[07:06] <lordievader> Good morning
[08:47] <mojtaba> Hello, I have installed openvpn and stunnel. I am running openvpn through cmd. I am seeing "Initialization Sequence Completed" as the last statement, and I can connect to my local network. But I cannot open websites like youtube.com. Do you know how can I check what could be wrong?
[09:23] <jamespage> morning all
[09:41] <mojtaba> Hello, I am configured openvpn and stunnel, but when I try to traceroute youtube, it gives me a fake ip address: 10.10.34.34
[09:41] <mojtaba> http://paste.ubuntu.com/26087878/
[09:41] <mojtaba> I have these lines in the openvpn server config file.
[09:42] <mojtaba> push "dhcp-option DNS 10.8.0.1"
[09:42] <mojtaba> push "dhcp-option DNS 208.67.222.222"
[09:42] <mojtaba> push "dhcp-option DNS 208.67.220.220"
[09:42] <mojtaba> push "dhcp-option DNS 8.8.8.8"
[09:42] <mojtaba> But it seems dnsmasq is overriding my dns setup. http://paste.ubuntu.com/26087915/
[09:42] <mojtaba> Do you know what should I do?
[09:42] <mojtaba> My server is in Canada, and I am in Iran now.
[10:18] <lordievader> mojtaba: That is netwoekmanager controlling the resolving (with dnsmasq). Though normally it should use the DNS servers it gets from the DHCP.
[11:00] <ahasenack> this is weird, this morning's apt update has a new entry: http://pastebin.ubuntu.com/26088344/
[11:00] <ahasenack> Hit:6 http://179.184.158.85:80/pdata/0211cbbab141e5bb/security.ubuntu.com/ubuntu artful-security InRelease
[11:00] <ahasenack> never saw that before
[11:00] <ahasenack> that ip belongs to my isp, or to one of its customers
[11:01] <ahasenack> is that a cdn for security.u.c?
[11:30] <rbasak> owner:       TELEFÔNICA BRASIL S.A
[11:30] <rbasak> I think they may be doing a redirect to their own cache maybe?
[11:31] <rbasak> https://www.reddit.com/r/Ubuntu/comments/7dpnwl/requests_to_archiveubuntucom_being_redirected_on/
[11:31] <rbasak> It's safe as long as their cache doesn't go stale.
[11:32] <rbasak> apt does have options for staleness checking but they aren't enabled by default IIRC.
[11:35] <rbasak> Max-ValidTime
[12:10] <gun1x> Frickelpit: i totally missed your message yesterday. please say gun1x if you say something for me.
[12:10] <gun1x> Frickelpit: i am checking locale now
[12:12] <gun1x> Frickelpit: it worked by changing locale from gb to us, thank you
[12:27] <Lope> I'd like to run many FTP servers on a single public IP address, each FTP server inside a LAN IP for it's respective VM. I'd like to run some kind of reverse proxy server on the root server (that has the public IP). I've searched the repos for FTP reverse-proxy servers but didn't find anything. I've heard that jftpgw can do it but it looks like it was last updated in 2004!
[12:30] <jamespage> coreycb, beisner: I've uploaded fresh pxc-5.6, percona-galera-3 and percona-xtrabackup to bionic
[12:30] <jamespage> that gets things up-to-date for development
[12:30] <jamespage> pxc and galera updates really need to go back to xenial/zesty/arftul as well
[12:54] <coreycb> jamespage: ack
[13:17] <ahasenack> rbasak: do you know about dpkg-query -f '${Conffiles}'? The manpage just says "internal"
[13:17] <ahasenack> I'm trying to parse this sed
[13:17] <ahasenack> which seems overkill
[13:17] <ahasenack>  dpkg-query -W -f='${Conffiles}' mail-stack-delivery | sed -n -e "\' /etc/dovecot/conf.d/99-mail-stack-delivery.conf ' { s/ obsolete$//; s/.* //; p }"
[13:17] <ahasenack> as the output of dpkg-query seems to be just a file and md5, and some spaces that can be more easily removed than that sed sequence
[13:18] <ahasenack> in particular, " obsolete" doesn't show up, at least in this case I am at
[13:18] <rbasak> Is that trying to get a list of conffiles that mail-stack-delivery has on the system?
[13:18] <ahasenack> # dpkg-query -W -f='${Conffiles}' mail-stack-delivery ;echo
[13:18] <ahasenack>  /etc/dovecot/conf.d/99-mail-stack-delivery.conf 257ba5af418b630ef4d8075100bf7809
[13:18] <ahasenack> just one, and its md5
[13:18] <rbasak> Obsolete conffiles happen if a newer package version doesn't ship a conffile but doesn't explicitly remove it. Then it remains on the filesystem but dpkg considers it obsolete. Which is usually a bug.
[13:19] <ahasenack> but a simple awk would fetch the md5 in that output
[13:19] <rbasak> If a conffile is obsolete, perhaps that output has an additional field so the awk would grab the wrong field number.
[13:19]  * rbasak is guessing
[13:19] <ahasenack> sounds reasonable
[13:19] <rbasak> "The manpage just says "internal""
[13:19] <rbasak> Sounds like the script shouldn't be doing this at all.
[13:19] <ahasenack> also reasonable
[13:20] <ahasenack> as it might change I suppose
[13:20] <rbasak> I'm not sure there's necessarily a way to fix it though.
[13:20] <rbasak> Though I don't know for certain, my gut says this kind of hack is needed because the model of packaging that mail-stack-delivery needs to do its job doesn't work very well with dpkg and debs.
[13:20] <ahasenack> the idea of one package changing the configuration of many others?
[13:21] <rbasak> Yeah that kind of thing.
[13:21] <rbasak> I used to do "configuration management" using custom local debs that pulled in dependencies and configured them in around 2003.
[13:21] <rbasak> It doesn't work very well.
[13:28] <ahasenack> git ubuntu lint isn't happy with that dovecot branch, I can't get it to run: http://pastebin.ubuntu.com/26089211/
[13:28] <ahasenack> any ideas?
[13:29] <ahasenack> the branch is https://code.launchpad.net/~paelzer/ubuntu/+source/dovecot/+git/dovecot/+ref/bionic-merge
[13:30] <cpaelzer> for the sake of not beeing alone IÄve seen exactly this conffile + sed in multiple packages
[13:30] <cpaelzer> that doesn't mean it is right or wrong, just FYI
[13:31] <cpaelzer> ahasenack: is there a comment in the MP about an issue with that I should look at - or did you just wonder what dpkg could report in those cases?
[13:31] <ahasenack> cpaelzer: I was wondering about the " obsolete$" case
[13:32] <ahasenack> since the manpage didn't talk about it
[13:32] <cpaelzer> well it can has this appendix or not
[13:32] <cpaelzer> the sed is meant to drop it if it is there
[13:32] <cpaelzer> I had such changes, but rbasak already explained how it happens
[13:33] <ahasenack> yep, all good
[13:33] <ahasenack> any idea about the lintian?
[13:33] <ahasenack> does it run on your local copy of the branch?
[13:33] <cpaelzer> ahasenack: it didn't on strongswan, let me check dovecot ...
[13:34] <ahasenack> rbasak: thanks for the endorsement!
[13:36] <jamespage> coreycb: just saw a load of these from pike-proposed -  sbuild-build-depends-ceilometer-dummy : Depends: python-gabbi (>= 1.30.0) but it is not going to be installed
[13:38] <ahasenack> cpaelzer: iproute2 down to just 1 test failure, arm
[13:38] <coreycb> jamespage: hmm
[13:38] <ahasenack> a timeout in a test called "201-freqaccumulation"
[13:38] <cpaelzer> ahasenack: did you check it in any way more than the retry we did?
[13:39] <ahasenack> cpaelzer: last evening we had 3, this one and two others
[13:39] <ahasenack> the others seemed like infra problems
[13:39] <cpaelzer> yeah
[13:39] <ahasenack> timeout launching the adt vm
[13:39] <cpaelzer> maybe even this one
[13:39] <ahasenack> slangasek clicked the retry button for me
[13:39] <cpaelzer> ahasenack: so on dovecot "git ubuntu lint" passes
[13:39] <ahasenack> this one, I looked at the code but didn't come up with any ideas, I would have to run it locally
[13:39] <cpaelzer> but I had to remove some confusion on it first - especially since I had new/debian (from last merge) and another new/debian that I pushed
[13:40] <ahasenack> cpaelzer: can you push --force just to be sure I get all the bits? Or you rather not
[13:40] <cpaelzer> ahasenack: hmm does autopkgtest work on arm "as usual"
[13:40] <cpaelzer> ahasenack: how does the linter fail you?
[13:40] <cpaelzer> is it missing any tag or such?
[13:40] <ahasenack> cpaelzer: http://pastebin.ubuntu.com/26089211/
[13:41] <ahasenack> I did git fetch paelzer --tags already
[13:41] <cpaelzer> umm, I don't get this :-/
[13:41] <cpaelzer> ahasenack: and you are on the bionic-merge branch when you do this?
[13:41] <ahasenack> yes
[13:42] <ahasenack> when I started the review a couple of days ago, I did git checkout -b paelzer-bionic-merge paelzer/bionic-merge
[13:42] <ahasenack> and I have been getting your updates without problems
[13:43] <cpaelzer> ahasenack: I saw that I needed to drop the ~ppa version for the linter
[13:43] <cpaelzer> reasonable, I just didn't want 20 commits adding and removing them
[13:44] <ahasenack> sure
[13:44] <cpaelzer> ahasenack: I also pushed an updated new/debian - that was the one conflicting for me from last merge
[13:44] <ahasenack> doesn't seem to be what's confusing it here
[13:44] <cpaelzer> ahasenack: could you fetch branch and tags and check again?
[13:44] <cpaelzer> ahasenack: with verbose, I'll do the same
[13:44] <cpaelzer> maybe we spot the difference
[13:45] <ahasenack> no change: http://pastebin.ubuntu.com/26089277/
[13:45] <ahasenack> I see a tag update for new/debian
[13:46] <cpaelzer> ahasenack: http://paste.ubuntu.com/26089281/
[13:46] <cpaelzer> lets compare these :-)
[13:46] <ahasenack> ah
[13:47] <ahasenack> http://pastebin.ubuntu.com/26089284/
[13:47] <ahasenack> mine doesn't get far
[13:47] <ahasenack> same when I pass target-branch
[13:47] <ahasenack> let me try cloning it fresh elsewhere
[13:48] <cpaelzer> ahasenack: also try a few different things as target-branch
[13:48] <cpaelzer> probably debian/sid, bionic-merge ,... ?
[13:48] <cpaelzer> I'm not really sure what it would/should expect as that arg
[13:50] <ahasenack> same on a fresh clone
[13:51] <ahasenack> http://pastebin.ubuntu.com/26089308/
[13:51] <ahasenack> will have to check the code
[13:53] <ahasenack> I won't block on this
[13:53] <ahasenack> would be cool to see what's going on, though
[13:54] <cpaelzer> ahasenack: I just see in my inbox you listed more small/medium comments - thanks I'll take a look
[13:54] <ahasenack> cpaelzer: the ssl ones, let's not go crazy there. I think just the postfix one
[13:54] <ahasenack> I verified ssl3 is not enabled in dovecot (imap, pop)
[13:54] <ahasenack> we can file a separate bug to revise those settings
[13:54] <ahasenack> what do you think?
[13:55] <cpaelzer> I didn't read all your feedback yet, so I might be out of context
[13:55] <ahasenack> ok, take your time
[13:55] <cpaelzer> but that seems right (to be disabled) right?
[13:55] <ahasenack> it should, but we explicitly *enable* it for postfix in mail-stack-delivery :)
[13:55] <cpaelzer> I'll read and think through and ping you later
[13:55] <cpaelzer> not yet fully out of my inbox for today
[14:01] <cpaelzer> ahasenack: I can partially reproduce and partially avoid the linting issue - will let you know
[14:01] <ahasenack> heh :)
[14:01] <jamespage> coreycb: looking at pxc-5.6 it basicaly produces one package with binaries in it; a meta package and some debug symbols
[14:01] <cpaelzer> ahasenack: I see conflicts around old/ubuntu != old/ubuntu
[14:01] <cpaelzer> but - between the two hashes is no diff
[14:01] <jamespage> coreycb: and I think you'll need xtrabackup >= 2.4 as well
[14:01] <jamespage> 2.3 is the 5.6 aligned version afaict
[14:01] <cpaelzer> ahasenack: as if linter and importer would not agree if they should use the same commit reperesenting an import
[14:04] <cpaelzer> ahasenack: I think you should report a bug - I confirm it fails from a new clone + checkout
[14:04] <cpaelzer> ahasenack: but it works with http://paste.ubuntu.com/26089367/
[14:06] <coreycb> jamespage: ok
[14:06] <ahasenack> yeah, that worked too
[14:06] <cpaelzer> ahasenack: it must internally know how to call it right
[14:06] <ahasenack> minus the lp integration, I had to open the url manually
[14:06] <cpaelzer> ahasenack: that should be enough of a lead to spot the code issue
[14:06] <ahasenack> I'll file the bug
[14:06] <cpaelzer> thanks
[14:06] <cpaelzer> killing mails, then looking to your MP feedback
[14:06] <cpaelzer> oh and checking my Triage list for today ...
[14:08] <cpaelzer> :-/ 30 is a lot for a friday
[14:09] <ahasenack> that's between yesterday and today?
[14:09] <cpaelzer> yep
[14:10] <cpaelzer> but I see at least some share is from doko's pytohn3 burst
[14:10] <ahasenack> I have a few in my inbox that I want to respond to, the usual sssd and samba combo
[14:10] <ahasenack> but first finish this review
[15:35] <cpaelzer> FYI - if anyone being php could help verifying bug 1721607 for the SRU release that would be great
[17:15] <xpistos> Hey guys. quick question, I have a few different files in test.tar.gz. one file has the string "grep for zoo" in it. I am trying to grep for that in the gz file but since it isn't a compressed log, it doen's know what to do with the request. since zgrep doesn't support -r or -R is there a way to search that gz file for the string without extracting it?
[17:16] <Poster> zcat will push it to stdout, from there you can use a standard grep
[17:17] <Poster> though if you've got multiple files in there you'd need to untar it :|
[17:17] <dpb1> a tar is just a linear concat of files with some metadata, you can grep it without untaring
[17:17] <dpb1> zcat or gzip -c should work
[17:18] <dpb1> of course, if you have binary data, it could get interesting, but... :)
[17:21] <sdeziel> cpaelzer: I can run some basic tests but is there something specific to test?
[17:25] <xpistos> dpb1: thanks, it isn't giving me what I am looking for but isn't really important it was just an afterthought while working on strengthening my bash scripting