=== Lcawte is now known as Lcawte|Away
=== markthomas is now known as markthomas|away
[01:29] <tyler_wylie> hallo anyone up
[01:29] <Patrickdk> !ask
[01:29] <ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
[01:30] <tyler_wylie> rattking or sarnold you guys got a few to chat about fai? first server worked fine, following ones are failing nfs mount (can't parse ip addr '')
=== zz_DenBeiren is now known as DenBeiren
[03:13] <harushimo> question about maas
[03:14] <harushimo> Set the ‘Router IP’ to the default gateway for this private network
[03:14] <harushimo> what does this mean? I'm not following
[03:14] <harushimo> Is it done when you use ifconfig?
=== Lcawte|Away is now known as Lcawte
=== markthomas|away is now known as markthomas
=== CiPi is now known as cipi
=== spinza_ is now known as spinza
[09:24] <speck84> Hiya all
[09:25] <speck84> I'm a student and I have never experiences the server version can somebody have a look on my assesment, and help me to decide can I use this service to comlite the scenario?
[09:26] <speck84> You are working as a network server engineer. You have been assigned a new project to design,
[09:26] <speck84> implement and support the network of a financial company which was established in 2014 in
[09:26] <speck84> London.
[09:26] <speck84> The company planning to use 60 client computers, two servers and four network printers, so that they
[09:26] <speck84> can meet the company requirements. They should have a capability of sharing the printers, files in
[09:26] <speck84> the file servers, and control all users according to the users needs and requirements, the company as
[09:26] <speck84> well need to include Remote access services for employees required to access documents remotely.
[09:26] <speck84> The company data should be treated on high level of security in terms of confidentiality and
[09:26] <speck84> availability. So, all the machines within the network should be up-to-date with the new patches and
[09:26] <speck84> service pack and latest security patches to avoid any security related issues. The company as well
[09:26] <speck84> forecasting an expansion in the foreseeable future and hence you have to put in mind the capability to
[09:26] <speck84> expand the network when needed (Scalability).
[09:26] <speck84> The IT manager of the company decided to use a private IP address Range of 172.16.0.0 /12 to be
[09:26] <speck84> distributed on all the network devices including the servers, workstation and printers, the network
[09:26] <speck84> manager specifically asked for the following criteria to be fulfilled (Software availability, Scalability,
[09:26] <speck84> maintainability and Technical support)
[09:26] <speck84> Thats the project and I just don't know th eubunutu server can handel this job?
[09:27] <speck84> My teacher sad it can not but I dont belive him
[09:31] <maxb> I see no reason why not, but the use of "service pack" in the problem definition suggests it was written by a Microsoft devotee
[09:36] <arcsky> anyone know a mangment tool for my ubuntu servers like windows SSCM ?
[09:38] <Sling> arcsky: http://www.ubuntu.com/server/management
[09:38] <maxb> Though, I can see that meeting that design brief with Ubuntu would require more up front work including probably writing some code
=== CripperZ` is now known as CripperZ-
=== chmurifree is now known as chmuri
=== Lartza_ is now known as Lartza
=== Lcawte is now known as Lcawte|Away
=== Lcawte|Away is now known as Lcawte
=== Lcawte is now known as Lcawte|Away
=== Exagone313_ is now known as Exagone313
=== CripperZ- is now known as cripperz
=== unreal_ is now known as unreal
[13:14] <arcsky> Sling: i have landsacpe isnt so good
[13:18] <hackeron> hey, question - when I do dpkg -i ffmpeg_latest.deb - a package I created, dpkg says: downgrading ffmpeg from 7:2.5.6-0ubuntu0.15.04.1 to 20150507-git-1 -- why downgrading? - how do I make it think it is upgrading?
[13:19] <jpds> hackeron: Because the epoch 7 is greater than epoch of none.
[13:20] <jrwren> hackeron: what jpds said. the version number is less
[13:21] <jpds> hackeron: Do a version string like: 7:2.5.6-0ubuntu0.15.04.1+git20150507
[13:34] <hackeron> jpds: ah, ok, I changed the version to "999:20150507-git-1" :)
[13:35] <hackeron> or is that not very sensible? - I don't want to ubuntu to ever upgrade over this package
[13:35] <jpds> hackeron: Not really.
[13:36] <hackeron> jpds: what would you do to prevent this package from being upgraded?
[13:36] <OpenTokix> hackeron: read on apt-pinning
[13:36] <jpds> hackeron: Better to just set a sane version string and hold it with: apt-mark hold ffmpeg-latest
[13:36] <hackeron> ah, ok, thank you, reading up on it now
[13:55] <zul> hallyn:  ping libvirt ;)
=== cripperz is now known as CripperZ-
[14:22] <jamespage> zul, juno nova is still not showing in proposed for utopic?
[14:22] <zul> erm....lemme look
[14:24] <hallyn> zul: oh, yeah, will set htat up thi safternoon.  url again?
[14:25] <zul> gimme a sec on the phone
[15:41] <hallyn> zul: (no worries, foudn it, setting up tests)
[15:48] <zul> hallyn:  sorry
[15:50] <hallyn> zul: i said no worries :-)
[16:14] <foxbuntu> hey all, hoping someone might have some help with NFSv4 client. I have an export from a NAS mounted to a Linux server and Windows server. The windows server is setup to map to the same UID/GID as the Linux one. I transfered some data from Windows to the NFS share but it is not visable on the Linux server, any thoughts?
=== cipi is now known as CiPi
=== CiPi is now known as cipi
=== _Jeepbeat is now known as Jeepbeats
=== JanC_ is now known as JanC
[17:27] <thesheff17> anyone using snappy core? how does it handle people that use pip everywhere?  I'm guessing it doesn't.
[17:29] <Voyage>  I started openvpn by service openvpn start on ubuntu but its not starting up. No errors shown. How can i debug?
[17:32] <rsully> is the max open file descriptor limit still set to 1024 by default?
[17:42] <sarnold> thesheff17: you may wish to ask in #snappy -- I think the general idea though is you vendorize it all, you pip download all your deps, package them up, and ship them in one big blob
[17:43] <thesheff17> sarnold: cool yea I'm reading this doc http://www.wefearchange.org/2015/04/creating-python-snaps.html pretty sure this is what I want to do
[17:43] <sarnold> Voyage: check /var/log/. there's usually something logged when things don't work
[17:43] <sarnold> rsully: probably; the select() API isn't safe to use with more than 1024 descriptors, so raising the limit withut inspection is dangerous
[17:46] <rsully> sarnold is that limit per-user or system wide?
[17:46] <sarnold> rsully: per process
[17:46] <Voyage> sarnold  modprobe: ERROR: ../libkmod/libkmod.c:507 kmod_lookup_alias_from_builtin_file() could not open builtin file '/lib/modules/2.6.32-042stab106.4/modules.builtin.bin'
[17:47] <Voyage> run not enabled
[17:47] <Voyage> it was working fine before
[17:47] <sarnold> Voyage: 2.6.32?? what on earth...
[17:47] <Voyage> dont know..
[17:52] <Voyage> sarnold how can I enable tun
[18:01] <wiredfool> I've got a trusty server, headless, that's hanging on reboot waiting for plymoutn-show-splash.  It's one of thee that appear to be setup similarly, but it's the only one that's doing this.
[18:02] <wiredfool> an excerpt from the ps listing: http://pastebin.com/4puBZC1c
[18:02] <sarnold> wiredfool: I think you can uninstall plymouth withuot any real consequences.
[18:03] <wiredfool> There's a bunch of stuff that requires it
[18:04] <sarnold> oh :/
[18:04] <wiredfool> like openssh-server, linux-image-* ubuntu-minimal and ubuntu-standard
[18:09] <Onionnion> so this weekend I'm doing a mail server upgrade from 10.04 to 14.04 which also has FTP. For mail it uses postfix and has a couple web interfaces via Apache. Of course full system backups will be made prior, but can anyone think of any specific changes I should have a concern about when upgrading through to 12.04 then 14.04?
[18:12] <pmatulis> Onionnion: any special reason you need to continue to 14.04?
[18:13] <Onionnion> pmatulis, for the most part, to guarantee the longest support
[18:13] <Onionnion> without needing downtime for another major upgrade
[18:14] <sarnold> Onionnion: apache 2.4 in 14.04 LTS drastically changed the authentication and authorization interfaces; it'd be worth spending some time with those docs before you start
[18:15] <pmatulis> Onionnion: got it, but 12.04 is good for another 2 years.  anyway, there might be a grub problem going from 10.04 to 14.04.  while on 12.04 ensure grub2 is actually deployed on-disk (reboot and enter grub menu is a good way to check) b/c grub1 is not compatible with 14.04.  i have seen reports of unbootable 14.04 systems
[18:15] <Onionnion> sarnold, thank you
[18:16] <Onionnion> pmatulis, true, and there's been talks of moving the server from in-house to AWS, so going to 14.04 may not even be necessary when I think about it
[18:30] <wiredfool> sarnold: I've moved /etc/init/plymouth-shutdown.conf to /etc/init/disabled, and that's solved it.
[18:30] <wiredfool> (well that and ipmi chassis power cycling)
[18:36] <sarnold> wiredfool: ha! I like it. :)
[18:42] <wiredfool> And while I'm at it, when there are manually setup interfaces, networking hangs for 2 minutes waiting for them to be configured
[18:43] <wiredfool> e.g: br0 inet manual, br0:1 inet static
[18:49] <dasjoe> <wiredfool> like openssh-server, linux-image-* ubuntu-minimal and ubuntu-standard ← Only ubuntu-standard *recommends* plymouth, so it should be safe to remove
[18:49] <dasjoe> also, set your br0 to allow-hotplug instead of (allow-)auto
[18:50] <hallyn> zul: well, tests seemed to pass fine until nested kvm hung.  i thought qa-regression-tests didn't use kvm itself
[18:50] <zul> so +1?
[18:50] <wiredfool> dasjoe: thanks, I'll give that a shot
[18:51] <hallyn> zul: well i'm rebooting to see if i can easily commen tout the kvm test
[18:51] <hallyn> (rebooting my server should also fix it, but then i lose a lot of containers :)
[18:53] <zul> hallyn:  okies
[18:53] <zul> hallyn:  containers are suppose to be short lived ;)
[18:59] <smtp_not_working> Hi everyone, I'm having some trouble with smtp on an ubuntu+zimbra server
[18:59] <smtp_not_working> Basically, I can send e-mail from the web interface, but if I configure thunderbird it won't let me send any mail
[19:00] <smtp_not_working> It just pop up error with "4.3.0 temporary lookup error"
[19:00] <smtp_not_working> Can you give any hints on how to solve this?
[19:01] <sarnold> smtp_not_working: on whatever machine is running thunderbird, run "host <smtphostname>" for whatever you set the smtp hostname in thunderbird..
[19:02] <smtp_not_working> Thunderbird is running on a windows machine
[19:02] <sarnold> oh.
[19:02] <smtp_not_working> Do you think it's that machine problem and not the server?
[19:02] <sarnold> ping the hostname then? that should do a name lookup anyway..
[19:03] <smtp_not_working> The ping return the correct IP address (ping mail.domain.com)
[19:03] <smtp_not_working> Also, I can receive mail from thunderbird with that account
[19:03] <smtp_not_working> I just can't send them
[19:04] <sarnold> receive uses imap or pop, completely different protocol than sending
[19:04] <smtp_not_working> Yeah, right
[19:05] <smtp_not_working> I just don't know what to try
[19:05] <smtp_not_working> Or what to test
[19:05] <sarnold> ahh, 4.3.0 is coming from the smtpd server anyway. okay, then it's probably nothing to do with the thunderbird config or machine :)
[19:05] <smtp_not_working> Ok, so it's a server problem. Damn.
[19:06] <sarnold> smtp_not_working: well, good and bad.. good, in the sense that servers leave logfiles :) you might be able to spot the problem in the smtpd logs..
[19:06] <smtp_not_working> smtpd you say, I'll go check where that logfile is
[19:06] <sarnold> check /var/log/mail* or /var/log/syslog ..
[19:07] <smtp_not_working> In zimbra I usually check logs of /opt/zimbra/log/mailbox.log
[19:07] <smtp_not_working> But there's nothing there
[19:07] <smtp_not_working> Will check your two options
[19:07] <sarnold> I'm going to guess the mailbox.log is for local delivery or imap/pop rather than incoming ..
=== cipi is now known as CiPi
[19:11] <smtp_not_working> there's this strange message: May  8 20:50:50 mta postfix/smtpd[63956]: warning: non-null host address bits in "192.0.0.41/24", perhaps you should use "192.0.0.0/24" instead
[19:12] <smtp_not_working> 192.0.0.41 is the internal IP of the mail server
[19:12] <sarnold> was an ACL set along the lines of allow_from = 192.0.0.41/24 ?
[19:12] <smtp_not_working> I miss the meaning of ACL
[19:12] <sarnold> access control list
[19:13] <smtp_not_working> I've got that IP on my zimbraMtaMyNetworks
[19:14] <sarnold> I think it would be worth changing that variable to 192.0.0.0/24 -- but it's just logged as a warning. it's probably not relevant to the problem at hand.
[19:15] <aitiba> i
[19:15] <sarnold> normally when you use CIDR notation to refer to a network, the bits that specify hosts _within_ the network should be zero; at least for /8 /16 and /24 networks that's easy, it's just having zeros in the last quads, but for other networks it requires math :)
[19:15] <aitiba> doing a "lxc exec d1 -- /bin/bash" I get "websocket: bad handshake" error ¿any ideas?
[19:17] <sarnold> aitiba: any errors from lxc list?
[19:18] <aitiba> no
[19:18] <sarnold> aitiba: how about lxc info d1 ?
[19:18] <aitiba> RUNNING with ip
[19:18] <smtp_not_working> There's something here: May  8 20:29:14 mta postfix/smtpd[54048]: NOQUEUE: reject: MAIL from unknown[$MYTHUNDRBIRDIP]: 451 4.3.0 Temporary lookup error; proto=ESMTP helo=<[$MYTHUNDRBIRDIP]>
[19:19] <aitiba> sarnold: all ok
[19:19] <aitiba> on info too
[19:20] <sarnold> stgraber: aitiba has a problem that's beyond me :) ^^^
[19:22] <aitiba> sarnold: thanks for try
[19:22] <sarnold> aitiba: stick around.. when he returns he might know :)
[19:23] <sarnold> smtp_not_working: stackoverflow has a few similar questions and twice the answer was to build an aliases table. it seems unrelated to me but I'm really not a postfix expert.
[19:24] <smtp_not_working> I also found this: http://www.unix.com/ubuntu/250558-noqueue-reject-relay-access-denied-postfix.html
[19:24] <smtp_not_working> So I'm checking my main.cf config
[19:24] <stgraber> aitiba: bad handshake is usually a sign that your source and target LXDs are not running the same version
[19:24] <smtp_not_working> Am I wasting my time?
[19:24] <stgraber> aitiba: we unfortunately had to push a change (I believe in 0.8) which changed the websocket protocol a tiny bit, resulting in that error
[19:25] <stgraber> aitiba: we usually try not to do things like that, but well, that's why we're not calling it production ready yet, our API isn't entirely set in stone yet.
[19:26] <aitiba> stgraber: we  use lxc 0.7
[19:28] <TheEternalAbyss> hi can someone help me with apache2 issues on my ubuntu server? I keep getting an error when trying to restart it and I can't seem to solve it. Keeps saying [Fri May 08 19:20:37.962625 2015] [ssl:emerg] [pid 9134] SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
[19:29] <aitiba> so what you say in on lxc version 0.8 and up right? stgraber
[19:30] <TheEternalAbyss> I don't know why it keeps saying that as I took out any reference to a .key file in my conf, yet it keeps trying to check it
[19:30] <TheEternalAbyss> so I am very confused here
[19:31] <aitiba> lxd 0.8.1 ...
[19:40] <stgraber> aitiba: should work fine if you have 0.7 exclusively everywhere (all servers and all clients) but that error suggests your client is running something more recent than 0.7
[19:40] <TheEternalAbyss> nevermind got it working
[19:51] <ciscam> Hi! Can automatic security updates break a production apache server?
[19:52] <sarnold> ciscam: it's always possible, but we try hard to avoid regressions
[19:54] <ciscam> sarnold, Okay, so I'll enable it and be sure to be always awake on patch day. Was just wondering on what the conventional setting is
[19:55] <sarnold> ciscam: we don't really have a "patch day"..
[19:56] <ciscam> I'm building a new webserver infrastructure from scratch and want to be sure to follow the ubuntu way
[19:56] <ciscam> It's supposed to become the sandbox
[19:58] <ciscam> I guess enabling automatic system updates is the way to go then
[19:59] <sarnold> one less thing to think about :)
=== cryptodan is now known as cryptodan_laptop
[20:10] <ciscam> Is it desirable to modularize apache/php and mysql in such an environment?
[20:15] <bekks> the LAMP stack is modularized already.
[20:17] <ciscam> bekks, thanks for the info. I understand that putting each into an individual VM would be nonsense then
[20:18] <bekks> ciscam: It is nonsense, because you cant separate apache and php.
[20:31] <toothe> Hi! When I ssh in, I don't see a message that says "You have X packages that need to be updated" How do I set that as my motd?
[20:58] <rattking> does anyone here know much about aide?
[21:15] <hallyn> 18:53 < zul> hallyn:  containers are suppose to be short lived ;)
[21:15] <hallyn> that's conflating cloud and containers :)
=== markthomas is now known as markthomas|away
[21:37] <hallyn> zul: groan.  kvm locked up again.  going to try in a container
=== Lingo is now known as irondev
=== markthomas|away is now known as markthomas
[22:18] <toothe> Hi! When I ssh in, I don't see a message that says "You have X packages that need to be updated" How do I set that as my motd?
[22:20] <sarnold> toothe: that's managed by update-motd -- see the update-motd manpage, the pam_motd manpage, and /etc/update-motd.d/
[22:22] <genii> sarnold: Interestingly, dpkg -S on any files in /etc/update-motd.d/   do not resolve to a package
[22:24] <sarnold> genii: dpkg -S reports files there owned by base-files update-notifier-common ubuntu-release-upgrader-core  for me
[22:25] <genii> Interesting, not here. But it may be because I continuously upgraded from 12.04 to current 14.10
[22:26] <sarnold> genii: could be; this is 14.04 LTS
[22:30] <toothe> i think i have to update /etc/issue.net
[22:30] <toothe> but...I don't know how..
[22:34] <genii> toothe: What's wrong with it?