| === Lingo is now known as IronDev | ||
| === Lcawte is now known as Lcawte|Away | ||
| === zz_DenBeiren is now known as DenBeiren | ||
| === markthomas|away is now known as markthomas | ||
| jrwren | how can I run debian jessie in lxc with network? | 01:45 |
|---|---|---|
| jrwren | trusty runs fine in lxc with network, but jessie, as setup by the download lxc template doesn't bring network interface up | 01:46 |
| jrwren | no /run/network dir and so ifup fails /run/network/.ifstate.lock | 01:46 |
| === markthomas_ is now known as markthomas | ||
| === markthomas is now known as markthomas|away | ||
| radish_ | good morning! | 06:15 |
| radish_ | regarding the logjam exploit, is it planned to backport http://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslopensslconfcmd functionality to Ubuntu 12.04 (apache2/mod_ssl)? | 06:15 |
| sarnold | good morning radish_; that's currently under investigation; it may require backporting pieces of openssl functionality as well | 06:22 |
| === kickinzA|afk is now known as kickinz1 | ||
| === Lcawte|Away is now known as Lcawte | ||
| StathisA | I need some help. How can I have automatic "sudo apt-get update" but NOT download the updates? somehow I have configured it to check for updates and download them if they exist, but I need only to check - not download unless I do it manually | 08:35 |
| StathisA | even though i have "APT::Periodic::Download-Upgradeable-Packages "0";" in /etc/apt/apt.conf.d/10periodic | 08:38 |
| ogra_ | perhaps with the --download-only switch ? | 08:38 |
| ogra_ | oh, update | 08:38 |
| ogra_ | ignore me | 08:38 |
| StathisA | and no allowed origins in /etc/apt/apt.conf.d/10periodic | 08:40 |
| StathisA | but my systems still download the updates - not install them, just download which is annoying | 08:41 |
| OpenTokix | apt-get -update --no-download | 08:41 |
| OpenTokix | apt-get update --no-download | 08:41 |
| StathisA | where do I config this in "unattended-upgrades" config? | 08:42 |
| StathisA | i'm not referring to manual "sudo apt-get update" | 08:42 |
| StathisA | this is done automatically | 08:43 |
| OpenTokix | StathisA: I am not sure what you want. - you want unattended upgrades running, but not upgrade? | 08:44 |
| StathisA | ok here's the thing. I have installed "unattended-upgrades" package, and I have configured it to NOT upgrade anything but do a "sudo apt-get update" periodically and get a notification with "apticron" that updates are needed | 08:48 |
| StathisA | this is working as intended, nothing is getting installed automatically | 08:48 |
| StathisA | but as soon as it checks for the updates, it downloads them too | 08:48 |
| StathisA | which is not wanted | 08:48 |
| === ashleyd is now known as ashd | ||
| StathisA | now as soon as I login to a server, I can sudo apt-get dist-upgrade and the system installs the downloaded updates | 08:49 |
| StathisA | I just dont want it to download them automatically, since this is getting run on multiple systems, and we end up starving for bandwidth when this occues | 08:49 |
| StathisA | occurs | 08:49 |
| kickinz1 | StathisA, I know it is not what you are looking for, but why not put one apt proxy in your infrastructure, i.e. apt-cacher-ng, that will cache only the necessary packages? This way each time you update your servers, you will only download one time from external archive. | 08:51 |
| OpenTokix | kickinz1: +1 | 08:54 |
| StathisA | kickinz1, this is a good advice, but a but a bit of an overkill for what I want to achieve | 08:57 |
| kickinz1 | StathisA, not so overkill, you need just to apt-get install apt-cache-ng, then add a /etc/apt/apt.conf.d/01Proxy file with 'acquire::http:Proxy "http://ip.of.the.prox:3142";' line in it to your servers. Now each time a server download a package, it will be cache for use by the others, it is not a full mirror. | 09:01 |
| StathisA | even if I go that way, the server will still "download" the update from the cacher - which is exactly what I want to avoid | 09:02 |
| StathisA | it just minimizes internet b/w | 09:03 |
| StathisA | I dont mind systems -checking- for updates over the internet, thats not too much of a hassle | 09:03 |
| StathisA | I dont wat systems to download stuff automatically | 09:04 |
| StathisA | *want | 09:04 |
| === ashleyd is now known as ashd | ||
| shauno | Based on https://wiki.debian.org/UnattendedUpgrades it looks like you're looking for the APT::Periodic::Download-Upgradeable-Packages line | 09:05 |
| kickinz1 | StathisA, I asked mvo, who is the writer og unattended-upgrades, and the maintainer of apt. | 09:05 |
| kickinz1 | StathisA, it is in /etc/apt/apt.conf.d/20auto-upgrades | 09:06 |
| shauno | although if you're just fighting with local network saturation, I'd be tempted to just offset the cron jobs so they're not all running at the same time | 09:06 |
| kickinz1 | 50auto-upgrades on my server. | 09:06 |
| StathisA | i can see 20auto-upgrades in mine | 09:07 |
| StathisA | what do I change? | 09:07 |
| StathisA | nothing to resemble "auto-download" | 09:07 |
| StathisA | just APT::Periodic::Update-Package-Lists "1"; | 09:08 |
| StathisA | APT::Periodic::Unattended-Upgrade "1"; | 09:08 |
| StathisA | i do have "APT::Periodic::Download-Upgradeable-Packages "0";" in 10periodic | 09:13 |
| StathisA | but no such option in the default 20auto-upgrades | 09:14 |
| StathisA | I could add it, but i'm not sure | 09:14 |
| === ashleyd is now known as ashd | ||
| kickinz1 | mvo: StathisA would like to know how to disable the downloading of upgrades, so unattended-upgrades just tells the admin he has to update things manually. | 09:27 |
| kickinz1 | mvo: nut don't download automatically packages. | 09:27 |
| StathisA | hello, mvo | 09:28 |
| mvo | StathisA: best is probably to edit /etc/cron.daily/apt and put --dry-run behind unattended-upgrades | 09:28 |
| StathisA | thanks for helping on this, much appreciated | 09:28 |
| mvo | ups, sorry | 09:29 |
| StathisA | ? | 09:31 |
| barnex | Hello. I've been installing various linux distros on various vm and computers, but I've never been in a real server room with rack servers. Is there something special I need to know to install on IBM System x3650 M4? | 09:32 |
| kickinz1 | StathisA, I think mvo meant sorry for he went out of the channel, and came back. | 09:32 |
| barnex | Like should I expect them to have some sort of keyboard/monitor setup ready that will work with no configuration? | 09:32 |
| StathisA | oh ok, I dont see joins/leaves | 09:32 |
| mvo | StathisA: yeah, I accidently closed the window | 09:32 |
| barnex | also does USB boot commonly works on systems like this? | 09:32 |
| StathisA | this will still allow apticron to send the notification about the existing updates i guess | 09:33 |
| kickinz1 | barnex, you might encouter troubles on those if you install debian (due to ethernet drivers), for ubuntu, it is quite satndard install. | 09:33 |
| === ashleyd is now known as ashd | ||
| barnex | So I can go there with USB stick only and expect to complete the installation? No PXE setups, serial consoles and stuff like that? | 09:37 |
| StathisA | mvo, in /etc/apt/apt.conf.d there's a section "# download all upgradeable packages (if it is requested) | 09:38 |
| StathisA | " | 09:38 |
| StathisA | perhaps I need to do something there to avoid the download | 09:38 |
| mvo | StathisA: the default it "0" for that option, do you have a different value there? | 09:38 |
| kickinz1 | barnex: it depends, if you want unattended install, you need to either make your own preseed and provide a way to make it load at boot (i.e. mod the usb, or PXE, or a Maas). If you want it to install without any keyboard/display, you will need some tools outside of your server. | 09:39 |
| StathisA | in 10periodic i got "APT::Periodic::Download-Upgradeable-Packages "0" | 09:39 |
| StathisA | in 20auto-upgrades, i dont have it at all | 09:39 |
| StathisA | but somehow updates are still getting downloaded | 09:40 |
| mvo | StathisA: did you try if unattended-upgrades --dry-run also downloads the packages? it might do that, the reason is that for e..g. conf-file prompts it needs to inspect the data inside the package | 09:40 |
| kickinz1 | barnex, I meant install is standard as any othe machine (I had previous x3650M3), but it won't be magic, it will still ask what you want to do (patitionning, language, etc...) | 09:40 |
| StathisA | well there's not packages to download atm | 09:40 |
| mvo | StathisA: if so, we need a new option for u-u | 09:40 |
| barnex | kickinz1: thanks. So basically I need more info about what kind of infrastructure do they have on-site | 09:40 |
| barnex | if there's some sort of screen and keyboard I could borrow or some other setup needed | 09:40 |
| StathisA | so I cannot really check what its gonna do next time it finds updates | 09:41 |
| kickinz1 | barnex, except if you go MAAS/PXE/Preseed way, but you still will need some access to the server. | 09:41 |
| kickinz1 | barnex: yes you will need a keyboard/display. | 09:41 |
| StathisA | heh, i'm not asking for something radical like adding a new option. I thought that maybe someone else wanted this and found a way >< | 09:42 |
| davegarath | Hi all, I have this problem : /dev/loop0p1: read failed after 0 of 4096 at 257884160: Input/output error. How can I identify where loop point to ? | 09:42 |
| mvo | StathisA: you could use "/usr/lib/update-notifier/apt_check.py --human-readable | 09:44 |
| mvo | " | 09:44 |
| StathisA | 0 packages can be updated. | 09:45 |
| StathisA | 0 updates are security updates. | 09:45 |
| * mvo needs to leave for some minutes to get lunch, bbiab | 09:47 | |
| === ashleyd is now known as ashd | ||
| === kickinz1 is now known as kickinz1|afk | ||
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| === kickinz1|afk is now known as kickinz1 | ||
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| eagles0513875__ | hey all what do i need to do to keep from being disconnected when my ssh session is left idle | 11:34 |
| OpenTokix | eagles0513875__: -o TCPKeepAlive | 11:35 |
| ikonia | although that won't help if it's the network device killing idle | 11:35 |
| OpenTokix | true | 11:35 |
| OpenTokix | -o ServerAliveInterval=30 -o TCPKeepAlive=Yes | 11:36 |
| OpenTokix | best you can do | 11:36 |
| eagles0513875__ | OpenTokix: in which configuration file though | 11:36 |
| ikonia | eagles0513875__: think about it | 11:36 |
| OpenTokix | .ssh/config | 11:36 |
| OpenTokix | eagles0513875__: or as a alias | 11:36 |
| ikonia | eagles0513875__: are you making a server or client config | 11:37 |
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| === Thorn__ is now known as Thorn | ||
| === _ruben_ is now known as _ruben | ||
| wimpog | Howdy Y’all! I have two servers running 14.04.2: one was provisioned by my hosting provider, and another one – by me. When I apply updates to both of them, sometimes I have to reboot the one that I installed, especially for linux header updates, but it never prompts to reboot the one provisioned by the hosting provider. What’s the difference? | 13:09 |
| ikonia | are they physical tin or virtual | 13:09 |
| wimpog | ikonia: the one that I have to reboot is virtual, the other (no reboot required) is physical | 13:10 |
| sponzor | hi. can anyone help me how to add read only user to samba share? | 13:11 |
| wimpog | ikonia: could this be the reason? | 13:12 |
| ikonia | wimpog:is it asking you to reboot ? | 13:12 |
| ikonia | I suspect if it's kernel headers it's because the kernel is being provided from the hypervisor so you need to reboot to pick up differences as it's locekd at the hypervisor | 13:12 |
| wimpog | ikonia: I have webmin on both and apply updates through it on both. The virtual one sometimes prompts for a reboot, especially happens when new kernel headers are applied, and the physical one never does that. | 13:13 |
| ikonia | wimpog: there we go - webmin | 13:14 |
| ikonia | at that point, I'll back away from this discussion | 13:14 |
| ikonia | wimpog: webmin is an unsupported and not-recommended product, | 13:14 |
| wimpog | ikonia: Oh ok. But I believe I also saw a prompt for a reboot at the command line | 13:14 |
| ikonia | wimpog: not going to support your box with webmin on, sorry | 13:15 |
| wimpog | ikonia: No, I’m not looking for support. I’m just wondering why the same OS on two different machines – one prompts for a reboot and one doesn’t. I think your explaination that the one is VM makes a lot of sense | 13:15 |
| wimpog | ikonia: next time I apply updates I will take note of it... | 13:16 |
| ikonia | wimpog: you are looking for support, you're asking for help as to why you are seeing different situations | 13:16 |
| wimpog | ikonia: yeah, is that bad? | 13:16 |
| ikonia | no, I just said I won't support your machines with webmin | 13:17 |
| === ashleyd is now known as ashd | ||
| wimpog | ikonia: ok, thanks. Not sure what’s wrong with webmin, and I only use it to check mailqueue and apply security updates… and maybe restart apache… that’s about it. Nothing more complex | 13:19 |
| rsully | wimpog would be worth learning how to do that from the shell, pretty simple stuff | 13:21 |
| wimpog | ikonia: ok, thanks! | 13:22 |
| pmatulis | wimpog: webmin is considered hostile on ubuntu. don't use it. at all | 13:24 |
| wimpog | pmatulis: ok, I will not. I didn’t know that it wasn’t desired. and yes rsully I can do all that from the shell, just quicker from webmin | 13:25 |
| rsully | wimpog when asking for help you should simplify the problem as much as possible, which means few dependencies. update from shell, see if you get prompted there. | 13:26 |
| pmatulis | wimpog: once you learn the shell and other basic things webmin will seem very slow and clunky | 13:26 |
| wimpog | rsully: yeah. Definitely do it from shell next time and see what happens… | 13:26 |
| wimpog | pmatulis: yeah, thanks! | 13:27 |
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| eagles0513875__ | hey guys how does one go about testing upstart scripts? | 13:50 |
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| === DenBeiren is now known as zz_DenBeiren | ||
| === ashleyd is now known as ashd | ||
| === Kick is now known as Guest72582 | ||
| === Guest72582 is now known as kickinz1_ | ||
| === kickinz1_ is now known as kickinz2 | ||
| === kickinz2 is now known as kickinz1_ | ||
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| === ashleyd is now known as ashd | ||
| === markthomas|away is now known as markthomas | ||
| === kickinz1_ is now known as kickinz1|afk | ||
| rattking | Hi! is anyone here using a Broadcom NetXtreme II BCM57800 netword card? | 16:11 |
| rattking | I am plauged with "bnx2x 0000:01;00.2 eth2: MDC/MDIO access timeout” errors on 12.04.05 with the 3.13 series kernels.. | 16:12 |
| patdk-wk | nope | 16:15 |
| rattking | thats fortunate I am not having any luck getting this thing to work :) | 16:18 |
| === ashleyd is now known as ashd | ||
| teward | is anyone aware of any case where systemd fails security expectations and threads of processes/services' master process get started as root instead of the user it's set to run as? | 16:34 |
| Walex | eagles0513875__: that's an interesting question :-) | 16:44 |
| Walex | eagles0513875__: of course you must add them to '/etc/init/' which is an interesting situation. | 16:44 |
| teward | nevermind, my situation is unique, and actually my fault | 16:58 |
| teward | :/ | 16:58 |
| * teward kicks himself around the room | 16:59 | |
| sponzor | hi. i have degraded storage (raid5) if i remove mount point from /etc/fstab (raid storage) and then reboot will boot skip this array check? or do i have somewhere else also to edit boot process? | 17:40 |
| sponzor | im working on remote.. so i dont want to be stuck at boot control d and that.. :) | 17:44 |
| tychicus | hardware raid 5 or software raid5? | 17:50 |
| sponzor | software | 17:50 |
| tychicus | and you have a separate boot disk? | 17:54 |
| sponzor | yes | 17:55 |
| sponzor | this is only storage | 17:55 |
| sponzor | boot and lvm is separeted on raid1 2 different hard drives | 17:56 |
| sponzor | anything? :P | 18:02 |
| tychicus | my thought is that you should be ok, but I'm not 100% certian | 18:03 |
| tychicus | I know that there is the —freeze-reshape option | 18:04 |
| tychicus | but I don't think it applies in this case | 18:04 |
| === sponzor- is now known as sponzor | ||
| dannf | hallyn_: is there a git tree somewhere w/ the latest qemu/ubuntu uploads in it? | 18:10 |
| sponzor- | ok server came back up so # at raid line in fstab worked fine :) | 18:11 |
| hallyn_ | dannf: the latest version for development release is in the debian git tree, | 18:12 |
| hallyn_ | git://anonscm.debian.org/pkg-qemu/qemu.git | 18:12 |
| dannf | hallyn_: ah - which branch? | 18:12 |
| hallyn_ | ubuntu-dev branch | 18:12 |
| dannf | ok | 18:12 |
| dannf | hallyn_: looks like it's just back due to security updates | 18:13 |
| dannf | s/back/out-of-date/ | 18:13 |
| dannf | but that's good enough for me atm | 18:13 |
| hallyn_ | oh, yeah | 18:13 |
| hallyn_ | i need to import those - i was going to do that the next time that i merge (which i wanted to do this week, but probably wont' get to) | 18:13 |
| === Lcawte is now known as Lcawte|Away | ||
| tarvid | where should ipset be initialized | 18:32 |
| Forbidd3n | I can FTP using FileZilla, but when I try to do it via command line it logs in I can change directories, but I get this error if I try to put or list directory - 550 Command PORT failed | 18:36 |
| patdk-wk | Forbidd3n, that is expected when your using nat | 18:51 |
| Forbidd3n | patdk-wk: it tries to get a directory listing and therefore won't allow me to upload any files | 18:54 |
| patdk-wk | yes, that is expected | 18:54 |
| tarvid | ls | 18:55 |
| patdk-wk | Forbidd3n, if you want to make it work, fix your firewalls | 18:56 |
| patdk-wk | otherwise, don't use PORT command | 18:56 |
| ay_caramba | hey guys, during a fresh install of Ubuntu-Server 14.01 when you're prompted to put the machine's hostname, if I do a FQDN there when I log into the box would the hostname display the FQDN or just the hostname part? | 19:01 |
| quantic | ay_caramba: just the hostname part | 19:01 |
| ay_caramba | cool, thanks quantic | 19:02 |
| quantic | ay_caramba: i used an fqdn when i installed this - hostname shows shortname, hostname -f shows fqdn | 19:02 |
| ay_caramba | got it | 19:02 |
| Forbidd3n | patdk-wk: what exactly do I need to do to the firewalls on the remote server for this to work? | 19:17 |
| patdk-wk | I dunno | 19:28 |
| patdk-wk | and I never said it was the remote server that was the problem | 19:28 |
| patdk-wk | the remote server must be able to make a connection from it, back to you | 19:28 |
| patdk-wk | so it must be allowed to make outgoing connections | 19:28 |
| patdk-wk | your firewall must accept those connections, and send them to your computer | 19:28 |
| patdk-wk | normally when one uses nat, this is broken, cause the firewall has no idea where to send these connections to, so it rejects them | 19:28 |
| patdk-wk | this is why nat is bad | 19:28 |
| patdk-wk | this is also why people don't use ftp | 19:28 |
| patdk-wk | besides it's insecure, full of problems, ... | 19:28 |
| teward | anyone fluent in udev rules? | 19:32 |
| teward | need some assistance | 19:32 |
| pmatulis | Forbidd3n: describe your requirements. maybe you don't need FTP | 19:33 |
| RoyK | Forbidd3n: don't use FTP | 19:33 |
| Forbidd3n | nvm I have it working thanks | 19:33 |
| RoyK | don't use antique protocols - I'm learning that the hard way since my boss chose to stick to Amanda backup until we've found something to replace it with - so we've used some weeks swearing about this :P | 19:34 |
| RoyK | instead of just ditching the PoS and installing bacula or something - it'd taken far less amount of work and given a better result in the end | 19:35 |
| * RoyK is a *wee* bit frustrated | 19:35 | |
| szronik | WWHat's the best way for me to remotely edit file on my Apache server? | 20:12 |
| szronik | Anyone there? | 20:15 |
| genii | szronik: Likely most are currently occupied. Best to just wait a while, maybe ask again in 12-15 minutes after more people have left and arrived in the channel | 20:17 |
| szronik | genii: Okay, thanks. | 20:22 |
| szronik | What's the best way to remotely edit a file on my Apache server? I would like to edit the files directly in Sublime on my Windows machine. | 20:58 |
| YamakasY | does anyone know where I can get a newer sssd version for 14.04 ? | 20:59 |
| PryMar56 | szronik, find an editor with sftp support | 20:59 |
| szronik | Well I thought of a couple of solutions | 21:00 |
| szronik | 1. Sync the files via ftp | 21:00 |
| szronik | 2. Use samba to share the dir | 21:00 |
| rsully | szronik is the server on your lan? | 21:00 |
| szronik | 3. Edit in Sublime and upload/repeat as needed | 21:01 |
| szronik | Yes, on the LAN | 21:01 |
| rsully | Generally it is best to use version control like git, and some type of deployment | 21:01 |
| rsully | Otherwise I would personally use SFTP and an editor | 21:01 |
| szronik | What do you mean by some type of deployment? | 21:01 |
| rattking | ssh and vim is always a option if you dont use any managment system like salt,puppet,chef | 21:02 |
| szronik | I just said I want to use Sublime though, not vim. | 21:03 |
| szronik | I can already ssh and use vim if I wanted to, but that's not what I need. | 21:04 |
| rattking | so then you are asking us how to transfer a file to you r server? | 21:07 |
| szronik | No, I'm asking about the best way to edit the file remotely. | 21:07 |
| szronik | But I want to edit it on another machine, in Sublime. | 21:08 |
| szronik | I could just create a share using samba, any other way? | 21:08 |
| qman__ | szronik: sshfs | 21:12 |
| qman__ | Oh, windows client | 21:13 |
| qman__ | Not sure if there's anything else | 21:13 |
| szronik | I guess I'll just edit and upload. | 21:13 |
| RoyK | szronik: vim | 21:14 |
| rattking | heh | 21:14 |
| RoyK | or "nano" if you're a realy newbie https://xkcd.com/378/ | 21:15 |
| szronik | there goes vim again ;-) | 21:17 |
| qman__ | Vim is what I use, too | 21:18 |
| RoyK | szronik: try vimtutor | 21:21 |
| RoyK | szronik: a command to start a tutor to vim - it's rather good | 21:21 |
| tiblock | Hi. I have newbie question. For example i made project "myproject", where i need to store it on server? /root/myproject/ or /srv/myproject/ or /var/myproject/ or ...? | 21:34 |
| === ashleyd is now known as ashd | ||
| concordia71 | ciao | 21:37 |
| concordia71 | qualcuno parla italiano | 21:37 |
| szronik | tiblock: store it in your home directory: echo ~/ | 21:38 |
| tiblock | szronik, thank you | 21:39 |
| stephenh | hello, is there a way to specify protocol number with ufw? not seeing example so far .. | 22:37 |
| === Lcawte|Away is now known as Lcawte | ||
| === Lcawte is now known as Lcawte|Away | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!