/srv/irclogs.ubuntu.com/2015/12/22/#ubuntu-server.txt

=== Monthrect is now known as Piper-Off
pr3d4t0rGreetings.00:45
pr3d4t0rI screwed up my admin account on an up-to-date Ubuntu 14.04 LTS - I mistyped the password during password change and now I can't recall which character I might have transposed.00:46
pr3d4t0rI'm trying to recover via http://linuxconfig.org/ubuntu-14-04-lost-password-recovery -- the GRUB2 menu flashes by way too fast to even read it, so I can't drop to recovery mode during boot.00:47
patdk-lapreboot with iso and replace the password00:47
pr3d4t0rpatdk-lap: OKi - so no difference between ISO bootstrapping and SSD media?  Please confirm, hunting for the ISO now :)00:47
pr3d4t0rpatdk-lap: Please confirm.00:48
sarnoldiirc holding down left shift helps with that menu00:48
patdk-lapwell, if recovery mode will let you00:48
patdk-lapI know for me it normally asks for root password00:48
patdk-lapor maybe that is a different os00:48
sarnoldprobably different os, ubuntu has no root passwd by default :)00:48
pr3d4t0rsarnold: Left-shift -- I will try that first, thanks (I was trhying the right Shift key).00:49
patdk-lapI tent to set root passwords00:49
pr3d4t0rsarnold, patdk-lap: Trying both of these in a bit, thanks for your help.00:49
sarnoldpr3d4t0r: fwiw, I haven't burned an ISO to cd in forever, I just dd the things to USB memory sticks. Probably it'd work fine on an ssd too.00:50
pr3d4t0rsarnold: Yeah.  I installed off a USB drive originally.00:52
pr3d4t0rsarnold: On this box.00:52
pr3d4t0rsarnold: Checking first if I have the install image I used -- save some time.00:52
sarnold*nod*00:52
sarnoldwith as cheap as they are these days I've thought  about buying a few and just using them as write-once disks.. but i'm too lazy to get around to even that.00:53
ianorlinsarnold: I write to mine multiple times but they have gotten too small in my opinion00:54
sarnoldianorlin: hehe, yeah, my first usb stick looks adorable at 256 megs now :)00:54
ianorlinfinding something tiny is the last thing you want to do when you need to reinstall00:54
pr3d4t0rsarnold: I think I found it.  Back in a bit, thanks again.00:55
ianorlinI think I bought some usb 3.0 ones off newegg for like 8 us dollars that I reusue but don't take too much power so boot of usb 2.0 ports fine as well and large enough and are yellow and black so it won't blend in with a surface00:56
pr3d4t0rsarnold: Trying Left-Shift first, then boot/recovery (hoping that 14.04 LTS Server ISO will have the option front and center).00:56
pr3d4t0rCheers.00:56
=== Lcawte is now known as Lcawte|Away
pr3d4t0rHola.01:07
sarnoldpr3d4t0r: how'd it go?01:07
pr3d4t0rsarnold: Not good.01:08
pr3d4t0rsarnold: /dev/mapper/varenka--vg-root on / type ext4 (rw,errors=remount-ro)01:08
pr3d4t0rsarnold: I couldn't mount this partition for recovery :\01:09
pr3d4t0rsarnold: It tells me that no suitable shell was found, yada yada yada.01:09
pr3d4t0rsarnold: The GRUB screen still goes by super-fast (less than a second) so I can't select anything from it :\01:09
pr3d4t0rsarnold: I need to find a recovery guide that tells me how to mount that virtual volume during recovery :\01:10
pr3d4t0rsarnold: Right now I have no idea of how to recover, though :(01:11
* pr3d4t0r googles how to slow GRUB2's screen down if Left-Shift isn't working (or Right-Shift, for that matter).01:12
sarnoldpr3d4t0r: this site http://labs.bjfocus.co.uk/2013/04/ubuntu-recovery-mode-with-lvm-drives/ suggests it's "lvm vgscan –v ; lvm vgchange –a y ; lvm lvs –all; issue mount commands as needed"01:13
pr3d4t0rsarnold: Checking, thanks.01:13
pr3d4t0rsarnold: My network is crippled too because the same server acts as a gateway :\ so getting infos/checking/validating/etc. -- long cycle :)01:14
sarnoldpr3d4t0r: ouch. cell phone?01:15
sarnoldpr3d4t0r: http://tinyurl.com/gpkojuv   tinyurl for the above big url :)01:15
pr3d4t0rsarnold: I can run a physical cable to the front end gateway and connect from there, but then I'll have to both strengthen my workstation's firewall rules and go under the rack to rewire; trying to avoid doing that but oh, well :) if that's what it takes... :)01:19
sarnoldpr3d4t0r: ugh :) yes that sounds terrible :)01:21
pr3d4t0rsarnold: The LVM instructions seem to be solid.  I'm just double-checking now that all the LVM commands are where they need to be and etc.01:23
sarnoldpr3d4t0r: definitely a good idea :)01:23
pr3d4t0rsarnold: This is when I should bitch about Linux being so robust that I don't have to screw with any of these commands for years at a time, unlike Windows Servers which require you to know how to recover a server no matter what because who knows what a service release or patch will do! :D01:25
sarnoldpr3d4t0r: hah, yeah; I only ever see my grub menu two or three times each year :)01:25
pr3d4t0rsarnold: I'd be happy if I could just get to read it *once* today... :D /first_world_technical_problem_fast_booting_server01:26
sarnoldhaha01:26
pr3d4t0rsarnold: I have a vague memory of me tweaking the start up at some point to make the GRUB menu last as little as possible -- I'll eventually catch up and figure out what I did and increase the interval before boot.  Anyway, starting recovery again <crossed-fingers />01:27
pr3d4t0rCheers...01:27
pr3d4t0rsarnold: Almost there - question:  is it possible to umount /, then mount the alternate file system there, from the recovery shell?01:40
pr3d4t0rsarnold: Also checking the passwd man page to see if I can specify which passwd file to modify (including shadow password), if I need to mount this in a separate volume.01:41
sarnoldpr3d4t0r: a few approaches.. you can use pivot_root to swap it over for everything, or you can use chroot to do something very similar but for specific processes01:41
sarnoldpr3d4t0r: I'm pretty sure I used the chroot approach inthe past; mount /dev/whatever/ /mnt/root ; chroot /mnt/root " then fix it up in that shell01:42
ianorlinI don't chroot often enough to remmber how to do it01:42
pr3d4t0rsarnold: Checking if pivot_root is in the recovery image.01:43
sarnoldianorlin: indeed, me neither, i had to look it up in the manpages just now to make sure I got it right :)01:43
sarnoldpr3d4t0r: it may also be in the mounted images, /mnt/whatever/sbin/pivot_root01:44
pr3d4t0rsarnold: /mnt is empty.01:44
sarnoldpr3d4t0r: then mkdir /mnt/whatever ; mount /dev/mapper/whatever /mnt/whatever01:45
pr3d4t0rsarnold: Reading man page to understand how that'd work.01:45
pr3d4t0rsarnold: I'm wondering if chroot /mnt/real_server_root_here /bin/sh will be enough.  Then run the passwd command from there and hope that /etc/passwd will be updated.  Thoughts?01:47
sarnoldpr3d4t0r: that should do the job01:47
pr3d4t0rsarnold: If you're in the Bay Area (or plan to visit soon), the next beer is on me.  Or let me know if you have a tip jar somewhere :)01:48
sarnoldpr3d4t0r: hehe, no trips planned; thanks though :)01:48
pr3d4t0rBack soon...01:49
pr3d4t0rsarnold: Almost there.  Neither chroot nor pivot_root seem to be doing the job.02:13
pr3d4t0rsarnold: chroot tells me either "can't execute '/bin/sh'" or "Exec format error" depending on chroot w/o a command or if I try to specify the shell to use.  All shells are sym-linked to /bin/busybox anyway, (ash -> /bin/busybox, sh -> /bin/busybox) and so on.  Googling now to see if there's some other way.02:14
pr3d4t0rDammit.  The issue is that the recovery disk and the OS aren't using the same architecture (probably a long due change after six months of patches and updates?).02:16
patdk-lapheh?02:19
patdk-lapboot the right one?02:19
patdk-lapit should be either 64bit or 32bit02:19
patdk-lapnot too many architectures to worry about02:20
pr3d4t0rOh, shit.02:20
pr3d4t0rpatdk-lap: You're right - this image is probably for a 32-bit box I have somewhere else.  Thanks.02:20
pr3d4t0rDammit, pressure :(02:20
pr3d4t0rShit, I forgot that.02:20
pr3d4t0rpatdk-lap: You were oh, so right kind sir.  I was using the wrong ISO image -- everything just worked™ as soon as I used the right image :)02:44
pr3d4t0rpatdk-lap, sarnold: Thanks a whole bunch guys :)02:44
=== Mitch is now known as GenericNode
IITcan anyone confirm the permissions and ownership of qemu images under /var/lib/libvirt/images ?05:57
IITi copied from my external drive to the new installation of ubuntu server, which has 777 and user ownership05:58
ianorlinargh IIT left but I would have liked to know which file system06:20
ianorlinalso I think usually they are owned by root\06:20
=== cpaelzer_ is now known as cpaelzer_afk
=== CiPi is now known as cipi
=== cipi is now known as CiPi
=== cpaelzer_afk is now known as cpaelzer
=== Lcawte|Away is now known as Lcawte
=== arcsky_ is now known as arcsky
rinpooI've just installed ubuntu 15 server and wanted to ask what software I should install to make the server more secure. Maybe someboy knows a good tutorial for beginners?11:23
rinpoosomebody11:24
=== rvba` is now known as rvba
Walex2rinpoo: "security for beginners" is a bit a contradiction in terms...11:40
Walex2rinpoo: also response times under 1 minute are given only to heads of state :-)11:41
=== CiPi is now known as cipi
rinpoosry was afk since it took so long to get an answer12:32
rinpoowhy is security for beginners a contradiction? Everyone starts as a beginner with something12:33
rinpoowas asking for something like this: https://www.linode.com/docs/security/securing-your-server12:34
rinpoojust not for linode12:52
rinpoo450 ppl in here and nobody knows or cares.....12:57
LightswordI’m running 14.04 LTS and am trying to make an upstart script for a custom service, any idea how I would go about customizing handling for “service servicename restart”? the application has a socket handoff feature so that connections don’t get interrupted but I need to have it send a special flag for that, sending the flag should automatically terminate the old instance13:06
patdk-wkheh? you don't customize handling13:09
Lightswordpatdk-wk, is there a way to just make it so that doing a service restart doesn’t terminate the first instance of the service?13:09
patdk-wkuse the reload command13:12
patdk-wkthat is what it was made for13:12
Lightswordpatdk-wk how does the application know what to do for a reload?13:14
JanCLightsword: reload sends SIGHUP13:50
LightswordJanC, is it possible to make it do something else like start a new process with a special flag?13:51
JanC(or whatever signal you configure with 'reload signal')13:51
Lightswordhmm, so it only allows you to specify a signal?13:52
JanCLightsword: many applications allow you to reload with a signal13:54
JanCbut AFAIK only with a signal, yes13:55
LightswordJanC, this one is a bit weird the reload process for it is to spin up a new process and then handover the connections using an initialization flag13:55
rinpooI have a test server at home and I want to disable all ports, then just open port 80 is there a terminal command to block all ports?14:14
rinpoowould sudo ufw block all work?14:14
Iceyrinpoo if there's nothing listening on a port, it won't be open in the first place?14:22
=== cipi is now known as CiPi
rinpooWell Im n00b so I dont know Ill be doing this: http://serverfault.com/questions/363741/how-can-i-block-all-but-three-ports-in-ubuntu14:26
=== yoink_ is now known as yoink
rinpooI'm getting: /etc/bind/named.conf.options e212 can't open file for writing16:01
rinpooafter adding: recursion no; and version "Not Disclosed"16:02
rinpooIm using vi16:02
rinpooanyone know what I can do?16:03
rinpoofound the problem the file doesnt exist16:06
EmilienMcoreycb: hey, do you know if I can try mitaka now?16:25
EmilienMyou told me this week16:25
BeretEmilienM, I don't see it in the archive yet16:28
EmilienMBeret: it's not in -proposed?16:29
=== cpaelzer is now known as cpaelzer_
=== Lcawte is now known as Lcawte|Away
devster31is there a way to scan packages before installing to see if they will require a reboot after being installed?18:34
patdk-wkthe only thing that requires a reboot is kernel18:41
patdk-wkor if you have some program that uses a lib that cannot be restart, except via a reboot18:41
devster31libssl requires a reboot18:42
devster31for example18:42
patdk-wkonly to be sure every program that is using it, is restarted18:42
patdk-wkit doesn't technically require a reboot18:42
devster31maybe if there's a way to scan all packages that need to be upgraded for a hook that creates /var/run/reboot-required18:43
devster31oh, then if I lsof all files that use the old ssl version and restart those services I'm golden18:43
patdk-wkyes18:43
devster31thanks18:44
=== CihanKaygusuz is now known as Cihan
=== mfisch` is now known as mfisch
=== mfisch is now known as Guest13696
=== Lcawte|Away is now known as Lcawte

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!