/srv/irclogs.ubuntu.com/2017/04/05/#ubuntu-server.txt

drabI'm saying what the expectation when a hostname is used00:00
nacc*assumption00:00
nacc:)00:00
nacctomato - tomato00:00
drabit seems incorrect for it to refer to "lo"00:00
drabfair enough00:00
drabsarnold: the thing came up trying to distribute a configuration to multiple hosts, including the one running the service00:01
naccdrab: right but the very idea that 'hostname' refers to an interface is wrong00:01
naccit doesn't make sense to me00:01
drabso all the hosts are told to point to "server1"00:01
drabso the master gets set up to listen on server1 and the slaves to connect to server100:01
naccor use a fqdn which may or may not be aliased in /etc/hosts (depends on the config, iirc)00:02
drabhowever when that configs gets run, on the master, server1 resovles to 127.0.0.1 so the deamon never listens on eth000:02
drabs/run/read/00:02
drabso then I should put the ip on the master to make uit work, but then if tomorrow I need to repoint the clients I need to change the ip on all of them instead of just repointing dns00:02
drabor otherwise I need to introduce 2 variables, one to tell the server what to bind on, and another for the clients what to connect to00:03
drabI ended up with latter, but it feels "bad" and likely that sooner or later those two will go out of sync/someone will make a mistake00:03
drabI guess I could create another alias for the server00:03
drabwhich wuold not end up in /etc/hosts and then work00:04
drabthat might be a better solution00:04
naccit seems like all your cluster members should have hosts entries that point to the actual ip records00:04
naccthen it would 'just work' if they use those records, right?00:04
drabthat would work too, but seems to add more work instead of making things simpler00:06
draband dns is fast/reliable enough with local caches etc, and if the network is screwed stuff is broken anyway00:06
drabin any case, I think the additional cname might be the way, that way I don't need to touch /etc/hosts to remove anything and things will just work00:07
drabthank you for talking it through, better than a rubber duck :)00:07
naccdrab: np00:07
naccdrab: i think that's a sane approach (basically the same idea just at the DNS server)00:07
drabis there a document somewhere that lists the steps necessary to customize an image so that it runs in a container?00:23
drabI've read in some of stgraber's posts that it needs customizations given the restrictions, but I'd love to know what the process is exactly00:24
renatosilvathis is problematic for a vps installation, correct? http://vpaste.net/qFBIl01:41
renatosilvathat's what their image provides01:41
=== xibalba_ is now known as xibalba
sarnoldthat smells a lot like an openvz host01:44
sarnoldit should be very cheap01:44
sarnoldit can be fine if it is very cheap and that's what you want to pay for it.01:44
patdk-lapdunno why it would be probamatic01:45
sarnoldif you want to do anything like firewalling, routing, create devices, use namespaces, etc., then you should find something willing to give you a KVM instance instead01:45
patdk-lapglibc is made to basically handle any crap you throw at it01:45
patdk-lapcause that is the linux way01:45
sarnoldif you just want a place to run a znc bouncer and host a tiny website it's probably fine01:45
renatosilvapatdk-lap: libc complains heavily about kernel 2.6 upon system update01:49
patdk-laplibc or the libc packaging?01:49
renatosilvasarnold: do you think there's a chance they update the host's kernel if I ask them?01:50
patdk-lapthey won't01:50
sarnoldthey can't01:50
patdk-lapthey are running a stable centos601:50
patdk-lapit can't update, unless they move to centos701:50
patdk-lapand they probably don't want to mess with systemd01:50
renatosilvapatdk-lap: the libc package, do you think it's paranoia from debian then? the message is really scary01:51
patdk-lapI don't know what message you are seeing01:51
* renatosilva doesn't understand how can they run an old host os to provide way newer vms which are stuck to that old kernel01:52
patdk-lapthat is the magic of libc01:52
patdk-lapas long as libc supports that old linux kernel api, it works01:52
patdk-lapand libc has all kinds of crud in it to work with all kinds of linux kernel bugs and changes and incompatability01:53
patdk-lapmost os's the kernel and libc come joined together01:53
renatosilvapatdk-lap: the message is like "libc does not support 2.6 anymore, do not expect it to work" -- well this is a server and I do expect *libc* to work01:53
sarnoldI'd expect Standard Unix Stuff to just work01:54
sarnoldbut maybe the stranger things won't01:54
sarnoldbut that won't be surprising, because it's just an openvz jail anyway. a lot of stuff won't work.01:54
patdk-lapya, but 16.04 has systemd, so01:54
patdk-lapyep, openvz will block a lot of the kernel api anyways01:55
renatosilvaso what? systemd won't work?01:55
patdk-lapI doubt it will 100%01:55
patdk-lapnot sure anyone wants to use systemd 100%01:55
patdk-lapand you couldnt anyways cause it's openvz01:55
renatosilvaso the key here is asking them to upgrade to centos7? they seem worried about improvements01:57
sarnoldfor what it's worth I'd spend the extra three dollars a month to go with some other host01:57
sarnoldand not have to figure out what does and what doesn't work01:57
renatosilva(although I don't understand why they deliver these vms that don't fully work, I'd expect a lot of user reports about it)01:58
renatosilvasarnold: I have a couple of years or something with them yet, already paid01:59
sarnoldthat's unfortunate.02:00
sarnoldmaybe stick with 14.04 LTS until they upgrade infrastructure02:00
renatosilvaok thanks all anyway02:03
sarnoldgood luck02:04
ishaved4thishey guys, I need some help setting up WOL on 16.04. I would like my computer to suspened or sleep after a set amount of time, and fire back up with a WOL app, ssh, or if I can, if plex is requested. I have already enabled WOL on bios03:07
ishaved4this16.04.2*03:08
sarnoldI think that's it, no?03:08
ishaved4thisI'm assuming that wasn't for me?03:08
sarnoldishaved4this: it was ;)03:09
ishaved4thisoh! Well, I was googling around, and it seems you have to configure it in the server as well. I'm pretty new at this whole server thing, and cant figure out a way to even make an ssh key yet. let alone make USBMOUNT mount the drives to the same letter each03:10
ishaved4thistime hahaha03:10
patdk-lapheh? wake back up using ssh or plex?03:12
patdk-lapdoes your nic/bios support this?03:12
ishaved4thiswell, to set up WOL on its own03:13
ishaved4thishttp://askubuntu.com/questions/764158/how-to-enable-wake-on-lan-wol-in-ubuntu-16-0403:13
ishaved4thishttp://askubuntu.com/questions/893056/logout-of-ssh-and-then-suspend-machine03:13
ishaved4thisboth of those have different instructions it seems, and I'm not sure whats right. and I know to wake on plex I need to do something with my modem/router, but I'm not sure what that is03:14
patdk-lapyour modem/router?03:15
patdk-lapno03:15
patdk-lapyou would just have to have your nic support waking on traffic03:15
patdk-lapmost nics don't support this, some do03:15
ishaved4thisahh. see, this is why I come here. you guys know your stuff haha03:16
patdk-lapgenerally not a good idea, cause it is unlikely your system will ever sleep03:16
patdk-lapdo you have a gui installed?03:16
ishaved4thisoh. well if it wont sleep, then theres no point. But I would still like to be able to send a packet to wake the pc up from sleep03:17
ishaved4thisno I dont, But I have an Ubuntu live cd I can boot up03:17
patdk-lapfrom sleep? or suspend?03:17
patdk-lapfrom sleep will be an os thing, I'm not sure how to do that, never care to do that myself03:18
ishaved4thishmm. Suspend is like hibernate on windows correct? which one do you think is better?03:18
patdk-lapI only wol from suspend, full system poweroff03:18
patdk-lapfrom suspend/hibernate, yes03:18
patdk-lapthat ONLY uses the bios, so you just have to setup the bios to handle wol with the nic03:19
ishaved4thisoh really?03:19
patdk-lapthen all you have to worry about in the os, is that you actually suspend/hibernate03:19
ishaved4thisso sleep is kind of unnecessary?03:19
patdk-lapsleep is for other states03:19
patdk-lapS1 and S3 normally, os controlled wol03:19
patdk-lapS5 is full hibernate/poweroff, bios controls that wol03:19
patdk-lapjust depends on how long you want to wait :)03:20
patdk-lapand how much power savings you want03:20
ishaved4thiscould you walk me through how to get hibernate set up on my server? And how will it randomly shut off while I'm watching plex or anything?03:20
patdk-lapno, I don't have time03:21
ishaved4thiswell, I want a quick boot up, but I wouldn't want all these drives powered on at all times.03:21
patdk-lapthere should be lots of info on how to setup hibernate03:21
ishaved4thisalright03:21
patdk-lapsince there will be no physical user03:22
patdk-lapyou will have to figure out how to tell hibernate when the system is active or not03:22
patdk-lapsince I have people actually using the systems, I haven't had to worry about that03:22
ishaved4thisah.03:22
ishaved4thisYeah mines headless. I'm sure google can help out03:23
ishaved4thisnow I just need to find help for the damn external automounting program to map the same mount points each time03:23
drabanybody here has a preference for what monitoring tool to use?03:40
drabI'm tired of recompiling nagios and it seems there's no ppa of sort to get it going on xenial03:40
draband compiling ndo is also not fun03:40
drabat least icinga has a ppa ready to go03:40
draband the web interface isn't written in C so maybe I can make some adjustments in a reasonable timeframe03:41
draboh, nm, there's a ppa for nagios too it seems03:42
drabinterestingly enough not one single howto mentions them, looks like nobody knows about it just like I didn't03:43
=== notdaniel is now known as notdaniel_
ishaved4thishey guys, I need some help setting up WOL on 16.04. I would like my computer to suspened or sleep after a set amount of time, and fire back up with a WOL app, ssh, or if I can, if plex is requested. I have already enabled WOL on bios04:16
ishaved4this16.04.2*04:16
ishaved4thisoh! Well, I was googling around, and it seems you have to configure it in the server as well. I'm pretty new at this whole server thing, and cant figure out a way to even make an ssh key yet. let alone make USBMOUNT mount the drives to the same letter each04:16
drabishaved4this: as long as the card supports it and there's power and it's enabled in the bios, it'll work04:22
drabthere's nothing special/different than a desktop04:22
ishaved4thissweet. I got that part to work, but I cant find a way to get the server to know when to hibernate as its headless and almost never physically used04:23
draboh, no clue about that, you were asking about WOL :)04:23
drabdon't really user power management on servers04:23
drabminus maybe some throttling of CPUs04:23
ishaved4thisyeah I usually don't either, But this one is gunna be downstairs by the router, and with the JBOD next to it that is brighter than god damn Polaris, i'd rather it be off when not in use haha04:24
ishaved4thisalso, do you know how to get the mount points for external harddrives to stay the same through reboots?04:26
drabthe mount points don't change, in case the drives "letters" do04:26
drabwhich is why you use uuids and mount those04:26
drabthose will stay the same even if the drive letters change04:27
drabalternatively you can add udev rules04:27
ishaved4thishmm. Well I used USBmount to auto mount them on plug in and startup04:28
drabno clue, never used that, but the problem then seems to be how ti recognizes the drives04:29
drabie if it automounts /dev/sdc, that can change04:29
ishaved4thisnothing in the config shows how I can mount via uuid or even label04:29
drabif it automunts /dev/disk/by-id/something it won't04:29
ishaved4thisyes. it automounts /dev/sdb /dev/sdc etc. all randomly on boot04:29
drabif it wants a device use what I just mentioned04:29
drab/dev/disk/by-id/04:29
drabfind your drive in there and use that wherever you'd specify /dev/sdb04:30
ishaved4this# Mountpoints: These directories are eligible as mointpoints for04:30
ishaved4this# removable storage devices.  A newly plugged in device is mounted on04:30
ishaved4this# the first directory in this list that exists and on which nothing is04:30
ishaved4this# mounted yet.04:30
ishaved4thisMOUNTPOINTS="/media/usb0 /media/usb1 /media/usb2 /media/usb304:30
ishaved4this             /media/usb4 /media/usb5 /media/usb6 /media/usb7"04:30
draboh, that makes no sense04:30
ishaved4thisright?04:30
drabI'd get rid of that and use "auto-mount"04:30
drabyou can then tell automout to mount which device where04:30
ishaved4thisis that another program?04:30
drabapt-get install autofs04:31
ishaved4thisokay, before i do that, should I unmounts my drives?04:31
ishaved4thisand delete usbmount?04:31
drabuntil you configure them, autofs won't do anything,a ltho I forgot if and to which extent it tries to be smart and discover stuff04:31
drabI guess safer to unmount and stop usbmount04:32
drabbut shouldn't be a prob04:32
ishaved4thisokay so pumount will do the trick, right?04:32
drabthere are no tricks, you need to read the docs, but it can certainly be configured to mount a specific drive at a specific lcoation04:32
drabconsistent across reboots04:32
ishaved4thisoh no, I mean to unmount my drives04:33
drabwhether it's the easiest etc, I've no clue, maybe usbmount can be made to work too04:33
drabI've no idea what pumount is. if you mean unmount, yes04:33
draband you can run "mount" to see what's mounted04:33
drabif usbmount is monitoring those mountpoints however it might autoremount the, I've got no clue about that04:34
drabso I'd stop usbmount first then unmount, then look at autofs04:34
draband on that note, I'm outta here or I'm gonna get locked out of $HOME04:34
ishaved4thislol ok thanks04:34
drabttyl04:34
drabglhf04:34
renatosilvathe libc complaint fwiw http://i.imgur.com/ugUYxll.png05:11
sarnoldthanks renatosilva, I've never seen that thing before05:12
lynorianI have not either05:12
renatosilvaUnpacking libc6:amd64 (2.23-0ubuntu7) over (2.23-0ubuntu3) ...05:18
renatosilvahttps://bugs.launchpad.net/ubuntu/+source/glibc/+bug/162483705:21
ubottuLaunchpad bug 1624837 in glibc (Ubuntu) "upgrading ubuntu 14.04 -> 16.04 deadlocks in libc6's preinst" [Undecided,New]05:21
renatosilvahttps://anonscm.debian.org/cgit/pkg-glibc/glibc.git/tree/debian/debhelper.in/libc.preinst#n14805:33
renatosilvahttps://anonscm.debian.org/cgit/pkg-glibc/glibc.git/tree/debian/debhelper.in/libc.preinst#n18005:33
renatosilvaso as long as the debian packager do not break it, it seems it's going to work fine05:38
sarnoldwhere "work fine" means "right up until it falls over in a flaming pile of wreckage" :)05:41
renatosilvaheh, just found out my hosting company does offer kvm support, they just call it "cloud" :-/05:43
sarnoldnice05:43
renatosilvaanyway, thanks all05:47
lordievaderGood morning06:14
cpaelzergood morning lordievader06:15
lordievaderHey cpaelzer, how are you doing?06:16
cpaelzermissing the time to enjoy the nice weather I see out of the window :-)06:18
cpaelzerI should start working in the basement06:19
sarnoldvery german response :)06:21
lordievadercpaelzer: It is misty here, want to trade?06:21
cpaelzerhmm hat stereotype did I trigger sarnold?06:21
sarnoldcpaelzer: the happy craftsman, hard at work :)06:21
cpaelzeryou mean the grumpy german at work, thats stereotype #43 - but I'm fine it made you smile06:23
sarnoldhehehe06:24
cpaelzerbtw sarnold, did you see the update to the apparmor issue I filed - the setrlimit block seems not arch related06:25
sarnoldcpaelzer: ah, thanks. that's probably best :)06:27
cpaelzerrbasak: once you are around - could you consider working on the unapproved queue for the USBSD07:29
cpaelzerrbasak: I happen to find more and more on that queue, likely stalled by the z release work I'd think07:29
cpaelzerrbasak: and this would be the SRU day anyway right?07:29
cpaelzerrbasak: in particular I'd be interested in bug 1668093 and bug 1670745 if you can only spend a bit time there07:29
ubottubug 1668093 in openssh (Ubuntu Yakkety) "ssh-keygen -H corrupts already hashed entries" [High,Triaged] https://launchpad.net/bugs/166809307:29
ubottubug 1670745 in openssh (Ubuntu) "ssh-keyscan : bad host signature when using port option" [High,Fix released] https://launchpad.net/bugs/167074507:29
cpaelzerFYI - It is Ubuntu Server Bug Squashing Day #2 - so even more than usual get to us with your questions if you want to participate working on bugs => http://www.mail-archive.com/ubuntu-server@lists.ubuntu.com/msg07353.html. Currently around: cpaelzer07:36
cpaelzerrbasak: ping here so I can add you once you are around as well07:36
cpaelzerrbasak: nacc: if you could look into sponsoring 1630516 as part of USBSD#2 that would be nice07:47
rbasakcpaelzer: o/08:11
cpaelzerFYI - It is Ubuntu Server Bug Squashing Day #2 - so even more than usual get to us with your questions if you want to participate working on bugs => http://www.mail-archive.com/ubuntu-server@lists.ubuntu.com/msg07353.html. Currently around: cpaelzer, rbasak08:18
cpaelzergood morning rbasak08:18
rbasakGood morning!08:25
Malusuhi guys, I would like to divert all my server logs to an external mongodb database. my problem is: how can I connect to this database without storing the password on the server or using some kind of two factor auth, so if my server is compromised the intruder cant mess with the log files.08:33
cpaelzerMalusu: could you come up with a concept that sends unathorized to the central server via a stream and only there pass it into the DB08:36
cpaelzerMalusu: it would also allow to make sanity checks on the one place you trust your central server)08:36
cpaelzerMalusu: before inserting to DB08:36
cpaelzerI wonder if all the central logging solutions don't have something, but I'm no logstash (or siblings) expert08:37
Malusucpaelzer: thats a great idea thanks, what examples do you have in mind about the sanity checks?08:44
cpaelzerMalusu: I just got the idea, had no plan around - but start with the usual things like "max size, length, strip chars not allowed" or such08:46
cpaelzerMalusu: and I'd think that on logs dedup would be a massive storage win, can mongodb do that?08:46
Malusucpaelzer: I dont think mongodb has dedup build in. I'm sure its possible with 3rd party tools. I could use ZFS to deal with that.08:51
cpaelzerMalusu: post-DB dedup in such a case will have a hard time as the blocks are filled with extra non deduppable info like the record id08:54
cpaelzerrbasak: if you think there is a lessons learned on the logrotate bug for the multi publish you might add to the pad of the USBSD http://pad.ubuntu.com/JxNfyW4H0v08:59
cpaelzerthe bug itself already has a section there09:00
rbasakack09:12
jamespagecpaelzer: responded on that thread we discussed yesterday09:25
cpaelzerthank you jamespage09:26
jamespagethanks for the summary in the bugs09:26
jamespagecpaelzer: I looped a set of tests against a deployment last night and was unable to reproduce the issue with 4500 instances09:26
cpaelzerjamespage: which confirms what I said09:26
cpaelzerjamespage: thanks for the extra impressive number09:26
jamespageyeah that was my message in the list as well - we're working to fix but can't reproduce outside of the gate09:27
blackflowrbasak: ping10:41
rbasakContext please?10:42
blackflowrbasak: would it be possible for you to guide me one time through contributing the fix for Xenial wrt bug #1673357 ?10:42
ubottubug 1673357 in munin (Ubuntu Yakkety) "Munin core plugin "if_" doesn't work" [Undecided,New] https://launchpad.net/bugs/167335710:42
rbasakSure, let me take a look.10:43
blackflowI've maintained, build, patched, contributed upstream, for some FreeBSD ports so I'm not a total noob, but it'd be great if I could have guidance once, I can learn from it quickly.10:43
blackflowFor starters, this is what I think should be done: get src deb for xenial's munin package, apply the fix to source, create patch, and that's where I don't know the next steps.10:44
rbasakOK10:45
blackflowSo that's a "backport code" approach. Or, perhaps I should just make <something> to pull in the next version of munin, the one that'll go to ZZ, 2.0.33, into Xenial? that doesn't sound right, tho'10:45
rbasakWould you prefer to create patches by hand, or use git? We have a new git workflow we're working on. I prefer it because I feel it makes things easier, but we're happy to mentor/sponsor either way.10:46
rbasakAnd are you familiar with https://wiki.ubuntu.com/StableReleaseUpdates ?10:46
rbasakThe SRU policy is that we backport fixes to stable releases for things like this.10:46
rbasak(or the path of least resistance is that under the policy at least)10:47
blackflowrbasak: on freebsd, there's a simple mechanism. you run "make extract" and it downloads and extracts upstream source tarball intoa  work dir. There you change the code for a fix and run "make makepatch" and the framework creates a patch that diffs current package with your changes.10:47
blackflowI'm not, I'm a total noob about processes and protocols of contributing to Ubuntu. I've seen those docs, however, it's just that I don't have the big picture yet.10:47
rbasakblackflow: we have two mechanisms here - the traditional, pre-VCS one, and the latest git stuff (that is still a work in progress, but usable)10:47
blackflowI do prefer git.10:48
rbasakOK, let's use that.10:48
rbasakOne moment, I'll check the git import for munin is in date10:48
rbasak(that should be automatic but we're not fully ramped up yet)10:48
blackflowrbasak: btw, you don't have to help me with this right now, not sure if you're busy.10:49
rbasakThe tooling for our git workflows is available from: "git clone https://git.launchpad.net/usd-importer" - or you can choose not to use that tooling and hit git manually if you prefer (depending on how you prefer to learn, understanding the pieces may be your preferences)10:50
rbasakblackflow: now is absolutely fine. That's what today is designated for :)10:50
blackflowah yes the bug squash day :)10:50
rbasakblackflow: would you prefer to use git with our "usd" wrapper tool, or git directly?10:50
blackflowwell I do have experience with git, and none with the wrapper tool. but I'd like to learn the "proper way".10:51
rbasakI don't think we've settled the git "proper way" yet. It's still a fairly new thing.10:52
rbasakBut you can learn the "the intended preferred way and follow along as we tweak things" if you like :)10:52
blackflowSounds fine :)10:52
rbasakOK, so clone usd-importer using the URL above please.10:52
rbasakIn there, there's an executable in bin/usd, which you'll need to run. I have a symlink to it from ~/bin/usd, and I have ~/bin in my PATH.10:53
rbasakThen:10:54
rbasakmkdir /tmp/munin10:54
rbasakcd /tmp/munin10:54
rbasakusd clone munin git10:54
rbasakThis will clone the packaging into /tmp/munin/git10:55
blackflowokay. now cloning the usd-importer. is it a big repo? It's been a it for a minute now10:55
rbasakIt should be tiny10:55
rbasakI gave you the https URL as that should need no setup10:56
rbasakYou can also access using git+ssh, but that needs you to have an ssh key in Launchpad set up10:56
blackflowah, no, wait, I forgot... our firewall rules... sec...10:56
blackflowrbasak: okay, usd-importer cloned, let's set up the bin11:00
blackflowrbasak: okay, I need to install some dependencies, looking at README.md11:03
rbasakblackflow: no don't worry about that11:04
blackflowbut I tried running usd --help and it complained about missing libs11:04
rbasakOh11:04
rbasakSorry11:04
rbasakYes, you do need those11:04
rbasakI thought you meant munin's READMEs11:04
blackflowah, no, still setting up usd-importer11:05
blackflowbtw, should've installed it via setup.py, because running usd in PATH doesn't find the module.11:05
rbasakHmm. I thought it did that magically - wfm.11:08
rbasakbin/usd looks in ".." relative to its location for the module.11:08
blackflowrbasak: no it has "from usd.__main__ import main"  and python has no idea where "usd" module is unless you're in the same directory with it11:10
blackflowso I had to install it with "python3 setup.py install"11:11
rbasakblackflow: it's the "sys.path.insert..." line above11:11
rbasakBut I can look into that another time - thank you for telling me about it11:11
blackflowrbasak: btw, do I need to clone munin into /tmp exactly? I have a /home/devel user for these thigs set up11:11
rbasakblackflow: /home/devel is fine :)11:12
rbasakNote that we'll be dumping files into the parent directory of the git repository11:12
rbasakSo I usually go one level further, so /tmp/munin/git as above instead of /tmp/munin11:12
blackflowrbasak: okay, I have a bit of a problem when I run usd: https://dpaste.de/Cge211:18
blackflowI see the file is in bin11:19
blackflowokay I think what the problem is, just a sec...11:21
rbasakblackflow: I think we have some bugs in relation to finding things. Maybe the same thing that stopped you using bin/usd in your PATH?11:22
rbasakIf you can fix up yourself easily that's fine. We'll take bug reports and patches! If you're struggling, I suggest trying to run out of the cloned directory (rather than installing to the system) and setting PATH and PYTHONPATH etc as a workaround for now.11:23
rbasakexport PATH=/cloned/usd-importer/bin PYTHONPATH=/cloned/usd-importer/usd11:23
rbasakUh, PATH=...:"$PATH" of course, etc.11:23
blackflowrbasak: yeah I do have it in my path but python doesn't find the module, and if I install via setup.py then the txt file is not included in the egg11:25
blackflowI think it's missing a manifest iirc. But I cant't figure out why the sys.path.insert is not doing the expected11:25
blackflowah but of course. it's expecting usd.py11:26
blackflownot "usd". import is looking for .py filenames11:26
rbasak"from usd.__main__" should look for a usd/ directory with a __main__.py in it (as well as requiring the usd/ directory to have a __init__.py in it; I'm not sure if that applies for __main__)11:27
blackflowno ,that wasn't it...11:27
rbasakAnd it should look in PYTHONPATH for that usd/ directory.11:27
rbasakSo if you set PYTHONPATH to the top level of the cloned directory, that should work I think.11:27
rbasakblackflow: alternatively we can give up on the tool for now and use git directly. Up to you.11:30
blackflowI did, still nothing. "No module named 'usd'"11:30
blackflowrbasak: well, I'd like to figure this out. this is perfect example of problems noobs would encounter. more value if I get this done.11:31
blackflowgimme a sec, I have to refresh my python path setup knowledge11:31
rbasakThat'd be really helpful - thanks!11:31
blackflowrbasak: found part of the probem. os.path.dirname resolves via symlink path. I have to use os.path.realpath instead of abspath if I'm not mistaken, lemme try11:38
=== clvx_ is now known as clvx
=== clvx is now known as Guest29049
blackflowrbasak: lol there's a bug in python and realpath doesn't resolve.11:42
blackflowrbasak: okay I give up. can't use symlink, so I added real path to PATH. Now I have another problem coming from the fact that the "usd" package is not registered with python. and if I install it, then that file is missing.11:51
blackflowrbasak: let's go the "just git" route for now :)11:51
SinnedHi there, would there be anyone here who has some experience with Landscape on Premise?11:52
blackflowrbasak:   git clone https://git.launchpad.net/~usd-import-team/ubuntu/+source/munin   ?11:52
cpaelzerdpb1: ^^ see Sinned11:54
Sinnedhmm? :) he's an expert on that? hehe11:55
rbasakblackflow: sorry I got a phone call11:55
cpaelzerSinned: he would know who knows and is around at the time I'd think11:55
rbasakYes, that's right11:55
SinnedI got it all up and running, and things are working fine, just 1 stupid thing which I cannot figure out. I got the following Alert on the Landscape Server: E: Could not get lock /var/lib/dpkg/lock - open (11: Resource temporarily unavailable) E: Unable to lock the administration directory (/var/lib/dpkg/), is another process using it? Exit code 100. This is allready fixed, but the Alert keeps staying there under Alerts.. All I w11:56
Sinnedremove that alert11:56
blackflowrbasak: np, okay cloning munin directly12:02
blackflowrbasak:   "warning: remote HEAD refers to nonexistent ref, unable to checkout."12:03
blackflowand there's no code in cloned repo, just .git12:04
rbasakblackflow: that's fine12:04
rbasakblackflow: "git checkout -b lp1680035 origin/ubuntu/yakkety-dev"12:05
rbasakSorry was that the wrong bug number?12:05
blackflow167335712:06
blackflow so -b lp167335712:06
rbasakYep, thanks12:06
blackflowwas just about to ask if lp meant what I thought (launchpad # number)12:06
rbasak(or any other name if you prefer)12:06
rbasakNow you should be able to see the packaging source that is current for Yakkety users12:07
rbasakTo check, "head debian/changelog" and the version should match against the table in https://launchpad.net/ubuntu/+source/munin12:07
rbasak2.0.25-2ubuntu0.16.10.3 I hope12:07
blackflowrbasak: btw, why yakkety-dev?12:15
blackflowideally I want to backport the fix for xenial12:15
rbasakblackflow: oh.12:17
rbasakThen sure, do xenial-dev12:17
rbasakBut really for an SRU we need to do both.12:18
rbasakOtherwise a user upgrading from Xenial to Yakkety will face a regression.12:18
blackflowmakes sense12:18
blackflowrbasak: btw, I'm not a git wizard, so I'm not quite sure what's going on here.   https://dpaste.de/8D5012:19
rbasakOK sorry12:20
rbasakDoes "git branch" list lp167...?12:20
blackflownopr12:21
blackflow*e12:21
rbasakOK12:22
rbasakSo the command didn't do anything at all, no problem12:22
rbasakDo: "git branch lp1673357 origin/ubuntu/yakkety-dev"12:23
rbasakand then "git checkout lp1673357"12:23
rbasakSorry, I didn't realise git would refuse to do both things at once in this case.12:23
rbasakBTW, I'm busily filing bugs to fix all the rough edges you're hitting here :)12:24
blackflowrbasak: okay, done, but had to branch from origin/ubuntu/yakkety-devel (not -dev)12:33
rbasakblackflow: ah, sorry12:33
rbasakblackflow: now, you should be able to cherry-pick the upstream fix right in12:33
rbasakblackflow: if needed, "git fetch" the upstream branch12:33
blackflowrbasak: which upstream would that be? the ubuntu/zesty branch?12:40
rbasakOne moment, my browser crashed, sorry.12:43
rbasakblackflow: you're cherry-picking https://github.com/munin-monitoring/munin/commit/290d5ac2be02ced4d09fda68dc561fcf082c9cbf presumably? So that one.12:43
rbasakSomething like "git fetch git://github.com/munin-monitoring/munin master" I imagine12:44
blackflowrbasak: that's the required fix, yes12:44
rbasakThen you should be able to "git cherry-pick 290d5ac" I think.12:44
blackflowrbasak: oh, yeah, I thought you meant from ubuntu repos12:44
rbasakUbuntu's git repo probably won't contain the commit as a separate object. It'll probably have collapsed all upstream changes into one commit, as it's only importing.12:45
dpb1Sinned: is it still there?12:45
rbasakWe have plans to fix that one day, but right now the importer doesn't provide that kind of "rich history" as it's importing entire source uploads only.12:45
blackflowrbasak: okay I've got the fix cherry picked, and a new commit is created in my branch12:51
rbasakOK. Next, we need to collapse that into a quilt patch.12:53
rbasakFirst run "git format-patch -n1 HEAD"12:53
rbasakThat should create a single file in the local directory12:53
blackflowyup, got the patch file12:54
blackflownow copy to debian/patches?12:55
rbasakI just realised I missed a step, but I hope it doesn't matter.12:55
rbasakYes, or move.12:55
rbasakAnd rename to something sensible please.12:55
rbasakDid you get a conflict when cherry-picking?12:56
blackflowthere already is a similar patch, also prefixed with 000112:56
blackflowrbasak: yes, the commit was fixing code that was a fix that occurred after the one in xenial/yakkety 's munin12:56
rbasakWe're not too precious about the naming. As long as it's not misleading.12:57
rbasakOK12:57
rbasakNext, undo the commit you added, since we want to replace it with the quilt patch12:57
rbasakSo "git reset --hard HEAD^"12:57
rbasakThat should still leave the patch file in debian/patches as git isn't tracking that yet.12:57
blackflowsensible enough?  "fix-if_-plugin-reporting-wrong-interface-speed.patch"12:58
rbasakSure12:58
rbasakThen "cd debian/patches" and "echo <patch name> >> series"12:58
blackflowmaybe I reference the PR in the filename? that's a way we did on freebsd12:58
rbasakWe reference them inside the patch itself using a metadata scheme, so no need to do it in the filename.12:59
blackflowokay12:59
rbasakI won't object if you want to do it, but I've not seen anyone else do that.12:59
cpaelzerrbasak: FYI zesty logrotate migrated12:59
rbasak(in Ubuntu or Debian anyway)12:59
cpaelzerrbasak: thanks again12:59
rbasakcpaelzer: great, thanks!12:59
rbasakOnce you've caught up, "git status" should report one new file in debian/patches/ and a changed file in debian/patches/series only.13:00
rbasakAnd you can "git add" both of those and commit that.13:00
blackflowrbasak: yup, I've reset my cherry-pick commit and got the new patch file in debian/patches/13:00
rbasakGreat13:01
rbasakIf you now set up quilt if you haven't already, then "quilt push -a" should work without errors.13:01
rbasakTo set up:13:01
rbasakexport QUILT_PATCHES=debian/patches13:01
rbasakexport QUILT_REFRESH_ARGS="-p ab --no-timestamps --no-index"13:01
rbasakUnless you already have quilt configured to do that.13:01
rbasakTechnically you don't need REFRESH_ARGS right now.13:01
rbasakThis is from https://wiki.debian.org/UsingQuilt13:02
rbasakThe step I missed BTW is to get you to commit the result of "quilt push -a" before cherry-picking. That would have ensured that if the existing quilt patches touched the same area as the cherry-pick, you'd be resolving any conflicts against the end of the quilt series, not the start. And then I'd have had you rewind both commits. But it sounds like that wasn't an issue this time.13:03
Sinneddpb1: Yes it still is, I waited for a few hours now, but that alert simply does not go away13:03
rbasakblackflow: let me know once you've caught up and are ready to continue.13:03
Sinneddpb1: I found a binary file where it is, and removed it, but then I get a system error so thats no good haha.13:05
=== Guest29049 is now known as clvx
dpb1Sinned: Do you have another process on the system that is contending for that file?  that alert is only cleared on 6 hour intervals, so it's a bit annoying, especially if you have another unattended-upgrades running somewhere.  Also, last resort, you can unsubscribe from the alert.13:10
Sinneddpb1: I checked the first thing, and no, no other processes uses it, your 2nd part if quite nice info to know, 6 hours ok. I can live with that. How do you know this info? Anywhere where I can find this? And yea, prefer not last resorting hehe. I will wait some hours more :) And make sure no apt thing is running13:15
blackflowrbasak: sorry, now it was my turn to get hogged on the phone :)13:17
blackflowrbasak: ok, gimme a minute for this13:18
rbasakSure13:18
blackflowrbasak: okay I've got quilt installed and I've set up a basic .quiltrc from the wiki and your suggestions13:21
blackflowalso I see what you mean by that step I missed, with quilt push -a. that's a "make patch" step when working with freebsd ports :)13:22
blackflowie. apply current package patches to upstream code, so your changes are based on patched, not raw upstream code. got it.13:22
blackflowhypothetical question: if there were other patches that touched the same files or even lines, how are those resolved? is there an order to patches being applied?13:23
rbasakblackflow: yes, the order is as in debian/patches/series13:25
rbasakblackflow: so does "quilt push -a" work?13:25
rbasakblackflow: assuming it does, I'll carry on.13:27
rbasakThe next step is to add some metadata to the patch - bug reference, where you cherry-picked from, etc.13:27
rbasakOur standard for that is http://dep.debian.net/deps/dep3/13:27
rbasakIt goes at the top of the patch file, together with the git-generated stuff. quilt ignores all of this.13:28
rbasakThe spec page has some examples at the bottom you can follow.13:28
rbasakA git format-patch formatted output, as this is, already has most of it.13:28
rbasakHere, we should probably add:13:28
rbasakOrigin: upstream, https://github.com/munin-monitoring/munin/commit/290d5ac2be02ced4d09fda68dc561fcf082c9cbf13:28
rbasakBug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/munin/+bug/167335713:29
ubottuLaunchpad bug 1673357 in munin (Ubuntu Yakkety) "Munin core plugin "if_" doesn't work" [Undecided,New]13:29
rbasakLast-Update: 2017-04-0513:29
rbasakThat should be all you need I think.13:29
rbasakIf you'd like to pastebin the result, I can tell you if the formatting looks about right.13:29
rbasakOnce you've done that, you can commit the patch file and series files.13:30
rbasakI did ask you commit these before. I missed these dep3 headers, sorry. You can use git commit --amend if you know how to use that.13:30
rbasakOr don't worry about it and just add another commit.13:30
rbasakThe final thing to do is to add a changelog entry to debian/changelog, and then the source should be ready (pending testing)13:31
rbasakTo do this, there's a tool called "dch" which should be able to do most of it for you.13:31
rbasakRun "dch" and it'll fire up an editor to write the new changelog message.13:31
rbasakThe message must refer to the bug in the form LP: #XXXXXX13:32
rbasakEg. "  * Fix network interface traffic metric (LP: #1673357)."13:33
ubottuLaunchpad bug 1673357 in munin (Ubuntu Yakkety) "Munin core plugin "if_" doesn't work" [Undecided,New] https://launchpad.net/bugs/167335713:33
rbasakAdjust the sign-off to your name, change UNRELEASED to yakkety, and set the version string according to the version examples in https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging13:34
blackflowrbasak: quilt push -a worked fine. I see, yeah the series file defines order. Adding metadata per DEP3 now.13:40
blackflowrbasak: okay, here's the patchfile: https://dpaste.de/SOwV13:46
blackflowhaven't committed anything yet, I'll fix the changelog now13:46
rbasakblackflow: the patch file looks great.13:47
blackflowdch is from devscripts, right?13:48
rbasakI suggest committing the quilt change (addition to series file and the new patch file itself) separately from the changelog change.13:48
rbasakCorrect13:48
rbasak(dch)13:48
rbasakComitting separately makes it easier to cherry-pick, for example for xenial-devel.13:48
blackflowunderstood.13:48
blackflowrbasak: btw, the sign off name.... I don't have an @ubuntu address. Do I use the address I've registered with on launchpad?13:54
rbasakblackflow: yes please - then Launchpad will be able to match it up to your Launchpad identit13:57
rbasakidentity13:57
blackflowrbasak: I should then also use the same e-mail addr in the git config, for commit logs?13:58
rbasakWe don't have a policy about that.13:58
rbasakSo whatever you prefer I think.13:58
blackflowokay, I have my github addr set13:58
rbasakThat should be fine.13:59
rbasakThe git side is still very new.13:59
blackflowone more question, my launchpad e-mail addr was designed just for launchpad (I use an alias for each website/service I reg to), it's not something I intended to have otherwise public. What do you suggest I do?14:00
blackflowchange my Launchpad e-mail to something that's okay to be public?14:00
blackflowi'm not hiding anything, it's just spam control :)14:00
rbasakUnderstood14:01
rbasakLaunchpad does understand multiple email addresses AFAIK.14:01
blackfloweg my freebsd contributions public addr is vlad-fbsd@acheronmedia.com14:01
rbasakSo you might be able to keep your master one your "Launchpad" spam control email.14:01
rbasakAnd have a separate "Ubuntu public contribution" spam control email and tell Launchpad that one as well.14:01
rbasakAnd then use the "Ubuntu public contribution" spam control email in your debian/changelog entries.14:01
rbasakI think that should work.14:02
blackflowunderstood.14:02
cpaelzerrbasak: I'd need your opinion on proper changelog construction for SRUs14:07
cpaelzerrbasak: apache2 in trusty has had a 2.4.7-1ubuntu4.14 in proposed but that failed verification14:07
cpaelzerrbasak: now on creating a 2.4.7-1ubuntu4.15 for a different issue what is the right changelog approach14:08
cpaelzerrbasak: a) mention the changes in the failed-to-verify as reverted14:08
cpaelzerrbasak: b) not mentioning them but keeping the .14 version in the history  (I'd consider that wrong)14:08
rbasakIt's a good question.14:09
cpaelzerrbasak: c) taking the old .14 OUT of the history so that for a user it goes .13 -> -1514:09
rbasakI think my answer may change depending on how I'm feeling when you ask me!14:09
rbasakI don't think we have consensus on this14:09
cpaelzerrbasak:  I've seen people do a) but I personally would prefer c)14:09
rbasakLet me ponder for a moment.14:10
rbasakIt might be worth asking in #ubuntu-devel BTW.14:10
cpaelzertrue14:10
cpaelzerlet me post there14:10
blackflowrbasak: okay, patch changes committed, and this is the changelog diff, haven't committed yet: https://dpaste.de/mYs314:11
rbasakLooking14:11
rbasakblackflow: perfect14:12
blackflowrbasak: the new version was given by dch, I didn't have to manually updated, only UNRELEASED to yakkety14:13
blackflow*update it14:13
rbasakOK. In this case it's because it can do the 3->4 thing automatically.14:13
blackflowany rule of thumb for commit message for the changelog only?14:13
rbasakFor the first SRU for a particular package, it's incapable of going from 2.0.25-2 to 2.0.25-2ubuntu0.16.10.1.14:14
rbasakcommit message> no rule. I use "Changelog for 2.0.25-2ubuntu0.16.10.4"14:14
blackflowokay. so that's done then.14:15
rbasakLet me summarise what is left.14:15
rbasakTesting, SRU information in the bug, and then submission for sponsorship.14:16
blackflowThe change is in production on all our ubuntu servers since the day I filed that LP# . Does that count for testing?14:16
rbasakIt certainly helps and gives us much more confidence in the SRU.14:17
rbasakBut we also want to make sure that the updated source package will build for both Xenial and Yakkety.14:17
rbasakAnd presumably we want to test Yakkety as well?14:17
blackflowso, the full test cycle, I'm guessing would be to produce the package, and then run installation -> runtime -> deinstallation... ?14:18
blackflowyeah, I haven't got access to a yakkety machine atm, I might spawn up a vm later14:18
rbasakI don't usually test deinstallation. That doesn't usually regress for a change like this that doesn't really touch the packaging (only the object code in the final binary)14:19
rbasakTo build binary packages, you can do it locally, or in a PPA.14:19
rbasakSetting up a local environment for clean package builds is a pain IMHO, but useful if you intend to do this often.14:19
rbasakUsing a PPA is certainly easier, but sometimes a longer wait for builds, and you can't do incremental debugging.14:20
blackflowrbasak: Well, for now I'd like to speed up the resolution to that particular munin bug. In the process, I want to see what it takes to contribute such changes to Ubuntu and if it's something I'd be comfortable with doing more, esp. for stuff in Universe.14:21
blackflowso the whole point of this is to go through full contrib cycle, as if I was aiming to become a dev.14:22
tewardi'd like to make a note that unless you have a *lot* of experience with things in Universe, or have worked with a ton of packages, you *might* be after individual package uploads.  Just saying.14:22
blackflowI've been documenting all the steps we did today, and when this is done I'd like to update roundcube, it's in universe, it's old and vulnerable...14:23
tewardblackflow: define "old" - RoundCube does have an LTS release.  perhaps we track the LTS release there?14:23
tewardblah lag.14:23
blackflowteward: the LTS releaes is old14:23
rbasakOK. We certainly appreciate your help.14:23
rbasakShall we use a PPA for now to test, as that'll be quicker?14:24
tewardblackflow: point.missed == true.14:24
tewardanyways...14:24
rbasakThen if we have time later I can go through setting up a local environment with you.14:24
blackflowteward: that's a comparison, so I don't follow :)14:24
blackflowrbasak: does it involve setting up a chroot with debootstrap?14:25
rbasakhttps://wiki.ubuntu.com/SimpleSbuild is the best documentation we have on setting up a local environment I think.14:25
rbasakblackflow: roughly yes, though we have wrappers so you don't do that directly14:25
blackflowokay. I wouldn't mind that, all our deployments are ansible powered zfs on root debootstraps from debian resuce env, remote over ssh :)14:25
rbasakIMHO it should be one command not 11 steps :-/14:25
rbasakWell mk-sbuild wraps it all. I usually use that :)14:26
teward^ this14:26
rbasakIt's just that you still have to mess with ~/.sbuildrc last I checked, which IMHO shouldn't be necessary.14:26
teward(and i have probably the most verbose set of sbuild schroots - all arm archs, i386 and amd64, all supported releases, plus Debian too :P)14:27
blackflowrbasak: okay, so how about we try the faster, PPA route, and I'll check that doc in detail later14:27
rbasakOK14:27
cpaelzerblackflow: I wanted to note that I like that you use the USBSD to gain tracktion on being an even more active community member - that is just what we wanted this day to be for14:27
rbasakSo the PPA route is fairly straightforward. Just one minor think I recommend.14:27
rbasakLet's tweak the version in the changelog before uploading.14:27
tewardrbasak: do you know offhand who exactly would be the best person to prod about issues with clamd on servers?14:27
tewardsorry to intrude.14:27
cpaelzerteward: I think he only wants to prep fixes not apply for MOTU or such yet14:27
rbasakteward: probably me, cpaelzer or nacc14:27
tewardcpaelzer: I am going to argue otherwise because: [2017-04-05 10:22:01] <blackflow> so the whole point of this is to go through full contrib cycle, as if I was aiming to become a dev.14:28
blackflowteward: what I meant wrt roundcube is that xenial shows this for policy: 1.2~beta+dfsg.1-0ubuntu1  which is old, according to the package changelog, it doesn't have fixes for at least three vulns, and roundcube 1.2.x is now at 1.2.414:28
tewardcpaelzer: that's my confusion.14:28
rbasakblackflow: this is to differentiate between what came out of the PPA vs. what came out of the archive later after the update lands.14:28
rbasakblackflow: and also to allow you to bump the PPA version up for testing if necessary.14:28
tewardblackflow: ah, well allow me to make one note - security updates can be applied whiel the main version stays the same, such as we have to do for NGINX frequently with backporting security patches14:28
cpaelzerteward: we all worked a bit on clamav, but thre is no clear "this is the guy" marker on this package14:28
tewardand while for NGINX that's done by the Security team, blah.14:28
rbasakblackflow: so in debian/changelog, make the version 2.0.25-2ubuntu0.16.10.4~ppa114:28
rbasak2.0.25-2ubuntu0.16.10.4~ppa1 sorts _before_ 2.0.25-2ubuntu0.16.10.414:29
tewardcpaelzer: ah, well, core problem is clamd is eating RAM.  And I mean ***eating*** RAM.  >= 50% RAM usage on a small mail server.14:29
rbasakAnd allows you to have ppa2 if needed, etc14:29
rbasakblackflow: do you have a GPG key, and is it registered on Launchpad?14:29
blackflowcpaelzer: correct, first I learn to walk, then I might run with an application for MOTU :)14:29
rbasakSorry just remembered that's a prerequisite for a PPA upload.14:29
tewardcpaelzer: also with their last statement I rest my case.14:30
blackflowteward: I know, but unless I'm reading the wrong changelog, this hasn't gotten an update since march last year:  http://changelogs.ubuntu.com/changelogs/pool/universe/r/roundcube/roundcube_1.2~beta+dfsg.1-0ubuntu1/changelog14:30
tewardblackflow: I would suggest a different approach, I'd start by getting PPU for a handful of packages in Universe, master updating/packaging them, before hunting MOTU privs.  Even myself, I wouldn't apply for MOTU even though I have my fingerprints in multiple Universe packages.14:31
blackflowrbasak: I understand14:31
blackflowrbasak: no GPG key yet, no14:31
teward(I'm fine just maintaining NGINX, and maybe a PPU application for ZNC, soon...)14:31
rbasakblackflow: OK, so "gpg --gen-key" to sort that out. Defaults should be fine for a key you use for Ubuntu uploads. If you want, use a 4096 bit RSA key size.14:31
rbasakblackflow: the name and email should match your sign-off line in debian/changelog14:32
tewardrbasak: cpaelzer: on the off chance there is one, is there a "high memory consumption by clamd" bug?  Because i let clamd run overnight, it ended up 50%+ RAM, and then over 200MB in Swap.14:32
tewardhad to actually shut off the VPS in question to free up space.14:32
tewardNot cool.14:32
rbasakblackflow: then upload the key to Launchpad using the web UI.14:32
rbasakblackflow: (just the public part of course)14:32
blackflowrbasak: got it, give me a minute14:32
rbasakblackflow: oh, it looks like you have to push the key to the keyserver first, then give the Launchpad web UI the fingerprint.14:33
tewardrbasak: i was about to say... :)14:34
rbasakblackflow: so that'll be (when you're ready) "gpg --keyserver keyserver.ubuntu.com --send-key <key id>" I think.14:34
tewardblackflow: and to support rbasak's last message: once you push to the key server wait 5 minutes and then add on Launchpad14:34
tewardi've had issues where it takes some time to propagate for LP to pick it up14:34
* rbasak last did this in 2011 :-/14:34
tewardrbasak: i win then, had to redo this in 2014 when my computer with most of my keys decided to fry the drive.  Oopsies.14:35
tewardAnd every upgrade I lose my devscripts and such but meh14:35
cpaelzerpah I did in 2015 and would not remember14:36
cpaelzerWho is better at forgetting contest is open14:37
teward*raises hand*14:38
tewardBecause I forgot what I did on Monday :)14:38
tewardliterally.14:38
cpaelzerok, you won teward14:39
tewardthat said, I'm still angry at clamd, 1GB RAM should be enough to run a small personal mail server, and it eating well over 50% RAM and over half my swap is not cool.  (Using Avast trial right now)14:39
teward(with Amavis, etc.)14:39
tewardcpaelzer: well I forgot what I did on Monday because I had only two hours sleep the night before.  Sleep deprivation: not cool.14:39
cpaelzerteward: I haven't seen such an issue in the last half year - I'll look into it a bit shortly if I find one by explcitly searching for the topic14:39
tewardThat said, I slept over 14 hours on Monday -> Tuesday night so meh14:39
* cpaelzer lives a rather steady family live - I think I didn't sleep 14 hours in all my life actually14:40
=== Guest44125 is now known as smb
=== smb is now known as Guest92937
blackflowrbasak: yes, I found the whole procedure, I pushed the key, and registered, and verified just now.14:42
rbasakOK great!14:42
rbasakSo now we need to build the source package and upload it.14:43
rbasakAssuming you've tweaked the version in debian/changelog (I don't think you need to commit that, not sure, we'll see)14:43
blackflowteward: LP accepted the pushed key right away. but I was ready for some caching or wait-till-we-process-it issues :)14:43
rbasakYou should be able to run "usd build-source" and that should do everything for you.14:43
rbasakI hope.14:43
blackflowrbasak: except the part I haven't been able to get usd runnign :)14:44
rbasakIt should drop a .dsc, .debian.tar.gz and .orig.tar.gz and a .changes into the parent directory.14:44
rbasakOh.14:44
rbasakOK, we'll do it manually ;)14:44
blackflowthat's why we went the git-only route14:44
cpaelzerrbasak: need to set the signing key maybe? - well it will derive from his mail adress in changelog if they match14:44
rbasakblackflow: "git branch --track pristine-tar origin/ubuntu/pristine-tar"14:45
blackflowI made sure the key is registered with the same name and e-mail addr I used in the changelog.14:45
cpaelzerblackflow: great14:45
rbasakblackflow: now "pristine-tar list" should show you some orig tarballs14:45
rbasak...but is missing 2.0.25, which we need.14:46
rbasakSo that's a bug :-(14:46
rbasakIt seems to be in Debian though.14:47
rbasakThat's interesting. I wonder if that's intentional?14:47
rbasakblackflow: so undo: "git branch -d pristine-tar"14:47
rbasakblackflow: and redo against the Debian pristine-tar branch: git branch --track pristine-tar origin/debian/pristine-tar"14:47
powersjrbasak: if a package is source only in zesty and I have a bug in xenial should I mark zesty "invalid"?14:48
cpaelzerpowersj: bug# ?14:48
rbasakblackflow: we want the orig tarball against 2.0.25, since that's the part before the hyphen and corresponds to the upstream source tarball14:48
rbasakpowersj: that sounds correct to me14:48
powersjcpaelzer: LP: #1664179 tomcat7 is package14:48
ubottuLaunchpad bug 1664179 in tomcat7 (Ubuntu Yakkety) "Wrong POM dependency in javax.servlet.jsp:jsp-api:2.2" [High,In progress] https://launchpad.net/bugs/166417914:48
blackflowrbasak: okay, sec14:48
cpaelzerah this nice topic again, thanks for working on this powersj14:49
tewardcpaelzer: No rush, but if there's no issue I'll file one.  Maybe first-run issues but I doubt it...14:51
cpaelzerteward: I found no related bugs, but searchign gave me the impression that sizes 250-500m can be just normal14:56
cpaelzerteward: http://unix.stackexchange.com/questions/114709/how-to-reduce-clamav-memory-usage14:56
tewardthat's... inefficient.14:57
cpaelzerteward: http://lists.clamav.net/pipermail/clamav-users/2014-May/000468.html14:57
tewardcpaelzer: can we update the wiki for PostfixAmavisNew to make a note about this for ClamAV, that if the server is low-RAM you can't use ClamAV?14:57
cpaelzerteward: the first link tries to explain a bit why it is so14:57
cpaelzerteward: if instead of "can't" we use something softer like "need to carefully consider due to high memory consumption" I think such an entry would be good14:58
blackflowrbasak: okay, was looking up what pristine-tar is. anyway, it appears there's no origin/debian/pristine-tar, I'm not sure if I missed to add an upstream?   "error: the requested upstream branch 'origin/debian/pristine-tar' does not exist"14:58
tewardcpaelzer: well that's why i made the suggestion - someone with better doc writing exp. should write it :P14:59
cpaelzerteward: here https://help.ubuntu.com/community/PostfixAmavisNew ?14:59
tewardbut I think that needs to be added, make a note that it could consume up to 500MB just being idle of RAM and that's a consideration14:59
tewardcpaelzer: that's the one14:59
rbasakblackflow: oh, sorry. "git fetch origin debian/pristine-tar"14:59
blackflowrbasak: you mean importer/debian/pristine-tar? I have only that in remote origins15:03
blackflow(and /ubuntu/ )15:03
blackflowgit fetch origin debian/pristine-tar   did not work, but    git fetch origin importer/debian/pristine-tar   did15:03
* cpaelzer stops from exploding in anger15:04
rbasakblackflow: ah yes, sorry15:04
cpaelzerpowersj: might I borrow a few minutes from you to be my "polite answer man"?15:04
powersjlol15:04
rbasakblackflow: so then you need "git branch --track pristine-tar origin/importer/ubuntu/pristine-tar"15:04
powersjcpaelzer: sure15:04
rbasakblackflow: I'm doing this off the top of my head mostly, so sorry about the errors.15:04
blackflowrbasak: no problem, it actually helps me understand the step and look up why it's wrong and how to fix it, myself.15:05
blackflowokay, branch pristine-tar set up15:05
rbasakOK so now "pristine-tar list" should work15:06
rbasak"head debian/changelog" shows 2.0.25-2ubuntu0.16.10.4, so we want "pristine-tar checkout munin_2.0.25.orig.tar.gz"15:07
blackflowrbasak: having installed pristine-tar, yes. (so that's now two pkgs I needed to install, pristine-tar and devscripts  --> wrt those bugs you've been filing for rough edges  :)  )15:07
rbasakNoted, thanks :)15:08
rbasakNow you should have a munin_2.0.25.orig.tar.gz file in the current directory.15:09
rbasakMove that to the parent directory.15:09
rbasakThen "dpkg-buildpackage -S -nc -d -I -i" should ask you to sign, and then you should have a source package ready for upload in the parent directory.15:10
blackflowrbasak: wait, we're tracking debian/pristine-tar. there's no munin_2.0.25 in there, munin_1.2.5.orig.tar.gz is highest version available, unless I missed a step?15:10
rbasakHmm15:10
blackflowwhich is weird, debian has 2.0.x in testing, stable and oldstable15:11
rbasakI just did, in a fresh directory:15:11
cpaelzerteward: updated the wiki page with a note about it15:12
rbasakgit clone git://git.launchpad.net/~usd-import-team/ubuntu/+source/munin test15:12
rbasakcd test15:12
rbasakgit fetch origin importer/debian/pristine-tar15:12
rbasakgit branch --track pristine-tar origin/importer/debian/pristine-tar15:12
rbasakpristine-tar list15:12
rbasakand I see munin_2.0.25.orig.tar.gz in there.15:12
blackflowoh wait, wait, I think I see what went wrong15:12
tewardcpaelzer: thanks15:12
rbasakWhat is odd is that I expected it to be in origin/importer/*ubuntu*/pristine-tar, and I've filed a bug for that.15:13
rbasakblackflow: do you need to delete your local pristine-tar branch and point it at the debian one again?15:13
blackflowrbasak: okay, fixed. yes, I had to branch --track pristine-tar origin/importer/DEBIAN/pristine-tar   not ubuntu  (small caps, emphasis here)15:14
blackflowrbasak: okay, 2.0.25.orig.tar.gz checked out15:14
rbasakOK. Move it to the parent directory please15:15
rbasakThen "dpkg-buildpackage -S -nc -d -I -i" should ask you to sign, and then you should have a source package ready for upload in the parent directory.15:15
rbasakRun dpkg-buildpackage from the top level of the repository, not the parent directory.15:15
rbasakIt'll look for the orig.tar.gz in the parent directory.15:15
blackflowrbasak: done, got the new tarball, .dsc and .changes15:18
rbasakGreat.15:18
rbasakAnd the version in those files is suffixed ~ppa1, right?15:18
rbasakNow go to https://launchpad.net/~ and create a PPA15:19
rbasakI have one called "experimental" I use for this stuff.15:19
rbasakUnless you already have one you can use?15:19
blackflowrbasak: yes, I added that version as you suggested15:20
blackflow*to vesion15:20
blackflowOkay, PPA created15:22
blackflownow, dput?15:22
rbasakYep!15:23
rbasak"dput ppa:<lpid>/experimental <whatever>.changes"15:23
rbasak<lpid> should not include the ~15:23
blackflowyeah. and now I add the PPA to sources list on the test machine, install the update, run test ... ?15:24
naccit will take some time to build, but yeah15:24
naccrbasak: iirc, re: LP: #1680125, we can only import an orig tarball once, so if we find an upstream tag for something, we don't import it again15:25
ubottuLaunchpad bug 1680125 in usd-importer "pristine-tar branch for Ubuntu is missing orig tarballs needed for Ubuntu" [Undecided,New] https://launchpad.net/bugs/168012515:25
naccrbasak: we would have to add some state above and beyond our `gbp-import-orig` logic, which is fine15:26
rbasaknacc: understood, thanks15:26
cpaelzerhi nacc btw I'm taking myself out of the list and repost a final time15:27
cpaelzerFYI - It is Ubuntu Server Bug Squashing Day #2 - so even more than usual get to us with your questions if you want to participate working on bugs => http://www.mail-archive.com/ubuntu-server@lists.ubuntu.com/msg07353.html. Currently around: rbasak, nacc, powersj15:27
cpaelzerwtf what-patch reports cdbs - never seen this15:29
cpaelzeris this ancient packaging fun or did I just miss that so far15:29
nacccpaelzer: which package? there are few cdbs around15:30
rbasakblackflow: let me cover the other two steps while you're doing that.15:30
rbasakblackflow: for preparing the SRU bug, follow https://wiki.ubuntu.com/StableReleaseUpdates#Procedure15:30
rbasakblackflow: to submit for upload, there are a few options.15:31
cpaelzernacc: numactl15:31
rbasakblackflow: you can propose your git branch. To do this, push to Launchpad in your own git space, and then file a merge proposal against the importer branch you cloned.15:31
cpaelzerbut I just see written by pitti, so it might be old but of usual good pitti-quality then15:31
cpaelzerah only the cdbs-edit-patch15:31
rbasakblackflow: cpaelzer, nacc or I would be happy to review and sponsor that from there.15:31
rbasakblackflow: alternatively, the traditional method is to post a debdiff as an attachment to the bug. You can produce that by using "git diff origin/ubuntu/yakkety-devel lp..."15:32
rbasakblackflow: and if you attach to the bug, subscribe ~ubuntu-sponsors to the bug, and it'll go into the sponsorship queue.15:32
rbasakblackflow: finally, sponsors don't particular mind the method used to get the proposed upload to them. If you linked to a source package or git tree or something somewhere that's usable, I think most sponsors would be happy to review and accept from there.15:33
rbasak*particularly15:33
rbasakblackflow: in any case, I'll be happy to sponsor this upload of course :)15:34
blackflowUnderstood. Now, this final step will have to wait a bit, I have to run some errands and then have to set up a yakkety machine to test it out.15:34
rbasakOK.15:34
rbasakI need to take a break. I'll be around later.15:34
blackflowso I might ping you later if I need more help.15:34
rbasakSure, please do.15:34
blackflowrbasak: Thank you A LOT for guiding me through this. excellent experience, learned a lot with a bunch of info I have to look up in detail15:35
Sinned_dpb1: 6 hours it was lol :) Alert is gone now. Many thnx.. if I knew before the interval would be 6 hours, I would not have wasted 3 hours in searching a way to fix it -,- :D15:36
dpb1Sinned_: sweet. :)15:41
powersjrbasak: cpaelzer: LP: #167979215:50
ubottuLaunchpad bug 1679792 in mongodb (Ubuntu) "Please remove i386 binaries for 1:3.4.1-3" [Undecided,New] https://launchpad.net/bugs/167979215:50
powersjtoo late for that to happen on zesty I assume, so should I propose for AA?15:51
powersjor can migration still occur??15:51
cpaelzerpowersj: in general it can15:51
cpaelzerpowersj: Rule of thumb: currently the release Team is for zesty-proposed what usually the SRU Team is for e.g. xenial-proposed15:52
cpaelzerpowersj: but what shall migrate here - a full new version? - very very unlikely15:52
cpaelzerpowersj: do you have context on this or did you just run into on bug triage?15:53
powersjcpaelzer: bug triage - looks like version bump from 3.2 -> 3.415:54
cpaelzeryep found it in http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html15:54
cpaelzerso it actually is in proposed from before freeze15:54
cpaelzerpowersj: the arm64 build was aborted it seems15:55
cpaelzerpowersj: IMHO that shold be decided by whoever usually does mongodb + the Release Team15:56
naccrbasak: i'll try and fix the bugs you found today and respin the snap15:56
cpaelzerpowersj: they are who have to decide eventually anyway15:56
Sinned_Hey dpb1 can I ask you 2 other things about landscape on premise? I allrdy got it fixed, but would like to know why it happends :)15:56
cpaelzerpowersj: I'd recommend you to bring it up in #ubuntu-release and/or subscribe them15:56
powersjcpaelzer: ok thx15:57
dpb1Sinned_: sure, but it might be better if you post a Q to ask-ubuntu if they are long, tag with landscape.  I might even be the one to answer. haha15:57
cpaelzerpowersj: as I read the bug it is actually a request to an AA to remove the binaries, so not that much of classic triage for the server Team anway15:57
Sinned_we got lots of servers, if I restore snapshot, I often get the following alert: update_security_db.sh not ran last 70 mins orso. I fix it by running sudo -u landscape bash -x /opt/canonical/landscape/scripts/update_security_db.sh. What is the interval of this?15:57
rbasakblackflow: you're very welcome! Thank you for driving the bug.15:57
cpaelzerpowersj: but AA density is high in ubuntu-release so still the right place15:58
Sinned_dpb1: many thnx, will do that :)15:58
naccpowersj: cpaelzer: while i see a ton of work in LP: #1677578 -- but i don't know if you actually did or did not run their specific case15:58
ubottuLaunchpad bug 1677578 in php7.0 (Ubuntu) "php-fcgi: max_execution_time causes memory leaks" [Undecided,Opinion] https://launchpad.net/bugs/167757815:58
naccand the replies are kind of going past the user without being real replies15:58
rbasaknacc: wow thanks! I was just recording for the future - didn't think there was much urgency in it.15:58
cpaelzernacc: IMHO I ran his case excluding the last step asking him for his own pictures15:59
rbasaknacc: I wonder if we can get automated snap publication? I think Launchpad can do that now, right?15:59
naccrbasak: yeah, i just haven't gotten to that point16:00
cpaelzernacc: his case was loading all images in a dir in a loop and thumbnailing them - I did so in comment #1316:00
nacccpaelzer: ok, it's a lot of comments and he explicitly asked if you ran his testcase a few times and it wasn't obvious to me if you did or didn't16:00
cpaelzernacc: he replied while I was working and LP isn't pushing - we both got to the point that a single huge image is enough - I even provided a way to construct it16:00
nacccpaelzer: right, but you seemed to be tracking something different16:01
nacccpaelzer: the memory limit issue is not what they are complaining about16:01
cpaelzernacc: so it is about cleanup16:01
cpaelzeronly now I see his posts in between mine :-/16:01
naccyeah16:01
cpaelzerLP please autorefresh for me in future16:01
naccso i'm fine with the conclusion16:01
nacci just want the user to understand they weren't intentionally ignored16:01
naccand yes, i hate that about lp16:01
nacccpaelzer: re:LP: #165049316:03
ubottuLaunchpad bug 1650493 in numactl (Ubuntu) "numastat <pid> fails with double free or corruption" [Medium,Incomplete] https://launchpad.net/bugs/165049316:03
naccnon-contig is very common under PowerVM16:03
naccbecause the hypervisor is dumb :)16:04
=== poster is now known as Poster
nacciirc, i did some stuff to allow for it in qemu upstream, but i can't remember if it got merged16:04
cpaelzernacc: I posted to the bug on finally understanding16:08
cpaelzernacc: will take a look tomorrow - but if you want USBSD on on this today as our php mastermind please feel free16:08
cpaelzerpowersj: sorry to lure you into that16:09
nacccpaelzer: np, i will take a loook -- i also sort of own the php-imagick stuff so i would not be surprised if there are bugs there16:10
naccFYI - It is Ubuntu Server Bug Squashing Day #2 - so even more than usual get to us with your questions if you want to participate in working on bugs => http://www.mail-archive.com/ubuntu-server@lists.ubuntu.com/msg07353.html. Currently around: powersj, nacc.16:34
=== db` is now known as db
=== db is now known as Guest94484
naccFYI - It is Ubuntu Server Bug Squashing Day #2 - so even more than usual get to us with your questions if you want to participate in working on bugs => http://www.mail-archive.com/ubuntu-server@lists.ubuntu.com/msg07353.html. Currently around: powersj, nacc.18:33
a01029how do i run a command on startup in ubuntu server? there's no /etc/rc.local anymore18:59
Frickelpita01029: ofc it is, as a systemd service. rc-local.service19:00
sarnoldthanks Frickelpit, I hadn't seen that yet19:01
Frickelpitnp19:02
a01029https://github.com/joeroback/dropbox/blob/master/dropbox%40.service19:03
ztaneis there any convenient way of disabling *shutdown -h* on 1604 server19:47
sarnoldztane: you could probably abuse this https://www.freedesktop.org/software/systemd/man/systemd-inhibit.html19:48
ztanethis is one box that cannot be restarted after halt without manual intervention so it is kind of awkward :D19:48
ztanehmm, yea :)19:48
sarnoldztane: another possibility is to chmod the shutdown executable to forbid execution. that's a different kind of brittle, since updates will put the modes back the way they shuold be..19:49
ztane... and I do want to reboot sometiems19:50
ztanesarnold: hmm but krhm, this is not really convenient either ...19:51
ztanebecause I can send ctrl-alt-del remotely, but I guess if I use this, then the vulcan nerve pinch would be disabled too.19:51
sarnoldno idea on the control-alt-del, I can't recall having used that in a decade..19:52
genii!dontzap19:55
geniiHm19:55
=== Sinned_ is now known as Sin-ZzZz
tarpmanztane: maybe you want molly-guard22:29
sarnoldlooks perfect22:32
=== unreal_ is now known as unreal
dasjoesarnold: how would I go about an SRU to a package? What bothers me is fixed in zesty due to being a newer upstream release. I'm reading https://wiki.ubuntu.com/StableReleaseUpdates#Procedure but getting stuck.22:44
naccdasjoe: which package/bug?22:44
sarnoldhey dasjoe :)22:44
dasjoeHey :)22:44
dasjoenacc: network-manager-strongswan22:44
naccdasjoe: provide a .debdiff with a correct version for the fix to the older series in the bug22:44
sarnolddasjoe: normally you'd file a bug report with the template in the wiki; fill out the bits you can; attach a debdiff, describe how you tested22:44
renatosilvahttp://vpaste.net/KOK0K -- do these warnings sound problematic?23:25
tomreynwhoever runs vpaste.net needs to fix their ipv6 availability23:47
=== drab_ is now known as drab

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!