/srv/irclogs.ubuntu.com/2017/09/20/#ubuntu-server.txt

oraqol1hey guys, so I finally got conjure-up to load without the lxd and lxd init bug, created br0 and plugged it into eno2, but now the installer is stuck on 'Running step: 00_deploy-done.' and all the containers are stuck on 'waiting for machine'01:21
stokachuoraqol1: does /snap/bin/lxc list show containers with no ips?01:21
oraqol1they do show ips01:23
oraqol1on eth001:23
oraqol1all but one are in the 192.168.1.x rnage01:23
oraqol1the last is on 10.232.183*01:23
stokachuoraqol1: whats output of `juju status --format yaml|pastebinit`01:24
oraqol1https://pastebin.com/g6TFLKJg01:27
oraqol1these are my network settings: https://pastebin.com/7b01EkNK01:30
stokachuoraqol1: can you do `/snap/bin/lxc list|pastebinit`01:32
oraqol1here ya go: https://pastebin.com/Cd7CMXMc01:33
stokachuoraqol1: you aren't running out of disk space are you?01:37
stokachuoh hmm01:38
oraqol1https://pastebin.com/mMWhXpvp01:38
oraqol1do you just wanna, like, jump on and see for yourself?01:39
stokachusure01:39
oraqol1kk01:39
stokachuyou can `ssh-import-id adam-stokes` for my ssh key01:40
=== JanC_ is now known as JanC
=== mundus2018 is now known as mundus
=== mundus is now known as mundus2018
=== mundus2018 is now known as mundus
brianwHello. Great work with LXD!05:01
brianwJust setup a nce little vpn client gateway for a paid vpn service. Working great!05:02
cpaelzergood morning05:31
sonu_nkhi there.. i created a user apis for my ubuntu -server..  if i want to run composer with this user then what permission i required for this apis user and in which group i need to put this user05:40
sonu_nk?05:40
sonu_nkapis is not in the sudoers file.  This incident will be reported.05:42
lordievaderGood morning06:44
jamespagecpaelzer: I'm about to triage https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/171813306:59
ubottuLaunchpad bug 1718133 in nova (Ubuntu) "Live block migration in Pike fails due to qemu-img" [Undecided,Confirmed]06:59
jamespageas a high - we had a direct report and openstack gates just reverted back from the Pike UCA as live migration tests where failing 50% of the time07:00
jamespageI'll be back in about 1 hr07:00
jamespagecpaelzer: might be a behavioural incompatibility between nova@pike and qemu 2.1007:03
jamespageI'll dig in further in 1hr07:03
sonu_nkhi there.. i created a user apis for my ubuntu -server..  if i want to run composer with this user then what permission i required for this apis user and in which group i need to put this user07:11
sonu_nk<sonu_nk> ?07:11
sonu_nkapis is not in the sudoers file.  This incident will be reported.07:11
cpaelzerjamespage: ok07:15
cpaelzerjamespage: thanks for the heads up07:15
cpaelzerjamespage: we already had some issues around these logs07:16
cpaelzerall migrations I usualyl do (one of each type) worked eventually07:16
cpaelzerbut surely this might trigger a case missed so far07:16
cpaelzerlook at the "fixed in rc section" https://wiki.qemu.org/Planning/2.10 that was all me :-/07:17
cpaelzertoo bad we seem to hit another one07:17
cpaelzerjamespage: I updated the bug but need you to reproduce and provide the data we almost always need07:21
cpaelzerjamespage: ping me for an interactive discussion once you have that if you want07:22
cpaelzerjamespage: I think I shortened your repro quite a bit09:17
cpaelzerupdating the bug09:17
cpaelzerjamespage: updated the bug and submitted to qemu-devel09:26
cpaelzerjamespage: I'll add the link as soon as I have it09:26
jamespagecpaelzer: ta - just about to bounce some instances around a test deployment09:27
cpaelzerjamespage: have you ready my simplified testcase - three commands and you are there09:28
cpaelzerwell we might need your testcase still to find if there is more09:28
cpaelzeronce we have an idea how to fix it09:28
jamespagecpaelzer: tl;dr - qemu-img info defaults to needing a lock and fails as a result cause the instance is running right?09:32
cpaelzeryes09:32
jamespageglad I grokked that09:32
cpaelzerso the fix is either to make info (and other non crit actions) non conflicting or to provide no-lock option09:34
cpaelzeror both09:34
ren0v0Hi, ubuntu 16.04 ships with mariadb 10, but after installation there is no systemd unit ?09:53
pascalouhi10:01
pascalouIs there any whois cache ?10:01
pascalouor w ahois proxy/cache10:01
cpaelzerjamespage: --force-share10:07
cpaelzerjamespage: bug is updated10:07
jamespagecpaelzer: ok so my read on this is that its intended behaviour so we need to make nova understand what todo with newer qemu versions10:12
cpaelzeryes10:13
jamespagecpaelzer: ok so we can put in a distro-only patch to fix this short term, to be superceeded by something better in Nova when landed - thanks for your help here12:29
cpaelzerI'm glad I could help12:36
cpaelzerthis locking has caused too much headache for me anyway12:36
cpaelzerwas "just another one"12:36
cpaelzeron 18.04 I'm refusing to be pushed to merge so late in the cycle no matter who has shiny new HW12:37
cpaelzerbut the 2.11 release plan is not yet written so I can't start to plan my dates yet12:37
=== sammyg is now known as Guest20392
=== hakra is now known as sammyg
Oskars__Can a user have 2 groups? Because when I create a new user and add it to an existing group, and check in /etc/passwd I see: <user>:x:1001:1002, where 1002 is the group I added the user to13:54
masonOskars__: Just one primary group. No cap I'm aware of on secondary group membership, other than potential issues with NFS group handling.13:55
Oskars__mason, So 1001 is the primary group? And 1002 the secondary?13:56
masonOskars__: man 5 passwd13:57
Oskars__mason, thank you13:57
masonYou want to be familiar with that content.13:57
masonGroups beyond the first will generally mean the username shows up in the right place(s) in /etc/group13:57
Oskars__Indeed, sorry it's getting late here and I just realised that the 1001 is the user ID...13:58
sdezielOskars__: to get various info on a given user, "id $user" is quite handy14:02
Oskars__sdeziel, thank you! Trying to figure out why I can't FTP in to the server with my new created user. The only difference is that the user no longer owns the directory, but the group he is in, this should work right? The group has r+w to the directory. My old user which can FTP in is the owner of the directory14:05
sdezielOskars__: is it the FTP server denying connection (rejecting your username/pass) or is it a problem entering/writing into a given dir?14:07
masonBeen ages since I've used ftp... It's generally a good idea to use encrypted protocols nowadays. That said, seeing the logs from the login attempts would probably help nail it down.14:08
Oskars__sdeziel, I get "GnuTLS error -15: An unexpected TLS packet was received.14:08
Oskars__" from filezilla14:08
masonThat can come about from something as simple as the connection breaking.14:08
sdezielI never setup a FTP, only SFTP, much easier IMHO14:09
sdezielOskars__: looks like you are trying FTPS ?14:09
Oskars__The logs say nothing, just that the client get an OK LOGIN. I setup an vsftpd and try to FTPS in14:09
sdezielOskars__: I'd check vsftpd's logs to see what's going on14:11
Oskars__sdeziel, vsftpd's logs says nothing, the client get an OK LOGIN then it just stops, no error message or nothing in the log14:12
sdezielOskars__: I know very little about FTP(S) so I'm afraid I can't help you with that14:13
masonLikewise.14:13
Oskars__No problem, thank you for the help you gave me, appreciated!14:13
sdezielnp14:14
=== yeeve_ is now known as yeeve
=== jelly-home is now known as jelly
=== pavlushka_ is now known as pavlushka
=== Epx998- is now known as Epx998
andybikerHi, I have a new ubuntu server running, but I have lost the ability to install software and updates. How can I reconfigure or test mirrors?22:26
whosawhatsitso I am trying out landscape. However when I apply package profiles they dont install correctly. The "Release" folder doesn't seem to get created properly on the target machines mean apt update fails22:26
andybikerI am interested to put glances on as I seem to get a hot processor reading22:28
sarnoldandybiker: start with sudo apt-get update && sudo apt-get -u dist-upgrade22:29
whosawhatsitto get apt working cleanly again I have to "rm /etc/apt/sources.list.d/_landscape-internal-facade.list"22:29
sarnoldif those give you errors you've got a place to start22:29
* whosawhatsit is guessing nobody actually uses landscape22:30
andybikerErr:x http://gb.archive.ubuntu.com/ubuntu xenial/*     -- multiple errors22:34
sarnoldandybiker: what errors?22:34
andybikergb.archive and security  repositories inaccessible.22:34
andybikerTemporary failure resolving those sites22:35
sarnoldcurious; can you resolve other names alright?22:35
andybikersuch as? I can access the server from my mint pc, so that seems okay22:36
sarnoldI normally pick a few servers that are highly unlikely to be broken; something like ping www.google.com ; ping www.yahoo.co.uk ; ping yandex.ru22:37
andybikerInteresting... I believe google's ip address is 8.8.8.8 and that can be pinged, but www.google.com cannot!22:39
sarnoldandybiker: what's in /etc/resolv.conf ? does it look sane?22:40
sarnoldandybiker: 8.8.8.8 is just an open recursor that people are free to use; when you try to resolve www.google.com it'll resolve to something other than 8.8.8.8 :)22:40
andybikernameserver 192.168.0.1 is the only relevant line22:41
sarnoldcan you ping that address?22:41
andybikerI disd wonder about 8.8.8.8! :)22:41
andybikeryes, I can ping the main router22:41
andybiker4ms22:42
sarnoldhow about dns queries? dig www.google.com @192.168.0.1  or dig yandex.ru @192.168.0.1 ?22:42
andybiker8.8.8.8 takes 33ms22:42
sarnoldso, the funny thing about 8.8.8.8... it's got something like 250 MILLION users. That's people who have chosen to use Google's free recursive resolver rather than their ISP's resolvers..22:43
andybikerdig timed out, no servers found22:44
andybikerreached22:44
sarnoldand because so many people use google's services, they have probably already looked up whatever it is you're about to look up, so they can give an answer right from teh cache. That knocks another 100ms off finding addresses, compared to asking a DNS recursor that doesn't have the answer cached already22:44
sarnoldandybiker: okay; how about firewalls on this server or on 192.168.0.1 that might be blocking UDP 53 or TCP 53?22:45
andybikerI have two routers to check, but I have not blocked them. I did set up some fixed ip addresses but that is it connecting two routers together22:47
andybikerMy virginmedia router is really noddy/simple and the netgear connected to it is dhcp disabled and acting as an access point/second wifi22:48
andybikermy pc and server have to go through two routers22:48
andybikerthe second router, server and my pc have fixed ip addrsses22:49
andybikersudo lsof -i TCP| fgrep listen gives no results,as does using UDP22:56
andybikertcp        0      0 127.0.1.1:53            0.0.0.0:*               LISTEN22:58
andybikerudp        0      0 127.0.1.1:53            0.0.0.0:*22:58
andybikerfrom netstat -lntu22:58
sarnoldis that on the 192.168.0.1 machine?22:59
sarnoldnote that the binding 127.0.1.1:53 means that that server can only handle requests from loopback interfaces; whatever DNS server you've got on that machine may need to be told that it should listen on 192.168.0.1 as well23:00
andybikerHang on. The netgear router default is 192.168.1.1 and the Virgin box is 192.168.0.1 and the netgear was modified to 192.168.0.523:00
andybikerWhy is 127.0.1.1:53 being used?23:01
andybikerYou have explines23:02
andybikerexplained23:02
andybikersorry!23:02
andybikernameserver is 192.168.0.1, the main virgin router23:04
andybikerdo I need a line for 127.0.0.1?23:05
sarnoldno, the 127/8 range is Very Special. All those addresses wind up going to loopback23:06
sarnoldso a DNS server listening on 127.0.1.1:53 can be reached by 127.1.1.1 or 127.0.0.1 or whatever, no trouble23:07
andybikerresolv.conf is okay with just one line. I can't ping specific websites by name. How about downloading the ubuntu packages locally to my mint machine and acting like a mirror here?23:11
sarnoldwhile you can definitely do that I think you'd be better served by actually sorting out your networking / dns to make this work properly :)23:12
sarnoldif you don't want to do that, you could pop the IP address for gb.archive.ubuntu.com into your /etc/hosts file and skip bouncing through your desktop23:13
andybikerbtw /etc/hosts has 127.0.0.1  as localhost ans 127.0.1.1 as ubuntu (server)23:15
sarnoldthat's normal23:15
trippehhm. ubuntu is not shipping a /usr/lib/systemd/resolv.conf?23:36
trippehman systemd-resolved refers to it, but it is not showing up on my systems.23:36
trippeh(unrelated to previous discussion)23:37
nacctrippeh: it's mentioned as an option, not the onen used by default23:38
naccafaict23:38
trippehman says it should be there.23:39
trippeh"A static file /usr/lib/systemd/resolv.conf is provided that lists the 127.0.0.53 DNS stub (see above) as only DNS server. This file may be symlinked from /etc/resolv.conf in order to connect all local clients that bypass local DNS APIs to systemd-resolved."23:40
nacctrippeh: the default is sytemd-resolved maintaining /run/systemd/resolve/resolv.conf23:40
nacctrippeh: read the line just above it23:40
nacctrippeh: three modes are supported23:40
nacctrippeh: it doesn't say that file is there by default or which of the three modes is the dfault23:40
trippehyes, seems like the file should be shipped, so you can actually use the first mode if you want to.23:41
sarnold/etc/resolv.conf is Super Complicated with systemd-resolved. Sometimes it consumes the file. Sometimes it populates the file. much sadness.23:41
andybikerHi sarnold. I have just been looking at the routers and there is only one using udp/tcp on 1639623:42
trippehI just want stuff not using NSS to go through resolved, instead of to the upstreams directly.23:42
nacctrippeh: you can file a bug, but my point simply was nothing in the manpage says that file should be there (to me)23:42
trippehnacc: "is provided" seems pretty clear to me :p23:42
sarnoldandybiker: oh? none of the routers actually have a dns recursor for you to use? :)23:43
trippehthe symlink decides what actually happens anyway23:43
nacctrippeh: ah, i read that differently -- as in 'is provided...' by you23:43
andybikerThat suprisingly is on the netgear. The virgin has no list of udp/tcp ports23:43
nacctrippeh: not by the package, but your way also makes sense. I'd file a bug if it's not alrady done23:43
andybikerNetgear has a dynamic dns option23:44
andybikerDynDNS or noip23:44
nacctrippeh: it's i /lib/systemd/resolv.conf23:45
sarnoldthose normally mean "contact dyn or similar and get them to provide me with DNS A entries" or something similar23:45
nacctrippeh: so i wonder if it's a typo in the manpage or in the way the pkg is built23:45
trippehnacc: aaah!23:45
sarnoldthat's unrelated to having a DNS recursor23:45
trippehso a simple documentation fail23:45
nacctrippeh: that's my initial read (i did an apt-file search resolv.conf | grep systemd)23:45
andybikerPort forarding!23:45
nacctrippeh: you can still file a bug, and xnox may be able to tell us :)23:45
trippehI guess due to redhat going all in on /usr? :)23:46
trippehwhile we use /23:46
* trippeh is just replacing his client/servers/vms local unbounds with resolved23:48
trippehwhich reminds me, I have some bugs to file on the unbound package as well.23:48
andybikerI have set up port forwarding for the server on the Netgear router : service ftp for udp/ftp on port start 53 to end 53 on internal and external ports23:50
andybikertcp/udp23:50
trippehsarnold: I almost found it sensible after reading the man page; but might have preferred having a resolved.conf option instead.23:53
trippehhave not put much thought into it of course.23:53
sarnoldandybiker: 53 is dns. ftp is 20 and 2123:56
* RoyK wonders why the systemd folks chose to put config files under /usr/lib instead of /etc23:56
andybikerI have set 53 on Netgear and 20-81 0n the virgin box23:56
sarnoldRoyK: their vision is a completely empty /etc for a system that changes no defaults23:56
nacci sort of agree with it, /etc is for customizatio23:57
andybikersorry, 40-8123:57
sarnoldtrippeh: that's one of the hard parts .. a lot of systemd stuff sounds good from the docs. I'll be curious to hear your conclusions ;)23:57
RoyKsarnold: hm - ok - so what do you do with /usr/lib/systemd/resolv.conf? just create /etc/resolv.conf and that'll be accepted?23:57
naccit then becomes clear(er) what is the default and what is changed locally, and their can be a comon inheritance pattern23:57
trippehrl23:58
trippehl23:58
trippehoops23:58
sarnoldRoyK: or /etc/systemd/resolv.conf or something like that. you've got check the docs to figure out what goes where.. and as trippeh finds, it might not always be correct unless you're on fedora. heh.23:58
sarnoldnacc: having seen exim configs and sendmail configs i'm slightly supportive of the idea :)23:58
trippehRoyK: /{,usr/}lib/systemd/resolv.conf is always pointing to 127.0.0.5323:59
RoyKsome things are rather good in systemd, but then again, it turns my linux systems into something completely new, which is rather annoying, having used linux, being more or less the same, since 199423:59
naccsarnold: yeah .. and honestly, let's say you did edit some random file a few years ago, it's always hard to remember what you did :)23:59
trippehRoyK: that is its sole purpose in life23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!