/srv/irclogs.ubuntu.com/2016/06/09/#ubuntu-server.txt

runelind_qI am new to lxd and want to configure the networking to be a true bridge in that I want my guests to get v4 addresses via DHCP and v6 addresses via SLAAC00:16
runelind_qonce I get this working I'm planning on having multiple interfaces on my host that binds to different VLANs (and thus multiple bridges, I would assume).00:16
runelind_qI created a test guest and it created a vethDMY03 interface, but the guest doesn't have a v4 or a v6 address00:18
runelind_qI went into the guest and set inet dhcp and inet6 auto in interfaces.d/50-cloud-init.cfg00:23
winslow__Hi, all. Not sure if there's a better room to reach the team that handles Ubuntu cloud images, but `vagrant box add ubuntu/xenial64` is currently failing with a 404 when fetching the box.00:54
naccOdd_Bloke: --^ not sure if that is the same issue you were helping with earlier00:54
jrwrenrunelind_q: did you create your own br0 bridge device, add your eth0 to it and tell lxd to use that br0?01:11
jrwrenrunelind_q: this is a little dated, but may help: http://jrwren.wrenfam.com/blog/2015/11/10/converting-eth0-to-br0-and-getting-all-your-lxc-or-lxd-onto-your-lan/01:12
masuberuhi01:17
masuberuwhy loop01:18
masuberu, lp and01:18
masuberurtc are missing from /etc/modules?01:18
masuberuon ubuntu 16.04?01:18
masuberuwhy loop, lp and rtc modules are missing from /etc/modules on ubunut 16.04?01:19
runelind_qjrwren: i thought lxdbr0 was the new hotness?01:23
jrwrenrunelind_q: it is, but that is a nated bridge interface which serves dhcp from a private range via dnsmasq.01:24
jrwrenrunelind_q: your question made it sound like you wanted to bridge to your local lan.01:24
runelind_qi did01:24
runelind_qok, i will use a regular bridge01:25
Yuri4_Guys, how can I run some command automatically on every boot?01:36
runelind_qlet me count the ways01:37
runelind_qyou want to run it as root or a regular user?01:37
jrwrenYuri4_: a crontab entry with @reboot isntead of `m h dom mon dow` works well01:37
runelind_qthat's what I was going to recommend.01:38
Yuri4_runelind_q, as root01:38
runelind_qsudo crontab -e01:38
runelind_qthen do what jrwren recommended.01:38
Yuri4_jrwren, I'm very new to linux.01:38
Yuri4_Wher do I put that entry?01:38
Yuri4_Hmmm. Google says that crontab is timebased01:40
Yuri4_I only need it run once after boot01:40
Yuri4_Is this good solution?01:40
Yuri4_Guys?01:43
runelind_qyeah, if you set it to @reboot instead of a time, it will run the script on boot01:48
Yuri4_runelind_q, but it will run only after user logins?01:49
Yuri4_I'm on server and need to run that command when server restarts01:50
runelind_qno, it will run during the boot process, even before a user logs in.01:50
runelind_qjrwren: I'm assuming I want to swap eth0 for ens160 which is my actual interface name when I make changes to /etc/network/interfaces01:50
runelind_q?01:50
jrwrenrunelind_q: yes.01:51
Yuri4_runelind_q, I'm new to linux. So how do I execute on every boo, let's say "sudo mount_folder_x"?01:51
Yuri4_boot*01:51
runelind_qoh, if you want to mount something, you want to edit /etc/fstab01:51
Yuri4_runelind_q, no, I absolutely don't want to do that01:52
Yuri4_it already broke to servers01:52
Yuri4_two*01:52
Yuri4_I just want to run it on every reboot01:53
runelind_qhttps://help.ubuntu.com/community/CronHowto01:53
Yuri4_And if it fails it doesn't break servers01:53
jrwrenlearn how to do it without "breaking" the servers ;]01:53
runelind_qlook into the part about @reboot01:53
Yuri4_jrwren, I did everything correctly. I belive there is a bug in service I'm usuing01:53
runelind_qprobably not01:53
Yuri4_jrwren, I'm very new to linux and can't understand that manual. I've been reading it for 10 min. Could you provide an example, how to do it, please?01:54
Yuri4_I don't uderstand how to do it01:54
runelind_qthe link I provided is very thorough.01:54
Yuri4_runelind_q, It is thorough, but I'm a noob. I don't understand what it saying01:56
Yuri4_could you just give an example, please?01:56
Yuri4_I'm windows sysadmin, not linux01:56
jrwrenYuri4_: sorry, i've been doing this for 20yrs, if the docs at https://help.ubuntu.com/community/CronHowto aren't readable, I'm afraid i cannot help.01:57
runelind_qsudo crontab -e01:57
runelind_qthen @reboot /path/to/script01:57
Yuri4_runelind_q, thank you!01:57
Yuri4_jrwren, see how it's done?01:57
Yuri4_runelind_q, you are the best!01:57
jrwrenI do see.01:57
jrwrenThanks.01:57
Yuri4_runelind_q, I did sudo crontab -e then added @reboot /home/prouser/startup/command02:09
Yuri4_but it doesn't execute02:09
runelind_qdid you set chmod +x /home/prouser/startup/command ?02:10
Yuri4_runelind_q, no02:10
Yuri4_runelind_q, thank you02:11
runelind_qjrwren: ok, my guest gets a v6 address, but I can't ping6 it.02:15
runelind_qI set v6 forwarding =102:15
Yuri4_runelind_q, I added 2 commands for @ reboot.  sudo mount -t cifs //myaccountname.file.core.windows.net/mysharename ./mymountpoint -o vers=3.0,username=myaccountname,password=StorageAccountKeyEndingIn==,dir_mode=0777,file_mode=0777 - this doesn't work02:18
jrwrenrunelind_q: a routable address, not just link local?02:18
Yuri4_but sudo mkdir - works02:18
runelind_qjrwren: yeah, routable02:19
jrwrenrunelind_q: I'm not familiar with SLAAC. I only use radvd02:19
runelind_qjrwren: SLAAC is the autoconfigured addresses from radvd02:19
runelind_qYuri4_: put it into a script, run chmod +x on the script, then manually execute the script to make sure it works.02:20
runelind_qput the full path to all commnds02:20
runelind_qlike /bin/mount instead of mount02:20
Yuri4_remix_tj, yeah it's full path. 1 command works and anothe doesn't02:21
Yuri4_how do I mannualy execute the script?02:21
Yuri4_runelind_q, when I do it mannualy both command works02:24
Yuri4_but on boot only 1 works02:24
Yuri4_this one doesn't sudo mount -t cifs //myaccountname.file.core.windows.net/mysharename ./mymountpoint -o vers=3.0,username=myaccountname,password=StorageAccountKeyEndingIn==,dir_mode=0777,file_mode=077702:25
runelind_qyou don't do sudo, just mount, since it runs as root02:26
runelind_qand make sure you have /bin/sudo in there.02:26
runelind_qand this should really really really really be done in fstab02:26
Yuri4_runelind_q, when I do it in fstab my serve stops booting02:27
Yuri4_server*02:27
Yuri4_runelind_q, still doesn't work02:33
Yuri4_I hade sudo mkdir though and it executed fine02:33
runelind_qI dunno man.02:34
runelind_qsounds like you need to hire someone to come over.02:34
Yuri4_runelind_q, that's me who have been hired to do that02:39
Yuri4_is there another option to do that on each boot?02:39
Yuri4_not cron?02:39
runelind_qnope, hire someone else as a subcontractor.02:40
patdk-lapdid you add the _netdev flag?02:42
winslow___Hi all. Sorry if anyone responded recently. I had to travel some. Any word on the ubuntu xenial64 vagrant images being missing?02:43
runelind_qnet.ipv6.conf.all.forwarding=102:49
runelind_qnet.ipv6.conf.br0.accept_ra=202:49
runelind_qnet.ipv6.conf.default.forwarding=102:49
runelind_qguest gets a v6 address, but I can't ping it.02:50
Yuri4_runelind_q, I fiexed it by adding sleep 30; before the command02:56
Yuri4_thank you for the help!02:56
patdk-lapmust be a dns issue02:56
Yuri4_patdk-lap, maybe some durty hack to change server IP after boot?02:56
Yuri4_when I put it into FSTAB it broke both my server that took 8 hours to set up02:57
masuberuI need to install fure-utils on ubuntu 16.04, any help?03:13
masuberufuse-utils sorry03:13
runelind_qfurry-utils04:00
winslow___FYI, I filed https://bugs.launchpad.net/cloud-images/+bug/1590647 just so this isn't lost05:37
ubottuLaunchpad bug 1590647 in cloud-images "xenial64 vagrant boxes are unavailable from Atlas" [Undecided,New]05:37
=== gms is now known as Guest98013
=== Guest98013 is now known as _gms
=== stikky is now known as _gms
Househi all, i've got sssd+ad working for ssh, login & sudo, but for the life of me i cant get "smbclient -k" or automount to work for any passwordless access to smb fileserver. just get a timeout. all ok if i skip the '-k' and manually enter password, but automount won't work, and multi-user access in fstab requires a passwordless method.     anyone have this working?06:58
toshywoshyIs there a significant difference between Debian partitioning and Ubuntu partitioning, as my debian preseed file used on ubuntu 16.04lts keeps on asking me to confirm the partitions manually07:41
Odd_Blokenacc: Thanks for the pointer to that Vagrant bug. :)07:49
toshywoshyis there any way to prevent the installer from asking me to confirm manually the partition setup layout if it is already defined in an expert layout?08:00
fricklertoshywoshy: this is what we use for our trusty and xenial nodes: http://paste.ubuntu.com/17138951/08:05
toshywoshyfrickler: thanks, in the second partition you have '-1' as the maximum value, is that better than having '1000000000'?08:06
fricklertoshywoshy: IIUC it will use the maximum available size, I'm not sure what happens if you use a value too large for your current disc08:08
fricklertoshywoshy: I did some searching on the net to get that part together some years ago, most of the rest of the file is still the original https://github.com/puppetlabs/razor-server/blob/master/tasks/ubuntu.task/preseed.erb08:11
toshywoshyfrickler: I solved it based upon your preseed file, the solution was adding "d-i partman-auto-lvm/guided_size string max", which is wat the installer was nagging me about to confirm manually, thanks again08:18
fricklertoshywoshy: yw08:21
=== _degorenko|afk is now known as degorenko
Thumpxrso, is uptrack really necessary / makes sense on a private server which host various public services with >100 users?08:41
Teme_hello08:52
Teme_anybody wake?08:52
vbotkaTeme_, It's lunch time here man :)08:54
Teme_aah, sorry to be a bother then ;)08:54
jamespagecoreycb, ddellav: ok so updated oslo.messaging to 5.2.0 - needed for keystone10:03
jamespagefixed versions for keystone; should build through shortly10:03
jamespagethere where some network connectivity issues overnight - so re-ran some failing builds that got impacted by that10:03
jamespagealso pushed a small fix to pkgos-generate-snapshot to deal with .0b1 correctly -> will map to ~b1 for package version compatibiltiy10:04
jamespagestill tripping on some networky type problems but almost clean10:05
jamespageI also took a look at the nova-lxd failure - its due to some missing mocking10:05
fricklerjamespage: regarding https://bugs.launchpad.net/bugs/1564812, the main issue is that there is one log-file generated per rootwrap command executed, i.e. one file every 2 seconds for some neutron agents. and they never get cleaned up it seems.10:30
ubottuLaunchpad bug 1564812 in nova (Ubuntu) "Disable sudo io logging for rootwrap" [Wishlist,Triaged]10:30
jamespagefrickler, a file per command?10:31
jamespageor a log entry per command?10:31
fricklerjamespage: no, each sudo invocation generates a new file10:32
* jamespage checks an install10:32
jamespagefrickler, I'm not seeing that on a openstack install we have for QA10:33
jamespageall sudo calls go to /var/log/auth.log10:33
fricklerjamespage: you need to add "Defaults      log_output" to your /etc/sudoers to trigger the issue, default installation doesn't log anything10:33
jamespagefrickler, well the default logs all commands and output to /var/log/auth.log10:35
jamespagefrickler, no you are right - output is not logged by default10:36
jamespageonly input10:36
fricklerjamespage: yes, but as part of our hardening, we add the above options, so that everything a user does e.g. within a "sudo -i" session, can be looked at afterwards with sudoreplay10:37
jamespagefrickler, ok so your proposed change does not alter the logging of commands to /var/log/auth.log10:37
jamespageit just stops the creation of the individual files that log_input and log_output turn on?10:38
jamespageif that's the case I misunderstood the problem - apologies...10:38
* jamespage thinks10:38
fricklerjamespage: at least that is my understanding of the impact of the change, yes10:40
rbasakWouldn't turning off output by default be surprising to others who turn it on globally and expect all commands to follow?10:41
rbasakIt seems to me that it would be less surprising for people who choose to turn global logging on to also disable it for specific cases where it is not wanted.10:41
fricklerrbasak: the problem is that you have to do it on the same line, so we would have to patch again this after every package update10:43
rbasakfrickler: it's a conffile. Your modifications should be maintained by packaging. You'll only have to handle it if the packaging changes the conffile it ships.10:43
rbasakfrickler: even if that weren't true, the right fix would be to have some better override features in sudo.10:44
rbasakI just think that this kind of change just prompts another bug report saying the opposite. It's not the default configuration, so the fix should be to make it easier to get the behaviour you want, rather than changing the default for something that isn't even a default.10:45
rbasakBut anyway, up to jamespage.10:45
jamespagehence my last /me thinks10:48
jamespage;0)10:49
jamespagerbasak, frickler: this is tricky - I would tend to think it might be better set overrides per user that needs to be excluded10:51
rbasakCan sudo take that instruction from a separate .d file? In that case that would be the perfect solution - no changes in packaging needed and frickler can add it locally without much concern for what happens on packag eupdates.10:52
ikoniarbasak: it can10:53
ikoniaI've often used seperate files, eg: normal.rules webowners.rules etc etc10:53
ikoniajust make sure they don't conflict as ordering is not good10:53
rbasakThe files would have rules that overlap. Hence my question.10:54
jamespagerbasak, looking now10:54
ikoniathat can cause a problem then, I believe the most restrictive rule is honoured10:54
jamespagesomething like:10:56
jamespageDefaults:nova !requiretty,!log_input,!log_output10:56
jamespagemight work ok10:56
jamespageyes that does work fine - so I still can set global log_ouput, log_input, but nova/neutron whatever gets excluded11:00
jamespagebut still included in auth.log11:00
jamespagefrickler, ^^ that might fit your requirement11:00
jamespageyou can skip !requiretty as well as that's set in the pkg provided sudoers11:02
jamespagecommented on bug as well11:05
jamespagerbasak, you'll have an opinion on https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1585794 just as I do11:08
ubottuLaunchpad bug 1585794 in nova (Ubuntu) "dpkg unable to configure nova-common if user nova is in ldap" [Undecided,New]11:08
jamespagesystem users in ldap sounds like bad karma to me...11:10
jamespagehowever that's not the actual bug here...11:11
* rbasak looks11:12
rbasakjamespage: is the bug caused by there being a system user in LDAP, or just some normal user in LDAP that happens to be called "nova"?11:15
rbasakjamespage: the pattern in that postinst is the normal one. If something needs changing, it'd probably need change across the board (ie. a wider collective decision).11:16
jamespagerbasak, this issue is that the postinst tries todo usermod on the nova user for a switch in group way back before 12.0411:16
jamespagenobody -> nova11:16
rbasakjamespage: ah. That I did question but didn't realise it was relevant.11:16
jamespagethat won't work with an ldap provided user11:16
jamespagethat said I think ldap for system users is a little bonkers...11:17
rbasakjamespage: I'd do that on an upgrade path only (compare to $2 etc)11:17
rbasakI didn't think of that from an LDAP perspective though, just a "stepping on the user's customisations unnecessarily" perspective.11:17
rbasakAlways good for upgrade path code to be conditional on the required upgrade versions since then it can be dropped eventually and make things simpler, as well as reduce the likelyhood of some kind of unpredicted conflict when the upgrade path code isn't needed. I guess this is one of those cases.11:19
jamespagerbasak, tbh that all applied to day 0 packaging anyway11:19
rbasakI agree that an LDAP system user is pretty broken though, but that's not my justification.11:19
rbasakMost packaging I've seen would work with an LDAP system user though, if the user knows what he's doing. In that postinsts just leave it alone in that case, and silently accept failure to remove on postrm I think.11:20
rbasakjamespage: not sure what you mean?11:20
jamespagerbasak, all of the part of the maintainer script was due to mistakes made prior to 12.04 release...11:21
jamespagethat's pretty much the earliest point we support upgrades from now11:21
rbasakjamespage: ah, I see. So you could just drop the usermod?11:21
jamespagejust did :-)11:22
rbasak:-)11:23
=== iberezovskiy|off is now known as iberezovskiy
coreycbjamespage, ddellav: all of the newton b1 core packages from our end are backported11:39
coreycbjamespage, still need this to land I believe before testing right?  https://review.openstack.org/#/c/326597/11:40
jamespagecoreycb, is that the keystone one?11:55
coreycbjamespage, yep11:55
=== JanC is now known as Guest27912
=== JanC_ is now known as JanC
=== sarthor_ is now known as sarthor
Xinstupid question12:59
Xinbut how do I allow access to apache only from my internal network12:59
Xinno external access12:59
coreycbddellav, testing for bug 1546116 is complete.  can you tag the bug as verification-done and verification-liberty-done?13:11
ubottubug 1546116 in manila (Ubuntu Wily) "[SRU] manila share process init script is missing" [Undecided,Fix committed] https://launchpad.net/bugs/154611613:11
=== JanC_ is now known as JanC
rbasaknacc: do you want bug 1590623 sponsoring?13:16
ubottubug 1590623 in php7.0 (Ubuntu) "Drop dh-php from Recommends to Suggests" [Undecided,New] https://launchpad.net/bugs/159062313:16
ddellavcoreycb ok, i'll try13:26
jamespagecoreycb, ddellav: nova branch build failed fixed; patch accepted upstream!13:30
coreycbjamespage, that must have landed quick13:31
jamespageover a week13:31
jamespageit was just some assert call badness13:31
jamespagehttps://review.openstack.org/#/c/318568/13:31
coreycbjamespage, ah that one13:35
jamespagecoreycb, have fix up for nova-lxd as well as soon as rockstart or zul are around...13:35
jamespagerockstar rather..13:35
jamespagedoh13:35
coreycbjamespage, oh awesome13:35
zuljamespage: yeah no one can approve patches yet13:36
jamespagezul, ha13:36
jamespagezul, just ask someone in -infra to add you and rockstar to the groups13:36
jamespageunless you have already done that...13:36
jamespageyolanda is alway a good egg :-)13:36
zuljamespage: i think rockstar already has13:36
jamespageoh ok13:36
EmilienMcoreycb, jamespage: hey13:38
EmilienMcan I try to deploy newton on xenial?13:38
jamespagesure13:38
EmilienMhow?13:38
jamespageEmilienM, ppa:openstack-ubuntu-testing/newton13:38
EmilienMok cool13:39
EmilienMjamespage: did you deploy already?13:39
jamespageb1 is working its way into the UCA - but that PPA has branch builds for most projects13:39
jamespageEmilienM, yes13:39
EmilienMcool13:39
jamespageEmilienM, you'll probably trip over the changes we've made to the keystone package for wsgi/apache2 support13:39
jamespagewell you might13:39
jamespage/etc/apache2/sites-enabled/keystone.conf13:39
EmilienMjamespage: ok so I use ppa but in a close future I can use uca, right?13:40
* jamespage crosses fingers...13:40
jamespageEmilienM, coreycb or ddellav will email the openstack-dev ML once its all up and verified13:40
EmilienMok13:41
jamespagecoreycb, btw I'm going to push all of newton staging -> proposed right now13:41
coreycbjamespage, +113:42
jamespagewe may as well test proposed as no one else is just yet...13:42
EmilienMjamespage: so should I wait that you push and then I test it?13:43
EmilienMwell, let's try the ppa this morning and ping me when you pushed in proposed I'll test it too13:43
jamespageEmilienM, up to you - will take several hours to work through13:43
EmilienMahhhh13:43
EmilienMppa :)13:43
jamespageif you want to start now use the PPA13:43
jamespageEmilienM, we've done a bit of rejig in the openstack-dashboard packaging as well; the ubuntu theme is just installed alongside the other themes, and is end user selectable.13:44
jamespageDEFAULT_THEME='xxxx' to switch the default between options - default|ubuntu|material13:44
EmilienMmhh ok13:45
EmilienMiberezovskiy: ^ fyi13:45
* EmilienM take notes on https://etherpad.openstack.org/p/puppet-openstack-xenial13:45
EmilienMjamespage: so you put a default vhost for keystone, right?13:46
jamespageEmilienM, yah - for admin and public endpoint ports13:47
EmilienMmhh ok13:47
EmilienMit's a bit annoying13:47
jamespageEmilienM, is based on the one keystone provides in httpd13:47
EmilienMfor people using deployment tools like chef/puppet/ansible13:47
jamespagehttps/wsgi-keystone.conf13:47
EmilienMmost of people deploy their own vhost13:47
EmilienMwhy not in site-available?13:47
EmilienMit would be better imho13:47
jamespageEmilienM, for those not using puppet/chef/ansible13:48
EmilienMit's like zigo does, forcing stuffs13:49
EmilienMI don't like it... but that's my opinion...13:49
EmilienMour keystone module already manage vhost with the capacity of configure the vhost13:49
EmilienMso we'll have to drop this file...13:49
EmilienMand chef/ansible will have to do the same13:49
EmilienMpeople should be able to enable the vhost themselves I think13:49
EmilienMit's very intrusive to add a vhost & enable it by default13:50
iberezovskiyjamespage, why did you decide to change this behavior? it always was at sites-available as I know13:50
EmilienMdegorenko, iberezovskiy: FYI I updated https://etherpad.openstack.org/p/puppet-openstack-xenial with the notes I took from ^13:50
EmilienMright, this change is not cool13:50
jamespagewhat are we talking about13:51
EmilienMkeystone vhost13:51
jamespagekeystone has never shipped a sites-avaliable; as there is no longer a eventlet based daemon, we have to provide an enabled daemon in someway13:54
* jamespage ponders this...13:54
EmilienMI just say, that most of people won't use this vhost in production, because everybody does vhost tunning. In puppet-keystone, we allow such tunning since you can configure everything in the vhost (SSL, workers, etc)13:55
EmilienMso you better disable it by default and people will enable it before starting apache213:56
jamespageI appreciate that...13:56
EmilienMI think providing a vhost is awesome13:56
EmilienMit really helps people to easily deploy keystone13:56
EmilienMbut enabling it by default is a bit too much and I think most of people know how to enable a vhost, and if they don't lol. Don't continue OpenStack deployment :)13:56
iberezovskiyproviding of vhost is good, but please do not force to use it13:57
jamespageI'm actually considering whether we should do the same with the dashboard as well - we should be consistent...13:57
EmilienManyway, I kicked off a CI job with PPA, I'll give you feedback as soon as jobs finish13:57
jamespagecoreycb, what do you think?13:57
coreycbjamespage, we provide init scripts by default, so it seems like a default vhost makes sense13:58
coreycbjamespage, I think we'll get complaints either way13:58
EmilienMI just hope the packaging does not start apache by default13:59
EmilienMie: apt-get install keystone13:59
jamespageEmilienM, yes it does13:59
EmilienM...13:59
jamespagebecause it installs apache213:59
coreycbEmilienM, just like horizon13:59
EmilienMansible/chef/puppet folks will have big issues14:00
EmilienMfor orchestration14:00
jamespagethis is really about which expectations we break14:01
jamespageI mr end user install keystone, and nothing is running14:01
jamespageunlike pretty much everything else in the archive..14:01
* jamespage ponders this some more...14:01
jamespageEmilienM, ftr I think 'big issues' is over egging it a bit - disabling a site is not that hard :-)14:04
jamespageyes you will have to make a change to adapt to the changes in packaging behaviour...14:05
EmilienMmy concern is that ubuntu packaging is getting more and more intrusive14:07
EmilienMI don't think production deployments need you to start apache, they have orchestration tools and they need to decide when they start services14:08
EmilienMbut anyway, yeah we can workaround all-the-things, I just say it's getting worse over the releases.14:08
coreycbEmilienM, do you have examples?14:08
EmilienMcoreycb: containers14:08
EmilienMcoreycb: or people who use puppet/ansible/chef/whatever14:09
coreycbEmilienM, containers where?14:09
EmilienMthey want to wait before starting apache, maybe they need to add more vhosts before14:09
coreycbEmilienM, do you have examples of where we're getting worse?14:09
EmilienMcoreycb: keystone is the right example I guess14:09
EmilienMas it's a core service that everyone use14:10
ogra_EmilienM, enforced starting of services is a core part of the debian packaging requirements since over a decade ... thats not an ubuntu thing at all14:10
ogra_has been like that forever for debian packages14:10
EmilienMgreat, if everyone likes it then I'm wrong14:10
* ogra_ didnt say he likes it, but it is simply like that forever and it is a debian requirement, not an ubuntu one14:10
EmilienMit's not because it's here forever that we can't change14:11
EmilienMRDO packaging was a mess a few years ago14:11
EmilienM(RDO = Red Hat OpenStack packaging)14:11
ogra_what i'm saying is that you have to change debian14:11
EmilienMand we changes lot of things, and now things are much better14:11
EmilienManyway, I'm trying to satisfy OpenStack community as a Project technical lead of Puppet modules14:12
rbasakEmilienM: puppet is broken wrt. starting daemons. It takes over running services; it should use policy-rc.d.14:12
EmilienMand as a PTL I'm trying to engage work with other communities to make things better14:12
EmilienMour CI deploys Ubuntu jobs so I'm here14:12
rbasakEmilienM: and if it did, then a default enabled or disabled "site" would make no difference. Your puppet module would just force it one way or other before starting the service.14:13
EmilienMsure, we'll adapt14:13
EmilienMjust giving feedback, take it it's free ;-)14:13
rbasakWe can't have defaults one way for interactive users and the other way for automation. It makes sense for automation to override things as needed rather than the user because that can be...well, automated.14:14
rbasakDebian provides the hook necessary to do it. Automation should use it.14:15
caribourbasak: just pushed the new merge.v1 tag14:20
rbasakcaribou: thanks! I'm out of time before meetings and EOD today. I'll try to look tomorrow.14:26
caribourbasak: no worry & thanks for looking at it14:26
rbasakstgraber: FYI, bug 1590747 - is CI broken somehow?14:56
ubottubug 1590747 in lxd (Ubuntu) "images.linuxcontainers.org Debian sid image is broken" [Undecided,New] https://launchpad.net/bugs/159074714:56
naccrbasak: if you could, that would be great, just added ~sponsors (re: 1590623)14:56
naccOdd_Bloke: np, just figured the context was similar enough (re: vagrant bug)14:57
Odd_Blokenacc: Yep, much appreciated!14:58
rbasaknacc: done14:59
stgraberrbasak: we don't test those images, so CI isn't broken, Debian most likely is :)14:59
naccrbasak: thanks!14:59
stgraberrbasak: that error seems to indicate that debootstrap succeeded but didn't give us a rootfs with a working /sbin/init :)15:00
rbasakstgraber: one might argue that not testing the images means that CI is broken :)15:00
rbasakBut fair enough.15:00
stgraberroot@dakara:/var/lib/lxd/containers/foo/rootfs# ls /sbin/init -l15:06
stgraberlrwxrwxrwx 1 root root 20 May 12 05:39 /sbin/init -> /lib/systemd/systemd15:06
stgraberroot@dakara:/var/lib/lxd/containers/foo/rootfs# ls -lh lib/systemd/systemd15:06
stgraberls: cannot access 'lib/systemd/systemd': No such file or directory15:06
stgraberrbasak: ^15:06
stgraberso yeah, looks like Debian sid is busted today15:06
stgraberkinda surprised that debootstrap succeeded though :)15:06
rbasakstgraber: you checked your host for existence of /sbin/init, not the guest. But yeah, it's broken :)15:07
rbasaks/guest/image/15:08
stgraberrbasak: oops15:08
stgraberroot@dakara:/var/lib/lxd/containers/foo/rootfs# ls sbin/init -l15:09
stgraberls: cannot access 'sbin/init': No such file or directory15:09
stgraberit's even worse than I thought :)15:09
stgraberhow the hell is debootstrap succeeding without an init system :)15:09
rbasakstgraber: well now at least you see the same behaviour I do :)15:09
stgraberconfirmed that debootstrap didn't feel like picking an init system, no error reported during bootstrap... https://jenkins.linuxcontainers.org/view/All/job/lxc-template-debian/arch=amd64,release=sid,restrict=lxc-priv,variant=default/986/console15:10
stgraberso yeah, that might surprise a few people :)15:11
rbasakHmm. deboostrap hasn't changed recently.15:14
=== HouseMD is now known as HugeEgoSorry
jamespagecoreycb, we need to not backport packages which have not changed since xenial (it creates conflicts in the UCA sync)15:50
coreycbjamespage, oops, ok15:51
coreycbjamespage, does anything need fixing?15:52
jamespagecoreycb, deleting offenders now15:52
coreycbjamespage, thanks15:52
=== HugeEgoSorry is now known as GitGud
=== GitGud is now known as TheRealGitGud
=== degorenko is now known as _degorenko|afk
mrjazzcatFor reasons I will keep to myself :) I want to install Mitaka OpenStack components on Xenial without tooling.  But, the cloud archive says only Trusty is supported.  What methods can I use, short of building from source?16:25
mrjazzcatzul:  Can you help me with this Q?  ^16:26
fricklermrjazzcat: what do you mean by "without tooling"? mitaka packages are part of plain xenial, no need to use any cloud archive anymore16:37
mrjazzcatfrickler: ah, I see.  the packages are already on my machine (or VM)!  Thank you!16:38
Yuri4_Is it possible to mount.cifs so the files and folders belong to www-data:user1 ?16:39
geniiYuri4_: That would be done on the server, by setting default user and group in the smb.conf16:47
Yuri4_genii, I don't have access to that server. Some person at #linux advices me how to do it through mount parametrs now16:48
tewardYuri4_: the mount parameters they mean is on the server16:48
Yuri4_genii, meant on SMB server16:49
Yuri4_of course I have access to the server where I mount it16:49
sdezielYuri4_: on the client, mount with "-o uid=www-data,gid=user1"16:52
Yuri4_sdeziel, cool!16:52
Yuri4_thank you16:52
Yuri4_gonna try16:52
sdezielYuri4_: Here is what my fstab entry looks like: //smb/share /data/share cifs  vers=3.0,rw,noauto,credentials=/etc/samba/simon.secrets,_netdev,nodev,nosuid,noexec,uid=simon,gid=users    0       016:54
Yuri4_sdeziel, eh fstab16:54
Yuri4_already broke my server when I put wrong space16:54
sdezielYuri4_: there is more than what you asked but it shows how the auth creds are decoupled from the local UID/GID mapping16:54
Yuri4_sdeziel, I just crontab it16:55
sdezielYuri4_: the noauto should allow you to manually test before rebooting :)16:55
Yuri4_crontab rocks16:55
Yuri4_@reboot16:55
Yuri4_sdeziel, is uid = :x:33:17:04
Yuri4_or just 33?17:04
sdezielYuri4_: just 33 or www-data17:04
Yuri4_sdeziel, does that command look right? sudo mount -t cifs //myaccountname.file.core.windows.net/mysharename ./mymountpoint -o uid=33,gid=1000 vers=3.0,username=myaccountname,password=StorageAccountKeyEndingIn==,dir_mode=0777,file_mode=077717:05
Yuri4_-o uid=33,gid=100017:05
Yuri4_other works for sure17:05
Yuri4_not sure about -o uid=33,gid=1000 syntax17:05
sdezielYuri4_: there seem to be a missing "," between gid=1000 and vers=3.017:06
Yuri4_sdeziel, this works  sudo mount -t cifs //myaccountname.file.core.windows.net/mysharename ./mymountpoint -o vers=3.0,username=myaccountname,password=StorageAccountKeyEndingIn==,dir_mode=0777,file_mode=077717:06
Yuri4_oh I see17:07
Yuri4_thank ou!17:07
sdezielyou are welcome17:07
Yuri4_sdeziel, seriously, you are the best! Very appreciate your help!17:07
sdezielYuri4_: using sudo will mean the credentials will leak into /var/log/auth.log17:07
Yuri4_sdeziel, it will be without sudo17:08
sdezielYuri4_: credentials= has the advantage to avoid such leaks17:08
Yuri4_it will run as crontab script @reboot17:08
Yuri4_without sudo17:08
Yuri4_and it won't ask for credentials17:08
hallyngaughen: hi - so afaik the only ppl inside canonical using vmbuilder are the cloud image team.  i'd love it if they would consider maintaining it upstream, and pushing community-relevant patches up17:23
=== iberezovskiy is now known as iberezovskiy|off
gaughenhallyn, I'll consider it, but will chat with the team.17:37
hallynthx.  the users will appreciate it :)  of course i'd tried to get rid of it during 14.04, but adt was still requiring it at the time...17:43
hheehey! guys. how can i create local mirror main ubuntu server repos?17:51
hheewhich tools do i need to use for this?17:51
nacchhee: ubumirror?17:52
hheenacc, official tool for is?17:55
nacchhee: hrm?17:55
hheenacc, where can i find out how big main repos?17:56
hheenacc, for prepare my hdd :)17:56
nacchhee: that i'm not sure, they are large17:57
hheenacc, got it. but how large,...17:57
nacchhee: i don't know17:58
OerHeks80 gb+17:58
OerHekshttps://wiki.ubuntu.com/Mirrors17:58
hheeOerHeks, thx a lot17:58
OerHekswait ...17:59
OerHeksMake sure you have enough disk space. The Ubuntu archive, as of 2016-04-21, uses about:17:59
OerHeks912GB of disk space for the Ubuntu package archive.17:59
OerHeks16GB for Ubuntu release CD images... and growing17:59
OerHeksYou might want to check #ubuntu-mirrors too18:00
hheeOerHeks, for example i need local repo mirror with packages and sources for 14 LTS. (for personal usage)18:01
hheeOerHeks, got it18:01
hheeguys. i need it for isolated net, without direct access into the internet18:04
hheei mean i dont want to become internet mirror18:07
patdk-wkdefine isolated net without direct access18:15
patdk-wkthat sounds like proxy server territory18:15
patdk-wkunless you actually mean, a isolated disconnected network18:15
hheepatdk-wk, nope. not proxy territory. place in very remote place, almost without internet or with very expensive one18:17
patdk-wkya, that would be really, disconnected18:17
Yuri4_ 18:20
Yuri4_ Is crontab -e @reboot reliable. I got a very important command there. It won't break, right?18:20
dasjoeClearly depends on which cron daemon you're using18:23
Yuri4_dasjoe, I don't know. I'm running Ubuntu 16.04 server18:24
Yuri4_how do I check?18:24
dasjoeYuri4_: it should simply work, then18:31
Yuri4_dasjoe, thank you!18:31
jayjo_I'm having trouble to connecting to mongo on an ec2 ubuntu instance. the mongo command won't connect, but ive run sudo service mongod start and it says its starting. killall mongod says nothing found19:06
jayjo_ps not showing it either19:06
coreycbbeisner, python-os-brick 0.5.0-0ubuntu3~cloud0 is ready to promote to liberty-updates when you have a moment19:08
coreycbbeisner, manila 1:1.0.0-0ubuntu2~cloud0 is also ready to promote to liberty-updates19:10
beisnercoreycb, ok python-os-brick promoted re: bug 152498919:10
ubottubug 1524989 in python-os-brick (Ubuntu Wily) "[SRU] ScaleIO driver could attach wrong volume to the VM" [Medium,Fix released] https://launchpad.net/bugs/152498919:10
beisnercoreycb, also manila promoted re: bug 154611619:12
ubottubug 1546116 in Ubuntu Cloud Archive liberty "[SRU] manila share process init script is missing" [Undecided,Fix committed] https://launchpad.net/bugs/154611619:12
coreycbbeisner, awesome thanks19:12
beisnercoreycb, yw :)19:12
EmilienMcoreycb, jamespage: results of Xenial/Newton: 2/3 jobs are green, and some failures here and here but nothing really critical20:44
EmilienMcoreycb, jamespage: wait, in fact ppa repo was down and jenkins used xenial repo20:46
EmilienMtesting again20:48
jayjo_I have a problem with mongodb on ubuntu... I am getting an out of memory error when trying to upload about 12 gb of data to a database. I don't have a much memory, but I have a drive of about 40 GB. Can I add swap space? Is that the best way to do this?20:56
Yuri4_Can someone help me to understand, why my cronotab -e @reboot script doesn't run?21:18
Yuri4_sleep 30; mount -t cifs //secret.file.core.windows.net/cgi-bin /var/www/course/cgi-bin -o uid=33,gid=1000,vers=3.0,username=secret,password=PASSWORD,dir_mode=0755,file_mode=064421:18
jjrabbit443hello21:25
jjrabbit443how come folder structure is so much more confusing on unix than windows?21:25
jjrabbit443All your programs -> Program Files21:25
jjrabbit443All system files -> Windows21:25
jjrabbit443All user configurations -> Users21:25
jjrabbit443all three of those are at the root of the drive and all are pretty much self explanatory21:26
jjrabbit443what do i get on unix?21:27
jjrabbit443bin, dev, etc, usr, var, lib and bunch of other 3 letter folders that tells you practically nothing21:27
OerHeksjjrabbit443, good start https://help.ubuntu.com/community/LinuxFilesystemTreeOverview21:30
rattkingjjrabbit443: there are reasons for all of it. http://refspecs.linuxfoundation.org/FHS_3.0/fhs/index.html21:30
OerHeksand rattking's url goes into depth about the folders and purpose21:31
soLucienhi guys ! how do i overwrite the system apt sources with a single one21:32
soLucien?21:32
jjrabbit443thanks guys21:32
jjrabbit443i definitely need to read this21:32
jjrabbit443but keeping things simple is an attractive quality21:33
jjrabbit443no wonder windows is on every damn computer21:33
OerHekssoLucien, please don't crosspost, see the apt-proxy answer in #ubuntu21:33
soLucienhttp://pasteboard.co/1yYdZxjv.png21:33
soLucienokay21:33
sudormrfso...suppose I want something internal where DNS forwards requests for google.com to an internal server.  that internal server then redirects the request to facebook.com, setting up the DNS forward is the easy part21:35
sudormrfhow would I go about forwarding stuff from the apache server over to a different site21:35
JanCthere are by far more linux/unix computers than windows computers in the world21:41
Guest_84757Allah is doing21:42
Guest_84757sun is not doing Allah is doing21:42
Guest_84757moon is not doing Allah is doing21:42
Guest_84757stars are not doing Allah is doing21:42
Guest_84757planets are not doing Allah is doing21:43
JanCGuest_84757: please stay on-topic21:43
JanC!ops21:43
ubottuHelp! Channel emergency! infinity, soren, lamont, mathiaz, Pici, Daviey, Tm_T, pmatulis, Corey, IdleOne, ikonia, funkyhat, Myrtti, ocean, genii, phunyguy!21:43
FManTropyxpraise Allah21:43
Guest_84757galaxies are not doing Allah is doing21:43
Guest_84757oceans are not doing Allah is doing21:43
FManTropyxI haven't gotten around to updating yet21:43
Guest_84757mountains are not doing Allah is doing21:44
FManTropyxperhaps Allah will do it for me21:44
Guest_84757trees are not doing Allah is doing21:44
geniiIf he returns and persists, I'll make it a +b21:44
tewardgenii: thanks21:44
jjrabbit443drugs are helluva drug21:50
JanCbeen several people who have been spamming "islamic" stuff in various channels on Freenode recently21:53
dirtyE: Package 'vncserver' has no installation candidate21:53
dirtyany idea what's going on guys?21:53
jjrabbit443JanC: so they're bots?21:54
JanCjjrabbit443: no21:54
JanCat least, in one case they responded to someone21:54
geniidirty: Try vnc4server21:54
soLucienit is a bot21:55
dirtygenii: strnger, second host I've done this on21:55
dirtyerr strange*21:55
dirtyit worked on a second one21:55
jjrabbit443what do you guys think the population of unix admins is to windows admins21:55
jjrabbit4431:60 unix vs windows?21:55
genii!info vncserver trusty21:56
ubottuPackage vncserver does not exist in trusty21:56
genii!info vnc4server trusty21:56
ubottuvnc4server (source: vnc4): Virtual network computing server software. In component universe, is optional. Version 4.1.1+xorg4.3.0-37ubuntu5.0.2 (trusty), package size 1475 kB, installed size 5201 kB21:56
dirtygenii: maybe I was too sleepy and spelled it correctly, I do appreciate it :D21:56
dirtygenii: that did work21:56
geniidirty: Glad to assist21:57
=== Kenrinx is now known as kenrin
JanC“State: not a real package (virtual)”21:58
jjrabbit443if unix admins are in such high demand it's because there are hardly any right?21:59
count-zeroI keep seeing "[FAILED] Failed to start LXD - container startup/shutdown." when booting a fresh installation of Ubuntu Server 16.04. Running "systemctl status lxd-containers.service" yields the following info "error: open /var/lib/lxd/containers: no such file or directory". I haven't created any LXD containers, so is this error just a result of some sloppy logic in the LXD service during boot? Is this the expected behaviour?21:59
blizzowcount-zero: it's because some idiots thought it would be a good idea to install the lxc/lxd virtualization platform by default in the server installation. Hell, even openssh server is not installed by default.23:22
blizzowOh, and there are other (possibly more commonly used) virtualization platforms.23:23
naccblizzow: stop being rude.23:24
rbasakcount-zero: please report a bug.23:24
blizzownacc: you certainly don't like the fact that I'm calling out LXC/LXD as bad decision, do you?23:27
naccblizzow: calling anyone an 'idiot' because you disagree with them, is what i disagree with23:28
blizzownacc: at what point exactly is it that you're allowed to call bad policy makers idiots? I want to make sure I speak in a manner you approve.23:32
tewardin this channel, you shouldn't23:33
teward!rules23:33
ubottuThe guidelines for using the Ubuntu channels can be found here: http://wiki.ubuntu.com/IRC/Guidelines23:33
tewardfor the most part, name calling is against those guidelines23:33
naccblizzow: I think you could review the responses in https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/156302623:35
ubottuLaunchpad bug 1563026 in ubuntu-meta (Ubuntu) "LXC/LXD installed by default on Ubuntu server" [Wishlist,Opinion]23:35
count-zerorbasak: Will do.23:36
blizzowteward and nacc, let me rephrase - I disagree wholeheartedly with the geniuses that seeded lxc/lxd into the default server installation. They are mensa level mofos with the looks of supermodels and know practicality better than all others. I should prostrate myself in front of them because I am a lowly user with no value and should have known it was coming because LXC/LXD was in the 15.10 installer.23:49
OerHeks"LXD does not start the bridge (so no dnsmasq or iptables) until you start interacting with lxd. "  no security risc i guess, only wasted diskspace23:53
teward^23:54
tewardblizzow: also, calling someone a 'mofo' is already against the guidelines and rules for respectfulness, please cease with the profanity.23:54

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!