[00:00] <DannySMc> tarpman: it stays in the foreground hence why I want to use it as a service and try to stay clear of screen
[00:03]  * patdk-lap loves forkbombs
[00:03] <DannySMc> Any ideas? tarpman or sarnold
[00:03] <DannySMc> patdk-lap: May I ask what a forkbomb is?
[00:04] <patdk-lap> google can help there
[00:04] <patdk-lap> when you do, ./start.sh, does start.sh stop? and let you type in more commands?
[00:04] <tarpman> DannySMc: assuming you already fixed the runlevel line someone else mentioned, I'd be looking for differences between your user environment and the service environment
[00:04] <tarpman> patdk-lap: I just asked about that :P
[00:05] <patdk-lap> I didn't see the answer
[00:05]  * patdk-lap cant read
[00:05] <sarnold> DannySMc: when you run it by hand, are you running as user minecraft, group minecraft? or just your standard user account?
[00:05] <DannySMc> Actually I do get a problem, that when I run the MC server via the service it seems to get slower and slower, as if the CPU has just put it at the bottom of the priority list... (this was my first attempt), so how would I find that out?
[00:06] <DannySMc> standard user account currently
[00:06] <DannySMc> Like find out differences?
[00:06] <sarnold> try again with the user and group that you specified in the conf
[00:07] <DannySMc> sarnold: how do I do that>
[00:07] <DannySMc> like change user?
[00:07] <DannySMc> su - minecraft?
[00:08] <DannySMc> in the service script?
[00:08] <sarnold> DannySMc: no, just do it right in your shell..
[00:08] <sarnold> DannySMc: something like 'sudo -i -u minecraft -g minecraft' ought to do it
[00:11] <DannySMc> This is hell sarnold
[00:11] <DannySMc> sarnold: I tried doing it and it says cannot access .jar file?
[00:12] <sarnold> DannySMc: aha :) check ls -l in the directory
[00:13] <DannySMc> sarnold: okay?
[00:13] <sarnold> DannySMc: do the permissions look like they shuold allow the minecraft user and group the ability to read and write what they need to?
[00:14] <DannySMc> sarnold: they all seem to be root and like start.sh has 666
[00:14] <DannySMc> I need these accessible to everyone who is logged in...
[00:15] <DannySMc> I did sudo chmod -R 7777 /srv/minecraft/Survival
[00:15] <DannySMc> and it still has done nothing >.< sarnold
[00:16] <sarnold> first, that's too many sevens; the first 7 will mean to turn on sticky bit, sgid bit, and suid bit; you don't want any of those. second, these permissions are entirely too wide open; it's best to restrict privileges and permissions to only what is needed
[00:16] <sarnold> why do you want every user on your system to be able to modify these at any time?
[00:17] <DannySMc> Well I only want anyone with the group minecraft but it is hard to edit these as I am very inexperienced
[00:17] <DannySMc> and when I do sudo start mc-survival
[00:17] <DannySMc> It could be anyone logged in running it
[00:17] <sarnold> normally you wouldn't care, it just gets run early in boot and stays running..
[00:18] <DannySMc> sarnold: it would need to be restarted when we do updates and that, which is a problem
[00:18] <DannySMc> especially now while we are building it
[00:18] <sarnold> DannySMc: .. and if you're using sudo to manage the service anyway, that means you don't want e.g. your web server to have write access here..
[00:19] <DannySMc> Okay well how do I set users with the group minecraft to be able to edit it?
[00:19] <DannySMc> and that is ALL the files inside the /srv/minecraft folder
[00:20] <DannySMc> and folders*
[00:21] <sarnold> chown -R minecraft:minecraft /srv/minecraft ; find /srv/minecraft -type d -exec chmod 775 {} \; ; find /srv/minecraft -type f -exec chmod 664 {} \\;
[00:22] <sarnold> oh, of course, resetting the start.sh to 775 at the end
[00:23] <DannySMc> Well I seem to get errors like operation not permitted and missing arguments to exec
[00:23] <DannySMc> sarnold:
[00:23] <DannySMc> Yeah so every operation was not permitted
[00:25] <DannySMc> sarnold: so changed to root, and it just says missing argument to exec
[00:25] <DannySMc> to -exec sorry
[00:27] <sarnold> DannySMc: gah that last command had an extra \ in it
[00:28] <DannySMc> sarnold: that's done
[00:29] <DannySMc> sarnold: I get permission denied now?
[00:29] <sarnold> DannySMc: alright, so that should be everything in there readable and writable to members of the minecraft group, everyone else can read it
[00:32] <DannySMc> sarnold: I have added my root account and dannysmc95 to the minecraft group, but I get permission denied?
[00:32] <sarnold> DannySMc: did you login again or use newgrp minecraft in your shell to get a new shell with the new group permission?
[00:33] <DannySMc> sarnold: sorry what? do I need to relogin?
[00:33] <sarnold> group membership changes only happen at specific times, login through a service or via 'sg', 'newrgp', commands
[00:33] <sarnold> relogin is easiest way tog et the change into all your processes, but it isn't necessary
[00:33] <DannySMc> I did sg minecraft?
[00:34] <DannySMc> sarnold: is that right ^
[00:34] <sarnold> it probably looked like nothing changed; run 'id' to make sure the new group is ther
[00:35] <DannySMc> sarnold:  yeah its in gid=1001(minecraft)
[00:35] <sarnold> good good; now try to edit the config files again and make sure that it works
[00:36] <DannySMc> yeah just added and removed a space and no errors?
[00:37] <sarnold> nice :)
[00:37] <sarnold> okay, back to the issue at hand.. try the sudo service ... start command and see what happens
[00:39] <DannySMc> sarnold: same problem
[00:39] <DannySMc> sarnold: unknown command
[00:40] <DannySMc> sarnold: Look I am going to bed, as I have work tomorrow, thanks for your help I shall try and get on tomorrow! Unless I can fix it by then, thanks again for helping with my permissions!
[01:37] <arooni> i thinkhey everyone ;  just upgraded from ubuntu 12.04 => 14.04... now i'd like to install nginx from ubuntu's package.  i think i installed nginx from source... can i just install the nginx package on ubuntu over the existing installation?  or do i need to do something in between?
[01:51] <sarnold> arooni: it's usual to install self-compiled packages into /usr/local/ instead of into /usr -- when you install nginx, it may not overwrite the actual files you're using, and if you provided your own /etc/init.d/ script or /etc/init/ upstart configuration, the one from the package may not install cleanly
[01:51] <sarnold> arooni: if there's an easy way to uninstall what you've done before, while still keeping your configuration, it might be worth doing that first, just to make the packaged version more predictable
[01:53] <arooni> thanks sarnold
[01:54] <arooni> looks like i at least need to remove the upstart scripts
[01:57] <arooni> sarnold, it looks like there's a config file at /etc/init.d/nginx ... should i just remove it ; or do i need to run a command first to tell ubuntu not to use it anymore
[01:59] <sarnold> arooni: depends.. if you just remove it, the currently running nginx won't cleanly shutdown at reboot or when it's time tos tart the new one
[02:00] <sarnold> arooni: how much downtime on the server is acceptible?
[02:01] <sarnold> wow, my poor brain. "acceptible". sheesh.
[02:02] <arooni> minimal .. this is production but i coudl have some
[02:03] <sarnold> alright; I think if it were me then I'd use it to shut down the currently running nginx, then move it out of the way, install the new one, and go from there..
[02:03] <arooni> i removed the /etc/init.d/ script
[02:04] <arooni> using update.rc
[02:04] <arooni> i'm wondering if i  need to remove anything else?
[02:04] <arooni> id like to use the same config stuff
[02:05] <sarnold> nothing else comes to mind; back up the configs, perhaps..
[05:41] <ubuntu804> Hey guys,, i'm trying netinstall of ubuntu server 14.04, and when i use apache web server it installs just fine.. but when i use IIS web server it fails to load few modules.. and throws errors while install step saying unable to install selected kernel.. linux-generic.. any suggestions..??
[05:43] <ubuntu804> is there any dependecies with md5 sum?? how can i modify it if there is.?
[05:51] <ubuntu804> anyone.??
[07:43] <Darkfire2> Anyone here ever had this issue.... I use webmin to install a SSL Certificate to a virtual host on my Ubuntu 14.04 server. When i go to apply the changes it ends up crashing my server. I know i am selecting the correct Certificate/Key/and Authorities file... What would cause this. I had also tried installing it manually into sites-available/mysitename.conf and same results.
[08:02] <jamespage> coreycb, I pushed a couple more tweaks to ceilometer - they can go with the next upload
[08:02] <jamespage> restricting test execution to unit tests, using the upstream wrapper to generate the configuration file
[11:13] <coreycb> jamespage, ok good catch on the config file
[11:17] <Mark___> Are anyone here familiar with setting up a storage server with redudant data and failover fallback server? Cause I need help setting up so my 2 web servers can access my storage server, which should have a failover fallback to another storage server which are replicating to each other.
[11:30] <halvors> Hi!.
[11:31] <halvors> I've enabled ipv4 forwarding in sysctl.conf.
[11:31] <halvors> But my server won't route packets.
[11:32] <halvors> Isn't it possible to do this in ubutnu woithout NAT'ing?
[11:34] <TJ-> halvors: Yes.
[11:36] <lordievader> halvors: What are you trying to do exactly?
[11:38] <halvors> lordievader: I'm trying to route between my 2 interfaces.
[11:38] <halvors> 2 LAN interfaces in different subnets.
[11:38] <TJ-> halvors: if forwarding is enabled, then there just need to be the correct entries in the routing table(s)
[11:39] <halvors> Is there any way to do that based on the nic's name?
[11:41] <TJ-> halvors: try "find /proc/sys/net -name forwarding -exec sh -c 'echo "{} $(cat {})"' \;  "
[11:44] <halvors> TJ: My routing table is like this: http://pastebin.com/nLgT9Wrz
[11:44] <halvors> Where eth1 is my outside interface and vlan10 is my inside interface.
[11:45] <halvors> Whouldn't that do the trick?
[11:45] <halvors> Result of the command you sent is: /proc/sys/net/ipv4/conf/all/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv4/conf/default/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv4/conf/eth0/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv4/conf/eth1/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv4/conf/lo/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv4/conf/vlan10/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv6/conf/all/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv6/conf/default/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv6/conf/eth0/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv6/conf/eth1/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv6/conf/lo/forwarding 1
[11:45] <halvors> /proc/sys/net/ipv6/conf/vlan10/forwarding 1
[11:45] <ratrace> boom
[11:45] <halvors> Oh, sorry. Meant to pastebin that :(
[11:53] <TJ-> halvors: how are you determining it is not working?
[11:53] <TJ-> halvors: I'd run tcpdump on the VLAN interface to see if packets are going out. The problem may not be on the Linux side.
[11:54] <halvors> TJ: Well i was asking if there is some obvious reason that it should not work.
[11:54] <halvors> But a simple ping doesn't go thru from the inside.
[11:56] <TJ-> clients on the VLAN can connect to the router host's VLAN IP address, but not anything on the eth0 subnet?
[12:03] <halvors> TJ: I know my setup with vlan is some strange.
[12:03] <halvors> But it legit.
[12:04] <halvors> When i ping 8.8.8.8 i se the ping in tcpdump on the router but doesn't get any response on the client.
[12:04] <halvors> Is there routes missing back to the client?
[12:10] <lordievader> halvors: Does 8.8.8.8 know where to send the packet to get to your vlan?
[12:10] <TJ-> halvors: are the clients configured to see the VLAN tagging on the returned packets?
[12:12] <halvors> TJ: Yes :)
[12:12] <jamespage> coreycb, http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html
[12:12] <jamespage> ceilometer regression for autopkgtests
[12:12] <halvors> lordievader: 8.8.8.8 is google dns.
[12:12] <halvors> The default route of the router is the route to the internet.
[12:12] <jamespage> coreycb, looking at the tests, the bit of code that checks using pidof is not valid now that we use ceilometer-polling as the binary for lots of agents
[12:12] <lordievader> halvors: That is not the question. The ping response needs to go somewhere, is there a route back to your vlan.
[12:12] <lordievader> ?
[12:13] <halvors> From my understanding it is: http://pastebin.com/nLgT9Wrz
[12:13] <halvors> Route back to the 172.16.10.0/24 network thru vlan10 interface.
[12:13] <lordievader> I don't think google has that route information.
[12:13] <halvors> hahahha
[12:14] <lordievader> I.e. google gets a packet from 172.16.10.1 (example), it sends a packet back to that ip...
[12:14] <halvors> Well pinging google from the router works, so that far google have routing information.
[12:14] <halvors> Yeah.
[12:14] <halvors> I know.
[12:14] <halvors> And then i should work.
[12:14] <halvors> The issue here is why and how 172.16.10.1 routes the packet back to 172.16.10.2 :)
[12:15] <lordievader> Why? Does google know where 172.16.10.0/24 is?
[12:15] <halvors> It does not.
[12:16] <TJ-> halvors: the point is, 172.16 is a private address range. You have to NAT that to the public address
[12:16] <lordievader> So how can it send a packet to that range?
[12:16] <halvors> Yeah i know, high potetically i does.
[12:17] <halvors> There is a NAT server on the default gateway of my router.
[12:17] <halvors> So that should work just fine ;)
[12:17] <halvors> Right?
[12:17] <halvors> Ah, now i see the issue here.
[12:17] <halvors> Maybe my NAT server is only accepting packets from 10.216.8.0/23 :-S
[12:18] <lordievader> So yes, you probably need a NAT. Or get your isp to accept bgp packets from you or something.
[12:18] <coreycb> jamespage, ok looking
[12:19] <halvors> lordievader: If that is the case, i should still be able to ping the gateway of my router which is 10.216.8.1.
[12:19] <halvors> From the client behind my router, right?
[12:19] <TJ-> halvors: if the default gateway is NATing, it needs the 172.16 route adding to its routing table to route those packets to the Linux router
[12:19] <lordievader> halvors: No, same problem. Your router has no route to 172.16.something
[12:20] <halvors> lordievader: Right ;)
[12:20] <TJ-> halvors: presently it sounds like the gateway/NAT device doesn't know about that subnet so it will just drop the returning packets
[12:20] <halvors> Thank you for your help.
[12:20] <lordievader> Or at least, not by default.
[12:20] <halvors> That makes sense.
[12:20] <halvors> I am able to ping the 10.216.8.78 which is the IP adress eth1 interface of my router (outside).
[12:21] <halvors> I shouldn't be able to do that if forwarding wasn't enabled right?
[12:43] <ratrace> halvors: correct
[12:45] <Mark___> Hey. Can I use UFW to allow a specific IP to access all ports?
[12:46] <lordievader> Yes.
[12:46] <Mark___> How would that command look like?
[12:46] <halvors> Thank you guys for excellent help :)
[12:46] <lordievader> No idea. Long time since I last used UFW. But since it is a frontend for iptables....
[12:46] <halvors> Very much apriciated :D
[12:47] <Mark___> Okay. Thanks. I will try to look it up.
[12:47] <lordievader> Man page of ufw will probably tell you.
[12:53] <Mark___> Found out for those interested, that you can allow an IP to access all IPs with the following command: sudo ufw allow from xxx.xxx.xxx.xxx
[12:53] <Mark___> Thanks everyone
[13:07] <coreycb> jamespage, ceilometer tests are updated and I added a systemd test: https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/ceilometer/commit/?id=a0e4845c90fddc83fba987686884d3e07087b004
[13:18] <lordievader> Mark___: I'd recommend to learn iptables.
[13:19] <lordievader> Ufw might be easy in the beginning but after a while it becomes restrictive.
[13:22] <jdstrand> not that I'm biased, but if ufw does the job...
[13:22] <jdstrand> plus you can use it with iptables rules if you need an extra rule or two by modifying /etc/ufw/*rules
[13:23] <jamespage> coreycb, ok - just taking a run at those tests locally - are you faimilar with adt-run?
[13:24] <coreycb> jamespage, yes but it seems to take way too long to run.  I tested these manually.
[13:24] <jamespage> lemme try as well
[13:24] <lordievader> jdstrand: You are the maintainer?
[13:24] <jdstrand> I am
[13:24] <lordievader> jdstrand: Ah, cool. Good to know ;)
[13:25] <coreycb> jamespage, thanks.  do you typically run adt-run against debs?  --binary ./*.deb
[13:25] <jamespage> coreycb, I build the package and then run using --changes
[13:25] <coreycb> jamespage, ok
[13:25] <jamespage> coreycb, you need to make sure you build the packages using the --source option with sbuild
[13:25] <jamespage> so that source and binary can be accessed
[13:26] <coreycb> jamespage, thanks good to know
[13:35] <jamespage> coreycb, test-services needs to be added to d/t/control
[13:38] <coreycb> jamespage, ok I just pushed that update
[13:43] <jamespage> zul, https://bugs.launchpad.net/neutron/+bug/1501772
[13:43] <zul> jamespage: want me to get ttx to get someone to look at it?
[13:44] <jamespage> zul, sure
[13:45] <jamespage> zul, might be worth seeing if any other bugs exist first..
[13:57] <jamespage> zul, and then I hit a nproc limit...
[13:57]  * jamespage sighs
[13:57] <zul> jamespage: sounds like you are having fun :)
[14:13] <jamespage> coreycb, if its testing ok for you please upload
[14:15] <coreycb> jamespage, eh... I'm getting an error that I think might be in adt-run http://paste.ubuntu.com/12631883/
[14:16] <coreycb> jamespage, I think it's fairly safe to upload though based on manual tests
[14:27] <jamespage> coreycb, running adt now - was waiting for a build
[14:28] <coreycb> jamespage, ok I'm trying again with --output-dir
[14:28] <jamespage> coreycb, I do
[14:28] <jamespage> adt-run --changes ceilometer_5.0.0~rc1-0ubuntu3_amd64.changes -U --apt-pocket=proposed --- qemu ~/images/adt-wily-amd64-cloud.img
[14:29] <coreycb> jamespage, ok that's pretty much what I was using
[14:32] <jamespage> coreycb, lgtm upload away
[14:32] <coreycb> jamespage, cool ok
[14:49] <zul> jamespage,  shazbutt http://pastebin.ubuntu.com/12632075/
[16:30] <m1dnight_> Hello guys. Somehow I have messed up my MOTD (over ssh). Is there any clearcut way to reset it to default settings?
[16:31] <RoyK> m1dnight_: it's in /etc/motd
[16:31] <m1dnight_> so if I copy those files from a fresh install and overwrite them it should be okay, right?
[16:31] <RoyK> it's a textfile ;)
[16:32] <m1dnight_> Yes well, I figured as much. But maybe there was some applicatoin logic or settings I might have broken.
[16:32] <m1dnight_> Hence, my question.
[16:33] <RoyK> http://manpages.ubuntu.com/manpages/raring/man5/update-motd.5.html perhaps?
[16:42] <hallyn> wolsen: bug 1457517 , do you have the rights to upload the vivid debdiff for SRU?
[16:42] <hallyn> if not do you want me to push it?
[16:43] <hallyn> (i'll push it unless you say otherwise)
[16:44] <hallyn> hm, actually coreycb is the one credited in changelog,
[16:45] <hallyn> uh except someone broke debian/rules
[16:46] <coreycb> hallyn, oh I think we were waiting on that to land upstream first if I remember
[16:46] <hallyn> it is upstream
[16:46] <hallyn> it's in wily
[16:47] <hallyn> coreycb: but your change to debian/rules, ther'es no explanation why and no bug#.  I assume guessing deps broke something/
[16:50] <hallyn> well, pushing
[16:51] <m1dnight_> RoyK: I copied the files from a clean install and they seem to work fine. Thanks.
[16:54] <coreycb> hallyn, sorry I was looking at it closer, yeah I think we can upload that.  I dont' recall exactly why we dindn't sru it.  Probably because there's a stable release next week for kilo.
[16:55] <coreycb> hallyn, the d/rules explanation is in the changelog
[16:55] <coreycb> that fix is for the cloud archive, where's it's been uploaded already for trusty-kilo.
[16:56] <hallyn> ok
[16:56] <RoyK> mikal: np (:
[16:57] <hallyn> coreycb: ...   "Prevent dh_python2 from guessing dependencies." doesn't tell me why you need to prevent it from guessing dependencies :)
[16:57] <hallyn> I'm left assuming that's a good thing, but wondering hwy, if it's a good thing, it isn't the default
[16:57] <coreycb> hallyn, fair enough :)
[16:57] <RoyK> m1dnight_: np :(
[16:58] <coreycb> hallyn, old versions of dh_python2 guessed dependencies based on requirements.txt and new versions don't do that, and we want the new version behavior.
[17:00] <hallyn> then why have requirements.txt?
[17:00] <hallyn> (i'm not picking on you, i'm edumacating myself :)
[17:01] <coreycb> hallyn, you'd use requirements.txt to install the package with pip
[17:01] <coreycb> install deps that is
[17:01] <hallyn> ah
[17:01] <hallyn> thanks
[17:14] <blib> anyone can help me with a networking issue? My machines' dns is working (dig xyz.com) - I can ssh into it. But I can't ssh from inside to outside?
[17:37] <wolsen> hallyn: for the record I do not have upload rights - but thank you
[18:08] <Wicaeed> Hey all, I'm trying to gather information from NFS client for debugging purposes, but I can't figure out what verbosity is even configured by default for the nfs client options
[18:08] <Wicaeed> Is there a default NFS client config file on Ubu 14 where I can configure the logging verbosity?
[18:24] <johnfg> I think I got the cart before the horse on cinnamon.
[18:24] <johnfg> I'm running server 14.04.3, and just installed cinnamon.  But no X yet.
[18:24] <johnfg> What's the best way to install what cinnamon needs?
[18:24] <lordievader> Why would you want X on a server?
[18:25] <johnfg> lordievader: because that's what I'm used to.
[18:25] <lordievader> But it is a server...
[18:25] <lordievader> Having X is just wasting resources.
[18:28] <sarnold> johnfg: you can always ssh -XY server   to forward X11 connections to run whatever gui you might need on it
[18:29] <johnfg> true, i'll keep that in mind folks.  thanks
[19:20] <coreycb> beisner, can you promote kilo-proposed to kilo-updates in the cloud archive?
[19:30] <keithzg> lordievader: I think with most servers these days (assuming they aren't just containers), the hardware resources required for X are just a drop in the bucket. But that being said, I'd say the resource that it's wasting then is actually sysadmin attention. The less that's running, the easier it is to keep track of and to diagnose if something's failing!
[19:47] <StathisA> is there a way to check if sourced in /etc/apt/sources.list.d are honored or not?
[19:47] <StathisA> *sources
[19:48] <pmatulis> StathisA: sure, update your package files (sudo apt update)
[19:50] <StathisA> pmatulis,  I've tried that, theres some "Err http://ppa.launchpad.net vivid/main amd64 Packages
[19:50] <StathisA> " which I cannot find which of the added ppa's are triggering
[19:50] <StathisA> thats why I ask, I cant find which is NOT working in sudo apt update
[20:04] <pmatulis> StathisA: it should state what it was at the end of the output. at least it does for me (on wily)
[20:05] <pmatulis> http://askubuntu.com/questions/135932/apt-get-update-failure-to-fetch-cant-connect-to-any-sources
[20:09] <StathisA> ok thanks!
[20:20] <bananapie> I am playing with compiling my own kernel ( for the sake of learning ), I ran localyesconfig, and it breaks X horribly because my graphics card only works properly when loaded as a module. Is it a bug because it should have set my graphics card driver to M or is it a feature because I say 'localYESconfig' ?
[20:21] <bekks> It'S because you used localyesconfig
[20:23] <bananapie> ok.
[22:21] <teward> stupid question, but is it possible to run landscape-client on one computer in 'monitor' mode only, so that it isn't depending on the management features?  (i.e. an 'unmanaged' but 'monitored' system)