/srv/irclogs.ubuntu.com/2018/01/25/#ubuntu-server.txt

Neo4why know what is DNS server? I've read about BIND if I install it what I'll get?00:17
geniiHeadaches00:18
sarnoldNeo4: there's three types of DNS servers: authoritative, recursive, and forwarding00:18
sarnoldgenii: lol +100:18
Neo4what does do DNS server? it return IP  of servers00:18
sarnoldNeo4: an authoritative server knows the IPs and names of specific services and so on00:19
geniiNeo4: Basically, yes.00:19
sarnoldNeo4: a recursive server knows how to start from the "root nameservers" and query each hierarchy of name servers to find an eventual answer to a question00:19
Neo4sarnold: ok00:19
sarnoldNeo4: forwarding nameservers do not know how to query the roots, they just forward the question on "to the next nameserver", which *will* know how to answer the question00:19
Neo4in general what shall I get?00:19
sarnoldNeo4: so which types of DNS server you need to run depend upon what services you want to offer00:20
sarnoldNeo4: if you have clients on a LAN that want to look up hostnames like www.yandex.ru, then you would probably want to run a recursive or a forwarding server for your clients00:20
Neo4I will able put any domains to my DNS server? something like ns.my_fqdn00:20
sarnoldNeo4: if you want to provide services to the world with your own names, you could run an authoritative server00:21
Neo4sarnold: I needn't any )00:21
sarnoldyes00:21
Neo4just curious00:21
sarnoldif you want to run your own name servers, you would register your name servers with your registrar ("glue records")00:21
sarnoldNeo4: I strongly recommend powerdns instead of bind00:22
sarnoldNeo4: other popular choices are knot and unbound00:22
Neo4sarnold: I want for test run one on digital ocean and overview all possibilities and settings )00:22
sarnoldNeo4: if you set up a recursive server DO NOT MAKE IT PUBLIC00:23
Neo4on digital ocean popular BIND00:23
sarnoldbind was the first and still very popular00:23
sarnoldbut they mix auth and recursive which has shown to be very dangerous00:23
sarnoldi've read both bind and powerdns sources and I know which one I'd rather run :)00:24
geniiunbound is fairly decent00:24
sdezielI concur, unbound is an excellent recursor00:24
sdezielI have yet to try powerdns but I think sarnold just convinced me ;)00:25
Neo4if I have my own DNS somewhere I can bind there domainname and ip address from digitalocean and not use a cname and other from digitalocean panel?00:26
sarnoldpowerdns folks also make a dns proxy, dnsdist -- during a recent round of dns DDOS attacks, folks with bind servers were able to servive by plopping dnsdist services in front00:26
Neo4it might be this functionality is DNS00:26
Neo4badly understand this notions00:27
sarnoldNeo4: you need to get IPs and IP routing from somewhere..00:27
* mason is a staunch BIND fan. Goes with the whole dinosaur thing. BIND and Sendmail forever!00:32
sarnoldmason: let me guess, *real* sendmail, no m4 for you? :)00:32
masonNo, I'm an M4 fan. In fact, I've had two customer issues come up recently where I got to spread the Sendmail love.00:32
sarnoldhehe, that's greatdnl00:33
masonhah00:35
naccrbasak: hrm, did you not see this? https://paste.ubuntu.com/26455183/00:39
naccrbasak: makes the gpgv stuff ... unclear how to use. The manpage implies 2 is a fatal error00:39
hashwagonOn 16.04 the man page for unattended-upgrade says /etc/cron.daily/apt initiates the upgrade process. Anyone know why /etc/cron.daily/apt isn't generating for me? Has anyone else seen this?00:43
rbasaknacc: I didn't see that in my testing. Perhaps you're using an older series than I di?00:53
rbasaknacc: if so it's still a valid problem though.00:53
rbasakMight be able to work around by providing the DSA public key too00:54
sarnoldhashwagon: looks like it's a systemd timer thing now00:55
sarnoldhashwagon: check out systemctl cat apt-daily-upgrade.service00:55
geniisarnold: What's wrong with real sendmail? It's simple and efficient!01:13
sarnoldgenii: "simple"? :) this is the first I've ever heard that word used with sendmail :)01:15
masonMonolithic, single binary, single process. Few moving parts.01:15
masonThat it's self-aware is incidental.01:15
sarnoldhehe01:17
rbasaksendmail.cf contains enough moving parts to make up for that.01:49
MJCDhey y'all, I want to set up bind or dnsmasq or some such thing04:16
MJCDand I want it to act as a dns cache04:16
MJCDwhich just looks up non-cached or out of TTL type thing04:17
masonMJCD: I like unbound for that sort of role.04:20
naccrbasak: i was checking xenial-updates as a random test on bionic04:23
naccrbasak: is the DSA public key available via a different keyring?04:24
MJCDmason, oooh04:24
MJCDlet me google that04:24
MJCDohhhh04:25
MJCDthis looks great04:25
MJCDand its recursive04:25
MJCDyeah mason this is exactly perfect04:29
MJCDI can set upto 4 forward-addr04:29
MJCDwhich by default is already google dns04:30
MJCDbrilliant04:30
masonMJCD: Good, glad you like it!04:30
MJCDthanks so much04:30
MJCDsee y'all soon04:30
masono/04:30
naccrbasak: oh i see what i was doing wrong, i need to pass all the keyrings04:32
gibkinghi guys06:09
gibking i'm struggling with dhclient/ipv6 and wonder if i hit a bug or not06:09
gibkingDHCP Client System: trusty server, 4.4.0-111-generic, isc-dhcp-client  4.2.4-7ubuntu12.1006:10
gibkinghost gets ip6 addr normally: "ip a s" inet6 2003:.../128 scope global valid_lft forever preferred_lft forever06:10
gibkingbut after some time (probably has something to do with lease-time?) the ip becommed depreffered06:10
gibkingpreferred_lft is set to zero and in syslog i can see: dhclient: PRC: Address 2003:... depreferred06:10
gibkingbut this  does also happen on 16.04 server06:10
gibkingthis is why i am not sure if its a bug or "working as designed"06:11
gibkingdoes anybody know whats happening there?06:11
gibkingRAs are beeing sent from the firewall and routes are refreshed normally.06:12
ShmamHi, I'm trying to get crontab to work. I have the following: `@reboot and inside of run, there is a bash script with `#!/bin/bash and then it cds into a dir and starts a nodejs script. But it doesnt work for some reason. If I try to do `/home/sam/Documents/repo/run` as a regular user, it works fine.06:22
cpaelzerthanks nacc for the importer reset, AFAIK the missing versions were much older but I'll report next time I see something06:46
lordievaderGood morning07:21
cpaelzergood morning07:39
lordievaderHey cpaelzer08:12
lordievaderHow are you doing?08:12
cpaelzerhi lordievader, doing good for now08:22
cpaelzeras soon as all I work on is built I'll face the wall of errors that I expect :-)08:22
disposable2i have a LXD profile that had limits.memory.swap set to false. I've changed that to true. do i need to restart my containers for that setting to have any effect?08:53
cpaelzeryou can check if it directly applied via lxc config get <container> limits.memory.swap09:03
cpaelzerI pinged a few friends who should know the answer about the restart09:04
cpaelzerhopefully one shows up in a bit09:04
cpaelzerdisposable2: ^^09:04
disposable2cpaelzer: thank you. i had tried the lxc config get before i asked but it doesn't return anything09:05
disposable2only an empty line09:05
cpaelzerfor me as well, as soon as I set something it obviously retruns what  I set09:05
cpaelzerI wonder what it tweaks in cgroups - is it only per continaer swappiness?09:07
cpaelzerif so that would eb easy to check09:07
cpaelzerdisposable2: yes that is it09:08
cpaelzerwhat is your /sys/fs/cgroup/memory/lxc/<container>/memory.swappiness09:08
cpaelzerswitching this off/on seems to swicth that between 0 and 5009:09
cpaelzerso once you edited your profile from false to true, check if the value changed from 0 to 5009:09
cpaelzerdisposable2: ^^09:09
disposable2cpaelzer: well, now that i've set it manually for all my containers, it says 50 for all the containers09:10
cpaelzerwhich is the value for "true"09:10
disposable2cpaelzer: yet, the ram is almost completely full and no swapping is happening. the host machine has vm.swappiness=60. hmmmmmm09:11
cpaelzerthat is the global default value09:11
cpaelzerdisposable2: and it will still swap only what it considers rather inactive09:11
cpaelzerif you e.g. have cold page cache that will be dropped first09:11
cpaelzerdisposable2: if this is not your prod machine you can check if/when it would swap by using a mem eater keeping his memory hot and slowly increasing its size09:12
disposable2cpaelzer: thank you for taking the time09:13
cpaelzerstress-ng --vm-keep --vm 1 --vm-bytes can do that for you09:13
cpaelzerI had my share of fun with swap in the past and experience sharing is part of the open source spriti right :-)09:14
soahcccWhat would be the most sensible way to permanently change CPU scale governor? I found multiple ways: udev rule, sysfsutils (can't I use sysctl?) or just dump it into rc.local?11:23
ahasenackxnox: hi, about my ping yesterday about ocfs2-tools on s390x11:30
ahasenackxnox: I have an ocfs2-tools ftbfs upload stuck in excuses because the s390x tests fail. You filed https://github.com/markfasheh/ocfs2-tools/issues/2211:32
ahasenackI mean, my upload fixes the ftbfs :)11:35
soahcccI fixed my problem, turns out it was supposed to be on "ondemand" but system only has performance/powersave and it choose powersave as fallback11:35
soahcccBut on the topic of that: who defines these scaling governors? system or cpu?11:43
ahasenacksoahccc: have you tried cpufrequtils? (Sorry, didn't get the whole context)11:46
ahasenackand/or cpufreqd11:46
soahcccahasenack: yea it's cpufrequtils (included in the image from the hoster) but they have ondemand in there but the new CPUs in our new servers don't have that11:47
ahasenackand cpufreqd? Can't you chose a governor there and it will set it every time it starts, i.e., at every reboot?11:48
ahasenackthat being said, my artful system has this:11:49
ahasenack /lib/systemd/system/ondemand.service:ExecStart=/lib/systemd/set-cpufreq11:49
soahcccthere is no cpufreqd but I edited (and found it) in /etc/default/cpufrequtils11:49
ahasenackwhich runs /lib/systemd/set-cpufreq11:50
soahccccuriously there is a service "ondemand" which I guess should set governor to ondemand, no idea if I need that service for anything now11:50
ahasenackdo you have that systemd file above?11:50
ahasenackmaybe debug it, because it looks like it tries to do the right thing11:50
ahasenackFIRSTCPU=`cut -f1 -d- /sys/devices/system/cpu/online`11:51
ahasenackAVAILABLE="/sys/devices/system/cpu/cpu$FIRSTCPU/cpufreq/scaling_available_governors"11:51
ahasenackcheck what you get for $AVAILABLE11:51
ahasenackI have:11:51
ahasenack$ cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_available_governors11:51
ahasenackperformance powersave11:51
ahasenackin a laptop, of course11:51
soahcccI don't have both of these files11:52
ahasenacknot even the /sys/devices/system/cpu/..... one?11:52
soahcccand sys reports only two governors11:52
ahasenackis this xenial or what?11:53
soahcccperformance and powersave (same as cpufreq-info says), xenial yes11:53
soahccchttps://gist.github.com/2called-chaos/03263073f6d3ab83a9b9f72ee4a244f111:53
ahasenackin xenial you have /etc/init.d/ondemand?11:53
soahcccyes, that's there11:54
ahasenackit's similar code11:54
ahasenackthat is what is setting your governor11:54
ahasenackyou need it to be set to performance?11:55
soahcccahasenack: I assume it uses /etc/default/cpufreqinfo no? Because it was set to ondemand there and I guess it defaulted to powersave?11:55
ahasenackit does not11:55
ahasenacklook at the script, it does not read /etc/default/cpufreqinfo11:56
ahasenack /etc/default/cpufreqinfo must come from another package11:56
soahcccahasenack: yeah and it has a comment in the file that it's from the hoster's installimage11:56
soahcccI haven't restarted the machine yet (I set it to performance manually) but here's where I changed it to performance: https://gist.github.com/2called-chaos/457ee50f08df3a1b25059bedb80ba23411:57
ahasenackI don't see a way in that /etc/init.d/ondemand script for it to set the governor to performance11:57
ahasenackit's either interactive, ondemand, or powersave. If your system supports neither, it exits without touching the governor11:57
soahcccI restarted ondemand service and it didn't change back11:58
ahasenackwhich package profides that file? dpkg -S /etc/default/cpufrequtils11:58
ahasenackprovides*11:58
ahasenackand then check if the package has an initscript or something like that, with dpkg -L <name>11:58
soahcccno path found matching pattern /etc/default/cpufrequtils11:59
soahcccbut I guess it's from cpufrequtils (same name)11:59
ahasenackmakes sense11:59
soahccci   cpufrequtils                                                  - utilities to deal with the cpufreq Linux kernel feature11:59
ahasenacklook for an initscript in it11:59
ahasenackand then check if it reads /etc/default/cpufreqinfo11:59
ahasenackor just do grep /etc/default/cpufreqinfo /etc/init.d/*11:59
ahasenackcould also be an upstart job. Then do grep /etc/default/cpufreqinfo /etc/init/*12:00
ahasenackand /lib/systemd/system/* for systemd12:00
soahcccyeah there is and it does :) mystery solved (no idea why ondemand is there though)12:00
ahasenackthen that initscript should set it12:00
ahasenackthe only other possible problem is if it comes before the ondemand initscript, as the ondemand one could override the changes12:01
soahcccI think the ondemand service is broken, the script reads AVAILABLE and DOWN_FACTOR variables, the latter doesn't exist12:03
soahcccBut do I even need that service if there is apparently a different service doing the same thing?12:04
ahasenackit's part of the initscripts package, so you can't just remove it12:05
ahasenackyou can disable it12:05
ahasenackif your cpufrequtils one comes after, though, there is no harm in keeping both12:05
soahcccahasenack: haha these fools, they misspelled "govenor" variable, their script wouldn't do shit even if I had ondemand12:22
ahasenackwhich script? From ubuntu, or from your provider?12:22
soahcccfrom the provider :D12:22
ahasenackheh12:22
ahasenackwell, mistakes happen12:23
ahasenackI'm glad you found out :)12:23
soahccctook us 2 weeks actually. we ordered new servers and our page got slower. we were like "okay, microcode update, PTI and slightly worse single core performance"... yesterday I imported 500 million records and the page was faster and we were like ._.12:24
ahasenackrbasak: hi, could you please (re)import gvfs into git? It's stale: bionic has 1.34.1-1ubuntu4, ubuntu/devel is at 1.32.1-0ubuntu1, and there is no bionic branch12:41
rbasakahasenack: running12:46
rbasakWe concluded that the importer had been stuck a while.12:46
ahasenackrbasak: when it breaks like that, it's really stuck, or crashed?12:47
rbasakI think Nish restarted it yesterday, but that's why it's behind on so many packages.12:47
ahasenacka crashing importer is easier to handle than a stuck one12:47
rbasakIt hangs on talking to Launchpad12:47
ahasenackmh12:47
rbasakI think Nish also filed a bug to investigate where we need to fix the timeouts12:47
ahasenackyes12:47
rbasakI think it's within launchpadlib somewhere12:47
ahasenackhttps://bugs.launchpad.net/usd-importer/+bug/174521112:47
ubottuLaunchpad bug 1745211 in usd-importer "launchpad outages hang the importer and scripts calling into launchpadlib" [Undecided,New]12:47
ahasenackcpaelzer just pointed me at it12:48
cpaelzerat least our answers are in sync12:48
eoli3nany help on this would be very appreciated -> https://unix.stackexchange.com/questions/419104/what-is-partuuid-from-blkid-when-using-msdos-partition-table/419116#41911613:02
eoli3nplease look at my comment of the answer13:02
eoli3ni'm trying to kickstart install without breaking existing win7 install13:03
eoli3ni'm not a end user, i need it as deploy tool13:03
eoli3nwithout any manual intervention13:03
boxrickI have had a few minor situations where 'atftp' package dies. Normally I would just use systemd and make sure the mode is restarted, or in the past used something like monit / runit to make sure the service stays up. So in the case of atftp it has an init.d script which is absorbed by systemd and ran. I would normally replace this, but is there a way of extending the option. So I can add a parameter like restart13:05
boxrickalways ?13:05
boxrickLike a systemd extends for example13:05
Odd_Blokeboxrick: Is https://askubuntu.com/questions/659267/how-do-i-override-or-configure-systemd-services what you're looking for?14:04
coreycbjamespage: i got started on b3 deps for queens. here's the list of what remains: https://paste.ubuntu.com/26459041/ . i still have a few i'm wrapping up that aren't in that list.15:40
ahasenackNivex: hi, autofs uploaded to bionic :)16:09
Nivexrock on!16:09
NivexYou want another easy one? :)16:10
ahasenacksure16:12
Nivexhttps://bugs.launchpad.net/ubuntu/+source/partman-iscsi/+bug/164165616:12
ubottuLaunchpad bug 1641656 in partman-iscsi (Ubuntu) "initramfs parameters invalid for IPv6 portal" [Undecided,New]16:12
naccrbasak: sorry, i've been afk on nhouse stuff; did you want to sync today still?18:41
rbasaknacc: I'm tied up this evening now, sorry (not you - the team meeting running over and then hit my EOD)18:49
naccrbasak: totally fine; i did get one test written that ensures we are using the right URL for the Release -> Sources lookup18:50
naccrbasak: i'll see if the scripts are dtrt, and i'll put up a MP for you to look at and we can discuss further tests from there18:50
=== devil is now known as Guest81887
sdezielis there a way to ask systemd to sanity check a given unit?22:45
naccsdeziel: systemd-analyze verify <FILE> ?22:46
naccsdeziel: per https://github.com/systemd/systemd/issues/367722:46
naccsdeziel: not sure how far you want the sanity checked :)22:47
sdezielnacc: I'm looking for a tool that will sanity check a unit and any override snippets it may have22:47
naccsdeziel: the above will only check the syntax, afaik22:47
sdezielnacc: indeed and it doesn't check the $foo.service.d directories either22:49
sdezielthanks anyway, I'll keep digging the various man pages22:49
sarnoldship it all to another system and try?22:49
sdezielsarnold: I'm cooking a puppet module to let one drop some override snippets then trigger a service restart. The sanity check is to avoid the foot gun ;)22:50
sarnoldpuppet step number one .. spin up a new server somewhere ..22:51
sarnoldhehe22:51
sdezielhttps://memegenerator.net/instance/55819969/chuck-norris-meme-testing-is-for-wimps-real-men-test-in-production22:52
sarnold:)22:53
Nivexhttp://i1.wp.com/agilescout.com/wp-content/uploads/2012/05/i-dont-test-my-code.jpg22:54
sdezielwow, someone loved it enough to create this https://www.idontalwaystestmycode.com/22:56
patdk-lapI didn't know there was another way to test code23:04
sdeziel"systemctl daemon-reload" will catch any typo in the unit but it's then too late and the bad file will be deployed23:06
ahasenacknacc: I submitted https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888463 to debian23:19
ubottuDebian bug 888463 in bind9utils "bind9utils: missing python3-ply dependency for python scripts" [Normal,Open]23:19
ahasenacktomorrow I might check what's really going on: why debhelper didn't catch that23:20
naccahasenack: what fille specifies ot upstream (e.g. requirements.txt) that ply should be used?23:23
naccahasenack: it should be generated by python3:depends, aiui23:26
ahasenackyeah, but it's not working. Not in ubuntu, nor in debian sid23:27
ahasenacksomething with bind's build system probably23:27

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!