[01:29] <tyler_wylie> hallo anyone up
[01:29] <Patrickdk> !ask
[01:30] <tyler_wylie> rattking or sarnold you guys got a few to chat about fai? first server worked fine, following ones are failing nfs mount (can't parse ip addr '')
[03:13] <harushimo> question about maas
[03:14] <harushimo> Set the ‘Router IP’ to the default gateway for this private network
[03:14] <harushimo> what does this mean? I'm not following
[03:14] <harushimo> Is it done when you use ifconfig?
[09:24] <speck84> Hiya all
[09:25] <speck84> I'm a student and I have never experiences the server version can somebody have a look on my assesment, and help me to decide can I use this service to comlite the scenario?
[09:26] <speck84> You are working as a network server engineer. You have been assigned a new project to design,
[09:26] <speck84> implement and support the network of a financial company which was established in 2014 in
[09:26] <speck84> London.
[09:26] <speck84> The company planning to use 60 client computers, two servers and four network printers, so that they
[09:26] <speck84> can meet the company requirements. They should have a capability of sharing the printers, files in
[09:26] <speck84> the file servers, and control all users according to the users needs and requirements, the company as
[09:26] <speck84> well need to include Remote access services for employees required to access documents remotely.
[09:26] <speck84> The company data should be treated on high level of security in terms of confidentiality and
[09:26] <speck84> availability. So, all the machines within the network should be up-to-date with the new patches and
[09:26] <speck84> service pack and latest security patches to avoid any security related issues. The company as well
[09:26] <speck84> forecasting an expansion in the foreseeable future and hence you have to put in mind the capability to
[09:26] <speck84> expand the network when needed (Scalability).
[09:26] <speck84> The IT manager of the company decided to use a private IP address Range of 172.16.0.0 /12 to be
[09:26] <speck84> distributed on all the network devices including the servers, workstation and printers, the network
[09:26] <speck84> manager specifically asked for the following criteria to be fulfilled (Software availability, Scalability,
[09:26] <speck84> maintainability and Technical support)
[09:26] <speck84> Thats the project and I just don't know th eubunutu server can handel this job?
[09:27] <speck84> My teacher sad it can not but I dont belive him
[09:31] <maxb> I see no reason why not, but the use of "service pack" in the problem definition suggests it was written by a Microsoft devotee
[09:36] <arcsky> anyone know a mangment tool for my ubuntu servers like windows SSCM ?
[09:38] <Sling> arcsky: http://www.ubuntu.com/server/management
[09:38] <maxb> Though, I can see that meeting that design brief with Ubuntu would require more up front work including probably writing some code
[13:14] <arcsky> Sling: i have landsacpe isnt so good
[13:18] <hackeron> hey, question - when I do dpkg -i ffmpeg_latest.deb - a package I created, dpkg says: downgrading ffmpeg from 7:2.5.6-0ubuntu0.15.04.1 to 20150507-git-1 -- why downgrading? - how do I make it think it is upgrading?
[13:19] <jpds> hackeron: Because the epoch 7 is greater than epoch of none.
[13:20] <jrwren> hackeron: what jpds said. the version number is less
[13:21] <jpds> hackeron: Do a version string like: 7:2.5.6-0ubuntu0.15.04.1+git20150507
[13:34] <hackeron> jpds: ah, ok, I changed the version to "999:20150507-git-1" :)
[13:35] <hackeron> or is that not very sensible? - I don't want to ubuntu to ever upgrade over this package
[13:35] <jpds> hackeron: Not really.
[13:36] <hackeron> jpds: what would you do to prevent this package from being upgraded?
[13:36] <OpenTokix> hackeron: read on apt-pinning
[13:36] <jpds> hackeron: Better to just set a sane version string and hold it with: apt-mark hold ffmpeg-latest
[13:36] <hackeron> ah, ok, thank you, reading up on it now
[13:55] <zul> hallyn:  ping libvirt ;)
[14:22] <jamespage> zul, juno nova is still not showing in proposed for utopic?
[14:22] <zul> erm....lemme look
[14:24] <hallyn> zul: oh, yeah, will set htat up thi safternoon.  url again?
[14:25] <zul> gimme a sec on the phone
[15:41] <hallyn> zul: (no worries, foudn it, setting up tests)
[15:48] <zul> hallyn:  sorry
[15:50] <hallyn> zul: i said no worries :-)
[16:14] <foxbuntu> hey all, hoping someone might have some help with NFSv4 client. I have an export from a NAS mounted to a Linux server and Windows server. The windows server is setup to map to the same UID/GID as the Linux one. I transfered some data from Windows to the NFS share but it is not visable on the Linux server, any thoughts?
[17:27] <thesheff17> anyone using snappy core? how does it handle people that use pip everywhere?  I'm guessing it doesn't.
[17:29] <Voyage>  I started openvpn by service openvpn start on ubuntu but its not starting up. No errors shown. How can i debug?
[17:32] <rsully> is the max open file descriptor limit still set to 1024 by default?
[17:42] <sarnold> thesheff17: you may wish to ask in #snappy -- I think the general idea though is you vendorize it all, you pip download all your deps, package them up, and ship them in one big blob
[17:43] <thesheff17> sarnold: cool yea I'm reading this doc http://www.wefearchange.org/2015/04/creating-python-snaps.html pretty sure this is what I want to do
[17:43] <sarnold> Voyage: check /var/log/. there's usually something logged when things don't work
[17:43] <sarnold> rsully: probably; the select() API isn't safe to use with more than 1024 descriptors, so raising the limit withut inspection is dangerous
[17:46] <rsully> sarnold is that limit per-user or system wide?
[17:46] <sarnold> rsully: per process
[17:46] <Voyage> sarnold  modprobe: ERROR: ../libkmod/libkmod.c:507 kmod_lookup_alias_from_builtin_file() could not open builtin file '/lib/modules/2.6.32-042stab106.4/modules.builtin.bin'
[17:47] <Voyage> run not enabled
[17:47] <Voyage> it was working fine before
[17:47] <sarnold> Voyage: 2.6.32?? what on earth...
[17:47] <Voyage> dont know..
[17:52] <Voyage> sarnold how can I enable tun
[18:01] <wiredfool> I've got a trusty server, headless, that's hanging on reboot waiting for plymoutn-show-splash.  It's one of thee that appear to be setup similarly, but it's the only one that's doing this.
[18:02] <wiredfool> an excerpt from the ps listing: http://pastebin.com/4puBZC1c
[18:02] <sarnold> wiredfool: I think you can uninstall plymouth withuot any real consequences.
[18:03] <wiredfool> There's a bunch of stuff that requires it
[18:04] <sarnold> oh :/
[18:04] <wiredfool> like openssh-server, linux-image-* ubuntu-minimal and ubuntu-standard
[18:09] <Onionnion> so this weekend I'm doing a mail server upgrade from 10.04 to 14.04 which also has FTP. For mail it uses postfix and has a couple web interfaces via Apache. Of course full system backups will be made prior, but can anyone think of any specific changes I should have a concern about when upgrading through to 12.04 then 14.04?
[18:12] <pmatulis> Onionnion: any special reason you need to continue to 14.04?
[18:13] <Onionnion> pmatulis, for the most part, to guarantee the longest support
[18:13] <Onionnion> without needing downtime for another major upgrade
[18:14] <sarnold> Onionnion: apache 2.4 in 14.04 LTS drastically changed the authentication and authorization interfaces; it'd be worth spending some time with those docs before you start
[18:15] <pmatulis> Onionnion: got it, but 12.04 is good for another 2 years.  anyway, there might be a grub problem going from 10.04 to 14.04.  while on 12.04 ensure grub2 is actually deployed on-disk (reboot and enter grub menu is a good way to check) b/c grub1 is not compatible with 14.04.  i have seen reports of unbootable 14.04 systems
[18:15] <Onionnion> sarnold, thank you
[18:16] <Onionnion> pmatulis, true, and there's been talks of moving the server from in-house to AWS, so going to 14.04 may not even be necessary when I think about it
[18:30] <wiredfool> sarnold: I've moved /etc/init/plymouth-shutdown.conf to /etc/init/disabled, and that's solved it.
[18:30] <wiredfool> (well that and ipmi chassis power cycling)
[18:36] <sarnold> wiredfool: ha! I like it. :)
[18:42] <wiredfool> And while I'm at it, when there are manually setup interfaces, networking hangs for 2 minutes waiting for them to be configured
[18:43] <wiredfool> e.g: br0 inet manual, br0:1 inet static
 like openssh-server, linux-image-* ubuntu-minimal and ubuntu-standard ← Only ubuntu-standard *recommends* plymouth, so it should be safe to remove
[18:49] <dasjoe> also, set your br0 to allow-hotplug instead of (allow-)auto
[18:50] <hallyn> zul: well, tests seemed to pass fine until nested kvm hung.  i thought qa-regression-tests didn't use kvm itself
[18:50] <zul> so +1?
[18:50] <wiredfool> dasjoe: thanks, I'll give that a shot
[18:51] <hallyn> zul: well i'm rebooting to see if i can easily commen tout the kvm test
[18:51] <hallyn> (rebooting my server should also fix it, but then i lose a lot of containers :)
[18:53] <zul> hallyn:  okies
[18:53] <zul> hallyn:  containers are suppose to be short lived ;)
[18:59] <smtp_not_working> Hi everyone, I'm having some trouble with smtp on an ubuntu+zimbra server
[18:59] <smtp_not_working> Basically, I can send e-mail from the web interface, but if I configure thunderbird it won't let me send any mail
[19:00] <smtp_not_working> It just pop up error with "4.3.0 temporary lookup error"
[19:00] <smtp_not_working> Can you give any hints on how to solve this?
[19:01] <sarnold> smtp_not_working: on whatever machine is running thunderbird, run "host <smtphostname>" for whatever you set the smtp hostname in thunderbird..
[19:02] <smtp_not_working> Thunderbird is running on a windows machine
[19:02] <sarnold> oh.
[19:02] <smtp_not_working> Do you think it's that machine problem and not the server?
[19:02] <sarnold> ping the hostname then? that should do a name lookup anyway..
[19:03] <smtp_not_working> The ping return the correct IP address (ping mail.domain.com)
[19:03] <smtp_not_working> Also, I can receive mail from thunderbird with that account
[19:03] <smtp_not_working> I just can't send them
[19:04] <sarnold> receive uses imap or pop, completely different protocol than sending
[19:04] <smtp_not_working> Yeah, right
[19:05] <smtp_not_working> I just don't know what to try
[19:05] <smtp_not_working> Or what to test
[19:05] <sarnold> ahh, 4.3.0 is coming from the smtpd server anyway. okay, then it's probably nothing to do with the thunderbird config or machine :)
[19:05] <smtp_not_working> Ok, so it's a server problem. Damn.
[19:06] <sarnold> smtp_not_working: well, good and bad.. good, in the sense that servers leave logfiles :) you might be able to spot the problem in the smtpd logs..
[19:06] <smtp_not_working> smtpd you say, I'll go check where that logfile is
[19:06] <sarnold> check /var/log/mail* or /var/log/syslog ..
[19:07] <smtp_not_working> In zimbra I usually check logs of /opt/zimbra/log/mailbox.log
[19:07] <smtp_not_working> But there's nothing there
[19:07] <smtp_not_working> Will check your two options
[19:07] <sarnold> I'm going to guess the mailbox.log is for local delivery or imap/pop rather than incoming ..
[19:11] <smtp_not_working> there's this strange message: May  8 20:50:50 mta postfix/smtpd[63956]: warning: non-null host address bits in "192.0.0.41/24", perhaps you should use "192.0.0.0/24" instead
[19:12] <smtp_not_working> 192.0.0.41 is the internal IP of the mail server
[19:12] <sarnold> was an ACL set along the lines of allow_from = 192.0.0.41/24 ?
[19:12] <smtp_not_working> I miss the meaning of ACL
[19:12] <sarnold> access control list
[19:13] <smtp_not_working> I've got that IP on my zimbraMtaMyNetworks
[19:14] <sarnold> I think it would be worth changing that variable to 192.0.0.0/24 -- but it's just logged as a warning. it's probably not relevant to the problem at hand.
[19:15] <aitiba> i
[19:15] <sarnold> normally when you use CIDR notation to refer to a network, the bits that specify hosts _within_ the network should be zero; at least for /8 /16 and /24 networks that's easy, it's just having zeros in the last quads, but for other networks it requires math :)
[19:15] <aitiba> doing a "lxc exec d1 -- /bin/bash" I get "websocket: bad handshake" error ¿any ideas?
[19:17] <sarnold> aitiba: any errors from lxc list?
[19:18] <aitiba> no
[19:18] <sarnold> aitiba: how about lxc info d1 ?
[19:18] <aitiba> RUNNING with ip
[19:18] <smtp_not_working> There's something here: May  8 20:29:14 mta postfix/smtpd[54048]: NOQUEUE: reject: MAIL from unknown[$MYTHUNDRBIRDIP]: 451 4.3.0 Temporary lookup error; proto=ESMTP helo=<[$MYTHUNDRBIRDIP]>
[19:19] <aitiba> sarnold: all ok
[19:19] <aitiba> on info too
[19:20] <sarnold> stgraber: aitiba has a problem that's beyond me :) ^^^
[19:22] <aitiba> sarnold: thanks for try
[19:22] <sarnold> aitiba: stick around.. when he returns he might know :)
[19:23] <sarnold> smtp_not_working: stackoverflow has a few similar questions and twice the answer was to build an aliases table. it seems unrelated to me but I'm really not a postfix expert.
[19:24] <smtp_not_working> I also found this: http://www.unix.com/ubuntu/250558-noqueue-reject-relay-access-denied-postfix.html
[19:24] <smtp_not_working> So I'm checking my main.cf config
[19:24] <stgraber> aitiba: bad handshake is usually a sign that your source and target LXDs are not running the same version
[19:24] <smtp_not_working> Am I wasting my time?
[19:24] <stgraber> aitiba: we unfortunately had to push a change (I believe in 0.8) which changed the websocket protocol a tiny bit, resulting in that error
[19:25] <stgraber> aitiba: we usually try not to do things like that, but well, that's why we're not calling it production ready yet, our API isn't entirely set in stone yet.
[19:26] <aitiba> stgraber: we  use lxc 0.7
[19:28] <TheEternalAbyss> hi can someone help me with apache2 issues on my ubuntu server? I keep getting an error when trying to restart it and I can't seem to solve it. Keeps saying [Fri May 08 19:20:37.962625 2015] [ssl:emerg] [pid 9134] SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[19:29] <aitiba> so what you say in on lxc version 0.8 and up right? stgraber
[19:30] <TheEternalAbyss> I don't know why it keeps saying that as I took out any reference to a .key file in my conf, yet it keeps trying to check it
[19:30] <TheEternalAbyss> so I am very confused here
[19:31] <aitiba> lxd 0.8.1 ...
[19:40] <stgraber> aitiba: should work fine if you have 0.7 exclusively everywhere (all servers and all clients) but that error suggests your client is running something more recent than 0.7
[19:40] <TheEternalAbyss> nevermind got it working
[19:51] <ciscam> Hi! Can automatic security updates break a production apache server?
[19:52] <sarnold> ciscam: it's always possible, but we try hard to avoid regressions
[19:54] <ciscam> sarnold, Okay, so I'll enable it and be sure to be always awake on patch day. Was just wondering on what the conventional setting is
[19:55] <sarnold> ciscam: we don't really have a "patch day"..
[19:56] <ciscam> I'm building a new webserver infrastructure from scratch and want to be sure to follow the ubuntu way
[19:56] <ciscam> It's supposed to become the sandbox
[19:58] <ciscam> I guess enabling automatic system updates is the way to go then
[19:59] <sarnold> one less thing to think about :)
[20:10] <ciscam> Is it desirable to modularize apache/php and mysql in such an environment?
[20:15] <bekks> the LAMP stack is modularized already.
[20:17] <ciscam> bekks, thanks for the info. I understand that putting each into an individual VM would be nonsense then
[20:18] <bekks> ciscam: It is nonsense, because you cant separate apache and php.
[20:31] <toothe> Hi! When I ssh in, I don't see a message that says "You have X packages that need to be updated" How do I set that as my motd?
[20:58] <rattking> does anyone here know much about aide?
[21:15] <hallyn> 18:53 < zul> hallyn:  containers are suppose to be short lived ;)
[21:15] <hallyn> that's conflating cloud and containers :)
[21:37] <hallyn> zul: groan.  kvm locked up again.  going to try in a container
[22:18] <toothe> Hi! When I ssh in, I don't see a message that says "You have X packages that need to be updated" How do I set that as my motd?
[22:20] <sarnold> toothe: that's managed by update-motd -- see the update-motd manpage, the pam_motd manpage, and /etc/update-motd.d/
[22:22] <genii> sarnold: Interestingly, dpkg -S on any files in /etc/update-motd.d/   do not resolve to a package
[22:24] <sarnold> genii: dpkg -S reports files there owned by base-files update-notifier-common ubuntu-release-upgrader-core  for me
[22:25] <genii> Interesting, not here. But it may be because I continuously upgraded from 12.04 to current 14.10
[22:26] <sarnold> genii: could be; this is 14.04 LTS
[22:30] <toothe> i think i have to update /etc/issue.net
[22:30] <toothe> but...I don't know how..
[22:34] <genii> toothe: What's wrong with it?