=== devil is now known as Guest61712
Aisonwhat's wrong here? nfs-idmapd.service: Control process exited, code=exited status=100:14
=== LaserAllan is now known as LaserAllan-sleep
=== Guest61712 is now known as devil_
=== galeido_ is now known as galeido
=== ShaRose_ is now known as ShaRose
=== Guest19932 is now known as sts
=== payload2 is now known as payload
=== LaserAllan-sleep is now known as LaserAllan
curmetI've developed and tested web app (using a framework) in windows machine successfully, but after I move the app and framework folder , from c:\xampp\htdocs\ to /var/www/html to Ubuntu machine, it encounters errors, "cannot find the requested view" . What changes should I make to Ubuntu machine?10:48
curmetTHanks in advance :)10:48
RepoxHello. I just installed Ubuntu 16.04 and I want to setup Jenkins. Now, I have some options regarding installing OpenJDK, and I can see that most information refers to openjdk-7-jre, but is there any reason why I should want to avoid openjdk-8-jre or openjdk-9-jre?11:35
=== JanC is now known as Guest52941
=== JanC_ is now known as JanC
DulcinHi, is there a way to see how much data my server is using?13:23
ReScOifconfig ?13:24
patdk-wkwhat is *data*?13:25
DulcinWell the problem is, my host tells me my server (which has been there for years) all of a sudden started using 1TB data per day since about 3 weeks ago13:25
Dulcinand they charge 50 cents per gig13:25
DulcinIs there a way to verify this?13:26
patdk-wkyou are running mrtg/munin/cacti/... on it?13:26
patdk-wkmy bet is your infected and sending spam email13:26
patdk-wkand attacking other websites13:26
DulcinI haven't installed those myself. It's a default ubuntu server and I only set up a web server on it13:27
patdk-wkwell, that is safe13:27
Dulcinso what should I start with to find out?13:27
patdk-wkatleast till you install php/cgi'/...13:27
patdk-wkwell, see what is running on the server13:28
patdk-wklog all open connections13:28
poohbear82my website is running on ip that starts with 10. I understand it is on the local network. How do I make it public?13:29
Dulcinok thank you I'll start with that13:30
patdk-wkpoohbear82, ask your network admin13:30
poohbear82well conceptually... what has to happen?13:31
poohbear82I'm trying to understand13:32
hateballpoohbear82: NAT has to happen13:32
=== _ruben_ is now known as _ruben
patdk-wkwe don't know what has to happen, as we don't manage his network13:35
patdk-wknat, or public ip assigned, or vlan move, or ....13:35
patdk-wkso many options, nothing we can really help with13:35
patdk-wkor just forget about this ipv4 stuff, and use ipv613:36
poohbear82Ok, thank you.13:36
Dulcinpatdk-wk, I'm a bit at a loss here, can you point me in the right direction?14:00
DulcinI checked the auth.log and I see a bunch of ssh attemps on root user, but that's locked14:00
Dulcinwhen I check 'who' I'm the only one logged on14:00
DulcinI checked netstat -tupn14:01
DulcinMost seems to be webserver connections14:01
patdk-wkI never said to check auth.log14:07
patdk-wkthat is normally useless14:07
DulcinSorry I'm a web developer with limited knowledge on these things14:07
patdk-wkif your compromised, and it shows in auth.log, you have issues14:08
patdk-wkit's almost always the web that is broken14:08
Dulcinpatdk-wk: but these attemps seem to fail14:13
DulcinWhat do I do to check if I'm compromised?14:13
patdk-wkyes, and failed attempts are not a compromise14:13
patdk-wkthey are just normal random internet noise14:13
patdk-wkeverything :)14:14
patdk-wkyou don't know how you are compromised, or if you are, so the only way to know is to check everything14:14
patdk-wkbut there are only two reasons for increased internet traffic14:14
patdk-wkligit, increased usage of your server14:14
patdk-wkor non-ligit, compromised server14:14
patdk-wkI'm betting it's compromised, and likely via the webserver14:15
patdk-wkso looking in auth.log is likely pointless14:15
patdk-wkunless you have really weak passwords14:15
DulcinI dont think I do, they all have lower-upper case and special characters in them14:16
patdk-wkit's possible someone compromised your password, but normally that is very rare14:16
patdk-wkcompared to a website getting compromised14:17
Dulcinso, then I should check the web server logs?14:17
patdk-wksure, but that won't likely tell you much14:17
Dulcinhow do I proceed?14:17
patdk-wknormally the most help those are, is after you find the comprise, to locate when it was first used, and put in place14:17
patdk-wklike I said above14:18
patdk-wklook for anything running that sholdn't be14:18
patdk-wklook for any new files on your server14:18
patdk-wkanything that doesn't belong14:18
patdk-wkor if you just don't care, scrape the server and reinstall it14:18
patdk-wkhopefully without whatever was that let them in14:19
Dulcinpatdk-wk: just got a call from my host, they finished their investigation...14:20
Dulcinpatdk-wk: they made an error in their calculation...14:20
DulcinI did not use 13TB in 12 days :|14:20
patdk-wkI would recommend you install mrtg/munin/cacti/... to monitor your usage14:22
GazbyHi everyone. Is it OK to install the ubuntu-server package (http://packages.ubuntu.com/xenial/ubuntu-server) post-install? The basic images you often get are missing several packages from a server install so I like to fix that, but open-iscsi fails to start when installing ubuntu-server so the install fails.14:22
patdk-wkif nothing else, you will be able to see and predict when your usage changes and account for it14:22
=== disposab1e is now known as disposable
Dulcinpatdk-wk: any preference to those?14:23
patdk-wkpersonally I perfer munin14:23
patdk-wkthough I use cacti also14:23
patdk-wkjust cacti is kind of overbearing14:23
patdk-wklots of poeple seem to like graphite14:24
patdk-wkall have different levels of setup complexity14:24
Gazby+1 for munin14:24
Gazbygraphite is amazing, but a lot more work than munin, and probably for a more narrow use case14:25
PiciI'm using graphite + grafana here for some random stuff, I like it a lot.14:28
Gazbyoh that's very sexy14:29
RoyKI've started setting up zabbix for testing.14:29
Gazbywe used dashing http://dashingdemo.herokuapp.com/sample14:29
RoyKGazby: commercial thing?14:30
Gazbybuilt by shopify, floss14:30
* patdk-wk should floss14:32
Picigrafana+graphite: http://i.imgur.com/uIyQWSS.png14:32
* patdk-wk is now just a stat on pici's graph14:33
Gazbythat's gorgeous14:33
geniiPici: Are those three spikes netsplits?14:41
Picigenii: yes. I put an annotation thing in, but it doesn't work that well yet: http://i.imgur.com/A6OS1Bk.png14:43
=== Guest99396 is now known as karstensrage
PiciI'll open it up to ops once I figure out how to separate out my own personal dashboards out.  I have some of my own servers in there, plus I'm tracking unread emails and I'm working on another small project to feed some more esoteric data in.14:45
* genii makes sure the coffee keeps coming14:47
Gazbyhave posted my question here: http://askubuntu.com/questions/766920/how-to-install-packages-from-basic-with-a-minimal-install14:53
* patdk-wk never uses anything > ubuntu-minimal14:54
patdk-wkbut why would open-iscsi fail?14:55
patdk-wkare they using some odd kernel? openvz thing?14:55
Gazbyit happens on linode, standard kvm, and vultr15:00
Gazbymy understanding is that it always fails and the ubuntu installer just ignores it15:01
Gazbyyou'll find it failing in the dmesg of any basic install15:01
TJ-Gazby: looks like bug 157634115:03
ubottubug 1576341 in systemd (Ubuntu) "fails in lxd container" [Undecided,Confirmed] https://launchpad.net/bugs/157634115:03
patdk-wkthat wouldn't affect kvm15:05
Gazbyi had seen that, the log output differs from mine also15:05
PiciGazby: hrm.  I remember needing to a bit of steps on my linode when I setup my linode, but that was a while ago and I don't recall seeing that error.15:09
Gazbyi could probably cobble something together is `tasksel --list-packages` was outputting a package list. i've no idea what the output of "^server" means15:11
mike-zalI don't have apache on my server and yet during a boot system tries to open it. I get: The apache2 instance did not start within 20 seconds... etc. it slows down my boot15:11
mike-zalhow can I get rid of this automatic apache start?15:12
PiciGazby: you may want to ask #linode on oftc.net as well.15:12
Piciwhich reminds me, I should rejoin that too.15:13
mike-zalit showed afer I tried and installed webmin and then uninstalled it (with a script, just like instructed on their site)15:13
* patdk-wk is testing it15:13
patdk-wkmike-zal, well, then you screwed it up15:13
mike-zalI know :P15:13
patdk-wkand you will have to ask their website what the script did15:13
patdk-wkand undo it15:13
patdk-wknot sure we have any idea what happened15:13
mike-zalshit, sorry15:13
patdk-wkGazby, it worked fine for me15:14
mike-zalok, so new install. it's testing anyway so far15:14
patdk-wkI installed a ubuntu-minimal15:14
patdk-wkthen did an apt-get install ubuntu-standard15:14
patdk-wkit installed and worked just fine15:14
patdk-wkno issues15:14
mike-zalnext time I won't install webmin. it's overkill for me15:14
mike-zalajenti works just fine and should be sufficient15:15
patdk-wkso whatever they did to make their *custom* ubuntu 16.04 image, broke it15:15
patdk-wkassuming it really is kvm, full vritualization and not openvz15:15
patdk-wkbut then, everything is assumed to be broken on openvz/lxc/...15:15
mike-zalis it safe to install server 16.04?15:16
patdk-wkwhat is safe?15:16
Gazbypatdk-wk: i'm trying to instal ubuntu-server not ubuntu-standard15:16
mike-zaldesktop version has cleary issues and I wonder if that's not transferred into server, although it shouldn't since there is no gui15:16
mike-zaljust asking what is the general opinion on this15:16
mike-zalthey screwed desktop and that lowever trust overall in 16-0415:17
patdk-wkdepends on what you call *safe*15:17
mike-zalhence my wondering wheter I should insyall it or 14.0415:17
* patdk-wk wonders what is screwed up in desktop15:17
mike-zalmostly the new software center15:17
patdk-wkpeople actually use that?15:18
mike-zalit doesn't find packages that are available through apt-get15:18
naccthat issue is supposed to be fixed soon, though, iiuc?15:18
patdk-wkmy only issue is the gnome toolbar15:18
patdk-wkthat the gnome method to disable them doesn't work15:18
mike-zalalso this other program, what was it? for manging packages. syn something?15:18
=== shadeslayer_ is now known as shadeslayer
mike-zalalso doesn't see those packages. but they are possible to install via terminal15:19
mike-zalthat's a major screw up and people are talkig about it15:19
mike-zalanyway, that's gui problem so probably not related to servers15:19
naccalso "screwed" is a bit of an overstatement (IMO), and that's also why LTS -> LTS upgrades aren't offered yet :)15:20
nacc(again IMO)15:20
* patdk-wk did a raw install, no upgrades15:20
patdk-wkoh, ubuntu-server is a new package, didn't used to exist15:23
patdk-wkno wonder I was confused15:23
patdk-wklooks like everything I don't use, no wonder I'm not too interested in it15:23
mike-zalI red release log, there are mainly changes in packages version15:24
patdk-wkonly items in it, ethtool, patch, vlan15:24
Gazbyit exists in 14.04, that's why i'm trying to install it on 16.04, been doing it on trusty forever15:25
mike-zalI'll give 16.04 try. there is no point of using old system and packages for the next few years15:25
patdk-wkI looked in 14.04, it tells me no package15:25
patdk-wkapt-cache show ubuntu-server15:25
patdk-wkN: Unable to locate package ubuntu-server15:25
patdk-wkE: No packages found15:25
mike-zaland release upgrae is a bit risky15:25
naccrmadison says only xenial + yakkety, fwiw15:25
mike-zalnacc: did you install 16.04?15:27
naccmike-zal: a few months ago, yeah15:27
patdk-wkI have around 20 16.04 installs so far15:27
mike-zaland no problems?15:27
patdk-wkonly the one on my laptop that uses the gnome scrollbars15:27
patdk-wkit's damned impossible to use those scrollbars on a 4k screen that is 15"15:28
mike-zalok, got the iso. will launch startup15:28
naccmike-zal: none, but this is on a desktop (and i'm running ubuntu gnome, technically, i guess)15:28
mike-zalI'm installing in VB for educational purposes15:28
mike-zallearning some basics15:28
mike-zalI'm planning to buy cloud VPS and move my shop there15:29
mike-zalovh will have 16-04 probably ready in summer, at least so they told me over the phone a month ago.. :P hopefully quicker15:30
patdk-wkok, ubuntu-server installed manually on ubuntu-minimal15:30
patdk-wkinstall worked, reboot worked15:30
rbasakpatdk-wk: ubuntu-server is a metapackage generated from the server seed, new in Xenial. It's there so that if a user removes packages depended on by ubuntu-server, they know that they may be breaking something by no longer having what we call "Ubuntu Server", and on future release upgrades we can add to the list so users' systems can follow along.15:44
daftykinshey folks, i have an OpenVPN setup running on a 14.04.4 server (so vivid HWE) that is proving to be wholly unreliable, might the 4.2 kernel have issues with openVPN?15:45
rbasakubuntu-desktop etc. already did something similar.15:45
daftykinsreliability woes manifest as webpages sporadically loading through the tunnel... network resources failing one moment that don't the next... etc.15:46
mike-zalout of curiosity, if you decided for ubuntu server then why? why ubuntu and not centos or debian?15:46
daftykinsmike-zal: just checking, was that query to someone else?15:46
patdk-wkrbasak, you oviously where not following along15:46
patdk-wkrbasak, read Gazby15:47
mike-zalthat was for anyone who is willing to share15:47
patdk-wkdamn bot15:47
daftykinsmike-zal: run what you like, it's not apt to ask for opinions in distro specific channels15:47
mike-zalok, then let me rephrase. why do you like ubuntu server? just curious. I have my reasons to choose it but I'd like to know why others use it15:48
mike-zalI'm not looking for other server if that is what you are implying daftykins15:49
daftykinsmike-zal: sorry i don't follow15:49
patdk-wkyes, but those reasons are specific to that person, and rarely relates to others15:49
mike-zalmine are simple. I don't know much about servers so I15:50
mike-zalso I'd better stick to ubuntu since I know it a little15:50
mike-zalwhile debian or red hat systems are totally strange for me15:50
daftykinsdebian'd be the same experience pretty much15:50
mike-zalplus, there is lot of stuff on the net about ubuntu server so in case of questions, it's easy to look for answers15:51
mike-zalalso, ubuntu seems to be more newbie friendly15:51
patdk-wkubuntu is *debian based*15:52
patdk-wkso for debian to be strange, would be really strange :)15:52
mike-zalI know but there must be sime differences. never tried pure debian15:52
PiciUbuntu's releases are easier to understand.15:52
daftykinsin the past i found ubuntu had sane configuration defaults for packages, whereas you may install the same package on a debian machine and it just wouldn't even run15:53
mike-zalso it seems that ubuntu is more user friendly after all15:54
WOWI meet a problem and can't figure it out for a couple of days...15:56
PiciWhats up?15:56
WOWneed help...15:56
WOWWe have multiple trusted domains.15:56
daftykinsWOW: type it all on one line if you can, volunteers don't want to read a page of scrollback15:57
WOWI built one ubuntu server to join domain A..Works perfect..15:57
WOWI can use command id, su -...15:57
* patdk-wk wonders what a trusted domains is15:58
daftykinswindows server term probably15:59
daftykinsi.e. active directory domains15:59
WOWI built another ubunbu server to join domain B, same steps, only different domain name..after I join the ubuntu server to domain B. I can see this server listed in domain B. I can login to the ubuntu server by build in administrator account only..Can't use any other domian accounts to login to the server or run id or su - command..If I run id command, it gives me " no such users"16:00
patdk-wkya, active directory defines it, domain doesn't could be dns, could be network, could be hundreds of things16:01
WOWI have compared the settings of these two boxes...the only different is domain name...DNS works will16:03
WOWany special logs I can check...16:03
daftykinsyes authentication related ones16:05
WOWI am using sssd+ realmd16:11
WOWby default all the domain use should be able accesss the box once it is joined to domain...16:11
WOWno issue on box one which was joined to domain A16:12
WOWDoesn't work on the second box which was joined to domain B...16:12
WOWrunnning out of idea at all16:12
WOWI can see the second box in the AD...16:13
daftykinsyeah so read the auth logs when trying as a domain user16:14
tgm4883Has anyone used altermime to add a multiline disclaimer to all postfix emails? I've got it adding it, but it's making my disclaimer a single line16:16
WOWApr 29 15:16:18 ubuntutest login[2551]: pam_unix(login:auth): check pass; user unknown Apr 29 15:16:18 ubuntutest login[2551]: pam_unix(login:auth): authentication failure; logname=administrator@MYDOMAIN.COM uid=0 euid=0 tty=/dev/tty1 ruser= rhost= Apr 29 15:16:18 ubuntutest login[2551]: pam_sss(login:auth): authentication failure; logname=administrator@MYDOMAIN.COM uid=0 euid=0 tty=/dev/tty1 ruser= rhost= user=MYDOMAIN.COM Apr 216:19
WOWhere is the logs16:19
WOWI don't quite understand...16:19
ReScOLDAP is kicking my ass :(16:20
ReScOcan't think of a proper structure16:21
WOWYou know what, I am going to try samba + winbind16:27
WOWand see if different result...16:27
mike-zalwhy sudo restart ssh says that there is no such command?16:29
geniimike-zal: Because you want something more like sudo service ssh restart16:30
mike-zalgenii: thanks :)16:31
ReScOAnyone in here a bit more experienced with setting up LDAP in a corporate environment?16:31
=== InfoTest1 is now known as InfoTest
mike-zalshit, can't connect to ssh from host computer. it's not doing anything :(16:35
mike-zaldoes ssh has to be opened in ufw first?16:35
tarpmanReScO: #ldap is a good channel for discussions of LDAP in general16:37
geniimike-zal: You're syaing that: ssh localhost  ..or: ssh     or: ssh <exact IP of the host computer>  while on the host computer does not work?16:37
mike-zalI do: ssh root@localip and nothing. cursor moves to the next line16:38
mike-zalI got actually only netowork IP and I use that16:39
geniiTry a non-root account16:39
geniiwork, AFK16:39
mike-zalthe same16:40
mike-zalmaybe I have something wrong on server16:40
geniimike-zal: Do you have openssh-server package installed?16:43
mike-zalok, found it. ufw was blocking it. added rule for ssh16:43
mike-zalgenii: thanks16:43
* genii wanders back to work 16:45
=== pmatulis_ is now known as pmatulis
mike-zalhow to install mysql database?17:00
tewardmike-zal: sudo apt-get install mysql-server17:00
mike-zalsudo mysql_install_db seems to be deprecated17:00
mike-zalI already got it17:00
tewardmike-zal: then I fail to understand your question17:00
tewardthe 'automatic configuration' is done during the apt-get install phase17:00
mike-zalit says "Please consider switching to mysqld --initialize"17:00
tewardand sets up the 'mysql' server17:00
mike-zalok, then maybe that is why I get "[ERROR] --initialize specified but the data directory has files in it. Aborting."17:01
mike-zalI'm looking on 14.04 instalation guide so some things are outdated obviously17:02
mike-zalin 14.04 it had to be done manually17:02
mike-zalis php5-fpm ok for 16-04?17:07
mike-zalI guess not, because I got that it doesn't have accessible version17:10
tewardmike-zal: there's no php5-fpm in the repositories17:16
tewardmike-zal: I wrote a blog post about how to get *a* version of php5.6 for the system, but it's not an official Ubuntu-supported method because PPA17:17
ubottuA Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge17:17
tewardmike-zal: http://dark-net.net/?p=12817:17
tewardmike-zal: you can try php7.0-fpm first though17:22
tewardmike-zal: though you may have some headaches getting it to the same point your php5-fpm was at17:22
mike-zalyeah, I found and installed php717:24
mike-zalwas just looking on outdated info17:25
tewardmike-zal: MOST guides are not updated for 16.04 :P17:25
mike-zalon digital ocean is17:25
mike-zalat first I thought they didn't so I followed old tutorial but then I found newer version17:26
mike-zalso far they have the best guides17:26
daftykinsbear in mind DO is a bit different from stock ubuntu, such as being email'd root passwords instead of a user which can sudo - although you can easily implement this setup then disable root SSH login (which is sane security practice)17:26
tewarddaftykins: though, most VPS providers fall into that category17:27
teward(RamNode let me use an ISO to reinstall my VPS though, so I was able to do the full from-scratch setup on the KVM VPS heh)17:27
mike-zalok, thanks. will read about securing server later. in guide there are some basic notes how to disable the most insecurities but I'm sure that's not all. besides this is testing server so I don't want to set all security measures just yet17:28
mike-zalI'm complete newbie so I have to go with some very simple to understand guides17:29
daftykinsno you should do the user management bits from the beginning17:31
axisyshow do install a older version of package? I want to install offlineimap from trusty into xenial18:01
axisyssudo apt-get -t=trusty install offlineimap did not work18:02
axisysThe value 'trusty' is invalid for APT::Default-Release as such a release is not available in the sources18:02
daftykinsyou can't pick a version based on distro name18:03
daftykinsit's also *highly* inadvisable to try to take one from an older release18:04
hallynsmb: sarnold: arges: *completely* unpredictably, i'm running into trouble trying to use both groups libvirt and libvirtd :)18:04
axisysdaftykins: had been trying to current version working for few days.. so using docker to run older version and running offlineimap from it with shared folder for Maildir/ .. but I like to run it from outside docker18:05
daftykinsaxisys: so the point is you're running... 16.04? and this ones is broken?18:06
axisysdaftykins: actually correctly speaking.. this one fixed the certificate issue and I cannot make the imap ssl work anymore.. older version silently ignored it and was working fine.. :-)18:07
axisysdaftykins: may be I should take this discussion back to #offlineimap again :-)18:08
daftykinsor run 14.0418:08
axisyslast time it was quite...18:08
axisysalready upgraded to 16.0418:08
axisysso downgrading to 14.04 would be lot of work.. so vagrant or docker are my only solutions to use older distro18:09
daftykinswell you can't downgrade, you'd simply spin up a VM for these times18:09
daftykinsback to their channel it is then by the sounds :)18:09
axisysI do not want to start a whole new VM with vagrant.. so picked docker..18:09
axisysdaftykins: :-)18:09
axisysdaftykins: docker works really well.. but i need to work a little bit more for a persistent cache.. or it is kind of slow..18:10
hallynbah, bc it's trying to be too smart:18:11
hallynsudo addgroup --system --gid 117 libvirt18:11
hallynaddgroup: The GID `117' is already in use.18:11
hallyn-o i guess18:12
daftykinsdocker != VM as far as i follow it18:22
sarnoldhallyn: *shocked* I'm shocked I say!18:27
hallynsarnold: i'm gonna give it one more go and if that fails i'll just punt on the switching to libvirt gorup for now :)18:27
ppetrakihallyn, apw, so we just find the coolest g++-5.0 compiler bug  - https://bugs.launchpad.net/ubuntu/+source/gcc-5/+bug/157789118:29
ubottuLaunchpad bug 1577891 in gcc-5 (Ubuntu) "Placement new destructor call optimized out" [Undecided,New]18:29
hallynppetraki: "c++ lolz"  :)18:30
* hallyn hasn't used a c++ class since 200118:30
ppetrakihallyn, it's how real work get's done ;)18:31
hallynyou know this actually rings a bell18:31
hallynwasn't there some libc bug or kernel bug causing a memset to always write 0s instea dof the requested bytes, or something?18:31
ppetrakihallyn, me neither, until I started working here. No reason to use anything else.18:31
sarnoldppetraki: the heck does this mean? :) "Signature *sp = new(p) Signature();"18:31
ppetrakisarnold, "write your stuff here"18:31
ppetrakiaka placement new18:32
sarnoldin. sane.18:32
ppetrakiyou get used to it, rarely used to be honest, but when you need it you need it18:32
ppetrakiwhat's insane is optimizing out functions that I call18:33
sarnoldI can imagine that if you were going to have afew million objects of a given type that you might want to use this thing with slabs that grow and shrink etc..18:33
ppetrakiwe do18:33
ppetrakirepresents a SHA118:33
hallynppetraki: well you wanted optimization, give us a prize for giving you what you want18:33
hallynwhat's faster than "don't do it"18:33
ppetrakiwell, since it's a sha, and sha names the data, we'll never find it again. so that's kinda bad for a storage array18:34
hallynjust blame it on btrfs18:34
ppetrakihallyn, you can blame everything on that. It's not even fun anymore18:35
daftykinscan't spell butterfingers without btrfs!18:35
* daftykins ducks18:35
hallynheh ppetraki wants a challenge18:35
sarnoldppetraki: hopefully useful: http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html18:35
* hallyn looks on amazon for BOFH calendar18:35
hallynsarnold: maybe but not until the compiler is fixed i'm guessing :)18:36
ppetrakisarnold, interesting...18:36
* ppetraki tries18:36
sarnoldhallyn: that may still be the end result, yes. but memset_s() or secure_memzero() may be ways to tell the compiler that they aren't noops and can't be optimized away18:37
hallynoh, i see.18:37
axisysdaftykins: right docker is a container.. VM is OS over Host+Software as hypervisor18:39
de-factodoes xenial server support using i/o schedulers as kvm guest?18:40
ppetrakisarnold, is it in 16.04? can't build using this example, http://en.cppreference.com/w/c/string/byte/memset18:40
bekksde-facto: that question doesnt make much sense.18:40
patdk-wkde-facto, what does that mean?18:40
bekksde-facto: an I/O scheduler is not some kind of vm.18:41
de-factobekks im asking because some distros deactivate schedulers when used as kvm guests (e.g. you cannot set schedulers on /dev/vda)18:41
patdk-wkyou can do that, but it's rather pointless18:42
patdk-wkcause any scheduling you do, will be *redone*, so your just wasting cpu/memory18:42
sarnoldde-facto: I understand only cfq scheduler supports the io priorities anyway, and afaict everyone hates that scheduler18:43
sarnoldppetraki: it may require a different -std= ..18:43
patdk-wkcloud-at-cost has a 10second delay programmed into their scheduler :)18:44
sarnoldpatdk-wk: holy18:44
de-factoyeah but what if i want to do it anyhow? is it possible on xenial or blocked?18:44
sarnoldpatdk-wk: that's one way to discourage disk IO :)18:44
sarnoldde-facto: I've never seen an error message from ionice :) I assume you'll continue executing just without the classes you expected18:44
de-factoe.g. will         echo "cfq" > /sys/block/vda/queue/scheduler ; cat /sys/block/vda/queue/scheduler         yield something else than "none" on xenial as kvm guest (virtio /dev/vda)?18:46
* patdk-wk still wonders what your attempting to gain18:49
sarnoldde-facto: hah, looks like that fails.18:51
ppetrakisarnold,  nm -D /lib/x86_64-linux-gnu/libc.so.6 | grep memset_s18:52
ppetrakisarnold, no results, memset is there, I don't think it made it https://sourceware.org/ml/glibc-bugs/2015-01/msg00193.html18:52
ubottusourceware.org bug 2015 in binutils "Segfault in setlocale() call makes programs unusable" [Normal,Resolved: invalid]18:52
sarnoldppetraki: :(18:52
ppetrakisarnold, but I can look for alternatives, now that I know that this exists. Thank you, that was helpful.18:53
patdk-wkdoes the vda driver even support schedulers?18:53
patdk-wkstill don't get why you would want to18:53
patdk-wkany ordering you do, will be redone with the hosts scheduler18:54
de-factosarnold so its not possible to change scheduler in xenial on such a scenario either then?18:56
patdk-wk"For better performance of I/O-intensive applications, a new I/O path was introduced for the virtio-blk interface in kernel version 3.7. This bio-based block device driver skips the I/O scheduler, and thus shortens the I/O path in guest and has lower latency. It is especially useful for high-speed storage devices, such as SSD disks. "18:57
sarnoldde-facto: at least my xenial guests on xenial host doesn't. i'm not sure why you'd want to, the guest hasn't got a clue what storage looks like..18:57
patdk-wkit is not possible on ANY linux kernel to do it18:57
de-factosarnold i just want to try different schedulers to compare performance. on an old wheezy i got "cfq" and its fast, on jessie i got "none" and its slow. so i want to change it for comparison18:59
de-factohence my question if xenial would allow me to do that18:59
sarnoldjust not in VMs18:59
patdk-wkde-facto, you have a lot more differences than just the scheduler19:08
patdk-wkcause the only reason the scheduler doesn't work, is if your using bio mode of that driver19:08
patdk-wkso on wheezy, it doesn't support bio mode19:08
de-factohow can i disable bio mode then?19:10
de-factopatdk-wk also where can i see if bio mode of what driver is used?19:13
de-factoi guess you are referring to /lib/modules/3.16.0-4-amd64/kernel/drivers/block/virtio_blk.ko or similar then19:16
de-factoso did everyone pull the openssl update in already?20:54
karstensragerestarted apache, stunnel?20:55
karstensragewhats else?20:56
de-factokarstensrage maybe something like "apt-cache rdepends openssl" can reveal?20:58
de-factois openssl the correct dependency in that case? or lib...?20:58
rattkingI did a "lsof | grep DEL | grep ssl" to find them20:59
sdezielkarstensrage: I use this script to find processes needing a restart: https://github.com/simondeziel/puppet-unix-tools/blob/master/files/sbin/check-deleted-libs20:59
trippehI kind of want to match processes to cgroups which could be matched to systemd units21:00
trippehwant to make something to, that is21:00
de-factosdeziel nice one thanks :)21:03
sdezielde-facto: I've also wrote a little nagios check for it: https://github.com/simondeziel/custom-nagios-plugins/blob/master/plugins/check_deleted_libs21:04
de-factovery neat indeed :)21:05
sdezielif you run some some VMs, you might be interested by check_qemu_outdated (now I'm done promoting my stuff ;)21:06
karstensragethanks rattking and sdeziel and de-facto21:10
karstensrageall restarted21:10
de-factoyeah  def have to look more into automagic stuff :)21:10
tewardDoes apache2 on systemd systems (such as 15.10 and 16.04) still install an init.d file to /etc/init.d/ ?21:11
tewardasking because I'm automating a 'restart web services' script to push to my servers and systems via Landscape21:11
tewardit also reloads ssh too (openssl!)21:12
sdezielteward: yes, the systemd task is just a wrapper around the init script21:12
tewards/automating/setting up/21:12
tewardsdeziel: this would apply for other services such as 'ssh' too?21:12
* teward is trying to use the existence of the init script for apache or nginx (the two web servers he would ever use) as criterion for a services restart21:13
sdezielteward: for ssh it's a a native task21:13
tewardsdeziel: SSH has a restart command either way - it's the web servers i'm trying to do this with21:13
tewardsdeziel: http://paste.ubuntu.com/16208886/ is the 'current' script logic21:13
tewardbut not executed21:13
sdezielteward: you might want to use the generic "service" wrapper command21:14
sdezielshould be working for all versions/daemons21:14
sdezielAFK now21:15
tewardsdeziel: OK, will do, thanks21:15
tewardapparently when I set up landscape on clients, it doesn't allow scripts as root - is there a way to fix that easily on multiple systems?21:24
tewardwithout me manually redoing the landscape config21:24
tewardi have a temporary fix :P21:28
=== tsimonq2alt is now known as tsimonq2
blizzowupgrading my ubuntu server to xenial is hanging up during the upgrade of the mdadm package.  Specifically, it looks like it hangs while trying to stop the currently running mdadm service.  Does anyone have an idea how I might get past this hurdle? I tried manually stopping the mdadm service and that's not working.  The OS is on md0, so that has me a little concerned.21:44
autofsckkhi, i have an isue with the r8169 problem, i think this thing is ancient but it seems to be giving us a lot of problems in some servers, i have strange behaviour on the network, for what ive been investigating i think is because of that module issue21:51
autofsckkwe use very old productions servers 12.04, could it be possible that this module bug could be hurting this servers?  they run 4 of this  05:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 06)21:52
autofsckki get a lot of this on dmesg   http://pastie.org/private/ezasoe2ell2kejbaqgfig21:54
genii!info firmware-realtek21:58
ubottuPackage firmware-realtek does not exist in xenial21:58
autofsckkgenii:  i was making some iperf test with a dev server to see if i get some info from it but it seems to be working just fine, but when i look at some logs it seems that some errors come from disconnecting22:01
geniiautofsckk: You might want to try the r8168-dkms package, and see if that helps22:02
genii!info r8168-dkms22:02
ubottur8168-dkms (source: r8168): dkms source for the r8168 network driver. In component universe, is extra. Version 8.041.00-1 (xenial), package size 83 kB, installed size 1083 kB22:02
autofsckki mean, when i see some logs from some apps running in the server it shows that those error come from bad network or disconnections, any idea on how could i be sure that the actual module is working right?22:02
geniiThere's no real foolproof way to be able to tell if it's due to actual network disconnections, or the driver, unfortunately22:04
autofsckki couldnt find that r8168-dkms, should i add something to the repos to get it? im sorry i dont know too much ubuntu22:05
=== IdleOne is now known as Guest64068
autofsckkgenii:  you mean i have to make this?  https://sikpigs.wordpress.com/2013/10/07/realtek-r8168-on-ubuntu-12-04/   i already downloaded the modules from realtek, compiled them and installed it on a dev server here on the office, but i dont know how to test this stuff locally without the real environment :S well thanks for the tip anyway genii :D22:10
=== DirtyCajun^ is now known as DirtyCajun
geniiautofsckk: Since the package is in the "universe" repository, you need to enable that repository in your /etc/apt/sources.list file for apt to be able to see it's there after a sudo apt-get update22:18
autofsckkgenii:  ah ok, thanks a lot, ill change that then :D22:34
=== Guest64068 is now known as IdleOne

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!