| === Monthrect is now known as Piper-Off | ||
| pr3d4t0r | Greetings. | 00:45 |
|---|---|---|
| pr3d4t0r | I screwed up my admin account on an up-to-date Ubuntu 14.04 LTS - I mistyped the password during password change and now I can't recall which character I might have transposed. | 00:46 |
| pr3d4t0r | I'm trying to recover via http://linuxconfig.org/ubuntu-14-04-lost-password-recovery -- the GRUB2 menu flashes by way too fast to even read it, so I can't drop to recovery mode during boot. | 00:47 |
| patdk-lap | reboot with iso and replace the password | 00:47 |
| pr3d4t0r | patdk-lap: OKi - so no difference between ISO bootstrapping and SSD media? Please confirm, hunting for the ISO now :) | 00:47 |
| pr3d4t0r | patdk-lap: Please confirm. | 00:48 |
| sarnold | iirc holding down left shift helps with that menu | 00:48 |
| patdk-lap | well, if recovery mode will let you | 00:48 |
| patdk-lap | I know for me it normally asks for root password | 00:48 |
| patdk-lap | or maybe that is a different os | 00:48 |
| sarnold | probably different os, ubuntu has no root passwd by default :) | 00:48 |
| pr3d4t0r | sarnold: Left-shift -- I will try that first, thanks (I was trhying the right Shift key). | 00:49 |
| patdk-lap | I tent to set root passwords | 00:49 |
| pr3d4t0r | sarnold, patdk-lap: Trying both of these in a bit, thanks for your help. | 00:49 |
| sarnold | pr3d4t0r: fwiw, I haven't burned an ISO to cd in forever, I just dd the things to USB memory sticks. Probably it'd work fine on an ssd too. | 00:50 |
| pr3d4t0r | sarnold: Yeah. I installed off a USB drive originally. | 00:52 |
| pr3d4t0r | sarnold: On this box. | 00:52 |
| pr3d4t0r | sarnold: Checking first if I have the install image I used -- save some time. | 00:52 |
| sarnold | *nod* | 00:52 |
| sarnold | with as cheap as they are these days I've thought about buying a few and just using them as write-once disks.. but i'm too lazy to get around to even that. | 00:53 |
| ianorlin | sarnold: I write to mine multiple times but they have gotten too small in my opinion | 00:54 |
| sarnold | ianorlin: hehe, yeah, my first usb stick looks adorable at 256 megs now :) | 00:54 |
| ianorlin | finding something tiny is the last thing you want to do when you need to reinstall | 00:54 |
| pr3d4t0r | sarnold: I think I found it. Back in a bit, thanks again. | 00:55 |
| ianorlin | I think I bought some usb 3.0 ones off newegg for like 8 us dollars that I reusue but don't take too much power so boot of usb 2.0 ports fine as well and large enough and are yellow and black so it won't blend in with a surface | 00:56 |
| pr3d4t0r | sarnold: Trying Left-Shift first, then boot/recovery (hoping that 14.04 LTS Server ISO will have the option front and center). | 00:56 |
| pr3d4t0r | Cheers. | 00:56 |
| === Lcawte is now known as Lcawte|Away | ||
| pr3d4t0r | Hola. | 01:07 |
| sarnold | pr3d4t0r: how'd it go? | 01:07 |
| pr3d4t0r | sarnold: Not good. | 01:08 |
| pr3d4t0r | sarnold: /dev/mapper/varenka--vg-root on / type ext4 (rw,errors=remount-ro) | 01:08 |
| pr3d4t0r | sarnold: I couldn't mount this partition for recovery :\ | 01:09 |
| pr3d4t0r | sarnold: It tells me that no suitable shell was found, yada yada yada. | 01:09 |
| pr3d4t0r | sarnold: The GRUB screen still goes by super-fast (less than a second) so I can't select anything from it :\ | 01:09 |
| pr3d4t0r | sarnold: I need to find a recovery guide that tells me how to mount that virtual volume during recovery :\ | 01:10 |
| pr3d4t0r | sarnold: Right now I have no idea of how to recover, though :( | 01:11 |
| * pr3d4t0r googles how to slow GRUB2's screen down if Left-Shift isn't working (or Right-Shift, for that matter). | 01:12 | |
| sarnold | pr3d4t0r: this site http://labs.bjfocus.co.uk/2013/04/ubuntu-recovery-mode-with-lvm-drives/ suggests it's "lvm vgscan –v ; lvm vgchange –a y ; lvm lvs –all; issue mount commands as needed" | 01:13 |
| pr3d4t0r | sarnold: Checking, thanks. | 01:13 |
| pr3d4t0r | sarnold: My network is crippled too because the same server acts as a gateway :\ so getting infos/checking/validating/etc. -- long cycle :) | 01:14 |
| sarnold | pr3d4t0r: ouch. cell phone? | 01:15 |
| sarnold | pr3d4t0r: http://tinyurl.com/gpkojuv tinyurl for the above big url :) | 01:15 |
| pr3d4t0r | sarnold: I can run a physical cable to the front end gateway and connect from there, but then I'll have to both strengthen my workstation's firewall rules and go under the rack to rewire; trying to avoid doing that but oh, well :) if that's what it takes... :) | 01:19 |
| sarnold | pr3d4t0r: ugh :) yes that sounds terrible :) | 01:21 |
| pr3d4t0r | sarnold: The LVM instructions seem to be solid. I'm just double-checking now that all the LVM commands are where they need to be and etc. | 01:23 |
| sarnold | pr3d4t0r: definitely a good idea :) | 01:23 |
| pr3d4t0r | sarnold: This is when I should bitch about Linux being so robust that I don't have to screw with any of these commands for years at a time, unlike Windows Servers which require you to know how to recover a server no matter what because who knows what a service release or patch will do! :D | 01:25 |
| sarnold | pr3d4t0r: hah, yeah; I only ever see my grub menu two or three times each year :) | 01:25 |
| pr3d4t0r | sarnold: I'd be happy if I could just get to read it *once* today... :D /first_world_technical_problem_fast_booting_server | 01:26 |
| sarnold | haha | 01:26 |
| pr3d4t0r | sarnold: I have a vague memory of me tweaking the start up at some point to make the GRUB menu last as little as possible -- I'll eventually catch up and figure out what I did and increase the interval before boot. Anyway, starting recovery again <crossed-fingers /> | 01:27 |
| pr3d4t0r | Cheers... | 01:27 |
| pr3d4t0r | sarnold: Almost there - question: is it possible to umount /, then mount the alternate file system there, from the recovery shell? | 01:40 |
| pr3d4t0r | sarnold: Also checking the passwd man page to see if I can specify which passwd file to modify (including shadow password), if I need to mount this in a separate volume. | 01:41 |
| sarnold | pr3d4t0r: a few approaches.. you can use pivot_root to swap it over for everything, or you can use chroot to do something very similar but for specific processes | 01:41 |
| sarnold | pr3d4t0r: I'm pretty sure I used the chroot approach inthe past; mount /dev/whatever/ /mnt/root ; chroot /mnt/root " then fix it up in that shell | 01:42 |
| ianorlin | I don't chroot often enough to remmber how to do it | 01:42 |
| pr3d4t0r | sarnold: Checking if pivot_root is in the recovery image. | 01:43 |
| sarnold | ianorlin: indeed, me neither, i had to look it up in the manpages just now to make sure I got it right :) | 01:43 |
| sarnold | pr3d4t0r: it may also be in the mounted images, /mnt/whatever/sbin/pivot_root | 01:44 |
| pr3d4t0r | sarnold: /mnt is empty. | 01:44 |
| sarnold | pr3d4t0r: then mkdir /mnt/whatever ; mount /dev/mapper/whatever /mnt/whatever | 01:45 |
| pr3d4t0r | sarnold: Reading man page to understand how that'd work. | 01:45 |
| pr3d4t0r | sarnold: I'm wondering if chroot /mnt/real_server_root_here /bin/sh will be enough. Then run the passwd command from there and hope that /etc/passwd will be updated. Thoughts? | 01:47 |
| sarnold | pr3d4t0r: that should do the job | 01:47 |
| pr3d4t0r | sarnold: If you're in the Bay Area (or plan to visit soon), the next beer is on me. Or let me know if you have a tip jar somewhere :) | 01:48 |
| sarnold | pr3d4t0r: hehe, no trips planned; thanks though :) | 01:48 |
| pr3d4t0r | Back soon... | 01:49 |
| pr3d4t0r | sarnold: Almost there. Neither chroot nor pivot_root seem to be doing the job. | 02:13 |
| pr3d4t0r | sarnold: chroot tells me either "can't execute '/bin/sh'" or "Exec format error" depending on chroot w/o a command or if I try to specify the shell to use. All shells are sym-linked to /bin/busybox anyway, (ash -> /bin/busybox, sh -> /bin/busybox) and so on. Googling now to see if there's some other way. | 02:14 |
| pr3d4t0r | Dammit. The issue is that the recovery disk and the OS aren't using the same architecture (probably a long due change after six months of patches and updates?). | 02:16 |
| patdk-lap | heh? | 02:19 |
| patdk-lap | boot the right one? | 02:19 |
| patdk-lap | it should be either 64bit or 32bit | 02:19 |
| patdk-lap | not too many architectures to worry about | 02:20 |
| pr3d4t0r | Oh, shit. | 02:20 |
| pr3d4t0r | patdk-lap: You're right - this image is probably for a 32-bit box I have somewhere else. Thanks. | 02:20 |
| pr3d4t0r | Dammit, pressure :( | 02:20 |
| pr3d4t0r | Shit, I forgot that. | 02:20 |
| pr3d4t0r | patdk-lap: You were oh, so right kind sir. I was using the wrong ISO image -- everything just worked™ as soon as I used the right image :) | 02:44 |
| pr3d4t0r | patdk-lap, sarnold: Thanks a whole bunch guys :) | 02:44 |
| === Mitch is now known as GenericNode | ||
| IIT | can anyone confirm the permissions and ownership of qemu images under /var/lib/libvirt/images ? | 05:57 |
| IIT | i copied from my external drive to the new installation of ubuntu server, which has 777 and user ownership | 05:58 |
| ianorlin | argh IIT left but I would have liked to know which file system | 06:20 |
| ianorlin | also I think usually they are owned by root\ | 06:20 |
| === cpaelzer_ is now known as cpaelzer_afk | ||
| === CiPi is now known as cipi | ||
| === cipi is now known as CiPi | ||
| === cpaelzer_afk is now known as cpaelzer | ||
| === Lcawte|Away is now known as Lcawte | ||
| === arcsky_ is now known as arcsky | ||
| rinpoo | I've just installed ubuntu 15 server and wanted to ask what software I should install to make the server more secure. Maybe someboy knows a good tutorial for beginners? | 11:23 |
| rinpoo | somebody | 11:24 |
| === rvba` is now known as rvba | ||
| Walex2 | rinpoo: "security for beginners" is a bit a contradiction in terms... | 11:40 |
| Walex2 | rinpoo: also response times under 1 minute are given only to heads of state :-) | 11:41 |
| === CiPi is now known as cipi | ||
| rinpoo | sry was afk since it took so long to get an answer | 12:32 |
| rinpoo | why is security for beginners a contradiction? Everyone starts as a beginner with something | 12:33 |
| rinpoo | was asking for something like this: https://www.linode.com/docs/security/securing-your-server | 12:34 |
| rinpoo | just not for linode | 12:52 |
| rinpoo | 450 ppl in here and nobody knows or cares..... | 12:57 |
| Lightsword | I’m running 14.04 LTS and am trying to make an upstart script for a custom service, any idea how I would go about customizing handling for “service servicename restart”? the application has a socket handoff feature so that connections don’t get interrupted but I need to have it send a special flag for that, sending the flag should automatically terminate the old instance | 13:06 |
| patdk-wk | heh? you don't customize handling | 13:09 |
| Lightsword | patdk-wk, is there a way to just make it so that doing a service restart doesn’t terminate the first instance of the service? | 13:09 |
| patdk-wk | use the reload command | 13:12 |
| patdk-wk | that is what it was made for | 13:12 |
| Lightsword | patdk-wk how does the application know what to do for a reload? | 13:14 |
| JanC | Lightsword: reload sends SIGHUP | 13:50 |
| Lightsword | JanC, is it possible to make it do something else like start a new process with a special flag? | 13:51 |
| JanC | (or whatever signal you configure with 'reload signal') | 13:51 |
| Lightsword | hmm, so it only allows you to specify a signal? | 13:52 |
| JanC | Lightsword: many applications allow you to reload with a signal | 13:54 |
| JanC | but AFAIK only with a signal, yes | 13:55 |
| Lightsword | JanC, this one is a bit weird the reload process for it is to spin up a new process and then handover the connections using an initialization flag | 13:55 |
| rinpoo | I have a test server at home and I want to disable all ports, then just open port 80 is there a terminal command to block all ports? | 14:14 |
| rinpoo | would sudo ufw block all work? | 14:14 |
| Icey | rinpoo if there's nothing listening on a port, it won't be open in the first place? | 14:22 |
| === cipi is now known as CiPi | ||
| rinpoo | Well Im n00b so I dont know Ill be doing this: http://serverfault.com/questions/363741/how-can-i-block-all-but-three-ports-in-ubuntu | 14:26 |
| === yoink_ is now known as yoink | ||
| rinpoo | I'm getting: /etc/bind/named.conf.options e212 can't open file for writing | 16:01 |
| rinpoo | after adding: recursion no; and version "Not Disclosed" | 16:02 |
| rinpoo | Im using vi | 16:02 |
| rinpoo | anyone know what I can do? | 16:03 |
| rinpoo | found the problem the file doesnt exist | 16:06 |
| EmilienM | coreycb: hey, do you know if I can try mitaka now? | 16:25 |
| EmilienM | you told me this week | 16:25 |
| Beret | EmilienM, I don't see it in the archive yet | 16:28 |
| EmilienM | Beret: it's not in -proposed? | 16:29 |
| === cpaelzer is now known as cpaelzer_ | ||
| === Lcawte is now known as Lcawte|Away | ||
| devster31 | is there a way to scan packages before installing to see if they will require a reboot after being installed? | 18:34 |
| patdk-wk | the only thing that requires a reboot is kernel | 18:41 |
| patdk-wk | or if you have some program that uses a lib that cannot be restart, except via a reboot | 18:41 |
| devster31 | libssl requires a reboot | 18:42 |
| devster31 | for example | 18:42 |
| patdk-wk | only to be sure every program that is using it, is restarted | 18:42 |
| patdk-wk | it doesn't technically require a reboot | 18:42 |
| devster31 | maybe if there's a way to scan all packages that need to be upgraded for a hook that creates /var/run/reboot-required | 18:43 |
| devster31 | oh, then if I lsof all files that use the old ssl version and restart those services I'm golden | 18:43 |
| patdk-wk | yes | 18:43 |
| devster31 | thanks | 18:44 |
| === CihanKaygusuz is now known as Cihan | ||
| === mfisch` is now known as mfisch | ||
| === mfisch is now known as Guest13696 | ||
| === Lcawte|Away is now known as Lcawte | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!