=== markthomas is now known as markthomas|away | ||
ElevyNJ | I was referred here from #ubuntu i am running Ubuntu Desktop but installed a PPP server on it. My Windows 10 systems can connect but are not getting default routes so they can't get to the internet. I need help resolving this | 03:51 |
---|---|---|
ElevyNJ | I was referred here from #ubuntu i am running Ubuntu Desktop but installed a PPP server on it. My Windows 10 systems can connect but are not getting default routes so they can't get to the internet. I need help resolving this | 04:26 |
emanu_ | I was referred here from #ubuntu i am running Ubuntu Desktop but installed a PPP server on it. My Windows 10 systems can connect but are not getting default routes so they can't get to the internet. I need help resolving this | 04:41 |
ponyofdeath | hi, trying to figure out why after a dist-upgrade to 14.04 for the latest updates it will now not boot my multipath server | 05:07 |
lordievader | Good morning. | 05:48 |
jelly | ponyofdeath: how does it fail? Do you have / on a multipath device? | 06:38 |
jelly | and did you try the usual initramfs debugging stuff | 06:39 |
lordievader | Does it boot a kernel/initramfs? Or does it fail before that? | 06:44 |
=== markthomas|away is now known as markthomas | ||
deepquestions | hi@ll, is there a solution to use the yubikey HMAC-SHA1 in the channelResponse mode under ubuntu?? :) | 07:06 |
=== cipi is now known as CiPi | ||
=== Lcawte|Away is now known as Lcawte | ||
=== Lcawte is now known as Lcawte|Away | ||
=== _ruben_ is now known as _ruben | ||
deepquestions | hi@ll, is there a solution to use the yubikey HMAC-SHA1 in the channelResponse mode under ubuntu?? :) | 09:13 |
OliverUK | Hiya, I have been looking around for a solution but clearly I don't know how to use Google. What should I be looking at to run Windows VMs on a Ubuntu Server host? Thanks in advance | 09:26 |
lordievader | OliverUK: KVM. | 09:28 |
OliverUK | lordievader: Is this the only option? I was looking at KVM and it seemed a pretty steep learning curve | 09:29 |
OliverUK | lordievader: Not a problem though if this is the way to go, I will sit and read :-) | 09:29 |
lordievader | I suppose there are alternatives but I know of KVM that it works very well. I run Lightroom that way. | 09:29 |
RoyK | OliverUK: apt-get install kvm virt-manager # virt-manager doesn't have a steep learning curve ;) | 09:35 |
RoyK | it's just a nice GUI to do the KVM fiddly bits for you | 09:36 |
OliverUK | RoyK: Trying to not have a GUI at all :-) | 09:38 |
OliverUK | Might have to look at it in test though :-) | 09:38 |
RoyK | OliverUK: not saying you should install X on the server - just use X on the client to avoid doing everything manually | 09:38 |
lordievader | OliverUK: Virt-manager can connect over ssh. Just install virt-manager on your workstation. | 09:39 |
OliverUK | lordievader: Nice, thank you :-) | 09:39 |
RoyK | lordievader: probably better if he's using linux on the workstation ;) | 09:43 |
RoyK | lordievader: I'm using OS X on my laptop, so less hassle to just run it from the server | 09:44 |
lordievader | I thought I had seen virt-manager run on Windows somewhere, never looked into it though. | 09:45 |
* lordievader dislikes X forwarding. | 09:45 | |
=== Lcawte|Away is now known as Lcawte | ||
RoyK | lordievader: x forwarding just works ;) | 10:00 |
lordievader | Meh, on crappy connections it is rather annoying. But then again, anything is. | 10:02 |
RoyK | yeah | 10:05 |
=== deegee is now known as drussell | ||
=== drussell is now known as Guest75778 | ||
trijntje | I want to share a folder on my home network to other ubuntu pc's, what is the best way to do this with authentication, so you need a password to acces the share? | 10:59 |
lordievader | I'd say Samba. | 10:59 |
trijntje | is it possible to share ext over samba? I want to preserve things like hardlinks, softlinks, ownership, permissions etc | 11:01 |
lordievader | Yes. | 11:01 |
trijntje | lordievader: cool, I'll use samba then. Thanks | 11:02 |
rbasak | frediz: any news on kimchi please? Do you have an ETA? | 11:17 |
=== cz2 is now known as cz4 | ||
stemid | hi I upgraded from 12.04 to 14.04 and now root keeps getting these security errors saying "SECURITY information for host" "problem with defaults entries ; TTY=pts/10 ; PWD=/home/user" I've done visudo -cf on sudoers and every file in /etc/sudoers.d without any issues. | 11:44 |
stemid | I've found that this could be because I am connected to an active directory in this bug. https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1249777 | 11:44 |
ubottu | Launchpad bug 1249777 in sssd (Ubuntu) "libsss-sudo generated nsswitch.conf leads to error messages upon sudo invocation" [Low,Confirmed] | 11:44 |
stemid | I use sssd and it affects both local and remote users. | 11:44 |
stemid | seems to indicate that sudo 1.11.7 will fix it. | 11:45 |
stemid | will this upgrade ever come to ubuntu 14.04? | 11:45 |
deepquestions | hi@ll, is there a solution to use the yubikey HMAC-SHA1 in the channelResponse mode under ubuntu?? :) | 11:47 |
deepquestions | help | 11:47 |
deepquestions | sry, wrong channel .... i retire my question. bb. | 12:04 |
=== quantic_ is now known as quantic | ||
trijntje | what is considered a safe operating temperature for always-on harddisks? I"m testing my new WD disks now by writing to them from /dev/zero, and their at 33 C, is that OK? | 12:14 |
trijntje | *their temperature is at 33 C | 12:14 |
RoyK | trijntje: should't be a problem. drives normally likes it best < 50 degrees, 33 is nice. what drives don't like, is temperature varying a lot | 12:17 |
trijntje | RoyK: what would varying a lot be? My house has crappy isolation, so it goes between 20-30C in the summer and maybe 14-20 in the winter, on a 24 hour cycle | 12:18 |
RoyK | trijntje: I'd guess the drives get worn out a bit earlier, but hell, you're using RAID, right? ;) | 12:19 |
trijntje | RoyK: yeah, zfs mirror of the 2 disks, and backups of course | 12:21 |
RoyK | trijntje: also, drives normally won't keep room temperature - they naturally heat up - I don't think your situation varies very much from mine in terms of temperature diff, and I've been running these drives for 2-3 years without much issues (although one or two are having issues now) | 12:21 |
RoyK | 7-drive raidz2 | 12:21 |
trijntje | RoyK: thats good to know, thanks. I guess i'll write some automated scripts to keep an eye on the temperature, to get a feeling for how much it actually fluctuates | 12:23 |
RoyK | trijntje: smartmontools / smartd is always a good idea ;) | 12:23 |
RoyK | trijntje: also, the standard disk plugin for munin draws nice graphs of disk temp | 12:24 |
RoyK | trijntje: see pm | 12:25 |
trijntje | RoyK: I hadn't heard about munin, but thats pretty cool. Thanks for the pointer, I'll try that out for sure | 12:27 |
RoyK | trijntje: this is an old munin installation, mind, nicer graphs on 2.1.x | 12:28 |
RoyK | erm - on 2.0, I mean | 12:28 |
RoyK | this is old 1.4 | 12:28 |
trijntje | thanks again for the pointer to munin, I'll check it out for sure | 12:38 |
RoyK | it's in the repos and is easy to configure - an apt-get away ;) | 12:38 |
=== deegee is now known as drussell | ||
AEL-H | If I want to mount a disk using mount such that only root can access the mountpoint, how can I do this? | 14:33 |
RoyK | AEL-H: chown root:root /that/mountpoint ; chmod 0700 /that/mountpoint | 14:35 |
AEL-H | Well what I have done at the moment is mounted it at /mymountpoint/, and when I do chmod 700 /mymountpoint/ as root user, nothing is happening | 14:36 |
RoyK | AEL-H: pastebin output of ls -ld /mymountpoint | 14:37 |
AEL-H | It is just a one liner -- | 14:38 |
AEL-H | drwxrwxrwx 1 root root 24576 Aug 1 19:14 /mymountpoint/ | 14:38 |
RoyK | what sort of fs? | 14:38 |
AEL-H | standard windows -- should be ntfs | 14:39 |
RoyK | then, as root, mkdir /safe ; chmod 0700 /safe, mkdir /safe/mp, mount whatever /safe/mp | 14:39 |
RoyK | (replace some commas with ;) | 14:41 |
AEL-H | so the problem is I can't chmod the folder, but I can mount it at a folder that has already been chmod'd? | 14:41 |
RoyK | mhm - ntfs doesn't use the linux filesystem perms | 14:42 |
AEL-H | That makes sense, thanks | 14:42 |
RoyK | same applies to FAT | 14:43 |
AEL-H | I can't unmount for some reason? It is saying the device is busy but I have no idea why that would be | 14:44 |
RoyK | probably an open file somewhere - check with lsof | 14:45 |
arosales | I think smoser by be out this week, any volunteers for chairing this weeks ubuntu server irc meeting | 14:51 |
smoser | i'm hree. and can chair | 14:52 |
smoser | is that in 8 minutes ? | 14:52 |
smoser | or 1:08 | 14:52 |
arosales | oh smoser! | 14:52 |
arosales | smoser, in 1:08 | 14:52 |
arosales | thanks smoser | 14:52 |
=== quantic is now known as Guest28583 | ||
=== quantic_ is now known as quantic | ||
jak2000 | my network card have a ip: 192.168.0.200/24 how to add other interface(alias) for listen too in the network: 192.168.1.200/24 thanks | 16:08 |
RoyK | ip addr add dev eth0 192.168.0.201/25 | 16:08 |
RoyK | or something | 16:08 |
RoyK | ip addr add dev eth0 addr 192.168.0.201/25 | 16:09 |
RoyK | perhaps | 16:09 |
jak2000 | mmmm but i want work on network 192.168.1.200 | 16:09 |
RoyK | then change the address and mask | 16:09 |
RoyK | ip addr add dev eth0 addr 192.168.1.200/24 | 16:10 |
RoyK | why would you want two different networks on a single nic? | 16:10 |
jak2000 | Error: an inet prefix is expected rather than "Addr" | 16:11 |
jak2000 | i am change from my hose to work and other places... | 16:11 |
jak2000 | then i want configure permanently both networks | 16:11 |
jak2000 | i know with alias eth0:1 but not remeber the sintax | 16:11 |
RoyK | that's old stuff | 16:12 |
jak2000 | yes | 16:12 |
sonne | greetings! | 16:12 |
sonne | is xen-api available on 15.04 too? there seem to be no related packages on the repository, but iirc there was a working version on LTS... | 16:13 |
RoyK | jak2000: ip address add 192.168.99.37/24 dev eth0 | 16:13 |
jak2000 | ifconfig only show 192.168.0.200 | 16:14 |
jak2000 | why? need restart the network services? | 16:14 |
RoyK | ip addr list | 16:15 |
RoyK | ifconfig is outdated | 16:16 |
jak2000 | done.... | 16:16 |
RoyK | and if you want that permanent, add 'up ip addr add ...' in /etc/networks/int | 16:16 |
RoyK | and if you want that permanent, add 'up ip addr add ...' in /etc/network/interfaces | 16:16 |
jak2000 | yes i want permanently | 16:17 |
jak2000 | mmm wich line add? | 16:18 |
RoyK | "up" means "whenever the network is upped" | 16:19 |
RoyK | then the ip addr add thing | 16:19 |
RoyK | just below the nic config | 16:20 |
jak2000 | ok | 16:20 |
RoyK | https://www.garron.me/en/linux/add-secondary-ip-linux.html | 16:20 |
jak2000 | reading | 16:22 |
jak2000 | RoyK done... | 16:47 |
jak2000 | thanks | 16:47 |
RoyK | jak2000: did it work after a reboot? | 16:53 |
jak2000 | yes | 16:55 |
jak2000 | reboother | 16:55 |
jak2000 | copied all the lines of eth0 and pasted, and changed eth0 to eth0:1 | 16:55 |
RoyK | no need for eth0:1 | 16:55 |
RoyK | that's deprecated | 16:56 |
patdk-wk | unless your still using ifconfig | 16:56 |
RoyK | just add "up ip address add ..." at the bottom of the eth0 config | 16:56 |
patdk-wk | I noticed my rhel7 machines dont even have ifconfig installed | 16:56 |
patdk-wk | I imagine that will break a lot of things for people | 16:56 |
RoyK | patdk-wk: that ip addr add things works with even 10.04 | 16:56 |
patdk-wk | I know, ifconfig has been dead for ages | 16:57 |
RoyK | patdk-wk: it broke a few things, but a yum install ifconfig worked well | 16:57 |
jak2000 | wait | 16:57 |
jak2000 | the url you gave me say add eth0:1 | 16:57 |
RoyK | patdk-wk: it broke vmware tools for one | 16:57 |
jak2000 | changing | 16:57 |
patdk-wk | doesn't break vmwaretools for me | 16:57 |
RoyK | patdk-wk: perhaps it's updated now - first time I installed RHEL/CentOS7, vmware tools complained rather badly | 16:58 |
patdk-wk | right from vmware's repo | 16:58 |
patdk-wk | I have used it since it came out, though it was mostly unusable till 7.1 | 16:59 |
patdk-wk | but starting to push some production load to it now | 16:59 |
RoyK | guess I'd have to try without ipconfig again | 16:59 |
RoyK | or ifconfig | 17:00 |
ponyofdeath | anyone know of a write once read many ( WORM ) media that is Linux friendly? Does a filesystem exist for this already? | 17:03 |
RoyK | patdk-wk: I don't know any filesystems supporting that | 17:03 |
RoyK | erm | 17:03 |
RoyK | ponyofdeath: that was for you, 19:03 < RoyK > patdk-wk: I don't know any filesystems supporting that | 17:04 |
jrwren | ponyofdeath: the ISO file system is exactly that. | 17:04 |
ponyofdeath | RoyK: k thx | 17:04 |
patdk-wk | I wish ufs was more usable | 17:04 |
patdk-wk | ponyofdeath, the problem with worm, is it's very usecase dependent | 17:05 |
ponyofdeath | jrwren: ok, but that is only encapsulating something already there correct | 17:05 |
patdk-wk | there are many of them in linux, like initramfs, squashfs, ... | 17:05 |
patdk-wk | there is also ltfs if you use lto tapes :) | 17:06 |
jrwren | ponyofdeath: it depends on what properties you expect out of a filesystem. Yes, I guess? Don't all filesystems deal with data that is already there? | 17:06 |
jrwren | ponyofdeath: or did you not mean the entire fs was write once, but maybe per file or something? | 17:06 |
ponyofdeath | lol sorry this is for loggs | 17:06 |
ponyofdeath | basically we want to make sure the logs are not tampered with | 17:06 |
ponyofdeath | so if there is sometihng better that you guys know of besides WORM | 17:07 |
patdk-wk | just use off-system logs | 17:07 |
patdk-wk | and the old classic worm, a printer :) | 17:07 |
RoyK | patdk-wk: does ufs have worm? | 17:19 |
crinkle | is there any chance https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1453188 can be backported to trusty? (or who would I ask if not here?) | 17:20 |
ubottu | Launchpad bug 1453188 in neutron (Ubuntu Wily) "Incorrect path to binary in neutron-plugin-linuxbridge-agent" [High,Fix released] | 17:21 |
adam_g | crinkle, it should be available in the trusty kilo packages via the cloud archive. or are you actually using the 2014.1 packages shipped in trusty? | 17:40 |
crinkle | adam_g: no I'm using the cloud archive | 17:40 |
adam_g | crinkle, oh, it looks like that updates still waiting to be synced out to cloud-archive kilo -updates. | 17:41 |
adam_g | coreycb, jamespage ^ | 17:41 |
coreycb | crinkle, adam_g, kilo cloud archive should be released to -updates later wed or thurs | 17:42 |
crinkle | cool, thanks adam_g and coreycb | 17:43 |
neredsenvy | Anyone on ubuntu able to help with this https://gist.github.com/anonymous/8d38e61ab3d4ff3297ae trying to install mysql-server-5.6 smooth installation, configuring password however service fails to start | 17:46 |
RoyK | neredsenvy: why mysql? | 17:47 |
neredsenvy | ... | 17:47 |
RoyK | ..--.. | 17:47 |
neredsenvy | lets not do the which is better disscussion | 17:48 |
neredsenvy | *discussion | 17:48 |
jelly | because obviously the answer is percona-server-server (-server) | 17:49 |
coreycb | beisner, testing is good from my end and yours at this point with kilo-proposed in the CA. can you plan on promoting to -updates wed pm or thurs? that'll have given us 7 days in -proposed. | 17:49 |
RoyK | well, if you're installing from git, try #mysql | 17:50 |
beisner | coreycb, yep, i'll plan on it. | 17:51 |
coreycb | beisner, thanks | 17:51 |
beisner | coreycb, thanks for all the updates! | 17:51 |
ponyofdeath | could the tux3 versioning FS be used as WROM media? | 18:20 |
OerHeks | write read once many ? | 18:23 |
ObrienDave | writable read only memory? that's an oxymoron ;P | 18:41 |
RoyK | no, it's about media that can be used for backups - only writable | 18:42 |
ObrienDave | that would be WORM | 18:42 |
ObrienDave | Write Once Read Many | 18:43 |
pmatulis | waiting for the worms... | 18:59 |
jelly | heh, is tux3 still alive | 20:03 |
acmehandle | I'm on 14.04.01 with openssl 1.0.1f | 22:49 |
acmehandle | How can I tell if I'm vulnerable to heartbleed? | 22:49 |
acmehandle | I have self signed certificates | 22:49 |
teward | acmehandle: have you ran 'apt-get update; apt-get upgrade' yet? | 22:49 |
teward | also consider that self-signed certs are BAD if the site is in the wild and publicly accessible | 22:50 |
teward | because there's no 'trust' in place | 22:50 |
acmehandle | One of the first things I did earlier this year when I first got it up and running | 22:50 |
acmehandle | Ah. Ok. | 22:50 |
teward | acmehandle: i mean, have you run that since | 22:50 |
acmehandle | Nope. | 22:50 |
acmehandle | Should probably do that. | 22:50 |
acmehandle | It is an experimental vps. so nothing live on it. But I still want to know. | 22:51 |
teward | acmehandle: well, there's always https://filippo.io/Heartbleed/ | 22:51 |
teward | if the VPS has a domain tied to the 'experimental' stuff, point it there. | 22:51 |
teward | alternatively... | 22:51 |
teward | um... | 22:51 |
sarnold | you can install the unattended-upgrades package | 22:51 |
teward | that too | 22:51 |
teward | but also http://serverfault.com/questions/587839/is-there-a-way-to-manually-check-for-openssl-cve-2014-0160-vulnerability <-- first answer for testing perhaps | 22:51 |
teward | hmm | 22:52 |
sarnold | it'll keep the thing up to date even if you don't log in often. granted, some services probably require restarting to make the updates work -- especially for e.g. openssl updates, your web servers or whatever need to be restarted | 22:52 |
teward | there's a lot of test scripts out there though :P | 22:52 |
teward | and yes, unattended-upgrades | 22:52 |
teward | sarnold: if a system is managed by Landscape can it still have unattended-upgrades installed and set for security only? | 22:52 |
acmehandle | No, its good. I remember now. I tested it against another ssl/tls testing website | 22:52 |
teward | or would that be handled by Landscape instead | 22:52 |
acmehandle | But I ran it against filippo.io just now | 22:52 |
acmehandle | says all good | 22:52 |
teward | acmehandle: then you're all set, just remember that if you're going Live to the world, don't use self-signed | 22:53 |
teward | you'll get yelled at by people lol | 22:53 |
sarnold | hopefully qualys's check can handle all the other issues even if you are self-signed | 22:54 |
teward | it does | 22:54 |
teward | it just really downgrades your grade because self-signed | 22:54 |
sarnold | teward: I assume so, they have to have programmed it with the expectation that some package management will happen outside of landscape | 22:54 |
teward | sarnold: cool. | 22:54 |
teward | sarnold: BTW, i had fun with landscape. | 22:54 |
teward | landscape and gitlab on the same server | 22:54 |
acmehandle | I guess I should just get a cheap certificate from ssl start | 22:54 |
teward | had to mess with a LOT of settings to make everything work, PLUS reverse-proxy via nginx xD | 22:55 |
teward | i'm writing up a blog post on it :P | 22:55 |
sarnold | teward: woo :) thanks for writing it up, I always like to read those sorts of things | 22:55 |
teward | sarnold: interesting tidbit: one of the bits of Landscape listens on port 8080. Gitlab's Unicorn implementation (for the Ruby handling) also listens on 8080 | 22:55 |
teward | gotta change the Gitlab one xD | 22:56 |
teward | sarnold: i'mma write it with the "Caveats, Headaches, and Why This Is Evil" | 22:56 |
teward | sarnold: it'll be aggregated on planet.u.c, once i publish | 22:56 |
acmehandle | apt-get update should be enough right? | 22:56 |
teward | maybe it can make it into the newsletter, i gotta poke pleia2 possibly | 22:57 |
teward | acmehandle: that updates the list of software available, apt-get upgrade executes the actual updates | 22:57 |
acmehandle | it'll do everything right? Because it just flew right past didnt do a thing except check stuff | 22:57 |
acmehandle | oh, heh | 22:57 |
teward | (unattended-upgrades does that automatically though) | 22:57 |
sarnold | acmehandle: it's a two-stage process -- update updates lists, upgrade (or dist-upgrade) downloads and installs packages | 22:57 |
teward | ^ that | 22:57 |
teward | as i said :) | 22:57 |
acmehandle | openssl is not in the list it seems. | 22:57 |
acmehandle | Why do i even bother with a vps, everyone is going to the cloud. | 22:58 |
teward | acmehandle: apt-cache policy openssl | 22:58 |
acmehandle | but I dont wanna go to the cloud | 22:58 |
sarnold | "the cloud" can be more expensive, depending upon what you're doing. | 22:59 |
acmehandle | I'm getting *** 1.0.1f | 23:00 |
acmehandle | ubuntu 2.7 0 | 23:00 |
teward | pastebin the whole output lol | 23:00 |
teward | !pastebin | 23:00 |
ubottu | For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. | 23:00 |
acmehandle | What if I just run apt-get upgrade instead? | 23:00 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!