zepka1Hello people04:50
=== caitanya is now known as Muhammad
=== Muhammad is now known as Muhammadiz
=== Muhammadiz is now known as JEESUS
=== JEESUS is now known as jeesus
lordievaderGood morning.09:55
=== Isla_de_Muerte is now known as NwS
halvors1Hi. AppArmor is apparantly destroying my VPN conncetion with StrongSwan, any way to fix this? http://pastebin.com/21V17bVP12:46
sdezielhalvors1: try adding: "owner @{PROC}/@{pid}/fd/ r," to /etc/apparmor.d/local/usr.lib.ipsec.charon12:48
sdezielhalvors1: then reload the profile with: apparmor_parser -r -T -W /etc/apparmor.d/usr.lib.ipsec.charon12:49
halvors1sdeziel: Isn't this something that would be corrected in the strongswan package?12:49
sdezielhalvors1: yes but testing the manual fix first would be useful12:50
halvors1sdeziel: The VPN tunnels works for several hours at first.12:53
halvors1Then it goes down and doesn't come up again unless i restart it manually.12:53
halvors1So there is no way to be sure that this fix works before it has gone several hours from now.12:54
sdezielhalvors1: which version of strongswan do you have installed?12:54
halvors1Linux strongSwan U5.3.5/K4.2.0-34-generic12:57
halvors1So 5.3.5 :)12:57
sdezielthat's one odd mix of kernel/userland versions12:58
sdeziel5.3.5 only shipped with Xenial yet you have Wily's kernel12:59
halvors1sdeziel: I know. Trying to use 5.3.5 from xenial repo on wily since i had so much trouble with wily's build.13:00
halvors1Same issue duo.13:00
halvors1sdeziel: Do you want me to use the wily version instead?13:01
sdezielhalvors1: I'd suggest to open a bug in LP describing your environment (including a list of all the packages related to Strongswan).13:04
sdezielhalvors1: I never ran into this denial but we have different testing environments. I only ever used Stronswan on Trusty and Xenial13:05
sdezielhalvors1: if that's feasible, you could try to reproduce the issue with a clean/pure Xenial machine?13:05
halvors1sdeziel: Ok, haha another solution is just to disable apparmor.13:08
halvors1Really it's almost only trouble.13:08
sdezielhalvors1: you can try that too but I'd recommend to only disable the charon profile13:09
sdezielhalvors1: FYI, Apparmor might only be a red herring like it was in https://bugs.launchpad.net/ubuntu/+source/strongswan/+bug/154943613:10
halvors1sdeziel: How do i do that?13:10
ubottuLaunchpad bug 1549436 in strongswan (Ubuntu) "AppArmor kills StronSwan daemon 'charon'" [Undecided,Confirmed]13:10
halvors1sdeziel: Thanks, i'll monitor the connection with your proposed fix first.13:14
halvors1sdeziel: Should "owner" be replaced with the user or just stay as it is?13:15
sdezielhalvors1: "owner" requires the executable to be run by the same user as the file/dir owner for the rule to match.13:16
CrummyGummyHi, do any of you know of a security ppa for Natty? I realise it's unsupported but I need to upgrade openssl quite urgently.13:26
henkjanCrummyGummy: there is no security ppa for Natty13:27
CrummyGummythen any src for an up to date openssl deb?13:27
henkjanCrummyGummy: you can try to point your /etc/apt/sources.list.dist to old-releases.ubuntu.com13:28
PiciSince it EOL'd in October 2012, you're not going to get any updates dated past then.13:28
CrummyGummyI know :(13:29
henkjaninstalling an openssl .deb from a new release will give you headaches i'm afraid13:29
CrummyGummyAny idea how risk it would be to install by hand?13:29
CrummyGummyI have it compiled and ready to install. Just a bit nervous...13:29
henkjanwhy would you even try to update openssl as the rest of your system has gaping holes al around?13:30
CrummyGummyJust to make connectivity work to a client.13:30
CrummyGummywe're moving away from this server slowly. It's one of those legacy boxes that we're to scared tu update.13:31
CrummyGummythere's always one...13:32
patdk-wkthe thing about openssl is13:36
patdk-wkit will just work, or you will have to recompile everything that uses it :(13:36
patdk-wkand that is when you stay within the same version :(13:37
runelind_qif I'm doing a repository, do I want to delete the Packages file every time before re-running dpkg-scanpackages?14:50
runelind_qI guess it is re-creating it since I'm doing > Packages.gz14:57
=== MikaT_ is now known as MikaT
cyphermoxhey, if someone cares a lot about ntp; this seems like it might be a relatively easy bug to fix: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/155812515:54
ubottuLaunchpad bug 1558125 in ntp (Ubuntu) "ntpd doesn't synchronize to local clock (ntpd 4.2.8p4/xenial)" [High,Triaged]15:54
cyphermox^ I'm pointing it out here because ntp is subscribed by the server team, I may otherwise get up to it $later15:55
nacckickinz1: --^ ?15:57
cyphermoxif you need help reproducing I can perhaps get the reporter or his manager or someone to get more info quickly.15:58
tuorHi, I'm working on a preseed file. I trying to add an apt repo while installing. This is my preseed file: https://paste.ubuntu.com/15402527/16:27
tuorMy goal: add the puppetlabs repos directly during the installation.16:27
tuorWhat I tried now: Add Ubuntus "ch" archiv as repo.16:28
tuorProblem: When installing, I get an error in the "select and install software" stage.16:29
tuorLine 162 of my preseed file is the intresting part. What am I doing wrong? Or how can I find out what I'm doing wrong?16:30
tuorIf I remove the 2 lines 162 and 163 it works.16:31
kickinz1nacc, cyphermox looking16:47
nacckickinz1: thanks!16:52
=== alexisb is now known as alexisb-afk
tuorIt's working now. I just don't know what is different^^17:23
=== alexisb-afk is now known as alexisb
jjrabbit443is creating a swap file on ubuntu the equivalent of having a pagefile on windows?18:59
lordievaderPretty much.19:02
jjrabbit443if you are low on RAM isn't a swap file on an SSD drive pretty much as good as using RAM anyway?19:03
jjrabbit443as far as I/O speed19:03
sarnoldnot even close; ram on high-end cpus can run at ~60 gigabytes per second; an ssd connected via sata can only run at 500 megabytes per second19:04
sarnolddon't get me wrong, ssds are way better than hard drives19:04
sarnolds/hard drives/spinning metal/19:04
sarnoldbut there's no substitute for real ram when you need it19:05
jjrabbit443wow ok nevermind19:06
jjrabbit443sounds like even old ass RAM sticks would blow SSD I/O out of the water19:06
sarnoldyeah :) old-ass ram may only go 20 gigabytes per second or something -- check intel's ARK for details for your processor -- but it's still better than swap by a lot :)19:08
=== guampa is now known as Guest46127
=== guampa_ is now known as guampa
=== Isla_de_Muerte is now known as NwS
l1meonHello, I have a question. How can I run a script for web using ipv6 instead of ipv4? Say I have ipv4:, and 4 ipv6: 2e2e:xxx:xxx23:01
sarnoldl1meon: do you mean, something like a php script that you run in apache's mod_php or fastcgi or similar?23:03
sarnoldl1meon: does i already work with ipv4? is there something preventing your apache from binding to the ipv6 addresses you want?23:04
antonispgshey guys nice to be here23:27
antonispgsso the script for rtorrent i used on a remote seedbox created a nice website where i can see my downloads23:28
antonispgsi am now transferring stuff that are going in folders inside https://IP/download/user/rtorrent/downloads at which point i get a 403 forbidden error23:28
antonispgsis there a way to get access further into the subfolders?23:29
sarnoldantonispgs: it depends upon the program; it might just require removing some code that prevents that.. or it might require larger changes23:33
sarnoldmaybe there's a configuration option for the script?23:33
antonispgsit was made via nginx23:34
=== Bray90820_ is now known as bray90820
lunaphytei suppose if i don't want to be a hypocrite, i'd better move it over here :)23:55
lunaphytei see references to both frontend and priority, but only the defaults seems to be indicated in files in /var/cache/debconf/23:55
lunaphytebut when i set them with dpkg-reconfigure, they do seem to be remembered, so they've got to be specified somewhere23:55
lunaphyteplus, it seems like i don't ever remember being prompted for this sort of thing when doing an install, which is i guess sort of a side note23:56
tarpmanhm. I'm not aware of any other locations where things are saved. all the non-defaults I can remember configuring are in /var/cache/debconf/config.dat23:58
lunaphyteoops, you are right23:59
lunaphytethere it is23:59
lunaphytethat's got a little bit of an openldap slapd-config feel to it :)23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!