=== Lcawte is now known as Lcawte|Away
roastedhello friends02:57
roastedCurious if any mdadm experts can chime in. I'm looking to take my RAID1 (2x3TB WD Reds) and migrate it to a RAID6 with 2 additional 3TB Reds I just purchased. Am I understanding correctly that best case is to create a RAID 6 (with two failed drives) with the new drives, let them sync, then rsync data from RAID1 to RAID6 degraded array, then after add the RAID1 drives to the RAID6 pool?02:58
sarnoldroasted: that's the approach I'd take with zfs, I presume mdadm is similar enough in this case03:00
roastedsounds good. I am rsyncing all the data to my external. Just waiting on it to finish up and give this a go.03:00
roastedsarnold, do you know if any formatting is required with the 2 original drives currently in the RAID1? Or would you think I can just drop them from RAID1, add to RAID6, and let the software figure it out?03:01
sarnoldroasted: sorry, I don't know03:02
roastedsarnold, I'll have crazy up to date backups, so maybe I'll just, ya know, try it and see what happens. ;)03:02
sarnoldroasted: woo! :)03:03
mahdihi all04:18
mahdii configure my main board for use raid 1 with two hard driver and install ubuntu 14.04 server and in boot i get these error04:18
mahdimdadm create group disk not found04:18
mahdimdadm create user root not found04:19
mahdiand system not boot and these message print in loop and when i reset system with alt+ctrl+delete the boot to ubuntu is lost04:20
GyakomoGood day, my MAAS DHCP server doesn't respond to requests for PXE Boot. What can I do?07:47
Gyakomo192856Hope to avoid disconnections again, I'm Gyakomo07:49
=== cpaelzer is now known as cpaelzer_afk
=== cpaelzer_afk is now known as cpaelzer
halvorsHi. I'm woundering will phpmyadmin be updated to support PHP7.0?09:00
halvorsIm talking about the upcoming LTS release 16.0409:00
ikoniaas ubuntu doesn't make phpmyadmin, so if it works with 7 or not is nothing to do with ubuntu09:09
ikoniaand as ubuntu is not shipping php7 in "main" it's only in an additional repo, I don't think the focus will be on shipping a version oh myphpadmin that works with 709:10
lordievaderhalvors: Are there efforts upstream towards that goal?09:10
jellydependencies of packaged in debian show it's compatible with php709:13
jellyDepends: libapache2-mod-php5 | libapache2-mod-php5filter | php5-cgi | php5-fpm | php5 | libapache2-mod-php7.0 | php7.0-cgi | php7.0-fpm | php7.0 [etc]09:13
lordievaderThen I suppose that it will be updated somewhere in the future to support php7 in Ubuntu too.09:14
jellywhat's the codename for 16.04?09:15
jellyhalvors: I guess looking at packages.ubuntu.com/phpmyadmin would answer your question, then09:16
jelly(click on http://packages.ubuntu.com/xenial/phpmyadmin)09:16
=== Lcawte|Away is now known as Lcawte
synbitHello, I'm trying to do something very specific with proftpd on Ubuntu 12.04. Is this the right place to ask for help? I'd be grateful if you could point me to the right direction.10:45
rbasaksynbit: you're welcome to ask here, or perhaps some proftpd-specific place10:47
synbitrbasak: thanks. I searched for a proftpd-specific channel with no luck, so I thought I'd ask here instead.10:49
synbitSo here it goes: I have set up proftpd with virtual users. I'm trying to use ExecOnCommand of the mod_exec module (http://www.proftpd.org/docs/contrib/mod_exec.html).10:51
synbitIn order to test this I have two accounts: adminUser and testUser. These users have a different UID, but testUser has the same GID as adminUser.10:53
synbitUpon successful upload of a file (that is STOR command, http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-FTP-commands.html) I execute a script which moves the uploaded file from testUser's home directory to adminUser's home directory.10:55
synbitThe error I'me getting is "STOR ExecOnCommand '/srv/sftp/scripts/sftpTest.sh' failed: Operation not permitted"10:56
ikoniayou just need to debug that script10:57
ikoniaoperation not permitted could be a bug with something being called in the script, or as simple as the script not having execute permissions10:57
synbitTrying to replace the mv command with something like "echo 'bla' > /tmp/test.txt" works fine. Seems like a permissions issue to me. Any ideas how to do this with proftpd?10:58
ikoniano idea about proftpd - it's an ftp daemon, not aware of how to use it as a file system manager10:58
synbitikonia: thanks for your input. The script is executable by anyone10:58
synbitI'd prefer to use the built-in functionality of the ExecOnCommand that proftpd provides rather than implement my own "file-mover" with a cronjob or something...10:59
synbitIf anyone has done that I'd appreciate their input!11:00
rbasakTry running the script manually as you expect it would be called, but as the ftp user. Also check for AppArmor denials.11:00
rbasakMake sure the filesystem isn't mounted noexec11:01
rbasakSomehow I suspect that your script isn't running at all.11:01
synbitrbasak: hmmm... I'll try running it as this virtual user (If I can switch to that). That's why I suspected as well, but when I replaced the mv with the echo to some file in /tmp it worked. Which means it is executed.11:03
synbitI'll try switching to this user first though... Thanks for your suggestion11:03
tomreynmaybe it's the users' shell?11:22
tomreynfor user in testUser adminUser; do echo "Shell of $user: $(getent passwd $user|awk -F: '{print $NF}')"; done11:22
tomreynsynbit: more likely, though, based on what you discussed so far the target directory is not writable for your testUser, though.11:23
=== cpaelzer is now known as cpaelzer_afk
synbittomreyn: I've explicitly added testUser to the same group as adminUser and have also given appropriate group permissions on the folder the script is attempting to move files to11:28
synbitI tried switching to testUser, but as this user is virtual (defined within proftpd's config) I get "Unknwon id" back as I would expect.11:29
synbitAlso proftpd has not an explicit apparmor profile (the service is not listed apparmor_status command's output).11:31
synbitI am not very familiar with apparmor, but what I'm thinking now is checking the default profile for apparmor (I suspect this is where proftpd will belong since there is no specific profile?)11:33
synbitright, so I disabled apparmor with the teardown option according to the wiki, I ckeched there are no profiles loaded, tried again and still got the same error...11:47
=== cpaelzer_afk is now known as cpaelzer
synbitSomehow I feel the problem can be solved within proftpd's config... Running chmod 777 on the adminUser's home (as a test) did not help either.11:50
synbittomreyn: Sorry, I missed your comment regarding the users' shell. The problem is that these users don't exist in the passwd file. Tried to pass a different file as an argument to getent and I got "Unknown database" error.11:55
synbitLooking into proftpd's specific passwd file, I can tell you both users have /bin/bash defined as their shell if that helps.11:56
tomreynsynbit: if it's virtual users they'll be restricted to *at most* the possibilities the system user running the server process has.12:43
tomreynalso there can be a chroot configuration (in proftpd's configuration files) in place by default restricting things further.12:44
tomreynalso in openssh's configuration in case you're using that for sftp / scp transfers + authentication12:45
synbittomreyn: You are right (http://www.proftpd.org/docs/contrib/mod_exec.html#ExecOnCommand).13:01
synbitI'm not sure what's wrong though with the script being executable by anyone and the involved directories and files rwx by at least the group that both virtual users belong to.13:03
tomreynits location by chance13:04
synbitdo you mean the location of the script?13:05
synbitbecause that's fine as well.13:05
tomreynyes, if it's outside of the area these users have access to permission denied is what you'd get to see13:05
synbityeah, you are right. I'm not sure what role the location of the script plays in this, but I suspect it's fine.13:08
synbitOtherwise when I replaced the script's contents with "echo 'bla' > /tmp/file.txt" the script executed successfully and the file /tmp/file.txt was created as well13:09
=== Lcawte is now known as Lcawte|Away
zin_Hi! my mdadm raid wont auto mount after power failure. is it posssible to fix this?13:09
rbasakproftpd isn't using seccomp or something like that , is it?13:10
synbitrbasak: honestly I have no idea what seccomp is... Let me have a look and I'll post back13:11
synbitzin_: Not sure I'm the best person to give advice on this, but check if there is an entry in /etc/fstab for your raid13:19
zin_synbit: yes it is in fstab13:20
zin_synbit: /dev/md0        /home   ext2    defaults        0       013:20
tomreynRAIDs don't mount, they are assmbled and activated, providing access to file systems (and other structures) stored on them13:20
tomreynwell check the file system stored on /dev/md013:21
tomreynand review the status of your RAID using cat /proc/mdstat13:22
zin_md0 : active raid1 sda1[2] sdc1[3]       1953382336 blocks super 1.2 [2/2] [UU]13:26
zin_and the md0's filesystem is the same as in the fstab13:26
zin_and raid state is clean13:26
zin_if i restart pc it works. but after power failure it wont13:31
zin_it is still under /dev/md013:32
zin_and still clean13:32
zin_but i have to write manually 'mount /dev/md0 /home'13:33
synbitrbasak: I did apt-cache search seccomp and it came back with libseccomp-dev, libseccomp0 and libseccomp113:35
synbitnone of these packages are installed on the system. Am I right to assume that's a module? I did lsmod and couldn't find anything related either13:36
synbitSearching the web I found that vsftpd is using it as of version 3.0.0, but I couldn't find any references to proftpd. If you know a definitive way of checking whether proftpd is using seccomp please let me know.13:38
pitastrudlhow could i monitor&log the network connection stability of a virtual server?13:41
pitastrudlto see when it lost connectivity and for how long and maybe some additional info if possible13:42
hateballpitastrudl: there are simple things like smokeping, or you can use a real monitoring solution like icinga, zabbix etc13:43
=== zin_ is now known as zingz0r
pitastrudlthanks hateball, ill look into that13:45
ren0v0Hi, when using ssh, how do i tell ubuntu to use all keys under ~/.ssh/  ?14:03
ren0v0currenetly it only looks for id_rsa14:03
lordievaderYou write an ssh config?14:04
ren0v0lordievader, nope14:10
ren0v0lordievader, i'm pretty sure normally if i add a key to that folder its just "tried" by default14:10
ren0v0maybe i'm tripping :)14:10
ren0v0lordievader, say i'm doing this for a git repository, and i have 4 repos all with different key access, what then? do i just set the host in ssh config to the repo url or something? And this is definitely the normal thing to do, because i've never done it before14:12
lordievaderSSH configs are lovely. Also you don't want to try all your keys at some random host.14:13
lordievaderren0v0: https://www.reddit.com/r/netsec/comments/3frnxb/my_ssh_server_knows_who_you_are_seriously_try_ssh/14:13
ren0v0lordievader, hmm, maybe its a .gitconfig option and i'm stupid14:15
ren0v0just can't remember ever writing any of this to a config, and it just "working", you're right about trying all keys, but i'll only have 5 and a few repos14:15
soahcccI have a problem with fail2ban not unbanning IPs. The status of the jail shows 1 banned IP, the iptables have hundreds rules till there. The log shows "iptables .. returned 100" errors and seems to not retry.14:24
lordievadersoahccc: It could be a save/restore thing that got iptables and fail2ban out of sync.15:01
soahccclordievader: hmm maybe it had a problem with >19k violators? :D15:02
lordievaderOuch, that is a lot.15:02
soahcccI just removed the entries manually for now15:02
synbitThanks for your suggestions regarding the proftpd issue. I found this http://www.proftpd.org/docs/faq/linked/faq-ch5.html#AEN47815:21
synbitnumber 5 is a little suspicious... I've not found a built-in solution for this. If I do find one, I'll let you know. If not I'll have to do it with a cronjob unfortunately.15:23
sdezielHello, I debootstrapped a Xenial VM and installed acpid. Unlike previous versions, acpid(.service) isn't running by default so my VM didn't shutdown when signaled by virsh.16:13
sdezielI've read that ACPI events should be handled by logind but this didn't work in my case because logind requires dbus to start and it wasn't installed (only a recommends on systemd).16:13
sdezielSo to make a long story short, what's the recommended way to deal with ACPI on headless servers/VMs?16:13
rbasakI thought it was still acpid. AFAIK, that still works on our Xenial cloud images, or is that broken?16:22
rbasakI'd start by comparing against what an official cloud image.16:22
rbasakwhat an official cloud image does.16:22
rbasakOOI, why are you using debootstrap directly?16:23
rbasakIncidentally, debootstrap on Xenial is broken I discovered. I filed a bug in Debian yesterday.16:23
sdezielrbasak: OK, I'll checkout cloud image16:23
sdezielI used debootstrap out of habit but I guess it's time to revisit that choice16:24
=== semiosis_ is now known as semiosis
rbasakPre-prepared images FTW, IMHO. Saves a ton of time.16:25
rbasakdebootstrap isn't going away though. We use it to make our pre-prepared images :)16:25
naccrbasak: ping16:26
rbasaknacc: o/16:26
sdezielrbasak: thanks16:28
naccrbasak: hey, I've not seen anything yet as to ondrej's proposal; but the few folks that have responded to the LP are clearly those that want to use PHP7. There seem to be functional means to have PHP5 and PHP7 co-installed (even if the packages won't allow it from our repository, as they conflict). But then there's the open support question. Is this the point where I should take it to jgrimm and kirkla16:30
naccnd ?16:30
rbasaknacc: I'd certainly like to hear their views now, yes. Shall we arrange a meeting?16:32
naccrbasak: yeah, i pinged kirkland separately, but calendar indicates he might be at a sprint? I can schedule a hangout though ... would today be ok? I don't want to keep you around later than necessary16:33
jgrimmnacc, rbasak:  i sent email response on what my thoughts are at the moment.  yes, i'm open to a hangout.16:34
jgrimmnacc, is there any new news, new thoughts since we last chatted?16:34
naccjgrimm: only what i've updated the lp bug with16:35
jgrimmnacc, link?16:35
naccjgrimm: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/152242216:36
ubottuLaunchpad bug 1522422 in php5 (Ubuntu) "Update to php 7.0" [Wishlist,Triaged]16:36
=== Lcawte|Away is now known as Lcawte
BrianBlaze420hello beautifuls18:57
BrianBlaze420I am using ufw and have set a limit to my ssh connections and it works lovely but I am wondering if it's possible to change the limit... I know it has defaults but can I change them?18:58
jdstrandBrianBlaze420: it is not currently a configurable option. you can workaround that by adjusting /lib/ufw/user*.rules if you wanted19:10
BrianBlaze420awesome that looks good jdstrand I am guessing the only thing special about it is you have to configure it that way and not with a ufw command19:35
jdstrandBrianBlaze420: well, you can use the ufw command then modify it. if you'd prefer something less hacky, add the rules to /etc/ufw/before*rules19:53
BrianBlaze420well I already did it the first way and it worked so I am good19:54
BrianBlaze420thanks a lot jdstrand19:54
carlwgeorgekirkland: Can you post your slides (or video) of your scale talk soon-ish?20:10
kirklandcarlwgeorge: these?  http://people.canonical.com/~kirkland/SCALE%2014x-%20adapt%20install%20anything.pdf20:15
carlwgeorgeyessir, thank you much20:16
jgrimmkirkland, heh.. your slides on 'adapt' are timely.. i was just telling nacc earlier today about the prototyping you'd done earlier in the year on that20:56
dasjoekirkland: very interesting! I have no idea how containers work, what about packages which build kernel modules via DKMS?20:56
rbasakdasjoe: those would go on the host I'd expect.20:57
jancoowHi. When will the openssl patch be available?20:58
dasjoerbasak: I thought so, right21:01
rbasakI think with the right configuration you _could_ modprobe from inside a container, but I don't see why that would ever be needed.21:02
trippeh_how much space does a ubuntu mirror use nowadays? packages/sources only, not isos.22:49
naccrbasak: and sort of violates the principle behind the isolation (as the modprobe in the container could theoretically affect other containers)22:50
trippeh_680GB in 2013, looks like22:50
tewardtrippeh_: you could probably ask #ubuntu-mirrors and get a better answer, but I heard close to a terabyte nowadays22:50
jrwrenalso depends on platforms & versions.22:51
sarnoldtrippeh_: I did some quick calculations a few weeks ago and figured I'd need ~terabyte, but I'm hoping I'm not too far wrong :)22:51
trippeh_all the things! :)22:51
sarnoldtrippeh_: what, you got an s390 in that shed? :)22:52
trippeh_nah, I killed all my weirdo archs a decade ago22:52
trippeh_used to run auth dns on m68k ;)22:54
jrwrenat a previous job we were only interested in x86_64 and server at that, so we used reprepo to mirror and we stripped some larger desktop packages out. IIRC it was well under 30GB for trusty, x86_64 with some filters applied22:54
trippeh_I'll use ~1TB as the guideline for a full package/source mirror23:02
trippeh_a little more, a little less, who cares ;)23:02
geniiLast I mirrored the repos it was around 35G23:03
genii( not including restricted and partner)23:03
trippeh_hey look, a couple of leftover 1TB SSDs. what a coincidence ;)23:05
tewardtrippeh_: i'd suggest maybe 2TB as a safe bet, but it depends on how many releases and such you're pulling in23:10
tewardgenii: that's the ISOs, I thought?  I heard different from -mirrors23:10

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!