=== jgrimm is now known as jgrimm-afk
v1sI am trying to share connection with users on eth and wifi for some reason seems ip's are getting assigned but seems only one of the systems connected is actually able to connect and even able to get ping'd and its kind random depending when rebooted. Any ideas?01:05
v1susing ubuntu 16.04 server hostapd,dnsmasq01:07
sarnoldv1s: are you doing standard NAT things? maybe pastebin your iptables ocmmands, that might help someone spot the issue02:30
v1ssarnold: here is my iptable rules http://pastebin.com/R8a8Vnce03:30
v1smy /etc/network/interface file: http://pastebin.com/S9evC2eD03:32
patdk-lapthat is one very interesting ruleset for iptables03:35
v1sbut is it bad?03:38
patdk-lapas far as, very loose and insecure? sure03:38
v1shostapd conf: http://pastebin.com/zVuUFuQ903:40
v1sdnsmasq conf: http://pastebin.com/nB8cYBcP03:41
v1sthe problem is seems only one system is reachable on the network03:42
v1ssecurity is a later concern03:42
=== JanC is now known as Guest37740
=== JanC_ is now known as JanC
jamespagecoreycb, awesome!06:59
fricklercoreycb: thanks for the update, lets hope that this gets accepted faster than the other stuff that is pending for almost a month now08:06
=== _degorenko|afk is now known as degorenko
fricklercoreycb: do you use gbp-pq to manage your patch sets? I'm assume not, because I'm getting something like http://paste.ubuntu.com/19160062/ if I do an import/export. it would be very helpful if you could get that cleaned up some day. (note: I've only just started to use gbp, so maybe I'm doing something wrong here)09:44
cpaelzerfrickler: Hi I'm as new to gbp as you, but isn't gbp pq only needed if you need/want per-release-branch patch queues - maybe that isn't needed (yet)10:04
cpaelzerwell, whatever the reasoning was it is for coreycb to clarify10:04
rbasakSounds like the quilt patches just need dep3 headers.10:05
codepython777dpkg --set-selections - hangs - how do i fix this?11:49
cpaelzercodepython777: on what does it hang?12:06
cpaelzercodepython777: ps axlf on column wchan12:06
cpaelzercodepython777: or /proc/<pid>/wchan12:06
cpaelzerrbasak: another bug for me please? (if not I'll try to pick one that wears the right tags)12:06
cpaelzercodepython777: also it is waiting for stdin, you are feeding a file to it right?12:08
rbasakcpaelzer: fancy preparing some MySQL SRUs for me? I was going to do those next, but I'd appreciate someone else reviewing the patches, and I can do some sponsorship/triaging/assignments instead perhaps?12:08
cpaelzerrbasak: I can try to review whatever you point me to12:09
rbasakOK, let me find them.12:09
* cpaelzer lacks a review experience, but that means room to grow12:09
rbasakcpaelzer: there are four patches that I think are in Yakkety but need SRUing to Xenial:12:12
=== ogra_ is now known as ogra
rbasakcpaelzer: finally, https://github.com/ltangvald/mysql-5.7/commit/fa6ea034692 also needs pushing to Debian, adding to Yakkety and SRUing to Xenial, together with the latest MySQL point release (.13 IIRC). pitti already reviewed this one, and had one suggestion (match against start of line or word boundary), so no need for you to look at it, I'm just including for completeness.12:13
rbasakcpaelzer: some of these fixes are essential for Xenial but also invasive, so I'm being quite cautious, which is why I haven't got round to them yet. So I'd appreciate an additional pair of eyes.12:14
rbasakcpaelzer: as well as any of your thoughts towards testing12:15
cpaelzerrbasak: so the task for now would be to backport, prep a debdiff and all needed for an SRU (test descriptions, reasoning) for Xenial of mysql12:15
cpaelzerrbasak: and then testing around which could be done by any of us, best by both :-)12:15
rbasakcpaelzer: that's the full task, yes. I don't necessarily intend to hand all of it to you, but at the same time I'm fed up of MySQL having been working on it in Debian so much for a couple of weeks :-/12:16
cpaelzerrbasak: I'll just start and at the end of the day we can check status and pass along among us12:16
rbasakcpaelzer: I'm keen to get the SRU done before the 16.04.1 point release. It would be nice to make the ISO image, but my main reason is timing, as more people will mass upgrade to Xenial. So I'm already a bit behind.12:16
rbasakcpaelzer: thank you :)12:16
rbasakcpaelzer: I'm hoping to do one mega-SRU which includes these five patches and the latest upstream microrelease.12:17
coreycbjamespage, can you add manila to the daily ci for liberty?12:17
coreycbddellav, you'll want to get the packages you're testing promoted to liberty-proposed before you test them: http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/liberty_versions.html12:19
ddellavjamespage beisner can one of you guys promote python-glance-store 0.9.2 to liberty-proposed from staging please?12:32
cpaelzerrbasak: I'd like to mark bug 1584234 as dup to bug 1571865 (just as bug 1567884 already is) and then state the master one fixed by SRUing http://anonscm.debian.org/cgit/pkg-mysql/mysql.git/commit/?id=7897042ea6c65aeb608fb28b4b54639d3dbf335212:53
ubottubug 1584234 in mysql-5.7 (Ubuntu) "mysql-server fails to install if it cannot start due to not enough memory" [Medium,Triaged] https://launchpad.net/bugs/158423412:54
ubottubug 1571865 in mysql-5.7 (Ubuntu) "mysql fails to start after upgrade if previous defaults were customised" [High,In progress] https://launchpad.net/bugs/157186512:54
ubottubug 1571865 in mysql-5.7 (Ubuntu) "duplicate for #1567884 mysql fails to start after upgrade if previous defaults were customised" [High,In progress] https://launchpad.net/bugs/157186512:54
cpaelzerI see why you are building on digglett :-)12:55
cpaelzerrbasak: FYI patches almost applied fine, debdiff and changelog prepared - Test design written in pseudocode - now starting with the real work to convert that pseudocode in something that reliably triggers to be our verification after the fix13:03
rbasakcpaelzer: sorry, just catching up13:09
rbasakcpaelzer: I think bug 1571865 is separate. Did something refer to that?13:10
ubottubug 1571865 in mysql-5.7 (Ubuntu) "mysql fails to start after upgrade if previous defaults were customised" [High,In progress] https://launchpad.net/bugs/157186513:10
rbasakcpaelzer: this bug is that the default settings do not work if the system has low RAM. I've hit that myself. I think a proper fix might be to detect that situation and offer different default settings or something, but I'm not planning that for this current SRU.13:10
cpaelzerrbasak: essentially 1584234 is a special case of 1571865, it fails to start - just instead of tweaked config it is (actually any sort of) insufficient system config13:11
cpaelzerrbasak: I'm fine not linking them, just thought so13:11
rbasakcpaelzer: they're different, IMHO, because they have separate root causes. So as we apply fixes for different root causes, we want to track progress separately.13:12
rbasakcpaelzer: there is perhaps a third bug that the error message is unhelpful.13:12
cpaelzerrbasak: I just came by as I searched which one to adress with the last fix you linked - you don't have to over-work that now - you have time until the final SRU takes place to modify changelogs :-)13:13
cpaelzerrbasak: didn't want to stall whatever you do13:13
rbasakcpaelzer: FYI, I'm fixing up/testing https://github.com/ltangvald/mysql-5.7/commit/fa6ea034692, since that will block you soon.13:43
rbasakMy plan is to push to Debian VCS and cherry-pick into Yakkety. Then we can SRU everything together.13:44
cpaelzerrbasak: I'm testing those two options already in the scope of the "fail with better error message" bug13:46
cpaelzerrbasak: but I see how auto-converting them is a better fix13:46
rbasakcpaelzer: OK. Note also https://bugs.launchpad.net/ubuntu/+source/init-system-helpers/+bug/1596056 which will make it slightly better.13:46
ubottuLaunchpad bug 1596056 in init-system-helpers (Ubuntu Xenial) "output of invoke-rc.d for systemd units un-debuggable on failure" [Wishlist,Triaged]13:46
cpaelzerrbasak: fyi http://anonscm.debian.org/cgit/pkg-mysql/mysql.git/commit/?id=f12dd3fb5387113585a981e2b8d234e81c6a630d alone is incomplete as it is not removing it from the .install file13:46
rbasakcpaelzer: also there is http://anonscm.debian.org/cgit/pkg-mysql/mysql.git/commit/?id=7897042ea6c65aeb608fb28b4b54639d3dbf335213:47
rbasakcpaelzer: I guess we could SRU that patch as well13:47
cpaelzerrbasak: you already added that to the list I should watch before :-)13:48
rbasakOh, sorry :)13:48
rbasakSo many patches!13:48
cpaelzeryou said mega SRU13:48
cpaelzeryou get mega SRU13:48
cpaelzerThat is why my testing isn't so much about testing, but about documenting the shortest possible way to trigger&verify an issue13:48
rbasakcpaelzer: wrt. not dropping from the install file, good catch. There's also http://anonscm.debian.org/cgit/pkg-mysql/mysql.git/commit/?id=b79c5b96d881b1d93f9da48f78d3e7155fb9cd84 which I think I forgot to mention.13:51
rbasakcpaelzer: debian-start still remains afterwards, but becomes a no-op.13:51
=== jgrimm-afk is now known as jgrimm
cpaelzerrbasak: that is just what I added :-)13:52
rbasakcpaelzer: I thought that was a safer approach than dropping debian-start entirely, in case users have locally modified upstart files.13:52
rbasakcpaelzer: thanks :)13:52
rbasakcpaelzer: mega SRU == complexity :-/13:52
beisnerhi ddellav, promoted python-glance-store 0.9.2-0ubuntu1~cloud0 to uca liberty-proposed re: bug 159697313:53
ubottubug 1596973 in python-glance-store (Ubuntu Wily) "[SRU] liberty point releases" [Undecided,Fix committed] https://launchpad.net/bugs/159697313:53
v1sI am running hostapd / dnsmasq but only one of the connected clients is reachable any one have any idea why that maybe?14:00
lordievaderThey get an ip?14:02
v1sthey get ip address14:04
lordievaderDo they respond to arp?14:05
v1sdo u mean $arp IPADDRESS14:07
lordievaderDo they respond when you arpping them?14:08
v1syes they both respond when arping them14:10
coreycbddellav, jamespage: trove and ironic uploaded for yakkety.  I haven't seen any other core packages released by upstream yet.14:12
jamespagecoreycb, awesome14:12
jamespagedue this week right?14:12
lordievaderv1s: Is there a firewall active?14:12
coreycbjamespage, yep14:12
jamespagecoreycb, uh-oh whole load of red on the master branch builds14:12
jamespageI better take a look14:13
v1slordievader: no I did not put one14:13
coreycbjamespage, it seems like tooling issues possibly14:13
lordievaderv1s: Do both reply to ping?14:14
=== alvladeru is now known as aderyugin
v1slordievader: only one replies. If if both are connected. if only one of them is connected then it will ping14:16
v1slordievader: it will not ping more then one of the ip address if there are more then one system connected14:16
lordievaderv1s: But both reply to arp when both are connected?14:16
v1slordievader: yes correct14:17
lordievaderv1s: How did you configure your address space?14:17
v1slordievader: single line in dnsmasq.conf http://pastebin.com/1Bts1bFz14:18
jamespagezul, any specific reason pylxd declares  python-cryptography (>= 1.4)14:18
lordievaderv1s: What routes do all the boxes have to each other?14:19
jamespagecoreycb, there are some installability issues on xenial in the ppa14:20
v1slordievader: do u mean my routing table?14:20
v1sif so http://pastebin.com/hBvJR52i14:21
lordievaderv1s: Part of that, for example does your AP have a route to the whole address space?14:21
coreycbjamespage, hmm, ok14:21
zuljamespage: off the top of my head i dont remember....check with rockstar14:21
lordievaderv1s: That looks okay.14:21
jamespagezul, I don't really want to have to backport cryptography to the UCA so early in the 2 year interim release cycle14:22
lordievaderv1s: Can the two clients ping each other?14:22
jamespageso if its not required...14:22
v1slordievader: no only the one that I am able to ping can ping me back14:22
zuljamespage: ahaha....yeah i can see that14:22
lordievaderv1s: That is not what I am asking, can client one ping client two.14:22
jamespagezul, that's not inline with global-requirements btw14:22
v1slordievader: sorry no it can not14:23
zuljamespage: 2.0.3?14:23
zulor 2.0.214:23
jamespagezul, 2.0.314:23
zuljamespage: yeah i need to update that14:23
jamespagezul, https://github.com/openstack/requirements/blob/master/global-requirements.txt#L2314:23
jamespagezul, please do its blocking manila and nova-lxd builds atm14:23
zuljamespage:yeah pylxd is not apart of the openstack project so it doesnt sync with the global-requirements.txt14:24
lordievaderv1s: What happens when you tcpdump everything (on the AP) from everything of an unpingable client, and then let that client ping the AP?14:24
jamespagezul, sure but it would be a good idea given desire to be in-tree if it aligned right :-)14:24
jamespageoh wait sorry - getting confused14:24
jamespageI see14:24
zuljamespage: yeah14:25
jamespagezul, lets check with rockstart14:25
zulhe should been on #ubuntu-server but he isnt..14:25
v1slordievader: I am not expert with tcpdump but is this what you mean? http://pastebin.com/1siL3JLA14:28
v1slordievader: right now I can reach WINDOWS-5910H5R but cannot reach gary-PC14:28
lordievaderv1s: Interesting, I get the feeling your ARP responses don't make it to the client. I'd tcpdump there to verify.14:31
v1slordievader: u think something in the server is blocking it ?14:32
lordievaderv1s: No, I am saying it might not reach it destination. I have no idea wether this is true, or even if there is something blocking it.14:33
lordievaderFirst find the problem, then find the cause ;)14:34
ddellavthanks beisner14:45
codepython777cpaelzer: thank you!14:46
nacc_cpaelzer: thanks for covering last week; i blame the holidays14:46
codepython777If I have to do 100s of apt-gets, how can i do this so that I dont have to download all these from the web everytime?14:47
nacc_codepython777: i thought someone answered you yesterday in #ubuntu14:47
codepython777nacc_: not this one? If you saw the answer, can you please cut and paste?14:48
nacc_codepython777: is your only goal to avoid downloading the packages?14:48
codepython777nacc_: I use a usb stick to run a script that installs a lot of packages14:48
nacc_codepython777: and i assume you mean on multiple machines?14:48
codepython777nacc_: At this point, it would be nice if i could avoid downloading14:48
codepython777nacc_: yes14:48
cpaelzernacc_: hehe14:48
nacc_codepython777: the issue you run into is the time delay between one machine and the next; what if you're installing what are now insecure packages (due to -security updates to them)14:49
cpaelzernacc_: you are welcome, and due to the holidays it wasn't th emost crowded and complex of meetings14:49
codepython777nacc_: Then we do a apt-get update/upgrade after the whole install process?14:49
nacc_cpaelzer: regardless, thanks -- and i'll do today's meeting14:49
nacc_codepython777: ok, so you're hoping to statistically catch most; just making sure you were doing that step14:49
RoyKcodepython777: setup a local mirror14:49
codepython777nacc_: yes.14:50
codepython777RoyK: Can one do that on a usb stick?14:50
nacc_codepython777: i would either use ubumirror, an apt-cacher, or put all the packages you care about on the usb stick (which ubumirror might be able to do)14:50
codepython777what command do i need for that?14:50
codepython777I dont want to setup an apache+ local mirror14:52
codepython777Just want all the files on the usb disk - If I could [r]sync them with better versions over time, that would be cool14:52
RoyKcodepython777: afaics using https://help.ubuntu.com/community/Apt-Cacher-Server would be an easier and probablye better approach14:53
nacc_codepython777: why is the usb stick necessary, btw? can't you just scp your script to each machine?14:54
RoyKnacc_: or use something sensible like ansible :P14:54
nacc_RoyK: i figured that was a step too far :)14:54
codepython777nacc_: I dont want to assume network14:54
nacc_codepython777: i would also end up probably suggesting an installation/configuration tooling14:54
codepython777RoyK: how does ansible help?14:55
nacc_codepython777: so you have machines that don't have network at all? that seems to deviate from your earlier `apt-get update; apt-get upgrade` step :)14:55
codepython777nacc_: I want to install everything from usb stick, then get it on network and do apt-get update/upgrade step14:55
RoyKcodepython777: well, if you don't want networking, well, I really don't know what you use these things for - what sort of machines are these?14:55
codepython777a machine that i just assembled from scratch14:56
RoyKubuntu/debian will find network adapters on a very large majority of the machines out there14:56
codepython777then install ubuntu + then run my apt-gets from usb + then connect to network and update14:56
RoyKI beleive you should read up a bit more on managing lots of machines first14:57
RoyKyou could do a network install14:57
nacc_codepython777: i'm not sure there is a trivial way to do what you want, unfortunately14:57
RoyKlots of machines in parallel14:57
codepython777btw, I need to install upwards of 1000 packages using apt-get !14:57
nacc_codepython777: why??14:58
codepython777because of software dependencies14:58
codepython777can this be done using dpkg-dev?14:58
nacc_codepython777: no, i mean why do you need 1000s of packages above the base install by default?14:58
RoyKcodepython777: it'd probably be faster using the LAN than using a bunch of USB sticks14:58
nacc_codepython777: seems like you should just master your own ISO or something similar with the packages on it?14:59
RoyKcodepython777: please tell why you don't want to use network for this14:59
codepython777RoyK: USB3 is faster than my gigabit conneciton, right?14:59
patdk-wkit could be, depending on the usb3 storage media14:59
RoyKcodepython777: possibly, but the memory chips on that usb pen is quite possibly a lot slower14:59
codepython777RoyK: why use network? when its slower?14:59
codepython777patdk-wk: Its a top of the line SSD15:00
patdk-wktop of the line ssd's don't have usb3 interfaces15:00
patdk-wkthey have pcie x4 interfaces15:00
RoyKcodepython777: then you can just start all installations at once with PXE or something15:00
v1slordievader: so I removed /var/lib/misc/dnsmasq.leases restarted dnsmasq and it let me ping both address. I restart and it seems if I dont start pinging them then it wont let me do it later15:00
patdk-wkmaybe even do some kind of multicast pxe install :)15:00
codepython777RoyK: Yes, but its easier if it not dependent on another machine?15:00
patdk-wkbut that can get really complex, and only useful if you do full reinstalls often15:01
nacc_codepython777: excpet you're now finding why it's not easier (to scale) :)15:01
codepython777Why cant we just keep it simple15:01
RoyKpatdk-wk: please don't :P15:01
lordievaderv1s: Still sounds a bit like a misconfigured network... but hey if it works ;)15:01
codepython777USB3 shell script ?15:01
patdk-wknot depending on another machine != easier15:01
v1slordievader: ok trying to figure out where the isssue is15:01
patdk-wkfor me, sitting in a single location, and doing remote pxe boots and installed to all other machines15:02
patdk-wkseems much simpler15:02
RoyKcodepython777: I've only worked with linux for 20ish years, I'm just trying to help, just like the other guys here15:02
nacc_codepython777: what does USB3 have to do with shell scripts?15:02
codepython777nacc_: I run the script that picks the packages from the disk and installs it on the system?15:02
RoyKcodepython777: we're managing some 10 or 15 thousand PCs and we don't really run around with USB sticks to reinstall them15:03
lordievaderv1s: I'm not saying it is... Just what I think ;)15:03
lordievaderRoyK: hahaha, that would be fun.... not.15:03
RoyKlordievader: so please try with apt-cacher and perhaps pxe install if you want that15:05
nacc_codepython777: --^15:05
nacc_codepython777: https://help.ubuntu.com/community/InstallingSoftware#Installing_packages_without_an_Internet_connection also may be of use15:05
patdk-wkapt-cacher-ng + pxe net installs, works great15:06
v1sis there anyway to tell if there is another dhcp server on the network ?15:15
v1sor other system offering dhcp15:15
lordievaderv1s: Ask for an address, see who responds ;)15:16
nacc_v1s: i think you'd use tcpdump or just dhcpdump to do that15:19
nacc_lordievader's suggestion is probably easiest, though :)15:19
lordievadernacc_: My anwser involves tcpdump ;)15:20
nacc_lordievader: ah; i read it as 'run dhclient and see who responds'15:21
codepython777RoyK: I just copied the .deb files from usb to /var/cache/apt/archives/ - and then fired apt-get = > Is there a problem with that approach?15:22
lordievadernacc_: That is pretty much it, but it will probably limit the answer to one, hence the tcpdump for others ;)15:23
rattkingHello folks, with sysvinit we had /etc/default/ for shell sniplets and configuration pieces to be sourced in the init script where the package would not over write.. how is that done with systemd services?15:24
jgeHey all good morning, I'm looking to upgrade mysql 5.5 to 5.6 could I just do an inplace upgrade with: apt-get install mysql-server-5.615:30
RoyKcodepython777: should work, but network will probably be faster15:31
codepython777RoyK: You are underestimating the speed of USB3 :)15:31
RoyKcodepython777: *you* are underestimating managability15:31
codepython777RoyK: yes ! You are right! I need to take your advice and setup a pxe installer sometime :)15:32
RoyKcodepython777: better start now15:33
nacc_jge: what version of ubuntu?15:40
jgenacc_: 14.0415:47
nacc_jge: presuming you've read this, http://dev.mysql.com/doc/refman/5.6/en/upgrading-from-previous-series.html, i think the packages should handle data migration; however you should make backups, etc.15:49
jgenacc_: yep read that, thanks15:51
=== nacc_ is now known as nacc
smoserrbasak, ubuntu-meeting16:02
rbasakOh :)16:02
=== JanC is now known as Guest1477
=== JanC_ is now known as JanC
=== GitGud is now known as GitGuf
rbasakcpaelzer: FYI, I uploaded the fix for bug 1571865 to Yakkety. So that should unblock the mega-SRU. I'm EOD now.16:53
ubottubug 1571865 in mysql-5.7 (Ubuntu Xenial) "mysql fails to start after upgrade if previous defaults were customised" [High,Triaged] https://launchpad.net/bugs/157186516:53
cpaelzerrbasak: ok16:53
cpaelzerrbasak: I have one test completed and the next will finish shortly16:54
cpaelzerI'll end with a mail to you once I'm done16:54
cpaelzerrbasak: so you can take over then16:54
rbasakcpaelzer: many thanks for your help!16:54
spm_dragetUpon upgrade I see in the log "error: open /var/lib/lxd/containers: no such file or directory" - lxd fails to start. Which is logical since I have no containers configured. But why is lxd installed? Is it part of the default server packages?17:09
spm_dragetCan I disable it?17:09
degorenkocoreycb, hey, is it possible to update saharaclient to 0.15.0 version? :) which contain fix for https://launchpad.net/bugs/156577517:10
ubottuLaunchpad bug 1565775 in Python client library for Sahara "'--version' shouldn't be used as an argument for subcommands " [High,Fix released]17:10
coreycbdegorenko, sure I'll take a look, might be a few days though17:14
degorenkocoreycb, ack, thanks17:16
=== degorenko is now known as _degorenko|afk
=== b1tpunk-work_ is now known as b1tpunk-work
=== GitGuf is now known as GitGud
jnex26Question... has anyone seen ubuntu server stall a process once the CPU time hits 06:00:0018:55
jnex26it has done it twice now !18:55
sarnoldyou could set an rlimit for cpu time (see ulimit -a output)18:58
jayjoI'm trying to run some commands with aws cli, and I'm getting different results from different machines. I checked the versioning and there is a discrepency... on the machine that works it reads: aws-cli/1.10.36 Python/2.7.10 Darwin/15.5.0 botocore/1.4.26 and on the one it does it not it reads: aws-cli/1.2.9 Python/3.4.3 Linux/3.13.0-74-generic18:58
jayjoCan I force the install to use the versions that work on one machine on the machine that doesn't work -- 1 is a mac and the other is ubuntu18:59
jnex26 ulimit -a18:59
jnex26core file size          (blocks, -c) 018:59
jnex26data seg size           (kbytes, -d) unlimited18:59
jnex26scheduling priority             (-e) 018:59
jnex26file size               (blocks, -f) unlimited18:59
jnex26pending signals                 (-i) 739418:59
jnex26max locked memory       (kbytes, -l) 6418:59
jnex26max memory size         (kbytes, -m) unlimited18:59
jnex26open files                      (-n) 102418:59
jnex26pipe size            (512 bytes, -p) 818:59
jnex26POSIX message queues     (bytes, -q) 81920018:59
jnex26real-time priority              (-r) 018:59
jnex26stack size              (kbytes, -s) 819218:59
jnex26cpu time               (seconds, -t) unlimited18:59
sarnoldI didn't know you could run OS X on aws19:01
jayjothat is the local machine19:04
RoyK!pastebin | jnex2619:08
ubottujnex26: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.19:08
jnex26http://paste.ubuntu.com/19202648/ process limits19:15
sarnoldjnex26: did you check the ulimit via whatever mechanism spawns your process?19:16
sarnoldor just a shell on the system?19:16
jnex26php spawns the process. but it runs under a shell it is a exec(); in php19:16
sarnolddamn that's terrifying19:16
sarnoldanyway, check your php.ini there may be a "maximum cpu time" thing specified there?19:17
jnex26just out of interest, why is it terrifying ?19:20
spm_dragetUpon upgrade I see in the log "error: open /var/lib/lxd/containers: no such file or directory" - lxd fails to start. Which is logical since I have no containers configured. But why is lxd installed? Is it part of the default server packages?19:21
spm_dragetCan I disable it?19:21
sarnoldspm_draget: feel free to apt-get purge lxd if you don't intend to use it19:21
sarnoldjnex26: I've just seen too many poorly-written php scripts that allow more or less complete control of a computer by attackers..19:22
jnex26ahh... I would do it all in php, but handbrake does not have a php lib !19:24
sarnoldaha :)19:25
sarnoldjust be insanely careful about what inputs you accept..19:25
jnex26no inputs to it at all, spawns a user process when a specific type of disk is inserted in the drive !19:28
sarnoldgood good19:29
jnex26irony is I wrote this in ubuntu desktop and it works fine. only running on the server version am i having issues19:30
=== ryan`c is now known as ryan-c
b-yeeziHi all, I have a question about accessing a mongodb server (trusty) running in an LXD 2.0 container from the host (xenial)19:54
b-yeezi I am just trying to connect to it, but it say connection refused by server.  I can ping it, I made sure the port is open. Still no luck19:55
b-yeeziI can see a new lxbr0 network device, and when I ping the container, I see that it's using that device's gateway19:55
naccb-yeezi: have you looked at the logs in the container?19:55
b-yeeziI did. It doesn't even notice the request19:56
b-yeeziI can't find much in the docs for only opening up to the host, and not to the entire lan19:57
sarnoldb-yeezi: are you using macvlan? iirc that doesn't alow containers to talk with the host19:57
b-yeeziDo I need to set up another bridge? Create a new container profile? Add a new nic device to the container?19:58
naccsarnold: i assume if lxdbr0 showed up (default lxd config), then it's not macvlan but bridged19:59
b-yeezisarnold, whatever the default is. I don't think its macvlan19:59
sarnoldnacc: could be. I haven't done battle with this, just skimmed the docs..19:59
b-yeeziI confirm. It's just bridged20:00
naccb-yeezi: and you are tryin to connect from the host, right?20:02
b-yeeziWhat do I have to do to allow it to talk to the host? I'm setting up an environment on my laptop with mongodb in a trusty container to talk to a dev wsgi server20:02
b-yeezifrom my laptop, the host20:02
b-yeezinacc, yes20:02
naccb-yeezi: ok20:04
b-yeezinacc, my use case is to use lxd to set up dev environments of many configurations instead of vms. This is my first test20:06
naccb-yeezi: i've not setup a database in a container, but it should be fine20:07
naccb-yeezi: to be sure, mongo is actually running, and if you `lxc exec .. bash` to the container and connect locally, you can (with the same credentials)?20:08
b-yeeziI don't know if it makes a difference, but it is mongodb 3.2, not the 2.6 that comes from the official repo.20:08
naccb-yeezi: and ... support stops :)20:08
b-yeeziI'm about to create a new one with 2.620:09
naccb-yeezi: my trivial guess is that your /etc/mongod.conf says to only allow localhost connectivity (bind_ip) or so20:09
sarnoldmaybe try using nc -l in the container and connect via nc from the host to double check that tcp is allowed through with simple tools?20:10
naccsarnold: good call20:10
b-yeezisarnold, I used ufw allow 2701720:11
b-yeeziI will try both and get back to you20:15
b-yeeziThanks for your help20:16
minxHi I am for all intents and purposes a complete noob in linux can anyone point me in the right direction of a detail step by step guide to the fundemental basics and possible within the same source leads onto more advance stuff? I have tried a google around and can't seem to find what I'm looking for20:51
sarnoldminx: as far as I know, no such guide exists. it would be immensely difficult to create one of that scope..20:53
geniiThe Linux Documentation Project may be a good place to start20:53
sarnoldminx: you can use general-purpose guides like https://help.ubuntu.com/lts/serverguide/  -- specific guides like http://mywiki.wooledge.org/BashGuide -- the general set of HOWTOs (possibly badly dated by now) http://www.tldp.org/docs.html20:55
sarnoldminx: and of course most tools, configuration files, etc. have manpages; I started learning linux via "ls /usr/share/man/man*" and reading everything in there20:55
minxman pages?20:57
sarnoldthere's extensive system documentation in the manpages20:58
sarnoldrun "man ls" to see an example20:58
sarnoldthey document user commands, sysadmin commands, configuration files, device drivers, subsystems, programming interfaces, etc20:59
b-yeezisarnold, nacc it was the mongodb.conf bind_ip only allowing localhost. In the docs, it says that it is suppose to default to allow all, but debian changes it to only allow
b-yeeziThanks for your help21:00
sarnoldb-yeezi: ahhhhhh21:00
sarnoldb-yeezi: see e.g. https://www.riskbasedsecurity.com/2016/07/redis-over-6000-installations-compromised/ for a description why :)21:01
sarnoldb-yeezi: thanks for reporting back, I always like hearing the end results :)21:01
minxThank you very much! these look like some good places to start thank you very much! ^__^21:04
sarnoldminx: oh yes, most packages leave documentation in /usr/share/doc/<packagename> too -- sometimes it's just the packaging changelogs, sometimes there's things that don't really fit in to a manpage21:05
b-yeezisarnold, yeah I totally understand why. From a risk standpoint, it's better to fail by leaving the defaults rather than leaving the system open by default.21:06

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!