, I can't choose previous kernel
[14:02] <jamespage> coreycb: wanna prep that rc4 for neutron?
[14:02] <coreycb> jamespage, sure, and trove?
[14:03] <jamespage> coreycb: please
[14:03] <coreycb> jamespage, will do
[14:13] <coreycb> jamespage, there's an rc3 for glance too that I'll get
[14:13] <jamespage> coreycb: ta
[15:08] <coreycb> zul, jamespage: merge proposals are ready
[15:08] <coreycb> https://code.launchpad.net/~corey.bryant/trove/2014.2-rc3/+merge/238458
[15:08] <coreycb> https://code.launchpad.net/~corey.bryant/neutron/2014.2-rc3/+merge/238459
[15:08] <zul> coreycb:  builds fine?
[15:08] <coreycb> https://code.launchpad.net/~corey.bryant/glance/2014.2-rc3
[15:09] <coreycb> zul, yes, I always build
[15:09] <jamespage> zul, can you deal with that? I'm pushing ceilometer deps through to the ca
[15:09] <zul> coreycb: k just checking
[15:09] <coreycb> zul, thanks :)
[15:11] <jamespage> zul, coreycb - oh hold on neutron
[15:11] <jamespage> we might about to get an ack on the MIR for conntrack
[15:11] <coreycb> jamespage, k
[15:11] <zul> ack
[15:12] <jamespage> zul, three ack'd, jdstand assigned conntrack (sorry jdstrand)
[15:12] <zul> ill wait on neutron then
[15:12] <jamespage> zul, nah - bump it in
[15:13] <zul> ok
[15:13] <jamespage> zul, we can do that as a dep update later
[15:15] <zul> aaah...too many windows open
[15:29] <zul> jamespage/coreycb: done
[15:29] <coreycb> zul, thanks
[18:23] <moparisthebest> I need some help, ever since I upgraded from 12.04 to 14.04 no cron jobs have ran
[18:23] <moparisthebest> in syslog I get this:
[18:23] <moparisthebest> CRON[26094]: Failure setting user credentials
[18:23] <moparisthebest> from searching that string, I gather it has *something* to do with pam
[18:24] <moparisthebest> the only thing in my /etc/crontab is */1    *         *   *   *   root     date >> /tmp/date.log
[18:24] <moparisthebest> and every minute, the above message get's written to the log
[18:24] <moparisthebest> and nothing ever shows up in /tmp/date.log
[18:27] <jrwren_> moparisthebest: is pid 26094 running as root?
[18:28] <moparisthebest> yes jrwren_
[18:29] <jrwren_> moparisthebest: non-standard PAM config?
[18:29] <moparisthebest> no and i'm trying to figure out what owns the pam files so it can overwrite them with standard
[18:30] <moparisthebest> I had modified some pam files back in 12.04, but chose the option to overwrite my changes during the 14.04 upgrade
[18:31] <jrwren_>  dpkg -S /etc/pam.d/cron says that the cron package owns that file
[18:31] <jrwren_> but common-* pam.d files don't come from a package :(
[18:31] <moparisthebest> yes, I 'rm /etc/pam.d/cron' and then 'apt-get -o DPkg::options::=--force-confmiss --reinstall install cron'
[18:32] <moparisthebest> but yea, I don't see what owns those :(
[18:35] <moparisthebest> gah I fixed it by replacing common-auth with the common-auth from my desktop
[18:35] <moparisthebest> why it still let me log in and do other things I have no idea?
[18:35] <jrwren_> moparisthebest: well done :)
[18:36] <jrwren_> moparisthebest: you could have diffed the files to see
[18:36] <jrwren_> moparisthebest: pam-auth-update may have helped too
[18:36] <moparisthebest> I ran that and it didn't change anything
[18:36] <moparisthebest> the offending lines were
[18:37] <moparisthebest> auth requisite pam_google_authenticator.so forward_pass
[18:37] <moparisthebest> auth    [success=1 default=ignore]  pam_unix.so nullok_secure use_first_pass
[18:37] <moparisthebest> but I wonder what the command is to 'give me back default common-auth'
[18:38] <jrwren_> moparisthebest: its a good question.  file a bug?
[18:38] <jrwren_> moparisthebest: those two lines are now removed?
[18:39] <moparisthebest> yes jrwren_ I removed them to match the one on my desktop, I had added them awhile ago for two-factor authentication
[19:38] <adam_g> jamespage, zul is ironic going to be included in the juno UCA pocket?
[19:42] <zul> adam_g:  its still being discussed
[19:43] <adam_g> zul, its graduated and will be part of the juno release
[20:03] <chridal> Hello! I could really use some help with a DHCP-server running in production. 1,318 users currently depend on it, so I can't afford to mess up.
[20:03] <chridal> I am getting: linux-generic-pae : Depends: linux-headers-generic-pae (= 3.2.0.40.48) but 3.2.0.70.84 is installed
[20:04] <chridal> and linux-image-generic-pae : Depends: linux-image-3.2.0-40-generic-pae but it is not installed
[20:06] <keithzg> Hmmph, Google recently changed their policies so if you're using an external address you have to have it send via your own SMTP server (old instances are grandfathered in). This makes my life a bit difficult today as one of the employees here wants to set up sending "from" his work address via gmail . . .
[20:07] <keithzg> Predictably, it lets you choose entirely unauthenticated+cleartext port 25, or you can be encrypted and authenticated but your cert has to chain-of-trust up to one of the big CAs.
[20:08] <keithzg> Why is the option always either entirely insecure or trusting some giant sketchy company?
[20:08]  * keithzg is in a get-off-my-lawn mood today :P
[20:09] <chridal> Is it possible for me to mess something up here?
[20:09] <chridal> If I run something like apt-get install -f linux-generic-pae?
[20:14] <hydrajump> I have two ubuntu servers: server-A has SSH keyA.pem and server-B has SSH keyB.pem. I know how to SSH to server-A and jump to server-B, but can I ssh forward a port from server-B all the way to my admin machine, admin <- server-A <- server-B port 8080 ?
[20:17] <hydrajump> I think I found an answer.
[21:06] <keithzg> Hmmph. Even with a set of certs and keys chain-of-trusting up to StartSSL, which desktop clients then completely trust, Gmail is still unable to authenticate with my SMTP server.
[21:48] <keithzg> Interesting, Gmail's attempts seem to use RC4-SHA while Thunderbird (successfully) uses DHE-RSA-AES128-SHA.
[23:50] <Logos01> Because the redhat provided script sucks balls:
[23:50] <Logos01> http://fpaste.org/142287/ <-- poodle_check_opam_logos_style.sh
[23:50] <Logos01> Bonus points if you run it under that name.