| nacc | ahasenack: total guess, but bin/python/setup.py seems to be missing any statement of its dependnecies | 00:23 |
|---|---|---|
| TJ- | Had a strange lvm issue here. LV mirror with 2 sides plus log. Made it inactive to "lvextend -L 60G Archive/SourceCode" and then "lvchange -aly Archive/SourceCode" fails with 'device or resource busy. Eventually noticed with "lvs -a -o +devices" the attributes of the mirror sides were marked I (inconsistent) and the mlog no longer had the 'l' flag - compared to other similar mirrored LVs. Then, after | 00:25 |
| TJ- | having used the 'lvs' command, 'lvchange -aly' worked!' I'd already tried to force a resync and that hadn't helped. Any ideas what was going on? | 00:25 |
| b18c5 | do i just install squid and im on a proxy server ? or how does that work ? | 01:05 |
| tomreyn | b18c5: if you are connected to a server and install squid there then you're on a proxy server since squid is that. but i'm not sure that's what you're trying to do. | 01:10 |
| b18c5 | honestly im new on this o/s im used to windows, looking for a sense of security lol | 01:10 |
| tomreyn | installing squid will not magically provide security. in fact any extra listening service you install increases the attack surface. | 01:12 |
| tomreyn | what are you trying to achieve? | 01:12 |
| b18c5 | blocking my i.p adress | 01:13 |
| tomreyn | if you block your ip address from your server then you won't be able to connect to your server anymore. | 01:13 |
| b18c5 | sorry, i'm trying to block my i.p adress from other people | 01:14 |
| tomreyn | maybe you want to access the internet (or services on the internet) without disclosing the ip address of your router at home? | 01:14 |
| sarnold | I'd suggest grabbing a book such as TCP/IP Network Adminstration before going any further | 01:14 |
| b18c5 | mainly on irc lol i feel like a target on here | 01:15 |
| sarnold | if you wish to irc slightly anonymously then your best bet is Tor | 01:16 |
| tomreyn | also read up on "irc bouncer" | 01:16 |
| b18c5 | how would tor work ? isn't that for web browsing ? | 01:16 |
| tomreyn | tor works for any tcp protocol | 01:16 |
| tomreyn | irc is a tcp protocol, as is http(s) | 01:17 |
| b18c5 | when i whois myself though my information pops up | 01:17 |
| TJ- | b18c5: if you've a registered nickname on Freenode you can ask in #freenode for a mask | 01:17 |
| b18c5 | i did lol | 01:17 |
| sarnold | note that a mask is only a 'best effort'; if services is down when you connect it can't help. | 01:17 |
| b18c5 | i tried a vpn but that shit was confusing | 01:18 |
| b18c5 | besides that issue, how would i do a disc clean up on a linux based system ? | 01:21 |
| sarnold | sudo dd if=/dev/zero of=/dev/whatever bs=131072 | 01:22 |
| sarnold | that block size is just 128 kilobytes. there's nothing magical about that number. It's just big and a power of two. | 01:22 |
| sarnold | some guy has put together 'dban', 'derik's boot and nuke', iirc, that does something similar for all connected hard drives. | 01:23 |
| tomreyn | the names' "darik", and that's not really ubuntu related, but it's a commonly used option for overwriting hdd's. | 01:25 |
| TJ- | it's easy to do from initrd; just boot with "break=premount" and then use the shell and dd to do parallel dd's on each device | 01:25 |
| b18c5 | i think i ended up deleting and upgrading everything | 01:26 |
| sarnold | tomreyn: d'oh! thanks :) | 01:26 |
| tomreyn | sarnold: and i mixed you up with b18c5, sorry. | 01:27 |
| mbff | Hello, I'm running into an issue where my Ubuntu server is not responding to port forwarded requests. | 02:06 |
| mbff | I have disabled ufw. Nginx for example works on the lan and localhost but not from wan | 02:06 |
| sarnold | what error messages do you get onthe clients and the server? | 02:07 |
| mbff | nothing, it just hangs | 02:07 |
| mbff | I see the packets hit with tcpdump, but curl hangs | 02:07 |
| HateNetPlan | Hello, I asked this over in #ubuntu and they directed me here. I am trying to convert my /etc/network/interfaces to netplan, and am having trouble getting the routes to work the same. I was hoping someone would be able to help me make a new netplan yaml file based on my old config. Here is a picture of it (with netmask having a typo, woops) https://puu.sh/z9RAL.png | 06:21 |
| cpaelzer | goot morning | 06:28 |
| cpaelzer | taking a look HateNetPlan ... | 06:28 |
| HateNetPlan | Good to hear! | 06:28 |
| nacc | cpaelzer: thanks | 06:28 |
| cpaelzer | get to bed nacc! | 06:29 |
| nacc | cpaelzer: yeah :) | 06:29 |
| mason | HateNetPlan: FWIW, I don't think ifupdown is going away. Merely deprecated. | 06:32 |
| mason | I plan to cling to it like grim death. | 06:32 |
| nacc | mason: +1 | 06:32 |
| nacc | i believe the default on fresh installs may have switched, or might switch, or something | 06:33 |
| HateNetPlan | Someone will save it, that much I am sure | 06:33 |
| nacc | but upgrades should keep ifupdown going forward | 06:33 |
| nacc | and you can always install it manally | 06:33 |
| HateNetPlan | Ubuntu 17.10 swapped already | 06:33 |
| cpaelzer | yes | 06:33 |
| HateNetPlan | It's default netplan | 06:33 |
| cpaelzer | it is no more there by default | 06:33 |
| cpaelzer | ifup/down | 06:33 |
| cpaelzer | but still exists | 06:33 |
| cpaelzer | HateNetPlan: as you already found hooks no more directly exist in netplan (as some of the backends don't have them) | 06:35 |
| cpaelzer | see https://wiki.ubuntu.com/Netplan#Frequently-asked_questions | 06:35 |
| cpaelzer | so for your case the recomended way is to encode the former logic in systemd services afaik | 06:35 |
| cpaelzer | like https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ and such | 06:35 |
| cpaelzer | it is a bad time of the day - afaik cyphermox works on converting some packages with hooks | 06:36 |
| cpaelzer | I know they work on a how-to describing how to convert several old cases | 06:36 |
| cpaelzer | but it doesn't exist yet (not that I'd know of) | 06:36 |
| cpaelzer | HateNetPlan: I assume based on your eni-rule you wanted it to push/pop the routing rule every time it does up/down | 06:37 |
| HateNetPlan | Yes. | 06:37 |
| cpaelzer | to my lack of good phrasing netplan is meant to provide one simple config so that you don't mind to have to understand networkd and/or networkmanager - so you become independent where you are for the most common cases | 06:41 |
| cpaelzer | I think we can agree that your case is interesting, but maybe not the most common one | 06:41 |
| cpaelzer | netplan doesn't prevent you to use any special backend features | 06:41 |
| cpaelzer | so on a server it would render to systemd-networkd | 06:41 |
| cpaelzer | I wonder if we could express it there somehow | 06:42 |
| cpaelzer | but https://www.freedesktop.org/software/systemd/man/systemd.network.html is rather lengthy for a fast "ah there it is" :-) | 06:42 |
| HateNetPlan | Maybe I should have started around there haha, spent more time then I care to admit on this | 06:42 |
| HateNetPlan | Thanks by the way. Now that it can even connect to the internet I can grab ifupdown as a backup | 06:48 |
| cpaelzer | HateNetPlan: like this maybe as a start https://serverfault.com/questions/667319/systemd-networkd-and-direct-routes | 06:48 |
| cpaelzer | if you want to go on trying to convert it fully | 06:49 |
| HateNetPlan | Actually, based on that link | 06:49 |
| HateNetPlan | That explains how much lxc is connected correctly | 06:49 |
| HateNetPlan | Because that's how the .network file looks | 06:50 |
| HateNetPlan | Ok, well I need sleep. It's 1 am for another day in a row, and I am just happy someone was able to help me | 06:51 |
| HateNetPlan | I'll leave this open just to look back later to be sure | 06:51 |
| cpaelzer | good luck on your way to a nic rename one day :-) | 06:52 |
| lordievader | Good morning | 06:58 |
| cpaelzer | hi lordievader, great Friday morning to you as well | 06:58 |
| lordievader | Hey cpaelzer How are you doing? | 07:01 |
| cpaelzer | good | 07:03 |
| cpaelzer | after all - its Friday :-) | 07:03 |
| lordievader | Indeed | 07:03 |
| rzo1 | Any plans on https://bugs.launchpad.net/ubuntu-release-notes/+bug/1531864 in the near feature? I think, people should decide themself, if they want to enable http2 support for there Apache2 from official packages... | 08:25 |
| ubottu | Launchpad bug 1531864 in Release Notes for Ubuntu "HTTP/2 disabled in Apache httpd" [Undecided,Fix released] | 08:25 |
| cpaelzer | rz_o1: yeah | 10:26 |
| cpaelzer | rz_o1: that is done actually | 10:26 |
| cpaelzer | well I need to read the details of the bug you linked, but I enabled http2 for apache in 18.04 | 10:27 |
| rz_o1 | any plans for 16.04 too? :) but i am glad to here that for 18.04 | 10:28 |
| cpaelzer | rz_o1: not that I'd know of any 16.04 plans for it | 10:29 |
| cpaelzer | the security maintenance ack for the http2 lib that is used only covers the version in bionic onwards | 10:29 |
| cpaelzer | nginx had it earlier since they use a different implementation which was ack'ed before | 10:30 |
| cpaelzer | by getting nghttp2 not only apache but also curl got http2 now - so you get a test tool against http2 with it as well now | 10:30 |
| rz_o1 | ok thansk for the info | 10:36 |
| cpaelzer | yw | 10:36 |
| jamespage | coreycb: I've done all of those dep updates apart from os-vif - which is being awkward with unit tests under py3 | 11:38 |
| jamespage | working that atm | 11:38 |
| jamespage | tobasco: hi expect to get to re-adding the py2 compat patckage for gnocchi next week when we do m3 | 11:38 |
| jamespage | coreycb: re pxc-5.7 - I'm fairly happy with my branch now - its in https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3110 | 11:41 |
| ahasenack | nacc: indeed (wrt python3-ply), this fixed it: https://pastebin.ubuntu.com/26463772/ | 12:06 |
| coreycb | jamespage: great, thanks. I'll take a look at 5.7 and try it out. i see a lot of b3's are out too so i'll plan on starting on those today. | 12:31 |
| coreycb | jamespage: i'm getting started on b3's | 13:08 |
| ahasenack | rbasak: hi, could you please kick an import of sssd into git-ubuntu? 1.16.0-5 showed up in debian unstable | 13:43 |
| ahasenack | g-u still has 1.16.0-3 | 13:43 |
| rbasak | ahasenack: running | 13:43 |
| ahasenack | thx | 13:43 |
| jamespage | coreycb: bah minor upgrade issue from 5.6->5.7 - that split out of wsrep.cnf is going to break things so will drop it | 13:51 |
| coreycb | jamespage: ok that's fine with me | 13:51 |
| tobasco | jamespage: cool, thx for the update, i will make sure to work on the puppet side when its available | 13:51 |
| rbasak | ahasenack: should be done | 13:55 |
| ahasenack | rbasak: hm, pkg/debian/sid is still at 1.16.0-3 instead of 1.16.0-5. LP could be lagging behind then? | 13:56 |
| rbasak | ahasenack: yes: https://launchpad.net/debian/+source/sssd | 13:56 |
| ahasenack | ah, I see | 13:57 |
| jamespage | coreycb: btw did you confirm that pxc 5.7 is broken with gcc-7 or was that a forward copy from pxc 5.6? | 14:01 |
| coreycb | jamespage: i think i confirmed that but it's been a while so i'm not positive | 14:02 |
| coreycb | jamespage: i feel like it had compile errors with gcc-7 | 14:04 |
| === zhhuabj_ is now known as aabb | ||
| xchat | hi | 15:40 |
| xchat | i would like to know how we can custom package on a OS ISO ? | 15:40 |
| xchat | like that all require package are ready on the OS by defautl | 15:41 |
| ahasenack | rbasak: when you have a moment, could you chime in on my zstd branches that are up for review? | 16:54 |
| ahasenack | rbasak: cpaelzer already did, but you have way more context | 16:54 |
| ahasenack | rbasak: btw, cpaelzer's needs-fixing were addressed (I had forgotten to run update-maintainer) | 16:54 |
| ahasenack | rbasak: and one more thing for your queue, if you could: I'd like to know if having a build-dep on python3-distutils-extra (universe) for landscape-client (main) in bionic is ok: https://bugs.launchpad.net/landscape-client/+bug/1743562 | 16:55 |
| ubottu | Launchpad bug 1743562 in Landscape Client "build-dependency on universe package: python3-distutils-extra" [Medium,New] | 16:55 |
| ahasenack | I think it's used just when building the package and no code from it will be used at runtime, and I think that's accepted, but I wanted to be sure | 16:56 |
| rbasak | OK | 16:59 |
| nacc | ahasenack: yep, makes sense | 17:03 |
| nacc | ahasenack: seems like an upstream bug then? | 17:03 |
| nacc | cpaelzer: we had a separate discussion on this, and mayb ewill backport it to 16.04 | 17:04 |
| nacc | cpaelzer: but only if we backport nghttp2 as in bionic to it, as well | 17:04 |
| nacc | rbasak: around? | 17:04 |
| rbasak | nacc: o/ | 17:06 |
| nacc | rbasak: HO? | 17:06 |
| rbasak | We can sync? | 17:06 |
| rbasak | Yep. Two minutes | 17:06 |
| nacc | rbasak: yeah | 17:06 |
| nacc | sure | 17:06 |
| rbasak | Standup HO? | 17:06 |
| nacc | rbasak: yep | 17:06 |
| ahasenack | nacc: bind? Yes, I filed it upstream and with debian | 17:12 |
| nacc | ahasenack: yeah cool | 17:12 |
| ahasenack | nacc: right now, that is our only delta with debian :) | 17:13 |
| nacc | ahasenack: seems fien :) | 17:13 |
| ahasenack | rbasak: the importer picked up sssd 1.16.0-5 \o/ | 17:21 |
| ahasenack | 30 minutes ago | 17:21 |
| ahasenack | DSC file for 1.16.0-5 | 17:21 |
| ahasenack | nice | 17:21 |
| boxrick | Is there any reason that loads of services still exist in /etc/init.d when a real systemd service would be much more suitable? | 18:12 |
| ahasenack | nothing specific, no | 18:14 |
| ahasenack | some packages even ship both | 18:14 |
| ahasenack | nacc: hmm, old/debian seems wrong in this output, no? https://pastebin.ubuntu.com/26465717/ | 18:18 |
| ahasenack | it should have been 1:9.10.3.dfsg.P4-12.6 | 18:18 |
| sdeziel | boxrick: not every packages are shipping systemd units. | 18:28 |
| ahasenack | nacc: ah, it's a difference between the current snap and the code from the MP with the branch ubuntu-package-merge-base | 18:28 |
| ahasenack | the branch gets it right | 18:28 |
| ahasenack | $ ~/git/projects/usd-importer/bin/git-ubuntu merge start --tag-only pkg/ubuntu/devel -f | 18:29 |
| ahasenack | 01/26/2018 16:28:20 - INFO:Created tag old/ubuntu for version 1:9.10.3.dfsg.P4-12.6ubuntu1 | 18:29 |
| ahasenack | 01/26/2018 16:28:20 - INFO:Created tag old/debian for version 1:9.10.3.dfsg.P4-12.6 | 18:29 |
| ahasenack | 01/26/2018 16:28:21 - INFO:Created tag new/debian for version 1:9.11.2.P1-1 | 18:29 |
| sdeziel | boxrick: if you know how to create systemd units, you could propose those to the package maintainer in Debian | 18:29 |
| ahasenack | nacc: but then the lint from that branch gets it wrong again | 18:31 |
| Epx998 | is there any known issues upgrading to a 4.4.x kernel on a stock trusty server? the upgrade is failing and I am getting stuck in initramfs after a restart | 18:52 |
| ahasenack | have you tried regenerating the initramfs? | 18:53 |
| ahasenack | did you also look for disk full issues, specially in /boot? | 18:53 |
| Epx998 | i ran update-grub, dont think ive ever needed to regenerate that before | 18:54 |
| ahasenack | (if you have that as a separate partition) | 18:54 |
| Epx998 | we do, but never had an apt-get install linux-image... error before | 18:54 |
| genii | I had some weirdnesses lately with this. It tried to do Grub1 things when the machine is actually using GRUB2. Like, it wanted to do changes to menu.lst | 18:56 |
| Epx998 | lets see if this works, round 2. | 19:01 |
| Epx998 | im scared to reboot lol | 19:01 |
| Epx998 | nope failed | 19:03 |
| Epx998 | seeing if i can do it at preseed | 19:07 |
| ahasenack | Epx998: did you check the things I mentioned? | 19:13 |
| ahasenack | update-grub doesn't regenerate the initramfs file, fwiw | 19:13 |
| Epx998 | yeah on a reimage, I ran update initramfs -c -k linux-image-4.4.0-31-generic | 19:14 |
| Epx998 | then update-grub again, rebooted | 19:15 |
| sdeziel | Epx998: "update-initramfs -uk all" is what I use usually | 19:15 |
| ahasenack | it can't find the root device/fs? | 19:15 |
| ahasenack | yeah, -k all | 19:15 |
| ahasenack | to avoid silly mistakes typing the kernel version | 19:16 |
| Epx998 | I saw the all option, I wasnt sure about it | 19:16 |
| ahasenack | but it could break your older kernel/boot | 19:16 |
| Epx998 | i added a d-i option to my preseed to use the kernel i want, its restarting now | 19:16 |
| ahasenack | I'm assuming you are rebooting into that | 19:16 |
| ahasenack | or it's a new install? | 19:16 |
| sdeziel | the -k option wants only 4.4.0-31-generic (aka uname -r) | 19:16 |
| Epx998 | new install | 19:16 |
| ahasenack | ah | 19:16 |
| ahasenack | this 4.4.x is an hwe kernel? | 19:16 |
| Epx998 | no just out of the repo after a new install | 19:17 |
| sdeziel | you said it was a trusty server so a 4.4 outta be a HWE one | 19:17 |
| Epx998 | same result with a preseedf | 19:17 |
| Epx998 | funny thing is my installer image is using 4.4 heh | 19:18 |
| Epx998 | ill try again manually with the -uk all, if that fails ill hand off with the stock image and let dev deal with it | 19:19 |
| sdeziel | Epx998: with 14.04, at some point release the ISO got the HWE kernel added IIRC | 19:20 |
| Epx998 | sdeziel: this is a pxe/netboot install | 19:20 |
| sdeziel | Epx998: then you must be shipping a 4.4 vmlinuz ;) | 19:21 |
| sdeziel | running "file vmlinuz" on the pxe box should tell you | 19:22 |
| Epx998 | pxe box? you mean tftp server? | 19:23 |
| sdeziel | yes | 19:23 |
| Epx998 | yeah i remade my netboot images, trusty is using an updated 4.4 | 19:24 |
| Epx998 | i think even my precise images are 4.4 | 19:24 |
| Epx998 | wait no | 19:24 |
| Epx998 | but trusty is yeah | 19:24 |
| sdeziel | Epx998: I'd try https://askubuntu.com/questions/953430/using-preseed-how-do-i-select-the-hwe-kernel with sed 's/hwe-16.04/lts-xenial/' | 19:26 |
| Epx998 | hwe kernel is married to a specific version right? | 19:28 |
| sdeziel | Epx998: for Trusty, the HWE kernel you'll get will always be a 4.4 one | 19:29 |
| sdeziel | I think that earlier some other older versions were made available but they are now superseeded by the one backported from Xenial | 19:30 |
| sdeziel | https://wiki.ubuntu.com/Kernel/LTSEnablementStack#Kernel.2FSupport.A14.04.x_Ubuntu_Kernel_Support shows it well | 19:31 |
| Epx998 | ok reinstalled, about to do the kernel | 19:32 |
| Epx998 | so give linux-hwe-generic-trusty a try? | 19:32 |
| sdeziel | not sure such package exist | 19:33 |
| Epx998 | that was in my search for anything hwe | 19:34 |
| sdeziel | sorry, you are right it does exist | 19:34 |
| Epx998 | trying this 1 last time with "update-initramfs -uk all" | 19:35 |
| sdeziel | the HWE wiki page mentions "linux-generic-lts-trusty" though | 19:35 |
| Epx998 | yeah I saw that to | 19:35 |
| Epx998 | well fiddlesticks | 19:39 |
| sbeattie | the version in the name is the release version the kernel is based off of. for 14.04, to get the 4.4 kernel, you want linux-image-generic-lts-xenial. | 19:39 |
| Epx998 | sudo apt-get install --install-recommends linux-generic-lts-xenial | 19:40 |
| Epx998 | - this just aborts after I type 'y' heh | 19:40 |
| Epx998 | ok reboot with lts-xenial | 19:42 |
| Epx998 | i think that one worked | 19:44 |
| Epx998 | now to see if the ixgbe driver builds | 19:44 |
| Epx998 | ah no need, awesome. i think this is as close as ill get to what dev wants | 19:45 |
| akern07 | How do you set up new users for FTP or SFTP to only have access to a certain folder? (ex: /var/www/html) | 19:55 |
| dlloyd | chroot is the safest way | 19:56 |
| sdeziel | akern07: openssh has a nice way to do chrooted SFTP, man sshd_config and search for "internal-sftp" | 20:00 |
| akern07 | Thanks I'm going to try that out | 20:00 |
| Epx998 | ok thanks for the help, i think i got these 2 hosts where they need to be | 20:07 |
| sdeziel | great | 20:08 |
| nacc | ahasenack: please file bugs, i'm not context switched in | 20:47 |
| nacc | powersj: is there any equivalent to pytest's parameterize that unittest supports? Or do we nneed to use a framework (either pytest or nosetest) to do it? | 20:59 |
| powersj | nacc: I don't recall there being a direct way | 21:02 |
| nacc | powersj: found it (subTest() context manager) | 21:02 |
| nacc | it's new in 3.4 | 21:02 |
| powersj | ah | 21:02 |
| nacc | https://docs.python.org/3/library/unittest.html#distinguishing-test-iterations-using-subtests | 21:02 |
| nacc | means i can drop one import from my newe tests :) | 21:03 |
| Epx998 | i have to try for 4.4.0-31 again | 21:40 |
| nacc | powersj: what's the preferred layout for tests? if testing script.py, script_test.py? | 22:01 |
| powersj | nacc: I prefer tests in the same directory as code and name_test.py as you state | 22:03 |
| nacc | powersj: ack | 22:03 |
| Epx998 | my workmate tried 4.4.0-31, might be we need extras as well, which ive not seen that req before | 22:12 |
| Epx998 | yeah added the extras results in the happy path | 22:30 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!
