[00:45] Has anyone been able to get the new server installer to appear? [00:45] I have the newest daily iso but I don't get the new installer, I only get the old debian installer. [00:58] ipat8: where did you download from or whats the checksum? [00:58] i'll give this a try in a few http://cdimage.ubuntu.com/ubuntu-server/daily/20180325/bionic-server-amd64.iso [00:59] sha1: b6dad56464ad1f948fee893e0fa9385536f7fdc4 sha256: ebabb1767eabb793449fec9f94feae0486c350056f68e863ac7835660e4168c3 [01:05] i got the classic ncursrs like interface, too [01:05] also it's pretty broken [01:07] it prints in many places and keyboard detection seems to be broken, shows key codes to press instread of special characters. [01:08] localization seems to be incomplete [01:11] well, there's another month left ;-) [01:27] tomreyn: Yep that's the one I'm using, maybe a preseed issue? [01:28] ipat8: yes, maybe, i'm using it in virtualbox, can't seem to switch between VTs, but it does print some errors justr before th einstaller loads [01:30] ipat8: maybe it's actually bionic-LIVE-server-amd64 which we should be trying. [01:32] Hmm, let me grab it and see [01:32] Wait [01:32] Where do you see a bionic-LIVE-server-amd64 ? [01:32] http://cdimage.ubuntu.com/ubuntu-server/daily-live/current/ [01:33] and yes this is the one [01:33] Yep just realised what I was doing [01:33] * realized [01:33] i'm running it now [01:34] 5 languages supported so far?! [01:34] http://i.imgur.com/VMk77JS.png [01:35] english, catalan, hungarian, lithuanian, russian, if i'm getting it right. [01:36] Yep, so I'm guessing they're going to be building both, as to maintain compatibility with MAAS or preseed? [01:37] the new one also offers maas as an installation target [01:37] but maybe preseed, or backward compatibility in general. [01:37] Holy shit that's fast [01:38] No [01:38] I meant MAAS as an installation source [01:38] oh ok [01:38] It requires a debian installer for cloud-init [01:39] That was 45 seconds and it's done [01:39] That's incredible [01:39] yes it's really fast [01:39] I see why MAAS is so fast now [01:39] manual paritioner crashes for me. but then i have no disk to install to. [01:39] curtin is just magic [01:39] Are you in vbox or vmware? [01:39] vbox [01:40] Change to a SATA disk [01:40] and a SATA controller [01:41] i dont have a MAAS, so i only have SATA anyways [01:42] just added a disk, it detects it when it restarts the installer (no reboot) [01:42] i like how it installs in the background now, like the desktop installer does [01:43] and you can import ssh keys already, nice. [01:46] I'm extremely impressed, if I can script this or provide a preseed this is going to be a significant improvement in how I manage my auto installs. [01:46] how do you deploy? [01:46] pxe boot, i guess? [01:49] hmm apt dist-upgrade states that grub-pc-bin was automatically installed and is no longer required - on a fresh installation. [01:50] oh that's probably because i got efi [01:53] it reboots very fast, too. the longest job is dhcp (ipv4+ipv6) here. === ShriHari is now known as President === President is now known as President_Trump === ShriHari is now known as katnip- === katnip- is now known as ShriHari [06:15] Good morning [11:16] coreycb: any idea? https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1758882 [11:16] Launchpad bug 1758882 in neutron (Ubuntu) "neutron-db-manage python-pecan failure" [Undecided,New] [11:16] i checked all dependencies for gnocchi and neutron packages, can't see any weird constraints [11:17] happend after adding gnocchi for queens [12:05] tobasco: i'm not sure but i can try to recreate. heads (plural) is a typo right? [12:07] tobasco: if you upgrade python-pecan does it fix it ? [12:08] tobasco: we may need a higher min version of python-pecan specified in the neutron package [12:19] tobasco: i've triaged that bug, it's a package issue so i'll get that uploaded now. [12:33] coreycb: I fixed the issue on my side, I posted some more info there [12:33] I install ceph before having the UCA repo, so python-pecan is already installed when installing the other packages [12:33] ceph-mgr depends on python-pecan [12:34] don't know if the procedure about it, but we should probably change the neutron package to have the later version from UCA [12:34] tobasco: ok. it's still a package bug for neutron. once i build it successfully (takes a bit) i'll get it uploaded to bionic then back to the queens uca. thanks for reporting this. [12:34] unless it would break ceph-mgr completely [12:35] coreycb: cool, sorry for setting it as invalid, thought it was a mistake on my part [12:35] tobasco: all good :) [12:40] how to remove all but one kernel? [12:41] adac: `sudo apt remove `? [12:42] lordievader, yes that is an option. but I need to automize that actually [12:43] and I don't know which kernels are installed on the machine already [12:44] Hmm, well if the meta-package is installed `apt-get autoremove` should leave the last two and remove the rest. Though this has been buggy in the past. [12:44] Not really sure if this has been fixed. [12:46] lordievader, I see yes. thanks! [12:47] The above works until you start installing specific kernel versions manually 😉 [12:57] lordievader, which I do :P [12:57] hehe [12:59] Ah, the way `apt` select packages for removal is by checking if they are orphaned. If they are manually installed they do no classify as orphaned. [12:59] I suppose you then either need to write a script or start using the meta-package. [13:00] kk thanks [13:07] jamespage: promoting queens-proposed -> queens-updates [13:52] *waves to the server team* [13:53] o/ [13:53] anyone want to do me a solid and do an nginx merge from Debian? I'm a little bit busy with networking redesigns and overhauls at work so I've been pulling 10+ hour days and am just dead when i'm not at work... [13:54] i know that we're in FeatureFreeze, but I"m hoping the Release team will accept something like we did for 16.04, with us being as close to nginx stable that comes out in April as possible, with a version bump to the then-stable NGINX release in -updates. [13:54] hate to ask but :P === geoffmcc is now known as dumhed [14:08] teward: no worries. I'll add it to our list. [14:11] coreycb: if it's not too much could you ping me when that package fix is available in queens uca [14:12] tobasco: sure np [14:12] coreycb: awesome, thanks :) [14:20] hi all, looking for some help with something not entirely server-related, but recommended to post here anyway - need some help with SSSD if anyone can advise [14:27] Gargravarr: most people in here may not respond unless you'll discuss the entire issue. [14:27] okay, i generally post the minimum to grab attention without flooding [14:28] so i've got Ubuntu laptops auth'ing via LDAP using SSSD. most of the machines work, but i have a few machines where SSSD causes the machine to freeze on boot [14:30] the most frustrating aspect is that i have no logs or error messages as to why it's occurring [14:33] this is on Xenial with kernel version 4.13.0-36 & -37. if i disable the sssd.service and reboot, the machine comes up to the login prompt. otherwise it freezes at the Plymouth splash screen, or the text screen showing the services starting if i ESC out of it [14:34] rbasak: hi, question. I'm getting ready to propose those nvdimm packages. What would be the next step, get sponsorship for an upload, and then get an AA to take a look since it's a NEW package? [14:35] ahasenack: yes that's right [14:36] ahasenack: you'll need an FFe too, though for new packages that's not usually a problem. [14:37] rbasak: thank you very much. once this rebuild is over I"ll not be pulling 10 hour days and will be able to provide more help again, but until that point I'm a little swamped :P [14:37] rbasak: ok [14:54] okay, now i'm getting hard/soft lockups on the CPUs [14:54] after starting SSSD [14:56] Gargravarr: bug 1746806? [14:56] bug 1746806 in linux-aws (Ubuntu) "sssd appears to crash AWS c5 and m5 instances, cause 100% CPU" [Critical,In progress] https://launchpad.net/bugs/1746806 [14:56] rbasak: thanks, i'll read that [14:57] yesss, i keep seeing the ^@^@ strings when this happens [14:58] ^@ is 0x00 [14:58] Crashes of all kinds can typically cause that. [14:58] To verify if you're affected by that bug, please start by reverting the kernel package version. [15:00] rbasak: does this affect the 4.13 kernels too? i'm only seeing 4.4 mentioned in the bug [15:00] ah, scrolled down enough [15:07] rbasak: how far back should i revert? [15:07] currently running 4.13.0-37 [15:10] Gargravarr: sorry, I don't know any more than the bug. [15:10] fair enough [15:10] Gargravarr: but if you find more information that's not in the bug, then please do post it there. [15:10] will do [15:12] yep, i found 4.10.0-28 was still installed, booted that and it's running fine, LDAP auth included [15:13] right, i'll follow the bug (and post my setup) [15:23] Gargravarr: thanks. Please also mark yourself as affected on the bug. [15:28] thx for ubuntu-server; I've recently begun using LXD via the Snap on an ARM7 box and it's rock solid, easy to manage. Thx guys [15:31] rbasak: do you have a link to our pad for the git-ubuntu changes? Maybe i can take a stab at them [15:42] nacc: https://pad.ubuntu.com/Y25nCOQd6e [15:43] rbasak: thanks [15:53] rbasak: what exactly is the walk() method supposed to be returning? I don't see any docs (or the order in which things are supposed to be return, i guess)? [16:25] nacc: sorry that's not defined anywhere. It should be. [16:26] nacc: it returns a sequence of (parent, obj) pairs, enumerating all objects recursively. [16:26] s/enumerating/iterating over/ [16:27] parent is just the parent of the object, which makes the output easier to consume since the actual data structure is the other way round (an object keeps track of its children but not its parent) [16:27] nacc: also instance.walk() is supposed to return instance as well where that makes sense. [16:29] nacc: so for that to work, walk() is told its parent when it is called, since the class instance itself doesn't know. And it just returns that. [16:30] nacc: IIRC, the ordering is intentionally depth first, so that the placeholder replacement happens bottom up [16:34] rbasak: yep [16:34] rbasak: that makes sense, i just wanted to make sure i followed it, as it's sort of an internal API [16:40] nacc: yeah. My fault for not documenting it better. Because it's an interface that isn't defined in code anywhere (duck typing etc), there wasn't an obvious "must write a docstring" prompt for me. Some of it is an external API too. I'm not sure whether walk() should be internal to the module or external to callers. === Guest78101 is now known as devil__ [19:03] rbasak: if you have a few seconds, https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+ref/repo_builder_tags_branches i thnk does everyting up to the copy method [19:04] rbasak: it keeps the coverage at 98% (which it is in master, which i think implies some missing test, which i'm going to look at now) [19:24] rbasak: ok, got it to 100% in master [19:27] rbasak: branch updated === LaserAllan is now known as Guest76088 [21:02] anyone have a gui they like to encrypt files/folders? [22:30] rbasak: fyi, force-pushed branch, which now matches the spec (I found it easier to create the classes first and then move to in-place dictionaries) and added the Repo.copy method [22:30] rbasak: still at 100% coverage :) [22:36] rbasak: i'm not seeing an obvious way to find all commits in a repo (I can find all reachable commits from the branches, but we're not guaranteed to have any branches) [23:25] Have a bit of a head scratcher with SSH. I can login with my adminstrative account using key auth just fine. However I cannot login with another account using it's own key. I just get "No supported authentication methods available (server sent: publickey)" [23:25] It worked fine on Friday, but it doesn't today. Double checked I had the right key in .ssh/authorized_keys [23:25] updated and rebooted the server [23:26] ProCycle: check ownership and permissions of / /home /home/user /home/user/.ssh /home/user/.ssh/authorized_keys -- namei -l ~username/.ssh/authorized_keys is a handy way to get there :D [23:47] Huh didn't know about that command [23:48] home is owned by root, user dir is owned by user, .ssh is owned by user, authorized_keys is owned by user === SmokinGrunts is now known as Aztec03 [23:48] and perms seem correct too [23:49] ProCycle: how about the permissions? group owner of the .ssh dir and file? [23:50] They're both set to the user's group [23:51] It makes no sense :S [23:51] are there any more detailed logs on the host? [23:52] I can look, where would they be> [23:52] is the client perhaps using a too-small key? openssh recently changed to require > 1024 bits for rsa keys, iirc [23:52] Nope it's a 2048 key [23:52] /var/log/* and /var/log/audit/audit.log if you've got it [23:54] looking at auth.log [23:55] See lots of bot attempts to login to nonexistent accounts but don't see my user account in there [23:56] curious [23:57] tail -F the thing, and try again? [23:58] Ah there we go [23:58] Authentication refused: bad ownership or modes for directory /home/username/.ssh [23:59] .ssh has drwxrwxr-x with owner set to username and group set to username [23:59] running groups lists it as a member of that group