=== zz_DenBeiren is now known as DenBeiren
=== zz_DenBeiren is now known as DenBeiren
pmatulisVadim_: vim :)03:33
=== markthomas|away is now known as markthomas
=== markthomas is now known as markthomas|away
=== DenBeiren is now known as zz_DenBeiren
makarahi. Snappy discussion here?06:22
=== TDJACR_ is now known as NotADJ
abhishekI have nfs storage entry in fstab file. will it remount automatically if I restart the nfs service ?06:42
makaraabhishek: why don't you just try it?06:58
makara"The fstab file is read by the mount command, which happens automatically at boot time to determine the overall file system structure, and thereafter when a user executes the mount command to modify that structure."06:59
abhishekI know it .. I want to know how nfs service works .. I mean is it read fstab entry during start up ??07:02
abhishekthis is resolved now ..  I doesn't ... you have to remount nfs partition after nfs start up :)07:03
=== negronjl is now known as negronjl_afk
makaraSnappy anyone?08:22
=== Lcawte|Away is now known as Lcawte
jamespagemakara, #snappy :-)09:30
makarai'm trying to setup a proxy server in ec209:35
makarai see no snappy images yet so I just used the standard09:36
makarai can't connect through the elastic ip09:36
makarathe security group allows all ports and protocols09:36
makaraI've done this last year, but today they require creating a VPC09:38
makarahow can I troubleshoot this?09:39
=== Lcawte is now known as Lcawte|Away
=== zz_DenBeiren is now known as DenBeiren
=== Lcawte|Away is now known as Lcawte
=== Lcawte is now known as Lcawte|Away
=== martins-afk is now known as martinst
adscfor some reason, i can no longer login using pubkey over ssh14:44
adsci repeat the steps, create a new key, copy key over to authorized_keys on server, try again, no luck14:45
tewardadsc: is the server configured for ssh key auth being enabled?14:56
adscyeah, it already worked14:59
adscuntil i did updates today14:59
adscafter the updates and reboot because of kernelupdate, it no longer works15:00
patdk-wkhow many keys do you have configured on your machine your logging in as?15:01
patdk-wkeach key counts as a login attempt15:02
patdk-wkso having too many private keys, till it locates the right one, will not allow logins15:02
adsci can tell you how i set it up15:02
patdk-wkwhat does setup have to do with anything?15:02
adscit's a bit unconventional, because it's basically a shared key15:02
adsci have an account xadmin on the server i want to log in to15:03
adsci run ssh-keygen on this server, not on the local computer15:03
adsci cat the public key into authorized keys of xadmin user on the server15:03
adscthen i get the private key onto the client's computer15:04
adscclient then logs in with ssh -i keyfile xadmin@server15:07
lordievaderGood afternoon.15:22
adscthis it must have to do with hostname resolution15:48
=== bilde2910|away is now known as bilde2910
=== Lcawte|Away is now known as Lcawte
=== martinst is now known as martins-afk
NTQHi. Is it possible to use the wheezy-backports in Ubuntu 12.04 LTS Server for upgrading dovecot from version 2.0.19 to 2.2.9?16:45
=== markthomas|away is now known as markthomas
avid_fanHow many have upgraded using the "do-release-upgrade"?16:59
andolNTQ: If the dependecies line up, probably.17:03
andolavid_fan: Do you really expect to get a number? :)17:03
avid_fanandol: I see your point. :-) Let me rephrase. Has anyone tried an upgrade using the "do-release-upgrade" command and have it work properly? Does anyone here use this as their first choice when performing an upgrade?17:07
kasadaloha guys and well guys, we all know our women stay away from places like this :P17:07
kasadavid_fan: that's something I've been considering for a while, but alas, I have plesk installed and I am afraid it will be very ugly scenario once I do the upgrade17:08
Picikasad: We'd appreciate if you didn't make comments like that here.  There are plenty of men and women here that don't particularly like seeing such comments in this channel.17:09
adscooh boy, I just found out the cause of my ssh publickey auth problem: encrypted home dir17:09
kasadso if you are not in a rush, I will probably find a way to virtualize that server in next 24 hours and can report you results17:09
adscit's actually the first point on the troubleshooting list here: https://help.ubuntu.com/community/SSH/OpenSSH/Keys#Troubleshooting17:10
kasadPici: it was a joke, mostly geared towards my fiancee who is reading what I type17:10
kasadI apologize if i offended anyone17:10
adscso if someone else has this problem in the future, just link him there17:10
adscthe reason why it worked previously on my end was probably because I had another console open where I was still logged in, and thus the home dir unencrypted17:11
avid_fankasad: No rush. I've just never tried it. I've always started from scratch and migrated whatever I might need from the old. Just curious to know if it's something often used.17:11
kasadavid_fan if that is your usual nickname, I can pm you after I perform the upgrade. Need to finish setting up few other things (just moved to new place so everything is in chaos)17:12
qman__NTQ: possible? Maybe. Good idea? Most definitely not.17:12
kasadand a weird thing happened, since I was moving, and was without net for couple days and my WS doesn't have wifi adapter, and I needed desktop enviroment17:13
qman__avid_fan: do-release-upgrade is the supported upgrade method, and I have used it with great success many, many times over the years17:13
kasadI installed lubuntu-desktop via apt-get install lubuntu-desktop17:13
kasadand now peculiar thing happened, wlan0 became eth117:13
NTQqman__: The problem is that I want to use dsync to migrate my mails from an external mail server to my own. And it seems that you need 2.1.4+ for this: http://wiki2.dovecot.org/Migration/Dsync17:14
kasadand there's no option for configuring wlan (eth1) in gui17:14
avid_fankasad: It is my usual nickname. But don't go through it just for me. I have a possible server, not running anything mission critical, I can try. From the amount of replies, it doesn't sound like an often used approach.17:14
avid_fanqman__: Thanks for the feedback.17:14
kasadavid_fan: I am doing it anyway, I am currently on 10.04.4 LTS17:14
qman__NTQ: if there is not already an ubuntu backport or ppa available, the correct way is to build an ubuntu package yourself17:14
avid_fankasad: Best of luck. :-)17:15
qman__NTQ: mixing distro sources is never a good idea17:15
NTQqman__: I know. That's the reason I am here.17:15
kasadavid_fan: so as soon as I virtualize this setup (because company I worked for full time, now part time, uses plesk setup, and I managed to mush plesk 9 which doesn't ask for licence and lets you host single domain (so I can host other projects/domains) as subdomains and successfully mirror their production setup17:16
kasadbut considering that it's plesk  (9.54 to be precise), it will break horribly once I upgrade17:17
kasadbut first I need to fix this wireless, since I need to setup one dd-wrt, and would like to have net and be able to use the router at the same time17:18
kasadanyone got idea how to setup wifi, now that wlan mysteriously turned into eth117:18
kasadand mostly completely ignores me (no configuration options in gui, I tried this: (psl wait sec for paste link)17:19
qman__NTQ: you might use https://launchpad.net/~pdiffs/+archive/ubuntu/dovecot-backports17:20
kasadbut nada ( is dd-wrt), but it doesn't even try to connect17:22
kasadnow in the meantime I figure that due to nature of dd-wrt I have to have 2 different subnets, but that's beside the point, wlan (eth1) was disconnected17:23
kasadanyone with suggestion?17:23
=== martins-afk is now known as martinst
thebozzHi guys, we're having trouble deploying Openstack over MAAS using openstack-install. We're using this tutorial: http://www.ubuntu.com/download/cloud/install-ubuntu-openstack . We're at step 4, and we're getting this output: http://pastebin.com/Byaxct7c19:04
jhobbsthebozz: whast your juju status say?19:04
thebozzjhobbs: hey, sup? Unfortunately, I can't see it now... my boss decided to reinstall MAAS to document the process up to where we're now. We'll try again later and see what we can find.19:22
=== martinst is now known as martins-afk
happyraver1958Details here:  http://ubuntuforums.org/showthread.php?t=2255175&p=13187916#post1318791619:24
happyraver1958anybody here familiar with BIND9?19:24
happyraver1958I've been looking for help on this for awhile and it's weird19:24
happyraver1958I'm using Ubuntu 14.04.1, BIND9, trying to set up a server with views for both internal and external name resolution19:25
happyraver1958but when the server is configured with views and rfc1918 zone file and reverse lookup, it won't respond to DNS queries, but as soon as I remove reverse lookup and rfc1918 zone file, it works just fine19:25
happyraver1958anybody has had that problem before?19:25
sarnoldhappyraver1958: it's probably a bad idea to try server example.com yourself19:26
happyraver1958well, that's just for privacy, and it's a generic name19:26
happyraver1958but my real DNS name is being used in the configuration files19:26
patdk-wkthere is no config file info19:37
patdk-wknothing in that post19:37
patdk-wkexcept an error19:37
happyraver1958which post?19:37
patdk-wkDetails here:19:37
patdk-wkdid you post another one?19:37
happyraver1958I just clicked on my link and it takes me straight to my post on ubuntu forums19:37
happyraver1958Post ID is 1318791619:38
patdk-wkthere is only a single log line there19:38
happyraver1958if that helps :)19:38
patdk-wkso what help would you like?19:38
patdk-wkwe don't have access to your server19:38
happyraver1958you may have to scroll up to see the rest of the post19:38
patdk-wkwe cant see the config19:38
patdk-wkah, infomation overload19:38
happyraver1958try this other one19:38
happyraver195821st century = information overload... the next step in evolutionary history19:40
happyraver1958I've removed the RFC1918 zone file altogether from the configuration to avoid that issue, I may add it later once I figure out why that config file is wrecking my server19:41
patdk-wkwell, the firs tissue19:41
patdk-wkdig, cannot connect to server19:42
happyraver1958I've only added my reverse lookup config files19:42
patdk-wkthat has nothing to do with the problem in bind19:42
happyraver1958I may have to re-punch a hole in my firewall for that to work19:42
patdk-wkwait, notify?19:42
patdk-wkwhy is it receiving a notify?19:42
patdk-wkit's not a slave server19:42
happyraver1958it is most certainly not a slave server19:43
patdk-wkya, none of this is making sense19:43
patdk-wkso much random info posted19:43
=== martins-afk is now known as martinst
patdk-wkand it has all been muged19:43
happyraver1958the weird thing is, when I remove the reverse lookup config, it works! which means I'm screwing something up in the reverse lookup configuration to wreck the forward lookup... somehow...19:44
happyraver1958I can narrow down any part of the configuration to make things easy, but I'd need to know which parts of the configuration you need to look at19:45
patdk-wkwell, what is the *current* issue?19:49
happyraver1958the same issue as before, my DNS server will not respond to queries when views are being used19:49
happyraver1958if I remove reverse lookups, it works, but I need to have reverse lookups configured for my DNS configuration to be complete19:50
happyraver1958and have an actual working DNS server, and I don't know why it won't work with the combination of forward lookups and reverse lookups19:50
happyraver1958the daemon runs, but it won't respond to queries when views and reverse lookups are active19:50
happyraver1958if I remove views, it works just fine with reverse lookups and all, but as soon as I activate views AND reverse lookups, it won't respond to queries19:51
happyraver1958I've been at it for weeks now  :(19:51
zzxcSo I have a question. Where should I put the build directory for our app on a production machine?19:52
patdk-wkideally, you don't build on a production machine, ever19:53
sarnoldzzxc: if the app runs as a user, the user's homedir seems fair19:55
happyraver1958zzxc: If you absolutely have to put the build directory on your production server, you could use /usr/local/bin, it works ok for us and it doesn't interfere with our database or apps19:56
patdk-wkhappyraver1958, ah, that is your isuse19:56
patdk-wkyou have bad ordering19:56
patdk-wkyour { any; }; MUST be last19:56
happyraver1958zzxc: and yes, the home directory of the non-root user would be ideal!19:56
patdk-wkso when you put something before it, it's screwed up :)19:56
happyraver1958my { ANY; } must be last, in which configuration file?19:56
patdk-wklike, zone.rfc191819:56
patdk-wkthe whole zone.rfc1918 file19:57
zzxcpatdk-wk: True. Unfortantly we don't have a good system for building the application remotely currently, and we haven't really run into proformance issue for building the app during heavy usage.19:57
patdk-wkthe reverse-loopup view19:57
patdk-wkyour internal view MUST be before any less restrictive view19:57
patdk-wkzzxc, the issue is, production is assumed to be a vaunerability, risk to hacking19:58
patdk-wkso you don't want to build your stuff on it ever19:58
patdk-wkbut other than that, anywhere you deem fit?19:58
patdk-wkprobably a users folder, or maybe in /opt19:58
happyraver1958patdk-wk: I'm checking it out right now...19:59
happyraver1958I ran a named-checkconf and my "view "external" { match-clients { any; }; }; is the very last view in my configuration.  I have reverse lookup first, then Internal, then External, which is the one with the {  any;  }; in match-clients20:01
zzxcpatdk-wk: Yeah I'm aware of that. I've been trying to get building moved over to a build server running jenkins, but progress on that has been pretty slow.20:01
happyraver1958both my reverse lookup and internal zones have match-clients [ 192.168/16; };20:02
patdk-wkthey all have any except internal20:02
patdk-wkview "reverse-lookup"  {20:03
patdk-wk    match-clients  {  any;  };20:03
patdk-wkview "reverse-addresses" IN  {20:03
patdk-wk    match-clients  {  any;  };20:03
happyraver1958I've been trying to many things that I've changed that while trying these many things20:04
patdk-wkI can only comment on the *current* config I can see20:04
happyraver1958nowmy configuration looks like this:  http://pastebin.com/FGeci7Aj20:06
patdk-wkyou have forward first, but no forwarders?20:07
happyraver1958I intend on adding the configuration for that once I get the server to work20:08
happyraver1958I've just removed that forward first and it's still the same :(20:10
happyraver1958I know I'm missing something somewhere, which may seem intuitive and obvious to somebody else20:10
patdk-wkwhat was the test?20:10
happyraver1958from the server itself, I run nslookup host.example.com
happyraver1958which is the IP address of the server at the end20:11
happyraver1958and it will respond with either SERVFAIL or it will resolve the host name and give me the IP address20:12
happyraver1958I can most definitely telnet into port 53, I ran that test too to make sure the port is open20:13
patdk-wkcan you test from a different computer?20:13
patdk-wknot sure if localhost is causing an issue20:13
patdk-wkor even ipv620:14
patdk-wkwith that limited scope20:14
patdk-wkand, what happens if you merge those two vies? since they are the same anyways?20:15
patdk-wkas I wonder if it sees the first one, and never the second one, cause the first one matched20:15
happyraver1958I tested localhost too, I removed it from the configuration and all it does it change the error message from SERVFAIL to no response20:16
patdk-wkyes, views are first match serviced20:16
patdk-wkand any others WILL be ignored20:16
patdk-wkso you can't have all those views20:17
patdk-wk""view clauses are processed in the order in which they appear in the named.conf file. Thus, in the example above the 'badguys' view clause matching condition (any) also satisfies the 'trusted' view matching condition. However, since 'trusted' appears first its matching condition is the first to be satisfied and view matching stops.20:17
happyraver1958in that case, the server should respond by matching that view with its corresponding zone file and resolving the host name20:19
happyraver1958because that's what I'm trying to do; yes, I admit, it was by accident that I came up with that order of views20:19
patdk-wkthe view that matches ONLY has the reverse-dns entries, not the forward20:19
patdk-wkso it never sees example.com20:19
patdk-wkyou need to merge those two views20:20
happyraver1958WOW!!  I never thought of that!20:20
patdk-wkyou can't have overlapping view ip address ranges20:20
happyraver1958I'm trying it right now!20:20
happyraver1958now the forward lookup works, but not the reverse lookup (sigh)20:23
happyraver1958don't get me wrong, I'm very grateful for your insight patdk-wk, THANKS120:24
happyraver1958don't get me wrong, I'm very grateful for your insight patdk-wk, THANKS!20:24
happyraver1958I just feel frustrated that it doesn't work the way it should  :(20:24
patdk-wkit's bind :)20:26
patdk-wkno one knows how it *should* work20:26
happyraver1958LOL true20:26
happyraver1958I'll be right back20:26
sarnolddefined by the source :) whatever it does is The Right Way20:27
happyraver1958I'll try to exclude with ! the local LAN in all those { any: }; clauses20:31
happyraver1958maybe that will prevent the unwanted matches20:31
keithzg_Is there a decent tutorial/wiki-page for setting up Dnsmasq for providing DNS on a local network? I see https://help.ubuntu.com/community/Dnsmasq but it references /etc/dnsmasq.conf which doesn't even seem to exist by default these days.20:34
=== keithzg_ is now known as keithzg
sarnoldkeithzg_: why not a real dns server like pdns or unbound or knot or djbdns or bind?20:35
patdk-wkunbound is not a dns server20:35
* patdk-wk is confused though20:35
keithzgsarnold: well, I suppose I could look into those, it's mostly because in my own personal life I've always just had dnsmasq running on my home routers and it's been perfectly fine. Meanwhile the crazy djbdns+bind setup at my work here is causing nothing but problems, and djbdns is . . . not user friendly20:36
patdk-wkis he talking server or recursive?20:36
keithzgpatdk-wk: Just internal, for resolving local names.20:36
patdk-wkthat didn't answer anything20:36
patdk-wkis it *answering* questions? or is it *looking* up answers from other locations?20:37
keithzgWell I'm not going to claim I understand 100% what I'm talking about.20:37
sarnoldpatdk-wk: ah, thanks20:37
keithzgpatdk-wk: ah, I see what you mean (I think). Answering.20:38
patdk-wkthen your looking at pdns, nsd, bind, ...20:38
patdk-wkdnsmasq can do it, but it's very limited i nthat fasion20:39
keithzgFair enough. I've just been beating my head against the djbdns setup that's existing right now (and where reverse lookups are completely failing, causing all sorts of havoc) and I'm looking to test a replacement that's as simple as possible.20:40
sarnoldkeithzg: I'm just routinely impressed at how many "newly discovered" dns implementation flaws don't affect djbdns over the last decade..20:44
patdk-wkwell, he was one to *overcode* things20:46
patdk-wkit has been a long time since I looked at the code20:46
patdk-wkbut problem these days is, no one does input/type checking20:46
sarnolddjb code isn't really meant to be -read-, I think...20:47
keithzgOh, it does seem extremely secure. The guy was probably a genius in that respect. Unfortunately, he seriously *underdocumented* :P20:47
patdk-wkdjb is known to all that use the internet :)20:47
patdk-wkyou cant avoid his talks :)20:47
* patdk-wk wonders off to add dnscurve support, so djb can talk to my dns servers :)20:48
keithzgAt least on the server where we have djbdns installed, the tools don't even come with man pages or usage (--help does nothing; djb only helps those that help themselves, I suppose :P)20:50
mgwi'm trying to get dnsmasq+resolvconf+static ip working in a somewhat non-traditional way20:50
mgwI thought I had this working before, but it's not now20:50
mgwspecifically, the resolvconf 'base' file is not getting applied to /var/run/dnsmasq/resolv.conf20:51
keithzgI've been getting SERVFAIL replies on reverse lookups, and the best documentation I've found for it is someone who read the code and figured out that many different errors are reported the same ( http://www.dqd.com/~mayoff/notes/djbdns/dnscache-log.html#servfail ) so . . . sigh.20:51
mgwi don't want to put my dns in /etc/network/interfaces, as I'd like to be able to update dns without bouncing the interface20:52
patdk-wkwell, dns doesn't exactly have error messages20:52
patdk-wkmgw, don't use resolvconf?20:52
mgwpatdk-wk: yeah, maybe that's the best idea20:52
mgwsince it's not doing anything really anyway20:52
mgwnow that I've eliminated dhcp20:53
keithzgpatdk-wk: fair enough, but I would've hoped the log file for the service itself would. But it isn't any more verbose than the response messages are, just "servfail input/output error" and such.20:54
* keithzg is a bit clueless about all this anyways; without any verbose logs to go on it's rather fruitless20:56
mgwpatdk-wk: so if i'm using dnsmasq as a local caching resolver, what would be the logical place for my upstream dns resolv.conf?20:59
mgwresolvconf puts it in /var/run/dnsmasq, but that seems to be an odd place to put it manually20:59
thebozzjhobbs: after a full reinstall we got to the same step and it failed in the same way. I tried running `juju status`, and got 'environment "" not found'.21:14
avid_fankeithzg: Read your back-and-forth with patdk-wk. Are you trying to use DJB dnscache to resolve internal hosts? And those internal DNS zones, they're on a BIND server?21:16
=== bilde2910 is now known as bilde2910|away
=== genii is now known as ChristmasPresent
=== ChristmasPresent is now known as genii
allenI changed a directory to be "777" (/var/www/html/mywordpress)21:45
allenand have restarted apache, but the website says that i don't have permission to access?21:45
allenactually, not 403, but Forbidden nonetheless, sorry.21:45
teward403 / Forbidden are identical21:51
tewardbut using 777 is, of course, a sign of failing, security wise21:51
tewardallen: change the directory's owner and group to www-data (or root:www-data, but probably www-data:www-data) with `sudo chown121:52
teward`sudo chown`  *21:52
=== genii is now known as ChristmasPresent
=== ChristmasPresent is now known as genii
allenteward, thank you for your help21:58
=== genii is now known as ChristmasPresent
=== ChristmasPresent is now known as genii
=== MeltedLux is now known as MeltedDed
=== beisner- is now known as beisner
=== DenBeiren is now known as zz_DenBeiren
WhiteIntel_my server stopps during boot at "stopping userspace bootsplash" (12.04) any idea?23:20
patdk-wkya, something after that is having an issue23:23
WhiteIntel_yes but what^^23:36
=== genii is now known as ChristmasPresent
=== ChristmasPresent is now known as genii
=== Lcawte is now known as Lcawte|Away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!