=== waspinator_ is now known as waspinator
=== markthomas is now known as markthomas|away
=== armyriad2 is now known as armyriad
jvwjgamesHi I need help my server has no internet04:55
=== thumper is now known as thumper-afk
jvwjgamesWhen ever I use ping or traceroute I always get a reply from my interfaces IP address.04:56
=== cipi is now known as CiPi
moneylotionhey anyone have any ideas, how i can sync two nas servers, running zfs07:32
moneylotionim thinking snapshots are a good idea, any others07:33
miriohmirimoneylotion: take a look at rsync ;)07:33
moneylotionwill that spin up the drives?07:33
moneylotionsort of wondering about frequency... want to avoid unneeded wear07:33
moneylotionis there anything that is more async07:34
miriohmirii think in case you write something it will spin up, frequency: as often as you need it to be synced07:34
miriohmirion read i dont know if it will spin up with a zfs volume, but you might just give it a try07:34
moneylotionanything that can replicate like a raid1 over network?07:34
miriohmiri i am trying to configure opendkim and on every parameter I write myself in the config, it says "unrecognized parameter" even if the parameter is clearly valid without typos acordingly to the manpage07:37
=== G_ is now known as G
=== G is now known as 32NAAFIPE
=== 32NAAFIPE is now known as G
=== ianorlin is now known as ianorlyn
=== Lcawte|Away is now known as Lcawte
sudheerhey guys.. I installed Ubuntu server using netboot.. installation completed successfully and when in restarts it goes to grub prompt and i dont see any vmlinuz to boot from there..  any thoughts on how to solve this..??10:56
RoyKprobably boot on some live thing and reinstall grub10:57
sudheer?? boot on live thing..??10:58
sudheerits PXE install..!!10:58
RoyKwell, it seems grub is broken10:58
RoyKI'm just suggesting10:58
sudheeryea.. master boot record currupted is what i'm expecting..!!10:59
jamespagecoreycb, we'll never pbr>=1.810:59
jamespagemanila ftbfs10:59
sudheerbut at least i should be able to see vmlunz and initrd under (HDx,y) drive10:59
jamespagethats come from setup.py, no requirements.txt11:00
mnms_guys I installed and configured vsftpd based on this doc https://help.ubuntu.com/community/vsftpd, but I cannot make it work with virtual users. I get 530 login incorrect11:54
mnms_and Im out of ideas11:54
RoyKmnms_: why ftp?12:34
ubottuFTP clients: Nautilus (Places -> Connect to server), gFTP, FileZilla (for !GNOME); Konqueror, Kasablanca, KFTPGrabber (for !KDE); FireFTP (for Firefox); ftp, lftp (for !cli) - See also !FTPd12:34
RoyKmnms_: ftp is an old and insecure protocol - use sftp instead - it runs on top of ssh and is very secure - works with clients like filezilla too12:35
RoyKmnms_: if your server has sshd running, sftp works12:36
ubottuFTP servers: ftpd, proftpd, pure-ftpd, twoftpd, vsftpd, MuddleFTPd, wzdftpd - Graphical front-ends: PureAdmin, GProftpd (for GNOME), KcmPureftpd (for !KDE) - See also !FTP12:36
RoyKubottu: also, ftpd is old and insecure and should not be used. Use sftp instead!12:36
lordievaderOr use ftps.12:36
RoyKlordievader: better use sftp - ftps is just ftp over ssl :P12:37
lordievaderAgreed, but still. ftps is better than ftp ;)12:37
RoyKftp is a horrible protocol12:37
RoyKlordievader: sure, but it's a pain to setup12:37
lordievaderLuckily never had to do that. I try to stay away from *ftp*12:38
RoyKlordievader: and lots of rarities and issues with numerous clients12:38
RoyKlordievader: I've tried, and found it's rubbish12:38
RoyKsftp just works(TM)12:39
ubottuSSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSH for client usage. PuTTY is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. See also !scp (Secure CoPy) and !sshd (Secure SHell Daemon)12:39
RoyKsecure, secret hell ;)12:40
mnms_I have to use ftps cause some apps have to connect via ftp protocol12:41
RoyKwhat sort of apps?12:41
mnms_apps written in .net12:42
RoyKwritten locally?12:42
mnms_what do you mean locally ?12:42
RoyKin-house stuff?12:42
RoyKthen tell those developers to use something else - samba is better - sftp is better - EVERYTHING is better than FTP with or without the "s" at the end12:43
arcskyHi guys anyone here have Intel Ultimate-N 6300 wireless card? I cant get it to work in Linux Uubntu12:43
teward!crosspost | arcsky12:44
ubottuarcsky: Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.12:44
mnms_RoyK: option FTPs is enough for me, it is enough secure. But I have real problem to make it work12:44
lordievaderarcsky: I have an Advanced-N 6205.12:45
mnms_It is easier for me to setup ftps than changing other apps12:45
RoyKmnms_: samba is pretty secure too and far easier to setup - last I tried to setup ftps, I ran into a truckload of issues with filezilla12:45
lordievaderarcsky: I guess that nic uses the same iwlwifi driver.12:45
mnms_RoyK: I get right now GnuTLS error -15: An unexpected TLS packet was received.12:46
RoyKmnms_: and those .net developers will just love to be able to just connect to a samba share instead of reinventing the wheel12:46
lordievaderOr use scp, that is likely already setup.12:46
RoyKmnms_: might be the same I got - I just gave up12:46
mnms_RoyK: It cannot be so hard to setup ftps ! :)12:46
RoyKmnms_: well, noone uses FTP anymore12:47
mnms_RoyK: sftp needs system account, I would like to have virtual account12:47
patdk-wkusing ftps is almost impossible12:47
RoyKmnms_: so things aren't updated too often12:47
patdk-wkcause it won't work if there is ANY NAT system at all12:47
RoyKmnms_: samba doesn't need a system account12:47
RoyKpatdk-wk: works fine with the linux nat helper ;)12:47
patdk-wkroyk, how?12:48
patdk-wkif it does, it's seriously wrong12:48
RoyKpatdk-wk: but probably not ftps, though12:48
patdk-wkit's encrypted12:48
RoyKPORT 31235 encrypted :D12:48
arcskylordievader: yes i use iwlwifi12:48
RoyKpatdk-wk: I didn't think about the PORT thing12:48
patdk-wkwhy the options are ftp or sftp, and never ftps :)12:48
RoyKmnms_: just use something else, ok?12:49
mnms_what NAT system has to encryption ?12:49
patdk-wknat has to *modify* the protocol data itself12:49
mnms_RoyK: I cannot cause I need to be able to connect via ftp or ftps from those apps :(12:49
patdk-wkif it's encrypted, that cannot happen12:49
RoyKmnms_: no... FTP is a horrible protocol. When you try to transfer a file, the *client* opens a high port and tells the server to send data to that port12:49
RoyKmnms_: if the data is encrypted, the router can't know which port to open/forward12:49
patdk-wkftp is a good protocol, it's just not nat friendly12:49
patdk-wknat was invented after ftp, and nat is evil12:50
RoyKpatdk-wk: well, nat is needed since people don't use ipv6 :P12:50
patdk-wksip is the same, and sip was made after nat :)12:50
mnms_yep problem with IPs still exist12:50
RoyKmhm - sip and nat isn't a stroll in the park12:50
RoyKmnms_: not IP, IPv412:51
patdk-wka huge goal of ipv6 was to remove nat12:51
mnms_RoyK: thats what i mean12:51
patdk-wkjust not solve ip space limit12:51
patdk-wkbut yes, due to security designs these days, and stateful firewalls, ftp is becoming very useless12:52
RoyKmnms_: so - find another solution - .net things usually run on windows, so a samba share should be the simple way12:53
mnms_RoyK: I still dont understand why it is problem ftps for nat, tcp header is not encrypted ?12:55
mnms_why nat is problm for ftps* sorry12:55
patdk-wkwhat does tcp header have to do with anything12:55
mnms_ROyK said GnuTLS error -15: An unexpected TLS packet was received.12:55
mnms_if the data is encrypted, the router can't know which port to open/forward12:56
patdk-wkbut what does that have to do with tcp headres?12:56
mnms_there is all info about src dest port and address yes ?12:56
RoyKmnms_: no, but when you do GET /somefile, the client says "PORT xxx" to the server, in the encrypted, application stream, client opens port xxx and the server tries to connect to that port. The NAT router will open/forward that port, but not if the data stream is encrypted, since it can't know12:56
patdk-wkyour confusing the data connection tcp header, with the data INSIDE the control connection12:57
patdk-wkand that is actually the least of your worries12:57
jvwjgamesI need help my server is not connecting to the internet j ping and traceroute anally I get is the interfaces IP as a reply12:57
patdk-wkalso contained in it is the IP address12:57
patdk-wkthat IP address needs to be replaced from your private ip to the public ip12:57
RoyK"anally I get is.." (?!?)12:58
mnms_RoyK: Passive range port doesnt solve this ?13:03
RoyKmnms_: maybe - not sure - talk to the .net folks and ask if they can use a samba share13:04
RoyKmnms_: it's easier for them to use and it's easier and more secure than ftps13:04
RoyKmnms_: if they're on win2k12r2 or something, they can even use encrypted SMB313:05
RoyKmnms_: SMB3 doesn't work with win7, though, M$ doesn't want to backport nice things - it's better to force people to upgrade :P13:06
mnms_RoyK: The point is that I wanted to finish this with this shitty ftps solution :[13:12
RoyKmnms_: just trying to help - it's easier in both short and long term to use something useful instead of hammering in large nails with a small screwdriver :P13:14
mnms_RoyK: :)13:18
jvwjgamesI need help with my server13:18
jvwjgamesAny suggestions13:19
sesevwhat's your problem13:19
jvwjgamesMy internet on my server won't work13:23
jvwjgamesPing results in interface IP being displayed13:23
jvwjgamesRegardless of destination13:24
lordievaderjvwjgames: Does your interface has an ip?13:24
jvwjgamesYes it is static13:26
lordievaderjvwjgames: Hmm, okay. Does it have a gateway?13:27
jvwjgamesYes it does13:30
lordievaderjvwjgames: Can you ping the gateway?13:31
jvwjgamesI do now the modem works cause I have other stuff connected13:31
jvwjgamesDestination host unreachable13:32
lordievaderjvwjgames: There is your problem.13:34
jvwjgamesWhat is the problem13:37
lordievaderjvwjgames: You cannot reach your gateway and thus the internet.13:38
lordievaderLikely your static ip is wrongly configured.13:38
jvwjgamesIt isn't cause I have it configured as before all I did was reboot13:39
arcskylordievader: any idea how i can solve it? it keeps asking me for the password all the time to my accesspoint13:44
lordievaderarcsky: Sorry got to go. But look at wpa_supplicant. Will likely tell you more.13:48
mnms_credintials are encrypted by default when connect to samba resource ?13:58
patdk-wkif the server enables it14:00
hallynsmb: holy cow!   qemu commit 75d373ef9729b    pisses me off!14:00
hallyni'd been looking for something lik ethat in the kernel, failed to check qemu14:01
smbhallyn, heh yeah, nice aren't they14:01
hallyni especially love the "probably"14:02
smbhallyn, I am also a bti sad that somehow in my case the emulated cpu fails to do the cpuid part14:02
smbhallyn, my comment before. I got no system to reall test the g4 case. For g3 (and I think I am only lucky because I use some other machine type as template) it keeps the svm bit but fails to implement a cpuid function which normally would report svm version level and such14:04
smbhallyn, lots of fun...14:07
RoyKmnms_: yes, encryption is on by default. data encryption is supported on newer samba, but requires win8 or win2k12 (or recent linux/mac) on the client to work14:25
RoyKwin7 doesn't support data encryption14:25
RoyK(as in SMB3)14:25
mnms_RoyK: so connecting from win7 to samba resource means that credintials are in almost plain text ?14:54
RoyKno, connecting from win7, *data* is in cleartext14:55
RoyKbut that's win -> windows server too14:55
patdk-wkso auth is protected14:55
patdk-wkbut that xls file of passwords you just viewed, wasn't14:55
mnms_RoyK: Credintials are always encrypted ?14:56
patdk-wknot always14:56
patdk-wkthere are 3 options, not protected, protected if supported, always protected14:56
mnms_patdk-wk: those are option for samba resource definition ?14:57
RoyKmnms_: if "encrypt passwords = yes", which is the default14:57
patdk-wkno, those are options for windows smb14:58
patdk-wkno idea how to do it in samba, I don't use samba14:58
mnms_RoyK: Thanks14:58
RoyKmnms_: you have to go back some 10 years or so to find SMB without encrypted passords15:01
RoyKIIRC that came into win98 or so15:01
mnms_RoyK: Ok so I dont have to worry about connection encryption, the only thing now is data transferred from machine after connection15:02
mnms_which as you said can be not encrypted in some cases15:02
RoyKmnms_: smb3 supports and uses encryption15:02
RoyKmnms_: but then, you need a client that supports smb3, such as modern linux, windows and os x, but that does not include windows 715:03
mnms_xp or vista doesnt support ?15:03
patdk-wkxp isn't supported at all, xp died last year15:05
alreece45unless you happen to be one of the lucky few who gets special support from Microsoft15:12
mnms_RoyK, patdk-wk: thanks for support Im going to start my day away from desk :)15:16
RoyKmnms_: :)15:17
MrPocketsI'm trying to start a fresh install of vsftpd but it doesn't seem to start.   service vsftpd status shows  stop/waiting15:20
RoyKMrPockets: we just had a long discussion about ftp in here, just before you came in - just don't use it15:48
MrPocketsThats,  ....not really an option15:48
=== yogeshsarwate1 is now known as yogeshsarwate
=== markthomas|away is now known as markthomas
arcskyguys i get very often "System program problem detected16:19
arcskyhow can i see more detail about the issue?16:19
arcskyDo you want to report the problem now?"16:19
=== ksx4system_ is now known as ksx4system
=== ddstreet_away is now known as ddstreet
=== ming is now known as Guest97207
=== not_phunyguy is now known as phunyguy
gQuigshi, any plans for landing python-novaclient 2.23 in Kilo cloud archive?  there are two high importance api bug fixes -https://launchpad.net/python-novaclient/+milestone/2.23.016:30
=== markthomas is now known as markthomas|away
gQuigsto that end, is liberty cloud archive available yet?  - doesn't seem to work - https://wiki.ubuntu.com/ServerTeam/CloudArchive#Liberty19:05
sarnoldgQuigs: it all looks like it ought to work, e.g. http://ubuntu-cloud.archive.canonical.com/ubuntu/dists/trusty-updates/liberty/  and http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/liberty_versions.html  have a lot of packages..19:08
=== markthomas|away is now known as markthomas
gQuigssarnold:  I was able to manually add it.. hmm19:26
gQuigsubuntu@quicktest2:~$ sudo add-apt-repository cloud-archive:liberty19:26
gQuigs'liberty': not a valid cloud-archive name.19:26
gQuigsMust be one of ['folsom', 'folsom-proposed', 'grizzly', 'grizzly-proposed', 'havana', 'havana-proposed', 'icehouse', 'icehouse-proposed', 'juno', 'juno-proposed', 'kilo', 'kilo-proposed', 'tools', 'tools-proposed']19:26
sarnoldgQuigs: eww.19:27
gQuigsI see - http://changelogs.ubuntu.com/changelogs/pool/main/s/software-properties/software-properties_0.92.37.3/changelog19:27
gQuigseach archive needs to be manually added to the package19:27
gQuigsah I see - https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/147258619:29
ubottuLaunchpad bug 1472586 in software-properties (Ubuntu Trusty) "[SRU] Add support for liberty cloud-archive" [Undecided,Fix committed]19:29
keithzgHuh, why in the world am I suddenly getting apparmor complaining about dhcpd?20:44
keithzgapparmor="DENIED" operation="open" profile="/usr/sbin/dhcpd" name="/run/dhcp-server/dhcpd.pid" pid=9413 comm="dhcpd" requested_mask="r" denied_mask="r" fsuid=122 ouid=12220:45
keithzgThe server was working fine before, weird.20:45
jjohansenkeithzg: what release?20:51
keithzgjjohansen: 14.0421:03
keithzgHonestly I think things in general were going super-wonky, I walked over to the actual server and although it had been up and running for months in a normal boot, it was now asking me for the root password or to run ctrl-d to continue...21:04
keithzgI blame cosmic rays (or as-yet-undiscovered hardware failure of some kind, or just the honestly rather atrocious electrical in this building)21:04
keithzgIt definitely wasn't any sort of update, I've actually been a slacker on keeping this particular server up to date.21:05
keithzg(although it wasn't *too* long ago; it is on 14.04.3 to be exact)21:06
jjohansenkeithzg: can you pastebin the output of21:08
jjohansen  apparmor_parser -p /etc/apparmor.d/usr.sbin.dhcpd21:08
keithzgjjohansen: What pastebin server should I specify? Whatever the default one for pastebinit in 14.04 is, it's giving me "Failed to contact the server: [Errno socket error] [Errno -2] Name or service not known" now.21:12
jjohansenkeithzg: meh, any pastebin will do paste.ubuntu.com  pastebin.com21:14
keithzgjjohansen: naw, neither of those (either with our without a leading http://) work. Which is weird 'cause they're all listed with "pastebinit -l".21:16
jjohansenkeithzg: what do you get if you do21:16
jjohansen  host paste.canonical.com21:16
keithzgAs an option using pastebinit -b, I get "Unknown website, please post a bugreport to request this pastebin to be added (paste.canonical.com)". Running the actual host command, I get "paste.canonical.com has address"21:18
jjohansenkeithzg: my guess is you are having nameresolution failure issues, and may need to restart dns related things21:18
jjohansenoh shoot if host is returning an ip its not name resolution, so I need a new theory21:19
keithzgI'd be a bit surprised by that, unless it's somehow on the server itself and I've never noticed; if I run it on my desktop here (also 14.04) it works just fine.21:20
lordievaderIs lvmetad not available on Ubuntu? Or am I blatently overlooking things?21:20
maswanjjohansen: it can still be resolving. host asks dns directly, you can break libc resolving in other ways. "getent hosts <hostname>" is a better test.21:21
keithzgjjohansen: nevermind, I think I know what it is. The server *was* just rebooted, and I remember now that despite my searching I still haven't figured out what puts "nameserver localhost" in /etc/resolv.conf on this server, oops.21:22
keithzghttp://paste.ubuntu.com/12546292/ is the apparmor output now.21:23
keithzgmaswan: Oh, getent does that too? Nice, didn't know that.21:23
jjohansenkeithzg: so the profile definitely allows access to /run/dhcp-server/dhcpd.pid21:25
jjohansenI thought perhaps it might have missed that variant, but its there21:25
jjohansenso I am not sure why it would get that denial21:26
keithzgjjohansen: Oh? I was just perusing the file and didn't see that, is it just implied by an include?21:26
jjohansenhrmm doesn't look to be in an include21:27
jjohansen/{,var/}run/{,dhcp-server/}dhcpd{,6}.pid rw,21:27
keithzgahhh I see, fair enough21:27
maswankeithzg: yeah, very useful for debugging resolving when you accidentally /etc/hosts or nsswitch.conf, etc.21:27
keithzgmaswan: cool, yeah, I'll definitely have to keep that in mind (especially since many of these servers I've inherited here has various ugly hacks and workarounds layered in their history)21:28
keithzgjjohansen: Any ideas where to poke next then?21:30
jjohansenkeithzg: restart dhcpd and see if the denied message shows up again21:31
jjohansenkeithzg: you can try replacing the profile first, to make sure its got the right policy in the kernel21:32
jjohansen  apparmor_parser -r /etc/apparmor.d/usr.sbin.dhcpd21:32
keithzgjjohansen: Yeah, restarting isc-dhcp-server prints another such error in kern.log21:33
jjohansenthat would take care of a bit flip error in the policy, or such problems21:33
jjohansenokay, replace the profile and restart the service again21:33
keithzgALLOWED now!21:33
keithzgSo maybe I *can* blame cosmic rays?21:34
jjohansenugh, yeah or something writing over policy in memory21:34
=== ksx4system_ is now known as ksx4system
=== bilde2910_ is now known as bilde2910
=== thumper-afk is now known as thumper
=== PrudentMav is now known as PrudentMav[away]
=== PrudentMav[away] is now known as PrudentMav
=== PrudentMav is now known as PrudentMav[away]
=== PrudentMav[away] is now known as PrudentMav
=== Lcawte is now known as Lcawte|Away
=== jasaurusrex_ is now known as jasaurusrex
jordanrandlesI installed openvpn to my server and I guess I set it up wrong because when i restarted my server I cannot connect to it anymore. Its turned on and booted up fine but no connections in and no packets coming out of it. Does anyone know a way of fixing my issue?23:58

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!