[01:05] <YokoBR> hi guys
[01:05] <YokoBR> As I have only one NIC, i've created two virtual interfaces. Now the three interfaces has 255.255.0.0 as masks and created dhcp configs with 3 ranges, 192.168.0.2-254, 192.168.1.2-254 and 192.168.2.2-254
[01:06] <YokoBR> would that work?
[02:01] <sarnold> YokoBR: it may not work with that netmask..
[02:01] <sarnold> YokoBR: try instead 255.255.255.0 and install explicit routes for all three networks to the other two networks.
[02:02] <YokoBR> sarnold: i think the problem was solved.
[02:02] <YokoBR> this is what i did, 10.100.0.1 255.255.252.0. DHCP range 10.100.0.1 - 10.100.3.254
[02:02] <sarnold> that sounds like it should work, yeah
[08:52] <jamespage> coreycb, gnocchi and pandas dropped from the UCA
[09:58] <showaz> Hello, how to reset a Ubuntu-Server 16.04 initial state before install "apt remove ... --purge --auto-remove" (ubuntu-minimal).
[10:00] <rbasak> showaz: "apt-get install ubuntu-minimal^" perhaps?
[10:00] <rbasak> (or is it "minimal^"?
[10:00] <rbasak> )
[10:01] <showaz> ubuntu-minimal already installed.
[10:01] <rbasak> Well then I don't understand your question.
[10:04] <showaz> rbasak: To restore ubuntu-server to original appearance after you install a hosting panel (packages/user-data purge)
[10:04] <rbasak> showaz: well that depends on what your hosting panel installer did. Your hosting panel provider needs to answer your question really.
[10:05] <rbasak> It might be easier just to reinstall your server or restore from backup or whatever. I certainly wouldn't continue using a production server after messing around with it like that.
[10:38] <rbasak> rharper: do you have capacity to look at https://bugs.launchpad.net/ubuntu-release-notes/+bug/1531864/comments/5 please?
[10:38] <rbasak> It's intended to be disabled, but comment 5 suggests that the disablement is broken
[12:32] <rharper> rbasak: I'll look at that today
[12:36] <rbasak> rharper: thanks!
[12:36] <rharper> rbasak: to be clear, both the load file and the so should be removed since we're disabling support of http2
[12:37] <rbasak> rharper: I'm not sure. I don't mind what is removed so long as nothing explodes. I suspect the load file being there might be a problem, so I thought it probably warrants investigation.
[12:37] <rbasak> rharper: it may be that you're satisfied that nothing needs doing after looking.
[12:37] <rharper> ok; but the goal is for http2 to not be enabled by default
[12:37] <rharper> and things shouldn't break
[12:37] <rbasak> Right.
[12:37] <rharper> ok
[12:38] <rbasak> rharper: actually not just not enabled by default but not built.
[12:38] <rbasak> Until the security team says it's OK, which I don't think they will until upstream no longer consider it experimental.
[12:49] <rharper> rbasak: ok; then I wouldn't suppose we should ship any http2 files either (if we don't bother building it) no ?
[12:50] <rbasak> rharper: that would be sensible, yes. But if it's not actually causing a problem, it's probably not worth breaking final freeze for that.
[13:18] <jamespage> coreycb, https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1568971
[13:18] <devster31> I have a pretty minimal ubuntu install, is there a cli utility that allows me to interact with dhcp client and servers? I want to read the information the server is broadcasting
[13:21] <hateball> devster31: other than dhclient ?
[13:23] <devster31> I thought dhclient was used to configure an interface, I just want to read the information
[13:31] <devster31> also I think the default is dhcpcd
[14:26] <GeorgesLeYeti> Hi
[14:26] <GeorgesLeYeti> Ubuntu 14.04.4 LTS,  Issues: My /etc/passwd has been changed. How can i investigate about who / what change this file ?
[14:28] <sdeziel> GeorgesLeYeti: many things can change /etc/passwd. I'd recommend looking at the recent changes with: diff -Nau /etc/passwd- /etc/passwd
[15:29] <jamespage> ddellav, https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1568971
[16:16] <rbasak> rharper: looks like apache2 2.4.18-2ubuntu1 inadvertently reintroduced http2.load.
[16:22] <rbasak> rharper: I think you're right in that the conffile needs that handling to remove.
[16:23] <rbasak> rharper: I don't see anything wrong with your conffile handling, but a couple of things to make it simpler:
[16:23] <rbasak> 1) you don't need to make it conditional on $1; dpkg-maintscript-helper takes care of that itself.
[16:24] <rharper> which did I make a conditional ?
[16:24] <rbasak> 2) you can use debian/apache2.maintscript to save having to touch all the maintainer scripts. Then debhelper will take care of it.
[16:24] <rbasak> You're calling remove_http2_conffile from inside the switch statement
[16:24] <rbasak> Which could well be absolutely correct but I'd need to check.
[16:24] <rharper> ah, I see
[16:25] <rharper> there are stage checks in mainscript itself
[16:25] <rharper> lemme look at the apache2.maintscript then
[16:25]  * rharper missed that
[16:25] <rbasak> rharper: see the dh_installdeb manpage.
[16:25] <rbasak> You couldn't know about it unless you already did :-/
[16:25] <rharper> heh
[16:25] <rharper> yeah
[16:25] <rharper> that's fancy sauce right there
[16:25] <rbasak> Basically you put the dpkg-maintscript-helper calls in there and then debhelper takes care of it.
[16:26] <rbasak> But good job in spotting that you needed conffile handling :)
[16:26] <rharper> though one still has to debug the prior version stuff
[16:26] <rharper> rbasak: slangasek helped me see that in squid
[16:31] <rbasak> rharper: squid's conffile handling was painful!
[16:32] <rharper> to say the least
[16:32] <rbasak> rharper: btw, did you figure out if having http2.load present actually causes a problem?
[16:32] <rharper> let me test that out
[16:32] <rharper> I imagine it'll throw an error but unlikely to cause problems; I think apache2 handles missing modules gracefully
[16:33] <rharper> no
[16:33] <rharper> well, it just wont start, if you a2enmod http2 and then restart, apache2 won't start
[16:34] <rharper> yeah
[16:34] <rharper> so better to remove the file
[16:34] <rharper> no one get's hurt accidentally (it's in mod-avail, not mod-enable)
[16:35] <rbasak> OK, thanks for checking.
[16:35] <rharper> but if someone did attempt to enable it and restart apache, it fails due to the missing so file we removed
[16:36] <rharper> nice, that apache2.maintscript is very cool
[16:36]  * rharper attaches a new debdiff
[16:48] <rbasak> rharper: the new debdiff looks good, thanks. Have you tested that this works, please?
[16:48] <rbasak> rharper: I'd also note in the changelog that it was inadvertently dropped in an intermediary merge just to make the next merger's life easier in figuring out the logical delta. I can note that when uploading, no need for a new debdiff.
[17:11] <rharper> rbasak: yes; I've tested the same upgrade and the file is removed properly
[17:12] <rbasak> rharper: OK, thanks. Do you think this should break final freeze or should we aim for a 0-day SRU?
[17:12] <rharper> rbasak: sorry about not mentioning *why*;  I  know better =(
[17:12] <rharper> I think 0day is fine
[17:12] <rbasak> OK
[17:12] <rharper> it's out of the way
[17:12] <rharper> unless someone is explicitly doing a2enmod http2
[17:13] <rbasak> That would always break at some point, right?
[17:13] <rbasak> Either in the a2enmod command, or with this bug on apache2 restart.
[17:13] <rharper> right
[17:13] <rbasak> So they shouldn't be doing it and expect it to work presumably :)
[17:13] <rbasak> Then I think a 0-day is fine.
[17:13] <rharper> they might expect it due to the version, and http2 is enabled in debian
[17:13] <rharper> but
[17:14] <rharper> it's noted in the changelog why we don't have it enabled at this point
[18:16] <aeronavi> how to create a pty without an attached process?
[18:19] <aeronavi> my idea is to open terminal window, where I can later attach a process with redirected standard input/output and then control it from that window
[18:20] <sarnold> aeronavi: sounds like you're re-inventing screen or tmux
[18:21] <sarnold> fwiw I haven't seen "terminal without a process" in a while -- back in those days of course we had serial cards in our computer with 16 or 32 serial ports, and flat phone-wire run throughout the building for the terminals..
[18:22] <RoyK> screen is really cutting edge - I mean - it came out in 1987
[18:22] <sarnold> gotta keep up with these new tools :)
[18:22] <RoyK> :D
[18:23] <patdk-wk> royk, it should be replaced, it's old and single purpose like init
[18:23] <patdk-wk> maybe we need a screend
[18:23] <RoyK> tmux is better
[18:24] <aeronavi> hehe sarnold, im not from that time.
[18:24] <RoyK> aeronavi: well, it's been used steadily over those almost 30 years
[18:25] <RoyK> I guess 'ls' is a wee bit older
[18:25] <RoyK> but people are still using it!!!!!!!!!!!!!
[18:27] <aeronavi> but screen must spwan always a process right?
[18:28] <arooni> why when i login to my server do i see 56 packages can be updated?  i thought i had security updates automatically installed.  must i do a separate setup for regular updates to packages?  and more importantly, is this advised?
[18:28] <RoyK> aeronavi: nah - you can have several - just use tmux if you aren't used to screen - it's Newer And Better (tm)
[18:30] <aeronavi> spawn* . I plan to debug a process with gdb that is called inside a script, but i would like to control gdb on a external window
[18:30] <teward> arooni: updates != security updates
[18:30] <teward> arooni: it's possible to have a lot of non-security updates pending in the -updates repo for your computer, but they won't get installed if you only put on security updates
[18:31] <arooni> teward is setting up auto updates of non security updates possible?  and advised?
[18:35] <RoyK> arooni: I'm using all sort of updates on my machines - haven't failed so far (over the years)
[18:36] <RoyK> last issue we had at work, was today, a new samba version came out of redhat's repos and suddenly kerberos was needed for everything, and that was a security update
[18:36] <RoyK> broke a few clients not in AD
[18:40] <aeronavi> RoyK when i start tmux or screen, it spawn a shell process.
[18:41] <aeronavi> is it possible to just start it without any process?
[18:45] <sarnold> why?
[18:48] <aeronavi> so later I can redirect input/output of other processes
[18:49] <aeronavi> and control there
[18:51] <sarnold> why not just start that other process in screen?
[18:57] <aeronavi> sarnold because the process in question is called from inside a script
[19:08] <arooni> i'm trying to access /var/log/nginx ; but i'm getting access denied because my ssh user isn't part of the adm group.  so i did; sudo usermod -a -G adm myuser;  but i still cannot access.. :\  why not?
[19:09] <sarnold> arooni: use sg or newgrp to create a new shell process that is in the group or log out and in again
[19:21] <bekks> arooni: log out completely as that user, login again.
[19:26] <arooni> hey thanks that worked
[19:35] <arooni> is there a better tool than tmux splitting panes to monitor nginx error log + syslog?
[19:36] <Pici> arooni: multitail?
[19:39] <arooni> Pici nice!  never heard of that before;  i like the color + formatting
[19:39] <Pici> arooni: its definitely handy.
[20:12] <teward> i was going to say, "yes, it's possible.  advised?  I think so, but that's your call."
[20:12] <teward> then they left
[20:12]  * teward was busy fixing his network
[20:34] <qman__> I've been doing it for years without problems
[20:43] <RoyK> qman__: what?
[20:44] <qman__> unattended upgrades for regular updates (not just security patches)
[20:45] <RoyK> mhm
[20:46] <qman__> I've had release upgrades break plenty of stuff but not regular patches
[20:47] <RoyK> it was a bit fancy this security update by redhat
[20:47] <keithzg> I tend to have it only on for security updates, but that's almost more just because I feel like giving myself something to do from time to time ;)
[20:47] <RoyK> suddenly everything not in the AD was banished
[20:48] <sarnold> RoyK: in all fairness there's a half-way tolerable chance the same thing will happen with our samba updates next week
[20:48] <RoyK> I gues so
[20:48] <RoyK> guess, even
[20:48] <sarnold> RoyK: the only feedback we've gotten so far has been good but samba is so bloody configurable..
[20:49] <RoyK> sarnold: we found two solutions - either login with ad-domain@user, or install winbind
[20:49] <RoyK> I didn't try the former - we just went for winbind
[20:50] <RoyK> we've got some 25k users, so these things hurt a bit when that little percentage of them not using windows lose access to their data
[20:51] <sarnold> even 0.1% is a noticable amount of work :)
[20:51] <RoyK> indeed