/srv/irclogs.ubuntu.com/2015/07/27/#ubuntu-server.txt

a1fahas anybody noticed random high ports being open (or at least randomly responding) with no tcp listeners?01:49
a1fa$ nmap localhost -p 0-6553501:49
a1fa40424/tcp open  unknown01:49
a1fa41820/tcp open  unknown01:49
a1fa...01:50
a1fa59865/tcp open  unknown01:50
a1fagoofy... whatever is causing it (tested on fresh build/air gap)01:51
a1faand it only happens if a non priviledged user does a port scan01:52
a1facan anyone else confirm the same behaviour? as a non root user run nmap localhost -p 0-6553502:00
a1faseveral times in a row02:00
tewarda1fa: any specific OS you want tested, or just any Ubuntu?02:02
a1fa15.04 or 14.0402:03
a1fa14.04.0202:03
a1faand 15.04 with 3.19.0-24-generic02:03
tewardstupid question but02:03
tewardyou wouldn't happen to have dhcp on your network would you?02:03
teward(dhclient might be listening on random high ports for DHCP changes and such)02:04
a1fai do02:06
tewardi can replicate the behavior on wily, but only insomuchas there's only one open port02:06
tewarda random high tcp port on my side02:06
tewardand only one02:06
tewardmultiple UDP ports are 'listened' on by dhclient02:07
a1faodd02:08
tewardand i just saw one with a few high number random TCP ports open02:08
tewardbut the next scan they're gone02:08
a1fait only happens with non-root user02:09
tewardwhich makes me think they're destructible connections - since high ports are usually used for client-initiated TCP02:09
tewardand nmap needs those too iirc02:09
a1fai did see S/Ack on tcpdump02:09
a1faso forwhatever reason, something answered, followed by RST02:10
a1fajust tested the same thing on a chromebook, same behaviour02:10
tewardlemme start up my CentOS box02:11
tewardand see if it's replicated there too02:12
tewardmy guess is it's standard stuff happening02:12
patdk-lapdoesn't happen for me at all, on 14.04.202:14
patdk-lapyou didn't happen to *run out* of available ports did you?02:14
tewardi'll spin up my ubuntu server vm to test in a moment02:14
patdk-lapcycling through them too fast, in time-wait02:14
patdk-laphmm, atleast with *that* nmap command, they aren't going to time-wait, cause they aren't full tcp session test02:15
a1fapatdk-lap: thats what i was thinking.. but i saw a s/ack02:15
patdk-lapcould be hundreds of reasons02:16
patdk-lapdepending on what you have installed02:16
a1fabase02:16
patdk-lapI know I only install minimal-installs so02:16
patdk-lapdon't know what base is02:16
a1fabasically nothing besides what comes on a default install02:17
patdk-lapya, I never install that *much*02:17
a1fathe odd thing is, its doing it on the chromebook too02:17
a1farunning chromeos+14.04.0202:18
patdk-lapabout 30, nmap runs now02:18
patdk-lapand always the same 3 ports, of stuff I have running02:18
patdk-lapssh/http/munin02:18
tewarddhclient gets involved a little at some point02:18
a1farunning as non root user, right?02:18
tewardcentos can't replicate this02:18
patdk-lapoh non root? that will ahve other things02:18
a1fawhat kernel version teward02:19
tewarda1fa: for...?02:19
a1facentos02:19
tewardcentos?  you're 30 seconds slow i already powered off the VM02:19
a1fa:P02:19
tewardi'll tell you after i test on my Trusty VM02:19
a1fak02:19
patdk-lapok, as non-root02:20
patdk-lapit happens, and also happens on rhel702:21
a1faits worth looking into it, and maybe opening a bug02:21
patdk-lapwhy?02:21
patdk-lapso far it's not worth it at all02:21
a1fait's not supposed to ack back at all02:22
tewardran nmap 5 times and it started to show open ports locally02:22
tewardin rapid succession02:22
tewardotherwise it wasn't giving any ports (14.04)02:22
patdk-lapnmap just acts funky when you don't use it as root02:22
tewardmhm02:22
patdk-lapcause it can't use raw sockets02:22
patdk-lapso it attempts to do the best it can02:23
a1fapatdk-lap: but the system responds back with s/ack on those prots02:23
a1faconfirmed with tcpdump. on both loopback and actual interface ip02:23
patdk-lapboth use loopback interface02:24
patdk-lapwhat happens if you use a remote ip?02:24
a1fano ports show up02:24
a1fai'll do some more work tomorrow to debug it02:25
a1fathanks for confirming02:27
PryMar56on a new install of Vivid server, my `systemd-analyze time` shows too much kernel time (>20s). Anyway to improve this?02:30
PryMar56^ kernel time should be about 5s02:30
=== markthomas|away is now known as markthomas
gmaciolekWhat are people using for centralized update management these days?05:12
gmaciolekI assume Landscape is an option; are there FOSS things that are worth trying?05:12
=== frickler_ is now known as frickler
=== markthomas is now known as markthomas|away
lordievaderGood morning.06:56
ObrienDaveo/06:57
mobile3anyone ?07:04
lordievadermobile3: ?07:05
mobile3Can you help me with Webuzo Control Panel on VPS ?07:06
mobile3Ubuntu 14.04 x6407:06
lordievaderAh, no. But do ask your questions.07:06
* ObrienDave does not want to know what webuzo is ;P07:06
lordievaderObrienDave: No adventure in the early morning?07:08
ObrienDavegetting close to sleepy time :)07:08
mobile3I have been given 4 IP , while installing webuzo 1 IP got bonded to it... I have placed index.php file in public_html folder... when I am accessing via bonded IP , I am able to get correct index.php file but with all other 3 IP , I am getting different things..07:08
mobile3What to do so that I can get the same index.php file from all of my IP ??07:09
lordievaderVhost configuration?07:09
OerHekseasy to add an extra ip to your machine, manually .. http://askubuntu.com/a/31388707:10
lordievadermobile3: Who set up the Web server?07:10
mobile3lordievader: they gave me with Ubuntu 14.04 x607:11
mobile3minimal installed07:11
mobile3I changed it to Ubuntu 14.04 x6407:11
lordievadermobile3: So you control the Web server config?07:12
mobile3ya I can...07:13
mobile3How to solve this problem ?07:14
lordievadermobile3: Check the vhost configuration.07:14
mobile3how  ?07:14
lordievaderBy reading the configuration/07:15
lordievadermobile3: Step 4 in this tutorial shows how vhosts are configured: https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-14-04-lts07:15
lordievaderIn that particular case it is any incoming request on port 80.07:16
mobile3not such file    /etc/apache2/sites-available/000-default.conf07:21
mobile3in my server07:21
lordievadermobile3: What is in /etc/apache2/sites-available?07:22
mobile3No apache2 folder07:22
lordievadermobile3: What Web server are you using to serve your control panel?07:25
mobile3Ubuntu 14.04 x64    ....        Webuzo  Control Panel07:26
lordievadermobile3: That is not a Web server.07:26
mobile3Apache07:27
mobile3lordievader : Apache Version : 2.2.2907:28
lordievaderBut you have no /etc/apache2? Where is your Apache coming from?07:28
mobile3I don't know !07:29
lordievadermobile3: What is the output of 'apt-cache policy apache2'?07:30
mobile3apache2:   Installed: (none)   Candidate: 2.4.7-1ubuntu4.4   Version table:      2.4.7-1ubuntu4.4 0         500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages         500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64 Packages      2.4.7-1ubuntu4 0         500 http://archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages07:30
lordievaderFor in the future07:31
lordievader!paste | mobile307:31
ubottumobile3: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.07:31
lordievadermobile3: That is not installed... Is Apache coming from outside of the repo?07:32
mobile3I don't know...07:33
lordievadermobile3: What is the output of 'whereis apache2'?07:34
mobile3whereis apache2 apache2:07:34
lordievaderHuh? How did you just get the version information?07:37
mobile3lordievader :http://www.awesomescreenshot.com/image/436540/dcbc63865c203be5ee4bce22fa8caea707:44
lordievaderUgh, does that thing do its own software installation?07:45
neonixcoderI am upgrading 10.04 to 12.04 but middle of upgrade my system reboots..07:45
neonixcoderWhen checked system logs it states that "locale: /lib/libc.so.6: version `GLIBC_2.15' not found (required by locale)"07:46
neonixcoderMy present glibc version is 2.11..07:46
neonixcoderany suggetions?07:46
mobile3lordievader : may be but I don't know07:47
jellyneonixcoder: verify versions of libc6, libc-bin and locales packages.  Make sure they match by installing and/or configuring them manually if needed, then finish your release upgrade.07:50
jellyneonixcoder: newer versions of .deb package files will have been downloaded into /var/cache/apt/archives/07:51
neonixcoderok?07:52
neonixcoderThanks for your reply..07:52
neonixcoderjelly: when I checked with apt-cache policy for libc6 and libc-bin it shows installed is 2.11 and candidate is 2.15. But for locales it shows installed and candidate as 2.1107:54
neonixcoderAny thoughts on this?07:54
mobile3lordievader : are you there ?07:54
AmilloHey guys, if I nslookup my zone 'test.co.uk' and it returns the server as a loopback does this mean I've configured something wrong?07:55
jellyneonixcoder: both of those are unusual for 12.04.  My 12.04 installation has locales:  Installed: 2.13+git20120306-3  Candidate: 2.13+git20120306-307:55
lordievadermobile3: Still here, just busy. Anyhow I get the feeling it does install its own packages. I have no idea how, why or where. So I really cannot help you.07:55
neonixcoderjelly: I am still on 10.04 machine..07:56
mobile3lordievader : okay07:56
neonixcoderI am upgrading from 10.04 to 12.0407:56
lordievaderneonixcoder: Restart the upgrade?07:57
jellyneonixcoder: pastebin the output of "apt-cache policy" and "apt-cache policy libc6 libc-bin locales" please07:59
neonixcoderlordievader and jelly: Let me give some background here..07:59
neonixcoderI have some 200 machines need to upgrade from 10.04 to 12.04(Intention is to upgrade to 14.04). I have some test machines where I can upgrade multiple times if something went wrong..08:01
neonixcoderI am going to follow http://askubuntu.com/questions/125742/why-did-my-upgrade-to-12-04-fail-with-glibc-not-found-or-libc6-or-requires08:01
neonixcoderfrom there I install that PPA which is giving me 2.15 versions for libc6 and libc-bin08:02
jellyneonixcoder: oh dear08:02
lordievaderSomewhere that sounds like a bad idea.08:03
tonyyarusso........PPA for libc6?  *grabs popcorn*08:03
jellyneonixcoder: well, good luck with that, I won't be able to help with that mess08:03
neonixcoderOk.. Let me remove that ppa from list then..08:04
neonixcoderI did not try to upgrade it with that PPA, before doing it I want your valuable advice..08:04
lordievaderneonixcoder: Did you install anything from the ppa?08:05
neonixcoderright now no..08:05
neonixcoderJust added it..08:05
lordievaderPhew, doged a bulled.08:05
lordievaderbullet*08:05
* jelly would prefer to the valuable current state of the system before dispensing potentially harmful advice08:05
jellyto see*08:06
neonixcoderjelly: My present policy list is http://pastebin.com/Lugf3j7N08:16
neonixcoderany suggetions?08:16
neonixcoderjelly:Any thoughts on how to proceed with upgrade?08:28
neonixcoderAny suggestions guys?08:33
neonixcoderHow can I upgrade with out glibc issue?08:33
neonixcoderQuick recap.. I removed ppa and given my apt-get cache stuff..08:49
neonixcoderOr can I know which repo provides glibc?08:52
neonixcodergoing home, ping you people tomorrow08:58
=== [BNC]Savemech is now known as Savemech
=== vassie_ is now known as vassie
=== OliPicard_ is now known as OliPicard
=== justizin_ is now known as justizin
=== mwhudson_ is now known as mwhudson
=== yofel_ is now known as yofel
AmilloHey guys - What's the command to read my bind9 error logs, can't seem to find it anyway?11:23
jpdsAmillo: tail -f /var/log/bind9/* ?11:23
jpdsAmillo: tail -f /var/log/syslog ?11:24
jpdsAmillo: Same place most of the other logs are11:24
Amillomy bind9 is failing to restart but my error message doesn't make sense to me11:25
Amilloisc_stdio_option '/var/log/query.log' failed: permission denied11:26
Amillobut I've changed the ownership of that file to bind11:26
AmilloAlso has configuring logging: permission denied11:26
rbasak'/var/log/query.log' sounds wrong to me.11:46
jdstrandmomomo: if all you want are security updates, remove the lines in /etc/apt/sources.list that have '-updates' and then do 'apt-get update'. you will only get updates from the security pocket11:55
=== Dan_ is now known as Guest86431
Guest86431Hey13:09
Guest86431I'm having what I believe might be an issue? - When I do an nslookup from both my slave and master of my zones they are turning loopback addresses as the server - http://i.imgur.com/UZq0Mk9.jpg is this normal? (sorry for blocking stuff out - on a work network don't wanna mess anything up)13:12
=== rcj` is now known as rcj
pmatulis{stick around next time}13:43
=== admcleodafk is now known as admcleod
gmaciolekWow, tis weechat client integrates screenshot links.14:47
gmaciolek*this14:47
gmaciolekSo, I'm wondering, what are people using for centralized update management these days?  (It looks like Landscape is an option. but O14:48
gmaciolek*I'm hoping for FOSS, and ideally a tool that'll work on deb & rpm distros14:48
maswanautomatic updates14:49
teward^ that14:51
tewardbut if you want centralized management of Ubuntu servers, it's Landscape (but that can be expensive)14:51
tewardor puppet or other multisystem management systems14:51
lordievaderPuppet is rather nice.14:52
tewardlordievader: when configured right, yes.14:53
lordievaderTrue, it can be painfull too ;)14:53
OerHekslandscape is up to 10 servers free, no ?14:54
tewardOerHeks: when you set it up on your own system, 10 physical machines, 10 virtual14:55
tewardOerHeks: i use it to manage my VPSes (which get listed on the Virtual category)14:55
tewardproblem is you actually have to set it up, as the 'cloud' one from Canonical needs the Advantage licenses14:56
OerHeksNice, it is indeed good usable for small business14:56
tewardOerHeks: provided there's only 10 physical and 10 virtual machines14:56
garethdaineGuys, how long should it take to wipe and reinstall a fresh Ubuntu server, only running Ubuntu 14.04 x64 on a machine with 16GB RAM?14:56
maswangarethdaine: Mostly depends on the storage and set of installed packages14:58
maswangarethdaine: writeback cache on the storage is a factor 10-10014:58
maswancompared to slow spinning disks without14:59
garethdaineBut it shouldn;t take 4 hours should it?15:00
garethdaineBeing installed by professionals15:00
garethdaineI’ve asked our dedicated host to wipe the server and install only a fresh copy of Ubuntu 14.04 x64 and they are saying it’s 4 hours chargable work15:00
tewardgarethdaine: they probably have to do things at the datacenter to make the revisions - network reconfiguration, configuration for networking, etc.15:01
tewarddepending on what all they ahve to do over at the datacenter it could very well be 4 hours of work for them15:01
tgm4883teward: assuming that it had a previous version of Ubuntu server on there, what else would they need to reconfigure?15:03
garethdaineHmmm, really? Thought it took like 30 minutes to install15:03
rbasak30 minutes within an 80% confidence interval maybe15:03
rbasak(if the hardware isn't Ubuntu certified, etc)15:04
rbasakIf quoting in advance it makes sense to add contingency time, for example if there are driver issues.15:04
rbasakOr if the hardware turns out to be faulty.15:04
rbasakEtc.15:04
tgm4883rbasak: true, I suppose there are a lot of unknowns here15:04
OerHekseven with a dedicated host you should be able to put an image back yourself.15:06
garethdainerbasak: Shouldn’t have faulty hardware, it’s current live server that’s just getting a reinstall15:08
rbasakDisks can have latent errors that only show up when doing big things to them.15:11
rbasakThis is why double RAID failures happen. Because only on attempt to reconstruct does the second disk fail.15:12
garethdaineOK, thanks for the help folks. Should I question the quote I have received and ask them to detail what is taking the 4 hours, or should I just accept that it can take 4 hours?15:17
tewardgarethdaine: i would, but i'm anal about making sure they're not doing extra work15:18
rbasakI would consider what your service costs you overall and what you get for that money, as compared to competitors.15:19
tewardright15:19
tewardgarethdaine: although, if they have to redo the RAID to reinstall that could potentially explain a large time for completion15:19
teward(build the array, verify the array's integrity, etc.)15:19
tewardbut i woudl do that comparison rbasak says as well15:19
tewardAND ask what the 4 hours entails15:20
garethdaineYes, I will do that teward15:23
garethdaineThanks for the help15:25
=== markthomas|away is now known as markthomas
alexandercogneauexit16:24
alexandercogneauexit16:24
Garogathey17:25
Garogatjust have some probs with my dns server17:26
tewardGarogat: 'some probs' is not descriptive17:26
Garogatsry ;)17:26
Garogati got a domain17:26
Garogatslucky.de17:26
Garogatand i wanna use my own dns server17:27
Garogat*servers17:27
tewardlets not forget that enter is not punctuation... ;)17:27
tewardGarogat: i'm followin you so far, so, what's the 'problems'17:27
jrwrenGarogat: https://help.ubuntu.com/lts/serverguide/dns.html may help?17:28
teward^ that too17:28
Garogatfsg-preetz.net and c.ns.buddynd.com, but when im trying to test them with nast from denic its always gving me an error. It's says: inconsistent set if NS rps (IP, Ns host names)17:30
=== ashleyd is now known as ashd
PryMar56new vivd server & boot hangs for 15s before systemd starts: http://paste.ubuntu.net/11949526/17:48
=== Garogat_ is now known as Pommesgabel
blaaaI have issues with disks on a Marvell 88SE9230 controller, under load, especially when writing I suppose, failures occur18:43
blaaaare there known issues with 88SE9230 and LTS kernel 3.13?18:44
dasjoeSeeing issues seems to be the norm with that controller, I experience similar ones18:44
blaaatoo bad... I had not used it so far, but I just recently added two disks18:45
blaaamy board is a Supermicro X10SBA, could have just used a X10SBA-L I suppose18:46
blaaaI'll try to find out if more recent kernels have patches18:46
bilde2910Uh, I've pushed myself into a corner here. My /boot is at 97%. I want to clean it up with apt-get autoremove, but I can't because a few packages (linux-image-extra-3.13.0-55-generic and -59-generic, as well as linux-image-generic) miss some dependencies (linux-image-3.13.0-55-generic and for the latter two -59-generic) and I am recommended to run apt-get -f install to fix these dependency issues. So I do this, and I am told that I cannot19:25
bilde2910install linux-image-3.13.0-59-generic_3.13.0-59.98_amd64.deb because the device is full. No space left on device. I then try apt-get autoremove to free some space, but I get the same errors as before. Running Ubuntu Server 14.04.2 LTS on amd64. Any help?19:25
sarnoldbilde2910: use apt-get purge to manually delete specific packages19:26
bilde2910Just tried that too, and nope, I can't because aforementioned dependencies are not met19:27
sarnoldbilde2910: start deleting the dependencies, too19:27
bilde2910Should I try using -f? Or is that dangerous?19:27
sarnoldbilde2910: you can always re-install the metapackages once you're done19:27
bilde2910I don't really have much experience with Linux and Ubuntu and servers, so I'm not exactly sure which packages should be present and which shouldn't19:28
bilde2910Is it safe to manually delete some of the older ones of these files? http://paste.ubuntu.com/11950111/19:39
sarnoldbilde2910: yeah; if you truncate them instead of delete them, it'll make some deleting steps easier..19:43
sarnoldbilde2910: be sure to keep at least two -- whatever you're currently running, and the newest. if you're running the newest, then keep the next-oldest..19:44
sarnoldor next-newest19:44
* sarnold stops thinking about that before his head hurts19:44
hexaclockanyone know if there's a way to assemble mdadm raid arrays in a particular order?19:45
hexaclocki have a raid60 made up of 2 raid6 arrays19:45
hexaclockanytime that i reboot this box, i need to manually assemble the raid0 array (the underlying raid6 arrays assemble just fine on boot without any intervention)19:46
hexaclocki could always throw something in /etc/rc.local or such, but i'm wondering if there is a cleaner way?19:46
TJ-hexaclock: the arrays are assembled via udevd triggers, so how about a custom rule that assembles the RAiD0 once the 2 underlying arrays are ready19:51
TJ-hexaclock: along the lines of: when a RAID6 is added: 1) if /run/raid6 already exists then assemble the RAID0 and delete /run/raid6, otherwise "touch /run/raid6"19:53
hexaclockawesome, i'll look into it19:54
hexaclockthanks!19:54
TJ-hexaclock: "/lib/udev/rules.d/64-md-raid.rules" might give you some clues on how to recognise the mdadm array is ready; your rule will want to be in "/etc/udev/rules.d/" and have a different number/name than the system mdadm rule to avoid over-riding it19:56
bilde2910sarnold, another question: How do I know which of the files I use? E.g. I have 8 of initrd.img-$version-generic, how do I know which one is the one my system uses?20:05
sarnoldbilde2910: uname -a output20:05
bilde2910Ah, thank you :)20:06
tanukiI have Trusty server running as a headless VM (on another Trusty server machine). A few times now, the VM has spontaneously booted into memtest86+.20:26
tanukiAny idea why?20:27
=== kickinz1 is now known as kickinz1|afk
bekkstanuki: You need to investigate the logs in /var/log/20:41
tanukiParadoxically, the thing that pisses me off is when things *don't* fail (when I want them to).20:48
bekksI dont want things to fail :)20:49
TJ-tanuki: Is there anything non-standard about the server installation, any custom boot-loader configuration, anything unusual about the disk images being provided to the guest by the host?20:49
tanukiTJ-: Not to my knowledge, with the exception of choosing "minimal virtual machine" instead of "minimal system".20:50
tanukibekks: I want things to fail when I need to know why they fail.20:50
TJ-tanuki: there were 2 things I would focus on... is the root file-system image separate to the /boot/ image and if so is the rootfs image present and ready, and if they are, then has grub set a different 'default' boot entry that happens to be the memtest86+ entry in some circumstances.... the only other option I can think is something running in the guest that actively causes a reboot to memtest8620:52
tanukiThis server isn't used for anything, really (basically, it's a development box for things), so I'm tempted to just set up a cron job on the host that checks that sshd is running on the guest and fires off an email otherwise20:54
tanukiI'm more concerned with power consumption than anything else.20:54
=== markthomas is now known as markthomas|away
=== markthomas|away is now known as markthomas
jak2000how to change the linux hostname?22:02
pmatulisjak2000: edit /etc/hostname and /etc/hosts, then reboot. can avoid a reboot with 'sudo sysctl -w kernel.hostname=<hostname>'22:07
pmatulisthe only place where a domain name enters into the mix is in /etc/hosts. everywhere else hostname is just the first part of the FQDN (up to the first dot)22:08
jak2000ok thanks22:09
=== spinza- is now known as spinza
neonixcoderGood day team..23:09
jak2000neonixcoder you worked with tomcat?23:24
neonixcoderjak2000: Yes, not deep in to it..23:25
neonixcoderWhat's up?23:27
jak2000check pm friend23:29
jak2000pls23:29

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!