[00:13] <Sachiru> For NAS boxes for remote sites, (which run one or two Nginx + PHP-FPM + MariaDB + Ruby stack VMs), what's a good lightweight log collection and analysis tool? These boxes are lightweight, Core i3s with 16GB of RAM only.
[00:17] <nacc> Sachiru: i have no idea on the details, but maybe look at logwatch?
[00:54] <arges> hallyn: make it so
[02:16] <hallyn> arges: oh ye of too much faith
[02:19] <zorbsone> how do I show directory files in say /var/www/html/school on the internet. I keep getting error 403. I've chmodded it and it looks like this: (4 drwxr-xr-x 3 root root    4096 May  9 15:20 school) -- Inside the directory the files are set as:  -rwxr-xr-x 1 root root; any ideas?
[02:23] <SierraKomodo> zorbsone: For apache (Not sure on other web server software), the director and files should be owned by www-data:www-data
[02:23] <SierraKomodo> directory*
[02:37] <sarnold> SierraKomodo: the ownership doesn't matter so long as the modes allow the web server process to read the files
[02:38] <SierraKomodo> Fair point; usually easiest to provide ownership to directories/folders in /var/www in my experience though
[02:39] <SierraKomodo> Better response probably would've been 'The directory and files should be readable by www-data, and the directory executable by www-data'
[02:39] <SierraKomodo> In hindsight, should also have checked .htaccess to see if indexes was denied.
[07:24] <smb> hallyn, Meh, no fun without some risk. And I would not really expect us to want to go back anyway. :)
[07:54] <danbuntu> Hi all I'm trying to get some eyes on #1579818
[07:54] <danbuntu> The recent samba upgrade has borked winbind/ mod_auth_ntlm
[07:54] <danbuntu> This is causing a fair bit of grief in the moodle/ education community as it's broken single sign on
[08:33] <Takumo> Hi all, anyone got a workaround for installing PHP 5.6 on Xenial?
[08:35] <cpaelzer> nacc: did you look at samba recently? - any idea about bug 1579818 mentioned above by danbuntu
[09:07] <sexytime> say i got a new box. and i installed ubuntu server on it. i would like to remove everything that i wont be using the server for. in this case. all im going to run in this box is a nodejs server
[09:07] <sexytime> keeping this in mind. how would you recommend i go about removing the stuff i do not care for
[09:08] <sexytime> i heard in #ubuntu that just doing a minimal install is fine enough. is that correct?
[09:08] <rbasak> Define what you want removed.
[09:08] <rbasak> A default server install is fine enough, too.
[09:08] <rbasak> If you don't want the default, then you need to say what you want removed.
[09:09] <sexytime> everything that does not hinder my ability to run with the nodejs server
[09:09] <sexytime> sorry
[09:09] <rbasak> So things like bash autocomplete?
[09:09] <sexytime> anything that does not relate with the nodejs server
[09:09] <sexytime> ok maybe not that
[09:09] <rbasak> And less, to view manpages?
[09:10] <rbasak> It's all these little things that we make sure the default install has. So a sysadmin is comfortable.
[09:10] <sexytime> hm. i think i'll be fine with the minimal install. + sshd
[09:11] <rbasak> There's also http://cdimage.ubuntu.com/ubuntu-core/xenial/daily-preinstalled/current/ if you want to start from an absolutely minimal filesystem. The only thing that works is the package manager so you can install packages to do things. But many things aren't present - eg. no DHCP client support.
[09:13] <sexytime> hm nice. i'll give it a thought
[09:13] <sexytime> thank you rbasak
[09:14] <sexytime> sorry im a bit noob with ubuntu servers. what other package managers etc are on there in a default minimal install? i know there is apt-get and pip. any other i should be aware of and keep upgrading?
[09:15] <sexytime> i wish to keep my software updated at all times for security reasons. thats why
[09:17] <rbasak> On a default install, apt is sufficient.
[09:17] <sexytime> alright thank you so much. i appreciate the help
[09:18] <rbasak> If you use a third party package manager, then updates for what you install through there are up you to use that tool, eg. pip.
[09:19] <sexytime> yeah. i was trying to ask what comes with the default that i may not be aware of
[09:19] <sexytime> the stuff i add i try to remember the best i can
[10:51] <lovetruth> hello :)
[10:51] <lovetruth> I am looking for some good ERP software which: *is opensource; *uses sql; *can do document management/tracking -> preferably, using the already in use samba server as storage (already have a directory/file structure for the files...); *has some web interface; *if possible, with email notification of users that they have new document to review/approve
[10:51] <lovetruth> ubuntu server 14.04 here
[10:53] <lovetruth> taking a look at Alfresco and OpenKM right now...
[10:57] <hateball> lovetruth: there is odoo, dont remember if it has all those bits. also it was a bit of a pain to setup, docs are scarce
[11:06] <lovetruth> one of the most important requirements for the erp software is to be able to do tracking (where the doc is)/review (view and change something if needed, with any software the user chooses - this is why the ERP should have cifs/samba support for file storage, with directory structure of documents chosen by me)/approval (view and eventually send/etc the document). I should be able to set some serial workflow for the document, 
[11:08] <lovetruth> like: document created on samba server, folder X/y/Z. User A notified, has to review. User A finnished, User B notified. User B now reviews... etc, User C, etc. Some admin users can view at least where the document is, where the workflow stoped, etc...
[11:28] <bigon> hi
[11:29] <bigon> are there any objections if I'm hijacking the "selinux" package name in debian?
[11:29] <bigon> ATM we have a selinux-basics package in debian an I was thinking about renaming it
[11:30] <bigon> in ubuntu I see that there are some upstart scripts there
[11:30] <bigon> do you actually care?
[11:31] <bigon> last upload of that package is 2012, so...
[11:51] <pirx_> hello! how do i go about fixing apt dependency problems like this? any idea? http://pastebin.com/i8zzgnRf
[11:58] <rbasak> pirx_: do you have apt repositories for both lucid and precise enabled? That can cause problems like this.
[11:59] <rbasak> pirx_: if apt complains that something is needed and is not going to be installed, you can add that to the install line explicitly, and then apt should tell you why it cannot be installed.
[11:59] <pirx_> will try!
[12:11] <pirx_> No apport report written because MaxReports is reached already
[12:11] <pirx_> rbasak: how can i see if repos are enabled for both lucid and precise?
[12:12] <pirx_> when that server was originally installed, an external repo for postgres was added
[12:12] <pirx_> sources.list.d/pitti-postgresql-lucid.list
[12:12] <pirx_> but that repo is commented out in that file now
[12:13] <pirx_> now i removed it even
[12:13] <pirx_> doing apt update again
[12:14] <pirx_> same thing
[12:15] <rbasak> pirx_: perhaps you don't still have the repos enabled, but you shouldn't be using any packages from that repo still. Can you upgrade those packages to ones available from precise's official repo?
[12:18] <pirx_> i would like to try, but how? :)
[12:18] <pirx_> dpkg -i manually?
[12:19] <rbasak> apt-get install the right package names. It should use only enabled repos, so precise ones.
[12:19] <rbasak> Make sure you take a full backup first.
[12:21] <pirx_> luckily this is a virtual staging server
[12:21] <pirx_> so i can just snapshot it
[12:23] <pirx_> but i cant do "apt-get -f install postgresql-9.1" anyway
[12:23] <pirx_> http://pastebin.com/u9RbFqH0
[12:24] <pirx_> i wonder if i can uninstall and reinstall postgres
[12:24] <pirx_> will the data survive? who knows...
[12:25] <rbasak> So try: apt-get -f install postgresql-9.1=9.1.21-0ubuntu0.12.04 postgresql-client-9.1=9.1.21-0ubuntu0.12.04
[12:31] <pirx_> i did a remove and then install on the postgresql packages
[12:31] <pirx_> it worked!
[12:31] <pirx_> the data survived
[12:31] <pirx_> it was a hot standby replicated server
[12:31] <pirx_> now i will try the same on the master
[12:32] <pirx_> and i can install java just fine
[12:32] <pirx_> good!
[12:32] <pirx_> rbasak: thanks!
[13:30] <pirx_> rbasak: worked like a charm with the master server too:)
[13:31] <rbasak> Great!
[13:34] <ktosiek> Hi! I have a server with postfix doing basic checking and proxying. Now I want that server to be able to send mail from cron.
[13:35] <ktosiek> Is there any good way to setup something like that? Postfix's next hop does not handle the addresses I want to send to
[13:48] <caribou> rbasak: remember my makedumpfile MP of yesterday ?
[13:49] <caribou> rbasak: is the merge actually done through the LP's web interface or from the CLI on the git repo ?
[14:07] <dasjoe> sarnold: hey! I've got a somewhat new problem. I have to run a php cli cronjob as user x, and serve some php as www-data. Both php scripts need access to a single id_rsa (and execute stuff). What's the recommended way to do this, without running the cronjob as www-data directly
[14:08] <hallyn> arges: smb: zul: ok so we're all ok with bumping libvirt in yakkety i think;  do any of you want to test anything more before i really ship?  smb, a xen test perhaps?
[14:09] <hallyn> if not that's fine - i'll ship :)
[14:09] <smb> hallyn, I still have to set up yakkety xen hosts so ... just go ahead
[14:12] <hallyn> kewl, will wait on zul response the hit go
[14:12] <hallyn> then let the bugpage floodgates open
[15:01] <devster31> hi people, where can I find the .config file used to build the kernel of my current ubuntu installation?
[15:02] <sdeziel> devster31: /boot/config-$(uname -r)
[15:21] <jesk> when trying to install Ubuntu Server 16.04 LTS the installer says "Failed to retrieve the preconfiguration file.....file:///cdrom/preseed/ubuntu-server.seed".
[15:22] <jesk> when I skip this error I have to install manually but then it fails to detect my NICs
[15:22] <jesk> its a standard HP DL380 machine
[15:22] <jesk> gen9 I believe
[15:24] <devster31> sdeziel: thanks
[15:25] <nacc> cpaelzer: only in the context of the server guide, not bugs themselves (yet)
[15:27] <cpaelzer> nacc: ok, just saw it scrolling by this morning and wanted to see if you might know more
[15:27] <cpaelzer> nacc: did you complete the smaba section already last week?
[15:27] <cpaelzer> nacc: because I have thre mp's submitted and I think it is about time they do another release
[15:28] <cpaelzer> nacc: but we wanted to wait for samba to be refreshed
[15:28] <nacc> cpaelzer: yes, i did, doug was going to review
[15:28] <cpaelzer> nacc: great
[15:28] <nacc> cpaelzer: i belive i marked it that way on the wiki, but i might have forgotten to updated
[15:30] <cpaelzer> nacc: I'll send doug a reply on my last mail and set you on CC
[15:32] <nacc> cpaelzer: sounds good, thanks
[15:32] <cpaelzer> nacc: might you have a mp link for me to refer to ?
[15:33] <nacc> https://code.launchpad.net/~nacc/serverguide/samba/+merge/293442
[15:33] <nacc> in reply here, he did say he might have to wait  aweek or so
[15:37] <cpaelzer> nacc: yeah just read it - thanks for the link
[15:37] <cpaelzer> nacc: your inbox should just have grown by one
[15:39] <nacc> cpaelzer: ack and thanks
[15:39] <hallyn> zul: though i'm stil worried about how bug 1579922 affects libvirt upgrade
[15:40] <hallyn> meh.  i guess i can't push until that's fixed in one pkg or the other
[15:41] <zul> hallyn:meh
[15:44] <rbasak> caribou: I'm not sure if LP can do it. I don't see a button. Could it do it with bzr? Pushing with git from the CLI should certainly work. I believe LP will pick up that it happened, too.
[15:45] <caribou> rbasak: ok, just wanted to be sure that I wasn't chasing the obvious
[15:50] <cebalrai> Is there a reason, why nfs4.1 is not used by default with ubuntu clients?
[15:52] <hallyn> zul: wait, upgrade went fine this time.  lemme try a few more
[15:56] <hallyn> hm, can't get it to fail now.
[15:59] <nacc> cpaelzer: looks like upstream and marc have that one under control, fwiw
[16:00] <cpaelzer> nacc: about doc?
[16:00] <nacc> cpaelzer: that samba bug, sorry
[16:00] <cpaelzer> nacc: np, ok
[17:24] <LostSoul> hi
[17:24] <LostSoul> Is there chance to do sub search in nss_base_passwd ?
[17:24] <LostSoul> Like when I want to check if user is memberof=XXX or member of subgroups of that group?
[17:30] <jesk>  
[17:32] <LostSoul> ?
[17:32] <LostSoul> So I'm trying to setup libnss/ldap login to server based on AD membership
[17:32] <LostSoul> Problem is I can force it to allow login members that are member of X group or that are member of GROUPS that are member of thix X group
[17:32] <LostSoul> I'm only allowed when user is member of X group, but not when he is member of group that is member of that group
[17:32] <LostSoul> Any ideas?
[17:38] <patdk-wk> that is a limitation of AD
[17:38] <patdk-wk> same issue when I use groups in sharepoint
[17:38] <patdk-wk> users in a subgroup of a group, don't work
[17:41] <LostSoul> patdk-wk: So there is no workaround on that?
[17:42] <patdk-wk> via ldap? dunno
[17:42] <patdk-wk> it works fine for me
[17:42] <patdk-wk> my user is a member of groups of subgroups works fine in ubuntu with AD user
[17:42] <patdk-wk> but I do not use ldap to interface to AD for that
[17:43] <LostSoul> Hmm
[17:43] <LostSoul> So how do you check it?
[17:43] <LostSoul> I mean line that verify it
[17:43] <patdk-wk> I am using sssd
[18:36] <sarnold> dasjoe: normally you'd make the key file owned by a group and have both the cgi and the cli programs run with that group ownership, but that might be annoying for one or the other of these tools. You could use posix acls to give both www-data and the cli user access to the file, see setfacl manpage for details
[18:39]  * patdk-wk wonders when that question was asked
[18:55] <sarnold> patdk-wk: four hours ago? heh
[18:57] <patdk-wk> dunno, count time by scrollback pages :)
[18:57] <sarnold> oh I'd never find it -that- way, /lastlog -hilight 10  :) heh
[18:58] <patdk-wk> I just use scrollback, and have it set to autohighlight keywords
[19:05] <arooni> what logs would i check in /var/log if my server unexpectedly restarted
[19:06] <patdk-wk> probably none
[19:06] <patdk-wk> normally unexpectedly restarted == wasn't able to log why
[19:07] <arooni> but wouldnt there be some indication of the last things that were happening
[19:07] <arooni> before it restarteed?
[19:07] <arooni> restarted *
[19:07] <patdk-wk> if whatever was last happening logged stuff? sure
[19:07] <patdk-wk> if the disk flushed the write buffer? sure
[19:08] <patdk-wk> or, if the kernel flushed the write buffer
[19:08] <patdk-wk> but we wouldn't know what was happening
[19:08] <patdk-wk> so dunno what log to look in, it's your server
[19:08] <patdk-wk> the only *generic places to look is dmesg and syslog
[19:08] <patdk-wk> other than that, heh, depends on how you configured and what your running
[19:15] <arooni> well thanks for breaking it down
[19:15] <arooni> i'm a bit noob to linux sysadmin ;; coming at it as an app developer
[19:20] <qman__> Usually if a server restarts on its own, it's a hardware problem
[19:20] <qman__> Software problems produce errors and crashes, not reboots
[19:22] <qman__> Unless you intentionally configured it otherwise, of course
[19:36] <belea> hi, i've got an ubuntu server 16 on 3x120gb ssd disks ... the partitioning is quite weird a total of 180 gb ... http://pastebin.com/5duPiwzX
[19:36] <belea> anyone has any ideas why this happens? :-?
[19:42] <sarnold> what's weird?
[19:43] <patdk-wk> I don't see any partitioning, only filesystems
[19:44] <patdk-wk> 20g, and 91gigs
[19:46] <sarnold> when I installed on a system with 120 gig hard drive and 128 gigs of ram, the installer gave me 900 megabytes for / and 120 gigabytes for swap
[19:46] <belea> i dont get why it's broken into 16gb filesystems
[19:46] <sdeziel> belea: those 16GB mounts are tmpfs
[19:47] <belea> and the total is 180gb not near to 300+
[19:48] <belea> so i actually just have 1 x 120 gb mounted ?
[19:48] <belea> in the dmesg i see sda sdb and sdc each 120gb
[19:50] <belea> [sda] 234441648 512-byte logical blocks: (120 GB/111 GiB)
[20:06] <coreycb> arges, testing has completed successfully for bug 1569502
[20:08] <dasjoe> sarnold: thanks, I'll read about that. I had hoped for something automagically, like running the cgi as the normal user when serving files from that user's public_html
[20:10] <Executioner> Is it a problem if I get [pcilib: Cannot open /proc/bus/pci; lspci: Cannot find any working access method.] output to the terminal during the init of do-release-upgrade?
[20:10] <sdeziel> dasjoe: I'd be curious to know if the SSH client will accept to use a key file owned by someone else (even if the an ACL allows it to). So please let us know how it goes :)
[20:10] <Executioner> This is where it asks me to continue even if I'm connecting thru SSH
[20:20] <Executioner> err
[20:20] <Executioner> "The required dependency 'apt (>= 1.0.10.2ubuntu2)' is not installed." During a do-release-upgrade, what?
[20:30] <arges> coreycb: i'll promote tomorrow since its only 6 days. that ok?
[20:31] <coreycb> arges, definitely, thanks.  I lost count. :)
[21:33] <bc2946088> I've tried multiple times to deploy openstack using autopilot and though the environment does deploy, nagios shows a ceph health-warn that i've been unable to resolve.  I currently have a fresh deployment in that state after it was freshly deployed, has anyone else experienced that with ceph/ceph and autopilot?
[21:45] <roaksoax> dpb1_: ^^
[21:47] <sarnold> dasjoe: you might be able to do something like that via php-fpm
[21:48] <dpb1_> bc2946088: do you know how to get access to the underlying environment?
[21:49] <dpb1_> bc2946088: basically this: http://askubuntu.com/questions/606422
[21:49] <dpb1_> bc2946088: do that, then do juju ssh ceph-mon/0, and show me 'ceph status' as the root user please
[22:16] <bc2946088> Sorry, went to grab a pizza, @dpb1_.  I havne't had much success connecting to any juju enviroment, but I'll give it a whirl following that link.
[22:18] <dpb1_> bc2946088: ya, that is where the real magic is
[22:24] <bc2946088> dpb1_: http://paste.ubuntu.com/16353352/
[22:24] <bc2946088> Do I need to add the containers to bind?
[22:25] <bc2946088> oh, nevermind, didn't realize I was connected, regardless of the error
[22:26] <bc2946088> Here is the relevant, ceph status, http://paste.ubuntu.com/16353372/ dpb1_
[22:29] <bc2946088> It's amazing how helpful it is when you can connect to the lxc containers.  Ha, I really couldn't get anywhere from the physical machines.  http://paste.ubuntu.com/16353393/
[22:56] <bc2946088> any idea where I set 'mon pg warn max per osd = 500' the changes didn't stick after restarting the service or the host.. So I am assuming it's getting ceph.conf from somewhere.
[23:03] <sarnold> bc2946088: may grep around in https://jujucharms.com/ceph/xenial/0  ?
[23:23] <patdk-lap> lhmm, having a most horrible issue with sendmail and lxc
[23:36] <dpb1_> bc2946088: you need to be root
[23:36] <dpb1_> sudo ceph status
[23:37] <dpb1_> you will get something more interesting
[23:37] <bc2946088> yeah, figured that, shortly after and then did another paste, http://paste.ubuntu.com/16353393/
[23:38] <dpb1_> bc2946088: https://bugs.launchpad.net/charms/+source/glance/+bug/1492742
[23:39] <dpb1_> bc2946088: could you add your experience there (sorry, I'm not a ceph expert)
[23:39] <dpb1_> bc2946088: if you add debugging details, I'll get someeone to chime in tomorrow
[23:40] <bc2946088> yeah, will do, I did read that over the past couple minutes, and it matches my issue.  There is a work around in changing a ceph mon value to increase the pgmax, but sadly, I'm unsure where to set it.  By setting it in ceph.conf on the container, the changes are lost when the service restarts, or the instance reboots.
[23:42] <bc2946088> I previously deployed the same setup with one less physical node, which has 3 less drives and I didn't have any troubles.
[23:42] <dpb1_> bc2946088: where you can see all the openstack services with 'juju status'
[23:42] <dpb1_> bc2946088: do 'juju get ceph-mon'
[23:43] <dpb1_> or 'juju get ceph-osd'
[23:43] <dpb1_> then, you can change things with 'juju set ceph-mon "key=value"
[23:46] <bc2946088> oh wonderful!  I just accidentally marked one of the nodes as broken and now it's no longer deployed.  I'll redeploy and give that a try, thanks for all your help.  For the life of me, I couldn't figure out how to connect to the juju instances, so I'm leaps and bounds ahead
[23:46] <dpb1_> bc2946088: yes, everything is 'juju get' 'juju set' once you know where to look.  and please do mark your findings in that bug.  Thanks!
[23:47] <bc2946088> I will certainly add them once I can test further!