=== Lcawte is now known as Lcawte|Away
=== DenBeiren is now known as zz_DenBeiren
=== liam_ is now known as Guest50977
ruben23hi guys , i have issue with my ubuntu server 12.04 LTS, when i boot it wont directly boot instead i need to select first then on the booting process and loading it just freezed on the boot process part ---->http://s17.postimg.org/6k37qen7j/20141119_081525.jpg00:34
=== exixt_ is now known as exixt
ruben23any idea guys..?00:38
=== superspring_ is now known as superspring
=== Metacity is now known as doesnthaveapet
=== doesnthaveapet is now known as Metacity
=== markthomas is now known as markthomas|away
=== Metacity is now known as feelingthelove
=== feelingthelove is now known as Metacity
=== TDog_ is now known as TDog
ojeq@find ubuntu 12 lts03:18
ojeq!ping me03:18
lordievaderGood morning.08:18
blackyboyIn our Production server i can't login, Its a Ubuntu VM08:42
blackyboyWhile i login its login and immediately log-outs08:42
lordievaderblackyboy: Tty or a gui?08:43
blackyboyWhat may be the issue, Even i have tried recovery mode its giving some error08:43
blackyboylordievader: no its CLI server08:43
lordievader"its giving some error" what error?08:43
blackyboywait 1 min sir let me take the error a screenshot08:44
ubottuScreenshots can be made with the [PrtScr] button. Want to show us a screenshot of your problem? Upload an image to http://imgur.com/ and link the created page here.08:44
blackyboylordievader: http://i57.tinypic.com/2drvt6o.png08:48
blackyboyimgur site not working now. so uploaded in tinypic08:49
lordievaderblackyboy: Do you have a backup?08:50
blackyboyyes i have a backup08:50
blackyboyBut now i have copied this vm to other server08:51
lordievaderblackyboy: Good :) Grab a live-cd and check the drive. It looks to me like the disk is a bit broken (or the fs on it ofcourse).08:51
blackyboyoh ok let me try sir thankyou08:52
=== exixt is now known as exixt_
=== exixt_ is now known as exixt
blackyboylordievader: i have booted using a live cd, while i try to edit my network interface the file was reonly even i have executed this command , mount -o remount rw / and / have been mounted so i can't run fsck -y -C too09:23
blackyboyAny idea ?09:23
lordievaderblackyboy: Err, you don't need to mount the install's /, so you can fsck it.09:24
blackyboylordievader: i got these following Device to use as root file system menu09:26
ubottuFor posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.09:27
blackyboyassemble RAID Array09:27
blackyboylordievader: http://i.imgur.com/BgdmAc1.png09:28
blackyboyafter choosing do not use root im getting this http://i.imgur.com/FCg4e6y.png09:29
lordievaderYeah, I suppose that first option is okay. What you want is a shell in an environment where you can check the filesystem on the harddrive.09:30
blackyboyyes i have choosed it and which executing the command fsck.ext4 /dev/sda5 its says cannot continue aborting09:32
blackyboyis in use09:32
lordievaderblackyboy: You want /dev/arrweb-vg/root09:33
=== Lcawte|Away is now known as Lcawte
=== exixt is now known as exixt_
=== Lcawte is now known as Lcawte|Away
caribourbasak: is the cloud-guest-utils package systematically in our cloud images ?10:39
caribouwell rbasak or anyone who can answer10:39
=== Lcawte|Away is now known as Lcawte
sorencaribou: cloud-guest-utils is part of the cloud-image task, so yes.11:09
caribousoren: thanks11:09
sorencaribou: Since August 2013: http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/ubuntu.vivid/revision/215611:12
=== exixt_ is now known as exixt
=== exixt is now known as exixt_
blackyboylordievader: can't fit :(11:45
blackyboyThree vms recoverd just i have moved those vm to other host11:45
lordievaderblackyboy: Can't fit? Can't fit what?11:45
blackyboyusing live cd you told me to fix the filesystem11:46
lordievaderblackyboy: Yes...11:46
blackyboywhen ever using fsck -y -C it saying resource busy11:46
lordievaderblackyboy: What is the exact command you are using?11:49
blackyboylordievader: now i ran the this command fsck.ext4 /dev/arrwebs--vg-root and it said clean11:50
lordievaderblackyboy: Okay that is good :)11:51
blackyboylet me restart the vm and check whether  its work now11:52
blackyboyoh no11:54
blackyboymy login screen came, while entering the username and password its just kicking me out11:54
=== zz_DenBeiren is now known as DenBeiren
neurotus2014 Nov 19 14:15:51 vps74689 PAM service(sshd) ignoring max retries; 6 > 312:16
neurotuswhat is this ?12:16
neurotuskeeps popping up on terminal now constantly12:16
neurotusbetween few seconds12:16
neurotussomeone bruteforcing ?12:17
lordievaderneurotus: Is your sshd accessible from everywhere?12:17
neurotuslordievader: yes12:17
lordievaderThen likely, yes.12:17
neurotusit just started. have been having this server for years.12:17
neurotuswell all idents are not usernames12:18
lordievaderThen you've had them for years, install fail2ban.12:18
neurotussome one is trying to root-login12:19
neurotusgonna disable it12:20
lordievaderThat is the most common username ;)12:20
neurotusokay, knows my usenames12:20
neurotuswhich it cant12:20
neurotusbecause the idents are different than usernames12:20
neurotusno. that was just cron-job12:21
neurotuspanic just made paranoid12:21
lordievaderAs I said, install fail2ban.12:21
neurotusi just made root-login disabled12:23
neurotuslordievader: gonna do it12:23
mardraumit is by default anyway.12:23
neurotuswasnt able to read clearly12:23
neurotus14:18:40 user=root authentication failure12:25
neurotushavent seen anything after that in auth.log12:25
neurotusall logged users are from known ip's12:26
neurotusso everything is fine12:26
neurotusfail2ban log somewhere ?12:26
neurotus2014-11-19 14:25:28,483 fail2ban.actions: WARNING [ssh] Ban
lordievaderneurotus: Err, you can also let it email you.12:27
lordievaderIt can include whois info too.12:27
neurotusi prefer tail -f /var/log/auth.log12:28
neurotusone terminal for that :)12:28
neurotusalways ready12:28
neurotusretired so have the time12:28
neurotusthat ip-range is from china12:30
neurotusis there a tor-filter ?12:30
neurotusand known public vnp's :)12:30
neurotuswould like to disable those12:31
lordievaderFirewall the subnet ;)12:31
neurotusfail2ban already made fail2ban-ssh chain12:32
neurotusso its enough for me12:33
neurotusbruteforcing root :P12:33
neurotusits possible but needs alot of luck :)12:33
neurotusin theory12:33
phixwhat's up?12:37
phixso how about that open source, pretty left wing right?12:41
=== Lcawte is now known as Lcawte|Away
=== andol is now known as alla
=== alla is now known as andol
nunizacubttter turn off root loogin14:14
nunizacuand change shell to /bin/true14:14
nunizacujust in case14:15
nunizacuand use geoip to block all cn14:16
=== Lcawte|Away is now known as Lcawte
yossarianukhi - is anyone aware how long packages are supported for from the mysql.com apt repo ?15:24
yossarianuki.e http://dev.mysql.com/downloads/repo/apt/15:24
lordievaderyossarianuk: That is up to Oracle.15:25
yossarianuklordievader: thanks - I guess the version in the normal ubuntu repo is guaranteed till 2019 (the 14.04 packages anyway)15:27
=== Lcawte is now known as Lcawte|Away
=== MeltedDed is now known as MeltedLux
=== exixt_ is now known as exixt
=== liam_ is now known as Guest9691
yossarianukif I am upgrading from Mysql 5.0 -> 5.6 - should I upgrade from 5.1 -> 5.5 -> 5.6 or can a just from 5.0 -> 5,6 ?16:21
lordievader!info mysql-server16:21
ubottumysql-server (source: mysql-5.5): MySQL database server (metapackage depending on the latest version). In component main, is optional. Version 5.5.40-0ubuntu1 (utopic), package size 12 kB, installed size 123 kB16:21
lordievaderyossarianuk: Err, 5.6?16:22
yossarianuklordievader: ubuntu 14.04 has in its normal repo MySQL 5.5/MySQL5.6 + mariadb 5.516:24
yossarianuki.e - http://packages.ubuntu.com/trusty/mysql-server-5.6  - http://packages.ubuntu.com/trusty/mysql-server16:26
lordievader!info mysql-server trusty16:27
ubottumysql-server (source: mysql-5.5): MySQL database server (metapackage depending on the latest version). In component main, is optional. Version 5.5.40-0ubuntu0.14.04.1 (trusty), package size 12 kB, installed size 123 kB16:27
lordievader!info mysql-server-5.6 trusty16:27
ubottumysql-server-5.6 (source: mysql-5.6): MySQL database server binaries and system database setup. In component universe, is optional. Version 5.6.19-0ubuntu0.14.04.1 (trusty), package size 5331 kB, installed size 48118 kB16:27
lordievaderAh, check.16:27
lordievaderyossarianuk: http://dev.mysql.com/doc/refman/5.6/en/upgrading-from-previous-series.html16:28
yossarianuklordievader: thank you.16:40
yossarianukand by all accounts I should be able to go from 5.0 -> 5.6 ...16:45
=== Lcawte|Away is now known as Lcawte
jvwjgamesi need help17:03
jvwjgamesI did a distribution upgrade from 13.10 to 14.0417:03
jvwjgamesand my websites that used to live at /var/www is gone17:03
jvwjgamesand now 14.04 uses /var/www/html17:03
jvwjgameshow do i switch it back to /var/www17:04
jvwjgamesor migrate my site to /vaw/www/html17:04
nunizaculn -s17:04
nunizacuor edit apache2.conf17:04
nunizacu000-default in enabled sites maybe17:05
jvwjgamesjust wondering17:05
jvwjgameswhitch is better ln -s symlinking or editing apahe2.conf17:05
nunizacuwhatever you like17:06
=== markthomas|away is now known as markthomas
nunizacubut i think path is in enables-sites/000-*17:07
lordievaderjvwjgames: http://httpd.apache.org/docs/2.4/upgrading.html17:07
jvwjgamesfound it17:08
jvwjgames000-default.conf reads DocumentRoot /var/www/html17:08
jvwjgamesi fixed it yay thanks guys17:13
jvwjgamesi don't have ssl on apache17:14
jvwjgameshow do i enable my website for ssl17:14
jvwjgamescause i have an ssl cert17:14
lordievaderjvwjgames: https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-14-0417:15
lordievaderjvwjgames: You can skip step two ;)17:17
jrwrenjvwjgames: didn't debconf ask you about overwriting those files in /etc/apache2 ?17:17
jcastroutlemming, hey the vagrant boxes are 14.04, not 14.04.1, who do I ping?17:19
jvwjgamesi fixed the problems thanks everyone17:20
jvwjgamesmy website and ssl are fixed17:20
jvwjgameswhy must updates change everything17:22
jvwjgamesone last problem to be fixed17:22
jvwjgamesurl rewrite is deactivated17:22
jvwjgamesi need it other wise my websites goes no where17:22
qwaserdfsudo a2enmod rewrite17:23
lordievaderjvwjgames: You upgraded from 13.10 to 14.04, change should be expected.17:23
jvwjgamesModule rewrite already enabled17:24
jvwjgamesbut still not working17:24
qwaserdfsudi service apache2 restart17:24
jvwjgamesyou guys can check for your self http://jvwjgames.net17:26
jrwrenjvwjgames: next time when debconf asks, just say "no" to replacing config files :)17:26
jrwrenjvwjgames: the conf files will still be written along side the functioning conf files, but with a dpkg-dist file extension. Then you can diff and merge as you see fit.17:27
jrwrenwith zero downtime.17:27
qwaserdfhttps works I guess17:28
jvwjgamesshould apache have been updated to latest version when i updated to 14.0417:31
jvwjgamescause this site is reporting that i have outdated apache software http://sitecheck.sucuri.net/results/jvwjgames.net/17:31
lordievader!info apache2 trusty17:35
ubottuapache2 (source: apache2): Apache HTTP Server. In component main, is optional. Version 2.4.7-1ubuntu4.1 (trusty), package size 85 kB, installed size 462 kB17:35
lordievaderjvwjgames: Do you have 2.4.7?17:35
jvwjgamesbut just to make sure how do i check17:36
lordievaderjvwjgames: apt-cache policy apache217:36
jvwjgamesInstalled: 2.4.7-1ubuntu4.117:36
jvwjgames  Candidate: 2.4.7-1ubuntu4.117:36
jrwrenjvwjgames: that site is using FUD to sell you firewalls.17:37
jvwjgamesi wish the websit web of tust didn't use that site then17:38
jvwjgamescause my site is being evaluwated by a web of trust site17:39
jvwjgamesand this is what they had to say17:39
=== exixt is now known as exixt_
jrwrenjvwjgames: odds are that they are reading Server line out of HTTP headers. Use the ServerTokens directive to limit the information you leak there.17:43
jrwrenjvwjgames: https://httpd.apache.org/docs/2.2/mod/core.html#servertokens17:44
patdk-wkI hate stupid websites like that17:50
patdk-wkmaking you think your *secure* cause your on bleeding edge17:50
patdk-wkand everything else is crap17:50
jrwrenpatdk-wk: +1 on the hate. Really sad that a 3rd party is using that to verify something.17:51
patdk-wkmore sad they are using it to *sell* something :)17:51
jrwrenpatdk-wk: That is all it is, is a sales tactic.17:51
jrwren"Look, you aren't secure. Buy our magic pixie dust."17:51
jvwjgamesgood one17:52
jrwrenmy previous job was in the security industry. I quickly learned that it is a racket.17:52
patdk-wkI would guess restricting version info works17:52
patdk-wkcause it doesn't detect mine is HORRIBLE old :)17:52
patdk-wkjrwren, worst yet is, 99% of security companies, distribute their software over http, without protection17:53
jrwrenpatdk-wk: we did not. :)  We used SSL and even used client certificate authentication.17:54
jvwjgamesi still need my rewrite to work otherwise my site is broken17:55
patdk-wkwhat rewrite?17:55
jrwrenjvwjgames: oh, your old conf files should be there with a .dpkg-old extension if you would like to compare them or put them back.17:57
mgzsmoser: review please! https://code.launchpad.net/~gz/simplestreams/setup_user_install/+merge/24224818:17
smosermgz, done18:22
mgzsmoser: ta!18:23
jvwjgamesjrwren: where is the old conf located18:31
jrwrenjvwjgames: apache config is in many files. find /etc/apache2 -name '*.dpkg-old'18:33
jvwjgamesok irestored old config18:38
jvwjgamesbut apache fails to start18:38
jvwjgames[Wed Nov 19 11:37:17.907774 2014] [ssl:emerg] [pid 10365] AH01892: Illegal attempt to re-initialise SSL for server (SSLEngine On should go in the VirtualHost, not in global scope.)18:38
jvwjgamesi have it in virtual host18:39
jvwjgamesnevermind i fixed it18:52
jvwjgamesewrite is still deactivated18:52
tewardjvwjgames: you might have to turn on the rewrite mod...  a2enmod rewrite18:54
=== bilde2910|away is now known as bilde2910
jvwjgamesstill not working19:07
jrwrenconfirm that rewriteengine on is where you think it should be?19:07
jrwrengrep -iR rewriteengine /etc/apache2/19:07
=== bilde2910 is now known as bilde2910|away
jvwjgameswhen typing that command19:09
jvwjgamesbut no listings19:09
=== Lcawte is now known as Lcawte|Away
jvwjgamesjrwren: any ideas19:11
jrwrenjvwjgames: i don't know about the error. If you get zero results, then you must enable turn on the rewrite engine somewhere.19:14
jvwjgamesok i got rewrite working parshaly20:00
jvwjgamesi edited the file apache2.conf and added server tokens prod and serversigniture off but it is still there20:01
jvwjgamesand yes i did a restart and reload of apache20:01
jrwrenjvwjgames: i just changed mine and it works for me. You must not be editing the correct files or correct virtual hosts.20:04
miccheckhi. i'm new to linux and recently setup a vps running ubuntu to host a web blog. i'm running UFW. is that good enough for a simple blog server? i also don't have a IDS installed. is that necessary?20:36
sarnoldmiccheck: ufw is good, there's no real need for an IDS though it never hurts to keep an eye on your logs20:37
lordievadermiccheck: Do you have an sshd running on it? If so fail2ban might be a nice addition.20:37
=== markthomas is now known as markthomas|away
miccheckok, cool. yeah, i setup fail2ban as well.20:38
tewardlordievader: he could also restrict SSH to his IPs, `iptables -A INPUT -p tcp --dport 22 -s HISNET -j ACCEPT` or something, but still.20:38
tewardonly owrks if you have a static set of IPs.20:38
teward(not the case in most instances)20:38
micchecki'm a bit nervous maintaining my own vps without knowing much about it, but sounds like i'm doing some of the right things20:38
lordievaderteward: True, but with ssh I like to apply blacklisting as I use a few different dhcp addresses in different locations.20:39
lordievadermiccheck: One learns it somewhere ;)20:39
tewardlordievader: indeed.  'Course, in my case, my VPSes are key-auth-only which helps a bit20:40
miccheckyep, in the process now! coming along. i'm really digging linux and the command line stuff, although not sure what i'm doing completely yet20:40
Kartagisteward: speaking of which, when do we need -m tcp in iptables?20:42
tewardKartagis: `-p tcp` implies `-m tcp` i believe20:42
=== MeltedLux is now known as MeltedDed
KartagisI've got iptables -A INPUT -s my.ip.add.ress/32 -p tcp -m tcp --dport 8983 -j ACCEPT. is -m tcp extra here?20:44
gbkerseyKartagis: no it is not.20:44
tewardgbkersey: it's not extra, but it's implied as part of `-p tcp` - for instance, this rule I added with `iptables -A INPUT -p tcp --dport 18333 -j ACCEPT`: A INPUT -p tcp -m tcp --dport 18333 -j ACCEPT20:45
miccheckhere's another one. suppose i want to write a script to copy files from my mac to my ubuntu vps via ssh. how is that done given that ssh will ask for a password when running the ssh user@vpsIP part?20:45
tewardat least, afaik it's implied by -p tcp20:45
Kartagisman says -m is match20:45
micchecki've tried to do it manually via scp and sftp and keep getting permission denied errors when trying to copy directly into my site directory20:46
micchecki think i've got the wrong permissions20:46
=== MeltedDed is now known as MeltedLux
gbkerseyteward: you are correct, it is implied...20:47
sarnoldmiccheck: feel free to chown -R your site's htdocs directory to your user account, just be sure to keep the permissions such that the web server can read the files20:47
tewardKartagis: you're right, it does mean match.  However, in the case of -p tcp, -m tcp is implied.  it's not extra, but it is implied with just `-p tcp`20:47
tewardgbkersey: right, that's what I thought :)20:47
tewardTBH i'm far from an iptables expert, my firewall on my networks is a pfSense appliance, the only system with its own iptables ruleset is this one laptop I take offsite20:48
tewardbut for my uses i know what i need to know :)20:48
miccheckok, thanks. it's running nginx, so different directory structure, but i think same process20:48
miccheckwhat about for running a copy script that uses ssh, will the terminal just ask for the vps login when it gets to that part?20:49
sarnoldmiccheck: it's worth setting up ssh keys and running a local ssh agent so you don't have to supply login passwords all the time20:50
miccheckhmm, i thought i did that and that's what allowed me to ssh into the vps in the first place, but it does still ask for a password. hmm.20:51
=== exixt_ is now known as exixt
=== exixt is now known as exixt_
=== markthomas|away is now known as markthomas
K4kThe new way of configuring networks in 14.04 really confuses me... I've got a if-up.d config that sets the static route for eth0 but with I ifup eth0 && ifdown eth0 I receive and error 2 on that file. If I try to run the ip route add command manually I receive "RTNETLINK answers: File exists" but there is no route currently set for eth021:37
K4kWhat am I doing wrong here?21:37
rbasakDetails please. What's the error exactly? What's the command that fails exactly? etc.21:40
K4kThe whole error is "RTNETLINK answers: File exists" The command inside the if $IFACE = "eth0" in the if-up.d file is `ip route add via dev eth0`21:41
K4kwhen the if-up.d script runs as part of `ifup eth0` I receive a return code 221:42
K4kwhich I assume is because `ip route add ...` fails21:43
rbasakYour route to is via How do you expect that to work?21:44
rbasakAre you sure you got that right?21:44
K4ker... not 100% sure21:45
rbasakThat's a recursive route.21:45
rbasakHow do you get to
K4kthat's the gateway for the network this system is on21:45
K4kbut because of the puppet module I'm using, I can't set a gateway in /etc/network/interfaces21:46
K4kI have to set it in as a route21:46
rbasakMaybe you want a default route.21:46
K4kwhich I thought was kind of dumb but I'm trying to go with it21:46
rbasakWhat you're asking it for makes no sense.21:46
K4kI didn't think so but that follows the example on the module README21:47
=== Lcawte|Away is now known as Lcawte
rbasakProbably best to fix your puppet module though.21:47
rbasakSounds like the README is wrong then.21:47
K4k:) glad we've come to the same conclusion about that21:47
K4know that I know how it's translating what I put into the class into the if-up.d script I think I can make it work. Thanks!21:48
jvwjgamesis there a way for a device to emit a cetain hostname21:52
=== MeltedLux is now known as MeltedDed
=== exixt_ is now known as exixt
=== exixt is now known as exixt_
=== exixt_ is now known as exixt
=== Lcawte is now known as Lcawte|Away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!