/srv/irclogs.ubuntu.com/2015/07/07/#ubuntu-server.txt

=== Lcawte is now known as Lcawte\|Away
=== markthomas\|away is now known as markthomas
teward	Daviey: ping	01:21
teward	if you're not busy :)	01:21
=== markthomas is now known as markthomas\|away
=== Guest77242 is now known as TheEternalAbyss
=== zz_DenBeiren is now known as DenBeiren
=== DenBeiren is now known as zz_DenBeiren
ztane_	should we downgrade our openssl ... :P	07:16
=== ztane_ is now known as ztane
=== zz_DenBeiren is now known as DenBeiren
njmbb8	hey guys, if i want to run a server and be able to run a gui, what is my best option?	07:44
hellyeah	dunno about topics this could be helpful http://askubuntu.com/questions/53822/how-do-you-run-ubuntu-server-with-a-gui	07:46
=== Lcawte\|Away is now known as Lcawte
lordievader	Good morning.	08:28
skylite	how can I check if an hdd is part of an lvm?	08:43
lordievader	skylite: Run 'pvs'.	08:43
skylite	thx	08:43
jamespage	mfisch, hey - I am working a 2.3.2 update for ovs - but blocked on some unit test failures atm	08:56
=== CiPi is now known as cipi
matadores	help ubuntu server 14.04 lts?	11:26
bekks	matadores: Ask a question :)	11:29
matadores	you have tutorial install antiddos ?	11:30
matadores	and protectio my vps ?	11:31
bekks	matadores: Is that a specific software or do you have an actual question? :)	11:31
matadores	i am search tutorial protection and install anti-ddos	11:32
matadores	help mi pray	11:32
patdk-lap	it is impossible to protect against a ddos, unless you unplug your network cables	11:49
lordievader	Isn't that giving them, the attackers, an instant win?	11:50
patdk-lap	basically, the one with the bigger guns wins, and the point of a ddos is, they can always scale to have the largest	11:50
patdk-lap	well, if you get lucky, you can do something, like traffic profiling to block them	11:50
patdk-lap	but then, that is just lazyness on their part :)	11:50
patdk-lap	the only way to protect against it, is to blacklist as many incoming ip's as possible as fast as possible, and pray you aren't blocking ligit customers	11:51
patdk-lap	and the blocks must be at a level that has enough bandwidth to handle it	11:52
patdk-lap	so the ones with the most bandwidth wins	11:52
patdk-lap	and the latest ones for the last few years, it doesn't really matter how much bandwidth you have, it's not enough	11:52
patdk-lap	terrabits of bandwidth needed	11:53
matadores	ok	11:56
matadores	The attack always comes from one person or a maximum of 3 people	12:01
lordievader	Block those ;)	12:01
matadores	tutorial?	12:02
matadores	I am just starting out with a vps ubuntu 14.0.4 lts	12:02
matadores	sorry for my english but use google translator	12:03
lordievader	matadores: https://help.ubuntu.com/community/IptablesHowTo	12:04
matadores	how to use this command the vps throws me out and I have to reinstall	12:05
matadores	sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT	12:05
Tzunamii	matadores: Just add a timer to a shellscript that flushes all the Iptables rules after, let's say, 5 mins	12:07
Tzunamii	no need to reinstall	12:07
lordievader	Or first allow ssh, or whatever you use to connect.	12:08
matadores	i I tried to use the commands through ovh but the result that the controls were not working more than in the tutorial	12:09
Tzunamii	In short, have a shellscript set a cron-job that will flush all the rules. After that functionality just add the Iptables rules you want to test.	12:09
Tzunamii	lordievader: that's how you do it the proper way	12:10
Tzunamii	aka, dev mode	12:10
teward	'dev mode' - you know that what lordievader is saying is the proper way to do things?	12:10
Tzunamii	sigh	12:11
teward	allow connections to only the ports you need opened, IP-restrict them as well if you want them more locked down, etc.?	12:11
Tzunamii	Unless you know what you're doing you can still screw up any pre-allowed service/port with subsequent rules. Hence the dev mode	12:12
teward	Tzunamii: FWIW they should be doing it 'right' rather than flushing all their iptables rules every 5 minutes (as they won't come back)	12:12
Tzunamii	You're wrong, mate	12:12
lordievader	If anything, flush and then reload a save. Not just flush. That is rather bad for an internet facing server.	12:12
teward	^ that	12:13
Tzunamii	The Iptables rules you want to test is (read: should be) in a script already, hence they won't "go away"	12:13
lordievader	But if you know what you are doing you don't need that 'dev-mode'.	12:13
matadores	I want you to lock the user running the attack although it uses an IP not true	12:13
Tzunamii	lordievader: Even the best CSO can frack things up royally	12:13
matadores	the user running the attack also prides itself on using python	12:14
teward	rbasak: ping, btw, if you're not busy :)	12:15
lordievader	matadores: You know your attackers?	12:15
matadores	si	12:16
matadores	yes	12:16
lordievader	matadores: Heh. Still, if it is just a handfull of IPs, just drop their traffic right away.	12:16
matadores	you can give me as you do?	12:17
lordievader	matadores: Read the tutorial I gave you.	12:18
matadores	excuse my asking, but I do not know still use the commands and so I try to use the guide	12:18
Tzunamii	In addition to lordievader's recommendation (HOWTO) I can recommend this tutorial as well https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html	12:19
matadores	I have to run all the tutorial or a specific part?	12:26
teward	matadores: you should read the tutorial then run the relevant parts	12:27
matadores	ok	12:28
teward	and while we could write up a ruleset for you, we don't actually know what servicse you want exposed to the internet, etc.	12:29
teward	so we'd be guessing at what you need	12:29
teward	and you wouldn't learn anything	12:29
lordievader	^ that, we want you to learn how to configure a firewall	12:32
Daviey	a/wingoto #b	12:32
matadores	I have to use only port 80 and 10090 in my site but I can also change the port 10090	12:34
matadores	how to use the control panel sentora	12:35
bekks	matadores: this is the starting point: http://docs.sentora.org/?node=23	12:57
matadores	hanks	12:59
matadores	thanks*	12:59
coreycb	jamespage, zul, hey, can you review this? https://code.launchpad.net/~corey.bryant/ubuntu/wily/python-fixtures/1.3.1	13:17
jamespage	coreycb, some feedback - pbr 1.2.0 means you don't need the patch for test-requirements	13:19
jamespage	coreycb, does it build and unit test ok?	13:19
coreycb	jamespage, yes, build and unit test are ok. I see pbr 1.2.0 is in proposed so I probably wasn't picking it up in the build.	13:21
jamespage	coreycb, pbuilder?	13:21
coreycb	jamespage, sbuild	13:21
jamespage	hmm - sbuild should use proposed by default I think	13:21
jamespage	coreycb, I only merged that this morning btw	13:21
coreycb	jamespage, ok lemme try again	13:22
coreycb	without patch	13:22
jamespage	coreycb, no worries - I'll drop that as I merge and upload	13:23
coreycb	jamespage, cool thanks	13:23
Teduardo	Howdy everyone. Has anyone had any funky problems with sendmail in ubuntu 14 since the logjam thing?	13:23
Teduardo	i'm getting crazy tls issues	13:24
jamespage	coreycb, I'm also going to version pbr >= 1.2.0 as that's the release that supports that python version foo	13:24
coreycb	jamespage, yep good idea	13:25
jamespage	coreycb, that should unblock heat aside from the MIR's right?	13:25
coreycb	jamespage, I think so	13:25
jamespage	coreycb, marked merged and uploaded - thanks!	13:27
Teduardo	does anyone use ubuntu 14 and sendmail?	13:29
bekks	People do - but whats your actual question?	13:29
Teduardo	i'm trying to figure out why i'm getting this when trying to send email. 28496:error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small:s3_clnt.c:3339 i actually found the error in google and created a new 2048 bit dh key	13:32
Teduardo	is there a command that will regenerate the tls keys/certs for sendmail on ubuntu?	13:34
teward	Daviey: rbasak: ping, again xD	14:12
teward	Daviey: rbasak: No rush, but just an FYI: If the Security team needs to weigh in on the nginx issue, I talked to sarnold and he said that effectively his opinion in the ubuntu-server list could be considered the Security Team's view on the nginx issue. You can reach out to him to confirm this, if you wish.	14:14
Daviey	teward: thans	14:15
Daviey	+k	14:15
rbasak	teward: sorry, pretty busy ATM. The TB email is on my list.	14:33
teward	rbasak: no rush, just wanted to add the note above	14:34
rbasak	teward: ack, thanks.	14:34
teward	i'm still writing out my plan-of-action either way	14:34
teward	got sidetracked with some Apache hell yesterday	14:34
Teduardo	do we think there will ever be a release of apache 2.4.10 or 11 for 14.04 lts? there is an annoying PCI DSS thing flagging with the LUA bug	14:56
Teduardo	even though we arent using LUA the scanners are very stupid	14:56
patdk-wk	it will never happen	14:57
patdk-wk	not even sure why it would need to happen	14:57
patdk-wk	this is normal pci dss scanner stuff you should solve	14:57
patdk-wk	even if it was upgraded to 2.4.11 to solve that issue, next month you will be in here saying, my pci dss scanner says I have an issue and need to upgrade to 2.4.13, when will that be released?	14:59
patdk-wk	!usn	14:59
ubottu	Please see http://www.ubuntu.com/usn for information about Ubuntu security updates.	14:59
Teduardo	I'm sorry I asked.	15:00
Pici	/70/70	15:00
mdeslaur	Teduardo: like most Linux distros, we backport security patches, we don't update to new versions. See our FAQ here: https://wiki.ubuntu.com/SecurityTeam/FAQ#Versions	15:01
mdeslaur	Teduardo: do you know which CVE they are referring to? Is it CVE-2014-8109?	15:02
mdeslaur	Teduardo: apache in 14.04 doesn't even compile mod_lua	15:03
mdeslaur	Teduardo: see here: http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-8109.html	15:03
Daviey	jcastro: Can you moderate ubuntu-cloud pls?	15:15
Daviey	jcastro: A user trying to report an issue with aws mirrors.	15:15
jcastro	uhh, I don't know how to do that?	15:20
jcastro	you mean the mailing list?	15:20
jcastro	I thought it got subsumed by the server list?	15:20
Daviey	jcastro: Well there is still low volume traffic there..	15:30
Daviey	jcastro: mailman thinks you are the admin for the list... :/	15:31
Daviey	smoser, utlemming: Do you admin ubuntu-cloud list?	15:32
lucidguy	Ubuntu server with two nics on same network different ips... configured dns round robin for host. Obiously all inboud packets will be balanced, but will the packet exit out the nic it came in? Or will it goto a default first NIC?	15:32
smoser	utlemming can probably dig it up	15:32
jcastro	Daviey: yeah sorry that's not me, we should fix it though, heh.	15:33
Daviey	jcastro: no worries, thanks :)	15:33
bekks	lucidguy: According to the TCP RFC, it chooses an interface randomly, if both have the same routing weights.	15:36
jamespage	coreycb, urgh - just spotted this - https://launchpadlibrarian.net/210631929/buildlog_ubuntu-wily-amd64.ceilometer_1%3A5.0.0~b1-0ubuntu1_BUILDING.txt.gz	15:39
coreycb	jamespage, hmm I'll look in a bit	15:42
jamespage	coreycb, the sphinxcontrib stuff can be trimmed	15:42
rbasak	matsubara: are still OK to chair the meeting today please?	15:44
matsubara	rbasak, yes	15:45
rbasak	Thanks!	15:48
=== rbanffy is now known as rbanffy-lunch
=== markthomas\|away is now known as markthomas
jamespage	coreycb, heat uploaded - I trimmed the sql related bd's out - not required for now	16:07
jamespage	but we do need to switch python-mysqldb <-> python-pymsql this cycle	16:07
coreycb	jamespage, ok, thanks	16:07
jamespage	coreycb, it won't build until the MIR for the clients completes and an archive-admin does the promotions	16:08
jamespage	coreycb, urgh - I still have horizon on my list	16:08
teward	it's official - i'm developing a hatred for VPS providers' default Ubuntu images	16:11
teward	we don't have Apache installed by default with a standard server install do we?	16:11
teward	(i.e. if they skip tasksel and such)	16:12
smoser	teward, no. ubuntu server install would not have that. either in cloud-image or default from d-i media.	16:19
teward	then that's where all these nginx bugs're coming from	16:19
jrwren	this is why CPC is awesome.	16:19
teward	smoser: also d-i media? (I'm not 100% fluent in all shortened names/acronyms yet)	16:20
smoser	debian-installer	16:21
teward	ah ok	16:21
smoser	ie, download of server iso	16:21
teward	smoser: was there a reason that Apache is included by default on cloud and d-i media?	16:21
jrwren	teward: its not.	16:22
teward	then i'm confused	16:22
teward	because people are apparently installing nginx on new things and getting Apache conflicts	16:22
teward	because port 80 can't be bound to, so postinst fails	16:22
teward	and this is brand new with something in 15.04	16:22
teward	'cause no others have that problem	16:22
jrwren	yes, that is true, you can apt-get install apache2 nginx and both packages will install and boht default to port 80 and conflict.	16:23
smoser	it wouldnt surprise me if a provider of a vps made an install that had apache installed.	16:23
teward	I know some VPS providers roll it out and are a pita	16:23
jrwren	one would have to install both packages.	16:23
teward	smoser: i know that RamNode does that and I've already thrown a wrench at them	16:23
teward	jrwren: or have Apache preinstalled - which AFAICT appears to be the case	16:23
teward	based on these apt logs i keep looking at	16:23
teward	(in the bugs)	16:23
teward	the trouble is, there's no usable debug info in the 'fail to install' reports, because the systemd logs and other logs aren't included with the bugs	16:24
jrwren	teward: maybe for their tasksel. its certainly not preinstalled on cloud-image or -server install	16:24
teward	so it ends up with 10 or 15 Incomplete bugs because we need more info	16:24
smoser	well, ideally you put apport hooks into nginx	16:24
smoser	and then tell people to run 'apport-collect' or 'ubuntu-bug'	16:24
teward	smoser: i have yet to find detailed documentation for that or a useful resource	16:24
smoser	and it collects installed packages and such.	16:24
teward	smoser: it already does that stuff, i need a new hook to grab data from other commands	16:25
teward	where's one of thsoe bugs...	16:25
teward	we also need translators 'cause i can't read anything but english >.<	16:25
smoser	https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1462530	16:25
smoser	that was filed via 'ubuntu-bug linux'.	16:26
teward	smoser: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1447294 <-- example of a post-installation failure bug	16:26
smoser	it collects up all thatCRDA, CurrentDmesg...	16:26
jrwren	IMO we should encourage VPS providers to use cloud-image and join CPC	16:26
teward	what it needs to pull is the `journalctl -xe` output, and/or the `systemctl status nginx.service` data	16:26
teward	smoser: and I can't find how to force such apport hooks	16:26
smoser	oh. i see.	16:26
teward	smoser: several of these're nonstandard configurations or a likely Apache conflict	16:27
smoser	i dont really know how you'd get that.	16:27
teward	smoser: nor do I, hence my question about Apache	16:27
teward	most of these're caused by something listening on port 80	16:27
smoser	i'm sure pitti would know.	16:27
teward	otherwise it'd be a bigger fireball in the dpkg logs and such	16:27
teward	'cause this kind of stuff ain't useful:	16:28
teward	Apr 22 14:24:32 hostname systemd[1]: Failed to start A high performance web server and a reverse proxy server.	16:28
teward	Apr 22 14:24:32 hostname systemd[1]: nginx.service failed.	16:28
teward	^ E: Not Useful	16:28
smoser	yeah, that' seem like you could get better info.	16:29
teward	smoser: and alas: that's all systemd gives you	16:29
teward	it actually says "Please check [other commands]"	16:29
teward	so i'm about ready to take systemd and throw it into /dev/null	16:29
jrwren	i miss /var/log/upstart/ logs of stdout and stderr	16:29
teward	https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1471713 <-- THIS is a clear "Won't Fix" or "Invalid"	16:30
teward	and a clear evidence of the issue of apache conflicting	16:30
teward	smoser: short of me modifying the postinst script to (a) check if the Apache service exists, and if it does stop Apache, or (b) check if port 80 is open or not, that's not a fixable bug	16:32
teward	and can have unintended other hell if you just need to install nginx to run it on a different port (i.e. could take down a production web server)	16:33
jrwren	or nginx conflicts apache2 deb, which would be terrible.	16:33
teward	jrwren: indeed, and that's an unacceptable option	16:33
teward	one i refuse to touch	16:33
teward	s/touch/use/	16:34
jrwren	i use nginx on 81 and apache on 80 and much crazy proxying :)	16:34
teward	so either we need apport hooks to call in the data from those other commands that it's saying to include, or I have to flesch out the postinst scripts and cause undesired behavior with Apache being installed on the system	16:34
teward	jrwren: i use nginx on multiple ports, and also Apache on others, so as I said, it'd cause potentially undesired behavior.	16:34
teward	but the postinst script could check if port 80 is bound to, and if it is, just not start nginx	16:35
teward	and make a note saying "Check what's listening on port 80, or have nginx listen on a different port, before starting the service/"	16:35
jrwren	do we have any other cases of services in main which don't deb conflict and use the same ports by default? I'd guess no.	16:35
teward	jrwren: in main? probably not.	16:35
jrwren	right, I think that is a great solution.	16:35
teward	but lighttpd comes to mind if we expand to Universe	16:35
teward	jrwren: i'd be lucky to be able to get that in as an SRU though, but it could be an SRU to prevent fail-to-install-due-to-port-80 binds and such	16:36
jrwren	exim, postfix, sendmail, likely all conflict with each other. various identds various ntpds	16:36
teward	mhm	16:36
teward	what tools exist in a default plain install to test if ports are bound to?	16:37
teward	netstat? (yes I know it's old)	16:37
jrwren	lsof maybe?	16:37
smoser	python ? perl ?	16:40
smoser	twethe issue though, is that:	16:40
smoser	'apt-get install service'	16:40
smoser	on ubuntu should result in that service running	16:40
smoser	and if it doesnt, then that is arguably a bug.	16:40
smoser	ie, fixing your behavior to "do not fail install if i can't bind to port 80" is arguably creating a bug.	16:41
smoser	teward, ^	16:41
teward	smoser: agreed, and neither of my options are desirable	16:42
teward	smoser: ultimately, though, the bug report would have more details	16:42
smoser	right. and a useful ereror message to the user.	16:42
teward	so we can "Invalid" half the bugs and provide "Find the conflicting port binding program"	16:42
teward	as a workaround	16:42
jrwren	teward: /proc/*/net/tcp and translate the hex port :)	16:42
teward	PART of that is apport hooks	16:42
teward	unrelated: does the cloud team or otherwise provide openvz images or no?	16:43
teward	smoser: i assume pitti's the go-to for apport hooks?	16:44
teward	jrwren: LOL	16:46
jrwren	teward: hey, it works well. cat /proc/*/net/tcp \| grep :0050	16:47
smoser	teward, yeah, i'd start there.	16:48
teward	smoser: if apport hooks won't work, then something in the postinst script to check if port 80 is bound anywhere, and exit with an actually meaningful error to stdout and such might be more useful than just 'passing' over the error	16:48
smoser	jrwren, http://www.smallo.ruhr.de/award.html	16:48
teward	and i'd rather NOT have to have an apache2 conflicts, because then people using both simultaneously get mad	16:49
smoser	just because :)	16:49
smoser	well, you may have thought of this, but one solution might be to give someone a package that does not (by design) start the service.	16:49
smoser	so:	16:50
smoser	apt-get install nginx	16:50
smoser	starts the service or fails as espected	16:50
smoser	apt-get install nginx-manual	16:50
smoser	does not	16:50
smoser	i	16:50
teward	smoser: we'd have to replicate 4 binaries then	16:50
smoser	yeah, i'm sure you've thought of a lot of this stuff.	16:50
teward	nginx-core-manual nginx-light-manual nginx-extras-manual nginx-full-manual	16:50
teward	and that makes a HUGE delta from Debian	16:50
teward	which we're actually trying to reduce xD	16:50
smoser	why are these not debian bugs ?	16:51
teward	smoser: because people use sane Debian images?	16:51
jrwren	smoser: yes, I know :) thanks for calling me out on it	16:51
teward	smoser: i can't answer why they aren't but still	16:51
smoser	well, its still a bug that you get crap failure out of out of 'apt-get install'	16:51
teward	smoser: right, in either case	16:51
teward	and i could create a replica situation by installing APache in Debian and see if I can reproduce the problem	16:52
teward	(there, though, there's no apport hooks, so a bug report would contain 0 useful infromaiton compared to mildly useful info)	16:52
teward	i know the problem - `ubuntu-bug` is too user friendly. loljk	16:52
ash_m	if my default ssh config doesn't have a AllowTcpForwarding line, should I still write one to set it to no?	16:52
teward	smoser: the other issue with a -manual package would be that it too needs a main promotion - which of course is a separate review	16:57
smoser	binary main promotions are not really a problem	16:57
smoser	ie, from same source.	16:58
teward	mmm	16:58
Kully3xf	how can I pass in text into a script	17:24
Kully3xf	like if the script asks "how many servers" when ran, how can I include that information in the command	17:25
brett__	Anyone using Trusty as a Samba PDC to set temporary password for new users which they must change at their first login?	17:28
lamont	no password stuff here, it's just a fileshare	17:29
tarpman	brett__: i'm running a samba classic PDC (not AD) with openldap as backend, not sure whether that's relevant for you	17:30
coreycb	jamespage, I must need an sbuild config change b/c currently it doesn't fail the build if a dep is in universe.	17:32
brett__	tarpman: I really appreciate the response! We're presently using tdbsam as a backend, but I'd love to know what mechanism you are using to force users to change their passwords. I'm an LDAP idiot and don't know if there are tools baked in for this or if you use PAM or something else...?	17:32
tarpman	brett__: I force a password change by setting "sambaPwdLastSet: 0" in the LDAP database. you could probably do a similar thing against tdbsam using pdbedit...	17:33
brett__	tarpman: Huh.We used to use "net sam set pwdmustchangenow <USER> yes" and I've seen references to "sambaPwdLastSet" but wasn't sure it would work with Samba4. I'll give it a try! Thank you mucho!	17:35
lucidguy	bekks: thanks	17:35
tarpman	brett__: sambaPwdLastSet is specific to the samba3-openldap schema, I have no idea what the equivalent is in a samba4 world, sorry	17:36
brett__	tarpman: No problem, like I said I'm grateful for the hint anyway. In #samba I was directed to samba-tools but that appears to be very AS focused. Anyway, thanks again for the suggestion!	17:38
sarnold	Kully3xf: most scripts that accept input do so on standard input, so you cna do something like "echo 10 \| ./script" and it'll supply the 10 to standard input	17:51
Kully3xf	cool thanks	17:51
coreycb	jamespage, testing is done and complete on precise icehouse proposed for 2014.1.5	18:19
ash_m	if my default ssh config doesn't have a AllowTcpForwarding line, should I still write one to set it to no?	18:36
Tzunamii	yes, the default is 'yes'	19:09
Seveas	ash_m: the default is on.	19:36
Seveas	so no need to set it	19:36
Seveas	ah, I misread 'no?' as 'on?'. Yes, you need to write an AllowTcpForwarding line to disable it :)	19:37
Tzunamii	>.<	19:37
Tzunamii	Already answered that	19:37
jamespage	coreycb, awesome-o	19:38
ash_m	Seveas: thanks :)	19:41
=== DenBeiren is now known as zz_DenBeiren
coreycb	jamespage, new proposal for ceilometer - https://code.launchpad.net/~corey.bryant/ubuntu/+source/ceilometer/+git/ceilometer/+ref/master	20:02
=== markthomas is now known as markthomas\|away
ash_m	I'm not sure how this works. eth0, eth1... are interfaces right?	20:10
ash_m	is there a command to show which adpater each interface uses?	20:11
cryptodan_laptop	ash_m: yes "sudo ifconfig"	20:16
ash_m	cryptodan_laptop: I see... I can't ssh to my vbox for some reason :(	20:17
ash_m	cryptodan_laptop: (thanks)	20:17
cryptodan_laptop	ash_m: is your vbox using bridged or nat?	20:24
ash_m	NAT	20:24
teward	ash_m: you need to set up the NAT rules to allow 22 in over the NAT to the specific VM	20:25
cryptodan_laptop	ash_m: use bridge so it can get an IP from the router or dhcp pool	20:25
teward	cryptodan_laptop: alternatively they can change the NAT	20:25
teward	nat rules*	20:25
ash_m	teward: I set up a host only adapter and configured the network config file on the server	20:26
ash_m	teward: I can ping that adapter at least.	20:26
teward	ash_m: i meant at VBox	20:27
teward	not on the 'server'	20:27
cryptodan_laptop	Id recommend switching to bridged its much easier	20:27
ash_m	teward: yeah, I have a host-only adapter on vbox	20:27
teward	ash_m: is the host-only adapter on the host added to the server?	20:27
teward	and did you update the IPs there?	20:27
teward	and did you install openssh-server?	20:27
ash_m	teward: I've installed openssh-server and I've configured /etc/network/interfaces	20:28
jamespage	coreycb, problem with ceilometer	20:28
jamespage	"ceilometer.tests.publisher.test_kafka_broker_publisher" errors with an import error; but testr just ignores those	20:28
jamespage	the kafka patch might need some updating	20:29
coreycb	jamespage, hmm ok I'll look. not sure why it worked for me.	20:31
jamespage	coreycb, it builds fine - just skips the unit tests	20:31
jamespage	Ran 0 tests in 2.546s	20:32
jamespage	\o/	20:32
coreycb	jamespage, oh shoot	20:32
coreycb	jamespage, technically that's 100% success	20:33
jamespage	ha	20:36
ash_m	teward: any ideas on what to troubleshoot :(	20:46
ash_m	?*	20:46
=== markthomas\|away is now known as markthomas
erkburgles	enough messing around, straightforward question possibly no answer-how in the hell do i free my photos from the maximum security osx prison and import them to ubuntu	22:29
erkburgles	particularly speaking of IPHOTO	22:30
=== erkburgles is now known as bbroadstone
axisys	to upgrade from 10.04.04 LTS do I just run do-release-upgrade ?	23:36
bekks	!eolupgrade \| axisys	23:37
ubottu	axisys: End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades	23:37
sarnold	axisys: yes, note this bug might bite you once you're up and running https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1472378	23:38
axisys	sarnold: I dont have any web server running	23:39
axisys	sarnold: thanks for the link tho	23:41
axisys	I guess I will need two upgrade to get the latest LTS?	23:43
axisys	this is ubuntu server	23:43
axisys	I guess reboot (before start, just in case); apt-get update; apt-get dist-upgrade; reboot; do-release-upgrade?	23:44
sarnold	axisys: yeah, you're two releases behind; your plan for updating to trusty makes sense to me	23:47
sarnold	axisys: the ca-certificates issue will actually affect ssl/tls connections that your server initiates; I don't think it'll matter to a web server...	23:47
axisys	sarnold: I am mostly using ssh ..	23:49
axisys	this is a jumpstation I am upgrading	23:50
sarnold	nice, then it's unlikely to matter much :)	23:50
sarnold	besides, the precise->trusty upgrade may fix it all up anyhow	23:50
axisys	will kick it in 10 mins	23:50
sarnold	do you have console access to the system? updates ought to work but it's always nice to make sure you've got a backup mechanism to log in	23:51
axisys	so reboot -> apt-get update ; apt-get dist-upgrade; reboot -> apt-get install update-manager-core; do-release-upgrade ?	23:51
axisys	sarnold: ^	23:52
axisys	and update-manager I guess	23:52
sarnold	axisys: sounds good to me	23:52
axisys	do I need to upgrade the sources.list file too? that seems odd	23:54
sarnold	do-release-upgrade ought to handle that	23:56
axisys	cool.. kicking it in 3 mins	23:57

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!