| === Lcawte is now known as Lcawte|Away | ||
| === johnlage_partyha is now known as johnlage | ||
| aurorauser | anyone have experience with mdadm arrays? | 01:57 |
|---|---|---|
| aurorauser | mdadm, anyone? | 01:59 |
| === aurorauser is now known as DanaM | ||
| === markthomas is now known as markthomas|away | ||
| === _thumper_ is now known as thumper | ||
| neurotus | is there a package for cgi:irc in 14.04 ? | 04:39 |
| neurotus | there is one in 10.04 but in 14.04 ? | 04:40 |
| neurotus | or an alternative ? | 04:40 |
| sheptard | I approve | 07:00 |
| soren | Yeah, that was getting old. | 07:01 |
| jonascj | Hi all. I have rented a server with hetzner.de and after installation of Ubuntu Server 14.04 the system have a single user 'root' which I can log into. What would the recommended action be at this point, to get to a system where I don't use the root account? | 07:18 |
| jonascj | Should I just add another user and setup sudo (maybe it already is), and disable the root account? | 07:19 |
| jonascj | And how should I disable the root-account, remove the password or "PermitRootLogin no" in the ssh-config? | 07:25 |
| lordievader | Good morning. | 08:05 |
| === zz_DenBeiren is now known as DenBeiren | ||
| === MeltedDed is now known as MeltedLux | ||
| === psivaa-holiday is now known as psivaa | ||
| RoyK | DanaM: probably quite a few here that knows mdadm ;) | 09:44 |
| === EXIXT is now known as exixt | ||
| peetaur2 | Hi. Why do I have these strange ntp servers that don't appear in my ntp.conf? https://bpaste.net/show/6f9ef78b6616 | 11:01 |
| ihre | Hello, what happens when an application sends a a line bigger than 1024 characters syslog? | 11:01 |
| peetaur2 | and missing the 2nd and 3rd ntp server I have from conf. the list there should be ntp, ntp3, localhost | 11:01 |
| peetaur2 | oh nevermind...found it. there was some file here: /var/lib/ntp/ntp.conf.dhcp | 11:03 |
| === Lcawte|Away is now known as Lcawte | ||
| === zz_DenBeiren is now known as DenBeiren | ||
| === Lcawte is now known as Lcawte|Away | ||
| peetaur2 | how do I tell it to install without removing the other stuff? https://bpaste.net/show/f04a392fc245 (like with rpm --force --nodeps) | 13:06 |
| peetaur2 | I guess this worked: apt-get -d install rsyslog ; dpkg --force-depends-version -i /var/cache/apt/archives/rsyslog_7.4.4-1ubuntu2.3_amd64.deb | 13:10 |
| peetaur2 | but not sure if it will survive updates ;) | 13:10 |
| === exixt is now known as EXIXT | ||
| === EXIXT is now known as exixt | ||
| === hackeron_ is now known as hackeron | ||
| zul | jamespage: any objections to update alembic? | 13:40 |
| MacroMan | I have read advice saying it's best to turn off DNS recursion in Bind9. | 14:39 |
| MacroMan | I only use Bind9 for locally hosted websites. Is it safe to turn off recursion? | 14:40 |
| maswan | MacroMan: It is best to separate authorative and recursive nameservers, so that the same bind/whatever doesn't do both. | 14:47 |
| MacroMan | I'll be honest, that's gone over my head | 14:48 |
| maswan | using it "for locally hosted websites" doesn't say which kind of use | 14:48 |
| MacroMan | I use my servers IP addresses in my nameserver settings on my domains, so I think I use it authoritively | 14:49 |
| maswan | The IPs in /etc/resolv.conf or equivalent is "recursive"/"resolving" use | 14:50 |
| maswan | Authorative is when you configure it to answer questions to the whole world for a particular dns zone/domain | 14:50 |
| MacroMan | Then I use it Authoritvely | 14:55 |
| jamespage | zul, nope | 14:56 |
| peetaur2 | sigh.... my solution before to the rsyslog issue wasn't so good. Unlike what I said with zypper/rpm, it results in stupid errors so you can't install anything else normally afterwards: https://bpaste.net/show/7ea74828b41e | 15:42 |
| === bilde2910|away is now known as bilde2910 | ||
| ogra_ | well, package maintainers dont add versioned dependencies just for fun (they are not fun to maintain at all) | 15:50 |
| dpes | hi all | 15:51 |
| dpes | how to disable apparmor | 15:51 |
| dpes | ? | 15:52 |
| dpes | i'm still getting apparmor module is loaded. after stop | 15:52 |
| ogra_ | you edit your kernel cmdline | 15:52 |
| dpes | on 14.04 | 15:52 |
| dpes | without restart... | 15:52 |
| jdstrand | dpes: boot with apparmor=0. that said if you are trying to workaround policy bugs with Ubuntu-shipped policy, I would advise reporting the bugs at: https://bugs.launchpad.net/ubuntu/+source/apparmor/+filebug | 15:56 |
| dpes | jdstrand: could You confirm that then there is no >ZERO< loaded profiles in apparmor | 15:58 |
| dpes | then it don't interfer in os? | 15:58 |
| dpes | after teardown | 15:58 |
| jdstrand | dpes: if you boot with apparmor=0, apparmor will be disabled | 15:58 |
| dpes | i cannot boot this machine | 15:58 |
| jdstrand | dpes: with teardown, you can see if anything is loaded with 'sudo aa-status' | 15:59 |
| dpes | apparmor module is loaded | 15:59 |
| jdstrand | dbck: you will always get that the apparmor module is loaded if you aren't booting with apparmor=0 | 15:59 |
| dpes | and everywhare 0 | 15:59 |
| dpes | 0 profiles * | 15:59 |
| jdstrand | the module is loaded in the kernel | 15:59 |
| jdstrand | but if no profiles are loaded in the kernel, the module will not do anything | 16:00 |
| dpes | ok i get it | 16:00 |
| dpes | so it won't be apparmor issue | 16:00 |
| jdstrand | you can also watch /var/log/syslog for apparmor DENIALs | 16:00 |
| jdstrand | err | 16:01 |
| jdstrand | DENIED messages | 16:01 |
| jdstrand | I use this when try to see if apparmor needs to be adjusted: tail -f /var/log/syslog | grep DEN | 16:01 |
| dpes | thx | 16:02 |
| jdstrand | np | 16:02 |
| === Lcawte|Away is now known as Lcawte | ||
| === markthomas|away is now known as markthomas | ||
| jamespage | jdstrand, do you have a revised set of apparmor patches for docker/libcontainer? just looking at the merge for vivid - the current patch applies OK - but I see some chat upstream :-) | 17:15 |
| Daviey | jamespage / jdstrand: Are you tracking CVE-2014-6407 ? | 17:20 |
| uvirtbot | Daviey: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6407) | 17:20 |
| jdstrand | jamespage: not yet, on my todo | 17:21 |
| Daviey | Ah, doesn't look like it impacts the ubuntu version. | 17:21 |
| jdstrand | we also have hardlink and symlink protections via yama | 17:22 |
| jamespage | Daviey, yes I am | 17:22 |
| TechIsCool | Got a question about services. In windows a service can be assigned a user account. How can I check if services are attached to a user account in ubuntu? I am trying to remove a old user account but want to confirm I will not break anything by removing the account | 17:59 |
| jamespage | jdstrand, 1.3.2 is testing OK with the current patch from 1.2.0; I'll upload that as a merge and we can take if from there | 18:00 |
| jdstrand | jamespage: yeah, that should work fine. the upstream stuff is for running a new docker with old apparmor userspace | 18:05 |
| jamespage | jdstrand, ack | 18:05 |
| === rcj is now known as Guest93149 | ||
| === err-or_ is now known as err-or | ||
| === zz_DenBeiren is now known as DenBeiren | ||
| === markthomas is now known as markthomas|away | ||
| === TDog_ is now known as TDog | ||
| === rcj is now known as Guest31019 | ||
| === markthomas|away is now known as markthomas | ||
| === MeltedLux is now known as MeltedDed | ||
| === Guest71825 is now known as zsoc | ||
| === MeltedDed is now known as MeltedLux | ||
| === bilde2910 is now known as bilde2910|away | ||
| === MeltedDed is now known as MeltedLux | ||
| === MeltedLux is now known as MeltedDed | ||
| === Lcawte is now known as Lcawte|Away | ||
| === Guest31019 is now known as rcj | ||
| === rcj is now known as Guest68049 | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!