[07:06] <Rar9> morning who can help me with installing basic auth for solr 5.3.1?  Zookeeper is running, but I´m stuck in creating a Security.json.
[07:16] <cmouse> hi!
[07:16] <cmouse> any ideas how to fix this:
[07:16] <cmouse> https://pbs.twimg.com/media/CVXJaLGXIAAcJsO.jpg:large
[07:18] <cmouse> it's ubuntu 14.04.3 server
[07:18] <cmouse> and trying very much to reboot after ctrl+alt+del
[07:30] <cmouse> so. why do I need to have 'splash' in my kernel cmdline to actually be able to boot my server?
[07:53] <lordievader> Good morning.
[11:00] <Rar9> hi who can help me with installing basic auth for solr 5.3.1?  Zookeeper is running, but I´m stuck in creating a Security.json.
[12:40] <hackeron> Anyone has any ideas about this boot bug? < https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1522201
[13:34] <rbasak> stgraber, hallyn: triaging https://bugs.launchpad.net/ubuntu/+source/tgt/+bug/1518440. Not sure how to deal with it. Do you want a task or shall I subscribe ~ubuntu-lxc or something?
[13:35] <Rar9> anybody here to help with zookeeper ?
[13:36] <rbasak> Rar9: I suggest you just ask your question and find out.
[13:57] <Rar9> rbasak i would like to know how to add a security.jon file to zookeeper as i would like to add basic auth to apache solr. 5.3.1
[14:25] <ubuntu-server123> Hello. I'm setting up some very locked down boxes from a PXE server for use as kiosks. I would like all set up to be as similar as possible to each other. At the moment I'm trying to use 'apt-get install -y curl=1.32' to do this. But I'm worried I'll forget to specify a version somewhere. Is it possible to set something like 'Install the newest version available by this date' instead?
[14:29] <mdeslaur> ubuntu-server123: why do you need to specify a version? just do apt-get install -y curl
[14:30] <mdeslaur> ubuntu-server123: do you not want security updates?
[14:30] <ubuntu-server123> mdeslaur: Not really. I'd rather have them all be the same.
[14:31] <mdeslaur> ubuntu-server123: in that case, I'd probably disable -updates and -security in your apt config and just install whatever was in the release pocket
[14:31] <mdeslaur> ubuntu-server123: the archive only generally contains two versions of each package: the one it was released with, and the latest update
[14:32] <mdeslaur> ubuntu-server123: so specifying any sort of version there is likely to break as soon as a newer version is available
[14:33] <ubuntu-server123> mdeslaur: I didn't know that. I assumed curl=1.32 would always work? They don't keep previous version in the repos?
[14:33] <mdeslaur> ie: if you specify curl=1.32-1ubuntu14 and then 1ubuntu15 comes out, it won't workanymore
[14:33] <mdeslaur> ubuntu-server123: nope, no previous versions
[14:33] <mdeslaur> here's a concrete example: https://launchpad.net/ubuntu/+source/curl
[14:33] <mdeslaur> trusty has 7.35.0-1ubuntu2 and 7.35.0-1ubuntu2.5
[14:34] <mdeslaur> because it released with -1ubuntu2 and got a bunch of updates all the way to -1ubuntu2.5
[14:34] <ubuntu-server123> mdeslaur: I think ideally. If we know there's a big security issue, or it's been a long time, we'd update a machine fully. Test it a lot. Then update them all in the same way. But I would rather not have 100 machines each with slightly different versions based on when they were originally set up.
[14:35] <mdeslaur> ubuntu-server123: if that's what you are looking to achieve, you should either install from a local repo where you control versions, or you need to use some sort of image based installation process
[14:35] <ubuntu-server123> mdeslaur: Oh. I didn't know that at all. That kind of sucks.
[14:35] <ubuntu-server123> Ok. That makes sense.
[14:35] <mdeslaur> well, there's not a lot of people who don't want to install security updates :)
[14:36] <ubuntu-server123> Are they only security updates that are received? On desktop ubuntu at least. I'm sure updates for Firefox for example were far more than just security updates?
[14:36] <mdeslaur> ubuntu-server123: the only thing you can do with the real archive if you want them to be all the same is to disable -updates and -security, and only use the release pocket
[14:36] <mdeslaur> -updated gets bugs fixes, -security gets security updates only
[14:37] <mdeslaur> s/-updated/-updates/
[14:37] <mdeslaur> but firefox is a special case, it gets new versions as security updates
[14:37] <ubuntu-server123> Ok. That would probably be good.
[14:37] <ubuntu-server123> mdeslaur: And that's kind of my issue with security updates or bug fixes. They do seem to occasionally break things.
[14:38] <mdeslaur> well, fortunately that doesn't happen often. Ideally you'd test them on a test machine, and then would push them out to your deployed machines
[14:38] <mdeslaur> once you've made sure nothing in your particular environment has regressed
[14:38] <ubuntu-server123> I was kind of hoping there would be an easy 'lock at this exact version' functionality. But that was very helpful. I'll see if initial releases will work or perhaps a mirror of the repo.
[14:39] <mdeslaur> if you're going to deploy these kiosks in different areas, I'd strongly suggest running your own repo mirror
[14:39] <ubuntu-server123> mdeslaur: Yes. That's what I'd like to do. But if I set up a new machine from PXE each week, I don't want to be doing full testing each time.
[14:39] <mdeslaur> that way to can hold back updates, etc.
[14:40] <ubuntu-server123> Thank you. You're been very helpful and have given me a lot to think about.
[14:40] <mdeslaur> yw
[15:34] <hackeron> TJ-: Btw, I got a bit further with the issue. If I downgrade the bios version from Intel, it boots, but does not reboot. Created another issue with all relevant logs:https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1522201
[15:34] <TJ-> hackeron: sometimes you have to wonder what the firmware writers actually learned at school!
[15:35] <hackeron> TJ-: don't know, but it works without issues with 3.19 so evidence still points to a problem with kernel 4.2.0?
[15:36] <TJ-> hackeron: My suspect would be the ACPI implementation, specfically the DSDT, in the firmware. That's where those kind of problems usually stem from.
[15:36] <hackeron> TJ-: hmm, why would it affect 4.2.0 but not 3.19? - should I report this to Intel do you think?
[15:37] <TJ-> I've done a lot of work on ACPI over the years; usually its that the kernel implementation gets more comprehensive and closer to the specification, which then provokes bugs in sloppy firmware
[15:39] <hackeron> TJ-: ah - I did notice Intel are struggling with this. The first NUC generation would not even switch on with a SATA hard drive plugged in without updating the BIOS.
[15:39] <hackeron> TJ-: you'd think Intel would get this right...
[15:47] <TJ-> hackeron: can you " sudo -u \#0 acpidump -bn DSDT;  iasl -d dsdt.dat " and then attach the dsdt.dsl to the bug report ?
[15:50] <stgraber> rbasak: added a task
[15:53] <hackeron> TJ-: sure :) - one sec
[15:56] <hackeron> TJ-: command output shows this: http://pastie.org/10606849 -- attaching the file now
[16:01] <hallyn> stgraber: seems like a straight out tgt bug to me
[16:02] <stgraber> hallyn: did you see what's failing? reading through quickly I only saw a ton of lxcfs stuff and then a generic failure.
[16:03] <hallyn> stgraber: i just reproduced it
[16:03] <hallyn> in xenial lxd container on xenial vm
[16:03] <hallyn> (just commented on the bug)
[16:03] <hackeron> TJ-: added attachment: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1522201/+attachment/4529649/+files/dsdt.dsl
[16:08] <TJ-> hackeron: right. open that dsdt.dsl file in a text viewer (I use less since it has regexp search) then search for "Windows" and you'll see several if(_OSI(...)) tests ... that's the firmware matching the running OS. The look at the start of Method _INI() and you'll see OSYS = 0x7D0 - a default value used if none of the OSI matches are true. You'll notice that more recent Windows versions assign a
[16:08] <TJ-> higher value to OSYS.
[16:08] <rbasak> hallyn: ah, thanks.
[16:09] <TJ-> hackeron: the OSYS value controls what services the firmware provides to the running OS. So, choose one of the most recent Windows version names - lets say "Windows 2015" would be a good start - and edit your kernel's comand-line via the GRUB boot-loader at start-up, and add (including the quote marks) "acpi_osi=Windows 2015" and boot with that. Test.
[16:10] <TJ-> hackeron: If that doesn't solve the known issues, or you find other issues, try again with a different "Windows XXXX" value from the list found in that DSDT.
[16:10] <TJ-> hackeron: that OSI value is directly effecting what ACPI methods are available to your OS.
[16:15] <hackeron> TJ-: hmm, I see - if for example "Windows 2015" solves the problem - I should report to intel that the DSDT gives the wrong ACPI methods for Linux 4.2?
[16:16] <TJ-> hackeron: this is a common problem - firmware support for Linux is almost non-existent. When it does recognise "Linux" it usually only assigns the default, lowest, support
[16:18] <BrianBlaze420> hello everyone
[16:18] <BrianBlaze420> I installed ubuntu server and never realized I hadthw wrong time zone
[16:19] <BrianBlaze420> I now switched my timezone and it looks like it worked when i do the date command
[16:19] <hackeron> TJ-: hmm, but in that case why would 3.19 be ok and 4.2 freeze/not reboot, etc?
[16:19] <BrianBlaze420> but in my logs they are still in the old time zone, anyone know how to fix that?
[16:21] <hackeron> TJ-: reboots with acpi_osi="Windows 2015"
[16:21] <hackeron> TJ-: going to try latest bios now
[16:23] <TJ-> hackeron: Those Methods defined in the DSDT are actually executed by the ACPI 'vm' inside the kernel. As the kernel code gets more precise to the specs it provokes bugs in the DSDT code.
[16:24] <TJ-> hackeron: the DSDT is compiled bytecode, rather like Java bytecode
[16:24] <hackeron> TJ-: no wait, even with old bios boot is still intermittent with acpi_osi="Windows 2015"
[16:26] <hackeron> trying windows 2013
[16:35] <TJ-> hackeron: there can be differences between cold (power loss) boot and 'warm' boot (if the +5V standby isn't removed)
[16:36] <hackeron> TJ-: it seems intermittent with 4.2 - now not booted or rebooted with acpi_osi="Windows 2013"
[16:36] <hackeron> TJ-: but works 100% reliably with 3.19
[16:38] <hackeron> TJ-: Failed to boot with warm boot, now booted with cold boot - but I think it's intermittent.
[16:39] <hackeron> TJ-: failed to shutdown after cold boot (Windows 2013), held power button for 5 seconds to switch off, now booted fine with warm boot
[16:40] <TJ-> hackeron: intermittent in booting suggests a race condition. how does it fail though, and where in the boot process
[16:40] <hackeron> TJ-: https://www.dropbox.com/s/fxy4opcqwnmjmwo/IMG_1489.jpg?dl=0 < here
[16:40] <hackeron> TJ-: this is where it freezes asking to reboot
[16:40] <hackeron> TJ-: this is where it freezes when booting: https://www.dropbox.com/s/y2c9i87kafvwsq1/IMG_1476.jpg?dl=0
[16:41] <hackeron> TJ-: this is what is in the log file when frozen asking to reboot: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1522201/+attachment/4528785/+files/syslog-reboot-freeze-PY0043.txt
[16:42] <TJ-> hackeron: that frozen at reboot (shutdown) is typical of the ACPI issues that can sometimes be solved with acpi_osi
[16:44] <hackeron> TJ-: doesn't seem to be :( - I tried 3 different ones now, Windows 2015, Windows 2013 and Windows 2009
[16:44] <TJ-> hackeron: the boot-time freeze does look like a race condition. "Reached target Local Filesystems (pre)" then starts udevd
[16:44] <hackeron> TJ-: any other ideas?
[16:45] <hackeron> TJ-: why is this race condition not affecting 3.19 though?
[16:45] <TJ-> hackeron: the only other thing to do would be to look at the changes in the ACPI code between 3.19..4.2
[16:45] <hackeron> TJ-: or is this a race condition on the kernel level?
[16:45] <hackeron> TJ-: but if I boot with noacpi, that should rule that out, no?
[16:45] <TJ-> hackeron: it could, for example, be the order in which devices are being discovered/reported to udev, or it could be the userspace actions udev triggers as a result
[16:46] <TJ-> hackeron: no, since most systems rely on ACPI for core functionality so noacpi breaks the system in so many ways its not a useful test
[16:47] <hackeron> TJ-: :( - I guess I will just downgrade to 15.04 for now - not sure what to even look for in the changelog
[16:53] <TJ-> hackeron: there are a lot of patches in the drivers/acpi/ sub-tree, over 300 between v3.19..v4.2 for example
[17:01] <hackeron> TJ-: that's a lot - I posted a bug report to Intel too: https://communities.intel.com/message/356026#356026
[20:56] <sulfuror> Hey. I'm trying to make an ubuntu server with owncloud. I'm almost finished, but I can't find out what is the problem with the network that I can't connect to the server outside my LAN. I'm using VirtualBox, the network is bridged, I have installed the virtualbox guest additions, I have set up owncloud, I can acces to my owncloud, web with my ip, ssh always that I'm in the same network. What I just want to know if there is any way to access to my
[20:56] <sulfuror>  server outside my LAN with just the IP address, because eventually I'll add the domain name but I'm just testing right now with the server and making sure everything is working before adding the domain name. Thanks in advance.
[21:13] <ikonia> sulfuror: it is probably natting to the outside world, but not natting in reverse
[21:17] <JanC> or the webserver is not configured to be accessed with the IP address
[21:24] <ikonia> namebased virtual hosting, yes
[21:39] <sulfuror> But I can access the server with the IP Address always that I'm in the same network. I set an static IP based on my router, forwarded my router to the IP, I have open ports 80 and 22 for ssh... I don't know what else to do or where to keep searching, really. I have searched all the internet and convoked the elders of Google and still nothing. Well, thank you very much for at least respond to my question.
[21:40] <bekks> Depending on your router, you need to test access from outside your home network.
[21:41] <sulfuror> I was testing with my mobile, but I can't access to the web page or ssh.
[21:44] <ikonia> the same network is not the nat
[21:44] <ikonia> it's not getting natted/routed
[21:45] <bekks> sulfuror: so on your phone, which IP do you use for testing access?
[21:56] <sulfuror> bekkis: i used the same ip that i assigned to the server and try it with the external ip and no luck.
[21:57] <bekks> Using the same IP as you are using in your internal network is futile.
[21:57] <bekks> sulfuror: did you try the external IP of your router?
[22:00] <ikonia> what have you setup to map the extenral IP to the internal IP on your VM ?
[22:00] <ikonia> keep in mind it will need to be external -> hypervisor -> vm
[22:01] <sulfuror> No, I have assigned the static ip as 192.160.xx.xxx
[22:01] <ikonia> how do you expect that to work then
[22:01] <bekks> you can safely tel us the IP since 192.x.x.x isnt publically routed.
[22:01] <bekks> And obfuscation makes things hard to debug.
[22:01] <ikonia> how do you expect your public IP to map magically map to that internal IP
[22:01] <sulfuror> I know, I just don't remember the entire address
[22:01] <bekks> So look it up.
[22:02] <bekks> Is that the IP of your owncloud server vm?
[22:05] <sulfuror> Yes, so I have to set my static ip to the external IP, like checking "whats my ip" in google?
[22:06] <bekks> No...
[22:06] <ikonia> no
[22:06] <bekks> You need to understand what you are doing there, first.
[22:06] <ikonia> that will just create a non-routeable conflict
[22:06] <ikonia> that will drop your Vm off your private network
[22:07] <sulfuror> I though I was understanding what I was doing but now I realize that I have it all wrong all the time.
[22:07] <bekks> you have IP A, in your local network. Your public IP is B. In your router, you have to create a portforwarding for port 22 (taking ssh as example) to IP A.
[22:07] <ikonia> sulfuror: do you understand networking basics ?
[22:07] <bekks> THEN, on your mpbile phone, you need to enter IP B, port 22, for connecting to your ssh on IP A.
[22:07] <ikonia> or is networking something thats new to you ?
[22:12] <sulfuror> Well, pretty new, yes. I have configured owncloud in the past but just as a test and in my own network. I do not live or work in this, I'm just trying to do some things for my business and trying to configure all this myself. It's really interesting and I want to keep learning everything I can.
[22:13] <sulfuror> Anyways, thanks a lot.
[22:16] <sulfuror> But to answer the question, yes, I do understand that I need to enter to my public IP because my router is redirecting those ports to the IP A. That's what I was doing and is not working.
[22:17] <bekks> Didyou create the port forwarding as described above?
[22:18] <sulfuror> Yes, Port Forwarding to the local IP ports 22, 80 and 443
[22:18] <bekks> To the local IP of the VM, right?
[22:18] <sulfuror> yes
[22:18] <bekks> And the VM osnt blocking access?
[22:18] <bekks> *isnt
[22:19] <sulfuror> Well, at least the firewall is open to those same ports
[22:21] <bekks> So did you look at the logs when trying to access it from "outside"?
[22:24] <sulfuror> I think I just found out what's the problem... I have set up the router I mainly use, but I have not set up the router from my ISP. So yeah...