| med_ | smoser, I | 00:33 |
|---|---|---|
| med_ | smoser, I'm glad you finally got your cubswin:) | 00:33 |
| med_ | for cirros and yourself. | 00:34 |
| === JanC_ is now known as JanC | ||
| smoser | med_, https://git.launchpad.net/cirros/commit/?id=9a7c371ef329cf78f256d0a5a8f475d9c57f5477 | 00:58 |
| smoser | 0.4 series will include a new password. i would never do something like that just for fun, as it definitely causes pain | 00:59 |
| med_ | xlnt!!! | 00:59 |
| smoser | but bug 1454144 seemed legit for people. | 00:59 |
| ubottu | bug 1454144 in CirrOS "Default password should use alphanumeric chars" [Low,Fix committed] https://launchpad.net/bugs/1454144 | 00:59 |
| sarnold | fun :) | 00:59 |
| * med_ was actually using cirros when he posted above... validating some metadata service changes in openstack | 01:02 | |
| arooni | hey everyone | 02:29 |
| CodeMouse92 | I'm going a little crazy, and hoping someone can help. I am using Phabricator, and it's sending a POST request to somewhere else. That works fine with HTTP, but when it tries to do the same with the HTTPS URL (which I confirmed works and has a valid cert), it returns "HTTP 60" in head. What is going on? | 03:48 |
| RoyK | CodeMouse92: bhat's not really related to ubuntu - I guess the same issue should arise on other platforms as well | 04:27 |
| CodeMouse92 | RoyK: Okay, well, I thought I'd ask somewhere where people knew this stuff well. Anyway, I'm just working around it for now. | 04:28 |
| RoyK | try #Phabricator | 04:28 |
| CodeMouse92 | RoyK: Was already there | 04:47 |
| CodeMouse92 | Thanks for the help. Heading out | 04:48 |
| === devil is now known as Guest43423 | ||
| sat_ | Hi, does anyone here have experience with LVM2 and dm-cache on 16.04? | 10:48 |
| sat_ | I tried to set it up on 14.04 and it works with: ➜ ~ sudo lvconvert --type cache-pool --poolmetadata vgc/lvc_meta vgc/lvc | 10:48 |
| sat_ | But the same thing on 16.04 complains about missing dm-cache kernel module | 10:48 |
| sat_ | ➜ ~ sudo lvconvert --type cache-pool --poolmetadata vgc/lvc_meta vgc/lvc modprobe: FATAL: Module dm-cache not found in directory /lib/modules/4.4.0-45-generic /sbin/modprobe failed: 1 Failed to determine version of cache kernel module | 10:51 |
| sat_ | And indeed the kernel module is nowhere in the system | 10:52 |
| sat_ | nobody? ^^ | 10:59 |
| ducasse | sat_: (following up from #ubuntu) those modules are present on my install. | 11:01 |
| ducasse | sat_: /lib/modules/4.8.0-26-generic/kernel/drivers/md/dm-cache.ko | 11:02 |
| sat_ | ducasse: oh, you have a newer kernel | 11:02 |
| ducasse | sat_: sorry, this is 16.10... | 11:03 |
| sat_ | ls -l /lib/modules/*-generic/kernel/drivers/md/dm-cache.ko zsh: no matches found: /lib/modules/*-generic/kernel/drivers/md/dm-cache.ko | 11:03 |
| ducasse | sat_: let me check my 16.04 host... | 11:03 |
| ducasse | sat_: /lib/modules/4.4.0-45-generic/kernel/drivers/md/dm-cache.ko | 11:04 |
| ducasse | sat_: from linux-image-4.4.0-45-generic | 11:04 |
| sat_ | damn... I know it should be there, but for some reason it's not | 11:04 |
| ducasse | sat_: reinstall the package? | 11:05 |
| sat_ | yeah, I'm trying that now (I think I already did that) and I definitely reinstalled -extras | 11:05 |
| sat_ | oh, it's there now | 11:05 |
| sat_ | very very strange | 11:06 |
| sat_ | ducasse: thanks a lot! | 11:06 |
| ducasse | sat_: np :) | 11:06 |
| === skylite_ is now known as skylite | ||
| === Guest43423 is now known as devil_ | ||
| === Ussat is now known as BendOver2016 | ||
| zioproto | coreycb: hey there ! the neutron namespace patch is merged :) | 13:33 |
| zioproto | coreycb: I have seen the cherry picks | 13:33 |
| zioproto | I dont they will not accept the cherry pick in MItaka | 13:33 |
| zioproto | because it is not security related | 13:34 |
| zioproto | should I refresh my ubuntu merge request ?? | 13:34 |
| zioproto | or you guys have this patch in the radar for a wider set of ubuntu ditributions ? | 13:35 |
| zioproto | because I can test only trusty/liberty | 13:35 |
| ben911 | Hello, I am trying to install ubuntu server 16.04 on supermicro server (UEFI mode due to nvme drives not visible for legacy boot), booting a single drive works fine but I wish to configure everything with raid-1 like I used to do in the old MBR bootable machines. | 14:35 |
| ben911 | For some reason I can only see the first nvme drive in the installer | 14:35 |
| ben911 | cat /proc/partitions shows the other nvme device | 14:35 |
| ben911 | I thought about trying to manually configure everything but the installer environment doesn't have any partition tools that I could find (fdisk/cfdisk/parted) | 14:35 |
| ben911 | Any idea what's wrong with the installer and how come it sees only 1 drive? | 14:35 |
| ben911 | Anyone around? | 14:50 |
| zul | coreycb: yeah i got a better way of doing this | 14:55 |
| coreycb | zul, ok let me know what you are thinking | 14:55 |
| coreycb | zioproto, I figured I'd at least attempt to get the mitaka one merged. yes please refresh your merge request. | 14:55 |
| zul | coreycb: its like having a template conf, generating the sample config and then using sed | 14:56 |
| coreycb | zioproto, I'll work on the mitaka and newton package updates to cherry pick the patch | 14:57 |
| coreycb | zul, so, using sed instead of patch? | 14:57 |
| zul | coreycb: yeah | 14:58 |
| ben911 | Has anyone ever encountered a case in which partman doesn't see one of the drives? | 14:58 |
| ben911 | (during installation) | 14:58 |
| coreycb | zul, that seems just as fragile or even more fragile than using patch | 14:59 |
| zul | coreycb: well no lemme show you | 14:59 |
| coreycb | zul, patching nova/common/config.py appears to be the right way to do this | 15:22 |
| zioproto | coreycb: I reworked the patch for Liberty, compiling ubuntu packages just now | 15:22 |
| coreycb | zul, the only issue is that the defaults you set in that file appear to show up commented in the generated config | 15:23 |
| zul | coreycb: yeah thats where the sed stuff comes in | 15:23 |
| zul | coreycb: something like this as well paste.ubuntu.com/23425973/ | 15:31 |
| zul | coreycb: but you would still need the wrapper | 15:32 |
| zul | coreycb: patching the sample configuration is juet crazy maintenance wise | 15:33 |
| coreycb | zul, that approach makes sense, although we may also need to patch nova/common/config.py for options not in the nova namespace | 15:39 |
| coreycb | not sure what you mean by wrapper though | 15:39 |
| zul | coreycb:small shell script modifies the nova.conf.sample basically | 15:39 |
| ddellav | zul coreycb you guys talking about upstream configs for nova? | 15:40 |
| zul | ddellav: yes | 15:41 |
| coreycb | zul, ok let me know when you're done, curious to see it | 15:41 |
| zul | coreycb: yep yep... | 15:42 |
| coreycb | zul, seems like the generator or apis should allow you to expose a config option though instead of leaving the default commented out | 15:42 |
| ddellav | zul me too. I could never figure out what to do for nova so I left it for last | 15:42 |
| zul | coreycb: you should be able to, i guess no one has asked for it | 15:43 |
| zul | coreycb: btw the virtio flag isnt needed anymore its default | 15:46 |
| coreycb | zul, ok | 15:46 |
| zioproto | coreycb: https://code.launchpad.net/~zioproto/ubuntu/+source/neutron/+git/neutron/+merge/309457 | 15:48 |
| zioproto | I pushed the new patch for Liberty | 15:48 |
| zioproto | reworked on the one that was merged upstream | 15:48 |
| zioproto | I have to go, see you guys monday | 15:48 |
| zioproto | Weekend is starting here in Europe :) | 15:48 |
| coreycb | zioproto, thanks! little bit of a backlog on neutron srus right now but next week hopefully we can get newton and mitaka patches sru'd and then liberty. | 15:49 |
| zioproto | noproblem | 15:52 |
| zioproto | I have already patched packages in production | 15:52 |
| zioproto | so I am running safe | 15:52 |
| zioproto | just make sure you dont drop this patch at the next package upgrade | 15:52 |
| zioproto | or my cloud will break :) | 15:53 |
| zioproto | now I am really leaving ! have a good weekend everyone | 15:53 |
| fuzzywuzzy | Who should own /var/log/apache2 ? | 16:29 |
| fuzzywuzzy | If I created a user, added them to adm and gave them SUDO why would they not be able to read apache2 logs? | 16:29 |
| fuzzywuzzy | Ooooh, its www-data:www-data | 16:30 |
| fuzzywuzzy | Wow... its quite in here | 16:37 |
| sarnold | fuzzywuzzy: I think apache suffers from the same problem as https://www.ubuntu.com/usn/usn-3114-1/ | 16:38 |
| fuzzywuzzy | sarnold, What do you mean? | 16:47 |
| fuzzywuzzy | sarnold, Does apache have the same vuln? | 16:47 |
| sarnold | fuzzywuzzy: I can't recall now; but if apache is writing the logs as www-data:www-data then at least it can't overwrite important root-owned files | 16:48 |
| teward | sarnold: erm, I think Apache handles file opening differently than nginx | 16:49 |
| teward | 3114-1 was nginx-specific | 16:49 |
| sarnold | teward: lets hope so :) | 16:49 |
| teward | and specific to the way the packaging is permissions wise vs. how nginx handles files | 16:49 |
| teward | sarnold: you should have a very *lengthy* email chain on this | 16:49 |
| sarnold | teward: because it was lengthy is why I can't recall the details :) | 16:50 |
| teward | sarnold: see the other channel for a 'poke' | 16:50 |
| fuzzywuzzy | sarnold, so /var/log/apache2/ should be www-data:www-data? | 16:54 |
| sarnold | fuzzywuzzy: yeah, I think so. | 16:55 |
| fuzzywuzzy | So should I add this non-root user to www-data too? | 16:55 |
| fuzzywuzzy | or just use sudo su to view the logs in apache2 | 16:56 |
| sarnold | if you want them to have access to the web server too, yeah | 16:56 |
| fuzzywuzzy | sarnold, Thanks I will do that | 17:02 |
| fuzzywuzzy | Can anyone recommend a good supported HID like Lynis for a very small install (2 servers)? | 17:04 |
| genii | !info lynis | 17:05 |
| ubottu | lynis (source: lynis): security auditing tool for Unix based systems. In component universe, is optional. Version 2.3.2-1 (yakkety), package size 161 kB, installed size 1221 kB | 17:06 |
| genii | hm | 17:06 |
| fuzzywuzzy | genii, I'm looking for something commercially supported. Like Lynis enterprise. Not the FOSS versions | 17:07 |
| fuzzywuzzy | Oh dear, Stallman is gonna strike me down. =P | 17:07 |
| genii | fuzzywuzzy: I've never used it myself, but UpGuard seems to have solid reviews and has 3 tiers from free to enterprise | 17:13 |
| fuzzywuzzy | genii, Gracias I will check it out | 17:29 |
| genii | np | 17:44 |
| === JanC is now known as Guest51811 | ||
| === JanC_ is now known as JanC | ||
| === lionel_ is now known as lionel | ||
| === JanC_ is now known as JanC | ||
| CodeMouse92 | Hey gang, if I have a duplicity server backup encrypted with GPG, is it enough to retain just the password for restoring to a fresh server if this one dies? | 22:26 |
| CodeMouse92 | Or do I have to be concerned with storing the key somewhere> | 22:26 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!