[04:16] <sonu_nk> hi , i am facing some critical issue with my ubuntu server.. it is giving me "Error:	Server unexpectedly closed network connection
[04:16] <sonu_nk> Error:	Could not connect to server" ... but it was working tomorrow perfect. with same credentials i tried today and its giving me error.. i cant access SFTP , No webmin working and no SSH working
[04:17] <sarnold> I believe that's the error message you would get if tcpd (hosts.allow, hosts.deny, hosts_options) would give if an address isn't allowed
[04:18] <sarnold> maybe it's run out of RAM and is OOMing?
[04:19] <sonu_nk> sarnold, what are the step for troubleshooting ?
[04:22] <sarnold> sonu_nk: I think you're stuck looking at the console at this point
[04:22] <sonu_nk> my ubntu server installed on Linode
[04:23] <sarnold> do they have remote console services? if not, you'll have to hit the reboot button and hope there's something useful in the logs
[04:24] <sonu_nk> remote console services
[04:24] <sonu_nk> exist there
[04:29] <sonu_nk> https://paste.ubuntu.com/25123475/ see my log here which i tried to access via remote console sarnold
[04:30] <sarnold> sonu_nk: ewwww
[04:31] <sarnold> I'm out of ideas
[04:33] <sarnold> sonu_nk: once you've got a prompt on that system please run ubuntu-bug systemd-logind and please fill it out as best you can. That's crazy.
[04:33] <sarnold> I've got to run, good luck
[04:33] <sonu_nk> ok sarnold thankyou
[04:52] <sonu_nk> "Network Helper did not run: could not determine distribution or distribution version  " this message coming when i reboot ubuntu server via linode panel
[05:36] <cpaelzer> good morning
[05:50] <hhee> morn
[06:27] <lordievader> Good morning
[07:45] <m1dnight_> Hey guys, I'm trying to configure squid-deb-proxy but I keep getting TCP_MISS/404 in the access.log, but also 404's in the store.log..
[07:46] <m1dnight_> I can find a lot of data on the first problem, but not on the second
[07:46] <m1dnight_> Any pointers?
[07:46] <m1dnight_> I've even put "http_acccess allow all" in the file, to make sure that's not the issue.
[07:49] <cpaelzer> m1dnight_: are yu setting it up like https://wiki.ubuntu.com/SquidDebProxy or anything more complex?
[07:50] <m1dnight_> The basic configuration without any changes, honestly. Well, except the http_access allow all to be sure.
[07:51] <m1dnight_> Is there a setting I can use to cache _everything_?
[07:51] <m1dnight_> That's what I was going to test right now.
[07:54] <cpaelzer> in general if you only look for apt/deb caching you might check out apt-cacher-ng
[07:55] <cpaelzer> not so sure on squid conf - maybe just "." like refresh_pattern . 0 40% 40320
[07:55] <cpaelzer> http://www.squid-cache.org/Doc/config/refresh_pattern/ will be of help
[07:55] <cpaelzer> but all hits I found warned you to please not cache too huge files there
[08:17] <m1dnight_> also, what does it mean for  line to be bungled?
[08:17] <m1dnight_> Bungled /path/to/conf.conf line 21:...
[08:32] <cpaelzer> rbasak: nacc: on https://code.launchpad.net/~paelzer/ubuntu/+source/multipath-tools/+git/multipath-tools/+merge/327618
[08:33] <cpaelzer> rbasak: nacc: if we are going to upload multipath-tools before the current artful-proposed will leave proposed do we need to jump through all the loops to make the merge apply?
[08:33] <cpaelzer> rbasak: or could one just accept and merge the upload tag and I upload as-is and things would work?
[08:35] <cpaelzer> it is kind of a race against time with only i386 dep8 tests missing due to the huge queue
[08:37] <rbasak> cpaelzer: I think it'd be fine to just add a new commit importing that changelog entry into the merge result.
[08:37] <cpaelzer> that would certainly be easier
[08:37] <rbasak> cpaelzer: the only thing the importer cares about to preserve rich history is that the upload tag's tree matches the archive.
[08:37] <cpaelzer> ok, then I'll prepare that way and you can merge/mark-upload tag just before I upload
[08:37] <rbasak> cpaelzer: and then next time that commit can just be dropped when following our usual merge workflow.
[08:37] <rbasak> ack
[08:45] <cpaelzer> rbasak: ok, done - ready to merge and tag as upload so I can upload the actual change
[08:45] <cpaelzer> rbasak: or do you want to upload the change as well as part of the mergeing?
[08:49] <rbasak> cpaelzer: do you have an upload tag I can pull from somewhere please, and I can push that before you upload?
[08:50] <cpaelzer> head of merge-artful should be it, I can tag and make it available if that helps
[08:51]  * rbasak looks
[08:52] <cpaelzer> rbasak: cd2f5a906c
[08:52] <rbasak> Oh, that should be fine, sorry. I had assumed you were sponsoring for someone else or something.
[08:52] <cpaelzer> I pushed it, but didn't set the upload tag on it as that usually is on the "accept the merge" task
[08:52] <cpaelzer> no my merge
[08:52] <rbasak> (because I hadn't really paid attention; sorry)
[08:52] <cpaelzer> fine
[08:52] <cpaelzer> enough involved people in that merge, but hey 3 reviews on day 1 is good
[08:54] <cpaelzer> rbasak: my dput is ready and waiting, just ping me once it is merged on USDI (or if there are any issues)
[08:54] <rbasak> cpaelzer: upload tag pushed
[08:54] <rbasak> cpaelzer: I didn't review or anything. In theory an uploader should be able to push an upload tag, but we don't have Launchpad ref wildcard ACLs yet. So I'm just being an ACL for you :)
[08:55] <cpaelzer> ok for me
[08:56] <cpaelzer> and uploaded that way (and accepted) as reviewed and acked, thanks rbasak
[08:56] <cpaelzer> rbasak: will you set the MP to merged then?
[08:56] <cpaelzer> so that it drops off the active reviews queue?
[08:56] <rbasak> Done
[08:56]  * rbasak should write a bot or something :-/
[08:56] <cpaelzer> thanks again
[08:57] <cpaelzer> if you are an ACL be a bot as well :-)
[08:57] <rbasak> :)
[09:00] <cpaelzer> we are going the first steps, but I like the linter
[09:01] <cpaelzer> I didn't ask about that before, but has it a mode to lint before upload - to keep the silly mistakes hidden to others :-)
[09:01] <cpaelzer> rbasak: nacc: ^^?
[09:01] <rbasak> I believe so.
[09:01] <cpaelzer> ok, then next merges get even more clean
[09:02] <cpaelzer> I really like to see that every time a merge comes by it gets easier due to our  improved process and tooling
[09:02] <rbasak> cpaelzer: just "git ubuntu lint" and it'll look at HEAD.
[09:02] <cpaelzer> freeing up some time to fix things :-)
[09:02] <cpaelzer> oh nacc pushed it to the snap already
[09:02]  * cpaelzer is testing the linter
[09:15] <m1dnight_> If you do apt-get update, what is actually being downloaded? I'm looking for the proper name
[09:15] <m1dnight_> package descriptions?
[09:15] <lordievader> m1dnight_: More a list of available packages and versions of a repo.
[09:19] <GMBeniamin> Hello guys! I was here last night with a problem regarding not being able to connect to internet with my new server. Is there someone willing to help me?
[09:36] <rbasak> m1dnight_: package metadata. You could call them indexes. Look in /var/lib/apt/lists/. It's plain text and is exactly what was downloaded.
[10:35] <sonu_nk> Does the SSL include XSS protection as well?
[11:37] <fginther> rbasak, I attached a testing summary to https://bugs.launchpad.net/bugs/1701350, please let me know if that meets your needs
[11:41] <rbasak> fginther: that looks great. Thanks!
[12:02] <linuxlove> hi
[12:03] <linuxlove> anyone here ?
[12:03] <lordievader> o/
[12:04] <linuxlove> i used a2dismod mpm_perfork
[12:04] <linuxlove> and enabled e2enmod worker
[12:04] <linuxlove> my apache has crashed
[12:04] <linuxlove>  [mpm_prefork:notice] [pid 15351] AH00169: caught SIGTERM, shutting down
[12:04] <linuxlove> i see this
[12:05] <linuxlove> what should i do ?
[12:05] <lordievader> Restart apache?
[12:06] <linuxlove> when i restart apache
[12:06] <linuxlove> i get error
[12:07] <linuxlove> im on ubuntu server 16.04
[12:07] <lordievader> Only that error above, or some others too?
[12:08] <linuxlove> i saw that in /var/log/apache2/error.log
[12:09] <nacc> linuxlove: that's not an error that's a log you restarted it
[12:09] <linuxlove> when i restart i see
[12:10] <linuxlove> Job for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xe" for details.
[12:10] <linuxlove> ubuntu245@ubuntu245:/var/log/apache2$
[12:10] <nacc> linuxlove: ok, so pastebin those outputs
[12:14] <linuxlove> https://pastebin.com/LK6mM5ZQ
[12:14] <nacc> linuxlove: see the latter output
[12:14] <nacc> linuxlove: your config fails the test
[12:14] <nacc> linuxlove: iirc, check /var/log/apache2/error.log or so
[12:18] <linuxlove> nacc,
[12:18] <linuxlove> https://pastebin.com/j0X50Bzn
[12:18] <linuxlove> its latest in error.log
[12:20] <nacc> linuxlove: those segmentatin fauls are rather concerning
[12:20] <linuxlove> what should i do now ?
[12:22] <linuxlove> how can i find cause of error ?
[12:23] <linuxlove> apache crashed just when i disabled mpm perfork and enabled worker
[12:23] <linuxlove> this all i know at moment
[12:25] <linuxlove> whats solution ?
[12:27] <nacc> linuxlove: switch back to prefork?
[12:28] <linuxlove> i did
[12:28] <linuxlove> $sudo a2dismod mpm_worker
[12:28] <linuxlove> $sudo a2enmod mpm_event
[12:28] <linuxlove> but i cant restart apache2
[12:59] <lordievader> How default is your (apache) config?
[14:04] <MorpheusXNL__> any apache guru's in here
[17:46] <thebwt> so wait: you disabled prefork and enabled worker which causes the crash; then you disabled worker and enabled event and it still crashes. Did you switch back to prefork ever?
[21:32] <Masterphi> how do i allow a user to run reboot?
[21:52] <sarnold> Masterphi: you can add a sudo entry to your sudoers file; it's a bit of a brutal manpage, though, so I suggest skimming to the end, reading the examples, and looking through the manpage to answer questions..
[21:53] <sarnold> Masterphi: I have a feeling it'd be best to give the exact command line arguments you want the user to use in the sudoers file; without args means it can be called with any args, which might be a bit much
[22:22] <Epx998> misery is our new datacenter
[22:22] <sarnold> :(
[22:23] <Epx998> chassis labels are merely rack locations, if you want to know what server youre looking at, nslookup the rack location
[22:23] <Epx998> not so snazzy when trying to reimage 18 servers, not in a row
[22:23] <Epx998> boss got us 10gb, i suggested we disable onbaord nics to WAR the ub bug with off board interfaces, was told no.. now go reimage said servers
[22:24] <Epx998> you got to nslookup a rack location, swap cables, kickstart, rename interface, reboot and swap cables
[22:24] <sarnold> so the label says "row 3 rack 10 server 22" rather than "s1292835" ?
[22:24] <Epx998> racks are hot like the sun and no soda machine in this DC
[22:24] <Epx998> dc2-04-12
[22:24] <Epx998> as an example, row 4 slot 12
[22:25] <Epx998> which is just a dns alias, so when you look it up, you'll get the real hostname
[22:25] <Epx998> then we ordered dells without enterprise licensing or something
[22:25] <sarnold> oh crap no idrac?
[22:25] <Epx998> so forget remote console
[22:25] <sarnold> DOOOMED
[22:25] <Epx998> its wonky idrac
[22:25] <sarnold> that's going to take more than a soda machine
[22:26] <Epx998> this new manager we poached from google, hes great and data solutions but hes built out two DC's and i HATE going to either for these reasons
[22:26] <Epx998> we hired 2 data center techs - soo us engineers could actually work - yet im still here at the DC
[22:26] <Epx998> im just annoyed hehe
[22:26] <Epx998> these dells have a serial port, i asked for a serial console switch, nopee. didnt get that either
[22:28] <Epx998> the new VP of our business unit only cared about reducing build turn around time, so no one in charge is thinking about supporting the infrastructure we are building out, we are cutting corners and paying for it
[22:28] <Epx998> make builds quicker, support the infra is an after thought
[22:28] <Epx998> ok my rant is over
[22:32] <sarnold> it was a good one though :)
[22:33] <sarnold> me, I just bought the one machine for my basement, and when I saw that e.g. dell wanted extra currency for their remote console stuff and lenovo .. well, Icouldn't even figure out how to work the lenovo order forms, let alone be frustrated that they charged money for the remote access key ..
[22:33] <sarnold> .. sent me straight to supermicro. super cheap. everything included. it's like staying at a cheap hotel that has fast and free wifi without hassles.
[22:34] <Epx998> yeah my mgr who bought our first dells said we didnt need enterprise, i was asked if we need it, my answer was (yes if we want remote console)
[22:35] <Epx998> that manager was in austin, not santa clara and his local DC was in his building where as mine are a drive away
[22:35] <Epx998> then we hired a replacement but....... alas turn around times
[22:35] <Epx998> supermicro eh
[22:35] <Epx998> we trialed some microservers from them, seemed ok
[22:35] <Epx998> remote was weird tho, the ones i liked the most were huawei - they were very helpful
[22:36] <Epx998> our newer hp's have ilo licenses, which is nice - not sure why we didnt do it on these dells
[22:36] <sarnold> no kidding? I got a giggle that huawei sells "datacenter in a box", a shipping container pre-stocked with servers and power and networking and whatnot. it arrives, you supply power and it does the rest.
[22:36] <Epx998> oh wait so the issue is, its a non-shared port and we didnt order a switch to support the 2nd port for idrac
[22:37] <Epx998> my last gig, we boughut supermicro premade racks and shipped them to the uk
[22:37] <Epx998> plug n play - was kind of nice, but when working on supermicros, take aspirin and bandaids
[22:38] <Epx998> try getting serials for asset tagging ha.
[22:38] <sarnold> oh man no separate management network? that makes it hard to protect against bmc/idrac etc flaws :( maybe that's not a huge deal in a build farm, but still
[22:38] <Epx998> nope - ive been asking for that since our first DC
[22:39] <Epx998> 3 datacenters deep, no mgmt network
[22:42] <Epx998> we dont even have a seperate network to our netapp
[22:42] <Epx998> and we are huge data consumers across our network
[22:42] <Epx998> thought is with 10g its ok
[22:47] <sarnold> _today_ it's okay with 10g..
[22:48] <sarnold> I had the impression most big sites were going with storage networks, 'application' networks, and one or two management networks (depending if they want something isolated for ssh to work on)
[22:53] <Epx998> and done
[22:54] <Epx998> sarnold: we are growing real fast, hard to plan everything - but there are 2 of us on this team. im the only guy who wasnt hired by trhis mgr
[22:54] <Epx998> and im 8/10 times ignored, despite i have trhe most extensive datacenter bring experience
[22:55] <Epx998> ok back to the office, i need a soda
[22:55] <sarnold> see ya Epx998 :)
[23:43] <tomreyn> Epx998-: here's the solution (well workaround) for the shitty management: get 'replacement' serial cables, cross connect servers using them, so you can still conect to servers when network links fail, and can at least have basic OOB management.
[23:44] <tomreyn> the medium term goal is to get them fired, though ;)
[23:46] <Epx998-> lol
[23:46] <Epx998-> i like my workmates more or less
[23:50] <tomreyn> two options: replace mgmt, or get yourself and your friends hired by someone with a clue
[23:50] <tomreyn> the latter is probably a lot less hassle
[23:50] <Epx998> well i dont want to sound rude, but that wont happen
[23:51] <Epx998> for typical silicon valley reasons
[23:52] <tomreyn> silicon valley = mgmt wont be replaced by people with a clue AND there ar eno other companies with less silly management who would hire you and your friends?
[23:52] <Epx998> not exactly
[23:52] <tomreyn> i'm not really into silicon valley, but i wasn't aware it's that doomed ;)
[23:53] <Epx998> there is a trend here
[23:53] <tomreyn> becoming clueless in management? oh right, i heard about your president.
[23:53] <Epx998> ha there is that
[23:54] <Epx998> middle americas fault that one
[23:54] <Epx998> the coasts voted blue
[23:54] <tomreyn> sure, silly con vally needs immigrants to grow cheap.
[23:59] <Epx998> forgot what I was going to do with the rest of my date