[00:16] failing to upgrade lucid .. this is what I tried so far [00:17] http://dpaste.com/0KW2Y2R.txt [00:17] any suggestion? [00:37] axisys: failure to authenticate suggests you've not installed the updated keyrings - I *think* the archive keys rotated at some point after 10.04 [00:45] https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1513232 comment #3 seems to be resolving .. now seems to be upgrading [00:45] Launchpad bug 1513232 in update-manager (Ubuntu Precise) "do-release-upgrade no longer works from lucid to precise" [Undecided,Confirmed] [00:49] yes, comment #11 confirms it's a key issue and gives a command to fetch the missing key [03:17] upgrade completed and now I am getting a key error on precise apt-get update [03:17] W: GPG error: http://us.archive.ubuntu.com precise-updates Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key [03:17] so I guess that key from #11 is not correct anymore [03:19] http://dpaste.com/18KFVNX.txt [03:20] axisys: check 'dmesg' output to see if you've had any IO errors [03:21] axisys: try manually checking the files in /var/lib/apt/lists/ [03:21] this fixed it [03:21] https://askubuntu.com/questions/198371/apt-encounters-errors-with-bad-gpg-keys [03:21] sarnold: right [03:21] needed a new lists dir [03:22] heh, that's a bit .. blunt, but sounds like it worked :) [03:23] do-release-upgrade on precise saying no new release found [03:25] /etc/update-manager/release-upgrades says Prompt=lts .. so why not? [03:28] interesting.. probably some cache.. after a reboot, it is accepting the command [03:29] axisys: do be sure to check dmesg to make sure you're not getting IO errors [03:29] we get a lot of bug reports with dying drives in the logs :( [03:43] ok.. also I am running a vagrant image for testing out the process in my laptop.. preparing for upgrading few next week :-) [03:44] but good suggestion [03:44] i do run smartmon as a cronjob on this laptop, also.. [03:44] I love to hear that you're testing it first, always a decent idea :) [03:44] then it's more likely the file was corrupted in transit. that happens. [03:45] or loose my job while playing with prod server.. hehe === micahg_ is now known as micahg === giraffe is now known as Guest34710 === clvx is now known as Guest18666 [07:01] Good morning [07:03] hi lordievader [07:03] good morning to all as well [07:03] Hey cpaelzer_, how are you doing? [07:04] great, I hope you are fine as well today [07:05] Jup doing okay here. Today I'm going to update my firewall rules :D [07:05] In other words, break everything :P [07:07] \o/ [07:07] ready to see your disconnect timeout then :-) [07:10] As I am using Matrix that should not happen ;) If it does I might have managed to break a server somewhere else on the campus :P === m1dnight1 is now known as m1dnight === JanC is now known as Guest49554 === JanC_ is now known as JanC [11:26] Hey guys, i'm doing a quick survey (10 questions) about "Internet of things". I would be very thankful if you could take some time and fill it in. Cheers! https://www.umfrageonline.ch/s/iot17 [13:18] done! [13:31] iot17: done [13:31] guess iot17 left === disposable3 is now known as disposable2 [14:06] Is it normal that as root i can run 'mysql -u root -p' and even without entering the correct password i get in? [14:37] M3mphiZ, You are root anyway, what's the point? [14:38] M3mphiZ, I think if you try to connect to '127.0.0.1' rather than the default localhost it asks [14:38] Because 127.0.0.1 != localhost in mysql o_O [14:39] lordcirth_work: well its interesting, because after settings this: UPDATE mysql.user SET authentication_string=PASSWORD(''), plugin='mysql_native_password' WHERE user='root'; I need the correct password. [14:59] Is it possible to configure Apache to set a header explicitly? [15:00] This is very wrong, but due to infrastructure and horrible code, I need to set the HTTPS header without enabling HTTPS or SSL [15:00] Is that even possible? [15:03] necrophcodr, you have a reverse proxy adding TLS but not the header? [15:04] lordcirth_work, oh no, it's much worse. I have Apache2 proxying from TLS to varnish, which then forwards to non-TLS port 80 [15:05] varnish removes the HTTPS header because it's not running with certificates, and our setup wouldn't really support that either way. [15:05] necrophcodr: RequestHeader set X-Forwarded-Proto "https" [15:06] sdeziel, i have not actually tried this, i'll give it a shot [15:06] sdeziel, but that won't actually set the HTTPS header, will it? like at any point in the stack? [15:06] necrophcodr, can't you configure varnish to set the header again? [15:06] Or, you know, fix the whole setup [15:07] necrophcodr: this will create the defacto standard header named X-Forwarded-Proto [15:07] lordcirth_work, i'm not sure, but varnish forwards back to apache on port 80 (this is crazy), and apache might remove the https header too when not received on port 80. [15:07] lordcirth_work, i can't fix the whole setup. there's too many servers running this kind of setup, and it's a LOT of moving integrated parts. [15:07] if it was feasible to change, i would [15:08] Sucks. It doesn't sound very feasible to maintain either [15:08] i'm not asking because i find it fun, i'm asking because it's the only feasible solution i've come up with [15:08] it is feasible to maintain, since there's not much maintenance. [15:08] How did it get set up that way? [15:08] doesn't matter [15:08] the problem is that we're running the infrastructure with apache2, and now need to also integrate varnish [15:09] and we're not setting apache2 vhosts up ourselves, that's managed by other systems [15:09] but we can modify the apache2 vhost templates, and the actual vhosts [15:09] since this is also for shared hosting, there's a lot of stuff that needs to fit together [15:10] necrophcodr: if you control the backends' vhost templates, why not set the header in there? [15:10] sdeziel, the backend is apache [15:10] i'm talking about apache vhost templates [15:11] I understood as much [15:11] that's where i'd like to set the header [15:11] but it needs to be the HTTPS header [15:14] necrophcodr: I still think that RequestHeader is what you want [15:14] https://httpd.apache.org/docs/2.4/mod/mod_headers.html === ddellav is now known as ddellav_ [15:16] sdeziel, i'll give it another go === ddellav_ is now known as ddellav [15:23] sdeziel, if i do RequestHeader set HTTPS "on" then it isn't set [15:33] or rather, Apache will set the HTTP_HTTPS header to "on" [15:33] RequestHeader modifieds HTTP_* headers [15:33] not all headers [15:43] necrophcodr: are you saying that Apache will add the prefix "HTTP_" to the header name you added? [15:43] sdeziel, yes [15:45] necrophcodr: I've never seen that behaviour and doubt it's Apache's doing [15:47] I'm forwarding it to a PHP fcgid script that simply var_dumps $_SERVER [15:47] it does nothing else at all [15:48] https://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html#fcgidpassheader ? [15:49] at this point, it's no longer a HTTP header but a env variable with the prefix HTTP_$headername [15:50] so now it still has the prefix HTTP [15:50] but i still need to set the HTTPS header [15:51] oh wait [15:51] no it may actually work [15:52] sdeziel, thanks, that appears to work! [15:52] necrophcodr: great, np === JanC_ is now known as JanC === Epx998- is now known as Epx998