foo | Can 16.04 use upstart if I install it? | 00:42 |
---|---|---|
RoyK | foo: why would you want upstart? | 00:52 |
foo | RoyK: Thank you. Trying to set up nginx + upstart + python script. I had this working in 14.04, but 16.04 seems different somewhere. I use upstart to start my init script that launches gunicorn for my app | 00:52 |
foo | RoyK: I'm open to another way, this is just how I did it initially, so I just start/stop my app with start / stop myapp | 00:53 |
RoyK | foo: Xenial uses systemd, get used to t | 01:10 |
RoyK | foo: Xenial uses systemd, get used to it | 01:10 |
foo | RoyK: alrighty, I'll remove upstart. Thanks | 01:12 |
UbuntuDude | Couple of months ago someone here gave a good info and url I added it to my bookmarks ... BUT I've forgot the whole thing :( | 01:14 |
UbuntuDude | I think it was about images for ubuntu server distro(s) that optimized and ready for production ... the topic I was asking about back then about programs to control linux web server like cpanle | 01:15 |
UbuntuDude | I remember finding ubuntu server iso image by amazon | 01:16 |
RoyK | UbuntuDude: I'd recommend using an official image, not something on amazon unless you're using them as your VPS provider | 01:55 |
UbuntuDude | RoyK: I'm just learning linux server | 02:03 |
UbuntuDude | but I forgot what was the images they told me about here ... | 02:03 |
RoyK | UbuntuDude: use the images from ubuntu.com - nothing else - the others may have been tapered with | 02:58 |
fishcooker | i tried to remove old kernel when /boot 100%(scarse disk) hit... yes it's only 200MB with automatic security update without kernel blacklist but i've got https://bpaste.net/show/a957a4d9e824 when try the old one to release some space to upgrade to the latest kernel | 03:48 |
fishcooker | is there any to remove the old kernel manually | 03:49 |
sbeattie | fishcooker: apt-get purge linux-image-3.13.0-48-generic linux-headers-3.13.0-48 | 03:50 |
=== ideopathic_ is now known as ideopathic | ||
RoyK | fishcooker: rhel/centos has this feature of just keeping the last few kernels - not sure if that exists on debian/ubuntu | 04:01 |
=== ideopathic_ is now known as ideopathic | ||
=== berglh_ is now known as berglh | ||
=== ideopathic_ is now known as ideopathic | ||
=== ideopathic_ is now known as ideopathic | ||
=== ideopathic__ is now known as ideopathic | ||
markc | hi, is there any way to get dpkg-reconfigure to acknowlege altered debconf settings so I can script re-setting a fresh server install? | 07:38 |
markc | for the life of me I cannot get any variation of debconf-set-selections to change, for instance, the timezone for tzdata | 07:40 |
markc | it may be that debconf only works on initial install of a package but in the case of tzdata it's not possible to remove it then reinstall it just so it picks up new debconf settings | 07:41 |
=== ideopathic__ is now known as ideopathic | ||
markc | it used to work with 100% with wily | 07:43 |
=== Countess_Bathory is now known as BloodCountess | ||
=== BloodCountess is now known as Countess_Bathory | ||
=== _degorenko|afk is now known as degorenko | ||
=== pitastrudl_ is now known as pitastrudl | ||
=== leavd is now known as kicksled | ||
=== Guest95404 is now known as ahasenack | ||
=== ahasenack is now known as Guest59736 | ||
=== Ussat is now known as WeAreSCrewed2016 | ||
=== WeAreSCrewed2016 is now known as WeAreScrewed2016 | ||
theGoat | anyone here handy with syslog-ng? | 13:07 |
ikonia | you'll do better to just ask the real question | 13:12 |
theGoat | i am trying to spin up TLS, from the docs i have been reading, i have the certificates in place, and the config done correctly, but when i do a netstat -nl i don't see it listening on the IP and port i have chosen. nothing in the logs. not sure where to go from here | 13:13 |
ikonia | is it listening on the port would be the first check | 13:14 |
ikonia | can you atually connect to "something" listening on the port | 13:14 |
ikonia | what does the startup of it look like | 13:14 |
ikonia | what happens if you manually start it with the same argumennts in the foreground | 13:15 |
theGoat | yeah i have tried to telnet on the port, and won't connect. when started it in the forground, i don't see anything related to TLS in there | 13:17 |
ikonia | forget tls for the minute | 13:18 |
ikonia | it's not even starting up | 13:19 |
theGoat | yes, and it's listening fine, and receiving events | 13:19 |
ikonia | you need to look at why it's not starting up | 13:19 |
ikonia | netstat's not showing it as listening | 13:19 |
ikonia | and you can't connec to it | 13:19 |
theGoat | netstat is showing on port 514, but not 1514 which i have defined for TLS | 13:19 |
ikonia | ahh, so it is runing on 514, ok | 13:19 |
ikonia | sorry, I thought you where saying it's not running at all | 13:20 |
ikonia | break the tls config on purpose, see if it complains | 13:21 |
ikonia | that should give you an idea if it's trying to process it or not | 13:21 |
ikonia | up the debug level too, | 13:21 |
theGoat | when i initally configured it, i had the paths to the certs wrong, and it still came up without barking | 13:22 |
theGoat | i installed it with apt-get....wondering if i should build it from scratch | 13:23 |
=== tyhicks` is now known as tyhicks | ||
ikonia | why would you build it from scratch ? | 13:34 |
ikonia | what's that going to acomplish ? | 13:34 |
RoyK | theGoat: using letsencrypt? | 13:35 |
theGoat | no. | 13:35 |
RoyK | theGoat: where did you get the certificates? | 13:36 |
theGoat | ikonia: i thought it may be possible the version was missing something for TLS support. | 13:36 |
theGoat | RoyK: from our own internal CA | 13:36 |
RoyK | ok | 13:36 |
ikonia | theGoat: you should be able to see what it's linked against to see if it supports TLS | 13:36 |
ikonia | I'd be surprised if it didn't | 13:36 |
theGoat | RoyK: we don't want to use self signed certs | 13:37 |
RoyK | letsencrypt != self-signed :P | 13:37 |
theGoat | ikonia: how do i check that? | 13:37 |
ikonia | look at the package dpeends | 13:37 |
ikonia | depends | 13:37 |
theGoat | 3.5.6-2.1 - syslog-ng-core (2 3.5.6) syslog-ng-mod-sql (0 (null)) syslog-ng-mod-mongodb (0 (null)) syslog-ng-mod-json (0 (null)) syslog-ng-mod-smtp (0 (null)) syslog-ng-mod-amqp (0 (null)) syslog-ng-mod-geoip (0 (null)) syslog-ng-mod-redis (0 (null)) syslog-ng-mod-stomp (0 (null)) | 13:38 |
theGoat | Provides: | 13:38 |
theGoat | 3.5.6-2.1 - | 13:38 |
ikonia | theGoat: ldd the binary | 13:40 |
theGoat | http://pastebin.com/caaaqHum | 13:42 |
RoyK | no openssl/tls there | 13:43 |
ikonia | is there an optional depdency for it | 13:44 |
theGoat | i didn't see one. i just built it from src, and it says it's in there now | 13:50 |
ikonia | that doesn't seem a good approach to me | 13:50 |
ikonia | the package was rsyslog-gnutls | 13:51 |
ikonia | oops, thats the old one | 13:51 |
ikonia | is syslog-ng the default in ubuntu | 13:52 |
theGoat | ikonia: no rsyslog is | 14:04 |
ikonia | good, thought I was losing my mind a bit on that then | 14:05 |
=== TREllis_ is now known as TREllis | ||
=== Malediction_ is now known as Malediciton | ||
=== pavlushka is now known as pavlushka_ | ||
=== pavlushka_ is now known as pavlushka | ||
=== lordievader_b is now known as lordievader | ||
=== Logos01_ is now known as Logos01 | ||
=== bekks_ is now known as bekks | ||
=== iberezovskiy|off is now known as iberezovskiy | ||
=== jelly-home is now known as jelly | ||
rbasak | powersj: FYI, I triaged bug 1635491. I can reproduce it in Yakkety and in Debian, so I sent it up. | 15:47 |
ubottu | bug 1635491 in samba (Ubuntu) "nmbd hangs on service start if only the loopback interface is configured" [High,Triaged] https://launchpad.net/bugs/1635491 | 15:47 |
powersj | rbasak: thanks for following up on that one! | 15:47 |
=== degorenko is now known as _degorenko|afk | ||
powersj | rbasak: bug 1636583 I'll build package after I go eat | 17:42 |
ubottu | bug 1636583 in debootstrap (Ubuntu) "SRU: Add zesty series link" [High,In progress] https://launchpad.net/bugs/1636583 | 17:42 |
=== iberezovskiy is now known as iberezovskiy|off | ||
=== thib is now known as thiba | ||
=== thiba is now known as thib | ||
ktosiek | hi! What's up with the last USN? I can't find any specifics, and the description sounds like an RCE | 20:21 |
ktosiek | I'm talking about this one: https://www.ubuntu.com/usn/usn-3114-1/ | 20:21 |
teward | ktosiek: priv. escalation | 20:25 |
teward | "The system could be made to run programs as an administrator." | 20:25 |
teward | ktosiek: one-liner summary in here: http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1247.html | 20:26 |
teward | with a little more data. | 20:26 |
ktosiek | ohhh | 20:36 |
ktosiek | that's not so bad ^_^ | 20:36 |
ktosiek | teward: thank you very much, I was panicking a bit | 20:36 |
=== m1dnight2 is now known as m1dnight_ | ||
teward | ktosiek: never hurts to ask. That said, the USN has a link to the CVE tracker data too | 20:47 |
teward | under the References section | 20:48 |
teward | for the future, in case you want to check other ones for more info and such :) | 20:48 |
ktosiek | yeah, it was broken the last I checked :-P | 20:48 |
teward | it probably hadn't been updated yet (not "broken", just "out of sync") | 20:48 |
ktosiek | wait, no | 20:48 |
ktosiek | that one to mitre.org is OK, but useless (reserved CVE). I might have missed the description under the ~ubuntu-security link | 20:50 |
ktosiek | still, thanks for pointing that out, and I'll pay more attention to the ~ubuntu-security pages | 20:51 |
teward | yep *goes back to lurking* | 20:51 |
=== m1dnight2 is now known as m1dnight_ |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!