/srv/irclogs.ubuntu.com/2017/09/07/#ubuntu-server.txt

axisysfailing to upgrade lucid .. this is what I tried so far00:16
axisyshttp://dpaste.com/0KW2Y2R.txt00:17
axisysany suggestion?00:17
TJ-axisys: failure to authenticate suggests you've not installed the updated keyrings - I *think* the archive keys rotated at some point after 10.0400:37
axisyshttps://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1513232 comment #3 seems to be resolving .. now seems to be upgrading00:45
ubottuLaunchpad bug 1513232 in update-manager (Ubuntu Precise) "do-release-upgrade no longer works from lucid to precise" [Undecided,Confirmed]00:45
TJ-yes, comment #11 confirms it's a key issue and gives a command to fetch the missing key00:49
axisysupgrade completed and now I am getting a key error on precise apt-get update03:17
axisysW: GPG error: http://us.archive.ubuntu.com precise-updates Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>03:17
axisysso I guess that key from #11 is not correct anymore03:17
axisyshttp://dpaste.com/18KFVNX.txt03:19
sarnoldaxisys: check 'dmesg' output to see if you've had any IO errors03:20
sarnoldaxisys: try manually checking the files in /var/lib/apt/lists/03:21
axisysthis fixed it03:21
axisyshttps://askubuntu.com/questions/198371/apt-encounters-errors-with-bad-gpg-keys03:21
axisyssarnold: right03:21
axisysneeded a new lists dir03:21
sarnoldheh, that's a bit .. blunt, but sounds like it worked :)03:22
axisysdo-release-upgrade on precise saying no new release found03:23
axisys/etc/update-manager/release-upgrades says Prompt=lts .. so why not?03:25
axisysinteresting.. probably some cache.. after a reboot, it is accepting the command03:28
sarnoldaxisys: do be sure to check dmesg to make sure you're not getting IO errors03:29
sarnoldwe get a lot of bug reports with dying drives in the logs :(03:29
axisysok.. also I am running a vagrant image for testing out the process in my laptop.. preparing for upgrading few next week :-)03:43
axisysbut good suggestion03:44
axisysi do run smartmon as a cronjob on this laptop, also..03:44
sarnoldI love to hear that you're testing it first, always a decent idea :)03:44
sarnoldthen it's more likely the file was corrupted in transit. that happens.03:44
axisysor loose my job while playing with prod server.. hehe03:45
=== micahg_ is now known as micahg
=== giraffe is now known as Guest34710
=== clvx is now known as Guest18666
lordievaderGood morning07:01
cpaelzerhi lordievader07:03
cpaelzergood morning to all as well07:03
lordievaderHey cpaelzer_, how are you doing?07:03
cpaelzergreat, I hope you are fine as well today07:04
lordievaderJup doing okay here. Today I'm going to update my firewall rules :D07:05
lordievaderIn other words, break everything :P07:05
hateball\o/07:07
cpaelzerready to see your disconnect timeout then :-)07:07
lordievaderAs I am using Matrix that should not happen ;) If it does I might have managed to break a server somewhere else on the campus :P07:10
=== m1dnight1 is now known as m1dnight
=== JanC is now known as Guest49554
=== JanC_ is now known as JanC
iot17Hey guys, i'm doing a quick survey (10 questions) about "Internet of things". I would be very thankful if you could take some time and fill it in. Cheers! https://www.umfrageonline.ch/s/iot1711:26
scottjldone!13:18
axisysiot17: done13:31
axisysguess iot17 left13:31
=== disposable3 is now known as disposable2
M3mphiZIs it normal that as root i can run 'mysql -u root -p' and even without entering the correct password i get in?14:06
lordcirth_workM3mphiZ, You are root anyway, what's the point?14:37
lordcirth_workM3mphiZ, I think if you try to connect to '127.0.0.1' rather than the default localhost it asks14:38
lordcirth_workBecause 127.0.0.1 != localhost in mysql o_O14:38
M3mphiZlordcirth_work: well its interesting, because after settings this: UPDATE mysql.user SET authentication_string=PASSWORD('<your-password>'), plugin='mysql_native_password' WHERE user='root'; I need the correct password.14:39
necrophcodrIs it possible to configure Apache to set a header explicitly?14:59
necrophcodrThis is very wrong, but due to infrastructure and horrible code, I need to set the HTTPS header without enabling HTTPS or SSL15:00
necrophcodrIs that even possible?15:00
lordcirth_worknecrophcodr, you have a reverse proxy adding TLS but not the header?15:03
necrophcodrlordcirth_work, oh no, it's much worse. I have Apache2 proxying from TLS to varnish, which then forwards to non-TLS port 8015:04
necrophcodrvarnish removes the HTTPS header because it's not running with certificates, and our setup wouldn't really support that either way.15:05
sdezielnecrophcodr: RequestHeader set X-Forwarded-Proto "https"15:05
necrophcodrsdeziel, i have not actually tried this, i'll give it a shot15:06
necrophcodrsdeziel, but that won't actually set the HTTPS header, will it? like at any point in the stack?15:06
lordcirth_worknecrophcodr, can't you configure varnish to set the header again?15:06
lordcirth_workOr, you know, fix the whole setup15:06
sdezielnecrophcodr: this will create the defacto standard header named X-Forwarded-Proto15:07
necrophcodrlordcirth_work, i'm not sure, but varnish forwards back to apache on port 80 (this is crazy), and apache might remove the https header too when not received on port 80.15:07
necrophcodrlordcirth_work, i can't fix the whole setup. there's too many servers running this kind of setup, and it's a LOT of moving integrated parts.15:07
necrophcodrif it was feasible to change, i would15:07
lordcirth_workSucks.  It doesn't sound very feasible to maintain either15:08
necrophcodri'm not asking because i find it fun, i'm asking because it's the only feasible solution i've come up with15:08
necrophcodrit is feasible to maintain, since there's not much maintenance.15:08
lordcirth_workHow did it get set up that way?15:08
necrophcodrdoesn't matter15:08
necrophcodrthe problem is that we're running the infrastructure with apache2, and now need to also integrate varnish15:08
necrophcodrand we're not setting apache2 vhosts up ourselves, that's managed by other systems15:09
necrophcodrbut we can modify the apache2 vhost templates, and the actual vhosts15:09
necrophcodrsince this is also for shared hosting, there's a lot of stuff that needs to fit together15:09
sdezielnecrophcodr: if you control the backends' vhost templates, why not set the header in there?15:10
necrophcodrsdeziel, the backend is apache15:10
necrophcodri'm talking about apache vhost templates15:10
sdezielI understood as much15:11
necrophcodrthat's where i'd like to set the header15:11
necrophcodrbut it needs to be the HTTPS header15:11
sdezielnecrophcodr: I still think that RequestHeader is what you want15:14
sdezielhttps://httpd.apache.org/docs/2.4/mod/mod_headers.html15:14
=== ddellav is now known as ddellav_
necrophcodrsdeziel, i'll give it another go15:16
=== ddellav_ is now known as ddellav
necrophcodrsdeziel, if i do RequestHeader set HTTPS "on" then it isn't set15:23
necrophcodror rather, Apache will set the HTTP_HTTPS header to "on"15:33
necrophcodrRequestHeader modifieds HTTP_* headers15:33
necrophcodrnot all headers15:33
sdezielnecrophcodr: are you saying that Apache will add the prefix "HTTP_" to the header name you added?15:43
necrophcodrsdeziel, yes15:43
sdezielnecrophcodr: I've never seen that behaviour and doubt it's Apache's doing15:45
necrophcodrI'm forwarding it to a PHP fcgid script that simply var_dumps $_SERVER15:47
necrophcodrit does nothing else at all15:47
sdezielhttps://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html#fcgidpassheader ?15:48
sdezielat this point, it's no longer a HTTP header but a env variable with the prefix HTTP_$headername15:49
necrophcodrso now it still has the prefix HTTP15:50
necrophcodrbut i still need to set the HTTPS header15:50
necrophcodroh wait15:51
necrophcodrno it may actually work15:51
necrophcodrsdeziel, thanks, that appears to work!15:52
sdezielnecrophcodr: great, np15:52
=== JanC_ is now known as JanC
=== Epx998- is now known as Epx998

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!