=== markthomas is now known as markthomas|away
ElevyNJI was referred here from #ubuntu  i am running Ubuntu Desktop but installed a PPP server on it. My Windows 10 systems can connect but are not getting default routes so they can't get to the internet. I need help resolving this03:51
ElevyNJI was referred here from #ubuntu  i am running Ubuntu Desktop but installed a PPP server on it. My Windows 10 systems can connect but are not getting default routes so they can't get to the internet. I need help resolving this04:26
emanu_I was referred here from #ubuntu  i am running Ubuntu Desktop but installed a PPP server on it. My Windows 10 systems can connect but are not getting default routes so they can't get to the internet. I need help resolving this04:41
ponyofdeathhi, trying to figure out why after a dist-upgrade to 14.04 for the latest updates it will now not boot my multipath server05:07
lordievaderGood morning.05:48
jellyponyofdeath: how does it fail?  Do you have / on a multipath device?06:38
jellyand did you try the usual initramfs debugging stuff06:39
lordievaderDoes it boot a kernel/initramfs? Or does it fail before that?06:44
=== markthomas|away is now known as markthomas
deepquestionshi@ll, is there a solution to use the yubikey HMAC-SHA1 in the channelResponse mode under ubuntu?? :)07:06
=== cipi is now known as CiPi
=== Lcawte|Away is now known as Lcawte
=== Lcawte is now known as Lcawte|Away
=== _ruben_ is now known as _ruben
deepquestionshi@ll, is there a solution to use the yubikey HMAC-SHA1 in the channelResponse mode under ubuntu?? :)09:13
OliverUKHiya, I have been looking around for a solution but clearly I don't know how to use Google.  What should I be looking at to run Windows VMs on a Ubuntu Server host?  Thanks in advance09:26
lordievaderOliverUK: KVM.09:28
OliverUKlordievader: Is this the only option?  I was looking at KVM and it seemed a pretty steep learning curve09:29
OliverUKlordievader: Not a problem though if this is the way to go, I will sit and read :-)09:29
lordievaderI suppose there are alternatives but I know of KVM that it works very well. I run Lightroom that way.09:29
RoyKOliverUK: apt-get install kvm virt-manager # virt-manager doesn't have a steep learning curve ;)09:35
RoyKit's just a nice GUI to do the KVM fiddly bits for you09:36
OliverUKRoyK: Trying to not have a GUI at all :-)09:38
OliverUKMight have to look at it in test though :-)09:38
RoyKOliverUK: not saying you should install X on the server - just use X on the client to avoid doing everything manually09:38
lordievaderOliverUK: Virt-manager can connect over ssh. Just install virt-manager on your workstation.09:39
OliverUKlordievader: Nice, thank you :-)09:39
RoyKlordievader: probably better if he's using linux on the workstation ;)09:43
RoyKlordievader: I'm using OS X on my laptop, so less hassle to just run it from the server09:44
lordievaderI thought I had seen virt-manager run on Windows somewhere, never looked into it though.09:45
* lordievader dislikes X forwarding.09:45
=== Lcawte|Away is now known as Lcawte
RoyKlordievader: x forwarding just works ;)10:00
lordievaderMeh, on crappy connections it is rather annoying. But then again, anything is.10:02
=== deegee is now known as drussell
=== drussell is now known as Guest75778
trijntjeI want to share a folder on my home network to other ubuntu pc's, what is the best way to do this with authentication, so you need a password to acces the share?10:59
lordievaderI'd say Samba.10:59
trijntjeis it possible to share ext over samba? I want to preserve things like hardlinks, softlinks, ownership, permissions etc11:01
trijntjelordievader: cool, I'll use samba then. Thanks11:02
rbasakfrediz: any news on kimchi please? Do you have an ETA?11:17
=== cz2 is now known as cz4
stemidhi I upgraded from 12.04 to 14.04 and now root keeps getting these security errors saying "SECURITY information for host" "problem with defaults entries ; TTY=pts/10 ; PWD=/home/user" I've done visudo -cf on sudoers and every file in /etc/sudoers.d without any issues.11:44
stemidI've found that this could be because I am connected to an active directory in this bug. https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/124977711:44
ubottuLaunchpad bug 1249777 in sssd (Ubuntu) "libsss-sudo generated nsswitch.conf leads to error messages upon sudo invocation" [Low,Confirmed]11:44
stemidI use sssd and it affects both local and remote users.11:44
stemidseems to indicate that sudo 1.11.7 will fix it.11:45
stemidwill this upgrade ever come to ubuntu 14.04?11:45
deepquestionshi@ll, is there a solution to use the yubikey HMAC-SHA1 in the channelResponse mode under ubuntu?? :)11:47
deepquestionssry, wrong channel .... i retire my question. bb.12:04
=== quantic_ is now known as quantic
trijntjewhat is considered a safe operating temperature for always-on harddisks? I"m testing my new WD disks now by writing to them from /dev/zero, and their at  33 C, is that OK?12:14
trijntje*their temperature is at 33 C12:14
RoyKtrijntje: should't be a problem. drives normally likes it best < 50 degrees, 33 is nice. what drives don't like, is temperature varying a lot12:17
trijntjeRoyK: what would varying a lot be? My house has crappy isolation, so it goes between 20-30C in the summer and maybe 14-20 in the winter, on a 24 hour cycle12:18
RoyKtrijntje: I'd guess the drives get worn out a bit earlier, but hell, you're using RAID, right? ;)12:19
trijntjeRoyK: yeah, zfs mirror of the 2 disks, and backups of course12:21
RoyKtrijntje: also, drives normally won't keep room temperature - they naturally heat up - I don't think your situation varies very much from mine in terms of temperature diff, and I've been running these drives for 2-3 years without much issues (although one or two are having issues now)12:21
RoyK7-drive raidz212:21
trijntjeRoyK: thats good to know, thanks. I guess i'll write some automated scripts to keep an eye on the temperature, to get a feeling for how much it actually fluctuates12:23
RoyKtrijntje: smartmontools / smartd is always a good idea ;)12:23
RoyKtrijntje: also, the standard disk plugin for munin draws nice graphs of disk temp12:24
RoyKtrijntje: see pm12:25
trijntjeRoyK: I hadn't heard about munin, but thats pretty cool. Thanks for the pointer, I'll try that out for sure12:27
RoyKtrijntje: this is an old munin installation, mind, nicer graphs on 2.1.x12:28
RoyKerm - on 2.0, I mean12:28
RoyKthis is old 1.412:28
trijntjethanks again for the pointer to munin, I'll check it out for sure12:38
RoyKit's in the repos and is easy to configure - an apt-get away ;)12:38
=== deegee is now known as drussell
AEL-HIf I want to mount a disk using mount such that only root can access the mountpoint, how can I do this?14:33
RoyKAEL-H: chown root:root /that/mountpoint ; chmod 0700 /that/mountpoint14:35
AEL-HWell what I have done at the moment is mounted it at /mymountpoint/, and when I do chmod 700 /mymountpoint/ as root user, nothing is happening14:36
RoyKAEL-H: pastebin output of ls -ld /mymountpoint14:37
AEL-HIt is just a one liner --14:38
AEL-Hdrwxrwxrwx 1 root root 24576 Aug  1 19:14 /mymountpoint/14:38
RoyKwhat sort of fs?14:38
AEL-Hstandard windows -- should be ntfs14:39
RoyKthen, as root, mkdir /safe ; chmod 0700 /safe, mkdir /safe/mp, mount whatever /safe/mp14:39
RoyK(replace some commas with ;)14:41
AEL-Hso the problem is I can't chmod the folder, but I can mount it at a folder that has already been chmod'd?14:41
RoyKmhm - ntfs doesn't use the linux filesystem perms14:42
AEL-HThat makes sense, thanks14:42
RoyKsame applies to FAT14:43
AEL-HI can't unmount for some reason? It is saying the device is busy but I have no idea why that would be14:44
RoyKprobably an open file somewhere - check with lsof14:45
arosales I think smoser by be out this week, any volunteers for chairing this weeks ubuntu server irc meeting14:51
smoseri'm hree. and can chair14:52
smoseris that in 8 minutes ?14:52
smoseror 1:0814:52
arosalesoh smoser!14:52
arosalessmoser, in 1:0814:52
arosalesthanks smoser14:52
=== quantic is now known as Guest28583
=== quantic_ is now known as quantic
jak2000my network card have a ip:  how to add other interface(alias) for listen too in the network: thanks16:08
RoyKip addr add dev eth0
RoyKor something16:08
RoyKip addr add dev eth0 addr
jak2000mmmm but i want work on network
RoyKthen change the address and mask16:09
RoyKip addr add dev eth0 addr
RoyKwhy would you want two different networks on a single nic?16:10
jak2000Error: an inet prefix is expected rather than "Addr"16:11
jak2000i am change from my hose to work and other places...16:11
jak2000then i want configure permanently both networks16:11
jak2000i know with alias eth0:1 but not remeber the sintax16:11
RoyKthat's old stuff16:12
sonneis xen-api available on 15.04 too? there seem to be no related packages on the repository, but iirc there was a working version on LTS...16:13
RoyKjak2000: ip address add dev eth016:13
jak2000ifconfig only show
jak2000why? need restart the network services?16:14
RoyKip addr list16:15
RoyKifconfig is outdated16:16
RoyKand if you want that permanent, add 'up ip addr add ...' in /etc/networks/int16:16
RoyKand if you want that permanent, add 'up ip addr add ...' in /etc/network/interfaces16:16
jak2000yes i want permanently16:17
jak2000mmm wich line add?16:18
RoyK"up" means "whenever the network is upped"16:19
RoyKthen the ip addr add thing16:19
RoyKjust below the nic config16:20
jak2000RoyK done...16:47
RoyKjak2000: did it work after a reboot?16:53
jak2000copied all the lines of eth0 and pasted, and changed eth0 to eth0:116:55
RoyKno need for eth0:116:55
RoyKthat's deprecated16:56
patdk-wkunless your still using ifconfig16:56
RoyKjust add "up ip address add ..." at the bottom of the eth0 config16:56
patdk-wkI noticed my rhel7 machines dont even have ifconfig installed16:56
patdk-wkI imagine that will break a lot of things for people16:56
RoyKpatdk-wk: that ip addr add things works with even 10.0416:56
patdk-wkI know, ifconfig has been dead for ages16:57
RoyKpatdk-wk: it broke a few things, but a yum install ifconfig worked well16:57
jak2000the url you gave me say add eth0:116:57
RoyKpatdk-wk: it broke vmware tools for one16:57
patdk-wkdoesn't break vmwaretools for me16:57
RoyKpatdk-wk: perhaps it's updated now - first time I installed RHEL/CentOS7, vmware tools complained rather badly16:58
patdk-wkright from vmware's repo16:58
patdk-wkI have used it since it came out, though it was mostly unusable till 7.116:59
patdk-wkbut starting to push some production load to it now16:59
RoyKguess I'd have to try without ipconfig again16:59
RoyKor ifconfig17:00
ponyofdeathanyone know of a write once read many ( WORM ) media that is Linux friendly? Does a filesystem exist for this already?17:03
RoyKpatdk-wk: I don't know any filesystems supporting that17:03
RoyKponyofdeath: that was for you, 19:03 <            RoyK > patdk-wk: I don't know any filesystems supporting that17:04
jrwrenponyofdeath: the ISO file system is exactly that.17:04
ponyofdeathRoyK: k thx17:04
patdk-wkI wish ufs was more usable17:04
patdk-wkponyofdeath, the problem with worm, is it's very usecase dependent17:05
ponyofdeathjrwren: ok, but that is only encapsulating something already there correct17:05
patdk-wkthere are many of them in linux, like initramfs, squashfs, ...17:05
patdk-wkthere is also ltfs if you use lto tapes :)17:06
jrwrenponyofdeath: it depends on what properties you expect out of a filesystem. Yes, I guess? Don't all filesystems deal with data that is already there?17:06
jrwrenponyofdeath: or did you not mean the entire fs was write once, but maybe per file or something?17:06
ponyofdeathlol sorry this is for loggs17:06
ponyofdeathbasically we want to make sure the logs are not tampered with17:06
ponyofdeathso if there is sometihng better that you guys know of besides WORM17:07
patdk-wkjust use off-system logs17:07
patdk-wkand the old classic worm, a printer :)17:07
RoyKpatdk-wk: does ufs have worm?17:19
crinkleis there any chance https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1453188 can be backported to trusty? (or who would I ask if not here?)17:20
ubottuLaunchpad bug 1453188 in neutron (Ubuntu Wily) "Incorrect path to binary in neutron-plugin-linuxbridge-agent" [High,Fix released]17:21
adam_gcrinkle, it should be available in the trusty kilo packages via the cloud archive. or are you actually using the 2014.1 packages shipped in trusty?17:40
crinkleadam_g: no I'm using the cloud archive17:40
adam_gcrinkle, oh, it looks like that updates still waiting to be synced out to cloud-archive kilo -updates.17:41
adam_gcoreycb, jamespage ^17:41
coreycbcrinkle, adam_g, kilo cloud archive should be released to -updates later wed or thurs17:42
crinklecool, thanks adam_g and coreycb17:43
neredsenvyAnyone on ubuntu able to help with this https://gist.github.com/anonymous/8d38e61ab3d4ff3297ae trying to install mysql-server-5.6 smooth installation, configuring password however service fails to start17:46
RoyKneredsenvy: why mysql?17:47
neredsenvylets not do the which is better disscussion17:48
jellybecause obviously the answer is percona-server-server (-server)17:49
coreycbbeisner, testing is good from my end and yours at this point with kilo-proposed in the CA.  can you plan on promoting to -updates wed pm or thurs?  that'll have given us 7 days in -proposed.17:49
RoyKwell, if you're installing from git, try #mysql17:50
beisnercoreycb, yep, i'll plan on it.17:51
coreycbbeisner, thanks17:51
beisnercoreycb, thanks for all the updates!17:51
ponyofdeathcould the tux3 versioning FS be used as WROM media?18:20
OerHekswrite read once many ?18:23
ObrienDavewritable read only memory? that's an oxymoron ;P18:41
RoyKno, it's about media that can be used for backups - only writable18:42
ObrienDavethat would be WORM18:42
ObrienDaveWrite Once Read Many18:43
pmatuliswaiting for the worms...18:59
jellyheh, is tux3 still alive20:03
acmehandleI'm on 14.04.01 with openssl 1.0.1f22:49
acmehandleHow can I tell if I'm vulnerable to heartbleed?22:49
acmehandleI have self signed certificates22:49
tewardacmehandle: have you ran 'apt-get update; apt-get upgrade' yet?22:49
tewardalso consider that self-signed certs are BAD if the site is in the wild and publicly accessible22:50
tewardbecause there's no 'trust' in place22:50
acmehandleOne of the first things I did earlier this year when I first got it up and running22:50
acmehandleAh.  Ok.22:50
tewardacmehandle: i mean, have you run that since22:50
acmehandleShould probably do that.22:50
acmehandleIt is an experimental vps.  so nothing live on it.  But I still want to know.22:51
tewardacmehandle: well, there's always https://filippo.io/Heartbleed/22:51
tewardif the VPS has a domain tied to the 'experimental' stuff, point it there.22:51
sarnoldyou can install the unattended-upgrades package22:51
tewardthat too22:51
tewardbut also http://serverfault.com/questions/587839/is-there-a-way-to-manually-check-for-openssl-cve-2014-0160-vulnerability  <-- first answer for testing perhaps22:51
sarnoldit'll keep the thing up to date even if you don't log in often. granted, some services probably require restarting to make the updates work -- especially for e.g. openssl updates, your web servers or whatever need to be restarted22:52
tewardthere's a lot of test scripts out there though :P22:52
tewardand yes, unattended-upgrades22:52
tewardsarnold: if a system is managed by Landscape can it still have unattended-upgrades installed and set for security only?22:52
acmehandleNo, its good.  I remember now.  I tested it against another ssl/tls testing website22:52
tewardor would that be handled by Landscape instead22:52
acmehandleBut I ran it against filippo.io just now22:52
acmehandlesays all good22:52
tewardacmehandle: then you're all set, just remember that if you're going Live to the world, don't use self-signed22:53
tewardyou'll get yelled at by people lol22:53
sarnoldhopefully qualys's check can handle all the other issues even if you are self-signed22:54
tewardit does22:54
tewardit just really downgrades your grade because self-signed22:54
sarnoldteward: I assume so, they have to have programmed it with the expectation that some package management will happen outside of landscape22:54
tewardsarnold: cool.22:54
tewardsarnold: BTW, i had fun with landscape.22:54
tewardlandscape and gitlab on the same server22:54
acmehandleI guess I should just get a cheap certificate from ssl start22:54
tewardhad to mess with a LOT of settings to make everything work, PLUS reverse-proxy via nginx xD22:55
tewardi'm writing up a blog post on it :P22:55
sarnoldteward: woo :) thanks for writing it up, I always like to read those sorts of things22:55
tewardsarnold: interesting tidbit: one of the bits of Landscape listens on port 8080.  Gitlab's Unicorn implementation (for the Ruby handling) also listens on 808022:55
tewardgotta change the Gitlab one xD22:56
tewardsarnold: i'mma write it with the "Caveats, Headaches, and Why This Is Evil"22:56
tewardsarnold: it'll be aggregated on planet.u.c, once i publish22:56
acmehandleapt-get update should be enough right?22:56
tewardmaybe it can make it into the newsletter, i gotta poke pleia2 possibly22:57
tewardacmehandle: that updates the list of software available, apt-get upgrade executes the actual updates22:57
acmehandleit'll do everything right?  Because it just flew right past didnt do a thing except check stuff22:57
acmehandleoh, heh22:57
teward(unattended-upgrades does that automatically though)22:57
sarnoldacmehandle: it's a two-stage process -- update updates lists, upgrade (or dist-upgrade) downloads and installs packages22:57
teward^ that22:57
tewardas i said :)22:57
acmehandleopenssl is not in the list it seems.22:57
acmehandleWhy do i even bother with a vps, everyone is going to the cloud.22:58
tewardacmehandle: apt-cache policy openssl22:58
acmehandlebut I dont wanna go to the cloud22:58
sarnold"the cloud" can be more expensive, depending upon what you're doing.22:59
acmehandleI'm getting *** 1.0.1f23:00
acmehandleubuntu 2.7 023:00
tewardpastebin the whole output lol23:00
ubottuFor posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.23:00
acmehandleWhat if I just run apt-get upgrade instead?23:00

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!