=== ossurayynot is now known as tonyyarusso === CrypticSquared is now known as group === group is now known as CrypticSquared === KnownSyntax_ is now known as KnownSyntax [09:04] Good morning. === CiPi is now known as cipi === cipi is now known as CiPi [11:06] Hi [11:07] o/ [11:09] When you manager asks you to look at this file /proc/tomcat-pid/limits from this link and asks you to increase all values for our tomcat, so that we need our tomcat to use our system efficiently, I know he does not know about administration very well [11:09] I am junior [11:09] How we come to this? [11:09] We have an issue "Too many opne files" [11:10] That was a response from tomcat7 [11:10] I don't know Tomcat, but blindly increasing values is allways a bad idea. [11:11] The too many open files is more likely generated by the kernel. There is a limit on how many files a process may open. Above that it (likely) gets killed. [11:11] it's not a matter of ulimit ? [11:11] non-root users will have a limit, and hopefully tomcat is not running as root [11:11] The issue finished with this: http://paste.ubuntu.com/13784768/ [11:12] lordievader, hateball: I need to read to be able to answer closer to you [11:12] What I topic I should read? [11:13] Usually you need to know what the value means before you start changing it. [11:13] But after changing the value of /etc/security/limits.conf, cat /proc/tomcat7pid/limits, still have the low values [11:13] lordievader: yes, I just need to make the move on in testing then I will finish my readings [11:14] eahmedshendy: here is a nice read http://www.jayway.com/2012/02/11/how-to-really-fix-the-too-many-open-files-problem-for-tomcat-in-ubuntu/ [11:14] eahmedshendy: adjust ulimit for the user that tomcat runs as [11:15] so if it runs as www, su www and set desired ulimit. the link above shows setting it in the init script [11:15] Isn't it better to research why that limit is reached in the first place? [11:15] hateball: I read that link, so you see that It is better to do it like this? [11:15] lordievader: The problem is that it's tomcat/java :p [11:16] hard to get around! [11:17] lordievader: do you ask me that question? anyway I find that tomcat didn't affected with the changes I did in /proc/tomcat7-pid/limits [11:18] eahmedshendy: Yes and no. It was more a general remark ;) [11:19] lordievader: :), I really do not understand what you mean [11:20] lordievader: I am doing research for that, but I prefer asking the professional about what I need to search for [11:47] hateball: do you know where to put the "ulimit" lines from the link you gave to me in /etc/init.d/tomcat7 [11:47] http://paste.ubuntu.com/13785212/, http://paste.ubuntu.com/13785225/ [11:47] and Also I tried in /etc/init.d/tomcat7, but with no change === cpaelzer is now known as cpaelzer_afk === cpaelzer_afk is now known as cpaelzer [12:33] eahmedshendy: The link he gave you states where to put it in :) [12:33] eahmedshendy: It is: /etc/security/limits.conf === robher_ is now known as robher [13:38] bekks: note that 'limits.conf' applies at login time, not at dæmon startup time [13:38] bekks: it is quite unlikely that a dæmon startup script would use PAM === ksx4system_ is now known as ksx4system === hxm is now known as Guest15809 === cpaelzer is now known as cpaelzer_afk [15:26] hi there [15:27] i try to install vsftpd [15:27] on my ubuntu server [15:27] i would like to know how to restrict access to one of my user on /var/www just only ? [15:36] I'm trying to delete a partition that was used for LVM using the ubuntu server installer, but it's saying the partition is in use by the lvm group, and the installer doesn't seem to have fdisk/parted/etc [15:41] * CornishPasty = david2 [15:42] It does appear I fixed it by messing around with pvremove and then rebooting [15:43] is there a way to take / which is currently ext4 and convert it to lvm+ext4 [15:44] Wamphyri: If you have multiple disk, dd. [15:44] single disk [15:47] Then it will be difficult, not impossible but difficult. === cpaelzer_afk is now known as cpaelzer [16:44] hey smoser - any opinion on https://code.launchpad.net/~james-page/simplestreams/multihypervisor/+merge/278127 ? [16:45] i think loong ago i said somethign about that.. [16:45] forget what it was. [16:49] jamespage, is 'hypervisor_type' a openstack documented thing ? [16:49] smoser, it is [16:49] can it be a list ? [16:49] http://docs.openstack.org/cli-reference/content/chapter_cli-glance-property.html [16:49] smoser, http://docs.openstack.org/cli-reference/content/chapter_cli-glance-property.html [16:49] right. [16:49] it woudlseem limiting for us to say 'qemu' when in all likelyhood that image shoudl run in xen at least [16:50] smoser, I don't think so but I'll check [16:50] smoser, yeah that was actually my concern about turning this on by default [16:53] kickinz1_: could you take bug 1518440 please? [16:53] bug 1518440 in tgt (Ubuntu) "tgt fails to install in LXD" [High,Triaged] https://launchpad.net/bugs/1518440 === Lcawte|Away is now known as Lcawte [17:02] jamespage, well, i'll put that comment there. [17:02] but thats my only reservation [17:08] Can someone provide me with some info on how to set up a streaming video server? Going up stream and down stream? [17:08] lordievader, difficult sounds interesting [17:08] where there is a cam on one end somewhere remotely that streams to another end like a browser?> [17:08] glad you said not imposable lol === IdleOne is now known as Guest31736 [17:46] Wamphyri: You create a secondary partition large enough to hold the root. On that partition you build a pv. Put an lv on there for your root-fs. Dd your root-fs over. Then remove the original root-fs and enlarge the pv in someway. (Ofcourse all of this should be done in a live-cd after making a backup) [17:46] it would all need to be done through a kvm [17:47] Even better, you can do everything from the host. [17:47] Assuming you have access to the host. === Lcawte is now known as Lcawte|Away [18:27] rbasak, OK, I'll take it. === Lcawte|Away is now known as Lcawte [18:51] kickinz1_: thanks! [19:23] Can anyone recommend a simple to use HID for Ubuntu server? [19:25] HID, as in a keyboard? :) [19:42] host intrusion detection [19:42] =P [19:49] do you guys know the proper way of getting iptable rules to load upon a server reboot? [19:49] for some reason the rules I have added aren't getting set if I restart my server [19:50] but the bottom line is that it seems that if I add a new rule, I'll have to > my iptables-save to a file? [19:53] DammitJim: Write a service that restores your iptable rules. [19:53] I was reading about iptables-persistent [19:54] my confusion is that every time I change my rules, I'm going to have to not only iptables-save, but also do what I described above... is that correct? [19:55] What did you describe besided iptables-save? [19:55] iptables-save > /etc/iptable-rules [19:55] I don't know why it feels odd to have to create a service to deal with this [19:55] For me that is the only thing I have to do to have it saved. [19:56] so, you didn't create a service as you had suggested? [19:56] I did. [19:56] are you using iptables-persistent ? [19:56] It loads ipset and then iptables and ip6tables. No, I do not use iptables-persistent. [19:57] yikes [19:57] ok, thanks lordievader [20:18] anyone using Apache 2 seen an issue with corrupted .htaccess? [20:21] heh? [20:21] what does one have to do with the other? [20:26] fuzzywuzzy: the webserver doesn't write to those files, that would be a security problem === chmurifree is now known as chmuri === cpaelzer is now known as cpaelzer_afk [22:51] what do I need to do to ensure the group level permissions are always matching the parent dir on newly created files in that dir? [22:51] i have the dir as "2770" and the "2" bit preserves the group but not the group permissions [22:52] i want all new folders to be 770 and all new files to be 660 when they're created in that dir