[01:37] <hallyn> uh, that patch is bogus though.  it takes a const char *perms and then updates it
[02:18] <hallyn> ok, another try
=== Guest38484 is now known as mfisch
=== mfisch is now known as Guest13749
[02:46] <hallyn> rharper: ppa:serge-hallyn/virt package built
[02:47] <rharper> k
[02:47] <hallyn> though the ppa view is still confused
[02:48] <hallyn> make sure to get 1.3.1-1ubuntu7~ppa6, not 5.  (5 failed to build so shouldn't e available, but...   this is confused)
[02:48] <hallyn> oh there, finally updated
[02:52] <hallyn> oh screw libvirt.  now i get 'domain not running'  no idea what that's about
[02:52] <hallyn> oh, heh, wrong domain name
[02:54] <hallyn> didn't fix the problem for me :(
[02:55] <hallyn> still might push the pkg i have bc it has several important fixes
[03:00] <hallyn> oh, blah.  do i have to use 'R' also when depth == 0?
[03:00] <hallyn> ungh, i see
[03:00] <hallyn> rharper: yeah if you haven't yet don't waste your time, one more update to my patch
[03:01] <rharper> I've not yet
[03:01] <rharper> so I shall wait some more
[03:01] <hallyn> actually, maybe i can avoid doing the change when depth == 0.
[03:02] <hallyn> if i have a qcow2 stack and the top part of the layer is reasonly, *then* maybe i really want to deny writes ?
[03:02] <hallyn> don't think so though, just unhappy with needing this relaxation
[03:03] <hallyn> ^ do you get the feeling we should have someone who knows what they're doing taking over libvirt? :-)
[03:03] <hallyn> ok another 25 mins hopefully
[03:04] <rharper> heh
[03:04] <rharper> ok
[03:24] <hallyn> yay, success
[03:24] <hallyn> and all without having a working mouse today :)
[03:24] <hallyn> of course i don't actually *want* my uvt-kvm base image updated
[03:25] <hallyn> rharper: ok it's working for me so i'm going to push the pkg to xenial, no need for you to test unless you wnat to
[03:25] <hallyn> thx
=== devil is now known as Guest90181
=== Sprockt is now known as Sprocks
[06:11] <hardwire> ahha.. you can select an ubuntu-server-minimal preseed
[06:11] <hardwire> that's handy.
=== dax is now known as daxcat
=== Guest90181 is now known as devil_
[07:45] <hallyn> rharper: so regarding bug 1393842 I'm trying to find where qemu, for q guest agent, ever does an mknod, and not finding it.  Thinking I may have to undo that part of the fix in comment #40.
[07:45] <ubottu> bug 1393842 in libvirt (Ubuntu Trusty) "libvirt does not grant qemu-guest-agent channel perms" [High,Confirmed] https://launchpad.net/bugs/1393842
[07:47] <hallyn> though the error msg incomment 14 seems pretty clear....  but i'm not getting it
[07:48] <hallyn> (my concern is, if it's not supposed to mknod, then i'd rather not grant it that capability in apparmor profile for no good reason)
[09:51] <zetheroo> using Ubuntu 14.04 here. In a user's home directory there is a file which has user and group ownership by root. It's also read-only to any user that is not the owner. If I login as a user (not root) and open the file with vim I can then edit and save the file without using sudo. When I do this the file is saved and it's ownership changed to the user I am logged in as (not root).
[09:52] <zetheroo> This seems like a security vulnerability. How to stop this?
[11:01] <jushur> zetheroo: encryption file?
[11:02] <zetheroo> jushur: I found a solution - using chattr
[11:03] <zetheroo> its a very specific case and I was not aware that whoever owns the directory can do whatever they want with the files inside, even if the files are owned by root and only owner has write perms to the file.
[11:03] <zetheroo> Now I know ...
[11:16] <lordievader> zetheroo: That shouldn't be possible. It shouldn't matter who owns the dir. If you have write acces to a file you can write to it. If you don't you cannot write to it.
[11:16] <zetheroo> lordievader: apparently this is not how linux perms work
[11:17] <jushur> actually it is, tho you can technicaly as your user change the permission and owner/group on a file so only root can access it.
[11:18] <lordievader> zetheroo: It is, I just tested it. Vim is not able to edit a file owned by root.
[11:18] <jushur> and in that moment your user loses the rights
[11:18] <zetheroo> lordievader: is the file in a users home directory?
[11:19] <lordievader> Oeh, interesting when using the overwrite (:w!) it is able to write it...
[11:19] <zetheroo> yep
[11:19] <Deeps> http://paste.ubuntu.com/15346744/
[11:20] <zetheroo> like I said, the only solution I found was to use chattr +i on the file (done as root)
[11:20] <Deeps> 1119.11 < lordievader> Oeh, interesting when using the overwrite (:w!) it is able to write it...
[11:20] <Deeps> it deletes the file
[11:20] <Deeps> and recreates it
[11:20] <Deeps> notice the perms have changed to be owned by your user
[11:20] <zetheroo> yep ^
[11:20] <Deeps> because your user owns the dir, it can create/delete files
[11:20] <jushur> rofl
[11:20] <zetheroo> this really stumped me, and nearly everyone else I talked about it with :D
[11:21] <Deeps> vim override: http://paste.ubuntu.com/15346753/
[11:21] <Deeps> general file operations: http://paste.ubuntu.com/15346744/
[11:22] <lordievader> Deeps: It doesn't it points to the same block. And besides why can I remove a file owned by root.
[11:22] <Deeps> lordievader: because you own the dir, so you can do whatever you want to anything inside that dir
[11:23] <Deeps> i can't speak for whether or not this is by design, but it certainly looks like that's how it operates currently
[11:23] <lordievader> Hmm, interesting.
[11:23] <Deeps> but this would be why root owns / and changing the owner of / would be badnewsbear
[11:24] <zetheroo> yes, and why user root can edit everything under / because it owns /
[11:25] <zetheroo> if John Smith owns /home/johnsmith/ then he too can edit anything under /home/johnsmith/ regardless of who else may have gotten ownership to the file
[11:26] <lordievader> That makes sense, guess I learned something today :)
[11:26] <zetheroo> me too :)
[11:41] <skylite> I have to clear out a folder thats full of hardlinks. I dont care which one is deleted I just want to have only one of each file without any hardlinks. Anyone has a sollution for that?
[11:56] <rbasak> I don't think that's easy. You could create a file containing inode number and path, and then do some keyed sorting and uniq'ing on that.
[12:58] <skylite> I think I better write a shellscript for this
[13:25] <mdeslaur> rbasak: are you still working on squid3?
[13:31] <rbasak> mdeslaur: yes but task switched away from it for the moment.
[13:31] <rbasak> The version in xenial-proposed may be good to go, except for one bug reported by Odd_Bloke bloke I think, and needs some testing against squid-deb-proxy and squidguard.
[13:32] <rbasak> kickinz1_ was going to do some testing on it for me.
[13:32] <mdeslaur> rbasak: ok, good to know. Just checking up to make sure the new version is eventually going in, for security reasons.
[13:32] <mdeslaur> rbasak: thanks!
[13:32] <rbasak> It's still planned to go in, yes. Thanks for checking.
[13:43] <pezet91> hello, anyone can install LSI MegaRAID SAS driver on ubuntu server?
[13:44] <jushur> !ask pezet91
[13:44] <jushur> !ask | pezet91
[13:44] <ubottu> pezet91: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
[13:45] <patdk-wk> sure
[13:46] <pezet91> i looking for driver for LSI MegaRAID SAS controller, becauce current driven in kernel 3.8 don't see my sas disk (sorry for my english)
[13:46] <pezet91> driver*
[13:48] <pezet91> specification: Fujitsu Primergy TX2540 M1, MegaRAID SAS controller, Ubuntu Server 14.04 (kernel 3.8)
[13:49] <patdk-wk> and lsipci shows?
[13:50] <pezet91> lsipci: command not found :/
[13:51] <patdk-wk> lspci
[13:52] <pezet91> lspci | grep Mega : RAID bus controller: LSI Logic / Symbios Logis MegaRAID SAS-3 3008 [Fury] (rev 02)
[13:53] <pezet91> i can't rewrite entire log
[13:55] <rharper> hallyn: have we reproduced?  I don't see a  full guest xml or qemu command line;  qga makes a unix-socket, which I don't think needs mknod;  if they're using virtfs-9p; it could have proxied a mknod request from the guest;  other than that; I'm not currently seeing any qemu code that needs mknod
[13:56] <jushur> pezet91: rewrite? you copy or pastebin if its multiline
[13:56] <jushur> pezet91: Symbios Logis MegaRAID SAS-3 3008 is that truly a 3008? or is it 3080?
[13:56] <pezet91> 3008
[13:57] <pezet91> i can't copy, because i have ubuntu server on other machine
[13:57] <pezet91> only console
[13:58] <jushur> !pastbin | pezet91
[13:58] <pezet91> wait
[14:00] <pezet91> http://pastebin.com/EJHzH53d
[14:00] <jushur> pezet91: you sure it uses the megaraid_sas driver? and not mpt3sas ?
[14:01] <pezet91> i'm not sure
[14:02] <jushur> pezet91: do you have physical access to the card? cna read its sticker/name on it?
[14:02] <pezet91> yes i have physical access
[14:03] <pezet91> wait, i need to open the case
[14:04] <pezet91> http://www.fujitsu.com/fts/products/computing/servers/primergy/components/pmod-157814.html , it's my card
[14:06] <jushur> PRAID CP400i (D3307) (PCIe to 8-port SAS-3.0 RAID HBA (LSI 3008)) (driver megaraid_sas)
[14:08] <pezet91> yes, but if I type "modprobe megaraid_sas", it's don't work
[14:09] <pezet91> i can't see my disks
[14:09] <jushur> pezet91: check dmesg for info
[14:09] <sdeziel> pezet91: you said you have  Ubuntu Server 14.04 and kernel 3.8. Any idea why you are not on the 3.13 kernel?
[14:10] <pezet91> i can't use kernel 3.13 because i have video grabber in server (grabber works only with kernel 3.8)
[14:11] <pezet91> joshur: last line on dmesg: [ 3141:670846] megasas: 06.504.01.00-rc1 Mon. Oct. 1 17:00:00 PDT 2012
[14:15] <pezet91> so? anyone can help me? I struggle with this problem for a week :(
[14:18] <jushur> pezet91: my tip would be turn it off, disconnect the system drive and any important data drives. so you dont destroy any data. (dcoument/tape any cables so you know what goes where.) then use a live usb install and start the system to se wht works and what does not. try the new 16.04 beta to. and se if that can handle it.
[14:21] <pezet91> ok
[14:22] <pezet91> thanks
[14:22] <jushur> pezet91: use a seckond usb drive/stick to save logs to. from each test. so yuo can compare.
[14:23] <jushur> pezet91: do the sas card show the drives connected when you boot up? like its integrated firmware does recognice thme?
[14:36] <RoyK> pezet went... well - if he comes back, he may be told that this type of controller isn't an HBA, so to see the physical disks, they need to be defined in the controller somehow, either as a hwraid or in JBOD-mode (if supported) or as a single RAID-0 per drive
[14:49] <jamespage> coreycb, ok 0 test failure for mitaka-staging - going to shove everything apart from the dashboard into proposed
=== Guest13749 is now known as mfisch
=== mfisch is now known as Guest88074
=== Guest88074 is now known as mfisch
[15:01] <coreycb> jamespage, awesome.  still the horizon issue though so maybe hold off on promoting that.
[15:01] <jamespage> coreycb, ack skipped horizon
[15:05] <Zeljko> Any free shell access ?
[15:34] <kpettit> Have a weird log issue.  I've got 2 Ubuntu 14.04 servers.  One the weblogs rotate and the other doesnt.  I have a 9GB log file for example.  Apparently it's never rotated.
[15:35] <kpettit> My /etc/cron.daily/logrotate is the same as my other Ubuntu 14.04 systems that work.  And in the /etc/crontab it calls the daily crons like it's supposed to.
[15:35] <kpettit> So I have no idea where to look to see why logrotate isn't running.
[15:37] <kpettit> I can run the cron job "sh /etc/cron.daily/logrotate" and it works manually.  So something is messed up with cron.  But it's identical to other working Ubuntu systems.  It's tripping me out and I'm not sure how to troubleshoot.  Any ideas?
[15:43] <BlackDex> Hello there, i have a lot of messages in dmesg wich look like this: [  440.753544] init: <service-name> main process (10109) killed by TERM signal
[15:43] <BlackDex> where <service-name> are several services
[15:44] <BlackDex> what could be the problem??
[15:49] <kpettit> is it a low memory system?
[16:09] <coreycb> jamespage, I wonder if this is related: https://bugs.launchpad.net/horizon/+bug/1550286
[16:09] <ubottu> Launchpad bug 1550286 in Magnum UI "dynamic themes breaks compress offline" [Undecided,Fix released]
[16:09] <jamespage> hmm might be
[16:10] <jamespage> or its could be that our charm template for mitaka is foobar in the charm
=== daxcat is now known as rwd
[17:27] <hallyn> rharper: yeah i think i'll drop that.  (and start upstreaming the other patches which arein xenial)
[17:27] <hallyn> (that being the mknod exception)
[17:27] <rharper> hallyn: and at least request the full command line
[17:27] <hallyn> although yes i think i had reproduced at some point
[17:27] <rharper> or how to reproduce
[17:27] <hallyn> i think you just create a rhel7 vm in virt-manager
[17:27] <rharper> that could be documented
[17:27] <rharper> that's not good enough
[17:28] <rharper> we need to qemu cmdline
[17:28] <rharper> it they are adding other qemu features
[17:28] <hallyn> it's good enough bc you can get your own command line and it fails to work
[17:28] <rharper> those could e what's requesting the mknod
[17:28] <rharper> yeah, but why should I install virt-manager
[17:28] <rharper> at min, the subimitter can provide a full qemu commandline
[17:28] <hallyn> bc it's something we "support"
[17:28] <rharper> I'm not saying we don't support it
[17:29] <rharper> it gets solved faster with the cmdline
[17:33] <hallyn> rharper: http://paste.ubuntu.com/15349105/
[17:34] <hallyn> so i'm dropping the mknod patch right now bc it doesn't even help. does that cmdline tell you what's going on?
[17:35] <rharper> hallyn: it helps
[17:35] <rharper> there's a lot of spice
[17:35] <rharper> usb integration
[17:35] <rharper> lemme see what else is happing in qemu
[17:36] <rharper> the additional spice agent and usbredir certainly can affect what it wants on the host
[17:36] <hallyn> but
[17:36] <hallyn> type=AVC msg=audit(1457717513.877:6035): apparmor="DENIED" operation="mknod" profile="libvirt-ecc5a333-8d61-4225-ae13-bd365d478725" name="/var/lib/libvirt/qemu/channel/target/domain-rhel7.0/org.qemu.guest_agent.0" pid=20477 comm="qemu-system-x86" requested_mask="c" denied_mask="c" fsuid=116 ouid=116
[17:36] <hallyn> oh nm.  i was misreading
[17:37] <hallyn> weird line wrap, it looked like it was mknoding a diretory
[17:37] <hallyn> as a chardev
[17:37] <rharper> I'm really confused because there's almost zero mknod in qemu
[17:37] <rharper> 9pfs has mknod (as a proxy for allowing guest to mknod on host for 9p posix compliance)
[17:37] <rharper> but no where else
[17:38] <rharper> chardevs use unix socket
[17:38] <rharper> which I don't think are created with mknod IIUC
[17:39] <rharper> I kinda feel that something else besides qemu is doing a mknod but under the qemu profile
[17:39] <rharper> maybe libvirt ?
[17:39] <rharper> libvirt tends to "create" resources and hand them to qemu
[17:39] <rharper> but I don't know enough about the transition from the libvirt security profile to the qemu one (I guess exec boundary ) ?
[17:40] <jdstrand> not libvirt
[17:41] <jdstrand> if I were to guess I would say it is a supporting library of qemu
[17:41] <hallyn> well how does this qemu guest agent crap work
[17:42] <rharper> virtio-serial as a transport
[17:42] <rharper> then using a QMP wire protocol
[17:42] <hallyn> anyway, that ^ was with the patch which adds mknod if you have a qemu guest agent socket!
[17:42] <rharper> jdstrand: libc and more likely glib
[17:45] <jdstrand> rharper: fyi, libvirt does fork(), then aa_change_profile(), then exec()s qemu
[17:45] <jdstrand> we should probably change that to fork(), aa_change_onexec(), exec()
[17:46] <hallyn> lemme see if addingmknod to libvirt profile helps
[17:47] <hallyn> no, it has it already
[17:48] <hallyn> well i guess my patch was wrong, bc i'm on 1.3.1-1ubuntu7~zfs7 and the domain did not have mknod.
[17:50] <hallyn> oh the name doesn't even match
[17:51] <hallyn> so maybe it would in fact work if i did strstr() instead of STREQ
[17:53] <jamespage> hallyn, hey - do you think the helper update to fix https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1513367 will happen anytime soon?
[17:53] <ubottu> Launchpad bug 1513367 in libvirt (Ubuntu) "qemu-system-x86_64/kvm-spice failed to boot a vm with appmor enabled" [High,Triaged]
[17:54] <jamespage> in about ~1 week I'm going to start working on vhost-user support in the openstack charms, so I can help repro/fix/test whatever....
[17:57] <hallyn> jamespage: i dunno, noone has even bothered to reply to your request for denied msgs
[17:58] <rharper> ah, mkfifo does an mknod
[17:58] <jamespage> yeah i get the feel its a blind 'turn off apparmor for now'
[17:58]  * rharper searchs more 
[17:59] <hallyn> rharper: yeah but i can do that unpriv
[18:04] <hallyn> jamespage: oh hold on, this is about dpdk.  Christian is working that;  i don't think i can help...
[18:05] <hallyn> or is ist just another space-in-filename-confuses-virt-aa-helper bug
[18:11] <hallyn> jamespage: why are you pinging me on this?  If you're able to reproduce this to the point where you can hand me a vm where i can easily reprodue this with a custom built debugging apparmor that would be helpful.
[18:12] <hallyn> if not, is htis something you see mentioned a lot?  I actuallythought this was just one site with a custom install
[18:13] <hallyn> lemme try this smbios weirdness here
[18:17] <hallyn> no that works fine here
[18:20] <hallyn> jamespage: ok well noone has reported DENIED msgs bc there are none to report...  doesn't get that far
[18:22] <hallyn> jamespage: so i hate bugs like that bc it seems to confuse different error cases:  most of the bug they talk about an apparmor profile that failed to load.  but in comment #17 you suggest we might just need to add more perms;
[18:23] <hallyn> aaah, virt-aa-helper itself is not allowed to look under /var/run
[18:23] <hallyn> which would xplain both
[18:24] <hallyn> and adding /var/run/** to virt-aa-helper is actually ok, not the same thing as adding it to qemu
[18:25] <hallyn> jamespage: any chance you can push the reporter to test quickly?
[18:38] <Free99> ssl-cert setup seems to dislike that /etc/hostname is just "node-7"... is that a serious issue?
[18:45] <bekks> How does it look like when ssl-cert dislikes that?
[18:47] <Free99> bekks, "hostname: Name or service not known \n make-ssl-cert: Could not get FQDN, using "Node-7"."
[18:47] <bekks> then you have to setup a fqdn.
[18:50] <Free99> thing is, I'm using maas.. it won't let me set an FQDN :-[
[18:52] <tarpman> it's just a warning though, I think? IIRC it doesn't prevent it making the cert
[18:52] <bekks> Free99: So set it manually.
[18:54] <Free99> sigh.. this is actually a symptom of a bigger issue. Maas has been a little rough around the edges, my guess is because of this
[18:54] <Free99> this=lack of fqdn
[18:55] <Free99> http://paste.linux.chat/view/d1664e87
[18:55] <Free99> failing cloud-init
[18:55] <bekks> And why dont you set a fqdn before invoking ssl-cert setup?
[18:59] <Free99> I can't figure out why this whole process is failing
[19:00] <Free99> it seems like postfix?
[19:00] <bekks> Your pastebin is unavailable. But postfox needs fqdn as well.
[19:01] <bekks> So set a fqdn manually.
[19:01] <Free99> I'm not generating this config, Maas is... maas.io
[19:02] <bekks> So where do you set the name of that thing "Node-7"?
[19:02] <Free99> bekks, http://paste.ubuntu.com/15349884/
[19:03] <Free99> I set it in the Maas webUI, but it won't let me type an fqdn, only hostname
[19:03] <Free99> weird right?
[19:03] <bekks> So you cannot type "Node-7.test.local"?
[19:04] <Free99> nope
[19:05] <Free99> soon as you insert a period, the save button greys out... either going to have to modify the source or just do it via cli
[19:05] <Free99> but I wanted to see if anyone knew better beforehand
=== rwd is now known as ro
[19:44] <coreycb> jamespage, looks like django-compressor 2.0 is the fix for the openstack-dashboard install error
[19:51] <hallyn> rharper: http://paste.ubuntu.com/15350345/  when I force the permission for the channel directory
[19:51] <hallyn> jdstrand: http://paste.ubuntu.com/15350357/  what's wrong in this policy?
[19:58] <jdstrand> hallyn: owner "var
[19:58] <jdstrand> use owner "/var
[20:12] <hallyn> d'oh
[20:13] <hallyn> thanks
[20:14] <rharper> hallyn: I haven't dug any more; I just can't figure out where a mknod would come from (it's most likely a mkfifo for a char device) since mkfifo is a wrapper around mknod IIUC
=== devil is now known as Guest86684
[20:15] <rharper> as jdstrand possible from a helper library of qemu but it's not easily tracked down; cursory grepping of qemu and libvirt don't show much, I checked usbredir and spice ,but neither seem to have any either.
[20:15] <rharper> but clearly something at least needs to maek the unix socket for the virtio-serial connection;
=== Guest86684 is now known as devil_
=== devil_ is now known as devil__
[20:20] <jamespage> coreycb, awesome!
=== JanC_ is now known as JanC
[20:50] <coreycb> ddellav, the global requirements list is frozen now for mitaka so we'll probably need to do one more pass through the dependencies before rc's come out
[20:55] <ddellav> coreycb ok
=== ro is now known as ezri
=== chmurifree is now known as chmuri
[22:17] <hallyn> rharper: jdstrand: ok, i managed to get the qemu-guest-agent thing working without mknod capability
[22:17] <rharper> nice
[22:17] <rharper> wth was the deal with mknod ?
[22:17] <hallyn> jdstrand: do you mind if i just always add
[22:17] <hallyn>   owner "/var/lib/libvirt/qemu/channel/target/domain-rhel7.0/**" rw,
[22:17] <hallyn> to the files?  (domain-$name)
[22:18] <hallyn> bc i don't seem to be detecting it in the nchannels loop.  i don't know where it shows up inteh xml schema
[22:18] <hallyn> figure it should be private so no big loss?
[22:21] <hallyn> jdstrand: ^and also do you mind if i add /var/run/** r to the virt-aa-helper profile?
[22:21] <hallyn> (for openstack reasons)
[22:29] <jdstrand> hallyn: that's fine, though I would use /{,var/}run/**
[22:30] <jdstrand> hallyn: is domain-$name vm-specific? ie, $name is the name in the domain xml? if so, that's fine
[22:31] <jdstrand> hallyn: re no mknod: nice! :)
[22:44] <admin0> how do i create a virtual bridge in ubuntu  that stays after reboot
[22:44] <admin0> should lo be in the bridge_port ?
[22:46] <bekks> admin0: what are you trying to do, in first place?
[22:47] <ChibaPet> admin0: man interfaces
[22:47] <admin0> i need a few local bridges on top of which i will provide internal network to my kvm hosts
[22:49] <rattking> yeah do it in /etc/network/interfaces for a server, I have had endless trouble with bridge creation in networkmanager on a laptop
[22:49] <admin0> yes .. but since its virtual brige, what ports do I bind it to ?
[22:49] <admin0> br-int1 br-int2 .. both to lo ?
[22:50] <lordievader> rattking: What kind of troubles?
[22:50] <hallyn> jdstrand: yeah, name the domain name.  ok will do - thx, ttyl
[22:50] <lordievader> admin0: Whatever you want ;)
[22:51] <admin0> i mean it does not have to exist ?
[22:51] <lordievader> admin0: I usually have one real nic in the bridge and the rest are vm nics.
[22:52] <admin0> lordievader: that i understand .. that comes after the bridge is crated .. i do using brctl but that does not stay after reboot
[22:52] <lordievader> admin0: Do as people suggested, configure it in /etc/network/interfaces
[22:52] <admin0> i want to premanently create say 5 bridges, but having trouble if i should just use lo as port to all
[22:52] <admin0> lordievader: that i know ..  i am asking if people use lo in bridge_ports lo for all ?
[22:52] <lordievader> You could also let libvirt create the bridges for you.
[22:53] <admin0> or i need to create virtual lo:s ?
[22:54] <admin0> lordievader:  i did not went the libvirt way .. thanks !
[22:54] <admin0> will use the net-create in libvirt
[22:55] <nacc> stgraber: looking at merging unbound again, as we're out of sync with debian already. You just did a merge, I've got the debdiff done and ready to go, do you have any advice on testing? I think it'll also need a FFe, as it's a new upstream version
[22:55] <rattking> lordievader: my problems are probably caused by hotplugging since this is a laptop, on my servers everything works fine. but the issues are having to manually down the bridge before any network access will work after disconnecting the ethernet adapter. also I can never tell if the bridge will get a IP or not when I re-up it
[22:56] <stgraber> nacc: ping sdeziel, he'll happily test it for you :)
[22:56] <nacc> stgraber: ok, thanks! :)
[22:57] <lordievader> rattking: Ah, that sounds familliar. Got the same issues here. But I don't really mind it.