/srv/irclogs.ubuntu.com/2017/02/16/#ubuntu-server.txt

JoseLuis_estoy vivo?00:51
wedgiesoy muerto00:51
JoseLuis_he he he, I thought that it was disconnected.00:53
naccjgrimm: fyi, dogtag-pki finally built, it's migrating now, tests are queued, i'll check again in the AM01:26
jgrimmnacc, thanks sir01:26
fishcookeris there any apps like iostat for cpu and memory usage ?02:18
OerHeksfishcooker, top or htop02:23
cpaelzergood morning06:29
GPenguinmoin06:30
thrasosHello :-)07:39
thrasosFirst time installing ubuntu-server anything you'd suggest07:40
thrasosI mean't is there anything you'd suggest? (any pitfalls to avoid etc)07:41
sarnoldif it's going on the live internet please disable password authentication in sshd_config as soon as you can07:41
thrasossounds important thanks!07:43
boichevthrasos: sounds like you are playing around wiht linux servers is this right07:50
thrasosthat is true07:51
boichevthrasos: check htop it is really a nice way to monitor the server resources07:54
thrasosthanks for the tip07:57
sarnoldthrasos: you can use 'apt-cache search' to search for packages to install; it searches both descriptions and names. you can use apt-cache show to see more information on the package, and apt-get install to install it08:00
thrasos excellent08:07
=== jamespag` is now known as jamespage
boichevthrasos: If you need something speciffic just tell us a direction :), a software raid with mdadm. You can mix random disk sizes (with equal partitions) and raid1 is super nice for redundancy ... many here will disagree with my love to software raid but it did gread job for me on many servers08:10
sarnold<3 zfs08:11
boichev+1 on zfs it is really REALLY nice08:13
maxagazhi08:22
lordievaderGood morning.08:49
JanCZFS has advantages and disadvantages09:13
JanCit seems like ZFS is not as predictable as linux software RAID + ext4 when it comes to performance09:14
lordievaderWasn't it supposed to be superior? (Never used it...)09:14
JanCand you can't expand a ZFS RAID with extra disks, like you can with software RAID09:15
JanCwell, you can, but not in the same way as you can with software RAID (you need to create a new volume with multiple disks)09:16
JanCOTOH, it has much better integrity checking of course, and features like de-duplication09:16
JanCand it supports compressed files (although that's not useful if you use it primarily for already compressed files)09:17
JanCone nice feature is also that you can enforce UTF-8 filenames  :)09:18
PhoenixMageHi guys, there are few iscsi packages floating around and I am wondering which one is the most stable for a home lab NAS, integration with the zfs commands would be a plus09:38
=== Amgine_ is now known as Amgine
valbrhi all :)10:28
valbrIs there a possibility to make a fan profile for a 3 pin fan10:28
valbrfancontrol does it for a PWM fan, but not a 3 pin fan. can it be done with a 3 pin fan too?10:28
maxagazI have installed a headless virtual box on my server A, this virtual box contains another ubuntu server B. I can ssh from my laptop to server A, and from server A to server B, but how can I ssh directly from my laptop to server B ?10:39
rbasakcpaelzer: I updated the blueprint to find any outstanding merges in there that aren't already in proposed. I have nut, logwatch and python-django. Are you taking care of logwatch today? I'll look at nut (I think it's pending my review from caribou) today. nacc isn't here but I'll ask him about python-django later.11:00
rbasakroaksoax: ^11:00
cpaelzerrbasak: yeah logwatch is already in proposed now11:35
cpaelzerrbasak: IIRC python-django had something about test failures - the log of the IRC meeting has some details, but in any way nacc is the right one to know11:36
rbasakcpaelzer: ah great. Thanks!11:39
rbasak(re: logwatch)11:39
Genk1Hello all!12:10
Genk1Is disabling Ipv6 support a good practice ? why ?12:10
hateballIf you have an ill configured network it can give you grief12:11
Tm_TI'd rather fix the network12:11
Genk1Hmm OK, but what is the risk of having ipv6 disabled ?12:12
hateballThat you cant communicate over ipv6 if you need to12:13
patdk-laploosing half the internet!12:43
cpaelzerrbasak: and migrated, I see you already set done - thanks12:46
lordievaderGenk1: Nowadays you want to slowly move to ipv6. So do try to leave it enabled.12:58
Genk1lordievader, OK thanks!13:00
zioprotoHello, is nish aravamudan in this chat ?13:03
rbasakzioproto: he's nacc, but not here right now.13:03
zioprotorbasak, thanks, I wanted to ping him about this https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/157047213:03
ubottuLaunchpad bug 1570472 in puppet (Ubuntu) "Set systemd as default service provider" [Medium,In progress]13:03
zioprotodo you know on what time zone is he ?13:03
rbasakzioproto: UTC-8.13:04
zioprotothanks !13:05
=== rvba` is now known as rvba
rbasakcaribou: around? I'm just writing up review notes from nut now. As we need to upload today for FF, do you have time for some tight review loops, or would you like me to just take care of it?13:42
rbasakSorry it's been so late coming. It's (almost) one of the last ones left :-/13:43
rbasakcaribou: also I'll suggest tweaking the changelog a bit. I can propose the change, but would like an ack for you before keeping your name on it.13:45
zioprotoI am trying to understand in LP if there is a list of merge requests against the puppet package13:48
zioprotoI arrived here https://code.launchpad.net/ubuntu/+source/puppet/13:48
zioprotorbasak, reading all the story of LP bug #1570472 probably I could ask also to you14:07
ubottuLaunchpad bug 1570472 in puppet (Ubuntu) "Set systemd as default service provider" [Medium,In progress] https://launchpad.net/bugs/157047214:07
=== Guest55639 is now known as IdleOne
rbasakzioproto: I'm not really current with what the issue exactly is. Could you perhaps summarise in the bug, effectively rewriting the bug report including all the information that others have gathered in comments, and identify any inconsistencies?14:12
zioprotosure, I'll try my best14:13
rbasakThanks!14:13
zioprotoshould I then make also a merge request on launchpad like I do with the openstack packages ?14:13
rbasakWe don't have an official repo branch for puppet packaging in Ubuntu. Normally attaching a debdiff to the bug is fine.14:14
zioprotoWhat is this then ? ~usd-import-team/ubuntu/+source/puppet14:14
rbasakI was just looking that up for you :)14:14
rbasakIt's our experimental work on git branches for Ubuntu packages.14:14
rbasakIf it's current, feel free to file a merge proposal against the appropriate branch in there.14:15
rbasakIf it's not current, we can bring it up to current manually on request.14:15
zioprotobut how is it possible that this bug is open since April 2016 ?14:18
zioprotoevery puppet user is still on trusty ? :)14:19
patdk-wkhmm, it's only since april14:19
patdk-wkit would be more concerning if it was april 201214:19
rbasakNo idea. We'd be quite happy to fix it if we were clear on the details of the problem.14:19
rbasakAlso, there's a trivial workaround posted in the bug.14:20
zioprotothe workaround does not work if you dont have a site.pp14:21
zioprotowe use foreman14:21
rbasakI suspect there are far fewer users in that situation.14:21
zioprotosoon tons of people are going to be forced to do the trusty xenial upgrade14:22
rbasak...who don't have a site.pp and use foreman?14:22
zioprotoI just mean that if you have a puppet master with external_nodes you cannot apply the workaround14:25
* rbasak shrugs14:25
zioprotothe packages from the PPA work okay, and also other users reported they work14:25
rbasakLike I say, we'd be happy to fix it if someone who cares comes along and tell us what to do.14:25
zioprotoI dont understand what is the blocking factor14:25
rbasakWe need to know that it's the minimal fix and there's no regression risk.14:26
zioprotoI think we need to wait for nacc14:26
rbasakSince the set of people who test the PPA are a biased sample representing only one use case.14:26
rbasakTo understand the regression risk, we need to understand what scenarios are affected, how and why.14:26
zioprotodo you know if the tree where the PPA is buillt from is published somewhere ?14:26
rbasakYes. See the PPA page. You can get the sources from there.14:27
rbasak"and there's no regression risk" -> well, there's never *no* regression risk, but we do want to minimise it, and for that we need a good understanding of the problem and the fix. Saying "the patch works" isn't good enough for a proposed change to a stable release.14:27
zioprotohttps://launchpad.net/~nacc/+archive/ubuntu/lp157047214:27
zioprotoif I click on code14:28
rbasak"View package details"14:28
rbasakOpen the arrow against the version/series you want.14:28
rbasakYou can download the source package files from there.14:28
zioprotook14:30
rbasakzioproto: thank you for driving this. We appreciate your help.14:30
zioprotorbasak, I understand how to get diff from 3.8.5-2ubuntu1~ppa7 to 3.8.5-2ubuntu1~ppa814:35
zioprotobut this means it is the version number 8 of the PPA ?14:35
zioprotoI would like to diff against che Xenial package14:36
zioprotoI mean the buggy one that is delivered to the world :)14:36
rbasakzioproto: you might find https://git.launchpad.net/usd-importer/tree/git-dsc-commit useful14:36
rbasakIt imports a Debian source package into a fresh git commit. Then you can use git to diff as normal.14:37
rbasakzioproto: check out the correct parent commit first, eg. ubuntu/xenial-devel if the PPA package is based on that.14:37
zioprotookay, so I use it with https://launchpad.net/~nacc/+archive/ubuntu/lp1570472/+files/puppet_3.8.5-2ubuntu1~ppa8.dsc14:37
rbasakzioproto: yes, but you also need the associated files. You can use dget to pull them from the dsc URL automatically.14:38
coreycbzul, backports should be back to normal soon for ocata14:52
zulack14:53
isthakur I am trying to run a php based application on my LAMP server which is reporting error 500 can any one help me. I have a a scripts that run well on LAMP server with php6 but not working with PHP714:55
lordievaderHave you checked the logs?14:56
isthakurwhere to find?14:57
lordievaderLogs usually go to /var/log14:58
lordievaderIf you are using Apache with mod_php you want to look into the error log of Apache.14:58
isthakurThank you lordievader. Trying to figure out the issue.15:08
lordievaderWhat is the error?15:09
isthakurunable to figure out. accidently deleted the error log.15:19
isthakurnow nothing is being added to it.15:20
lordievaderRestart apache ;)15:20
isthakurThanks dear.15:26
isthakur[Thu Feb 16 20:53:51.821767 2017] [:error] [pid 22108] [client 127.0.0.1:59574] PHP Warning:  require(include/RequirementsValidation.php): failed to open stream: Permission denied in /home/isthakur/data/isthakur/Sites/yetiforce/index.php on line 1715:26
isthakur[Thu Feb 16 20:53:51.821822 2017] [:error] [pid 22108] [client 127.0.0.1:59574] PHP Fatal error:  require(): Failed opening required 'include/RequirementsValidation.php' (include_path='.:/usr/share/php') in /home/isthakur/data/isthakur/Sites/yetiforce/index.php on line 1715:26
isthakurpermision is fine i.e. 644 on index.php15:26
isthakurpermission on folder was not given to other so corrected that but now there is a huge list of errors. I will try to fix it and then let you know. Thank you very much for showing me the route to troubleshoot the problem15:30
lordievaderCan you browse to that file and read it as the apache user (www-data)?15:30
isthakurnow yes15:31
isthakurI have to leave right now. for half an hour. catch you later.15:31
isthakurand once again thank you very much.15:31
lordievaderNo problem15:32
=== din0 is now known as dino82
zioprotorbasak, the git-dsc-commit too is perfect :) I was able to diff the ppa code from the current stable. The patch LGTM. What is the workflow to propose the patch for the proposed Xenial packages ? Should not nacc do it ? He is the original authro16:01
cpaelzerjamespage: on your work snapping qemu/libvirt did you create an interface that covers /var/run/libvirt/libvirt-sock-ro ?16:05
cpaelzeror the non read-only version16:06
cpaelzerhmm I found a libvirt interface, checking definition16:07
rbasakzioproto: anyone can do it. See https://wiki.ubuntu.com/StableReleaseUpdates#Procedure, and just attach something usable to the bug (that includes packaging changes such as the version in debian/changelog) and subscribe ~ubuntu-sponsors to the bug.16:09
AmgineQuestion: When there is network links from my IP to an IP blocked via iptables, that likely means my server is compromised, yes?16:20
zioprotoAmgine, what do you mean with 'network links'16:22
zioproto?16:22
Amgineusing iftop shows data connection, outbound.16:22
Amginezioproto: https://dpaste.de/HJUh/raw16:24
=== runelind_q_ is now known as runelind_q
zioprotothis is the output of a command like ss ?16:26
Amginesudo iftop, it is like top only for network traffic.16:26
zioprototry ss -tp16:26
zioprotodo you see a connection ESTABILISHED with that host ?16:28
AmgineNo. Nor do I see a connection for the steady streams of spiders, bots, and browsers.16:29
AmgineBut I think I understand what you're suggesting.16:29
zioprotoAmgine, do you see more stuff with ss -tpa ?16:29
AmgineJust me.16:30
zioprotoIt could be that the traffic you see with iftop is just ICMP replies that your port is closed. Or maybe you are sending TCP RST16:30
Amginekk. Just being paranoid, I suppose.16:32
zioprotonacc, welcome in ! :) I was waiting for you :D16:36
zioprotonacc, I have a production openstack cloud where the Trusty to Xenial upgrade is blocked by this bug: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/157047216:37
ubottuLaunchpad bug 1570472 in puppet (Ubuntu) "Set systemd as default service provider" [Medium,In progress]16:37
zioprotonacc, I looked at the diff between the package shipped in Xenial and the ppa you published on launchpad. Changes look ok. There is a reason why this patch was not yet proposed to Xenial ?16:38
nacczioproto: mostly business :) i have been waiting for upstream feedback on it16:38
nacc*busyness16:39
nacczioproto: let me prepare an SRU today for it16:39
zioprotoyahoo :)16:39
zioprotoif I can help tell me what I have to do16:39
nacczioproto: thanks!16:39
zioprotousually for openstack packages I make a merge request of my git tree on launchpad, but I guess SRU has a bit more of burocracy16:39
nacczioproto: yeah, but in this case, pretty easy to argue for16:40
zioprotonacc, leaving the office soon, I sent you my mail in pvt16:42
zioprotoof you need any testing to be done write to me16:42
nacczioproto: thanks again16:42
zioprotoalso, if we go to production using your PPA on launchpad, can we rely on that PPA to be available ?16:42
nacczioproto: i won't remove it, and it should get trumped by the SRU16:43
zioprotook great16:43
zioprotothe problem is that Openstack MItaka is the only release support both on trusty and xenial16:43
zioprotoso we have to upgrade to xenial to move on to openstack newton16:44
zioprotoso I guess a lot of openstack people will soon move to Xenial16:44
zioprotobetter get this puppet thing fixed :D16:44
zioprotoI have to go ! thanks for the help !16:44
zulcoreycb: do we need a blanket FFE?18:17
coreycbzul, i don't think we do this cycle.  it might be worth emailing the release team though just to keep them in the loop.18:18
=== miczac\away is now known as miczac
=== miczac\away is now known as miczac
tewardrbasak: another 'merge' update was pushed by me just now, it's a minor minor packaging strings change for debian/control but it syncs us up with Debian except for our delta that we add.20:34
tewardsarnold: jgrimm: ^ just an FYI20:34
teward(for nginx)20:34
jgrimmteward, ack20:34
tewardhopefully that sneaks in right before FF goes into effect20:36
tewardotherwise, it probably can be FFe'd without issue20:36
jgrimmyup! :)20:39
tewardwhoopsies I left junk .save files stupid editor crashes20:40
tewardnginx -1ubuntu2 inbound heh.20:41
tewardsomeone please shoot me for my screw up20:41
tewardthe taser is over on the desk :P20:41
nacc`git status` ftw20:41
tewardnacc: not git tracked20:41
teward*manual* merge20:41
naccor `git status --ignored`20:42
tewardnacc: ^ not git tracked.  Yet.20:42
naccbah, you can still do it in a git repo locally :)20:42
tewardnacc: I *could* except that these're minor fixes.20:42
tewardIn any case, it's uploaded/fixed finally hopefully in time for FFe.20:42
tewardI need coffee, really.20:42
tewardRelease team is probably going to slap me for so many uploads today xD20:42
nacc:)20:42
tewardnacc: it'll be tracked *soon* on my own gitlab.  I couldn't reliably use any git workflows because of some very evil merge conflicts20:43
tewardthat basically needed start-over-from-scratch for the delta20:43
tewardand about a month of headbanging against fPIE/fPIC20:43
naccteward: oh i get that, i just meant, it's trivial to just do a `git init` locally when you start, then you know what you are changing from the debian version, at least -- even if manual20:43
naccteward: i've found my own mistakes in trivial merges by doing that20:44
naccteward: but on to bigger and better things any ways :)20:44
tewardnacc: true, but i also have an automated testbuild workflow that would kill that :P20:44
tewardso blah20:44
tewardin any case, it's *now* git-worthy since the dynamic module stuff is in20:44
nacc:)20:44
tewardI should go get coffee though now heh20:45
* genii 's ears perk up for a second at the mention of coffee20:45
tewardgenii: give.20:46
teward:P20:46
tewardwow Chrome crashed lol20:46
* genii covertly meets Juan Valdez at the Columbian border and obtains coffee for teward20:47
* genii hand-roasts the beans, grinds them in an antique brass grinder, prepares enough for 1 large mug in the French press.20:49
* genii slides teward the mug20:49
* teward takes, and disappears gradually (with the coffee and the mug) into the shadowy mists that seemed to just 'appear' in the periphery of the channel.20:50
PhoenixMageHi guys, there are few iscsi packages floating around and I am wondering which one is the most stable for a home lab NAS20:59
patdk-wkheh, depends on what your doing21:19
patdk-wkfor me, all of them are stable21:19
patdk-wkit's more in what you want to interface with it21:19
patdk-wklio seems to be so dymaically changing, that if you want to script it (use pacemaker with it), it keeps changing and it's hard to use21:20
PhoenixMageIts mainly for my lab ESXi boxes, I am migrating to ubuntu from freenas21:28
wedgiefor that you may be just as well off with NFS if you don't find a satisfactory answer for iscsi21:29
PhoenixMagewedgie: Yeah I am thinking of moving them to NFS but at the moment I have a collection of them on an iscsi volume. If I upgrade to 10G interfaces then NFS is apparently the way to go anyway21:31
wedgiePhoenixMage: you're moving from freenas... will you be using zfs on the ubuntu system as well? If so that's a double good reason to go NFS. Much more graceful handling of compression21:32
patdk-wkunless your real issue is, your stuck on 1gbit network, and attempting to balance over multible21:33
patdk-wkbut then make sure your iscsi service can make use of multipathing21:33
patdk-wkbut nfs would be perferred though, as you don't have to worry about empty space reclaiming21:33
wedgieindeed. One glorious day NFS will support multipathing but it's not quite standard yet, as I understand it. Haven't looked into it for about a year though21:34
PhoenixMagewedgie: yeah zfs on ubuntu, just improted all my zpools21:34
wedgiehuh, maybe nfs4.1 with multipathing *is* a thing already: http://packetpushers.net/multipathing-nfs4-1-kvm/21:38
wedgieoh, wait, requires recompliling the kernel. So yeah, not quite prime-time just yet21:39
PhoenixMageI am running a lagg across 4 interfaces and 3 hosts, not ideal21:40
PhoenixMageAnyway, seems I might just go with any of the iscsi implementations and migrate to nfs21:40
=== madsa is now known as Guest13012
=== madsa_ is now known as Guest87296
=== keithzg_ is now known as keithzg
=== miczac is now known as miczac\away
=== Darkman802_ is now known as Darkman802
=== miczac\away is now known as miczac

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!