=== markthomas|away is now known as markthomas
=== med_ is now known as Guest471
=== Lcawte|Away is now known as Lcawte
=== Lcawte is now known as Lcawte|Away
=== med_ is now known as Guest61394
[07:29] <lordievader> Good morning.
=== ochoroch1 is now known as ochoroch
=== [1]badabum18 is now known as badabum18
[10:38] <jamespage> zul, jdstrand: is it possible to put the libvirt templates generates for instances into complain mode? trying to generate some updates for using hugepage memory
=== kickinz1 is now known as kickinz1|lunch
[12:20] <zul> jamespage: yes but i forgot how
=== kickinz1|lunch is now known as kickinz1
[13:12] <jdstrand> jamespage: yes, modify /etc/apparmor.d/libvirt/TEMPLATE.qemu to have "profile LIBVIRT_TEMPLATE flags=(complain) {"
[13:12] <jamespage> jdstrand, awesome - thankyou
[13:26] <jdstrand> np
[13:37] <jamespage> jdstrand, I've probably learn't and forgetten this already but is there a nice way to parse the complain entires into an profile update?
[13:51] <jdstrand> jamespage: there is a program called aa-logprof, yes, but it isn't smart enough to know to update the template and it may have trouble finding the vm profile in /etc/apparmor.d/libvirt
[13:51] <jdstrand> jamespage: if you were keen on doing that, you could try passing the '-d' directive to logprof, then do a diff between the template and the profile
[13:52] <jdstrand> but, handcrafted in this case is probably faster
[13:52] <jamespage> jdstrand, ack
[13:53] <jamespage> jdstrand, and do we have a nice mechanism for providing local profile updates for the generated profiles?
[13:53] <jamespage> I was trying to figure it out but got stuck...
[13:55] <jdstrand> jamespage: if you want all VMs to pick up the change, you can modify /etc/apparmor.d/abstractions/libvirt-qemu. if you want only a single vm to have the change, you can modify /etc/apparmor.d/libvirt/libvirt-<domain uuid> (note, *not* the one with the .files extension)
[13:55] <jamespage> jdstrand, ok - ta
[13:55] <jdstrand> np
[13:56] <jdstrand> jamespage: I think you're set now, but fyi, http://wiki.apparmor.net/index.php/Libvirt
[13:56] <jdstrand> I see it needs a couple updates
[13:57]  * jdstrand does so
[14:20] <jamespage> jdstrand, how does that look - http://paste.ubuntu.com/12071349/ ?
[14:20] <jamespage> I suspect the top two rules are generically applicable - the third is dependency on where hugepages gets mounted
[14:22] <jdstrand> the rules are written well for the denials. however, I think they are too lenient
[14:23] <jdstrand> so, qemu only complained about the dir for cpu, so this might be better:
[14:24] <jdstrand> /sys/devices/system/cpu/ r,
[14:24] <jdstrand> I think this would be better for node:
[14:24] <jdstrand> /sys/devices/system/node/ r,
[14:25] <jdstrand> /sys/devices/system/node/node[0-9]*/** r,
[14:25] <jdstrand> actually, even better
[14:25] <jdstrand> /sys/devices/system/node/node[0-9]*/meminfo r,
[14:26] <jdstrand> as for the hugepages mount point,  there is already this rule in libvirt-qemu:
[14:26] <jdstrand> owner "/run/hugepages/kvm/libvirt/qemu/**" rw,
[14:26] <jdstrand> it that not enough? (I feel there was a bug on this)
[14:27] <jdstrand> https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1001584
[14:27] <ubottu> Launchpad bug 1001584 in libvirt (Ubuntu) "libvirt-bin support for hugepages: apparmor needs a rule for hugetlbfs" [Medium,Expired]
[14:28] <jdstrand> https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1250216
[14:28] <ubottu> Launchpad bug 1250216 in libvirt (Ubuntu Saucy) "apparmor policy prevents using hugepages" [High,Fix released]
[14:29] <jdstrand> that last bug suggests that virt-aa-helper should be updated to generate the paths. is the mountpoint expressed in the domain xml?
[14:29] <jdstrand> jamespage: ^^
[14:29] <jamespage> jdstrand, reading
[14:32] <jdstrand> jamespage: here is a cleaned up summary of the above: http://paste.ubuntu.com/12071434/
[14:35] <jamespage> jdstrand, thanks
[14:36] <jamespage> jdstrand, so for the owner "/run/hugepages/kvm/libvirt/qemu/**" rw, bit, I just need to make sure that hugepages is being mounted in the correct location I think
[14:36] <jdstrand> right, that is what I was thinking
[14:36] <jamespage> # /run/hugepages/kvm/
[14:38] <jdstrand> I don't know what the domain xml looks liek for hugepages, but if it says where they are mounted, then virt-aa-helper (the thing that stitches together the template, the uuid and uuid.files files) can be made to add the paths to the .files file automatically
[14:38] <jdstrand> if it isn't in the domain xml, it would require a bit more work I think
[18:00] <Kgirthofer> so someh ow I created a file called \
[18:00] <Kgirthofer> how do I delete it
[18:00] <Kgirthofer> when I put it in rm it just says missing operand
[18:01] <Kgirthofer> n.m
[18:01] <Kgirthofer> rm \\
[18:01] <Kgirthofer> :)
[18:35] <fellayaboy> whats the new package for dhcp server...i tried sudo apt-get install isc-dhcp-server on ubuntu server 15.04 but says cant find package..also tried sudo apt-cache search dhcp didnt find anything about server
[18:41] <qman__> fellayaboy: http://packages.ubuntu.com/vivid/isc-dhcp-server
[18:41] <qman__> your sources must not be correct
[18:41] <fellayaboy> think i need to do apt-get update
[18:42] <fellayaboy> let me also check apt/sources.list
[18:45] <fellayaboy> thanks qman that solved it
[19:10] <Danskmand> Howdy :-) - I want to install syslog-ng on my servers using puppet....Now I see that syslog-ng has a open bug with this since ano 2006 - cannot install syslog-ng because it has unmet dependencies ( syslog-ng : Depends: syslog-ng-core (>= 3.5.3), ....)
[19:10] <Danskmand>  I can install syslog-ng by first installing syslog-ng-core and then install syslog-ng. But thats not easy in puppet....
[19:12] <sarnold> Danskmand: how are you trying to install it? apt-get install <foo> ought to handle all the deps for you without trouble.
[19:14] <Danskmand> sarnold: Yeah, I know - but running "apt-get install syslog-ng" results in "The following packages have unmet dependencies:"
[19:14] <Danskmand> "
[19:16] <Danskmand>  "syslog-ng : Depends: syslog-ng-core (>= 3.5.3)"
[19:16] <Danskmand> (3 more depends, 5 recommends)
[19:16] <Danskmand> e: Unable to correct problems, you have held broken packages
[19:17] <sarnold> that's interesting, never seen that before
[19:17] <sarnold> try this: dpkg --get-selections | grep -v install
[19:19] <Danskmand> When I then do a "apt-get install syslog-ng-core" it installs that and when I then repeat the "apt-get install syslog-ng" it installs without a problem !
[19:19] <Danskmand> So it is really that syslog-ng-core ,,,,
[19:20] <Danskmand> The .v results into - nothing -
[19:22] <sarnold> hmm. I don't have any held packages on my systems, I assumed the 'install' would go away if it were held.. maybe try dpkg --get-selections | grep held   or | grep hold  ?
[19:23] <Danskmand> Yeah, - nothing -
[19:30] <Danskmand> OKay....have installed a new ubuntu-Server as a vm @ home and run "apt-get install syslog-ng" - there it will install is without any problems ! - the new system is on 15.04 - the problem-server is on 14.04 LTS....
[19:30] <sarnold> I suspect a brand-new 14.04 would also work fine, there's something strange on your existing system..
[19:36] <Danskmand> I see theres a 14.04.3 release - how can I find out the release I am running down to the "3"-number ?
[19:37] <Danskmand> Forget it - I overread it - I have a 14.04.1 release running...
[19:38] <Danskmand> How do I upgrade to 14.04.3 release ?
[19:39] <OerHeks> sudo apt update && sudo apt full-upgrade
[19:39] <sarnold> Danskmand: full details here https://wiki.ubuntu.com/Kernel/LTSEnablementStack
[19:40] <Danskmand> I just dont wann upgrade away from the LTS-release...
[19:41] <sarnold> the 14.04.1 kernel will be supported for the full five years; if you upgrade to 14.04.3 you'll need to upgrade to the 14.04.5 kernel in august 2016.
[19:44] <Danskmand> Hmm....okay, so upgrading is not the solution if I dont wanna loose the LTS and wanna solve my problem....
[19:45] <sarnold> just keep running apt-get update && apt-get -u dist-upgrade on a regular basis
=== zerick_ is now known as zerick
[20:03] <Danskmand> Running the apt-get dist-upgrade looks to me like I will leave the LTS-path....
[20:03] <Danskmand> Which I cannot...
[20:06] <sarnold> the usual 'upgrade' command refuses to install new packages, which means e.g. kernel updates never happen. dist-upgrade can install new packages, so you'll get new kernel packages. it only changes the actual distribution if you modify the 'trusty' to 'vivid' or 'wily' in your /etc/apt/sources* files
=== markthomas is now known as markthomas|away
[20:12] <Danskmand> Okay...running dist-upgrade right now....
[20:12] <Danskmand> Lets hope we have a server afterwards....
[20:13] <Danskmand> We have a problem with our servers hdd-controller of some kind...
[20:13] <sarnold> you should, i've run apt-get dist-upgrade a few thousand times in 15 years and only had two or three problems, back in the days when I ran debian unstable, and that kind of thing was expected. :)
[20:14] <Danskmand> Yeah, and I can still choose the old kernel at boot...
[20:16] <Danskmand> Its a known problewm with the hp....380 Servers...
[20:26] <Danskmand> Ooops ! - No more system I think !
[20:28] <Danskmand> "Gave up waiting for root device. common problems: .........
=== medz is now known as samsn
[20:29] <Danskmand> ALERT! /dev/disk/by-uuid/add.........many numbers does not exist. Dropping to a shell!
[20:29] <Danskmand> samold:
[20:30] <sarnold> Danskmand: did you need to build an out-of-tree kernel module to mount your storage array?
[20:30] <Danskmand> NOw my prompt is "initramfs".....
[20:30] <Danskmand> Hmmm...dont know - wasnt there when it was built.....
[20:31] <sarnold> Danskmand: maybe you need to rebuild your initramfs with a specific kernel module to allow mounting the array?
[20:31] <Danskmand> I am running on a Busybox right now...
[20:32] <Danskmand> Doing a reset right now....
[20:33] <Danskmand> HP proliant...
[20:35] <Danskmand> Smart array b320 i controller...
[20:37] <Danskmand> ata6: ATA4: Sata link down (SStatus 0 SControl 300)
[20:38] <Danskmand> Gave up waiting for root device.
[20:38] <Danskmand> So now I think I know what I should not have done to that server !!!!!!
[20:39] <Danskmand> Sh**.....Can you help me on this ?
[20:39] <Danskmand> Please ?
[20:39] <sarnold> you need to install kernel updates; there's just no way around that. You've got to figure out how to make that system reliable enough to reboot whenever you need with a new kernel.
[20:41] <Danskmand> So in other words, the system is wrecked now - I need to reinstall ....
[20:41] <Danskmand> No way back, right ?
[20:41] <sarnold> i'm sure there's a way forward
[20:41] <sarnold> i've just never had one of those machines
[20:42] <sarnold> there's a note that the dynamic smart array needs to be disabled on one specfic generation, but I don't know if that's something that would affect you or not http://www.ubuntu.com/certification/hardware/201401-14512/
=== Guest61394 is now known as med_
[21:04] <Danskmand> So....Now I booted from the old kernel....and it works....
=== markthomas|away is now known as markthomas
[21:45] <tobyj> having trouble with networking in an ubuntu server vm. I just added a new eth adapter, the system is detecting it but I can't bring it up
[21:45] <tobyj> http://puu.sh/jAxgQ/619c45f8e6.png this is some of the output from lshw -C network
[21:56] <tobyj> ...problem solved
[22:14] <Danskmand> Samold:  You still here ?
[22:16] <Danskmand> Of course - I have just that one server that has this problem with the smart-array controller ....
[22:17] <Danskmand> A HP proliant DL360e gen8....