[00:05] <flyback> im beanbag and I am back for more berating of this fucking stupid graphical bootloader and the default mode of "fail"
[02:45] <ircfox> Hello folks!
[02:46] <ircfox> I am running a vpn server and I just configured but it is not connecting from my home computer, could someone help me try to figure what is going on at server side please?
[02:46] <ircfox> I was just trying to analise the server log but to be honest I don't know which file to check.
[02:48] <davidbowlby> what kind of vpn are you using
[02:48] <davidbowlby> PPTP (also known as the American Indian restroom)
[02:49] <davidbowlby> L2TP
[02:49] <davidbowlby> ?
[02:49] <ircfox> pptp
[02:49] <sarnold> davidbowlby: hahaha
[02:50] <davidbowlby> sarnold, that one never gets old if you ask me
[02:50] <ircfox> yes
[02:50] <davidbowlby> ok, one sec
[02:50] <sarnold> davidbowlby: I suspect I'll be 85 and start giggling to myself and be unable to convey to anyone else why I'm laughing...
[02:50] <ircfox> ok
[02:51] <davidbowlby> ircfox, if you check /var/log/syslog, you can grep on pptp
[02:51] <davidbowlby> you'll see some stuff there
[02:51] <davidbowlby> like some idiot from korea trying to log into your server
[02:52] <ircfox> davidbowlby: I don't know how to use grep command :P
[02:52] <davidbowlby> it's easy, I'll show you
[02:52] <davidbowlby> cat /var/log/syslog | grep pptp
[02:52] <ircfox> ok
[02:52] <davidbowlby> cat writes the file out ot console
[02:52] <davidbowlby> you "pipe" in secondary commands that handle that output
[02:53] <davidbowlby> grep lets you filter on the content
[02:53] <davidbowlby> now, something to remember
[02:53] <davidbowlby> if you're looking for something with a space in it or two works
[02:53] <davidbowlby> surround with quotes
[02:53] <davidbowlby> cat /var/log/syslog | grep "monkey login"
[02:53] <davidbowlby> for example
[02:53] <ircfox> davidbowlby: and what I dod with the result?
[02:53] <ircfox> something like Mar 30 22:20:30 webfox pptpd[19631]: MGR: Manager process started
[02:54] <ircfox> and MGR: Maximum of 100 connections available
[02:54] <ircfox> and aximum of 100 connections reduced to 6, not enough IP addresses given
[02:54] <davidbowlby> ok
[02:55] <davidbowlby> so you gave 6 IPs, but said to use 100 connections
[02:55] <davidbowlby> but it's smarter than you, so it fixed that ;P
[02:55] <davidbowlby> now I will introduce you to another command
[02:55] <davidbowlby> tail
[02:55] <davidbowlby> tail is your friend
[02:55] <ircfox> davidbowlby: to be honest I think this 6 ip's is default
[02:55] <davidbowlby> tail -f /var/log/syslog | grep pptp
[02:55] <davidbowlby> try you connection
[02:55] <davidbowlby> see what she says
[02:55] <davidbowlby> tail lets you watch the log as she populates
[02:56] <ircfox> MGR: Maximum of 100 connections reduced to 6, not enough IP addresses given
[02:56] <davidbowlby> you pipe in the grep and you only see what you care about
[02:56] <davidbowlby> right
[02:56] <davidbowlby> now try to log in
[02:56] <ircfox> MGR: Manager process started
[02:56] <davidbowlby> you should see pptp info messages
[02:56] <davidbowlby> try to connect to you pptp
[02:56] <ircfox> MGR: Maximum of 6 connections available
[02:56] <davidbowlby> read the works that are coming out of my keyboard
[02:56] <davidbowlby> *words even :)
[02:57] <ircfox> My Mac says : The PPTP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
[02:57] <davidbowlby> ah ok
[02:57] <davidbowlby> but no log entries?
[02:58] <ircfox> no
[02:58] <davidbowlby> see, when I connect I get this:Mar 30 22:59:26 via pptpd[19944]: CTRL: Client 192.168.1.7 control connection started
[02:58] <ircfox> no log entries
[02:58] <davidbowlby> so, it sounds like you aren't getting connected to your pptp server
[02:58] <davidbowlby> which is exactly what your mac is telling you
[02:58] <sarnold> you might need to check logs on your os x
[02:58] <davidbowlby> because Macs are awesome
[02:59] <sarnold> there's some kind of event viewer there or console applicatioon that shuold show you your logs
[02:59] <davidbowlby> ok, so you can do this
[02:59] <davidbowlby> pptp default port is 1723
[02:59] <davidbowlby> (which is how many folks fit in a pptp)
[02:59] <davidbowlby> anyway
[03:00] <davidbowlby> so you can just do a simple telnet check
[03:00] <davidbowlby> open Terminal
[03:00] <davidbowlby> I'm assuming you know how to use your Mac
[03:00] <ircfox> ok
[03:00] <ircfox> go ahead please
[03:00] <davidbowlby> telnet <the ip of your VPN> 1723
[03:00] <davidbowlby> you should get "trying... connected to..."
[03:00] <davidbowlby> if you don't
[03:00] <davidbowlby> rut row, your firewall is kicking your nads
[03:01] <davidbowlby> yes folks, you need to open ports to allow traffic to run to your pptp server :)
[03:01] <ircfox> trying is still trying and no log at tail
[03:01]  * davidbowlby has to use the pptp
[03:01] <davidbowlby> yeah, trying and trying means no connection
[03:01] <davidbowlby> which means you can't get in
[03:02] <davidbowlby> what are you using for your firewall
[03:02]  * davidbowlby prepares for the facepalm
[03:02] <ircfox> Mmmm.. not sure default Ubuntu perhaps
[03:02] <davidbowlby> ....ok
[03:03] <sarnold> it could also be a firewall on your mac, or any firewall/router between the two machines
[03:03] <davidbowlby> ircfox, first you need to know your network infrastructure
[03:03] <davidbowlby> ircfox, start there
[03:04] <davidbowlby> for example, I have ((internet)) ---> <ubuntu server> ---> ufw firewall ---> pptp VPN
[03:05] <ircfox> I will try to port foward my wifi
[03:06] <davidbowlby> oh boy... that statement
[03:06] <davidbowlby> ircfox, ok, so how is your network configured
[03:06] <ircfox> no, still not working
[03:06] <davidbowlby> ircfox, do you put the internet directly to the wifi router?
[03:07] <ircfox> no, I got a modem (not wireless) and I got a wifi router connected to it.
[03:07] <ircfox> but I think I've bridged the modem and I cannot access it no longer, by the way it was a way long time ago
[03:08] <davidbowlby> ok, you probably need to access the modem
[03:08] <davidbowlby> you probably are natting on your wifi
[03:08] <davidbowlby> which isn't going to go over well depending on your setup
[03:08] <sarnold> davidbowlby: did you mean "probably don't need to access the modem"?
[03:08] <davidbowlby> sarnold, I mean he will need to connect to the modem
[03:09] <davidbowlby> sarnold, modems have firewalls too these days, depending on your setup
[03:09] <ircfox> I can turn ethernet on
[03:09] <davidbowlby> sarnold, I had to set mine to forward on to mine
[03:09] <sarnold> davidbowlby: hmm. I could imagine some configurations might be easier that way, but I certainly hope this doesn't require replacing the router..
[03:09] <davidbowlby> sarnold, no, just configuring it
[03:09] <ircfox> would you mind to test if my vpn server is working for me?
[03:09] <sarnold> davidbowlby: i'd hope most modems in bridge mode just forward packets without inspection
[03:09] <davidbowlby> sarnold, sometimes you have to connect to the modem to tell it to forward requests
[03:10] <davidbowlby> sarnold, some not all, we don't even know what he has
[03:10] <ircfox> before it gets too radical please
[03:10] <davidbowlby> sarnold, nevertheless, he should be able to access the modem UI
[03:10] <davidbowlby> sarnold, if not, that's kinda a problem too
[03:10] <davidbowlby> ircfox, what's your IP, I'll telnet
[03:11] <ircfox> davidbowlby: I cannot access my modem config right now. As I said it is in bridge mode, I would have to reset it.
[03:11]  * davidbowlby waits for the internal subnet
[03:11] <sarnold> davidbowlby: heh, I've never once needed my modem's UI :)
[03:11] <davidbowlby> sarnold, I wish that were the case for me
[03:11] <sarnold> davidbowlby: self-bought modems or ISP-provided?
[03:11] <davidbowlby> ircfox, actually that worked
[03:12] <ircfox> davidbowlby: yes?
[03:12] <davidbowlby> ircfox, sometimes modems don't like you hairpinning
[03:12] <ircfox> my lord!
[03:12] <davidbowlby> ircfox, actually, now that I think of it, there is a setting I believe
[03:12] <ircfox> So you think it is my modem?
[03:12] <sarnold> ohhhhh.. is the os x machine currently "inside" the same network?
[03:12] <ircfox> sarnold: no
[03:14] <davidbowlby> ircfox, can you put your mac on a 3g/4g hotspot and try the connection outside of your network?
[03:14] <ircfox> davidbowlby: I am connecting to the same vpn server but with ssh right now. does it say anything about modem block?
[03:15] <davidbowlby> no
[03:15] <ircfox> davidbowlby: I don't have any 3g/4g device.
[03:15] <davidbowlby> ...what...
[03:15]  * davidbowlby is amazed
[03:15] <ircfox> yeah :P
[03:15] <davidbowlby> you are setting up pptp
[03:16] <davidbowlby> and don't have cell data
[03:16] <ircfox> I have a old nokia
[03:16] <davidbowlby> ...whaaaat
[03:16] <ircfox> yes, lol
[03:16] <davidbowlby> ok
[03:16] <davidbowlby> ok, is this running on a 486?
[03:16] <davidbowlby> ;)
[03:16] <davidbowlby> ok ok, sry sry
[03:16] <davidbowlby> ok
[03:17] <davidbowlby> try the telnet to your host using the port 22
[03:17] <davidbowlby> this should work just fine
[03:17] <davidbowlby> you'll see what happy path should look like
[03:17] <ircfox> yes
[03:17] <ircfox> fine
[03:17] <ircfox> SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
[03:20] <davidbowlby> ok, so that's happy path
[03:21] <davidbowlby> try to telnet to 1723 again
[03:21] <ircfox> no still not working
[03:21] <davidbowlby> make sure you have port 1723 open on the wifi firewall and forwarded to your VPN server IP (should be on the wifi)
[03:22] <davidbowlby> I should say, should be on the same network as the wifi or routable via the wifi
[03:22] <davidbowlby> I still don't get your network topology
[03:22] <davidbowlby> is the VPN server on a different network than the wifi router?
[03:22] <davidbowlby> is the Mac on a different network than the wifi and VPN?
[03:23] <davidbowlby> btw, to rule out the mac firewall, you can go to System Preferences > Security & Privacy > select Firewall tab, and turn it off
[03:23] <ircfox> it said it is a invalid ip which should be set in the valid subnet of something
[03:24] <davidbowlby> ok
[03:24] <davidbowlby> let's start here ircfox
[03:24] <ircfox> right
[03:24] <davidbowlby> what is the "internal" IP of the wifi
[03:24] <davidbowlby> router
[03:24] <davidbowlby> 192. something or a 10. something
[03:24] <davidbowlby> for example
[03:24] <ircfox> 192.168.1.222
[03:24] <davidbowlby> ok
[03:24] <davidbowlby> very good
[03:24] <davidbowlby> wait, sounds a little weird
[03:24] <davidbowlby> but ok
[03:25] <davidbowlby> that sounds more like a client IP
[03:25] <davidbowlby> but ok
[03:25] <davidbowlby> so that's the IP you configure the router with, right?
[03:25] <ircfox> this is my mac ip
[03:25] <davidbowlby> ..
[03:25] <davidbowlby> what is the wifi router IP
[03:25] <ircfox> this is the ip I am using on my wifi router
[03:25] <davidbowlby> something like 192.168.1.1?
[03:25] <ircfox> 192.168.1.254
[03:25] <davidbowlby> no, that's the IP of your computer, not the wifi router
[03:25] <davidbowlby> ahhh
[03:25] <davidbowlby> now were are getting somewhere
[03:26] <davidbowlby> hmmm, sounds like UVerse
[03:26] <davidbowlby> anyway
[03:26] <davidbowlby> can't be, you have a nokia
[03:26] <davidbowlby> anyway
[03:26] <ircfox> hahaha..
[03:26] <davidbowlby> ok, so what is the IP of your VPN (internal only please, no real IPs here)
[03:26] <ircfox> not sure, let me check
[03:27] <davidbowlby> kinda important to know that
[03:27] <davidbowlby> so you can set the firewall rule on the wifi router to point to it...
[03:28] <ircfox> what is the command I use again please?
[03:28] <davidbowlby> ifconfig
[03:29] <davidbowlby> this right here is why I start with teaching IP and network configuration before ANYTHING ELSE
[03:29] <ircfox> 127.0.0.2
[03:30] <sarnold> that's a localhost address
[03:30] <sarnold> check for an eth0 or similar address
[03:30] <ircfox> inet add is 127.0.0.1
[03:30] <davidbowlby> you can use grep
[03:30] <davidbowlby> ifconfig | grep eth0
[03:30] <davidbowlby> or
[03:30] <davidbowlby> ifconfig -a | grep eth0
[03:31] <ircfox> nothing
[03:31] <davidbowlby> ifconfig -a | grep "inet addr"
[03:31] <ircfox> I think it is called venet
[03:31] <davidbowlby> that last one should do it
[03:31] <ircfox> It has lo, venet0 and venet0:0
[03:31] <davidbowlby> yes
[03:31] <davidbowlby> and is one a 192 address?
[03:32] <ircfox> venet0:0 is
[03:32] <ircfox> well not 192 but not 127 either
[03:32] <sarnold> venet? o_O
[03:32] <davidbowlby> ircfox, what is the damn ip
[03:32] <ircfox> sarnold: because it is a vps perhaps?
[03:32] <davidbowlby> it's not your public one, is it
[03:33] <ircfox> yes, it is
[03:33] <davidbowlby> wait, a vps
[03:33] <davidbowlby> ... ok
[03:33] <davidbowlby> who are you using
[03:33] <davidbowlby> are they openstack?
[03:33] <ircfox> crissic
[03:33] <davidbowlby> because most VPS folks start with port 22 open, but everything else is locked shut
[03:34] <sarnold> oh man so much more makes sense now!
[03:34] <davidbowlby> sarnold yeah
[03:34] <sarnold> I hadn't considered that possibility.
[03:34] <davidbowlby> ircfox, first of all, you don't have to do anything on your wifi router
[03:34] <davidbowlby> ircfox, because the VPN isn't on your network
[03:34] <davidbowlby> ircfox, which would have been nice to know ;)
[03:35] <ircfox> I did use this command when configuring the pptp : sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
[03:36] <ircfox> perhaps it is not working because there is no eth8?
[03:36] <davidbowlby> ircfox, yes, but with a hosted service, the system can have its own firewall, not just the VM
[03:36] <davidbowlby> no, ircfox, the interface names are ok
[03:37] <davidbowlby> they just told us you were running a different kind of network
[03:37] <davidbowlby> ircfox, I'm sorry, I'm not familiar with how they open ports up
[03:37] <sarnold> and in fact if you're getting connection timeouts they almost certainly have all ports firewalled off except 22 and maybe 80...
[03:37] <davidbowlby> ircfox, there should be some kind of manual on how to open a port to your virtual machine
[03:37] <davidbowlby> sarnold, definitely
[03:38] <davidbowlby> ircfox, most of them have some kind of network profile you can edit to allow ports
[03:38] <davidbowlby> on the virtual machine properties
[03:38] <sarnold> ircfox: check around their admin panel for firewalling or security groups, probably you have to do something to specify ports and networks allowed to use those ports
[03:38]  * davidbowlby needs a drink now
[03:40] <davidbowlby> sarnold, I was able to connect to his 1723 though from my host
[03:40] <davidbowlby> sarnold, so something is still a lil off
[03:40] <sarnold> davidbowlby: ohhhhhh
[03:40] <sarnold> color me confused then :)
[03:40] <davidbowlby> sarnold, yeah, just remembered that ahah
[04:09] <davidbowlby> sarnold, it's client configuration, we're good here
[07:00] <jamespage> Daviey, yes it does and thankyou if you did it :-)
[07:09] <lordievader> Good morning.
[07:15] <DenBeiren> goodmorning,..
[07:16] <DenBeiren> when running an rsync from a server to a dreambox (linux based sat decoder) on gigabit network i get max speeds of 1.7MB
[07:16] <DenBeiren> shouldn't this be a lot more?
[07:17] <lordievader> Perhaps, perhaps not.
[07:17] <lordievader> Writing to a slow disk?
[07:18] <DenBeiren> it's a new WD blue or black (don't remember exactly)
[07:19] <DenBeiren> it's def. the "newer faster" technology,.. not ide
[07:20] <lordievader> Congested network?
[07:24] <DenBeiren> i'm guessing not,.. how could i find out? my (manageable) switch is not even breaking sweat
[07:24] <DenBeiren> the server has bonding
[07:26] <lordievader> DenBeiren: Do you get decent speeds when you download from some other server?
[07:27] <DenBeiren> the server downloads ok,.. as fast as my internetconnection will allow me
[07:27] <DenBeiren> the dreambox, i don't know,.. i don't normally download stuff with it
[07:27] <DenBeiren> i'm now just pushing movies to it located on my server
[07:30] <lordievader> Try it, you are trying to find out where the bottleneck may lie.
[07:36] <DenBeiren> wget doesn't give me a speed indication,.. am i forgetting an -option?
[07:40] <lordievader> DenBeiren: It should. 'wget --output-document=/dev/null http://speedtest.wdc01.softlayer.com/downloads/test500.zip' is what I use to test connections.
[07:42] <DenBeiren> Connecting to speedtest.wdc01.softlayer.com (208.43.102.250:80)
[07:42] <DenBeiren> null                   0% |                                               |  5098k  0:14:54 ETA
[07:44] <Daviey> jamespage: python3-oslo.serialization is now in main, should fix the depwait of python.oslo.log
[07:45] <jamespage> Daviey, thanks - the rest of kilo-3 is now trickling through as that's unlocked most depwaits
[07:46] <Daviey> super
[07:47] <jamespage> Daviey, just manually twiddling rebuilds to workaround circular deps in neutron and its decomposed *aas packages...
[07:47] <Daviey> jamespage: Yeah, i didn't envy you this cycle....
[07:48] <jamespage> Daviey, we won't have all decomposed vendor drivers in for kilo
[07:48] <Daviey> jamespage: But, looks like splitting out is the way of the future... see cinder?
[07:48] <jamespage> infact not many - the *aas ones are done - I'll probably target a few for release if possible
[07:48] <jamespage> Daviey, yeah
[07:48] <jamespage> Daviey, it makes sense
[07:49] <jamespage> Daviey, but it does increase the packaging complexity and quantity
[07:49] <Daviey> jamespage: Planning to have vendor PPA's?
[07:49] <jamespage> Daviey, I think that's likely yes
[07:49] <jamespage> Daviey, we'll probably use that for testing and then onboard into distro next cycle
[07:49] <jamespage> depending on status
[07:49] <jamespage> it actually gives us a nicer QA process rather than accidentially packaging all vendor plugins as we have done in the past
[07:50] <jamespage> alot had out-of-archive deps hidden in them
[07:50] <Daviey> jamespage: What about UCA?
[07:50] <jamespage> archive feeds UCA
[07:50] <jamespage> still
[07:50] <Daviey> right, but for pulled out vendor drivers?
[07:50] <jamespage> well for the first 9 months at least
[07:51] <jamespage> Daviey, we already do some UCA type things for vendors
[07:51] <jamespage> its not UCA
[07:51] <jamespage> 'partner package archives'
[07:51] <Daviey> Sorry, i mean, Kilo on 14.04, will that have the vendor drievrs from PPA's or limited set from main on vivid?
[07:52] <jamespage> Daviey, most likely PPA's
[07:52] <Daviey> ok, thanks
[07:52] <jamespage> Daviey, any of specific interest to you?
[07:52] <jamespage> (I was thinking for seeing if I could get vmware-nsx in as I have charm stuff that depends on that)
[07:55] <Daviey> jamespage: More curiosity than anything else.
[08:03] <lordievader> DenBeiren: Is that a normal speed for your connection?
[08:38] <memoryleak> Is there a storage service you guys can recommend for backing up data of servers, other than AWS S3?
[09:29] <R1ck> hi. I have a Ubuntu 12.04 server, which has nsca 2.7.2. Ubuntu 14.04 has nsca 2.9.1, whats the best way to get that 2.9.1 package installed on a 12.04 server?
[09:29] <lordievader> R1ck: See if there is a backports ppa?
[09:30] <R1ck> well I found this: https://launchpad.net/~bli-linsang/+archive/ubuntu/nsca-backport
[09:30] <R1ck> so thats the "best" way?
[09:31] <DjangoPythonist> Hi everyone, i have some trouble with an ubuntu 12.10 webServer. df tell me that i have a 91% (around 89G) of 94,28G of total use in a disk partition, but dcnu and du tell me that the total amount used is 44G. It's a production server and i need to free some disk space without pay for more Gigas, and this big difference from df to du make's me crazy. ¿Somebody can give me some light about what happend? Thks, and s
[09:32] <lordievader> R1ck: Does it have pesky dependencies?
[09:33] <lordievader> R1ck: I suppose upgrading to Tusty ain't an option?
[09:33] <R1ck> unfortunately not :)
[09:35] <lordievader> You could also package 2.9.1 yourself.
[09:36] <lordievader> But there you might run in to dependency problems.
[09:36] <lordievader> You absolutely need 2.9.1?
[09:47] <R1ck> yes, I'm beginning to get 2.9 clients that cannot communicate with a 2.7 daemon
[09:48] <R1ck> 2.9.1 daemon is running :) backports package seems to work fine
[09:50] <lordievader> R1ck: Ah, good to hear :)
[10:04] <rbasak> strikov: ping, about Juju, for when you start today.
[10:04] <strikov> rbasak: i just started
[10:05] <rbasak> strikov: oh, OK. Google Calendar seems to think you will start in another hour :)
[10:05] <rbasak> Though we just did go into daylight savings time in Europe so maybe that affects things?
[10:05] <strikov> rbasak: that's right, i have an appointment today, so i started earlier :)
[10:06] <rbasak> strikov: oh, OK :)
[10:06] <strikov> rbasak: did you have a chance to look at the package?
[10:06] <rbasak> strikov: yes. Great work!
[10:06] <rbasak> strikov: I appreciate the amount of time you've had to spend on this.
[10:07] <rbasak> strikov: the only review comments I have are things that I never mentioned to you - my fault.
[10:07] <rbasak> strikov: only really minor - I can upload now anyway, but we can maybe fix these to save ourselves time next time.
[10:08] <strikov> rbasak: sure, let's do it today
[10:08] <strikov> rbasak: what do i need to fix?
[10:08] <rbasak> strikov: first, we should mention the tracking bug in the changelog, so it auto-closes on upload. Eg "  * New upstream release (LP: #1416051)". No need for you to fix this - I can just do it before I upload.
[10:09] <rbasak> strikov: then the only other thing is minor disparity with the PPA debian/control file. I noticed because I diffed debian/ against the PPA, just to make sure that Curtis hasn't made any packaging changes in the PPA that we need.
[10:10] <rbasak> strikov: specifically these two differences help with backports. They aren't technically needed in Vivid, but we've made it so they will work in Vivid anyway, and that way when we push to Trusty we won't have to change the debian/control file, which would be easier for us to manage.
[10:10] <strikov> rbasak: oh, really? i did that comparison myself about a week ago and it looks like i missed something. sorry
[10:10] <rbasak> The first is:
[10:10] <rbasak> -               gccgo-go [!amd64 !i386 !armhf],
[10:10] <rbasak> +               gccgo [!amd64 !i386 !armhf],
[10:11] <rbasak> This was indeed broken on Vivid a while ago, but I added gccgo-go as a virtual package so now we can Build-Depend on it in Vivid without issues.
[10:11] <rbasak> (and it'll pull in gccgo on Vivid, and gccgo-go as a real package in previous releases)
[10:11] <rbasak> The second is:
[10:11] <rbasak> -Depends: cloud-image-utils | cloud-utils,
[10:11] <rbasak> +Depends: cloud-image-utils,
[10:12] <rbasak> This only happened after I uploaded the previous Juju packaging, and then forgot to tell you about it, so I wouldn't expect you to have known about it.
[10:12] <rbasak> cloud-utils got split a release or two ago, so we fall back to cloud-utils if cloud-image-utils doesn't exist.
[10:12] <rbasak> I asked Curtis to add this to PPA packaging, and said I'd sync into Ubuntu packaging, but forgot.
[10:13] <rbasak> strikov: both of these I couldn't have expected you to have known about :)
[10:15] <strikov> rbasak: you told me about debdiff'ing against sinzui's ppa
[10:16] <strikov> rbasak: fixing it now, thanks for a review!
[10:16] <rbasak> strikov: no problem. And good work! This isn't an easy package to work on :)
[10:17] <rbasak> strikov: OK if you want to fix those up, then you can update the changelog with the bug reference and those other two changes, and then you can take all the credit for the upload :)
[10:17] <rbasak> That'll help when you apply for upload rights.
[10:18] <frudo> hi..
[10:19] <frudo> how can i off checkconfig serivce on ubuntu like linux I am not more familiar with ubuntu, can any one help on this
[10:23] <rbasak> frudo: are you asking for the Debian/Ubuntu equivalent of chkconfig?
[10:23] <rbasak> frudo: update-rc.d is used to adjust Sys V init script execution. For upstart jobs, you edit service definitions directly in /etc/init/.
[10:23] <rbasak> For systemd, you copy /lib/systemd/service/... to /etc/systemd/service and then edit it.
[10:29] <frudo> thanks. rbasak. i will try for zabbix serivce..
[10:29] <frudo> on ubuntu machine
[10:36] <strikov> rbasak: why 'Depends: cloud-image-utils | cloud-utils' is needed? maybe just cloud-utils is okay, because it's available everywhere (including precise where cloud-image-utils is not available)
[10:37] <strikov> rbasak: okay, i figured it out myself, cloud-image-utils might be installed manually without a metapackage
[10:37] <strikov> rbasak: okay
[10:38] <rbasak> strikov: yes. Also, won't cloud-utils pull in cloud-guest-utils also, which we don't need in this case?
[10:38] <rbasak> That was the reason it was split.
[10:38] <rbasak> kickinz1: is http://askubuntu.com/q/582038/7808 relevant to your work?
[10:40] <frudo> update-rc.d nginx disable  this commad is wirking but when i trying to do update-rc.d zabbix-agent disable  its not working
[10:40] <kickinz1> rbasak: yes, we are in the process to make it work on armhf. Docker is ready, working on owncloud 8
[10:41] <kickinz1> rbasak (docker-1.5.0 armhf package  is ready, just need to wait for some code in the store to have it uploaded)
[10:54] <strikov> rbasak: just fyi, gccgo-go is not available on precise (just in case we'll make decision to package current juju there)
[10:57] <rbasak> strikov: OK, thanks. I think probably there is no gcc go package to use regardless of name on Precise?
[10:57] <rbasak> strikov: so that should be OK
[10:57] <strikov> rbasak: gccgo is available: http://packages.ubuntu.com/precise/gccgo
[10:57] <rbasak> strikov: Oh, OK
[10:59] <rbasak> strikov: I don't think there will be a demand for Juju on Precise for non-Intel that doesn't exist already, so let's just aim for parity with the PPA for now, and we can both change together later if necessary.
[10:59] <rbasak> Then the diff against the PPA can remain smaller
[11:00] <rbasak> strikov: thank you for pointing it out though
[11:07] <rbasak> jamespage: what was the state of arm64 support in docker.io in the archive, please? I saw some back and forthing of support in the changelog, so wasn't sure of the previous status.
[11:07] <jamespage> rbasak, it needs dropping for now
[11:07] <rbasak> jamespage: I ask because we're having some issues with arm64 but I think we have everything else working, so am wondering if this is actually a regression in functionality or not.
[11:07] <jamespage> its incomplete (specifically in one of the deps)
[11:07] <rbasak> kickinz1: ^^
[11:07] <jamespage> and its never worked
[11:07] <strikov> rbasak: debian.tgz and .dsc are in your inbox; thanks!
[11:08] <kickinz1> rbasak: OK
[11:08] <rbasak> jamespage: "its never worked" is perfect for a justification for an FTBFS in the FFe bug - thanks :)
[11:08] <rbasak> strikov: thanks!
[11:08] <jamespage> rbasak, sorry - I mean't todo that before handing over
[11:08] <rbasak> jamespage: no problem
[11:35] <rbasak> kirkland: hey. byobu.co seems to redirect to www.byobu.co that doesn't resolve.
[12:03] <strikov> rbasak: it is accessible for me
[12:03] <strikov> rbasak: i mean byobu.co
[12:04] <strikov> rbasak: http://www.downforeveryoneorjustme.com/http://byobu.co
[12:04] <rbasak> $ host byobu.co
[12:04] <rbasak> Host byobu.co not found: 2(SERVFAIL)
[12:06] <strikov> rbasak: http://pastebin.ubuntu.com/10711691/
[12:07] <strikov> rbasak: you may use sshuttle or something with dns forwarding
[12:08] <rbasak> strikov: thanks. I don't know why this fails for me. Firefox isn't being clear on why it complains about www.byobu.co. I see no redirect accessing it by hand over HTTP.
[12:13] <bwm> Having problem setting keep alive timeout in Apache2 default virtual host
[12:14] <bwm> I set the timeout in the virtual host on a clean apache2 install on 14.04 and it has not effect.
[12:14] <bwm> s/not/no/
[12:14] <OpenTokix> bwm: you enable keepalive in the main config, not per vhost
[12:15] <bwm> OpenTokix: that's not what the apache doc says
[12:15] <bwm> ... let me check that ...
[12:15] <OpenTokix> bwm: I have never set it per vhost, but maybe you can then. - What is the problem you are seeing?
[12:16] <bwm> [Context:	server config, virtual host]
[12:17] <OpenTokix> So you set KeepAlive On - and you dont get a keepalive? - How do you check?
[12:17] <bwm> Its just ignored.  I have a little curl based test.  If I run it with keepalive configured in the default vhost - then connections are dropped.
[12:17] <bwm> If I run the same test with keepalive timeout set in the global config then then connections remain open
[12:18] <OpenTokix> no loadbalancer?
[12:18] <bwm> If I munge the default host config to mess up the docroot I get 404's - so the virtual host config is being used
[12:18] <OpenTokix> And no user agent sniffign browsermatch-directives?
[12:19] <bwm> Not in this test case - the reason I'm doing this is my production load balancer config is having problems and i've traced it to the keepalive possibly being the issue
[12:20] <bwm> no browermatch directives - never heard of them :(
[12:20] <OpenTokix> What load balancer are you using?
[12:20] <OpenTokix> Keepalive is.... not always optimal ebhind a load balancer
[12:20] <bwm> I'm not in this test case.  In production is an AWS loadbalancer
[12:21] <OpenTokix> Is that a proxying or routing load balancer?
[12:21] <bwm> Strictly - I don't know.
[12:22] <bwm> I'm guessing the load balancing is done in the routers
[12:22] <OpenTokix> If its routing, keepalive should be on - if its proxying, off
[12:22] <OpenTokix> Esp. if you have a lot of traffic
[12:23] <bwm> The AWS config assumes the keepalive is on.  We have it on - but I'm seeing occasional gateway timeout errors which can be due the loadbalancer keep alive timeout being longer than the servers keepalive timeout
[12:24] <OpenTokix> What is the host-ip you see in yo uaccesslog? - Is it clients or the load balancer?
[12:26] <bwm> client
[12:28] <bwm> actually - we see both
[12:29] <OpenTokix> Yes, but what is the clientip, and the other is probably forward-for header?
[12:30] <bwm> the other is X-Forwarded-For header
[12:30] <OpenTokix> Then its proxying
[12:30] <OpenTokix> Then  your apache threads will be busy with waiting for the  proxy to send a new connection while keepalive timeout is timeing out.
[12:31] <OpenTokix> and your proxy will open a new connection for each new client
[12:33] <bwm> Confession: I'm a bit new to all this.
[12:34] <bwm> OpenTokix: I have no idea what the LB's policy is.  It does expect keep alive to be on.
[12:35] <bwm> OpenTokix: Any thoughts on why my little experiment with setting keepalive timeout on the default virtual host isn't working?
[12:35] <OpenTokix> bwm: The timeout is ignored?
[12:36] <bwm> OpenTokix: the timeout setting in the virtual host is ignored.  The server wide timeout is used.
[12:36] <OpenTokix> In a name-based virtual host context, the value of the first defined virtual host (the default host) in a set of NameVirtualHost will be used. The other values will be ignored.
[12:36] <OpenTokix> It is used in the first namebased vhost
[12:37] <bwm> In my test setup I only have one virtual host - 000-default.conf
[12:39] <OpenTokix> ok
[12:41] <bwm> OpenTokix: one of the things I wanted to check here was that there is nothing special about the default VH, e.g. you can't override main config settings in it.
[12:49] <OpenTokix> bwm: there is nothing special about it - just the default
[12:53] <Adri2000> how supported and developed vmbuilder is these days? I thought at some point it was abandoned
[12:54] <strikov> rbasak: i have an appointment right now and will return back in 1 hours; just fyi
[12:56] <ircfox_> could someone help me figure why I am unable to connect to a pptp server please?
[12:57] <bwm> OpenTokix:  Thanks for taking the time to answer my questions.
[12:57]  * pmatulis didn't know people still use PPTP
[12:57] <bwm> OpenTokix: I've just extended my test.  I added a second named virtual host that is a clone of the default.  It successfully overrides the keep alive timeout.
[12:58] <bwm> OpenTokix: I'm hesitant to say this because I am new to this - but this is looking suspiciously like a bug
[12:59] <OpenTokix> bwm: I never use the default host - so not sure it is a bug
[12:59] <rbasak> strikov: OK, thanks
[13:01] <bwm> OpenTokix: agree - I'm not sure either.  I guess I have a choice between - a) change the main config; b) set LB keepalive timeout to 3s c) post details of my test as an issue - but don't know where
[13:01] <OpenTokix> bwm: I doubt it is a bug. - Why cant you change the config?
[13:04] <bwm> OpenTokix: policy.  I'm doing automatic deploys using chef.  I've got mechanisms to configure virtual hosts.  I don't want to change the main config because then I have to maintain different versions for different apache versions
[13:04] <OpenTokix> bwm: ok, and you always use the default vhost?
[13:05] <rbasak> bwm: can you reproduce on a fresh install? If Apache is documented to support that configuration option on virtual hosts, and it doesn't work, then it sounds like a bug to me.
[13:05] <OpenTokix> I have to test it now =)
[13:05] <bwm> rbasak: my test is running in virtualbox vm with a fresh clean install.
[13:06] <rbasak> bwm: which version?
[13:06] <bwm> rbasak:checking ...
[13:06] <bwm>  apache2 -v
[13:06] <bwm> Server version: Apache/2.4.7 (Ubuntu)
[13:06] <bwm> Server built:   Mar 10 2015 13:05:59
[13:08] <rbasak> bwm: a clean install of your chef recipes, or a minimal test to exercise this issue?
[13:08] <bwm> rbasak,OpenTokix: I could put my configs and test script on gist or somewhere
[13:09] <rbasak> bwm: if it does it on a minimal test, I'd ask you to check Vivid and if that's affected then test on a build from the upstream source without packaging.
[13:09] <OpenTokix> bwm: I changed it on a test machine now
[13:09] <bwm> rbasak: of the chef recipe.  good point
[13:09] <OpenTokix> And chaking KeepAliveTimeout to 3, changed it from the default 5 - in 000-default.conf
[13:09] <rbasak> bwm: assuming your test is correct, I'd be interested in a report to upstream.
[13:10] <OpenTokix> rbasak: it is not a bug
[13:10] <OpenTokix> Just tested it on a 14.04 updated host with apache 2.4.7
[13:11] <rbasak> OpenTokix: OK, thanks. Then it's just between you and bwm to figure out what you're doing differently :)
[13:11] <OpenTokix> http://pastebin.com/B85znLP3 <-- this is my 000-default.conf
[13:12] <Arrick> Hey all, I am setting up a ubuntu 12.04 server at this time, and need to know how to pull the information for the current network, that will give me gateway, network, and dns that is currently drawn from dhcp... I need to setup static addressing, but ifconfig does not give me all the information presently.
[13:12] <bwm> OpenTokix: thank - I'll take a look
[13:12] <Arrick> can anyone help me out with the right cmd?
[13:12] <Arrick> sorry, 14.04 server, not 12.04
[13:12] <OpenTokix> Arrick: ifconfig eth0 and ip route show
[13:13] <OpenTokix> Arrick: and /etc/resolv.conf
[13:13] <bwm> OpenTokix: that looks exactly like what I did
[13:13] <mnaser> What are opinions here on running LTSL enablement stacks?
[13:13] <bwm> Only I set mine to 120
[13:13] <OpenTokix> bwm: I used chrome developer tools to check the keepalive  settings
[13:13] <mnaser> *LTS
[13:14] <OpenTokix> bwm: What curl command are you using?
[13:14] <bwm> Ah - hadn't thought of that - was using curl and watching it not keep the connection alive
[13:14] <OpenTokix> bwm: I get this from curl -v "* Connection #0 to host m01 left intact
[13:15] <bwm> Can I give you my curl test that shows what happens to the connection - the headings might say one thing and the server do something else
[13:15] <OpenTokix> bwm: if I put keepalive off. it say: * Closing connection 0
[13:15] <bwm> And I get connection closed
[13:15] <Arrick> Thanks open`
[13:15] <Arrick> OpenTokix, ^
[13:15] <OpenTokix> bwm: My curl dont say the timeout value
[13:15] <OpenTokix> Arrick: your welcome, glad to help
[13:15] <rbasak> mnaser: I'm running the Trusty HWE kernel on a Precise bare metal server because I found the Precise kernel's IPv6 performance over a bridge to be terrible.
[13:16] <rbasak> (oddly IPv4 was fine, and the Trusty HWE kernel fixed the issue)
[13:16] <rbasak> It was the easiest way to solve the problem. As an example.
[13:16] <bwm> I restricted the download rate and did two gets in curl - adjusted the rate so that it took a bit longer than 5 seconds to download index.html once
[13:16] <mnaser> i'm running all trusty here but my most recent server, i installed 14.04.2 and it turns out that had a newer kernel
[13:16] <bwm> Can you put your curl somewhere I can get at it?
[13:17] <mnaser> so I wasn't sure if I should keep all that consistent or not
[13:17] <rbasak> I'd stick to the same thing for consistency unless you have a reason to deviate.
[13:17] <rbasak> With 14.04.2 you're on an HWE kernel upgrade treadmill which isn't ideal.
[13:18] <rbasak> (you'll need to roll up to  with the 16.04 HWE kernel eventually)
[13:18] <rbasak> (you'll need to roll up to the 16.04 HWE kernel eventually for full LTS-period support)
[13:18] <bwm> OpenTokix: curl -S -v --limit-rate 1K -S -o foo -o foo -o foo http://10.10.10.10/ http://10.10.10.10/ http://10.10.10.10
[13:18] <OpenTokix> bwm: http://pastebin.com/jmh8NFpM
[13:18] <mnaser> i'll likely have to upgrade myself to 16.04 anyways to keep up with openstack releases for example
[13:19] <OpenTokix> bwm: Sounds like a very weird way to make this test. - I am more and more suspecting your test is errornous than the config of the server.
[13:19] <rbasak> mnaser: then maybe it doesn't matter so much
[13:19] <mnaser> good information to have.. i'll chew on it a bit more
[13:19] <rbasak> With running the Trusty HWE kernel on Precise I'm not on a treadmill, so the decision is easier for me.
[13:20] <mnaser> yep, i can see the value there but i won't be running releases that long most likely
[13:20] <OpenTokix> What is HWE-kernel?
[13:20] <bwm> OpenTokix: I'm not going to argue with that ; I'll try your curl on my setup
[13:20] <mnaser> OpenTokix: https://wiki.ubuntu.com/Kernel/LTSEnablementStack
[13:21] <OpenTokix> mnaser: thanks
[13:22] <bwm> OpenTokix: your evidence is that curl reports that it leaves the connection open after downloading one file.  My evidence is that when I download two files - the connection gets closed by the server after 5 seconds.
[13:23] <bwm> OpenTokix: i.e. between the downloads of the two files
[13:23] <OpenTokix> bwm: Default keepalivetimeout is 5s
[13:23] <OpenTokix> bwm: If you go above 10s - other things will close connection, like your tcp-settings and such - both client and server.
[13:24] <bwm> OpenTokix: Right - the default is 5 seconds.  And when I try to override it - its still 5 seconds.
[13:24] <bwm> OpenTokix: whatever the headers say - the connection is getting closed.
[13:25] <OpenTokix> bwm: Maybe you have aggressive tcp-settings on yiour client or are you testing via localhost?
[13:26] <bwm> OpenTokix: can you confirm the result I'm getting?  The connection is getting closed.
[13:26] <OpenTokix> bwm: I can't
[13:26] <OpenTokix> I cant see the time for the connection reset
[13:26] <bwm> OpenTokix: I'm on a default ubuntu config
[13:27] <bwm> OpenTokix: its not getting closed on a named VH which is a clone of the default.
[13:27] <bwm> OpenTokix: I think that lets tcp off the hook?
[13:28] <OpenTokix> bwm: Im not sure how to check it reliably
[13:29] <Arrick> if I get that /dev/sdb doesnt contain a valid parition table, does that mean I just need to create a partition and format it?
[13:29] <bwm> OpenTokix: well - if you have a big enough file to get, and ensure it takes between 5 and 10 seconds to download - then that controls the timing of when the second request goes in and whether it finds an open or closed connection
[13:30] <bwm> OpenTokix: the message I get is "* Connection 0 seems to be dead!"
[13:30] <OpenTokix> ok
[13:39] <OpenTokix> bwm: Damn you, I got curious now =)
[13:41] <bwm> OpenTokix: I've been damned for quite a while now :)
[13:48] <Adri2000> hallyn: hi, can you tell me more about the status of vmbuilder? I thought it was abandoned
[13:48] <kirkland> rbasak: doh.  thanks for that.  I just fixed it
[13:48] <davegarath> Hi all I'm trying to install an ubuntu 14.04 server with / crypted on a machine with an 12.04 installed with lvm ( /boot shared )
[13:49] <OpenTokix> bwm: I see it =) =)
[13:49] <bwm> OpenTokix: wondering what you have seen
[13:49] <OpenTokix> bwm: connection seems to be dead
[13:50] <davegarath> I configured my encrypted volume but I have an error message at the end of partitioning : "The attempt to mount a file system with type ext3 in Encypted volume (myvolname) at / failed
[13:50] <davegarath> and it ask to me to resume partitioning
[13:50] <OpenTokix> bwm: curl --verbose --limit-rate 2k -w "%{time_total}\n" http://m01/1 http://m01/3 http://m01/3 -o /dev/null -o /dev/null -o /dev/null <-- And 1,2,3 is a 10k random file.
[13:50] <bwm> OpenTokix: So confirmation?  And if you try it on a second vhost?
[13:50] <davegarath> what I'm wrong ?
[13:53] <OpenTokix> bwm: if the config paramenter is inside the virtualhost -block, it will be ignored
[13:54] <bwm> OpenTokix:  by config parameter you mean the KeepAliveTimeout directive?
[13:55] <OpenTokix> yes
[13:55] <OpenTokix> And it works as expected
[13:55] <bwm> OpenTokix: If you test it in a named virtual host block, other than the default, I think you'll find it is not ignored.
[13:56] <OpenTokix> it is ignored if its inside the Virtualhost block
[13:56] <bwm> OpenTokix: irc is wonderful - but still a limited channel :(
[13:57] <bwm> Open Tokix: do you mean in any virtualhost block
[13:57] <bwm> ?
[13:57] <OpenTokix> bwm: it is not ignored inside the default block
[13:57] <OpenTokix> in the default file
[13:58] <OpenTokix> for the * host
[14:00] <OpenTokix> bwm: if the default-config is enabled, it will take the default timeout and set it - if you disable the default (*) virtualhost. - Ie. The default values get added to the * vhost, if not stateed. - And that hjost that precende of any other host.
[14:00] <bwm> OpenTokix: I'm sorry but I'm not following you clearly.  Can we assume we have 3 apache config files, apache2.conf, 000-default.conf, and another-vhost.conf
[14:01] <OpenTokix> You can only have one KeepAliveTimeout value - but even if you dont state it - the * will take the defautl value. - If you do a2dissite of the default host, - and change the keepalive timeout on another vhost, it will respect that value.
[14:01] <OpenTokix> bwm: if you disable 000-default.conf - it will respect the KeepAliveTimeout set in another-vhost.conf
[14:03] <bwm> OpenTokix: If I have keepAlivetimeout values of 5 in apache2.conf, 120 in 000-default.conf and 120 in another-host.conf then when I access the default vhost I get a timeout value of 5 and when I get access another-vhost I get a timeout value greater than 5
[14:03] <OpenTokix> no, it will be set to 120
[14:03] <bwm> OpenTokix: so I can have different keepalive timeouts on different vhosts at the same time.
[14:04] <OpenTokix> bwm: no
[14:04] <OpenTokix> It will take the first one, - and in your case 000-default
[14:04] <OpenTokix> unless you name your other vhost 000-another-vhost.conf
[14:04] <bwm> OpenTokix: ok - that sounds interesting - what is your evidence for that?
[14:04] <OpenTokix> bwm: My tests, and what the documentation say
[14:05] <OpenTokix> From docs: In a name-based virtual host context, the value of the first defined virtual host (the default host) in a set of NameVirtualHost will be used. The other values will be ignored.
[14:06] <bwm> OpenTokix: From the docs - the default vhost is not used when the hostname in the request matches the servername in the vhost config.
[14:07] <bwm> OpenTokix: those were my words - I'll go lookup the docs for the quote.
[14:07] <OpenTokix> bwm: no, that is for the requests
[14:07] <OpenTokix> bwm: has nothing to do with how the configuration is "built" whe nthe server is started
[14:08] <OpenTokix> bwm: That quote does not sound like it come from apache official docs.
[14:08] <bwm> OpenTokix: "f multiple virtual hosts contain the best matching IP address and port, the server selects from these virtual hosts the best match based on the requested hostname."
[14:08] <OpenTokix> bwm: yes, that is how virtual hosts mean -- but that has nothing to do how the configuration is built for the actual networking stack inside apache when you start it, two entierly different things
[14:08] <bwm> OpenTokix: Ah - can you tell me where in the docs I should look for how the config is 'built'
[14:09] <OpenTokix> bwm: no, not really - its more of a understanding how the configuration works with includes etc.
[14:09] <rbasak> kirkland: no problem. I don't understand why strikov coudn't reproduce it though? Anyway, no matter. Works for me now.
[14:10] <OpenTokix> bwm: apache start either a worker process, that divide the connections among threads, or it has a prefork model where there is different processes. - However, only one and only one process binds to port 80 and that divide the connection
[14:10] <bwm> OpenTokix: don't you think it would be a bit weird to explicitly allow the specification of a keepalivetimeout inside a vhost block and then not honour it?
[14:10] <OpenTokix> bwm: keepalivetimeout is set when you create the socket
[14:10] <OpenTokix> bwm: it is layer 2 in the OSI -model, and the vhost is much higher up
[14:11] <bwm> OpenTokix: I was asking for your evidence that you can't have different keepalive timeouts for different vhosts at the same time.  You mentioned you had a test that shows this.  Can you please describe the test.
[14:13] <OpenTokix> bwm: I created an extra vhost called mmm and I disabled 000-default.conf - then it respects the keepalivetimeout inside the vhostblock of mmm-vhost. - When 000-default is enabled, it will take the default value from apache2.conf
[14:13] <bwm> OpenTokix:  I believe there is a keepalive at the TCP level.  I don't think the keep alive were are talking about is the same thing?  I think Apache has its own keep alive mechanism.
[14:13] <OpenTokix> bwm: And if I disable 000-default.conf - it will take the first KeepAliveTimeout it finds, insde the block inside test.conf (that has the mmm vhost)
[14:15] <OpenTokix> bwm: Regardsless, you can only have one and exactly one KeepAliveTimeout per apache2 server instance
[14:16] <bwm> OpenTokix: a test - excellent.  I get a different effect.  When I enable both 000-default and mmm I get two different timeouts.
[14:16] <OpenTokix> And you have the KeepAliveTimeout inside the vhost block
[14:16] <OpenTokix> ?
[14:16] <bwm> OpenTokix: yes.
[14:17] <Pici> /7/70
[14:17] <kirkland> rbasak: yeah, I'm confused as to how this happened too;  nothing has changed in my registrar in years
[14:18] <OpenTokix> bwm: I dont
[14:19] <bwm> OpenTokix: I've burned a lot of your time with this.  We could stop at this point and say we understand why we are getting different results.
[14:20] <bwm> OpenTokix:  I'll check my test
[14:28] <OpenTokix> bwm: Also confirm the timeout with devtools in chrome
[14:28] <OpenTokix> bwm: I am 100% sure about my config, since both tests show same results. - Bot curl with limit and devtools show same time.
[14:40] <bwm> OpenTokix: I've just tried to reproduce my test showing multiple different timeout values and failed.  Not sure why - need to investigate further.  For now - my assumption is I screwed that test up somehow.
[14:41] <strikov> rbasak: do you have any idea why this package have such a strange naming: http://packages.ubuntu.com/vivid/libgnutls-deb0-28
[14:42] <strikov> rbasak: (a) what deb0 mean (b) why package is called -28 while it contains 3.3.8
[14:44] <OpenTokix> bwm: sounds plausible
[14:53] <bwm> OpenTokix: thanks for all your help
[14:53] <rbasak> strikov: I don't know what the deb0 means.
[14:54] <rbasak> strikov: but the -28 often refers to a sover, so that multiple sovers can be installed concurrently. This is helpful during transitions.
[14:55] <rbasak> strikov: yeah so /usr/lib/x86_64-linux-gnu/libgnutls-deb0.so.28 is where the 28 comes from
[14:55] <rbasak> And apparently libgnutls-deb0 is the soname, hence the package name
[14:56] <rbasak> strikov:
[14:56] <rbasak> gnutls28 (3.3.2-2) experimental; urgency=high
[14:56] <rbasak>   * Fix crashes due to symbol clashes when a binary ends up being linked
[14:56] <rbasak>     against GnuTLS v2 and v3 by bumping library symbol-versioning (and
[14:56] <rbasak>     therefore also the soname) in a Debian specific way, to make sure there is
[14:56] <rbasak>     no conflict with future:
[14:56] <strikov> rbasak: i thought that sover mimics the actual version of the codebase but it seems to be wrong
[14:56] <strikov> rbasak: thanks a lot!
[14:57] <zetheroo> Hi -  I am trying something out here with Ubuntu - I have LAMP stack installed and tt-rss - the idea is to now have some kind of blog page on the same server which can be updated with short IT messages for staff such as "service xyz is down ... we are working on a solution" - I was going to install Wordpress for this purpose, but it seems overkill. Is there anything else which could work?
[14:57] <rbasak> strikov: speaking of which, your latest Juju packaging is great and fine to upload. I have one very minor comment though, for next time.
[14:57] <rbasak> "Change build dependency from gccgo to gccgo-go." could do with a reason.
[14:57] <rbasak> As we try to explain _why_ in a changelog entry, as well as what, for when someone asks years later :)
[14:58] <rbasak> No need for an update this time though. I'll upload.
[14:58] <strikov> rbasak: yeah, good point; thanks
[15:08] <bananapie> sarnold => I used debootstrap to run Debian Wheezy in a chroot in Ubuntu. I migrated all my services without rebooting. All that is left now is to install the debian linux kernel and reboot. In the mean time, the server is running perfectly in the chroot :)
[15:08] <rbasak> strikov: Juju uploaded. Thank you! That was not a trivial piece of work.
[15:09] <strikov> rbasak: thanks YOU! I volunteer for a next release packaging; I hope i'll take much less time because i know what to do.
[15:31] <ircfox> I am trying to set a pptp server at a vpn but it is currently not working. could someone help me figure how to solve it please?
[15:38] <Arrick> I have a server I am working on, and I need to know if "ifdown em2 && ifup em2" is the proper way to restart a nic (I dont want to run down and then up, or else i have to go onsite and run the up command.
[15:38] <rbasak> Arrick: define "restart"
[15:39] <rbasak> Arrick: if you want to change /etc/network/interfaces, ifdown, then edit, then ifup.
[15:39] <Arrick> rbasak, I changed the dns in etc/network/interfaces and also in /etc/resolv.conf
[15:39] <rbasak> Sometimes you can get away with editing first, but that's not the "proper way"
[15:39] <rbasak> For DNS changes you can get away with it though :)
[15:39] <Arrick> the edit has already been done, and I am at a remote site.
[15:40] <Arrick> so I am wondering how to make the 2 commands run, so I can get back in
[15:40] <rbasak> I would run screen, then inside the screen "ifdown em2; ifup em2"
[15:40] <Arrick> it worked, nevermind.
[15:40] <rbasak> Not &&, since you want to at least try run ifup even if ifdown fails.
[16:02] <bwm> OpenTokix: sorry - back again: you were sorta right about different VH not being able to have different keep alive timeouts. :)  The 'sorta' is that's true for VH's on the same IP and port.  I found the bit of documentation you referred to and I think I understand it now.
[16:03] <bwm> OpenTokix: I still read that documentation as saying that the first VH config should override the server wide config timeout setting.
[16:05] <bwm> OpenTokix:  I think we agree from our testing that is not happening.  I'm back just to check that and whether you agree that documentation says the override should happen.  Or am I missing something.
[16:09] <Arrick> Good morning all... I made a change to my apache2 configuration to make it match the server I am migrating from, and when I go to restart Apache2, it gives me an error... AH00526: Syntax error on line 44 of /etc/apache2/sites-enabled/000-default.conf: Invalid command 'NTLMAuth', perhaps misspelled or defined by a module not included in the server configuration Action 'configtest' failed.
[16:09] <Arrick>  You can see my .conf (scrubbed for security) file at http://paste.ubuntu.com/10712945/
[16:09] <Arrick> any help getting this resolved would make me grateful.
[16:10] <ircfox> How do I test a port to see if its open or closed?
[16:13] <rbasak> Arrick: NTMLAuth sounds like it's for a module not shipped with Apache by default. I'm not sure though. So maybe you need to install the module?
[16:13] <Arrick> not sure, lol... I just performed an apt-cache search, no such animal
[16:15] <Arrick> nice, sourceforge is temporarily offline
[16:27] <fullstop> I think that sourceforge is just waiting for everyone to leave
[16:54] <Arrick> oh really?
[18:19] <hallyn> Adri2000: vmbuilder is basically abandoned, but i couldn't pull it from the archive bc my patches to replace it with uvtool in adt weren't accepted in time for 14.04.
[18:35] <guitarzan> hi folks, does this ring any bells? GPG error: http://ubuntu-cloud.archive.canonical.com precise-updates/havana Release: The following signatures were invalid: BADSIG 5EDB1B62EC4926EA Canonical Cloud Archive Signing Key <ftpmaster@canonical.com>
[18:35] <guitarzan> zul: jamespage: adam_g said you might know about this? ^^^
[18:48] <mgagne> guitarzan: have this package installed? http://packages.ubuntu.com/precise-updates/misc/ubuntu-cloud-keyring
[18:49] <guitarzan> I assume so, let me check that box
[18:49] <guitarzan> the havana archive worked before today
[18:49] <mgagne> otherwise I have nothing else to suggest =)
[18:49] <guitarzan> mgagne: haha, ok :)
[19:02] <jathan> Hello Ubuntu channel. Does someone know how can I redirect one domain to another domain with ssl certificate using Apache 2.4 in Ubuntu 14.04 please?
[19:03] <jathan> I tryied already with virtual host conf and .htaccess and follow this link http://stackoverflow.com/questions/14565560/redirect-all-traffic-from-one-domain-to-another
[19:04] <jathan> But the second domian still without redirecting to the first one
[19:04] <jathan> Can some help me please?
[19:04] <jathan> someone I mean sorry
[19:13] <BrianBlaze420> jathan: check #httpd
[19:15] <jathan> Ok thanks BrianBlaze420
[19:16] <BrianBlaze420> sorry I can't help you more then that I too have been trying to work this out with my same version ubuntu server
[19:16] <Sling> jathan: so you want to redirect from a ssl vhost to another ssl vhost?
[19:17] <Sling> that should work fine, just use Redirect and two virtualhosts each with valid certificates
[19:18] <Sling> if it doesn't, feel free to share vhost configuration and details on what's going wrong :)
[19:18] <jathan> Only 1 domain has the SSL Certificate of the entity
[19:18] <jathan> And the second domain does not have
[19:19] <jathan> Where can I paste you my conf?
[19:19] <Sling> jathan: apaste.info for example
[19:19] <jathan> Ok
[19:19] <Sling> it has highlighting for httpd config
[19:19] <jathan> Thanks Sling :)
[19:24] <jathan> Done. http://apaste.info/9Di and http://apaste.info/QYQ
[19:26] <Sling> jathan: these are essentially the same vhost?
[19:26] <Sling> just the servername/serveralias swapped
[19:27] <Sling> ah no, but both are handling www.crieit.com.mx
[19:27] <jathan> yes
[19:27] <Sling> why?
[19:27] <jathan> www.crieit.mx is the domain with SSL
[19:28] <jathan> Is not correct then
[19:28] <jathan> both handle www.crieit.com.mx
[19:28] <Sling> i still don't know what you're trying to do exactly and why
[19:28] <jathan> Ok. I will explain :)
[19:29] <Sling> also the proxypass directives are not done correctly
[19:29] <Sling> the path you give there should be part of the URI, not an absolute filesystem path
[19:30] <jathan> www.crieit.mx is the main domain and the one that have the SSL authority certificate form entitity. www.crieit.com.mx has not no one SSL cetificate
[19:30] <jathan> And is the domain that I want that can redirect to www.crieit.mx
[19:30] <Sling> okay
[19:31] <jathan> Do I delete the proxy part?
[19:31] <Sling> I don't know why it's there
[19:31] <Sling> if you don't know either, remove it :)_
[19:31] <jathan> Because I tried different methods ja
[19:31] <jathan> OOk
[19:31] <Sling> also remove the mod_rewrite stuff too, you don't need that for redirecting
[19:32] <Sling> and remove the ServerAlias'es
[19:32] <jathan> Ok
[19:32] <jathan> In both files?
[19:32] <Sling> you should have one <VirtualHost *:443> ServerName www.crieit.mx ... <VirtualHost> and one <VirtualHost *:80> ServerName www.crieit.com.mx ... <VirtualHost>
[19:33] <Sling> then put 'Redirect / https://www.crieit.mx' in the non-ssl vhost
[19:33] <Sling> and you should be done
[19:33] <jathan> Ok. Here I go.
[19:34] <Sling> sorry those '... <VirtualHost>' should be '... </VirtualHost>'
[19:34] <Sling> in the non-ssl vhost you don't need a DocumentRoot btw, just the ServerName and Redirect line are all
[19:35] <Sling> assuming you want to redirect *everything* landing there
[19:35] <jathan> I if activated .htaccess and created a file in both domains in /var/www/html/crieit.com.mx and /var/www/html/crieit.mx does this affect to virtual conf files in sites-available
[19:35] <jathan> ?
[19:35] <Sling> no need for htaccess if you have access to the main config
[19:35] <jathan> Ok
[19:35] <Sling> just leave it disabled
[19:45] <jathan> Done Sling.
[19:45] <jathan> I restarted apache but still appearing Your connection is not private
[19:45] <jathan> if I enter https://www.crieit.com.mx/
[19:45] <Sling> well, of course
[19:46] <jathan> I will paste you my files again
[19:46] <Sling> that's not what you said you wanted
[19:47] <Sling> you can only redirect http://www.crieit.com.mx to https://www.crieit.mx
[19:47] <jathan> Sorry maybe I do not explained well. I refer that https://www.crieit.com.mx/ sends to https://www.crieit.mx/
[19:47] <jathan> If it is possible
[19:47] <jathan> ?
[19:47] <Sling> you can only do that with a certificate that is valid for www.crieit.com.mx
[19:47] <jathan> Ah I see
[19:48] <Sling> otherwise it would be a big flaw in the ssl protocol :)
[19:48] <jathan> jaja
[19:49] <Arrick> Good Afternoon All, I am trying to get a Totara Moodle site up and running all the way, however, I have an issue with a "broken helper" for the single signon with active directory.... Here is my 000-default.conf file,  http://paste.ubuntu.com/10712945/ and my errors can be found at http://pastebin.com/tkaJqDKkI am running Apache 2.4.7 on Ubuntu server 14.04.. Any help would be appreciated.
[19:49] <jathan> So I can not link the url https://www.crieit.com.mx to https://www.crieit.mx as symbolic link (for mean something)
[19:50] <bekks> Arrick: "This paste has been removed".
[19:50] <Arrick> ok, pasting again.
[19:51] <Arrick> http://paste.ubuntu.com/10714203/
[19:53] <Sling> jathan: nope
[19:54] <Sling> think about it, the http client (browser) sends a HTTPS request with the Host header 'www.crieit.com.mx' to the webserver, apache will pick the right vhost for this Host header, and then start a SSL negiotiation for that hostname
[19:55] <Sling> then the SSL certificate is offered to the browser, which sees a different hostname in the certificate, and gives you an error
[19:55] <Sling> only after the ssl handshake is done and the browser accepts the certificate, then the rest of your config like proxy's or serving files would be relevant
[19:58] <Sling> Arrick: seen https://bugs.launchpad.net/ubuntu/+source/apache-mod-auth-ntlm-winbind/+bug/1304953/comments/2 ?
[19:58] <jathan> O wow. That was my problem all the time besides start to set up Web Servers
[19:59] <Arrick> Sling, yep, tried it
[19:59] <jathan> Thank you very much Sling. You helped me a lot and resolved my dudes :)
[19:59] <Sling> np :)
[19:59] <Sling> Arrick: ok :) no clue then, never used that module
[20:00] <Arrick> lol
[20:00] <Arrick> I've been googling since I last posted in here, trying to find the answer on my own first.
[20:09] <jathan> It is possible do the same with www.crieit.mx (without ssl link) to https://www.crieit.mx?
[20:09] <jathan> I created another virtual host for it, but does not work
[20:09] <jathan> Following the same for www.crieit.com.mx
[20:10] <Arrick> hey, based on this line in my 000-default.conf is there a module or something I need to install?  NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
[20:10] <jathan> I only changed name server
[20:11] <Sling> jathan: read what i said before about the *:80 and *:443 vhost
[20:11] <jathan> Ok Sling :)
[20:14] <jathan> The fact is that I tried creating a fille named /etc/apache2/sites-available/crieit.mx_wssl.conf
[20:14] <jathan> )without ssl)
[20:14] <jathan> Leaving *:80
[20:14] <jathan> Since the beggining
[20:15] <jathan> Oh I forgot enabled
[20:15] <jathan> with the command
[20:15] <jathan> Sorry let me check
[20:16] <jathan> a2ensite
[20:17] <jathan> Yes :)
[20:17] <jathan> Thanks Sling
[20:18] <Sling> yw
[20:19] <diphtherial> hey, i've been having this inexplicable issue lately where every time i attempt to install a python package (say, via pip) even into a virtualenv, it reports that i don't have space on the device
[20:19] <diphtherial> df isn't reporting that anything is full, though: https://dpaste.de/xORj
[20:19] <teward> diphtherial: actual error message?
[20:20] <diphtherial> teward: https://dpaste.de/hyrO
[20:21] <Pici> diphtherial: tmp is full though.
[20:21] <teward> ^
[20:21] <Sling> recreate the tmp mount with more space
[20:21] <diphtherial> true...hrm. i'm confused that it's only 1mb in size
[20:21] <diphtherial> i hadn't run into this problem before today and i've been using this VPS for a good two years now...
[20:21] <Sling> mount -t tmpfs -o size=<bytes>,mode=1777 overflow /tmp
[20:22] <Sling> after unmounting the current one
[20:22] <diphtherial> Sling: alright, sounds reasonable; thanks
[20:22] <Sling> did your / fill up recently?
[20:22] <diphtherial> it did, but i resolved it by adding an extra volume to the VPS and moving my giant postgres db to it
[20:22] <Sling> this is a remnant of ubuntu panicing about that :)
[20:23] <diphtherial> aha, fascinating
[20:24] <diphtherial> i'm kind of nervous to modify my fstab...the last time i did, the VPS became unbootable and i had to wait two days for my VPS maintainer to reboot the machine
[20:24] <diphtherial> (my VPS provider -- also my university -- doesn't have a means to get console access. they only you to access the server via ssh, which is impossible if it's halting before sshd comes online)
[20:26] <diphtherial> i'm having some trouble unmounting /tmp; the system is complaining that it's in use, which makes sense...
[20:28] <teward> is remount a avlid option?
[20:29] <teward> i.e. mount -t tmpfs -o remount,size=<bytes>,mode=1777 overflow /tmp
[20:29] <teward> (not sure, don't run unless someone confirms)
[20:30] <diphtherial> noted, thanks. on a side note, what's a reasonable size for it? apparently 1mb is far too small