[00:45] <pr3d4t0r> Greetings.
[00:46] <pr3d4t0r> I screwed up my admin account on an up-to-date Ubuntu 14.04 LTS - I mistyped the password during password change and now I can't recall which character I might have transposed.
[00:47] <pr3d4t0r> I'm trying to recover via http://linuxconfig.org/ubuntu-14-04-lost-password-recovery -- the GRUB2 menu flashes by way too fast to even read it, so I can't drop to recovery mode during boot.
[00:47] <patdk-lap> reboot with iso and replace the password
[00:47] <pr3d4t0r> patdk-lap: OKi - so no difference between ISO bootstrapping and SSD media?  Please confirm, hunting for the ISO now :)
[00:48] <pr3d4t0r> patdk-lap: Please confirm.
[00:48] <sarnold> iirc holding down left shift helps with that menu
[00:48] <patdk-lap> well, if recovery mode will let you
[00:48] <patdk-lap> I know for me it normally asks for root password
[00:48] <patdk-lap> or maybe that is a different os
[00:48] <sarnold> probably different os, ubuntu has no root passwd by default :)
[00:49] <pr3d4t0r> sarnold: Left-shift -- I will try that first, thanks (I was trhying the right Shift key).
[00:49] <patdk-lap> I tent to set root passwords
[00:49] <pr3d4t0r> sarnold, patdk-lap: Trying both of these in a bit, thanks for your help.
[00:50] <sarnold> pr3d4t0r: fwiw, I haven't burned an ISO to cd in forever, I just dd the things to USB memory sticks. Probably it'd work fine on an ssd too.
[00:52] <pr3d4t0r> sarnold: Yeah.  I installed off a USB drive originally.
[00:52] <pr3d4t0r> sarnold: On this box.
[00:52] <pr3d4t0r> sarnold: Checking first if I have the install image I used -- save some time.
[00:52] <sarnold> *nod*
[00:53] <sarnold> with as cheap as they are these days I've thought  about buying a few and just using them as write-once disks.. but i'm too lazy to get around to even that.
[00:54] <ianorlin> sarnold: I write to mine multiple times but they have gotten too small in my opinion
[00:54] <sarnold> ianorlin: hehe, yeah, my first usb stick looks adorable at 256 megs now :)
[00:54] <ianorlin> finding something tiny is the last thing you want to do when you need to reinstall
[00:55] <pr3d4t0r> sarnold: I think I found it.  Back in a bit, thanks again.
[00:56] <ianorlin> I think I bought some usb 3.0 ones off newegg for like 8 us dollars that I reusue but don't take too much power so boot of usb 2.0 ports fine as well and large enough and are yellow and black so it won't blend in with a surface
[00:56] <pr3d4t0r> sarnold: Trying Left-Shift first, then boot/recovery (hoping that 14.04 LTS Server ISO will have the option front and center).
[00:56] <pr3d4t0r> Cheers.
[01:07] <pr3d4t0r> Hola.
[01:07] <sarnold> pr3d4t0r: how'd it go?
[01:08] <pr3d4t0r> sarnold: Not good.
[01:08] <pr3d4t0r> sarnold: /dev/mapper/varenka--vg-root on / type ext4 (rw,errors=remount-ro)
[01:09] <pr3d4t0r> sarnold: I couldn't mount this partition for recovery :\
[01:09] <pr3d4t0r> sarnold: It tells me that no suitable shell was found, yada yada yada.
[01:09] <pr3d4t0r> sarnold: The GRUB screen still goes by super-fast (less than a second) so I can't select anything from it :\
[01:10] <pr3d4t0r> sarnold: I need to find a recovery guide that tells me how to mount that virtual volume during recovery :\
[01:11] <pr3d4t0r> sarnold: Right now I have no idea of how to recover, though :(
[01:12]  * pr3d4t0r googles how to slow GRUB2's screen down if Left-Shift isn't working (or Right-Shift, for that matter).
[01:13] <sarnold> pr3d4t0r: this site http://labs.bjfocus.co.uk/2013/04/ubuntu-recovery-mode-with-lvm-drives/ suggests it's "lvm vgscan –v ; lvm vgchange –a y ; lvm lvs –all; issue mount commands as needed"
[01:13] <pr3d4t0r> sarnold: Checking, thanks.
[01:14] <pr3d4t0r> sarnold: My network is crippled too because the same server acts as a gateway :\ so getting infos/checking/validating/etc. -- long cycle :)
[01:15] <sarnold> pr3d4t0r: ouch. cell phone?
[01:15] <sarnold> pr3d4t0r: http://tinyurl.com/gpkojuv   tinyurl for the above big url :)
[01:19] <pr3d4t0r> sarnold: I can run a physical cable to the front end gateway and connect from there, but then I'll have to both strengthen my workstation's firewall rules and go under the rack to rewire; trying to avoid doing that but oh, well :) if that's what it takes... :)
[01:21] <sarnold> pr3d4t0r: ugh :) yes that sounds terrible :)
[01:23] <pr3d4t0r> sarnold: The LVM instructions seem to be solid.  I'm just double-checking now that all the LVM commands are where they need to be and etc.
[01:23] <sarnold> pr3d4t0r: definitely a good idea :)
[01:25] <pr3d4t0r> sarnold: This is when I should bitch about Linux being so robust that I don't have to screw with any of these commands for years at a time, unlike Windows Servers which require you to know how to recover a server no matter what because who knows what a service release or patch will do! :D
[01:25] <sarnold> pr3d4t0r: hah, yeah; I only ever see my grub menu two or three times each year :)
[01:26] <pr3d4t0r> sarnold: I'd be happy if I could just get to read it *once* today... :D /first_world_technical_problem_fast_booting_server
[01:26] <sarnold> haha
[01:27] <pr3d4t0r> sarnold: I have a vague memory of me tweaking the start up at some point to make the GRUB menu last as little as possible -- I'll eventually catch up and figure out what I did and increase the interval before boot.  Anyway, starting recovery again <crossed-fingers />
[01:27] <pr3d4t0r> Cheers...
[01:40] <pr3d4t0r> sarnold: Almost there - question:  is it possible to umount /, then mount the alternate file system there, from the recovery shell?
[01:41] <pr3d4t0r> sarnold: Also checking the passwd man page to see if I can specify which passwd file to modify (including shadow password), if I need to mount this in a separate volume.
[01:41] <sarnold> pr3d4t0r: a few approaches.. you can use pivot_root to swap it over for everything, or you can use chroot to do something very similar but for specific processes
[01:42] <sarnold> pr3d4t0r: I'm pretty sure I used the chroot approach inthe past; mount /dev/whatever/ /mnt/root ; chroot /mnt/root " then fix it up in that shell
[01:42] <ianorlin> I don't chroot often enough to remmber how to do it
[01:43] <pr3d4t0r> sarnold: Checking if pivot_root is in the recovery image.
[01:43] <sarnold> ianorlin: indeed, me neither, i had to look it up in the manpages just now to make sure I got it right :)
[01:44] <sarnold> pr3d4t0r: it may also be in the mounted images, /mnt/whatever/sbin/pivot_root
[01:44] <pr3d4t0r> sarnold: /mnt is empty.
[01:45] <sarnold> pr3d4t0r: then mkdir /mnt/whatever ; mount /dev/mapper/whatever /mnt/whatever
[01:45] <pr3d4t0r> sarnold: Reading man page to understand how that'd work.
[01:47] <pr3d4t0r> sarnold: I'm wondering if chroot /mnt/real_server_root_here /bin/sh will be enough.  Then run the passwd command from there and hope that /etc/passwd will be updated.  Thoughts?
[01:47] <sarnold> pr3d4t0r: that should do the job
[01:48] <pr3d4t0r> sarnold: If you're in the Bay Area (or plan to visit soon), the next beer is on me.  Or let me know if you have a tip jar somewhere :)
[01:48] <sarnold> pr3d4t0r: hehe, no trips planned; thanks though :)
[01:49] <pr3d4t0r> Back soon...
[02:13] <pr3d4t0r> sarnold: Almost there.  Neither chroot nor pivot_root seem to be doing the job.
[02:14] <pr3d4t0r> sarnold: chroot tells me either "can't execute '/bin/sh'" or "Exec format error" depending on chroot w/o a command or if I try to specify the shell to use.  All shells are sym-linked to /bin/busybox anyway, (ash -> /bin/busybox, sh -> /bin/busybox) and so on.  Googling now to see if there's some other way.
[02:16] <pr3d4t0r> Dammit.  The issue is that the recovery disk and the OS aren't using the same architecture (probably a long due change after six months of patches and updates?).
[02:19] <patdk-lap> heh?
[02:19] <patdk-lap> boot the right one?
[02:19] <patdk-lap> it should be either 64bit or 32bit
[02:20] <patdk-lap> not too many architectures to worry about
[02:20] <pr3d4t0r> Oh, shit.
[02:20] <pr3d4t0r> patdk-lap: You're right - this image is probably for a 32-bit box I have somewhere else.  Thanks.
[02:20] <pr3d4t0r> Dammit, pressure :(
[02:20] <pr3d4t0r> Shit, I forgot that.
[02:44] <pr3d4t0r> patdk-lap: You were oh, so right kind sir.  I was using the wrong ISO image -- everything just worked™ as soon as I used the right image :)
[02:44] <pr3d4t0r> patdk-lap, sarnold: Thanks a whole bunch guys :)
[05:57] <IIT> can anyone confirm the permissions and ownership of qemu images under /var/lib/libvirt/images ?
[05:58] <IIT> i copied from my external drive to the new installation of ubuntu server, which has 777 and user ownership
[06:20] <ianorlin> argh IIT left but I would have liked to know which file system
[06:20] <ianorlin> also I think usually they are owned by root\
[11:23] <rinpoo> I've just installed ubuntu 15 server and wanted to ask what software I should install to make the server more secure. Maybe someboy knows a good tutorial for beginners?
[11:24] <rinpoo> somebody
[11:40] <Walex2> rinpoo: "security for beginners" is a bit a contradiction in terms...
[11:41] <Walex2> rinpoo: also response times under 1 minute are given only to heads of state :-)
[12:32] <rinpoo> sry was afk since it took so long to get an answer
[12:33] <rinpoo> why is security for beginners a contradiction? Everyone starts as a beginner with something
[12:34] <rinpoo> was asking for something like this: https://www.linode.com/docs/security/securing-your-server
[12:52] <rinpoo> just not for linode
[12:57] <rinpoo> 450 ppl in here and nobody knows or cares.....
[13:06] <Lightsword> I’m running 14.04 LTS and am trying to make an upstart script for a custom service, any idea how I would go about customizing handling for “service servicename restart”? the application has a socket handoff feature so that connections don’t get interrupted but I need to have it send a special flag for that, sending the flag should automatically terminate the old instance
[13:09] <patdk-wk> heh? you don't customize handling
[13:09] <Lightsword> patdk-wk, is there a way to just make it so that doing a service restart doesn’t terminate the first instance of the service?
[13:12] <patdk-wk> use the reload command
[13:12] <patdk-wk> that is what it was made for
[13:14] <Lightsword> patdk-wk how does the application know what to do for a reload?
[13:50] <JanC> Lightsword: reload sends SIGHUP
[13:51] <Lightsword> JanC, is it possible to make it do something else like start a new process with a special flag?
[13:51] <JanC> (or whatever signal you configure with 'reload signal')
[13:52] <Lightsword> hmm, so it only allows you to specify a signal?
[13:54] <JanC> Lightsword: many applications allow you to reload with a signal
[13:55] <JanC> but AFAIK only with a signal, yes
[13:55] <Lightsword> JanC, this one is a bit weird the reload process for it is to spin up a new process and then handover the connections using an initialization flag
[14:14] <rinpoo> I have a test server at home and I want to disable all ports, then just open port 80 is there a terminal command to block all ports?
[14:14] <rinpoo> would sudo ufw block all work?
[14:22] <Icey> rinpoo if there's nothing listening on a port, it won't be open in the first place?
[14:26] <rinpoo> Well Im n00b so I dont know Ill be doing this: http://serverfault.com/questions/363741/how-can-i-block-all-but-three-ports-in-ubuntu
[16:01] <rinpoo> I'm getting: /etc/bind/named.conf.options e212 can't open file for writing
[16:02] <rinpoo> after adding: recursion no; and version "Not Disclosed"
[16:02] <rinpoo> Im using vi
[16:03] <rinpoo> anyone know what I can do?
[16:06] <rinpoo> found the problem the file doesnt exist
[16:25] <EmilienM> coreycb: hey, do you know if I can try mitaka now?
[16:25] <EmilienM> you told me this week
[16:28] <Beret> EmilienM, I don't see it in the archive yet
[16:29] <EmilienM> Beret: it's not in -proposed?
[18:34] <devster31> is there a way to scan packages before installing to see if they will require a reboot after being installed?
[18:41] <patdk-wk> the only thing that requires a reboot is kernel
[18:41] <patdk-wk> or if you have some program that uses a lib that cannot be restart, except via a reboot
[18:42] <devster31> libssl requires a reboot
[18:42] <devster31> for example
[18:42] <patdk-wk> only to be sure every program that is using it, is restarted
[18:42] <patdk-wk> it doesn't technically require a reboot
[18:43] <devster31> maybe if there's a way to scan all packages that need to be upgraded for a hook that creates /var/run/reboot-required
[18:43] <devster31> oh, then if I lsof all files that use the old ssl version and restart those services I'm golden
[18:43] <patdk-wk> yes
[18:44] <devster31> thanks