[00:45] <Saad> Hey, there's anyone running 17+?
[00:45] <Saad> There's no /etc/rc.local anymore?
[00:58] <leftyfb> How can I block all broadcast traffic from a particular vlan? My setup is an interface with 2 tagged vlans but only 1 configured for use. I'd like to block all the ARP and UDP traffic on the unused vlan
[05:59] <netham46> Any way to run a headless XDMCP server in a VM?
[06:00] <netham46> End goal is to have 3 or 4 crappy PCs act as thin clients on the same network as the VM.
[06:01] <netham46> End-end goal is to get a PXE boot going where they boot and just connect over XDMCP to it.
[06:11] <cpaelzer> good morning
[06:49] <OpenTokix> Saad: There is none, but if you make it - it will get run
[10:07] <cfnc> Hello guys. Sorry for the question, I made a big mistake. I disabled sudo group to use sudo command from /etc/sudoers but I've never setted a root password.... How can I recover the system without reinstalling the whole os? Could I chroot into the system and change root password?
[10:07] <cpaelzer> cfnc: yes if you can boot from something else (usb/cd) then you can chroot in
[10:08] <cfnc> cpaelzer: I'm going to try...
[10:08] <cpaelzer> cfnc: if you have no other setup that prevents you to mount your disk (encryption, complex multipath/raid/...) then you can also boot  into bash directly
[10:09] <cpaelzer> cfnc: see https://askubuntu.com/questions/24006/how-do-i-reset-a-lost-administrative-password
[10:17] <cfnc> cpaelzer: okay I chrooted into system and I changed the password for root user. Thank you ;)
[10:57] <ccha> hello I have an OUT OF DISK SPACE when I run apt update. But there are more than 7Gb free for /var and 3% inode use
[10:58] <ccha> I don't understand why I got the OUT OF DISK SPACE
[11:30] <cpaelzer> ccha: you can be out of space or out of blocks, also you might be out of space on other than /var
[11:30] <cpaelzer> https://serverfault.com/questions/275206/disk-full-du-tells-different-how-to-further-investigate is a common issue
[11:30] <leftyfb> ccha: check /boot
[11:30] <cpaelzer> ccha: but you might just strace the call and see which actually gives you the ENOSPACE
[12:17] <ccha> ok it wasn't out of space on my server but on the proxy and it was a http message
[12:48] <MitchT> when is the next azure image due to 'go out'
[12:48] <MitchT> for ubuntuserver
[12:48] <MitchT> the last daily is from the 15th
[14:03] <vimes> hello! I am running a small ubuntu webserver hosting now 5 websites, I was told by ...some dude, that the way I do things now. SSHing inn and doing manual config is a horribly bad idea and that I should look into ansible instead. So I'll ask you guys, does me learning ansible to manage one webserver make sense? I usually don't get crashes as I just test things localhost first
[14:04] <leftyfb> ansible would be helpful to rebuild from scratch
[14:04] <leftyfb> other than that, not really
[14:06] <rbasak> vimes: I think so. Having a codified deployment is useful when upgrading to a new release too, which you have to do every so often to maintain security support.
[14:07] <rbasak> You can do a do-release-upgrade, but that just leads to your server getting messier over time with less visibility of what's on it and how to rebuild it.
[14:07] <rbasak> And that typically leads to a bunch of legacy most people could do without.
[14:07] <vimes> mmm is ansible the "recomended by you" way to go? I've never used automation tools beyond home cooked bash scripts and cron before
[14:08] <rbasak> I'm not familiar with ansible specifically. It seems pretty popular, but so do all the alternatives.
[14:08] <rbasak> IMHO, for a small deployment, it doesn't really matter as long as it's flexible enough for you, and the simpler the better.
[14:08] <rbasak> For a tiny deployment, a shell script is fine.
[14:09] <rbasak> (or even some handwritten instructions for that matter)
[14:36] <Ussat> TBH, one server, 5 sites, home cooked scripts are fine
[14:40] <Odd_Bloke> smoser: So regarding https://bugs.launchpad.net/cloud-images/+bug/1756420, I'm wondering if we need to defer this to next cycle.
[14:40] <Odd_Bloke> This seems more complex than a drop-in replacement, and I don't think our team has the cycles to do anything about this before then.
[14:41] <MitchT> Odd_Bloke.. do you / your team control the release of versions to azure
[14:42] <MitchT> .. timing.. release timing
[14:47] <Odd_Bloke> MitchT: Yep, we're responsible for the automation that does the releases.
[14:48] <Odd_Bloke> MitchT: On your issue from last week, I believe it was a cloud-init bug that has been resolved; the latest/next image should work.
[14:48] <MitchT> Ok. I was noticing that the images don't really line up with a specific pattern. Sometimes its one day, others its more than two
[14:49] <MitchT> just trying to learn more about the process since its integral to how our systems deploy.   They are rebuilt completely during each deployment.
[15:02] <smoser> Odd_Bloke: I kind of have to agree.
[15:02] <smoser> the other option is to just rip it out of cloud-init source at least
[15:03] <Odd_Bloke> MitchT: I'm in a meeting ATM, but I'd be happy to chat about it a bit once I'm done.
[15:04] <Odd_Bloke> smoser: You're thinking a separate source package, or a large Ubuntu delta in pv-grub-menu?
[15:05] <smoser> separate source package.
[15:05] <smoser> named grub-legacy-ec2 just not provided by cloud-init.
[15:05] <smoser> mainly i'd really like to get that out of my ownership
[15:07] <Odd_Bloke> smoser: I'd be +1 on that.
[15:14] <smoser> Odd_Bloke: i might try to do that then.
[15:14] <smoser> and then assign ownership to foundations in some way.
[15:40] <adac> I'm following this howto:  https://unix.stackexchange.com/questions/198003/set-default-kernel-in-grub/224708#224708 but there is always just the newest kernel booted still
[15:40] <adac> any ideas?
[15:40] <adac> I'm on 16.04 btew
[15:40] <adac> *btw
[15:44] <MitchT> Odd_Bloke i'll be out from 12-1 EST (its 15 till 12 now here) can you meet up later with me on here? i'm interested to know how the images are created that we consume.
[15:44] <MitchT> just DM me a time
[15:45] <dpb1> adac: any ideas on what? :)
[15:46] <nacc> dpb1: 08:40 < adac> I'm following this howto:
[15:46] <nacc> https://unix.stackexchange.com/questions/198003/set-default-kernel-in-grub/224708#224708 but there is always just the newest kernel booted still
[15:46] <dpb1> ah
[15:46] <dpb1> I missed the bit after the link
[15:47] <adac> :)
[15:48] <adac> Still happy if anyone has an idea ;)
[15:49] <nacc> adac: have you checked the result of the sed, etc?
[15:49] <nacc> adac: that is, the count matches what you want it to ?
[15:49] <adac> nacc, actually I tried with sed but also with hand
[15:49] <adac> just adding number with vim
[15:50] <adac> but both did not work actually
[15:50] <nacc> adac: can you pastebin your /etc/default/grub, and your /boot/grub/grub.cfg ?
[15:50] <adac> nacc, ok gimme a sec
[15:51] <ndac> needs more confustion.
[15:51] <MitchT> hahaha
[15:52]  * MitchT nice use of the me command
[15:52] <MitchT> OH!
[15:52] <MitchT> what the.
[15:52] <adac> nacc, https://gist.github.com/anonymous/d331b098ab22acd9212bd083099ffa88
[15:52] <MitchT> ok. confused myself.
[15:53] <adac> nacc, https://gist.github.com/anonymous/79aa39d649180b468b5601b5f95425f0
[15:53] <dpb1> adac: I'd actually look at the top upvoted answer.  it looks like 'GRUB_DEFAULT' can be used to point to a specific menuentry-id
[15:53] <dpb1> adac: in /etc/default/grub
[15:53] <nacc> adac: and, to be sure, you're running `update-grub` after, right?
[15:53] <adac> nacc, yes i did
[15:53] <adac> dpb1, yes I set it to 3
[15:54] <dpb1> adac: no, somethign like this:
[15:54] <dpb1> GRUB_DEFAULT="gnulinux-advanced-65c9af03-3d9b-411c-99b2-a9ada0961a40>gnulinux-4.7.0-1-amd64-advanced-65c9af03-3d9b-411c-99b2-a9ada0961a40"
[15:55] <nacc> adac: i don't believey you have a 3rd menu entry
[15:55] <dpb1> adac: thus making the simple index you are using "3" as not valid
[15:55] <nacc> adac: i'm not 100% on how grub does it, but you have a top menu then a submenu after it
[15:55] <nacc> i'm not sure it linearly indexes those
[15:55] <dpb1> basically, you see the '>' character?  that is traversing the menu
[15:56] <nacc> yeah, i think referring by name is better
[15:56] <nacc> i believe you can actually do it with just the id, dpb1
[15:56] <adac> nacc, this was the ouptutof this awk
[15:56] <dpb1> nacc: yes, I think so
[15:56] <nacc> the $menuentry_id_option thing
[15:56] <dpb1> nacc: like 2>4 or something
[15:56] <adac> https://gist.github.com/anonymous/3b01096d9a2f28e4594657ac6834914d
[15:56] <nacc> dpb1: even less than that, you can just use teh unique global id of 4 (iirc)
[15:56] <adac> so that is why I used #3
[15:56] <dpb1> nacc: maybe, have not tried
[15:57] <dpb1> nacc: but I hope you are right
[15:57] <nacc> dpb1: it should be possible, if it's not :)
[15:57] <dpb1> +1
[15:57] <nacc> adac: yeah, i'm not 100% convinced that awk is right
[15:57] <nacc> it's assumign a flat grub.cfg and flat parsing of the indices
[15:57] <adac> nacc, would you say it is 2 then :)
[15:57] <nacc> adac: no
[15:57] <nacc> adac: read the answer right after that linnk
[15:57] <dpb1> adac: I would not trust the answer you linked to.  I would use the top upvoted one
[15:58] <nacc> "the indices you can set with grub-set-default only correspond to the main menu entries"
[15:59] <adac> dpb1, but this a server i access only via ssh I cannot  slect this manually on boot
[16:00] <dpb1> manually?
[16:00] <dpb1> adac: the top upvoted answer describes how to modify /etc/default/grub
[16:00] <dpb1> https://unix.stackexchange.com/a/327686/9160
[16:00] <adac> sorry was in the wrong tab
[16:00] <adac> you are right
[16:00] <dpb1> np
[16:01] <dpb1> I mean, I haven't tried it, but it looks like a sane general approach to fixing this problem.
[16:01] <adac> which number has it then^^
[16:01] <sdeziel> adac: if it's a one off test, you can directly editing grub.cfg to reorder the kernels, quick and dirty but should work
[16:01] <adac> https://gist.github.com/anonymous/7bfbeedca71672e6411b5a8404a5d283
[16:04] <adac> sdeziel, kk thanks
[16:05] <adac> i tried now: 0,1,2,3
[16:05] <sdeziel> adac: that said, at one point I was able to pick a submenu item by editing /etc/default/grub so it should work (sometimes ;))
[16:05] <Odd_Bloke> MitchT: Instead of having a time, I think we can just do this asynchronously here.
[16:06] <adac> nothing of thsoe works it always the newest kernel booted
[16:06] <Odd_Bloke> MitchT: Briefly, we produce a new daily whenever there are changes to packages in the image; for the development series this is generally every day, but for released series this can be further apart.
[16:07] <dpb1> adac: are you running update-grub after?
[16:07] <dpb1> or are you leaving it alone
[16:07] <Odd_Bloke> MitchT: Once that daily has been built, we then consider whether it's a candidate for release; if the packages changed affect first boot (e.g. the kernel, cloud-init), then we also register the image as a release.
[16:08] <adac> dpb1, jepp
[16:08] <Odd_Bloke> MitchT: We will also manually trigger releases for specific reasons; this most commonly happens for security fixes to packages which aren't in our regular promotion set.
[16:08] <dpb1> adac: which
[16:09] <Odd_Bloke> MitchT: That's a high-level overview; please do ask me any questions that you have. :)
[16:09] <adac> dpb1,
[16:09] <adac> which update-grub
[16:09] <adac>  /usr/sbin/update-grub
[16:10] <dpb1> adac: update-grub is reverting your changes, unless I'm misunderstanding you?
[16:12] <adac> dpb1, I edit the /etc/default/grub file and add the number there. then run update-grub
[16:12] <adac> then reboot
[16:12] <adac> and it is always the newest kernel booted
[16:12] <adac> vmlinuz-4.13.0-36-generic
[16:12] <dpb1> adac: and when you run update-grub, do you notice that grub.cfg reverts the file??
[16:12] <dpb1> err, *that grub.cfg is reverted?
[16:13] <dpb1> update-grub rewrites grub.cfg.  That's its job.
[16:15] <TJ-> adac: which entry do you want to boot from?
[16:15] <adac> dpb1, hmm I see. actually when I run update-grub the grub.cfg is reqritten according to the date
[16:15] <dpb1> adac: yes
[16:15] <TJ-> adac: I find it better to use menuentry names e.g. I have for an entry 2 sub-menus in: GRUB_DEFAULT="Advanced options for Ubuntu 16.04.4 LTS>Linux Mainline-RC for Ubuntu 16.04.4 LTS>Ubuntu 16.04.4 LTS, with Linux 4.16-rc3-pci_bridge"
[16:16] <adac> TJ-, yes and this stopped my server from booting
[16:16] <adac> I only had time now today again to test this out
[16:16] <dpb1> adac: if you are modifying /etc/default/grub, you then need to run 'update-grub', if you are modifying /boot/grub/grub.cfg, you should not
[16:16] <adac> dpb1, yes that is what i did
[16:16] <dpb1> (modifying /boot/grub/grub.cfg is not a long term fix for just that reason)
[16:16] <dpb1> it's for testing out
[16:17] <adac> Can i remove the current kernel I'm logged in with?
[16:17] <adac> just for testing
[16:17] <dpb1> and it's why I have suggested that you not follow the path you are proceeding with. :)
[16:17] <adac> since I have only two then the old one must be booted :D
[16:17] <dpb1> adac: yup, you can also do that for testing
[16:17] <dpb1> sure
[16:18] <adac> sudo dpkg --purge linux-image-4.13.0-36-generic
[16:18] <adac> would that do the trick?
[16:19] <dpb1> I don't know what kernels you have installed, but that is a way to remove one kernel
[16:20] <dpb1> and then follow up with apt-get autoremove
[16:20] <adac> dpb1, these two https://gist.github.com/anonymous/15cd1ee35967a363e068a07df65333cf
[16:20] <adac> ok thanks
[16:22] <adac> lets see what is happening now :D
[16:22] <TJ-> adac: You either use the menuentry titles as I showed "Advanced options for Ubuntu>Ubuntu, with Linux 4.4.0-116-generic or use numbers "0>2"
[16:22] <adac> rebooting
[16:22] <adac> TJ-, yeah maybe I made  a copy paste error
[16:23] <adac> TJ-, "0>2" means?
[16:23] <adac> ok removing the kernel fixed it
[16:23] <TJ-> adac: 0 == first sub-menu, 2 == 3rd entry in that sub-menu
[16:23] <adac> i'm now in the old kernel!
[17:25] <MitchT> Odd_Bloke: Thanks, that goes a long way towards explaining the cycle. I'm trying to learn what to look for before I release so i'm not ending up being that guy going "whens it happening? Whens the next one" etc.
[17:31] <MitchT> before *a* release.. not I release.
[17:38] <Odd_Bloke> MitchT: The kernel is most often what causes an automated release; new kernels are released on a three week cadence.
[18:31] <MitchT> Odd_Bloke: any chance you could kick off a release with the fix to cloud init
[19:03] <Odd_Bloke> MitchT: Well, we don't do releases for bionic, because it hasn't released yet.
[19:03] <Odd_Bloke> But I have unblocked the daily, which was hung up on an unrelated issue.
[19:18] <nacc> Odd_Bloke: can you make a note to yourself to sync ruby-delayed-job as soon as b+1 opens?
[19:18] <nacc> Odd_Bloke: i'm syncing the other two i sponsored that are no-feature changes that took the same fixes as your uploads
[19:22] <Odd_Bloke> nacc: Sure thing.
[19:22] <nacc> Odd_Bloke: thanks!
[19:22] <nacc> Odd_Bloke: debian went to a different upstream version, and it'
[19:22] <nacc> *it's not trivial to me if we'd need a FFe and that's probably not worth it :)
[19:24] <MitchT> Odd_Bloke I appreciate all the help.
[19:24] <Odd_Bloke> Agreed.
[19:24] <Odd_Bloke> MitchT: :)
[19:25] <MitchT> Do you think images will be created by April 10th
[19:25] <MitchT> ones that work :P
[19:49] <Odd_Bloke> MitchT: The most I'm going to commit to is that we'll have images by release (i.e. April 26th per https://wiki.ubuntu.com/BionicBeaver/ReleaseSchedule).
[19:49] <Odd_Bloke> (But we will certainly have working images before that. :p)
[19:52] <MitchT> :)
[20:23] <Goop> Are there Oauth server packages for Ubuntu, or is Oauth just a concept, and you have to make your own application?
[20:34] <dpb1> Goop: OAuth is a protocol, there are most likely a lot of packages that implement that protocol for various purposes.  like, php, python, etc.
[20:36] <dpb1> not to mention many packages that need user login would make use of an OAuth provider to handle user auth, probably making use of those language-specific implementations.
[20:55] <Goop> dpb1, may I ask for help on implementing an authentication setup for my situation?
[20:56] <dpb1> probably beyond the scope of the expertise in this channel.
[20:56] <dpb1> but, you could certainly ask
[21:32] <Odd_Bloke> MitchT: The latest Azure image booted for me and was able to SSH in to it, FYI.
[21:33] <rud0lf> hello. is there an (un)official guide for newbie server admins? i know ubuntu itself as a desktop client, i know some about computers, i can script
[21:34] <rud0lf> all i need to know is how to secure and audit
[21:34] <nacc> lol
[21:34] <nacc> rud0lf: "all" :)
[21:34] <rud0lf> too wide?
[21:34] <nacc> rud0lf: that is a full-time position at most companies
[21:34] <rud0lf> lol
[21:34] <rud0lf> i mean basics
[21:34] <rud0lf> like, giving someone shell account, restrict some binaries
[21:34] <rud0lf> executables, i mean
[21:35] <rud0lf> or how to parse auth.log and make it more verbose
[21:35] <rud0lf> nacc: consider me as a server toddler
[21:35] <nacc> rud0lf: https://help.ubuntu.com/lts/serverguide/
[21:35] <sarnold> rud0lf: I seem to recall thinking this was reasonable guidelines https://www.ncsc.gov.uk/guidance/eud-security-guidance-ubuntu-1604-lts
[21:36] <nacc> but if you're security-focused, i was going to ask sarnold :)
[21:36] <rud0lf> thank you, hop to my favorites (links, not you guys)
[22:08] <Wolf_Y> Hey guys
[22:08] <Wolf_Y> is anyone up i have some noob-ish questions about samba and ubuntu 17.10 networking
[22:10] <dpb1> ask away
[22:12] <Wolf_Y> dpb1:  alright so i am using ubuntu server 17.10 on hyper-v manager
[22:13] <Wolf_Y> dpb1:  i strugled with networking for a bit before i figured out that making a bridgeg connection between my host pc and hyper-v can help me set up a static ip on ubuntu server
[22:13] <Wolf_Y> dpb1:  so i did that and everything seemed to woek fine
[22:14] <Wolf_Y> dpb1: then i installed samba and added some folders with right permissions and when i try to access them from my host machine they work fine
[22:14] <Wolf_Y> dpb1:  when i try to transfer small files it works
[22:14] <Wolf_Y> but when i try and transfer larger files the connection breaks
[22:14] <Wolf_Y> i think it has to do somethin with my net config
[22:14] <dpb1> yuck
[22:15] <Wolf_Y> do you maybe have an idea
[22:15] <dpb1> anything showing up in `dmesg` or /var/log/syslog?
[22:15] <dpb1> (when the connection breaks)
[22:15] <Wolf_Y> im still quite new to linux
[22:15] <Wolf_Y> so would you like me to share the outputs
[22:15] <dpb1> well
[22:16] <dpb1> you can, but make sure you pastebin
[22:16] <dpb1> !pastebin
[22:16] <dpb1> !pastebinit
[22:16] <dpb1> Wolf_Y: ^
[22:16] <Wolf_Y> alright ill use pastebin dpb1  what should i send
[22:17] <dpb1> `dmesg` and `cat /var/log/syslog`
[22:17] <dpb1> but first make sure you don't mind sharing the content
[22:17] <dpb1> it's likely fine if they are vms you are just testing with
[22:17] <Wolf_Y> dpb1:  im trying to make a media server
[22:18] <Wolf_Y> dpb1:  i supose i can share
[22:19] <Wolf_Y> dpb1: not quite sure how to coppy the output to clipboard
[22:19] <Wolf_Y> looking into it right now, sorry for making it long
[22:19] <dpb1> Wolf_Y: use pastebinit
[22:20] <dpb1> dmesg | pastebinit
[22:20] <Wolf_Y> oh okay ill try
[22:21] <Wolf_Y> http://paste.ubuntu.com/p/2yjPPFYzTS/
[22:21] <dpb1> did you type that right?
[22:21] <dpb1> does not exist
[22:21] <Wolf_Y> let me check
[22:22] <Wolf_Y> http://paste.ubuntu.com/p/ZyjPPFYzTS/
[22:22] <Wolf_Y> got it
[22:22] <Wolf_Y> now ill try it with the next one as well
[22:23] <Wolf_Y> http://paste.ubuntu.com/p/ZptqG7tkWs
[22:24] <Wolf_Y> dpb1: should i try causing the break and then do the error output again
[22:24] <Wolf_Y> clear
[22:25] <dpb1> Wolf_Y: ya, do.  and then just do     <command> | tail -100 | pastebinit    .... to only get the last 100 lines.
[22:26] <Wolf_Y> alright
[22:27] <Wolf_Y> tranfering the file
[22:29] <Wolf_Y> http://paste.ubuntu.com/p/vcv5fbrhnK//
[22:29] <Wolf_Y> http://paste.ubuntu.com/p/vcv5fbrhnK/
[22:29] <Wolf_Y> ill do the other one now
[22:29] <dpb1> Wolf_Y: interesting
[22:30] <dpb1> Wolf_Y: what time did you initiate the transfer
[22:30] <Wolf_Y> a minute ago or so
[22:30] <Wolf_Y> what do you see
[22:30] <Wolf_Y> should i do the dmesg as well
[22:30] <dpb1> run `date` on your server
[22:30] <dpb1> no
[22:30] <Wolf_Y> alright
[22:30] <dpb1> what does date say right no
[22:30] <Wolf_Y> one sec
[22:30] <dpb1> now
[22:30] <Wolf_Y> the date says
[22:30] <Wolf_Y> correct date
[22:31] <dpb1> I want the whole thing
[22:31] <dpb1> :)
[22:31] <Wolf_Y> so the whole cat
[22:31] <Wolf_Y> ?
[22:31] <dpb1> date
[22:31] <Wolf_Y> alright
[22:32] <Wolf_Y> http://paste.ubuntu.com/p/c4JqtFjzTV
[22:32] <Wolf_Y> thats date
[22:32] <dpb1> huh
[22:32] <dpb1> ok
[22:32] <dpb1> so nothing
[22:32] <Wolf_Y> so what do you say
[22:33] <Wolf_Y> would you like the dmesg
[22:33] <dpb1> no
[22:33] <Wolf_Y> ok
[22:33] <Wolf_Y> once again, the smaller files and accessing the folder works just fine
[22:34] <Wolf_Y> the permissions are 755 and 777
[22:34] <dpb1> unfortunately, the next thing I would do is a bit harder.  I'd switch samba into debug mode and do the same thing you just did.
[22:34] <dpb1> basically, start going through this
[22:34] <dpb1> https://www.samba.org/samba/docs/using_samba/ch12.html
[22:34] <dpb1> reproduce the problem, see if any interesting logs pop out
[22:35] <dpb1> if they do, I would probably take them to: samba@samba.org
[22:35] <Wolf_Y> i think ill just remove and once again try a fresh install
[22:35] <dpb1> that user list is very active
[22:35] <Wolf_Y> i now know how the server works
[22:35] <Wolf_Y> i just need to figure out the samba
[22:35] <Wolf_Y> thanks very much for your help, ill get back here tomorrow if fresh install does not help and try to debug samba
[22:36] <dpb1> k
[22:36] <Wolf_Y> see ya then
[22:36] <dpb1> o/