[00:08] <Tangurin> Hi! When my applikation is creating a row in the database it works fine, but when it edit a row in the database it crashes, I use Laravel on Ubuntu 14. Do you know why?
[00:38] <ldc> hello!
[00:38] <ldc> is it normal to have .sudo_as_admin_successful in my home
[00:39] <ldc> since 15.04?
[00:40] <RevertToType> does .xinit not work in a home directory anymore in 15.04?
[00:42] <RevertToType> .xinitrc rather same question though
[00:49] <tarpman> ldc: yes, it's normal
[00:50] <tarpman> RevertToType: that depends very much on how you log in and how your session is launched
[00:50] <RevertToType> nvm was too zoned to notice
[00:50] <ldc> ok thanks
[00:50] <RevertToType> tarpman:  i figured it out... stupid oversight on my part.
[01:24] <tanuki> Why does my kernel update every week?
[01:25] <sarnold> the kernel team works on roughly a three-week cadence where they integrate fixes, build, test, and deploy
[01:25] <tanuki> I just wasn't expecting to be told to reboot my server so frequently, especially since it's running Trusty
[01:25] <sarnold> and some security issues are severe enough that waiting three or four weeks before deploying the fix would be irresponsible, so they get 'emergency kernels', prepared outside the cadence
[01:26] <tanuki> Makes sense, I guess
[01:27] <sarnold> tanuki: you can investigate oracle's ksplice service; they have a hot-patch mechanism that reduces the needs for reboots while still deploying some fixes
[01:27] <sarnold> I have no idea what they charge for this service, but if downtime is expensive, it might be enough to pay for itself
[01:28] <tanuki> sarnold: Nah, not expensive at all. Just annoying.
[01:28] <tanuki> It's a home server.
[01:28] <sarnold> suse and red hat are working on merging their hot-patching mechanisms together, and then merging them into the kernel; it's possible that some updates in the future from ubuntu will be prepared in a manner to take advantage of it, but that feels like perhaps two years or more in the future...
[01:28] <sarnold> *nod*
[01:28] <sarnold> tanuki: don't tell anyone but I go months between reboots
[01:29] <sarnold> once in a while I'll see a fix that justifies a reboot..
[01:29] <OerHeks> as of kernel 4.x we don't need to reboot anymore, with hot patching.
[01:30] <OerHeks> like ksplice
[01:30] <sarnold> OerHeks: am I out of date again? has that already been merged?
[01:31] <sarnold> tanuki: wow, it actually looks like oracle may provide ksplice for free to ubuntu and fedora users http://www.ksplice.com/try/desktop
[01:31] <OerHeks> Yes, sarnold, http://www.zdnet.com/article/no-reboot-patching-comes-to-linux-4-0/ known for some time now, waiting for wily
[01:32] <sarnold> OerHeks: woo :)
[01:39] <ianorlin> although the jeos testcase for wily now seems to take 1.1 GB instead of the less than 800 MB it should according to testcase
[07:00] <lordievader> Good morning.
[08:21] <jamespage> coreycb, zul: I dropped init-system-helpers from liberty-staging - I could see no good reason for the backport - and it foobars everything that uses dh-systemd afterwards as its not compat with 14.04
[08:29] <siebjee> ˜nnjjk
[09:38] <gnuoy> jamespage, the ceph radosgw init.d script is broken on trusty if you use restart. It stops the service but doesn't start it up again. I would say that that is an SRU candidate? I cannot reproduce on wily, although on wily systemd is falling back to the init script the issue doesn't appear. I assume it's ok to target a SRU fix directly at trusty since it's not relevant   in the current development release?
[09:46] <jamespage> gnuoy, yes that's fine
[09:46] <gnuoy> kk, thanks
[09:47] <SlimG> What does it mean I get no output from "cryptsetup status /dev/mapper/cryptswap1" ?
[11:08] <lightair> hi! I configured FQDN to be server.lightair.com. Then I install iRedMail and on step "Enter first domain name" I enter lightair.com. After installation Web Mail is installed to URL: https://server.lightair.com . How do I make iRedMail install WebMail and all other services to URL https://lightair.com ?
[11:43] <siebjee> Is it true that 15.10 will be a LTS version ?
[11:45] <siebjee> nvm, read the article wrong :(
[11:45] <andol> siebjee: That sounds very unlikely.
[11:45] <andol> Well, I guess the second statement does sound likely :-)
[11:49] <lightair> hi! I configured FQDN to be server.lightair.com. Then I install iRedMail and on step "Enter first domain name" I enter lightair.com. After installation Web Mail is installed to URL: https://server.lightair.com . How do I make iRedMail install WebMail and all other services to URL https://lightair.com ?
[11:50] <lordievader> siebjee: The next LTS is 16.04
[11:50] <lordievader> Every even .04 is an LTS.
[12:02] <Voyage> Is there a GUI tool to do torture test and measure cpu/memory performance ?
[12:03] <teward> Voyage: this is the server channel, probably not going to get the best help for that here (ubuntu server installs typically run headless, i.e. no gui)
[12:04] <lordievader> Voyage: Guis and servers.... What's wrong with stress?
[12:04] <Voyage> ok. tell about no gui
[12:04] <coreycb> jamespage, zul: can one of you rebuild openstack-trove when you get a chance?
[12:04] <Voyage> teward,  servers can also have gui
[12:04] <teward> Voyage: true, but I said "typically"
[12:04] <teward> not "can they at all"
[12:04] <Voyage> teward,  but you are mostly correct saying as a trend
[12:04] <teward> keep that in mind
[12:04] <Voyage> teward,  yes
[12:37] <acmehandle> So I guess 15 is out?
[12:37] <acmehandle> Is it gud?
[13:05] <sb_9> How do I deal with a compromised server?
[13:05] <jpds> sb_9: Unplug from the internet
[13:06] <sb_9> my server is trying to attack another server. hacker is using it as proxy.
[13:06] <jpds> sb_9: Unplug from the internet
[13:06] <sb_9> then
[13:06] <jpds> Find out how they got in, go through the logs
[13:06] <patdk-wk> well, unplug the power from it
[13:06] <patdk-wk> replace it with a new server
[13:06] <patdk-wk> then look into how they compromised it
[13:07] <patdk-wk> fix it issues on your current servers
[13:07] <patdk-wk> shred compromised server
[13:08] <sb_9> it was unplugged from internet. just i have digging into cause that compromised the system.
[13:08] <jpds> sb_9: Found and fix the cause, reinstall the server from 0
[13:08] <sb_9> patdk-wk: i have gone through log's and new logins, open ports, any unknown process.
[13:09] <patdk-wk> it's rare for you to find a compromise that way
[13:09] <jpds> sb_9: Also, consider putting an outgoing firewall on the box and block all unneeded outbound access
[13:09] <patdk-wk> normally it's very very simple, vaunerable cgi
[13:12] <sb_9> patdk-wk: Good Idea. Agree we have rare situations to identify the cause, but i need more suggestions on this.
[13:14] <sb_9> can i have quick example of blocking all unneeded outbound access with firewall.
[13:14] <patdk-wk> no
[13:14] <patdk-wk> you need to be more specific
[13:16] <sb_9> patdk-wk: how can i analyse the cause.  if it is with any cgi script?
[13:16] <patdk-wk> ask your cgi script
[13:18] <jpds> sb_9: We don't know what your server's running
[13:18] <sb_9> patdk-wk: understood.
[13:18] <jpds> sb_9: And if you don't know what it's running... you shouldn't be running it
[13:18] <sb_9> jpds: i will check it.
[13:20] <sb_9> jpds: okay. how can i idenitfy any offending files that was created in a specific time period?
[13:20] <jpds> sb_9: With find command and the mtime option
[13:20] <sb_9> jpds: thanks.
[13:23] <patdk-wk> jpds, no
[13:23] <patdk-wk> anyone can change the mtime of a file
[13:23] <patdk-wk> so that is not accurate
[13:23] <patdk-wk> and it wont tell you if it's is offending or not
[13:24] <patdk-wk> I have found ext to be horrible at this
[13:24] <jpds> patdk-wk: http://is.gd/Emzzd5
[13:24] <patdk-wk> people can't change the mtime?
[13:24] <sysrex> guys, is there anyway to see when a package in ubuntu trusty will be upgraded?
[13:24] <jpds> sysrex: upgraded how?
[13:25] <patdk-wk> sysrex, sometime in the next 3.5years, or not at all
[13:25] <jpds> patdk-wk: That's what I picture when people just say "no"
[13:25] <patdk-wk> you should look at creation time :)
[13:25] <patdk-wk> and to get the creation time from ext is rather annoying
[13:25] <jpds> patdk-wk: mtime might not be super accurate, but it's a good start
[13:25] <jpds> patdk-wk: What if they didn't create a file?
[13:26] <patdk-wk> yes, I have found it to be about 50% accurate myself, using mtime
[13:26] <patdk-wk> jpds, you should never use just one thing :)
[13:26] <patdk-wk> but most of the time they download a zip/tar/...
[13:26] <patdk-wk> and unpack it
[13:26] <patdk-wk> the unpack normally restores the mtime
[13:27] <patdk-wk> yes, check mtime, but don't depend on it at all
[13:39] <cyphermox> roaksoax: around? do you know if maas-enlist is still used? seems like this would do the device enlistment from the MAAS option on the ubuntu-server ISOs
[13:40] <cyphermox> smoser: ^
[13:40] <cyphermox> roaksoax: the problem is, maas-enlist-udeb depended on curl-udeb which apparently got dropped from curl because "it didn't work since before trusty"
[13:40] <cyphermox> so either we should re-add curl-udeb to curl, or fix maas-enlist to say, use wget instead of curl
[13:45] <rbasak> smb: your changes look fine, thanks. I've fixed the introductory paragraph and will send it now.
[13:45] <smb> rbasak, Awesome. :)
[13:50] <sysrex> patdk-wk, I mean when will tomcat 7.0.64 be available for trusty
[13:50] <sysrex> to avoid buggy 7.0.55
[13:51] <rbasak> arges, smb, jamespage: email to upstream DPDK sent
[13:51] <arges> rbasak: good to hear
[14:00] <smb> \o/ :)
[14:01] <Seveas> 30
[14:08] <samba35> how do i check kvm machine type used on ubuntu
[14:09] <arges> samba35: 'kvm -M ?' will list the types
[14:09] <samba35> ok
[14:11] <samba35>  it  show -m require argument
[14:14] <acmehandle> Is running a production server on 15 a good idea?
[14:14] <acmehandle> Or should I stick with 14?
[14:14] <acmehandle> this is a new server.
[14:19] <ogra_> acmehandle, the non LTS releases go EOL after 9 months ... i would stick to LTS (unless you love upgrading to new releases in production)
[14:21] <revolve> Hello there, I'm having a problem with redhat cluster manager in 12.04, it's producing this error: Starting cman... /usr/lib/lcrso/service_amf.lcrso: open failed: /usr/lib/lcrso/service_amf.lcrso: undefined symbol: logsys_rec_end
[14:21] <revolve> I've also built it and its dependencies from src, experienced the same thing, and replaced them with the version from the repos again
[14:21] <acmehandle> Ok, so this might be a silly question.  How long when  LTS go EOL?
[14:21] <rbasak> acmehandle: https://wiki.ubuntu.com/Releases has all the details
[14:22] <revolve> is anyone familiar with this issue with the ubuntu version of cman? I've got five debian nodes working perfectly fine :-/
[14:23] <revolve> (generally thanks, though)
[14:32] <roaksoax> cyphermox: it is still used for the ISO but not for maas anymore. For auto-enlistment in MAAS we ship our own
[14:33] <cyphermox> roaksoax: so I've heard
[14:33] <cyphermox> roaksoax: should still get fixed though, no?
[14:34] <cyphermox> it would be really great if someone could spend the time to port it to use wget instead of curl, since that would mean not carrying extra delta on curl to ship a udeb.
[14:34] <roaksoax> cyphermox: is there a bug for it?
[14:35] <cyphermox> I don't know
[14:35] <cyphermox> I think it's only on the NBS list: http://people.canonical.com/~ubuntu-archive/nbs.html
[14:51] <acmehandle> Hhm, so maybe I should just go with 14.04 or 14.04.1
[15:20] <Norbin> will installing nagios3 on the same server of already-running apache, make any changes to current sites/virtual hosts?
[15:28] <revolve> Anyone familiar with CLVM hanging as soon as it's started?
[15:29] <Pici> Norbin: It shouldn't. It may install a new file into /etc/apache2/conf-available/
[15:34] <samba35> my system is giveing missing operating system
[15:34] <samba35> how do i fix this
[15:35] <lordievader> samba35: Install an operating system?
[15:35] <revolve> accept missing operating system graciously
[15:35] <samba35> i  have ubuntu 14.04.3 server installed
[15:35] <lordievader> samba35: If there should be an operating system then it is time yo check your disks.
[15:36] <samba35> on installed ubuntu i am getting this message
[15:36] <revolve> don't tell it you want a found one
[15:36] <lordievader> samba35: Boot a live disk and check your disks.
[15:36] <ogra_> samba35, "on installed ubuntu" ? you mean after booting ?
[15:37] <samba35> there was panic and after panic it give this message
[15:37] <ogra_> "missing operating system" is typically a BIOS message ...
[15:37] <lordievader> samba35: Check your disks...
[15:37] <samba35> yes on ubuntu installed disk
[16:06] <jamespage> coreycb, hey - can you take a look at the software-properties stuff for add-apt-repository - I think I assigned you a bug for that
[16:06] <jamespage> its needs wily + trusty SRU's
[16:07] <coreycb> sure
[16:07] <coreycb> jamespage, ^
[16:09] <jamespage> coreycb, ack
[16:09] <jamespage> coreycb, I'll have to sponsor that for you I think
[16:12] <jamespage> coreycb, btw why did we backport the wily init-system-helpers?
[16:12] <coreycb> jamespage, hmm, not sure.  did I do that?
[16:12] <coreycb> jamespage, which bug btw?  there are a few.
[16:12] <coreycb> jamespage, I saw that you were dropping init-system-helpers
[16:13] <jamespage> coreycb, I'm not certain - it was done via jenkins
[16:13] <jamespage> it broken quite a few things
[16:13] <jamespage> zul, ^^ was it you?
[16:13] <jamespage> I have reverted and rebuilt impacted bits
[16:17] <coreycb> jamespage, ok thanks.  do you have a bug # for the software-properties bug?
[16:18] <jamespage> coreycb, can't remember
[16:18] <coreycb> jamespage, what's it about?
[16:18] <jamespage> coreycb, https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1472586
[16:18] <coreycb> jamespage, thanks
[16:19] <coreycb> jamespage, apparently I completely missed that one, I'll get on it
[16:23] <jamespage> coreycb, backports to the staging ppa are trickling through - I had to work through a whole load of -S removals this morning
[16:23] <coreycb> jamespage, -S removals?
[16:24] <jamespage> coreycb, yeah - dpkg-parsechangelog -S is not supported on 14.04 - a number of packages use it to determine OSLO_PACKAGE_VERSION
[16:24] <jamespage> breaks and ftbfs for backports
[16:24] <coreycb> jamespage, ok
[16:52] <zul> jamespage: possibly
[16:53] <jamespage> zul, nm
[16:53] <jamespage> coreycb, zul: requests/urllib3 are pretty bust right now
[16:53] <jamespage> https://bugs.launchpad.net/ubuntu/+source/python-urllib3/+bug/1487645
[16:55] <zul> jamespage: what was the fix for the paresechangelog stuff?
[16:55] <jamespage> zul, revert to seding the Version field
[16:56] <zul> jamespage: ah i guess thats what happened for me for python-nose
[16:56] <jamespage> zul, coreycb: I've pushed commits to debian repos where I can - but not uploaded; that can happen with something else useful for debian as stable has the right dpkg version
[16:58] <zul> kk
[17:28] <coreycb> jamespage,zul, I've uploaded software-properties for trusty and wily with support for cloud-archive:liberty(-proposed)
[17:29] <zul> coreycb: ack
[17:46] <dinet> Hello. I have a little problem after an upgrade and mod_rewrite have stoped working in apache
[17:48] <dinet> and my googlefoo if failing misirably
[17:48] <wiuempe> hello
[17:49] <wiuempe> i want to configure this: http://help.ovh.co.uk/IpmiSol
[17:50] <wiuempe> on ubuntu 14.04, but i dont know how to do it
[17:50] <teward> WilliamDotAT: that page is instructions
[17:50] <teward> erm
[17:50] <teward> wiuempe: ^
[17:51] <wiuempe> teward: yes
[17:51] <teward> wiuempe: that page also suggests that if you don't know what you're doing, don't make these changes
[17:51] <wiuempe> teward: i havent /etc/inittab
[17:51] <wiuempe> and i dont know to what file in /etc/init i should add configuration to new tty
[17:54]  * genii notices references later in the document to LiLo and immediately loses interest
[17:55] <teward> wiuempe: i would not be turning on ImpiSol unless you know what you're doing... :/
[17:55] <wiuempe> teward: https://help.ubuntu.com/community/SerialConsoleHowto
[17:55] <wiuempe> thanks for help
[18:13] <krizzo> Is there any method of a kickstart for a unattended pxe boot full install of ubuntu server?
[18:28] <samba35> please correct me if i am wrong if you are using genric/default kernel and not using kernel from recompile in that case if you have  some configure is =y so that is load as a what and if it is load does that module show with lsmod command
[18:29] <samba35>   a /boot/config-3.x.x-generic
[18:54] <sarnold> samba35: kernel config options set =y are built-in to the kernel statically
[18:54] <sarnold> krizzo: investigate maas and fai
[18:55] <samba35> and how do i check them
[18:56] <samba35> so i dont have to add them manually with /etc/modules right ?
[18:56] <samba35> sarnold: please correct me
[18:56] <sarnold> samba35: /boot/config-`uname -r` usually knows
[18:56] <sarnold> but that's just by convention.. someone who self-compiled their kernel may not put their config in that location
[18:57] <samba35> ok
[19:23] <oal> I installed UFW and ran ufw allow $mycustomsshport
[19:23] <oal> Now when I run ufw enable, I lose connection and can't reconnect. I lock myself out. Why is this?
[19:23] <oal> ...until I reboot
[23:22] <RevertToType> so this is gonna sound weird and maybe a bit on the daft side of things... but is there a way to set up a non-persistent or guest kind of account on ubuntu-server?
[23:28] <sarnold> RevertToType: usual is to create a standard user account, let them use it, then prevent logins, go kill off any processes they may still have running, then delete their files again
[23:29] <RevertToType> i was hoping i wouldn't have to work around with that much scripting
[23:29] <RevertToType> damn
[23:29] <sarnold> RevertToType: if you're inclined you could also create an apparmor profile for their shell to ensure they don't use setuid or setgid programs in an unexpected way
[23:30] <RevertToType> so basically i'm trying to build a kiosk :/
[23:30] <RevertToType> it's going... honestly i'd be happy as is but the webbrowser isn't playing well with one extension in incognito mode so i might need to pull that mode out
[23:31] <RevertToType> which would then mean i'd need to make sure user data is utterly wiped
[23:31] <sarnold> lightdm's guest mode may be a useful starting point
[23:31] <RevertToType> i figured that only works if you have a full wm/de installed
[23:31] <RevertToType> i'm just firing it off on x with no fancy stuff
[23:32] <sarnold> I think it just starts sessions, it shouldn't place much requirement on what gets executed afterwards
[23:33] <sarnold> but I don't know if it'd be easy to get lightdm to just log directly into the guest mode at startup. that bit might be more work than it's worth. but hpefully it's a useful thing to steal ideals from either way :)
[23:33] <sarnold> s/ideals/ideas/
[23:33]  * RevertToType nods
[23:33] <RevertToType> i was thinking of ln the entire ~ to /tmp/whatever
[23:34] <sarnold> or make /home a tmpfs?
[23:34]  * RevertToType nods
[23:34] <RevertToType> mebbe
[23:34] <RevertToType> i just assume chrome throws a lot of noodly crap around outside of home
[23:37] <tarpman> lightdm already has autologin-guest, no work involved there
[23:37] <tarpman> RevertToType: as someone who has done both the lightdm and roll-your-own methods not long ago -- just use lightdm ;)
[23:38] <tarpman> doesn't require using any particular session, or even any particular lightdm greeter, and the session setup/teardown scripts are right there for you to muck with
[23:38] <sarnold> tarpman: sweet :)
[23:39] <tarpman> the pam_mount/$HOME on tmpfs method is neat but needs a gnome-keyring patch, at least in trusty
[23:39] <tarpman> (don't have a bug # handy, sorry)
[23:41] <tarpman> oh, and killing all the user's remaining processes on logout is a good idea -- there are a few situations where the logind session can remain open after logout so the cgroup doesn't get cleaned up
[23:43] <sarnold> sadly there's no great way to do that; best you can do is probably run pkill -u foo  a few times
[23:44] <RevertToType> they'll either be powered off imporoperly or shutdown every session so that should be fine
[23:44] <RevertToType> they're teaching laptops for a classroom
[23:45] <tarpman> bonus points if you run them on overlayfs off a read-only medium :)
[23:46] <RevertToType> hrm
[23:47] <RevertToType> i was looking at porteus but the teachers are picky about some stuff
[23:56] <sarnold> looks kinda neat but re-written initscripts and "modules" instead feel like it'd be moderately large hurdles to keeping it updated and keeping slight customizations
[23:57] <RevertToType> it really lbegan to be
[23:57] <RevertToType> i mean it's also why tiny core and others started to get obnoxious
[23:57] <RevertToType> i like having a system
[23:57] <RevertToType> not a pile of zip files at best
[23:58] <sarnold> with what it sounds like you're building you still ought to be able to install unattended-upgrades and keep up to date with fixes..
[23:58] <RevertToType> yup
[23:58] <RevertToType> already setup to do that