[06:13] <gdi2k> I have no idea where to start with this, so I thought I would start here - hopefully someone can point me in the right direction. We have our office at A and a server hosting a PBX at C. We are trying to optimize the route between A and C to reduce latency, but our ISP is inept. But we also have a server at B which is very close to C but has much better routes from A than A->C. So we would like to route the traffic A->B->C - what do I need at B to make
[06:13] <gdi2k>  that work?
[06:22] <hariom> Hey guys, I have installed openblas-dev and liblapack-dev on my Ubuntu 14.04. How to know which version of these libraries are installed?
[06:30] <samba35> how do i redirect url to domain for ex .www-abcdefgh-com/xyz should redirect to test-abcdefgh-com
[06:42] <william_home> samba35: http://httpd.apache.org/docs/2.4/mod/mod_alias.html#redirect
[07:20] <rbasak> teward: pong
[07:42] <lordievader> Good morning.
[08:56] <Vexena> Hello, I heard that enabling automatic updates can be potentially dangerous on a server in a live environment, why is this exactly?
[11:04] <william_home> jamespage: i was told to bug you, for packaging issues in the cloud archive?
[11:29] <Vexena> Anyone know what would be the best way to start a screen session upon startup? I've tried it with a upstart .conf script like this: http://pastebin.com/ybzACJ34 but that only makes "service tsbot start" and "service tsbot stop" work but the service does not start upon startup
[11:32] <Vexena> Seems like it's fixed now
[12:42] <teward> rbasak: sorry about not being here around 3AM - nginx dynamic module loading slated to exist in 1.9.x, which I believe Debian might end up having.  (I hate the continual shift between mainline and stable, but Debian nginx maintainers do that)
[12:42] <teward> rbasak: not sure if we'll need additional review of the package going forward or not, because there'd be a lot more 'main' packages if we support 'core' modules...
[12:42] <teward> no timeline yet, but...
[12:57] <rbasak> teward: thanks. Sounds good - should save us from the multiple static build hell? We can check with the security team nearer the time.
[13:08] <teward> rbasak: it should, but i think we should partly rely on Debian for some of the packaging.  1.9.x was released only a couple days ago, and AFAIK dynamic package support is listed on the timeline of goals, but no idea of actual timeline or ease of implementation ye
[13:08] <teward> yet*
[13:12] <teward> rbasak: if it's anything like Apache, there may be a couple core "global" functions still built in, but additional plugins would be available.  The tricky part, I believe, is balancing stable vs. mainline in Ubuntu - 1.8.x is the stable release, 1.9.x is the mainline release, and that's going to supersede the stable release, my guess is for maybe a year
[13:12] <teward> rbasak: i wouldn't mind additional security reviews closer to then though, code format changes, etc. and what not
[13:15] <rbasak> teward: I imagine we'll want the stable release in every LTS release.
[13:16] <rbasak> teward: and that implies we should try and stick to the stable release in all releases if we can - otherwise it wouldn't work.
[13:16]  * rbasak wonders what Debian does here.
[13:17] <devster31> dd of a 3.1 gb image is taking forever, like 30+ minutes, is this normal?
[13:18] <teward> rbasak: that's... doable to an extent, but that'll require a manual upload to Ubuntu specifically of Stable
[13:18] <teward> rbasak: and at that point we break Debian inheritence
[13:19] <rbasak> teward: so Debian stick to mainline?
[13:20] <teward> rbasak: i forget exactly how my Debian maintainer contact worded it, let me see if I can get a oneliner to provide.
[13:20] <teward> i do know at one point they start using mainline then go back to stable, as for actual timeline I don't know how they determine that, probably something related to Debian release dates
[13:21] <teward> rbasak: but if W series is open and 1.9.x made available in Debian, that's a mainline release, which is always going to have a higher version # than nginx stable releases
[13:21] <teward> rbasak: a good 'starting point' would be what i just uploaded to the nginx team PPAs - 1.8.x
[13:21] <teward> which is stable, and has debian HEAD as of... what, two days ago now?
[13:21] <teward> (debian HEAD as in from the nginx git repo there)
[13:22] <teward> (was needed for 1.8.x builds to work)
[13:22] <rbasak> OK
[13:22] <teward> but since W's name hasn't even been released yet, I don't even think W-series is open
[13:22] <teward> so i'll keep my radar pointed at Debian and the announce lists waiting for W to open
[13:23] <rbasak> Yeah it's not open yet.
[13:23] <teward> then we'll discuss further
[13:23] <rbasak> OK. Thanks!
[13:23] <teward> you're welcome, i just wanted to give you the heads up :)
[13:23] <teward> rbasak: http://trac.nginx.org/nginx/roadmap  <-- roadmap for the 1.9 milestone
[13:25] <rbasak> Hmm. Based on that 1.9 will just miss our next LTS.
[13:25] <teward> rbasak: well, i don't trust the milestone date there
[13:25] <teward> because of their news statement...
[13:25] <teward> 2015-04-28: nginx-1.9.0 mainline version has been released, with the stream module for generic TCP proxying and load balancing.
[13:25] <rbasak> Ah
[13:25] <teward> (from http://nginx.org/.  http://nginx.org/en/download.html shows that 1.9.0 is available)
[13:26] <teward> rbasak: i think that's the date the milestone expires, not the date it's absolutely needed by.
[13:27] <teward> rbasak: nginx has always provided both versions... one for 'stable' (not many new features, althoug hwhatever was in 1.7.x is now in 1.8.x), and one for 'mainline' which is cutting edge features
[13:27] <teward> (it's an in-development release, but AFAICT it *does* work 'stable'ishly
[13:27] <teward> )
[13:27] <teward> (trust me, triaging for these versions is a headache sometimes... >.<)
[13:41] <ebonics> anyone know offhand what happens when you run out of memory or disk space while tarring something. like does it delete the temp file
[13:51] <patdk-wk> what tempfile?
[13:51] <patdk-wk> tar shouldn't be making a tempfile
[14:01] <teward> rbasak: this is the response from my contact @ Debian: "We stick with mainline in testing until freeze and then we stick with that version. The hope is to bump versions one time after freeze to stable and release a new debian stable with the current nginx stable"
[15:01] <frickler> jamespage: would you have time to look at https://github.com/ceph/ceph/pull/4353? this is blocking http://tracker.ceph.com/issues/11388 which you already fixed for Ubuntu, but it would be great if that could also be fixed upstream
[15:02] <jkyle> could someone let me know what the equivalent of the linux-headers-server package is in 15.04?
[15:03] <patdk-wk> same as it was on 14.04
[15:03] <patdk-wk> there is no -server for awhile now
[15:03] <patdk-wk> I think it went away in 12.04
[15:04] <ronator> if in doubt, use 'aptitude search foobar'
[15:04] <patdk-wk> is your kernel in /boot called -server?
[15:04] <patdk-wk> likely, only -generic
[15:19] <jkyle> patdk-wk: My installation script isn't finding the package
[15:19] <jkyle> by that name
[15:19] <jkyle> also looks like some preseed options have changed
[15:19] <patdk-wk> the package has not existed since before 14.04
[15:19] <patdk-wk> it was a meta package that just referenced -general instead
[15:19] <patdk-wk> since that reference hasn't been needed for upgrades, it's gone
[15:21] <jkyle> ah, ok, I see, linux-headers-server is marked "transitional" in 14.04
[15:21] <jkyle> I'll switch my scripts over
[15:38] <jkyle> alright, there we go, now I just have to figure out how to automatically install grub into the MBR in the new preseed for 15.04
[19:31] <_2_misstiababy> hi
[19:38] <Vexena> Have anyone used Plesk before? I don't have a apache server running but I got a license for Plesk together with my VPS. I wonder if I could use Plesk for example to restart my teamspeak server?
[19:39] <Vexena> Or is this only to monitor, restart,... web hosting processes such as apache, nginx, ...?
[19:40] <sarnold> I have a strong dislike for web-based admin panels, I'm going to guess that they are the second most common route for attackers to gain access to systems (after ssh password bruteforce)
[19:40] <Vexena> I agree with that, but it's so tempting to use :)
[19:40] <Vexena> As I would like to be able to control my server from distance with my phone incase something goes wrong
[19:50] <tflgen2> Question: just set up ltsp-pnp on a 14.04 box and I was wondering if there was a way to have the pxebooted clients search for their specific config file (I'd like only specifed mac addresses to be able to boot to ltsp. All others should boot from local HDD) So far, even with the correct aa-bb-cc-dd-ee-ff file, the client always gets default config. Any ideas?
[21:23] <swizgard> hi. any advice on getting rid of dnsmasq here?
[21:23] <swizgard> or even a good reading resource would be nice as i don't get how all these things (dhclient, network-manager, dnsmasq, etc.) play together in ubuntu
[21:26] <spyridonas> Hello guys , i try to make a website work on my apache , both apache2 runs as www-data user and the folder is under www-data user/group but php can't write. Whats wrong with that? :/
[21:37] <spyridonas> echo shell_exec("whoami"); says www-data
[21:38] <spyridonas> folder is www-data group,user with 777 , still cant' write...
[21:38] <Patrickdk> so?
[21:38] <Patrickdk> did you check apparmor?
[21:39] <Patrickdk> dmesg?
[21:39] <spyridonas> i dont have apparmor
[21:39] <spyridonas> and dmesh
[21:39] <spyridonas> and dmesg
[21:39] <Patrickdk> heh?
[21:39] <Patrickdk> EVERYONE has dmesg
[21:40] <spyridonas> oh wait
[21:40] <spyridonas> how i check if apparmor is installed?
[21:40] <Patrickdk> if apparmor is an issue, it would be logged in dmesg
[21:40] <Patrickdk> if apparmor was active, it would also be in there
[21:40] <jjohansen> spyridonas: sudo aa-status
[21:41] <Patrickdk> or, someone that knows more :)
[21:41] <spyridonas> oh well i guess i have it installed then
[21:41] <spyridonas> but apache is not on the rules thing
[21:42] <spyridonas>  5 processes are in enforce mode.    /usr/bin/freshclam (2070)    /usr/sbin/clamd (1953)    /usr/sbin/mysqld (1130)    /usr/sbin/named (1105)    /usr/sbin/ntpd (2837)
[21:42] <jjohansen> Patrickdk: is correct in that if apparmor is denying something it should be logging it to dmesg, and /var/log/syslog
[21:42] <ebonics> does anyone know if there's a difference in the way some ssh commands are piped back to the ssh client from sshd
[21:42] <bekks> ?
[21:42] <bekks> difference in the way compared to what?
[21:43] <ebonics> like fundamentally. i'm using a "session" to send a command. say "ls" and it returns a single string with the output for that command
[21:43] <ebonics> but when i do something like "du"  i just get read errors
[21:44] <bekks> Which doesnt mean the ssh session is the issue.
[21:45] <ebonics> which is why i'm asking :( cause i can't think of what it could be
[21:46] <bekks> open a terminal, ssh to the remote host, run du.
[21:46] <ebonics> bekks, it works fine
[21:46] <Patrickdk> can the command run without a pty?
[21:46] <Patrickdk> did you tell ssh to use a pty?
[21:47] <Patrickdk> or did you mean actually ssh to the other machine and run it?
[21:47] <Patrickdk> ssh user@remote du
[21:47] <ebonics> Patrickdk, i am sshing to another machine and running it.
[21:47] <Patrickdk> is different from ssh user@remote, then run du
[21:47] <ebonics> but i have the ability to request a pty
[21:47] <spyridonas> jjohansen: i disabled apparmor, apache still can't write on folder...
[21:47] <ebonics> i do the latter Patrickdk
[21:48] <ebonics> i don't know if pty is necessary for du, that's definitely a possibility
[21:48] <bekks> So try it.
[21:48] <Patrickdk> works with and without pty
[21:48] <bekks> Thats what I told you :)
[21:48] <jjohansen> spyridonas: well then its definitely not apparmor
[21:49] <Patrickdk> your issue is clearly not ssh :)
[21:49] <spyridonas> jjohansen: apache2 whoami says www-data
[21:49] <ebonics> Patrickdk, i' m not "blaming" ssh, i just think i'm not understanding
[21:49] <Patrickdk> are acl's enabled?
[21:49] <jjohansen> spyridonas: I assume you have checked DAC permission
[21:49] <spyridonas> jjohansen: /var/www says www-data (user-group)
[21:49] <spyridonas> jjohansen: permissions are on 777
[21:50] <jjohansen> right
[21:50] <spyridonas> jjohansen: (temporary)
[21:50] <bekks> 777 on /var/www is pretty safe way for shooting injuries in your knees.
[21:51] <jjohansen> spyridonas: hrmmm other so other things that could be blocking it, are how its mounted, seccomp
[21:51] <jjohansen> apache could be failing it self because of 777
[21:51] <spyridonas> well since 777 can't write i dont think any kind of injuries is possible
[21:52] <jjohansen> I'm not sure
[21:52] <Patrickdk> I have my suexec disable itself on world writable
[21:52] <Patrickdk> not sure what stock apache does
[21:53] <spyridonas> the specific error is about unziping (does php have other user/permissions than apache?)
[21:54] <spyridonas> error] PHP Warning:  ZipArchive::extractTo(): Permission denied in /var/wwwl/testshop/classes/Tools.php on line 2548
[21:54] <ebonics> ops Patrickdk it was because i wasn't waiting for the command to complete. ls just happens to return gaster
[21:54] <ebonics> faster*
[21:55] <Patrickdk> heh?
[21:55] <Patrickdk> /var/www != /var/wwwl
[21:55] <Patrickdk> ebonics, maybe a pmtu issue?
[21:56] <spyridonas> yeah i typed l somehow here >_<;
[21:57] <ebonics> Patrickdk, not in this case, but i think that could very well be a problem later on
[21:57] <ebonics> when i start using scp protocol
[21:57] <Patrickdk> well, it would affect everything
[21:57] <Patrickdk> if you have mtu issue, blocking icmp, ..., causing pmtu to break
[21:57] <Patrickdk> it's noticable cause like when doing du, or ls
[21:57] <Patrickdk> anything large, suddently, it stops
[21:58] <Patrickdk> unless you have pmtu blackhole detection enabled
[21:58] <ebonics> Patrickdk, i don't know what that is. but what's the solution? chunk the response packets?
[21:59] <Patrickdk> what kind of internet connection is it on?
[21:59] <ebonics> TCP
[21:59] <Patrickdk> or, what is it's ip address?
[21:59] <Patrickdk> tcp is a protocol
[21:59] <ebonics> what do you mean
[21:59] <Patrickdk> is it reachable publically?
[21:59] <Patrickdk> that ssh host?
[21:59] <ebonics> Patrickdk, no
[22:00] <Patrickdk> well, try installing tracepath
[22:00] <Patrickdk> and running it against the ssh host
[22:00] <Patrickdk> and see
[22:00] <Patrickdk> if both are on the same local network
[22:00] <Patrickdk> your mtu's should likely be 1500
[22:00] <Patrickdk> and you shouldn't have this issue
[22:00] <Patrickdk> it's normally when going over the internet, and expecially if one side is on dsl
[22:00] <Patrickdk> this issue will crop up
[22:01] <Patrickdk> or if you use a vpn
[22:01] <ebonics> Patrickdk, is there a solution, assuming it is a problem?
[22:01] <ebonics> and yes i am on a vpn
[22:01] <Patrickdk> yes, just properly configuring the vpn correctly :)
[22:01] <Patrickdk> and not blocking icmp
[22:02] <ebonics> Patrickdk, i'm not sure if this is my problem though
[22:02] <ebonics> when i wait for the response then du works
[22:02] <ebonics> i thought you were talking about max packet sizes over ssh
[22:02] <Patrickdk> I am
[22:02] <Patrickdk> but normally ssh packets are tiny
[22:03] <Patrickdk> but when you run du, ls, ..., that will make larger packets
[22:03] <Patrickdk> and you will notice pmtu issues
[22:03] <Patrickdk> same for scp
[22:03] <Patrickdk> or http
[22:03] <Patrickdk> I'm not saying this IS your problem, but it sounds close
[22:04] <ebonics> so Patrickdk i guess i would just need to read the ssh manpage
[22:04] <ebonics> the solution would be to understand how ssh handles pmtu i guess
[22:07] <Patrickdk> it doesn't
[22:07] <Patrickdk> tcp does
[22:08] <Patrickdk> or rather, ip does
[23:26] <grendal_prime> hey im creating a ln to a usb->serial adapter for a wine application. It works fine untell i reboot.
[23:27] <grendal_prime> so..as the user i run ln -s /dev/ttyUSB0 ~/.wine/dosdevices/com1 and everything works fine. application can get access to the com port. Then after i reboot i have to destroy the link and recreate it.
[23:28] <grendal_prime> whhat would cause that.
[23:28] <grendal_prime> ?
[23:32] <bekks> the fact that the inode of the device in /dev/ is changing this is linux, not UNIX.
[23:32] <bekks> Easy workaround: create an entry in /etc/rc.local with full paths
[23:32] <grendal_prime> oh
[23:33] <grendal_prime> sorry for my ignorance
[23:33] <bekks> In linux, nowadays, /dev/ is a dynamic FS, thats why it is changing
[23:33] <grendal_prime> sooooo...basically if i use a full path when i create it....well will that fix it?
[23:33] <sarnold> I'm surprised it fails
[23:34] <bekks> if you are using something like /usr/bin/ls -sf /dev/... /home/user/... ---- then yes.
[23:34] <sarnold> it makes me wonder if wine is checking the lstat of each link and ignoring symlinks older than dev entries or osmething to try to workaround the linux dynamic /dev
[23:34] <bekks> It isnt wine which is checking that.
[23:35] <grendal_prime> it is wine could be a half a dozen problems
[23:35] <bekks> And since the symlink resides outside of /dev/, its age is irrelevant.
[23:36] <bekks> Some more sophisticated way would be creating a script in the initrd which recreates the symlink.
[23:36] <bekks> But thats more a headshot than a simple workaround.
[23:36] <grendal_prime> so exact syntax to creat the ln would be ... ln -s /dev/ttyUSB0 /home/myuser/.wine/dosdevices/com1
[23:37] <bekks> Nope.
[23:37] <bekks>  /where/is/ls ...
[23:37] <bekks> Dont assume you have any sort of $PATH in /etc/rc.local
[23:37] <grendal_prime> have to have the /usr/bin/ls ...im confused
[23:38] <bekks> Why are you confused?
[23:40] <grendal_prime> ok so basically because its not being created on system boot it is pointing to an inode that no longer exists...
[23:40] <grendal_prime> that is what i sounds like your saying
[23:40] <bekks> correct.
[23:41] <grendal_prime> ok, so if i create a boot up script that just deletes it and then creates it..that should do the trick right?
[23:42] <bekks> thats what /full/path/to/ln -sf ... does.
[23:43] <grendal_prime> oh see thats what confused me
[23:43] <grendal_prime> in your post you put ls no ln
[23:43] <grendal_prime> i was not understanding how ls would do that.
[23:44] <bekks> So take "ln" then.
[23:44] <grendal_prime> alright ill give it a shot.
[23:44] <grendal_prime> i need to add that to a initrd job though.
[23:47] <bekks> Why? :)
[23:47] <bekks> Dont you have a sane OS? :)
[23:47] <bekks> wine doesnt start before /etc/rc.local
[23:47] <bekks> So you can do that in /etc/rc.local
[23:47] <grendal_prime> im using ..well on that machine it is using linuxmint
[23:48] <grendal_prime> oh ok or there
[23:48] <grendal_prime> except ln is not in /usr/bin/
[23:48] <grendal_prime> hmm
[23:50] <bekks> "which ln".
[23:53] <grendal_prime> ok i need to put this into rc.local  /usr/bin/ln -sf /dev/ttyUSB0 /home/user/.wine/dosdevices/com1
[23:53] <grendal_prime> but, ln is not located in that dir.
[23:54] <grendal_prime> basically looking for the absolute path to ln executable.
[23:55] <grendal_prime> maybe im going about it the wrong way
[23:59] <grendal_prime> im gonna give it a shot without the full path