/srv/irclogs.ubuntu.com/2016/05/03/#ubuntu-server.txt

=== devil is now known as Guest61712
Aison	what's wrong here? nfs-idmapd.service: Control process exited, code=exited status=1	00:14
=== LaserAllan is now known as LaserAllan-sleep
=== Guest61712 is now known as devil_
=== galeido_ is now known as galeido
=== ShaRose_ is now known as ShaRose
=== Guest19932 is now known as sts
=== payload2 is now known as payload
=== LaserAllan-sleep is now known as LaserAllan
curmet	I've developed and tested web app (using a framework) in windows machine successfully, but after I move the app and framework folder , from c:\xampp\htdocs\ to /var/www/html to Ubuntu machine, it encounters errors, "cannot find the requested view" . What changes should I make to Ubuntu machine?	10:48
curmet	THanks in advance :)	10:48
Repox	Hello. I just installed Ubuntu 16.04 and I want to setup Jenkins. Now, I have some options regarding installing OpenJDK, and I can see that most information refers to openjdk-7-jre, but is there any reason why I should want to avoid openjdk-8-jre or openjdk-9-jre?	11:35
=== JanC is now known as Guest52941
=== JanC_ is now known as JanC
Dulcin	Hi, is there a way to see how much data my server is using?	13:23
ReScO	ifconfig ?	13:24
patdk-wk	what is data?	13:25
Dulcin	Well the problem is, my host tells me my server (which has been there for years) all of a sudden started using 1TB data per day since about 3 weeks ago	13:25
Dulcin	and they charge 50 cents per gig	13:25
Dulcin	Is there a way to verify this?	13:26
patdk-wk	you are running mrtg/munin/cacti/... on it?	13:26
patdk-wk	my bet is your infected and sending spam email	13:26
patdk-wk	and attacking other websites	13:26
Dulcin	I haven't installed those myself. It's a default ubuntu server and I only set up a web server on it	13:27
patdk-wk	well, that is safe	13:27
Dulcin	so what should I start with to find out?	13:27
patdk-wk	atleast till you install php/cgi'/...	13:27
patdk-wk	well, see what is running on the server	13:28
patdk-wk	log all open connections	13:28
poohbear82	my website is running on ip that starts with 10. I understand it is on the local network. How do I make it public?	13:29
Dulcin	ok thank you I'll start with that	13:30
patdk-wk	poohbear82, ask your network admin	13:30
poohbear82	well conceptually... what has to happen?	13:31
poohbear82	I'm trying to understand	13:32
hateball	poohbear82: NAT has to happen	13:32
=== _ruben_ is now known as _ruben
patdk-wk	maybe	13:35
patdk-wk	we don't know what has to happen, as we don't manage his network	13:35
patdk-wk	nat, or public ip assigned, or vlan move, or ....	13:35
patdk-wk	so many options, nothing we can really help with	13:35
patdk-wk	or just forget about this ipv4 stuff, and use ipv6	13:36
poohbear82	Ok, thank you.	13:36
Dulcin	patdk-wk, I'm a bit at a loss here, can you point me in the right direction?	14:00
Dulcin	I checked the auth.log and I see a bunch of ssh attemps on root user, but that's locked	14:00
Dulcin	when I check 'who' I'm the only one logged on	14:00
Dulcin	I checked netstat -tupn	14:01
Dulcin	Most seems to be webserver connections	14:01
patdk-wk	I never said to check auth.log	14:07
patdk-wk	that is normally useless	14:07
Dulcin	Sorry I'm a web developer with limited knowledge on these things	14:07
patdk-wk	if your compromised, and it shows in auth.log, you have issues	14:08
patdk-wk	it's almost always the web that is broken	14:08
Dulcin	patdk-wk: but these attemps seem to fail	14:13
Dulcin	What do I do to check if I'm compromised?	14:13
patdk-wk	yes, and failed attempts are not a compromise	14:13
patdk-wk	they are just normal random internet noise	14:13
patdk-wk	everything :)	14:14
patdk-wk	you don't know how you are compromised, or if you are, so the only way to know is to check everything	14:14
patdk-wk	but there are only two reasons for increased internet traffic	14:14
patdk-wk	ligit, increased usage of your server	14:14
patdk-wk	or non-ligit, compromised server	14:14
patdk-wk	I'm betting it's compromised, and likely via the webserver	14:15
patdk-wk	so looking in auth.log is likely pointless	14:15
patdk-wk	unless you have really weak passwords	14:15
Dulcin	I dont think I do, they all have lower-upper case and special characters in them	14:16
patdk-wk	it's possible someone compromised your password, but normally that is very rare	14:16
patdk-wk	compared to a website getting compromised	14:17
Dulcin	so, then I should check the web server logs?	14:17
patdk-wk	sure, but that won't likely tell you much	14:17
Dulcin	how do I proceed?	14:17
patdk-wk	normally the most help those are, is after you find the comprise, to locate when it was first used, and put in place	14:17
patdk-wk	like I said above	14:18
patdk-wk	look for anything running that sholdn't be	14:18
patdk-wk	look for any new files on your server	14:18
patdk-wk	anything that doesn't belong	14:18
patdk-wk	or if you just don't care, scrape the server and reinstall it	14:18
patdk-wk	hopefully without whatever was that let them in	14:19
Dulcin	patdk-wk: just got a call from my host, they finished their investigation...	14:20
Dulcin	patdk-wk: they made an error in their calculation...	14:20
Dulcin	I did not use 13TB in 12 days :\|	14:20
patdk-wk	:)	14:21
patdk-wk	I would recommend you install mrtg/munin/cacti/... to monitor your usage	14:22
Gazby	Hi everyone. Is it OK to install the ubuntu-server package (http://packages.ubuntu.com/xenial/ubuntu-server) post-install? The basic images you often get are missing several packages from a server install so I like to fix that, but open-iscsi fails to start when installing ubuntu-server so the install fails.	14:22
patdk-wk	if nothing else, you will be able to see and predict when your usage changes and account for it	14:22
=== disposab1e is now known as disposable
Dulcin	patdk-wk: any preference to those?	14:23
patdk-wk	personally I perfer munin	14:23
patdk-wk	though I use cacti also	14:23
patdk-wk	just cacti is kind of overbearing	14:23
patdk-wk	lots of poeple seem to like graphite	14:24
patdk-wk	all have different levels of setup complexity	14:24
Gazby	+1 for munin	14:24
Gazby	graphite is amazing, but a lot more work than munin, and probably for a more narrow use case	14:25
Pici	I'm using graphite + grafana here for some random stuff, I like it a lot.	14:28
Gazby	oh that's very sexy	14:29
RoyK	I've started setting up zabbix for testing.	14:29
Gazby	we used dashing http://dashingdemo.herokuapp.com/sample	14:29
RoyK	Gazby: commercial thing?	14:30
Gazby	no	14:30
Gazby	built by shopify, floss	14:30
* patdk-wk should floss		14:32
Pici	grafana+graphite: http://i.imgur.com/uIyQWSS.png	14:32
* patdk-wk is now just a stat on pici's graph		14:33
Gazby	that's gorgeous	14:33
genii	Pici: Are those three spikes netsplits?	14:41
Pici	genii: yes. I put an annotation thing in, but it doesn't work that well yet: http://i.imgur.com/A6OS1Bk.png	14:43
=== Guest99396 is now known as karstensrage
Pici	I'll open it up to ops once I figure out how to separate out my own personal dashboards out. I have some of my own servers in there, plus I'm tracking unread emails and I'm working on another small project to feed some more esoteric data in.	14:45
* genii makes sure the coffee keeps coming		14:47
Gazby	have posted my question here: http://askubuntu.com/questions/766920/how-to-install-packages-from-basic-with-a-minimal-install	14:53
* patdk-wk never uses anything > ubuntu-minimal		14:54
patdk-wk	but why would open-iscsi fail?	14:55
patdk-wk	are they using some odd kernel? openvz thing?	14:55
Gazby	it happens on linode, standard kvm, and vultr	15:00
Gazby	my understanding is that it always fails and the ubuntu installer just ignores it	15:01
Gazby	you'll find it failing in the dmesg of any basic install	15:01
TJ-	Gazby: looks like bug 1576341	15:03
ubottu	bug 1576341 in systemd (Ubuntu) "fails in lxd container" [Undecided,Confirmed] https://launchpad.net/bugs/1576341	15:03
patdk-wk	that wouldn't affect kvm	15:05
Gazby	ya	15:05
Gazby	i had seen that, the log output differs from mine also	15:05
Pici	Gazby: hrm. I remember needing to a bit of steps on my linode when I setup my linode, but that was a while ago and I don't recall seeing that error.	15:09
Gazby	i could probably cobble something together is `tasksel --list-packages` was outputting a package list. i've no idea what the output of "^server" means	15:11
mike-zal	I don't have apache on my server and yet during a boot system tries to open it. I get: The apache2 instance did not start within 20 seconds... etc. it slows down my boot	15:11
mike-zal	how can I get rid of this automatic apache start?	15:12
Pici	Gazby: you may want to ask #linode on oftc.net as well.	15:12
Pici	which reminds me, I should rejoin that too.	15:13
mike-zal	it showed afer I tried and installed webmin and then uninstalled it (with a script, just like instructed on their site)	15:13
* patdk-wk is testing it		15:13
patdk-wk	mike-zal, well, then you screwed it up	15:13
mike-zal	I know :P	15:13
patdk-wk	and you will have to ask their website what the script did	15:13
patdk-wk	and undo it	15:13
patdk-wk	not sure we have any idea what happened	15:13
mike-zal	shit, sorry	15:13
patdk-wk	Gazby, it worked fine for me	15:14
mike-zal	ok, so new install. it's testing anyway so far	15:14
patdk-wk	I installed a ubuntu-minimal	15:14
patdk-wk	then did an apt-get install ubuntu-standard	15:14
patdk-wk	it installed and worked just fine	15:14
patdk-wk	no issues	15:14
mike-zal	next time I won't install webmin. it's overkill for me	15:14
mike-zal	ajenti works just fine and should be sufficient	15:15
patdk-wk	so whatever they did to make their custom ubuntu 16.04 image, broke it	15:15
patdk-wk	assuming it really is kvm, full vritualization and not openvz	15:15
patdk-wk	but then, everything is assumed to be broken on openvz/lxc/...	15:15
mike-zal	is it safe to install server 16.04?	15:16
patdk-wk	what is safe?	15:16
Gazby	patdk-wk: i'm trying to instal ubuntu-server not ubuntu-standard	15:16
mike-zal	desktop version has cleary issues and I wonder if that's not transferred into server, although it shouldn't since there is no gui	15:16
patdk-wk	hmm	15:16
mike-zal	just asking what is the general opinion on this	15:16
mike-zal	they screwed desktop and that lowever trust overall in 16-04	15:17
patdk-wk	depends on what you call safe	15:17
mike-zal	hence my wondering wheter I should insyall it or 14.04	15:17
* patdk-wk wonders what is screwed up in desktop		15:17
mike-zal	mostly the new software center	15:17
patdk-wk	people actually use that?	15:18
mike-zal	it doesn't find packages that are available through apt-get	15:18
nacc	that issue is supposed to be fixed soon, though, iiuc?	15:18
patdk-wk	my only issue is the gnome toolbar	15:18
patdk-wk	that the gnome method to disable them doesn't work	15:18
mike-zal	also this other program, what was it? for manging packages. syn something?	15:18
mike-zal	synapitic	15:18
nacc	synaptic	15:18
=== shadeslayer_ is now known as shadeslayer
mike-zal	also doesn't see those packages. but they are possible to install via terminal	15:19
mike-zal	that's a major screw up and people are talkig about it	15:19
mike-zal	anyway, that's gui problem so probably not related to servers	15:19
nacc	also "screwed" is a bit of an overstatement (IMO), and that's also why LTS -> LTS upgrades aren't offered yet :)	15:20
nacc	(again IMO)	15:20
* patdk-wk did a raw install, no upgrades		15:20
patdk-wk	oh, ubuntu-server is a new package, didn't used to exist	15:23
patdk-wk	no wonder I was confused	15:23
patdk-wk	looks like everything I don't use, no wonder I'm not too interested in it	15:23
mike-zal	I red release log, there are mainly changes in packages version	15:24
patdk-wk	only items in it, ethtool, patch, vlan	15:24
Gazby	it exists in 14.04, that's why i'm trying to install it on 16.04, been doing it on trusty forever	15:25
mike-zal	I'll give 16.04 try. there is no point of using old system and packages for the next few years	15:25
patdk-wk	I looked in 14.04, it tells me no package	15:25
patdk-wk	apt-cache show ubuntu-server	15:25
patdk-wk	N: Unable to locate package ubuntu-server	15:25
patdk-wk	E: No packages found	15:25
mike-zal	and release upgrae is a bit risky	15:25
nacc	rmadison says only xenial + yakkety, fwiw	15:25
patdk-wk	http://packages.ubuntu.com/search?suite=all&searchon=names&keywords=ubuntu-server	15:27
mike-zal	nacc: did you install 16.04?	15:27
nacc	mike-zal: a few months ago, yeah	15:27
patdk-wk	I have around 20 16.04 installs so far	15:27
mike-zal	and no problems?	15:27
patdk-wk	only the one on my laptop that uses the gnome scrollbars	15:27
patdk-wk	it's damned impossible to use those scrollbars on a 4k screen that is 15"	15:28
mike-zal	ok, got the iso. will launch startup	15:28
nacc	mike-zal: none, but this is on a desktop (and i'm running ubuntu gnome, technically, i guess)	15:28
mike-zal	I'm installing in VB for educational purposes	15:28
mike-zal	learning some basics	15:28
mike-zal	I'm planning to buy cloud VPS and move my shop there	15:29
mike-zal	ovh will have 16-04 probably ready in summer, at least so they told me over the phone a month ago.. :P hopefully quicker	15:30
patdk-wk	yuk	15:30
patdk-wk	ok, ubuntu-server installed manually on ubuntu-minimal	15:30
patdk-wk	install worked, reboot worked	15:30
rbasak	patdk-wk: ubuntu-server is a metapackage generated from the server seed, new in Xenial. It's there so that if a user removes packages depended on by ubuntu-server, they know that they may be breaking something by no longer having what we call "Ubuntu Server", and on future release upgrades we can add to the list so users' systems can follow along.	15:44
daftykins	hey folks, i have an OpenVPN setup running on a 14.04.4 server (so vivid HWE) that is proving to be wholly unreliable, might the 4.2 kernel have issues with openVPN?	15:45
rbasak	ubuntu-desktop etc. already did something similar.	15:45
daftykins	reliability woes manifest as webpages sporadically loading through the tunnel... network resources failing one moment that don't the next... etc.	15:46
mike-zal	out of curiosity, if you decided for ubuntu server then why? why ubuntu and not centos or debian?	15:46
daftykins	mike-zal: just checking, was that query to someone else?	15:46
patdk-wk	rbasak, you oviously where not following along	15:46
patdk-wk	rbasak, read Gazby	15:47
mike-zal	that was for anyone who is willing to share	15:47
patdk-wk	!poll	15:47
patdk-wk	!best	15:47
patdk-wk	damn bot	15:47
daftykins	mike-zal: run what you like, it's not apt to ask for opinions in distro specific channels	15:47
mike-zal	ok, then let me rephrase. why do you like ubuntu server? just curious. I have my reasons to choose it but I'd like to know why others use it	15:48
mike-zal	I'm not looking for other server if that is what you are implying daftykins	15:49
daftykins	mike-zal: sorry i don't follow	15:49
patdk-wk	yes, but those reasons are specific to that person, and rarely relates to others	15:49
mike-zal	mine are simple. I don't know much about servers so I	15:50
mike-zal	so I'd better stick to ubuntu since I know it a little	15:50
mike-zal	while debian or red hat systems are totally strange for me	15:50
daftykins	debian'd be the same experience pretty much	15:50
mike-zal	plus, there is lot of stuff on the net about ubuntu server so in case of questions, it's easy to look for answers	15:51
mike-zal	also, ubuntu seems to be more newbie friendly	15:51
patdk-wk	ubuntu is debian based	15:52
patdk-wk	so for debian to be strange, would be really strange :)	15:52
mike-zal	I know but there must be sime differences. never tried pure debian	15:52
Pici	Ubuntu's releases are easier to understand.	15:52
daftykins	in the past i found ubuntu had sane configuration defaults for packages, whereas you may install the same package on a debian machine and it just wouldn't even run	15:53
mike-zal	so it seems that ubuntu is more user friendly after all	15:54
WOW	Hello	15:56
WOW	I meet a problem and can't figure it out for a couple of days...	15:56
Pici	Whats up?	15:56
WOW	need help...	15:56
WOW	We have multiple trusted domains.	15:56
daftykins	WOW: type it all on one line if you can, volunteers don't want to read a page of scrollback	15:57
WOW	I built one ubuntu server to join domain A..Works perfect..	15:57
WOW	I can use command id, su -...	15:57
WOW	ok	15:57
* patdk-wk wonders what a trusted domains is		15:58
daftykins	windows server term probably	15:59
daftykins	i.e. active directory domains	15:59
WOW	I built another ubunbu server to join domain B, same steps, only different domain name..after I join the ubuntu server to domain B. I can see this server listed in domain B. I can login to the ubuntu server by build in administrator account only..Can't use any other domian accounts to login to the server or run id or su - command..If I run id command, it gives me " no such users"	16:00
patdk-wk	ya, active directory defines it, domain doesn't could be dns, could be network, could be hundreds of things	16:01
WOW	I have compared the settings of these two boxes...the only different is domain name...DNS works will	16:03
WOW	well	16:03
WOW	any special logs I can check...	16:03
daftykins	yes authentication related ones	16:05
WOW	I am using sssd+ realmd	16:11
WOW	by default all the domain use should be able accesss the box once it is joined to domain...	16:11
WOW	no issue on box one which was joined to domain A	16:12
WOW	Doesn't work on the second box which was joined to domain B...	16:12
WOW	runnning out of idea at all	16:12
WOW	I can see the second box in the AD...	16:13
daftykins	yeah so read the auth logs when trying as a domain user	16:14
tgm4883	Has anyone used altermime to add a multiline disclaimer to all postfix emails? I've got it adding it, but it's making my disclaimer a single line	16:16
WOW	Apr 29 15:16:18 ubuntutest login[2551]: pam_unix(login:auth): check pass; user unknown Apr 29 15:16:18 ubuntutest login[2551]: pam_unix(login:auth): authentication failure; logname=administrator@MYDOMAIN.COM uid=0 euid=0 tty=/dev/tty1 ruser= rhost= Apr 29 15:16:18 ubuntutest login[2551]: pam_sss(login:auth): authentication failure; logname=administrator@MYDOMAIN.COM uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=MYDOMAIN.COM Apr 2	16:19
WOW	here is the logs	16:19
WOW	I don't quite understand...	16:19
ReScO	LDAP is kicking my ass :(	16:20
ReScO	can't think of a proper structure	16:21
WOW	You know what, I am going to try samba + winbind	16:27
WOW	and see if different result...	16:27
mike-zal	why sudo restart ssh says that there is no such command?	16:29
genii	mike-zal: Because you want something more like sudo service ssh restart	16:30
mike-zal	genii: thanks :)	16:31
ReScO	Anyone in here a bit more experienced with setting up LDAP in a corporate environment?	16:31
=== InfoTest1 is now known as InfoTest
mike-zal	shit, can't connect to ssh from host computer. it's not doing anything :(	16:35
mike-zal	does ssh has to be opened in ufw first?	16:35
tarpman	ReScO: #ldap is a good channel for discussions of LDAP in general	16:37
genii	mike-zal: You're syaing that: ssh localhost ..or: ssh 127.0.0.1 or: ssh <exact IP of the host computer> while on the host computer does not work?	16:37
mike-zal	yeap	16:37
mike-zal	I do: ssh root@localip and nothing. cursor moves to the next line	16:38
mike-zal	I got actually only netowork IP 192.168.1.16 and I use that	16:39
genii	Try a non-root account	16:39
genii	work, AFK	16:39
mike-zal	the same	16:40
mike-zal	maybe I have something wrong on server	16:40
genii	mike-zal: Do you have openssh-server package installed?	16:43
mike-zal	ok, found it. ufw was blocking it. added rule for ssh	16:43
mike-zal	genii: thanks	16:43
genii	np	16:45
* genii wanders back to work		16:45
=== pmatulis_ is now known as pmatulis
mike-zal	how to install mysql database?	17:00
teward	mike-zal: sudo apt-get install mysql-server	17:00
mike-zal	sudo mysql_install_db seems to be deprecated	17:00
mike-zal	I already got it	17:00
teward	mike-zal: then I fail to understand your question	17:00
teward	the 'automatic configuration' is done during the apt-get install phase	17:00
mike-zal	it says "Please consider switching to mysqld --initialize"	17:00
teward	and sets up the 'mysql' server	17:00
mike-zal	ok, then maybe that is why I get "[ERROR] --initialize specified but the data directory has files in it. Aborting."	17:01
mike-zal	I'm looking on 14.04 instalation guide so some things are outdated obviously	17:02
mike-zal	in 14.04 it had to be done manually	17:02
mike-zal	is php5-fpm ok for 16-04?	17:07
mike-zal	I guess not, because I got that it doesn't have accessible version	17:10
teward	mike-zal: there's no php5-fpm in the repositories	17:16
teward	mike-zal: I wrote a blog post about how to get a version of php5.6 for the system, but it's not an official Ubuntu-supported method because PPA	17:17
teward	!ppa	17:17
ubottu	A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge	17:17
teward	mike-zal: http://dark-net.net/?p=128	17:17
teward	mike-zal: you can try php7.0-fpm first though	17:22
teward	mike-zal: though you may have some headaches getting it to the same point your php5-fpm was at	17:22
mike-zal	yeah, I found and installed php7	17:24
mike-zal	was just looking on outdated info	17:25
teward	mike-zal: MOST guides are not updated for 16.04 :P	17:25
mike-zal	on digital ocean is	17:25
mike-zal	at first I thought they didn't so I followed old tutorial but then I found newer version	17:26
mike-zal	so far they have the best guides	17:26
daftykins	bear in mind DO is a bit different from stock ubuntu, such as being email'd root passwords instead of a user which can sudo - although you can easily implement this setup then disable root SSH login (which is sane security practice)	17:26
teward	^	17:27
teward	daftykins: though, most VPS providers fall into that category	17:27
teward	(RamNode let me use an ISO to reinstall my VPS though, so I was able to do the full from-scratch setup on the KVM VPS heh)	17:27
mike-zal	ok, thanks. will read about securing server later. in guide there are some basic notes how to disable the most insecurities but I'm sure that's not all. besides this is testing server so I don't want to set all security measures just yet	17:28
mike-zal	I'm complete newbie so I have to go with some very simple to understand guides	17:29
daftykins	no you should do the user management bits from the beginning	17:31
axisys	how do install a older version of package? I want to install offlineimap from trusty into xenial	18:01
axisys	sudo apt-get -t=trusty install offlineimap did not work	18:02
axisys	The value 'trusty' is invalid for APT::Default-Release as such a release is not available in the sources	18:02
daftykins	you can't pick a version based on distro name	18:03
daftykins	it's also highly inadvisable to try to take one from an older release	18:04
hallyn	smb: sarnold: arges: completely unpredictably, i'm running into trouble trying to use both groups libvirt and libvirtd :)	18:04
axisys	daftykins: had been trying to current version working for few days.. so using docker to run older version and running offlineimap from it with shared folder for Maildir/ .. but I like to run it from outside docker	18:05
daftykins	axisys: so the point is you're running... 16.04? and this ones is broken?	18:06
axisys	daftykins: actually correctly speaking.. this one fixed the certificate issue and I cannot make the imap ssl work anymore.. older version silently ignored it and was working fine.. :-)	18:07
daftykins	heh	18:08
axisys	daftykins: may be I should take this discussion back to #offlineimap again :-)	18:08
daftykins	or run 14.04	18:08
axisys	last time it was quite...	18:08
axisys	already upgraded to 16.04	18:08
axisys	so downgrading to 14.04 would be lot of work.. so vagrant or docker are my only solutions to use older distro	18:09
daftykins	well you can't downgrade, you'd simply spin up a VM for these times	18:09
daftykins	back to their channel it is then by the sounds :)	18:09
axisys	I do not want to start a whole new VM with vagrant.. so picked docker..	18:09
axisys	daftykins: :-)	18:09
axisys	daftykins: docker works really well.. but i need to work a little bit more for a persistent cache.. or it is kind of slow..	18:10
hallyn	bah, bc it's trying to be too smart:	18:11
hallyn	sudo addgroup --system --gid 117 libvirt	18:11
hallyn	addgroup: The GID `117' is already in use.	18:11
hallyn	-o i guess	18:12
daftykins	docker != VM as far as i follow it	18:22
sarnold	hallyn: shocked I'm shocked I say!	18:27
hallyn	sarnold: i'm gonna give it one more go and if that fails i'll just punt on the switching to libvirt gorup for now :)	18:27
ppetraki	hallyn, apw, so we just find the coolest g++-5.0 compiler bug - https://bugs.launchpad.net/ubuntu/+source/gcc-5/+bug/1577891	18:29
ubottu	Launchpad bug 1577891 in gcc-5 (Ubuntu) "Placement new destructor call optimized out" [Undecided,New]	18:29
hallyn	ppetraki: "c++ lolz" :)	18:30
* hallyn hasn't used a c++ class since 2001		18:30
ppetraki	hallyn, it's how real work get's done ;)	18:31
hallyn	you know this actually rings a bell	18:31
hallyn	wasn't there some libc bug or kernel bug causing a memset to always write 0s instea dof the requested bytes, or something?	18:31
ppetraki	hallyn, me neither, until I started working here. No reason to use anything else.	18:31
sarnold	ppetraki: the heck does this mean? :) "Signature *sp = new(p) Signature();"	18:31
ppetraki	sarnold, "write your stuff here"	18:31
ppetraki	aka placement new	18:32
sarnold	in. sane.	18:32
ppetraki	you get used to it, rarely used to be honest, but when you need it you need it	18:32
ppetraki	what's insane is optimizing out functions that I call	18:33
sarnold	I can imagine that if you were going to have afew million objects of a given type that you might want to use this thing with slabs that grow and shrink etc..	18:33
ppetraki	we do	18:33
ppetraki	represents a SHA1	18:33
hallyn	ppetraki: well you wanted optimization, give us a prize for giving you what you want	18:33
hallyn	what's faster than "don't do it"	18:33
ppetraki	well, since it's a sha, and sha names the data, we'll never find it again. so that's kinda bad for a storage array	18:34
hallyn	just blame it on btrfs	18:34
ppetraki	hallyn, you can blame everything on that. It's not even fun anymore	18:35
daftykins	can't spell butterfingers without btrfs!	18:35
* daftykins ducks		18:35
hallyn	heh ppetraki wants a challenge	18:35
sarnold	ppetraki: hopefully useful: http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html	18:35
* hallyn looks on amazon for BOFH calendar		18:35
hallyn	sarnold: maybe but not until the compiler is fixed i'm guessing :)	18:36
ppetraki	sarnold, interesting...	18:36
* ppetraki tries		18:36
sarnold	hallyn: that may still be the end result, yes. but memset_s() or secure_memzero() may be ways to tell the compiler that they aren't noops and can't be optimized away	18:37
hallyn	oh, i see.	18:37
axisys	daftykins: right docker is a container.. VM is OS over Host+Software as hypervisor	18:39
de-facto	does xenial server support using i/o schedulers as kvm guest?	18:40
ppetraki	sarnold, is it in 16.04? can't build using this example, http://en.cppreference.com/w/c/string/byte/memset	18:40
bekks	de-facto: that question doesnt make much sense.	18:40
patdk-wk	de-facto, what does that mean?	18:40
bekks	de-facto: an I/O scheduler is not some kind of vm.	18:41
de-facto	bekks im asking because some distros deactivate schedulers when used as kvm guests (e.g. you cannot set schedulers on /dev/vda)	18:41
patdk-wk	you can do that, but it's rather pointless	18:42
patdk-wk	cause any scheduling you do, will be redone, so your just wasting cpu/memory	18:42
sarnold	de-facto: I understand only cfq scheduler supports the io priorities anyway, and afaict everyone hates that scheduler	18:43
sarnold	ppetraki: it may require a different -std= ..	18:43
patdk-wk	cloud-at-cost has a 10second delay programmed into their scheduler :)	18:44
sarnold	patdk-wk: holy	18:44
de-facto	yeah but what if i want to do it anyhow? is it possible on xenial or blocked?	18:44
sarnold	patdk-wk: that's one way to discourage disk IO :)	18:44
sarnold	de-facto: I've never seen an error message from ionice :) I assume you'll continue executing just without the classes you expected	18:44
de-facto	e.g. will echo "cfq" > /sys/block/vda/queue/scheduler ; cat /sys/block/vda/queue/scheduler yield something else than "none" on xenial as kvm guest (virtio /dev/vda)?	18:46
* patdk-wk still wonders what your attempting to gain		18:49
sarnold	de-facto: hah, looks like that fails.	18:51
ppetraki	sarnold, nm -D /lib/x86_64-linux-gnu/libc.so.6 \| grep memset_s	18:52
ppetraki	sarnold, no results, memset is there, I don't think it made it https://sourceware.org/ml/glibc-bugs/2015-01/msg00193.html	18:52
ubottu	sourceware.org bug 2015 in binutils "Segfault in setlocale() call makes programs unusable" [Normal,Resolved: invalid]	18:52
sarnold	ppetraki: :(	18:52
ppetraki	sarnold, but I can look for alternatives, now that I know that this exists. Thank you, that was helpful.	18:53
patdk-wk	does the vda driver even support schedulers?	18:53
patdk-wk	still don't get why you would want to	18:53
patdk-wk	any ordering you do, will be redone with the hosts scheduler	18:54
de-facto	sarnold so its not possible to change scheduler in xenial on such a scenario either then?	18:56
patdk-wk	"For better performance of I/O-intensive applications, a new I/O path was introduced for the virtio-blk interface in kernel version 3.7. This bio-based block device driver skips the I/O scheduler, and thus shortens the I/O path in guest and has lower latency. It is especially useful for high-speed storage devices, such as SSD disks. "	18:57
sarnold	de-facto: at least my xenial guests on xenial host doesn't. i'm not sure why you'd want to, the guest hasn't got a clue what storage looks like..	18:57
patdk-wk	it is not possible on ANY linux kernel to do it	18:57
de-facto	sarnold i just want to try different schedulers to compare performance. on an old wheezy i got "cfq" and its fast, on jessie i got "none" and its slow. so i want to change it for comparison	18:59
de-facto	hence my question if xenial would allow me to do that	18:59
sarnold	sure	18:59
sarnold	just not in VMs	18:59
de-facto	:-(	18:59
patdk-wk	de-facto, you have a lot more differences than just the scheduler	19:08
patdk-wk	cause the only reason the scheduler doesn't work, is if your using bio mode of that driver	19:08
patdk-wk	so on wheezy, it doesn't support bio mode	19:08
de-facto	how can i disable bio mode then?	19:10
de-facto	patdk-wk also where can i see if bio mode of what driver is used?	19:13
de-facto	i guess you are referring to /lib/modules/3.16.0-4-amd64/kernel/drivers/block/virtio_blk.ko or similar then	19:16
de-facto	so did everyone pull the openssl update in already?	20:54
karstensrage	yup	20:55
karstensrage	restarted apache, stunnel?	20:55
karstensrage	whats else?	20:56
de-facto	karstensrage maybe something like "apt-cache rdepends openssl" can reveal?	20:58
de-facto	is openssl the correct dependency in that case? or lib...?	20:58
trippeh	libssl1.0.0	20:59
rattking	I did a "lsof \| grep DEL \| grep ssl" to find them	20:59
sdeziel	karstensrage: I use this script to find processes needing a restart: https://github.com/simondeziel/puppet-unix-tools/blob/master/files/sbin/check-deleted-libs	20:59
trippeh	I kind of want to match processes to cgroups which could be matched to systemd units	21:00
trippeh	want to make something to, that is	21:00
de-facto	sdeziel nice one thanks :)	21:03
sdeziel	de-facto: I've also wrote a little nagios check for it: https://github.com/simondeziel/custom-nagios-plugins/blob/master/plugins/check_deleted_libs	21:04
de-facto	very neat indeed :)	21:05
sdeziel	if you run some some VMs, you might be interested by check_qemu_outdated (now I'm done promoting my stuff ;)	21:06
karstensrage	thanks rattking and sdeziel and de-facto	21:10
karstensrage	all restarted	21:10
de-facto	yeah def have to look more into automagic stuff :)	21:10
teward	Does apache2 on systemd systems (such as 15.10 and 16.04) still install an init.d file to /etc/init.d/ ?	21:11
teward	asking because I'm automating a 'restart web services' script to push to my servers and systems via Landscape	21:11
teward	it also reloads ssh too (openssl!)	21:12
sdeziel	teward: yes, the systemd task is just a wrapper around the init script	21:12
teward	s/automating/setting up/	21:12
teward	sdeziel: this would apply for other services such as 'ssh' too?	21:12
* teward is trying to use the existence of the init script for apache or nginx (the two web servers he would ever use) as criterion for a services restart		21:13
sdeziel	teward: for ssh it's a a native task	21:13
teward	sdeziel: SSH has a restart command either way - it's the web servers i'm trying to do this with	21:13
teward	sdeziel: http://paste.ubuntu.com/16208886/ is the 'current' script logic	21:13
teward	but not executed	21:13
teward	yet	21:14
sdeziel	teward: you might want to use the generic "service" wrapper command	21:14
sdeziel	should be working for all versions/daemons	21:14
sdeziel	AFK now	21:15
teward	sdeziel: OK, will do, thanks	21:15
sdeziel	np	21:15
teward	apparently when I set up landscape on clients, it doesn't allow scripts as root - is there a way to fix that easily on multiple systems?	21:24
teward	without me manually redoing the landscape config	21:24
teward	nevermind	21:25
teward	i have a temporary fix :P	21:28
=== tsimonq2alt is now known as tsimonq2
blizzow	upgrading my ubuntu server to xenial is hanging up during the upgrade of the mdadm package. Specifically, it looks like it hangs while trying to stop the currently running mdadm service. Does anyone have an idea how I might get past this hurdle? I tried manually stopping the mdadm service and that's not working. The OS is on md0, so that has me a little concerned.	21:44
autofsckk	hi, i have an isue with the r8169 problem, i think this thing is ancient but it seems to be giving us a lot of problems in some servers, i have strange behaviour on the network, for what ive been investigating i think is because of that module issue	21:51
autofsckk	we use very old productions servers 12.04, could it be possible that this module bug could be hurting this servers? they run 4 of this 05:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 06)	21:52
autofsckk	i get a lot of this on dmesg http://pastie.org/private/ezasoe2ell2kejbaqgfig	21:54
genii	!info firmware-realtek	21:58
ubottu	Package firmware-realtek does not exist in xenial	21:58
genii	Hm	21:58
autofsckk	genii: i was making some iperf test with a dev server to see if i get some info from it but it seems to be working just fine, but when i look at some logs it seems that some errors come from disconnecting	22:01
genii	autofsckk: You might want to try the r8168-dkms package, and see if that helps	22:02
genii	!info r8168-dkms	22:02
ubottu	r8168-dkms (source: r8168): dkms source for the r8168 network driver. In component universe, is extra. Version 8.041.00-1 (xenial), package size 83 kB, installed size 1083 kB	22:02
autofsckk	i mean, when i see some logs from some apps running in the server it shows that those error come from bad network or disconnections, any idea on how could i be sure that the actual module is working right?	22:02
genii	There's no real foolproof way to be able to tell if it's due to actual network disconnections, or the driver, unfortunately	22:04
autofsckk	i couldnt find that r8168-dkms, should i add something to the repos to get it? im sorry i dont know too much ubuntu	22:05
=== IdleOne is now known as Guest64068
autofsckk	genii: you mean i have to make this? https://sikpigs.wordpress.com/2013/10/07/realtek-r8168-on-ubuntu-12-04/ i already downloaded the modules from realtek, compiled them and installed it on a dev server here on the office, but i dont know how to test this stuff locally without the real environment :S well thanks for the tip anyway genii :D	22:10
=== DirtyCajun^ is now known as DirtyCajun
genii	autofsckk: Since the package is in the "universe" repository, you need to enable that repository in your /etc/apt/sources.list file for apt to be able to see it's there after a sudo apt-get update	22:18
autofsckk	genii: ah ok, thanks a lot, ill change that then :D	22:34
=== Guest64068 is now known as IdleOne

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!