=== zz_DenBeiren is now known as DenBeiren
=== markthomas|away is now known as markthomas
=== markthomas|away is now known as markthomas
=== zz_DenBeiren is now known as DenBeiren
=== markthomas|away is now known as markthomas
=== markthomas|away is now known as markthomas
=== CripperZ- is now known as cripperz
=== markthomas|away is now known as markthomas
=== markthomas|away is now known as markthomas
=== markthomas|away is now known as markthomas
[02:48] <Onionnion> Do some backup managers just use existing utilities like tar or dump in the background?
=== cripperz is now known as CripperZ`
[04:33] <Onionnion> I just ran an upgrade from 10.04 to 12.04
[04:33] <Onionnion> and most things seemed to migrate smoothly
[04:33] <Onionnion> but it seems something SSL broke with mail
[04:33] <Onionnion> mail dovecot: imap-login: Error: Timeout waiting for handshake from auth server.
[04:34] <Onionnion> I get a lot of errors like this in /var/log/mail.err
=== markthomas is now known as markthomas|away
[05:15] <squisher> Onionnion, so this is just a guess, but maybe 10.04 doesn't have the updates that disable sslv3, and 12.04 has? Though I don't recall explicitly setting ssl params in the dovecot config
[05:16] <Onionnion> squisher, I think I found the problem
[05:16] <Onionnion> seems to be postfix configuration
[05:16] <Onionnion> changed smtpd settings
[05:16] <Onionnion> like smtpd_use_pw_server=yes
[06:41] <hadifarnoud> how can I find out my nginx is 64bit or not?
[06:58] <cluelessperson> hey guys sshd is showing ServerKeyBits 1024
[06:58] <cluelessperson>     if I up this to 2048, will I have to change my user key files?
[07:07] <andol> cluelessperson: Note that ServerKeyBits only affects the ssh protocol v1, which you hopefully aren't using.
[07:07] <cluelessperson> andol, ah
[07:07] <cluelessperson> I've just noticed with owncloud, but confirmed with SFTP.  I'm having very slow network file transfer speeds for a gigabit connection
[07:08] <Sling> so, in /etc/network/interfaces, an 'up /root/script.sh' action will still bring the interface up if the script doesn't return 1, but 'post-up /root/script.sh' doesn't ?
[07:08] <cluelessperson> I'm seeing 4.5MiB/s tops on a gigabit connection.  I've tested to WIFI laptop, GB LAN Desktop, and over WEB.
[07:09] <Sling> cluelessperson: don't test over the web or over wifi, what results did you get with testing a local wired connection to another gigabit host?
[07:10] <Sling> also how is it connected? what kind of cables, what kind of network device(s)
[07:10] <Sling> and how are you testing the speed
[07:10] <cluelessperson> Sling, The same.  4.5MiB for them all.   I just transfered a large file and watched the speeds.  they all topped at the same 4.5 MiB/s
[07:11] <cluelessperson> Sling, Owncloud (PHP/apache/HTTPS)   and SFTP.
[07:11] <cluelessperson> Sling, ubuntu is reporting full duplex GB link
=== soren_ is now known as soren
=== koolhead_ is now known as koolhead17
=== ashleyd is now known as ashd
[09:12] <YamakasY> holy mow, I think there was some ubuntu security issue ? all my servers got load while being upgraded
[09:27] <YamakasY> how are you guys managing removing old kernels using puppet ? my /boot gets filled up because there is no autoremove
[09:43] <Basz0r> YamakasY: Why is there no autoremove? You can easily build a cron script to autoremove old kernels, and deploy that with Puppet to your Ubuntu servers
[09:46] <YamakasY> Basz0r: yes I think I need some exext
[09:46] <YamakasY> *exec
[09:48] <Basz0r> YamakasY: You can use the onlyif parameter in combination with a command, that executes apt-get autoremove and counts the amount of old kernels available to remove. That command has to return an 0 ofcourse
[09:49] <Basz0r> But it's better to not automate that kind of tasks
[09:50] <YamakasY> Basz0r: on 300 servers you want to automate that
[09:51] <Basz0r> Are you monitoring all these servers on their disk usage?
[09:52] <JanC> YamakasY: you might want to delay autoremove until after you're sure the new kernel works well though
[09:52] <YamakasY> JanC: I need some reboot indeed
[09:53] <JanC> and problems might only show up after some time
[09:53] <YamakasY> mhh this kinda sucks
[09:54] <Basz0r> My opinion is that it's better to remove old kernels in your update plan
[10:04] <YamakasY> Basz0r: erm my puppet updates my servers
[10:05] <Sling> the unattended-upgrades has an option to also run apt-get autoremove
[10:06] <Sling> +package
[10:09] <YamakasY> Sling: it does but that doesn't seem to work
[10:09] <YamakasY> at least not for kernels
[10:16] <Sling> oh
[10:18] <jpds> YamakasY: /etc/apt/apt.conf.d/01autoremove
[10:22] <YamakasY> jpds: yes looking in there but what do I need to set there ? my kernels file only holds the last 2
[10:22] <YamakasY> + running
[10:25] <YamakasY> jpds: I only have linux-firmware there and the opposite of that one
[10:26] <jpds> YamakasY: Actually, your issue is that autoremove will only remove old kernels, once the new one is installed.
[10:26] <YamakasY> jpds: yes but even than, it always fills my /boot up to 100%
[10:26] <YamakasY> so even with a new install...
[10:27] <jpds> YamakasY: Get a bigger /boot ?
[10:27] <jpds> Random server of mine I picked, three kernels installed: /dev/vda1                    453M  110M  316M  26% /boot
[10:29] <YamakasY> jpds: my /boot is 250M
[10:29] <YamakasY> so large enough
[10:29]  * jpds runs autoremove, down to two kernels; /dev/vda1                    453M   76M  350M  18% /boot
[10:30] <YamakasY> with my autoremove there are removed 5 kernels
[10:30] <YamakasY> so, soemthing is not OK
[10:30] <YamakasY> I need to pee, brb
[10:32] <Sling> on recent servers I always take at least 500M for /boot
[10:32] <Sling> 250M is tight
[10:33] <YamakasY> is it ?
[10:33] <YamakasY> mhh never had issues with it
[10:33] <YamakasY> I use only 3 kernels max
[10:34] <jpds> YamakasY: So, what you're having right now, isn't an issue?
[10:35] <YamakasY> jpds: it doesn't autoremove
[10:35] <jpds> But yeah, I always go for 512M.
[10:36] <YamakasY> jpds: even than it would fill up
[10:37] <YamakasY> jpds: what do you have in 01autoremove
[10:37] <jpds> YamakasY: The default.
[10:38] <YamakasY> jpds: which is?
[10:39] <devster31> is clamav worth it on a single remote server? it's quite powerful, so no problem with resources, but I still wonder if it's necessary
[10:39] <jpds> devster31: Is it sending emails to people running Windows?
[10:39] <devster31> no mails, but I download a lot of stuff
[10:40] <jpds> devster31: Are you running Windows anywhere?
[10:40] <devster31> yep, at home
[10:41] <YamakasY> jpds: pastebin ?
[10:41] <jpds> YamakasY: I have the default, haven't changed it.
[10:42] <jpds> devster31: Then yeah, might be worth it.
=== Lcawte|Away is now known as Lcawte
[10:49] <YamakasY> jpds: and when does the kernel be removed ?
[10:50] <jpds> YamakasY: When I install a new one, and run "apt-get autoremove --purge".
[10:58] <YamakasY> jpds: yes ok, but that autoremove should be done in my puppet run actually, I think I need to exec it
[11:02] <YamakasY> jpds: you are puppetizing your servers ?
[11:02] <jpds> YamakasY: They already are.
[11:06] <YamakasY> jpds: already are ? I mean... you puppetize them once and never again ?
[11:07] <YamakasY> jpds: I ask you if your kernel removals are done in your puppet run
[11:12] <psivaa> matsubara: hey, would you mind taking a look at https://code.launchpad.net/~psivaa/ubuntu-test-cases/lvm-grub-preseed-fix/+merge/258620 for https://bugs.launchpad.net/ubuntu-test-cases/+bug/1443999 please.
[11:13] <psivaa> i've disabled the lvm and multi-lvm server installation tests for now, since they hang on installation and occupies the jenkins executors for quite a long time. this is delaying the other tests being run
[11:14] <matsubara> psivaa, I see. I'll take a look and reply in the MP. Thanks for the fix!
[11:14] <psivaa> matsubara: ack, thanks
=== rbanffy_ is now known as rbanffy
[14:05] <fidothe> is anyone else experiencing timeouts from all the Ubuntu Apt mirrors in eu-central-1? Our machines are working their way through the IP addresses in the sources conf and none of them are responding...
[14:12] <OpenTokix> eu-central-1? Whats is that?
[14:17] <fidothe> OpenTokix: AWS's Frankfurt region
[14:18] <fidothe> basically, no apt-get update / install seems to be working in an entire AWS region at the moment - the Ubuntu base AMI use the mirrors for everything except security
[14:23] <OpenTokix> fidothe: ok
[14:26] <pmatulis> fidothe: following up.  lemme know of any changes
[14:26] <fidothe> pmatulis: will do
[14:27] <pmatulis> fidothe: can you pastebin your sources.list ?
[14:28] <pmatulis> fidothe: better yet, output to 'apt update'
[14:30] <fidothe> pmatulis: apt-get update output http://pastebin.com/91V6JKyX
[14:32] <fidothe> pmatulis: my sources.list http://pastebin.com/eJD5GWee [this is the default cloud init generated sources.list - it's a vanilla Ubuntu EC2 AMI launched machine which has not yet been configured]
[14:33] <pmatulis> fidothe: thanks
[14:34] <fidothe> pmatulis: eu-central-1b.clouds.archive.ubuntu.com has 8 IP addresses, and apt-get is just working its way through them one after the other, presumably after whatever the default timeout is
[14:34] <fidothe> the IP address in that last line of output changes every few minutes
[14:35] <pmatulis> fidothe: i only get one IP for that name
[14:36] <pmatulis> 91.189.92.201
[14:36] <fidothe> pmatulis: are you hitting it from a machine inside eu-central-1?
[14:36] <pmatulis> fidothe: no
[14:36] <fidothe> that's why
[14:36] <pmatulis> ok
[14:37] <fidothe> that IP address isn't one of the 8 i get: http://pastebin.com/YR9X40iQ
[14:37] <fidothe> if your instance is in eu-central-1a you get a different list...
[14:37] <fidothe> sorry, different domain name
[14:39] <fidothe> i'm spinning up an instance in eu-central-1a to see if there's anything different going on there
[14:41] <ozanhazer> hi... LINES and COLUMNS env. variables are not passed to the lxc container which is (probably) causing screen to be scrambled
[14:41] <ozanhazer> any idea what might be the reason for it or what keywords should I search for to investigate the issue?
[14:42] <ozanhazer> (I'm using iTerm2 b the way)
[14:43] <fidothe> pmatulis: well, eu-central-1a's list of IP addresses is the same as eu-central-1b's
[14:47] <fidothe> pmatulis: okay, so only one of the IP addresses, 91.189.92.176, responds to `host` with a reverse DNS name - that points to cursa.canonical.com
[14:48] <fidothe> and if i use that in my /etc/apt/sources.list I get resolution and (very slow) updating - around 120KBps
[14:48] <fidothe> (i.e. 1.2Mbps)
[14:49] <fidothe> as opposed to the 20-40 Mbps I normally get from the EC2 mirrors
[14:55] <pmatulis> fidothe: i believe some DNS update was made.  please try again in 15 and report back
[14:56] <fidothe> pmatulis: will do
[14:56] <fidothe> and thanks for the help :-)
[15:00] <jacekn> fidothe: TTL was only 60s so if you could try again that would be great
[15:19] <bresk> Hi. I use apache2 and dav_fs for webdav. My webdav share is /var/www/webdav
[15:20] <bresk> I ran sudo chown -R www-data:www-data /var/www/webdav
[15:20] <bresk> and sudo chmod 755 -R /var/www/webdav
[15:20] <bresk> Is this configuration secure? My users will upload files and folders, I want to mitigate possible exploits, what should I do?
[15:26] <pmatulis> fidothe: ?
[15:27] <fidothe> pmatulis, jacekn: yup, all seems good now
[15:27] <pmatulis> fidothe: wonderful, thanks for helping
[15:27] <fidothe> pmatulis: thank you guys for fixing it :-)
[15:31] <fidothe> pmatulis: although i can't help noticing that those IP addresses aren't in AWS' published ranges for eu-central-1. I thought the EC2 mirrors were S3 based...
=== markthomas|away is now known as markthomas
[16:06] <designbybeck> Has anyone used TeamPass on Ubuntu Server?
[18:05] <maddawg2> hey guys.. need some quick help.... I recently installed ubuntu server 14.04 and because I was using a proxy server on the network i was on during the install i set the proxy server
[18:05] <maddawg2> however now i moved it to a network without proxy server and i cant get rid of it
[18:06] <maddawg2> unset http_proxy doesnt work
[18:06] <maddawg2> i'm not sure how the installer sets the proxy server
[18:22] <pmatulis> maddawg2: grep /etc for _proxy
[18:25] <Psyclops> ahoihoi
[18:27] <Psyclops> some freeradius pros over here?
[18:27] <sarnold> maddawg2: grep -r name-of-proxy /etc  ?
[18:28] <Psyclops> only idlers here?
[18:30] <maddawg2> oops sorry sarnold i ended uo figuring it out breifly after asking
[18:30] <maddawg2> it was in /etc/apt/apt.conf
[18:31] <sarnold> maddawg2: aha :) nice
[18:31] <maddawg2> i thought it was an environment thing
[18:31] <maddawg2> not a apt thing
[18:31] <sarnold> Psyclops: irc tends to work best if you ask specific questions...
[18:44] <Psyclops> sarnold i know but nobody seems around
[18:44] <Psyclops> in the free radius channel
[18:44] <Psyclops> and e friend of me need serious help
[18:45] <sarnold> Psyclops: but perhaps the expert you need will come by in an hour and see your question; if it remains unasked, it could remain unanswered :)
[18:46] <Psyclops> i already told him
[18:46]  * patdk-wk wont answer pointless questions
[18:47] <Psyclops> but i still have problem to get an login/pw field for users to authenticate with mysql & dolaradius
[18:47] <Psyclops> thats a part of my friends questions. just posted for you patdk-wk
[18:47] <Psyclops> hehe
[18:48] <patdk-wk> I don't see any question
[18:48] <patdk-wk> I see a part of a *statement*
[18:50] <Psyclops> i have a problem to get an login/pw field for users to authenticate with mysql & dolaradius. how can i do it?
[18:50] <Psyclops> better that way?
[18:52] <Psyclops> so ill guide him here
[18:52] <pmatulis> Psyclops: even better to describe the actual problem.  not just 'it doesn't work, how do i do it?'
[18:53] <Psyclops> thanks a lot he can explain it much better
[18:54] <sarnold> pastebinning errors and warnings from logs is also very helpful :)
[18:54] <Psyclops> yeah i know :)
[18:55] <Psyclops> so i dont have any probs and i cant post error logs :)
[18:55] <Psyclops> i just told hin to join here
[18:55] <Psyclops> him
[19:05] <Radius_Noob> Hi there
[19:07] <Radius_Noob> Im in need of urgent help, my future depends on it. Ubuntu 14.04/LAMP/FreeRadius/DaloRadius & (f*cking) HP MSM720 AP-Controller.
[19:08] <Radius_Noob> Im in need of urgent help, my future depends on it. Ubuntu 14.04/LAMP/FreeRadius/DaloRadius & (f*cking) HP MSM720 AP-Controller. It's for the Final Exam and i just have problems to get the APC woorking correctly, i didnt get any help in the freeradius chat
[19:09] <genii> I would suggest to probably get off IRC and start studying then.
[19:12] <sarnold> Radius_Noob: as we explained to Psyclops, specific questions are always better than generic pleas for help; there's nothing quite as good as pastebinned logs with error messages and warnings.
[19:13] <sarnold> Radius_Noob: this is worth some bedtime reading :) http://www.catb.org/esr/faqs/smart-questions.html
[19:15]  * patdk-wk wonders why we should care about radius_noob's future
[19:17] <patdk-wk> hmm, that should be loads of fun though :)
[19:17] <patdk-wk> wht radius protocol are you using?
[19:31] <Psyclops> patdk-wk may he will guide the world to peace. you never know
[19:32] <Psyclops> its better to be helpfull if you can. afterwards its to late
[19:33] <Radius_Noob> Ok to specify my problem: Does anyone know or got information how to correctly configure 802.1x Authentication with FreeRadius?
=== sforshee` is now known as sforshee
=== comanch_ is now known as comanch
[19:39] <patdk-wk> Radius_Noob, there are like 100+ different *correct* ways
[19:40] <Radius_Noob> Yeah but i dont find any solution
=== markthomas is now known as markthomas|away
=== markthomas|away is now known as markthomas
=== mwhudson_ is now known as mwhudson
[21:40] <ozanhazer> HEELP! I increased the innodb_buffer_pool_size and mysql is not starting at all. Ubuntu 15.04
[21:40] <ozanhazer> It's really awkward because I can see the mysqld process
[21:40] <ozanhazer> but it doesn't start-up
[21:44] <mfisch> check /var/log/mysql/error.log
[21:50] <ozanhazer> nothing in there :(
[21:59] <ozanhazer> ...or maybe I'm blind :P thanks mfisch
=== IronDev_ is now known as optrusty
=== optrusty is now known as Irondev
=== Irondev is now known as IronDev
=== Lcawte is now known as Lcawte|Away