[01:15] hey guys, I spun up a vm of ubuntu server 18.04 on my laptop and I'm having a head-scratcher here... I can't install mariadb or phpmyadmin on the VM, the packages don't exist... are they in universe/multiverse or something? [01:16] both are in universe [01:28] I seem to have a nameserver conflict... I have probably mangled something. [01:28] gartral: https://bugs.launchpad.net/subiquity/+bug/1783129 [01:28] Launchpad bug 1783129 in subiquity "Only "main" component enabled after install" [High,Confirmed] [01:28] gartral: looks at comment #27 [01:29] gartral: I encourage you to mark the bug as affecting you if it fixes your issue [01:30] I'm using ispconfig, and my server is ns1.gethosting.today Now all is fine and dandy, it worked... but when I add gethosting.today as a client in ispconfig ns1.gethosting.today ceases functioning as a visible website. [01:30] I think I've configured something wrong =/ [01:31] xase: I want to understand your question, but I don't. :/ [01:31] ispconfig is like cpanel from what I gather [01:31] dpb1, I'm trying to sort through the issue, till I find the actual question I'm meaning to ask. [01:31] Yes. [01:31] ok, do you have shell access to the server? [01:31] Ok so. I was having an issue with BIND so I switched to PDNS, PDNS wasn't compatible so I switched back to bind. [01:31] Yes [01:32] what's ispconfig *do*? [01:32] Server is under my control completely, aside from not sharing the same physical location. [01:32] sarnold, it's for managing a server, either internally or externally. [01:33] so's ssh and juju .. [01:33] what's it *do*? :) [01:34] so ns1.gethosting.today binds properly to the ip it seems, but when I add the zones for gethosting.today itself to add it as a website it brings it up, but seems to bring down ns1.gethosting.todays connection to the ip. [01:34] What do you mean what does it do? [01:34] I'm sorry if I don't understand the question. [01:34] if it were me, I'd drop ispconfig [01:34] xase: if it just manages dns zone files then it's probably a waste of your time.. [01:35] sarnold, it doesn't just manage dns. It's also a webpanel, for installing software and adding client sites. [01:35] dpb1, the alternatives cost too much. [01:36] "gethosting.today zone: The following NS name(s) did not resolve to address(es): 174.105.101.49, ns1.gethosting.today, ns2.gethosting.today" -- http://dnsviz.net/d/ns1.gethosting.today/dnssec/ [01:38] Well I recently just readded the A names, would it take time to settle again? [01:38] I had websites pointed at ns1.gethosting.today earlier. I just removed them and started from zero, because gethosting.today stopped working. [01:39] are there some related commands so I can see the dns entries server side? [01:39] I think the dnsviz folks query from the servers directly when asked, every time. [01:40] Crap... so upon fixing one thing I've broken another... again XD [01:41] Well... is my setup of my hostname for the server ns1.gethosting.today appropriate... or should I have just named it gethosting.today? [01:42] if it's a nameserver then ns1.gethosting.today is a good name for it. [01:42] So, I don't need like a core server named just gethosting.today/ [01:42] ? [01:43] I'm asking inane circular questions, I know :( [01:43] probably not.. [01:43] Alright... let me try removing all sites again. [01:45] o_O [01:45] It's working with out DNS zones set... [01:45] See, I hate learning new stuff... but love it. [01:46] It's just confusing to get the hang of things. [01:46] gethosting.today I mean [01:47] Alright... sites and dns zones removed... [01:49] Alright... [01:49] So... with all that removed. [01:50] Gethosting.today resolves to the default apache page. [01:50] not ispconfig. [01:50] Nothing is configured... So it must be some sort of conflict. [01:50] I'll ask again in ispconfig channel... but they're unofficial and small. [02:07] dpb1: thnk you [02:14] Oy -_- Now I can't even point to ns1.gethosting.today... I don't know what magic mojo is going on behind the scenes... but it's elusive to me. [02:21] Ok... so my nameservers aren't working at all.. I knew something was amiss. [02:22] I mean... the urls must be working partway... [02:22] Since myzera.com is pointed at ns1/ns2... [02:23] But I just disabled those ns records on ispconfig... and the site still seems to resolve [02:23] Because of the A name I have set pointing to the IP I assume. [03:34] can apparmor die already? please? of all the problems i've ever had, apparmor makes the most mess of things... >.< [03:37] gartral: I'm sure there are people who feel the same way about basic filesystem permissions. [03:38] gartral: But no, I don't see it going away. From what I have seen Debian too are in the process of making it the default. [03:39] andol: my issue right now is that I can't start mariadb and AA seems too be the culprit [03:40] gartral: In that case, look in your log files, and then add the needed rules? [03:43] andol: it's complaining about 'failed name lookup' everythhing is local to the vm and should be using localhost, so :/ [05:00] good morning [05:17] Good morning. [05:45] Yeah. Not having a fun time with bind9 Not sure how to configure it, there's conflicting information everywhere, and #bind is quiet atm. I don't get why I can bring up websites without nameservers, by using A names. [06:54] xase, can't tell what your problem is. Can you give a simple example of something you tried that didn't do what you wanted. and tell what happened instead? [06:55] rfm I want to set up my machine as ns1.gethosting.today and use it as a name server for my other websites. [06:57] xase: oh, trying to set up lying nameservers is screamingly complicated, I can't help because I've never managed it myself. I think dnsmasq might be where you want to go reather than bind [07:01] lying nameservers? [07:02] rfm I'm not sure I understand... but I'll try taking a look at dns masq. [07:03] xase: So what troubles are you facing? [07:05] lordievader, my trouble is, all the bind tutorials seem to be for internal networks, I'm trying to create an external network, so I can serve my domains on this server properly. I had set up powerdns, only to find that it's not fully compatible with ispconfig currently, and I couldn't find any documentation that was relevant on how to do it. [07:06] So I can't use PowerDNS, though it seemed really neat. [07:06] Either way, I'd still be at this crux most likely. [07:06] Hmm, I see. That is too bad. [07:06] Anyhow, how is bind currently set up? [07:07] Default. [07:07] Did you disable recursing? [07:08] We already have too many open resolvers, so that would be step one, disabeling recursing. [07:08] https://knowledgelayer.softlayer.com/procedure/disable-recursion-dns === TvL2386_ is now known as TvL2386 [08:10] Can I ask who's idea it was to put a bit.ly link about IDE's in 18.04 server? [08:10] https://gist.github.com/ktechmidas/234bc342bda178ebbcfd3fde3b192949 [08:10] "Check out 6 great IDEs now available on Ubuntu...." [08:10] using MOTD in this way devalues it... using it for vulnerabilities is fair, but for ads for a bit.ly link? Ugh [08:10] why does everything creep into ads? [08:11] ktechmidas, I was confused about that message too. [08:11] Are they really 6 great IDEs? [08:12] badum-tss! [08:13] 聊什么 [08:16] Tsien: ni hui shuo ying yu? [08:16] !cn [08:16] 如欲獲得中文的協助,請輸入 /join #ubuntu-cn 或 /join #ubuntu-tw [08:16] Ah there's a CN channel, nvm [08:17] ktechmidas: Did Ubuntu really add that or was it Amazon? [08:17] I can speak English. [08:18] Maybe it was Amazon? [08:18] Unsure [08:18] Although I can't see them doing it either... I'm using the official canconical image [08:18] Oh, yeah. Then it is Canonical. I figured you might be using Amazon's images. [08:19] thought it was Ubuntu.... there was a backlash about that some time ago.... see bug #1701068 [08:19] bug 1701068 in base-files (Ubuntu) "motd.ubuntu.com currently shows media item (HBO's Silicon Valley using Ubuntu)" [Wishlist,Opinion] https://launchpad.net/bugs/1701068 [08:28] blackflow: I'm quite disappointed after the authors message: https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/1701068/comments/11 [08:28] Launchpad bug 1701068 in base-files (Ubuntu) "motd.ubuntu.com currently shows media item (HBO's Silicon Valley using Ubuntu)" [Wishlist,Opinion] [08:28] that it's happened again a year later [08:30] I will file a bug in ubuntu-motd where they told us to last time [08:30] ktechmidas: well, Canonical is not shy from trying out new things. As long as I can remove update-motd or in fact not even install it (as I only do debootstrap'd server installations, mostly due to this kind of aftermarket bloat) [08:31] but advertising in a server MOTD? Really? [08:31] I used the MOTD to be imformed or reminded of security issues [08:31] now I need to turn it off to avoid pointless articles about IDE's [08:31] and other clickbait [08:32] if you used motd for that, you were doing it wrong :) [08:40] not sure how much good it will do but I reported a bug: https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/1789850 [08:40] Launchpad bug 1789850 in base-files (Ubuntu) "Advertising in the MOTD" [Undecided,New] [08:40] had to do it in basefiles again [08:41] since ubuntu-bug wouldn't allow me to report in ubuntu-motd [08:42] you mean update-motd? [08:42] blackflow: according to this https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/1701068/comments/11 [08:42] Launchpad bug 1701068 in base-files (Ubuntu) "motd.ubuntu.com currently shows media item (HBO's Silicon Valley using Ubuntu)" [Wishlist,Opinion] [08:42] it's ubuntu-motd [08:42] "here is a team of engineering managers at Canonical (the ~ubuntu-motd team in Launchpad)" [08:43] yeah but the package is update-motd [08:43] I will switch packages on this bug then [08:45] Oh it was Mark's commit [08:45] guess I'm getting nowhere with my report [08:46] yeah. :) Canonical really wants to promote their stuff, especially snaps lately and if you're annoyed, just uninstall update-motd or reconfiugre it to stop fetching news. [08:47] I will leave it there... just in case they ever see the light... [08:47] I actually like snaps and lxd [08:47] lxd is something I've come to rely on... I wonder if it will work upstream [08:48] coreycb: jamespage: I just realized there is no new libvirt/qemu in https://launchpad.net/~ubuntu-cloud-archive/+archive/ubuntu/rocky-staging [08:48] am I looking at the wrong place or is this release not using the versions of Cosmic? [08:48] cpaelzer: no we don't automatically add it [08:48] only if there is a need or good reason [08:49] rocky is quite happy with libvirt from bionic [08:49] ktechmidas: upstream? [08:49] Debian [08:50] cpaelzer: hey - do you have a good way of measuring PPS for DPDK/OVS testing? I want to measure performance from within VM's [08:50] ktechmidas: oh, yeah. :) yeah, lxd works there. [08:50] snaps too, but are less well integrated into the desktop. [08:51] How do you stop mysql service from starting automatically? [08:52] jamespage: I usually use different workload profiles in uperf [08:52] jamespage: not sure if it is a good way [08:52] better would be a setup with a raw packet generator [08:53] but I don't have that [08:53] zetheroo: you 'disable' the service with systemctl. note that other things can still wake it up, depending on configuration, eg. socket based activation, dbus or whatever. to completely disable a service, you need to 'mask' it. [08:53] you can compare relative PPS easily, but probably not max PPS [08:55] blackflow: I already tried that and another method https://paste.ubuntu.com/p/gnJmVrn5hD/ [08:56] zetheroo: didn't that disable the service? [08:57] zetheroo: or are you thinking about "stopping" instead? disabling means it shouldn't start on boot. stopping means you stop the currently running process. [08:59] blackflow: After a reboot the mysql service is still running [08:59] I want to stop it from automatically starting at boot [09:00] I also tried commenting out the 'start on' line in /etc/init/mysql.conf [09:02] well... I don't know then. those split sysv-under-systemd-oh-hey-but-there-are-still-traces-of-upstart services are a mess..... [09:02] that's xenial, right? [09:03] yes, 16.04.5 [09:04] some clues given here: https://askubuntu.com/questions/57381/how-to-stop-mysql-from-running-at-boot-time check the comment about /etc/init/mysql.override [09:06] I have a service in systemd that needs to have something mounted before it runs. Do I give the permission to the user defined in the systemd file or something else? [09:07] CarlenWhite: make a dependency for the service on the corresponding .mount unit? [09:09] ok, tried 'echo "manual" >> /etc/init/mysql.override' - didn't work either [09:09] Eh. It's a bit weird of a set up. Every attempt to get the required mount to function at boot results in the system entering Emergency Mode. [09:10] It's a loop-file inside a zvol on a zpool. [09:10] Because Microsoft SQL. [09:12] I can't get the mount to work correctly at boot, but it can be manually done with a few mount commands. [09:14] loop file inside a zvol? that doesn't sound right. zvol is a block device, so are you talking about the zvol itself, or there's a filesystem on it, containing the file? [09:14] I tried using the zvol directly but MSSQL throws a fit even though for all intents and purposes it's supposed to act like a normal block device. [09:16] CarlenWhite: precisely, so you need a filesystem atop of it. otherwise it's no different from a hard disk [09:16] CarlenWhite: however, you _might_ need to move all dataset mountpoints to legacy, in order to control them via fstab, if you're having dependency/ordering issues, with zfs being.... it's own thing. [09:17] alternatively, use .mount units that depend on zfs units in turn [09:17] zfs-mount.service in particular [09:18] I might be misunderstanding. I did mount the zvol as a ext4 and attempt to use it with mssql. [09:18] or, zfs being what it is.... if mount doesn't work, you can have a regular .service executing `zfs mount` instead of using the default mounting mechanics [09:19] oh ext4, yes [09:19] As I've observed ZFS kicks in after reading fstab. [09:19] CarlenWhite: that's why I mention legacy mounts [09:20] it's a bit of a mess right now, but there's an open issue in Zfs on Linux, to deal with boot ordering [09:25] CarlenWhite: however, I'm curious, did you add the zvol mountpoint to fstab? [09:26] Yeah I tried to. Causes the system to stop on boot. [09:26] CarlenWhite: with what error? [09:27] Can't recall, but let me safely dismount and reboot the system and I'll tell ya'. [09:27] so still have no solution for disabling mysql service from automatically starting on boot :/ [09:27] CarlenWhite: you can add "nofail" to fstab options so it passes through, but yeah, I'd be interested in knowing the error [09:30] zetheroo: what if you renamed /etc/init/mysql.conf to /etc/init/mysql.conf.disabled? found some hints via google [09:30] System rebooting now. Waiting for hardware BIOS'... [09:31] blackflow, zetheroo `systemctl disable mysql`? [09:31] zetheroo: or if nothing works.... then you've got something else explicitly launching mysql, not a service file [09:31] CarlenWhite: it's xenial, and no systemd unit yet on xenial [09:32] Ah. Ignore me then. [09:40] cpaelzer: ta for the pointer to uperf [09:41] seem to be getting a reasonable pps and throughput figure [09:44] blackflow: if I rename that file can I still start up the service manually? [09:45] jamespage: I have a set of profiles for uperf if you are not happy with what is delivered by default [09:45] zetheroo: I don't know, try it. you can always rename back if not [09:45] of the category: not better, but different :-) [09:45] cpaelzer: pointer? [09:46] jamespage: things starting with uperf in https://git.launchpad.net/~ubuntu-server/ubuntu/+source/dpdk-testing/tree/ [09:47] I essentially search and replace different things in it to get a matrix of tests [09:47] one being slow and transactional to check latency/roundtrip (rr) [09:47] and the other one trying to somewhat burst-fill the line [09:48] blackflow: renaming didn't stop the service from starting on boot [09:50] zetheroo: no idea then. I think you have some custom script or something starting it then [09:50] zetheroo: can you check the logs and see exactly when in the boot process the service was started? [09:51] ok [09:54] first entry I see in syslog after a reboot is: linuxrunner mysqld_safe: Starting mysqld daemon with databases from /var/lib/mysql [09:55] blackflow: https://paste.ubuntu.com/p/43YnnHXRq7/ [09:56] and more ... https://paste.ubuntu.com/p/pJ7qJSWvJQ/ [09:57] zetheroo: that's good, but the idea is to see where in the logs, relative to OTHER things, this appears. in this case what non-mysqld thing is right before that, and what is right after that [09:57] zetheroo: maybe just pastebin the entire bootlog? journalctl -b [09:58] zetheroo: look through it, see if anything needs censoring/sanitizing before you pastebin [10:00] cpaelzer: ta [10:00] blackflow, I noticed ZFS starting then fstab attempting to mount the zvol by it's UUID, hung, and proceed into Emergency Mode. Reviewing dmesg I can't find any meaningful information related to it. [10:01] However there is some weird behavior in Emergency Mode. Can't mount the zvol manually. Running the appropriate mount command blinks the HDDs then returns with no error. But navigating to the mount shows nothing and umounting it says it wasn't even mounted in the first place. [10:02] blackflow: found an earlier mention of mysql starting: Aug 30 11:52:55 linuxrunner mysql[1075]: * Starting MariaDB database server mysqld [10:04] zetheroo: without the whole boot log I can't help you, you'll have to figure out yourself when in the chain it is started and then try to figure out what is starting it [10:05] CarlenWhite: sounds like the zvol is broken? when you boot the system normally, can you moutn it? add "nofail" to the fstab options, and after it boots try mounting it via fstab (mount /just/target/path/) [10:05] and by zvol is broken I mean that particular volume is not mountable [10:06] blackflow, Yeah. When I comment out the entry then once in the system, I can uncomment and mount them fine. [10:06] blackflow: can I PM it to you? [10:06] zetheroo: no, sorry. [10:07] CarlenWhite: or you could've used "nofail" :) sorry, I'd have to see error logs, no idea what's going on there. [10:07] blackflow: ok, how's this? https://paste.ubuntu.com/p/rXcZ8qRrPn/ [10:09] zetheroo: line 741 is relevant. that looks like systemd is using the sysv-init shim. are you 100% sure that disabling the service does not work? systemctl disable mysql.service (or whatever the unit name is)? if "disable" doens't work, did you try "mask"? [10:11] blackflow, I just took a high-speed footage just to capture the message [10:12] CarlenWhite: surely there are logs? journalctl? [10:12] blackflow: "mask" worked! [10:12] which I mentioned way up, but okay :) glad you got it fixed. [10:13] Reviewing the 240FPS footage it just mentions it timed out on waiting then two messages saying that two depends failed. [10:13] Sorry, I didn't know what you meant by 'mask' earlier on [10:14] blackflow: so to start the service manually it would have to be re-enabled I guess, because now 'service mysql start' complains 'Failed to start mysql.service: Unit mysql.service is masked.' [10:14] zetheroo: which is a great lesson. when you don't understand something being advised, look it up on google. "systemctl mask" returns quite a lot ;) [10:14] blackflow This case, /mnt/microsoft-sql-block-holder then /mnt/microsoft-sql-block then Local File System. [10:14] So correction three. [10:15] zetheroo: don't use systemctl, it's not a systemctl unit obviously. use service [10:15] wait, I think that's shimmed through systemctl..... uhhh.... use the /etc/init.d/.... script? /etc/init.d/mysql.... start ? [10:16] CarlenWhite: somewhere in the journal, or dmesg, there should be more info on why it failed. [10:17] '/etc/init.d/mysql start' doesn't return anything [10:17] CarlenWhite: anyway, for all this trouble, you could've really written a .mount unit and make the the .service you want to start depend on it somehow. [10:17] zetheroo: but does it start it? [10:17] no output usually means no error [10:18] blackflow: 'service mysql status' still shows it as being inactive [10:18] is there another way to check? [10:18] yeah the service command is shimmed through systemctl methinks, that's why. using the init script directly should've worked [10:18] zetheroo: ps auxf | grep mysql [10:18] or /etc/init.d/mysql status [10:19] root 2029 0.0 0.0 14544 988 pts/0 S+ 12:18 0:00 \_ grep --color=auto mysql [10:19] blackflow, Just: Timed out waiting for device dev-disk-UUID [10:19] '/etc/init.d/mysql status' returns nothing [10:19] zetheroo: sigh...... yeah I don't know then. that's total mess there. systemd+init+upstart. I don't know any more, sorry. [10:19] ok, thanks for your help [10:20] blackflow, But yeah I'll give up and try a .mount unit. [10:20] Failing that, bring up the disks and start mssql as a root crontab [10:21] CarlenWhite: yeah, thing is fstab is actually not used directly but turned into runtime .mounts by a systemd generator. this happens methinks independently of zfs because of the boot ordering issue zfs has, the zfs mount service should be started first. there's an open issue on ZoL github, I can't unearth it now, but I've seen it. [10:21] CarlenWhite: using an explicit .mount should work because that's how you can tell systemd all the dependency relations, that you can't via fstab [10:22] blackflow, Thing is that I'm seeing ZFS start up before it even tries mounting the disk. [10:22] Or zvol rather [10:22] CarlenWhite: one thing I didn't ask, what's your fstab line like? [10:22] blackflow: 'systemctl unmask mysql.service' and then 'service mysql start' works [10:23] so it just has to be masked again when done testing/using it [10:24] zetheroo: which is not good. the systemctl mask proves that it's systemd that initializes it starting on boot. but, it actually deferrs to upstart or sysv. meaning the _real_ place where you control if it starts or not is not systemd, but sysv/upstart. [10:25] which also means you should be able to start the service that way, outside of systemd, even if the systemd unit is masekd. [10:25] *masked [10:26] something doesn't seem right from all you're telling. it's a bit weird that you can't disable the service using any of the other methods, via that override file or myslq.conf or rc update [10:26] I'm willing to bet you didn't test those properly. [10:27] probably not - but this messy solution should do for now. [10:45] blackflow, Yeah I'm going with a root crontab that on reboot gets the drives ready then starts up the service by itself. When I have more time I'll try giving it another whack. [10:46] It Works™ [10:47] For now the server is gonna get it's day of use shortly and I don't want to bring it down. [10:49] But hey I won't have to be at the machine physically it get it back online. [10:50] that's maybe a stop gap solution, but really you should be doing through systemd. one of, if not THE, major issue(s) with people having problems with systemd is that those things are not implemented fully through the systemd interfaces, and breakage ocurrs because systemd is not told to do something correctly. [10:50] then hate ensues. [10:51] like things hanging on boot because systemd is now explicit about dependencies -- is not systemd's fault but configuration fault. if things are allowed to fail and aren't critical condition, then they should be marked as so. eg the "nofail" option in fstab. [10:51] But in terms of the fstab mock config I presented, it should work? === RoyK^ is now known as RoyK_Heime [11:06] CarlenWhite: not sure what you mean. thing with fstab is that it's being converted to systemd units via generator. while there are some x-* options one can use in fstab to instruct systemd, really the correct place is to use .mounts and express proper dependencies. sure, a @boot hack works but, one day you'll forget it's there and will have hard time figuring out wth is mounting something while [11:07] there's no fstab entry, no .mount. [11:45] jamespage: for a minor change in qemu all kind of autppkgtests break [11:45] jamespage: is cinder 2:13.0.0.0 broken in general atm? [11:45] or at least the tests? [11:46] if so could we add a force badtest? [11:46] The openssh manpage is not clear whether AllowUsers directive can appear more than once, and whether they're then all combined into a single list. My testing shows it IS so, but was wondering if anyone knows of a problem with that? [12:44] cpaelzer: er - E: Unable to correct problems, you have held broken packages. [12:47] jamespage: umm what is going on ... ? [12:47] cpaelzer: looking now [12:48] jamespage: maybe something because of libc transition? [12:49] bit cinder-daemons and cinder-volumes have the same entry in d/t/control [12:50] shouldn't they either be both or none installable [12:57] jamespage: I found nothing obvious in the log [12:57] for now I hit retry [12:57] let me know if you see something [12:57] otherwise I'll need to set up a local repro for a better look [12:59] cpaelzer: no I know what it is [13:00] cpaelzer: the wsgi apache conf is in cinder-common, not cinder-api so there is a install orering ossie [13:00] coreycb: can we not put the apache configuration into the -common package please - its role specific and causes all sorts of issues [13:02] ok [13:02] jamespage: that sounds like wait "until you have the fix uploaded" for me then right? [13:03] cpaelzer: yep doiing it right now [13:04] jamespage: sure. there's no way we can get all the config into -common packages to make py2->py3 upgrade seamless. [13:04] i've come to realize that [13:04] coreycb: I'm not sure I follow you in the context of the apache2 configurations [13:05] jamespage: it's config that can be overridden [13:05] but it has to be in a package that actually depends on and hence enables the apache2 and associated wsgi plugin [13:05] otherwise apache2 borkes on configuration during install as cinder-common does not have a depends on apache2 etc... [13:06] coreycb: does that make sense? [13:06] jamespage: yeah i get that [13:07] jamespage: i'm just saying that the effort was an attempt to allow for upgrades from py2->py3 without re-installing config and that's really not possible for all config. [13:08] coreycb: I'm missing something then [13:22] coreycb: jamespage: should we force-badtest cinder/2:13.0.0~rc1-0ubuntu3 for now to give you soem time sorting things out? [13:23] cpaelzer: no it's an easy change [13:25] cpaelzer: yeah I'm just uploading it now [13:26] will that only adress cinder or also the two nova issues? [13:27] there ppc and i386 are on "Test dependencies are unsatisfiable" blame: nova [13:32] jamespage: i'll take a pass through any other affected packages [13:35] coreycb: ta [13:36] coreycb: I poked the ovs backport again - the test suite is notoriously racey [13:36] jamespage: ah good, thanks [13:39] cpaelzer: libcloud getting greener and greener: http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#libcloud [13:39] cpaelzer: ppc and s390 fail for fdroidserver because that's an android package. Not ported to those arches apparently [13:39] the dependency doesn't exist there [13:42] good morning [13:42] hello kstenerud_ [13:43] cpaelzer: could you please pick the more specific review slot, instead of the "canonical-server" one? Otherwise the Mp disappeaars from https://code.launchpad.net/~canonical-server/+activereviews [13:44] ahasenack: What would be a good bug to look at next? [13:44] kstenerud_: the tiny logwatch ones I think [13:45] as they probably still apply to cosmic [13:46] kstenerud_: the "unmatched entries" ones from https://bugs.launchpad.net/ubuntu/+source/logwatch [13:47] starting with the ones easier to reproduce, i.e., pick some service you are more familiar with, or that isn't complex to setup like freeipa [13:50] Anyone have experience with purftpd? [13:50] pureftpd^ [13:52] isn't FTP something from the 90' ? [13:53] sdeziel, yes. Yes it is. [13:54] But I'm trying to use it for my less tech savvy cohorts. [13:56] Wait until he hears how old DNS is. [13:59] xase: I find SFTP pretty easy to use, maybe the less tech savvy folks would agree? [13:59] dput uses ftp by default :) [14:00] Do browsers support SFTP natively? [14:00] ahasenack: dput also supports SFTP but I didn't try [14:01] I tried, uploads were getting stuck mid-transfer, and I was told to switch back to ftp [14:01] whislock: no but clients are widely available [14:01] sdeziel: I feel like you're missing the point of "less tech savvy." [14:01] whislock: possibly. I just don't like to see new deployment of this crappy thing that is FTP [14:02] sdeziel, sftp I can use... but no, my cohorts want to be able to use a regular ftp client to regularly login to an ftp server =/ plus, how am I supposed to segregate my clients into their own sftp user, since ftp user and sftp users are separate [14:02] sdeziel: If it's the right tool for the job, it's not crappy. [14:02] sdeziel: Just because its old or whatever doesn't make it crappy. Is it secure? No. Does it need to be for this use case? Maybe not. [14:03] whislock: don't waste you time trying to convince me that FTP is not crappy ... the control and data separation is terrible [14:03] s/you time/your time/ [14:03] Then don't waste your time trying to inflict your biases on everyone else. Cuts both ways. [14:04] Either be helpful, or shut up. [14:04] \o/ first prod 16.04lts --> 18.04LTS done :) no issues [14:05] Ussat: I've heard from a few people that the xenial->bionic upgrade was far less breaky than they were prepared for. [14:05] xase: most FTP clients I encountered also supported SFTP. As for the users, it should be possible to convert them to SFTP... if you wanted [14:05] I am VERY happy [14:06] whislock: I didn't know xase knew about SFTP so I felt it was appropriate to draw some attention to it [14:06] sdeziel, yes, but my ftp credentials don't work for sftp? So what's the solution there? [14:06] Anyhow. [14:08] xase: What issue are you having with pureftpd? [14:09] I have pureftpd mysql setup... via this https://www.howtoforge.com/tutorial/perfect-server-ubuntu-18.04-with-apache-php-myqsl-pureftpd-bind-postfix-doveot-and-ispconfig/ [14:09] * whislock sees "disable AppArmor" and gets angry instantly. [14:10] xase: I don't know your setup but with SFTP (as provided by openssh) you can use password authentication just fine [14:10] thing is, it shouldn't. [14:10] although to use mysql as a backend for authentication in that case means having to use a pam module [14:10] xase: This howto is a flaming garbage pile. [14:11] xase: oh sorry, I missed the mysql part [14:11] xase: telling your users to use FileZilla with an ssh agent, and pubkey SFTP auth, is not complicated, and very easy, especially to an windows users. putty works fine with that. [14:11] I seriously doubt non-tech-savvy users would need FTP anyway, so those people are at least savvy enough to set up filezilla with ssh keys. [14:11] WinSCP is decent too [14:11] whislock, we were quite happy with the upgrade, although, I did about a week of testing first :) [14:12] ahasenack: For MP fixes, do I just reset the git repo back, commit new changes, and force push? [14:12] but uh be careful about enabling passwords for ssh. you do that, and you've removed the security benefit of keys. [14:12] Ussat: I'm not a datacenter guy anymore, but my DC-oriented folks tell me that they're loving life with bionic so far. [14:12] kstenerud_: it's a matter of preference, related to how big the whole diff is [14:13] kstenerud_: sometimes the reviewer wants to be able to see what you did to fix his or her comment [14:13] whislock, quite happy here with it [14:13] kstenerud_: in that case, committing on top helps [14:13] kstenerud_: when there are a few such requests, I tend to commit on top, and only rebase + force-push at the very end [14:14] whislock, I have multiple test labs, one of them being in VM's on my laptop :) [14:14] whislock, we are REALLY paranoid here (we are a hospital - and shit HAS to work) [14:15] I get it. I have several hospitals as clients, actually. [14:17] Well, whislock since you seem to understand AppArmor, can I go ahead and enable it again? Or is it a once it's gone, it's gone, start from scratch situation? [14:17] Apparently it causes some issues with scripts and ispconfig. [14:17] But according to recent threads it doesn't as much anymore? [14:17] If AppArmor is causing issues, your application is poorly designed. [14:18] Ditto SELinux. [14:18] Well it's not *my* application. [14:18] I just did what the tutorial told me to do. [14:18] I know, yell at the maintainers of the apps in question. [14:18] This is a test run. [14:19] Yeah, that's the problem. Howtoforge is populated with how-tos of questionable worth, filled with instructions of questionable wisdom, written by people of questionable experience. [14:19] So, some users (read: few) said it caused no issues in recent setups. [14:19] So can I re enable it? [14:19] Or do I have to start from ground zero since the system is 'compromised'? [14:20] App-armor can be reenabled, sure. Let me point out ways to identify a how-to written by someone who doesn't know what they're doing, if I may? [14:22] if apparmor is causing issues then first and foremost the policy could/should be fixed. doesn't automatically mean the application is poorly designed. [14:22] defautl policies, especially for complex programs, will have issues. [14:23] I entirely disagree, but oh well. [14:23] as do I [14:24] and I work with both Apparmor and SELinux daily [14:24] Well, I won't disable it next time when we re-do our setup. [14:24] Ussat: I thought I remembered you from #rhel. :P [14:24] I do to. I have yet to encounter a situation where a (local) modification to a policy hasn't fixed a problem with it. [14:24] :) [14:24] Yeah, that's a concept problem. [14:25] If the security policy is complaining, then your widget is doing something it probably shouldn't be doing. [14:25] or the policy is incomplete. [14:25] So we're supposed to trust the policy from scrath though ? [14:25] from the default^ [14:25] like firefox in ubuntu for example, for a while it carried no rules for the DRM plugin so you couldn't watch netflix with FF apparmor policy enabled. [14:26] I'm not sure when that was fixed, but I think it was recently. I run my own policy and don't notice when the packaged ones change [14:26] ahasenack: btw I added the server slot back [14:26] thx [14:26] it is so inconvenient that you have to take extra care to not pick that slot [14:26] xase: personally I don't. default policies are too broad for my taste. === Ussat-1 is now known as Ussat [15:32] A fascinating blog where freenode staff member Matthew mst Trout recounts his experiences of eye-raping young children https://MattSTrout.com/ [15:32] I thought you guys might be interested in this blog by freenode staff member Bryan kloeri Ostergaard https://bryanostergaard.com/ [15:32] With our IRC ad service you can reach a global audience of entrepreneurs and fentanyl addicts with extraordinary engagement rates! https://williampitcock.com/ [15:32] Read what IRC investigative journalists have uncovered on the freenode pedophilia scandal https://encyclopediadramatica.rs/Freenodegate [15:32] ... [15:32] die spammer [15:32] IRC investigative journalist...HAHAHAHA [15:34] I wonder what mr. Matthew did to this guy - he's been spamming for some time now [15:35] A fascinating blog where freenode staff member Matthew mst Trout recounts his experiences of eye-raping young children https://MattSTrout.com/ [15:35] I thought you guys might be interested in this blog by freenode staff member Bryan kloeri Ostergaard https://bryanostergaard.com/ [15:35] With our IRC ad service you can reach a global audience of entrepreneurs and fentanyl addicts with extraordinary engagement rates! https://williampitcock.com/ [15:36] Read what IRC investigative journalists have uncovered on the freenode pedophilia scandal https://encyclopediadramatica.rs/Freenodegate [15:37] A fascinating blog where freenode staff member Matthew mst Trout recounts his experiences of eye-raping young children https://MattSTrout.com/ [15:37] I thought you guys might be interested in this blog by freenode staff member Bryan kloeri Ostergaard https://bryanostergaard.com/ [15:37] With our IRC ad service you can reach a global audience of entrepreneurs and fentanyl addicts with extraordinary engagement rates! https://williampitcock.com/ [15:37] Read what IRC investigative journalists have uncovered on the freenode pedophilia scandal https://encyclopediadramatica.rs/Freenodegate === RoyK is now known as Guest34784 [15:40] A fascinating blog where freenode staff member Matthew mst Trout recounts his experiences of eye-raping young children https://MattSTrout.com/ [15:40] I thought you guys might be interested in this blog by freenode staff member Bryan kloeri Ostergaard https://bryanostergaard.com/ [15:40] With our IRC ad service you can reach a global audience of entrepreneurs and fentanyl addicts with extraordinary engagement rates! https://williampitcock.com/ [15:40] Read what IRC investigative journalists have uncovered on the freenode pedophilia scandal https://encyclopediadramatica.rs/Freenodegate [15:41] an IRC ad would only piss off everyone. thats crazy [15:41] great spammers are back [15:56] A fascinating blog where freenode staff member Matthew mst Trout recounts his experiences of eye-raping young children https://MattSTrout.com/ [15:56] I thought you guys might be interested in this blog by freenode staff member Bryan kloeri Ostergaard https://bryanostergaard.com/ [15:56] With our IRC ad service you can reach a global audience of entrepreneurs and fentanyl addicts with extraordinary engagement rates! https://williampitcock.com/ [15:56] Read what IRC investigative journalists have uncovered on the freenode pedophilia scandal https://encyclopediadramatica.rs/Freenodegate [15:57] A fascinating blog where freenode staff member Matthew mst Trout recounts his experiences of eye-raping young children https://MattSTrout.com/ [15:57] I thought you guys might be interested in this blog by freenode staff member Bryan kloeri Ostergaard https://bryanostergaard.com/ [15:57] With our IRC ad service you can reach a global audience of entrepreneurs and fentanyl addicts with extraordinary engagement rates! https://williampitcock.com/ [15:57] Read what IRC investigative journalists have uncovered on the freenode pedophilia scandal https://encyclopediadramatica.rs/Freenodegate [16:05] oh ffs..OPPP [16:05] kick the spammer [16:36] І tһouɡһt уοᥙ g∪yѕ might bᥱ iᥒtᥱrestеԁ іᥒ tһis blоɡ by freᥱᥒοde ѕtaff ⅿᥱⅿbᥱr ᗷryan kⅼоeri Оѕtеrɡaаrd һttps⁚᜵⧸brуаᥒοstеrgаɑrd.ⅽοm⧸ [16:36] Reаd whɑt ⅠᎡC іᥒᴠestiɡɑtⅰ⋁е јоurnаⅼⅰѕts һavе ∪nⅽо⋁erᥱԁ оᥒ tһᥱ frᥱᥱnοde ⲣᥱⅾoрhⅰⅼіа ѕсаᥒdal httⲣs᛬∕/еnϲyϲlഠⲣеⅾіɑⅾraⅿatіса.rѕ∕ᖴreeᥒodеgɑte [16:36] A fаscinatⅰnɡ bⅼⲟɡ whеrе frᥱеnοⅾе stɑff mеmbеr Ꮇɑttһᥱw ⅿst Ꭲrⲟ∪t ԁоc∪mеntѕ hⅰs eхⲣеriеᥒcᥱѕ eуе﹣rаpiᥒɡ yоᥙnɡ ⅽhіⅼdrᥱᥒ һttps˸⁄᜵ΜattЅTrοᥙt.ϲഠm/ [16:37] Ꮤⅰth ο∪r ⅠRC ɑd ser∨ⅰⅽe уοu can rеaϲһ a gⅼоbаⅼ аudⅰenϲe ഠf ᥱᥒtrᥱⲣrᥱneurs ɑnԁ fеᥒtaᥒуⅼ ɑԁⅾⅰϲts ᴡⅰth eⅹtrɑorⅾⅰnаrу engаgemеnt rates! httрѕ፡᜵⁄ᴡіlⅼiɑmⲣⅰtϲⲟсk.ⅽⲟm⧸ [16:38] Ⅰ tһо∪ɡht yഠᥙ guỿѕ ⅿіgһt bᥱ ⅰnterᥱsteԁ іᥒ thіѕ bⅼоg bу frᥱᥱᥒοⅾᥱ stɑff meⅿber Вryаn kⅼοеrⅰ Ostеrgɑɑrd һttⲣѕ:᜵⁄brỿaᥒഠstеrgаɑrd.сοm⧸ [16:38] Rеaⅾ whɑt ІᎡС in∨ᥱѕtigatіve ϳഠ∪rnaⅼіѕts hɑ⋁e ∪nϲο∨erᥱd οn tһe freᥱᥒοdᥱ ⲣedഠphiⅼіɑ sϲanԁаⅼ httⲣѕ︓᜵/еᥒϲỿclоpeⅾⅰаdrаmatiса․rѕ⁄Frᥱenоԁegatе [16:38] Ꮤⅰth оur IRⲤ ɑԁ ѕеr⋁iⅽе уo∪ саn reaϲһ a ɡⅼഠbɑⅼ ɑ∪dіеᥒce οf еᥒtrᥱprеne∪rѕ ɑᥒⅾ fᥱᥒtɑnyl ɑԁⅾіϲtѕ ᴡith eⅹtraⲟrdⅰᥒɑry еᥒɡаgᥱⅿеᥒt rаtᥱsⵑ һttps፡/⧸wіllіaⅿⲣіtϲഠⅽk․ⅽoⅿ∕ [16:38] А fаѕϲⅰnаtіᥒg blоɡ ᴡhᥱrе freеᥒⲟԁе ѕtɑff membеr Мatthеᴡ ⅿst Ꭲro∪t dⲟⅽ∪ⅿеᥒtѕ һis еⅹⲣеrⅰenceѕ еуᥱ╴rɑpіng уoᥙnɡ ϲhіⅼdrᥱn httⲣsː∕∕ΜаttᏚΤroᥙt.ϲom/ [16:52] Ꮃitһ o∪r ⅠRⲤ ad ѕᥱr∨ice yഠu ⅽɑᥒ reасh ɑ glоbаⅼ аᥙԁіeᥒϲᥱ ⲟf eᥒtreⲣrᥱneᥙrs anԁ fᥱᥒtaᥒуl аⅾdіctѕ ᴡitһ ᥱxtraοrⅾiᥒɑrу engagеⅿᥱnt rаtᥱs! httpѕ։᜵⧸wⅰⅼⅼⅰаmⲣіtϲഠсk.ⅽഠⅿ⁄ [16:52] Ꭱᥱaⅾ what ΙᖇϹ iᥒ⋁ᥱstіgаtіvᥱ jⲟᥙrnaliѕtѕ hɑⅴᥱ uᥒсⲟ⋁ered оᥒ thᥱ frᥱeᥒⲟⅾе рedοрhiⅼіa sⅽаndаⅼ httpѕ᛬∕᜵ᥱncỿсⅼഠpᥱⅾiaⅾramatⅰcɑ.rѕ/ᖴrеᥱᥒodegatᥱ [16:52] Ⅰ tһഠuɡһt ỿⲟ∪ guỿs ⅿight bе ⅰᥒteresteⅾ iᥒ tһⅰѕ bⅼⲟg bу frᥱеnoԁᥱ ѕtаff ⅿеmbᥱr Вrуaᥒ kⅼoеrⅰ Ostеrɡaɑrⅾ һttрѕ˸//brỿаnⲟѕtᥱrɡɑаrd.сⲟm᜵ [16:52] A faѕcinɑtⅰᥒɡ blഠg wһerᥱ frеeᥒoԁе ѕtaff ⅿᥱmbеr Mɑtthew ⅿst Τrഠᥙt ԁoⅽᥙmᥱntѕ һⅰs eⅹрerienсᥱs еỿe-rɑрinɡ yοᥙnɡ ⅽhіlⅾrеn һttⲣs⁚/⧸ᎷattᏚΤrοut.ϲഠm⧸ [16:54] kstenerud_: did you see the review comments on that bind9 MP? Just checking [16:57] smoser: hi, could you try to import snapper into git-ubuntu? [16:59] ahasenack: if he is not around, i can do it, probably [16:59] nacc: ah, true, go ahead if you can :) [16:59] ahasenack: is the edge snap working again? i haven't used it in a while (i have my test snap installed locally) [17:00] I don't know [17:00] let me see what I'm using [17:00] git-ubuntu 0.7.4+git94.eb6c24a 433 edge canonical✓ classic [17:00] I'm on that [17:00] ahasenack: thanks [17:00] we hit a bug trying to import libcloud the other day, that one always fails, we haven't investigated [17:01] we get a 410 gone from lp, and there is something about a disabled team/api user [17:01] ah so maybe an error path needs to be handled [17:02] ahasenack: did you need me to do that still ? [17:03] smoser: I think nacc is on it? [17:03] trying to, yeah :) [17:03] cool [17:03] smoser: thanks [17:03] * smoser ctrl-c's [17:03] uhoh :) [17:05] ahasenack: Yes, I asked another question there and am waiting for a response [17:05] kstenerud_: did you click "save"? :) [17:06] I clicked it now [17:06] kstenerud_: in lp, even when replying to a diff comment and clicking the greek tick box, you have to scroll back up to the general comment area and click "save comment", even if you didn't type anything in that box in particular :( [17:06] yeah, i prefer to reply via e-mail for that reason [17:07] oh weird [17:07] the web interface is ... not usable, imo [17:07] kstenerud_: I just replied [17:07] yeah, and then you see a bunch of empty comments above the diff and wonder what is going on :) [17:08] all the "discussion" is happening in inline comments further down :) [17:08] heh [17:08] or you do *everything* via e-mail [17:08] and you don't use the web UI at all [17:08] problem solved [17:08] ...and just wrote an adendum [17:09] ahasenack: i think your point is valid, you have to, imo, either do everything via the web UI or via e-mail. Mixing them gets really confusing [17:10] I use the email more as a notification, "hm, there was an update in that MP" [17:10] yeah that makes sense [17:10] I used it more as "this is where the development happens", like a per-MP mailing list [17:12] nacc: is the import running? [17:12] ahasenack: yeah, it failed on one pristine-tar it seems, but otherwise it's moving along [17:12] ok [17:12] up to zesty-proposed patches-unapplied [17:13] the libcloud one was chugging along until a certain point, where it hard failed [17:14] ahasenack: was a bug filed? I didn't see it if so [17:15] no [17:15] I guess we wanted to check with rbasak [17:15] (cpaelzer and I) [17:15] ack [17:15] is he out? [17:15] holidays [17:15] two more weeks iirc [17:16] ah ok [17:16] do you have a log? [17:16] i can look [17:16] ahasenack: ok, it got through the unapplied import; doing patches-applied and then it should be pushed (snapper) [17:16] no, but I can run it again with --no-push [17:17] yeah i just want to see the backtrace [17:19] it's running, will have it in a minute [17:20] nacc: https://pastebin.ubuntu.com/p/HMd4HDkT5c/ [17:21] ok, that's an easy fix [17:21] Ꮢеaⅾ wһɑt ІᏒⅭ іᥒ∨еstіgatіᴠᥱ ϳⲟurnɑⅼistѕ hɑ⋁e ᥙnϲо∨ered οn tһe frᥱeᥒoⅾe реԁoрhilⅰа ѕϲаᥒԁal һttps∶⁄⧸eᥒсyⅽⅼοpеԁⅰɑԁraⅿatiⅽɑ.rs⁄ᖴrееᥒഠdеgɑtе [17:21] it needs a try/except for that return code in importer.py:1646 [17:21] А fаscіnatiᥒg blоɡ ᴡһᥱre frееᥒoⅾe ѕtаff ⅿᥱⅿbᥱr Маttһᥱᴡ ⅿѕt Τrഠut dⲟⅽ∪ⅿeᥒtѕ һis eⲭⲣеrіᥱᥒϲeѕ eyᥱ˗raрinɡ уоung chіlⅾrᥱn https⁚⧸⧸ⅯɑttSTrഠut․ϲοm∕ [17:21] Ι thοᥙɡһt уⲟ∪ ɡ∪уѕ ⅿight bᥱ іntᥱrеstᥱԁ іᥒ tһⅰs bⅼoɡ bу freeᥒоԁe ѕtaff membᥱr Вrуaᥒ kloᥱrⅰ Οѕtᥱrɡɑаrⅾ https˸∕᜵brуɑnostᥱrgаarⅾ․сοm/ [17:21] Ꮃіtһ ഠᥙr IᖇC aԁ ѕеr⋁іcе yo∪ ϲаn rᥱасһ ɑ ɡlοbаl auԁieᥒce οf еᥒtreрrеᥒᥱ∪rs аnⅾ fᥱᥒtanyⅼ ɑԁⅾіⅽtѕ ᴡіtһ еⲭtrаorⅾⅰnаry ᥱngаɡeⅿеnt rɑtes! һttⲣѕ:⁄∕ᴡⅰllⅰaⅿpⅰtсⲟck.ϲοⅿ/ [17:21] the suspended user is a real error I assume? [17:21] when I hit that user up in lp, I do get a 410 [17:22] right, it measn we can't access their data in LP [17:22] but I don't know why we would be doing that [17:24] ahasenack: why what? [17:24] ahasenack: e.g., a user can delete themselves in LP [17:24] however, LP still knows that user is who uploaded the srcpkg [17:25] following the link will fail to get their details [17:25] why are we hitting that user? Where does it come from? [17:25] https://launchpad.net/ubuntu/+source/libcloud/0.5.0-1 [17:26] click onthe "original maintainer" link [17:26] ah [17:26] and that's the first version in launchpad of that package (0.5.0) [17:27] well, no [17:27] but ok [17:27] 0.3.1 for example had another maintainer [17:27] ok [17:27] got it [17:28] Rᥱаԁ wһat ІᎡC ⅰᥒ⋁estigаtivе јo∪rnаⅼⅰѕts һɑ⋁e ᥙnco∨еrᥱԁ ⲟn tһᥱ freenоⅾе peԁⲟрһilіа sϲаnԁаⅼ һttpѕ˸/᜵ᥱᥒcуϲlореdiаdrɑⅿatⅰсa․rѕ᜵ᖴreеnοԁᥱɡatᥱ [17:28] Ι tho∪ght you ɡ∪yѕ ⅿⅰɡht be іᥒtеreѕtеⅾ іn thⅰѕ bloɡ by frеenഠdᥱ stаff ⅿеⅿbᥱr Βrуɑn klοеri Ostᥱrɡаard һttрѕ∶⧸/brуаᥒⲟѕtᥱrɡаard․ⅽഠm/ [17:28] Ꮃith ഠ∪r ⅠᖇᏟ аd ѕer∨iⅽе уo∪ ⅽan rеɑcһ а ɡⅼоbɑl a∪ԁiᥱnⅽᥱ of entrᥱрrene∪rs anԁ fеntanуⅼ аⅾdіϲtѕ ᴡіtһ ᥱⅹtrɑοrdⅰnarỿ enɡɑgеmᥱnt rɑtеs︕ һttрs։⧸⧸ᴡilⅼiamⲣitϲⲟϲk.cοⅿ⁄ [17:28] A faѕсiᥒɑtiᥒɡ blⲟɡ whᥱrе frеᥱnഠⅾе ѕtɑff ⅿеmbеr Ϻɑttһеᴡ mѕt Ꭲrഠ∪t ԁοcuⅿents hіs eⅹperⅰenсeѕ ᥱуᥱ﹣rаⲣіᥒg уⲟᥙᥒg cһіⅼԁren httрѕ:/᜵MаttЅТrⲟᥙt.ϲoⅿ∕ [17:29] nacc: turns out there is a bug already: https://bugs.launchpad.net/usd-importer/+bug/1764814 [17:29] Launchpad bug 1764814 in usd-importer "awscli import fails: package_creator.display_name results in HTTP error 410: Gone" [Undecided,New] [17:30] I'll add your comment to the bug [17:37] ahasenack: ack, thanks [17:38] it seemed familiar :) [17:38] nacc: hehe [17:38] ahasenack: snapper should be imported, canyou check? [17:38] let me try [17:38] nacc: yep, it's cloning, thanks [17:39] ahasenack: yw [17:40] nacc: picking your brain a little bit, [17:40] ahasenack: sure [17:40] nacc: how would I go about fixing an existing debian patch? [17:40] update the patch, add appropriate dep3 headers [17:40] or add another patch [17:40] that changes the troublesome file one more time, after debian [17:41] case in point is this: [17:41] -snapperd_LDFLAGS = -lboost_system -lboost_thread -lpthread [17:41] +snapperd_LDFLAGS = -lboost_system -lboost_thread \ [17:41] debian dropped -lpthread by mistake I believe [17:41] that's in a patch already [17:41] ok, so there's a quilt patch in debian that removes -lpthread? [17:41] debian wanted to add other libraries [17:41] is that the only thing it does? [17:41] no, it adds other libraries [17:41] let me paste [17:42] nacc: https://pastebin.ubuntu.com/p/ptkXFfrjMW/ [17:42] but in the process of adding that \ and the next line, they dropped -lpthread [17:42] probably because it looks like -lboost_thread that was there already [17:43] that is in debian/patches/0001-refresh-Add-DSO-linker-options-for-libsnapper.la.pat.patch [17:43] ok [17:43] did you file a bug in debian already? :) [17:43] I pinged in their commit that made that change [17:43] ack [17:43] not sure if that will trigger an email to the right person [17:43] nacc: https://salsa.debian.org/debian/snapper/commit/7b582167d840a7673b33d186891d2e07a4f3ee4d [17:43] hrm, so i think you can do it either way you said [17:44] in this case, in the sense of easily sending delta to debian [17:44] i'd make it a -fix patch [17:44] at the end of the series [17:44] yeah, I was leaning towards that, as it would make adding an explanation easier [17:44] yep [17:44] nacc: and, no bug, because the build works in debian [17:44] I don't know why [17:44] there have been other times where i've taken a debian patch and *changed* the fix, because it was wrong, or in some way had changed on moving to to a newer upstream, e.g. [17:44] I thought it could be another case of us using -Wl,-Bsymbolic-functions [17:45] which debian doesn't use [17:45] right [17:45] but our build breaks even when I drop that flag [17:45] jamespage: i'm going to deploy and run with openvswitch shortly before promoting everything else that's in staging [17:46] thanks, I'll go with a new patch [17:46] it's also easier to drop later on if needed [17:46] much more clear what to drop/change [17:46] ahasenack: right i think from a maintenance/commit perspective it's the smallest change for the largest gain [17:46] ahasenack: diffing a patch which itself is a diff is contextually difficult to parse [17:46] ugh, yeah [18:21] hm [18:21] with my fix, it failed just in armhf, instead of all: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3397/+packages [18:21] an improvement still [18:56] I'm having those "No buffer space available" problems with postfix again. is that buffer space a resource bound to one network interface? is it realted to txqueuelen? [19:24] Sven_vB: no idea, do you have more logs? Where is that message seen, in dmesg? [19:24] in my syslog [19:24] meanwhile I read it's probably about the user_beancounters limits of virtuozzo [19:25] I'll monitor them, and txqueuelen, and see whether they might at least predict the outages. [19:33] Sven_vB: what sort of email volume are you dealing with? [19:34] RoyK, probably a lot. there are some accounts that collect spam at a few hundered mails per day. [19:34] possibly something here https://serverfault.com/questions/614453/no-buffer-space-available-on-connect [19:35] thanks, I'll look into that! [19:37] 2nd hit on google :þ [19:45] RoyK, I think I even found that, I just didn't understand it was related. [19:47] that thread sounds like it's about connecting to the outside, whereas my problem was that incoming connections were accepted but no greeting ever arrived at the client. [19:56] A fasciᥒatinɡ bloɡ ᴡһerᥱ freᥱᥒοԁе staff ⅿеⅿber Mаttһeᴡ mѕt Trout reϲoᥙnts һіs exрeriencеs of еyе-raⲣіnɡ yoᥙng ϲhildrᥱᥒ https:/᜵MattЅTrout.ϲoⅿ⧸ [19:56] Wіth оur ІRC aⅾ ѕеrviⅽe уou саn reaⅽh a gⅼobаl auⅾiеnⅽe of еntrᥱрrᥱneurѕ aᥒd fentaᥒyⅼ aⅾdiⅽts ᴡitһ extraordⅰnɑrу enɡageⅿent rates! һttps:∕/ᴡiⅼliampitcock.cοm᜵ [19:56] I thο∪ɡht yοᥙ ɡ∪yѕ ⅿigһt be interesteⅾ iᥒ tһіѕ blοɡ bу frеenoԁе ѕtaff mᥱⅿber Вrуɑn kⅼοeri Ostᥱrgaаrd https://bryanosterɡaɑrd.cοⅿ/ [19:56] Reaԁ wһɑt IRϹ ⅰnveѕtigative ϳournalіsts hɑᴠe uᥒco⋁erᥱd oᥒ tһe frᥱenοԁᥱ ⲣedοpһⅰlⅰa sсandal һttpѕ᛬//еncусlopediadrаmatⅰca.rѕ/Freenoⅾеɡatᥱ [19:56] Aftᥱr the aⅽqᥙisіtіon by Privatе Intеrnet Aϲϲᥱѕѕ‚ Frеenοԁe іѕ ᥒow beiᥒg uѕᥱd tഠ рᥙѕh IⅭO scɑⅿѕ һttps:᜵/ᴡwᴡ․ϲоindesk.ϲοm/hɑnԁѕһakе-revealеd-vϲѕ-back-plаn-tο-ɡivе╴аway-100-milⅼiⲟᥒ-in-сrурto/ [19:56] "All tоld, Ηanԁsһakе aіⅿѕ to gⅰⅴe ﹩250 wоrth of іtѕ tokeᥒѕ to *eacһ* ᥙsеr οf thе wᥱbsⅰtes the compɑᥒу has partᥒerships wіth – GitⲎub, tһе PᒿP Fοunԁation aᥒԁ *ᖴREΕNⲞDE⋆, a cһat chanᥒеⅼ for рᥱer-to-pᥱᥱr ⲣroϳеctѕ. Ꭺs sᥙch, ... [19:56] dᥱ⋁ᥱlⲟpers wһⲟ hаve exⅰstіng ɑcϲοunts oᥒ eacһ сoulԁ reⅽeіvᥱ uⲣ tо $750 wοrth of Handѕһɑke tοkens." [19:56] pilottage, obfuscating the URL breaks it. [19:56] Hаnⅾsһɑkе cryptοⅽurrеncy ѕⅽam іs ореratеd bу Аndrеw Ꮮeе (276-88-05ƷᏮ), thᥱ frаuⅾster in chief at Prіvɑtᥱ Ιnternеt Acϲesѕ wһіcһ ᥒοw owᥒs Frеenoԁе [19:56] Freeᥒodᥱ iѕ regⅰstᥱreԁ аs a "рrⅰ∨atе ϲοⅿpany ⅼimitеⅾ by guarаntee witһoᥙt shɑre cаpital" perfⲟrⅿinɡ "ɑϲtivⅰtіes of otһеr memberѕhip ഠrgɑnіsɑtⅰoᥒs not еlѕewhеrе cⅼassifіеd", witһ Сһristеⅼ aᥒd Andrew Lee (РIᎪ's fοuᥒdᥱr) aѕ ⲟfficers, ɑnԁ Αᥒdrеᴡ Leе һaving thе mɑjority of ⅴoting rigһts [19:56] Even cһrіstel, thе frеeᥒodᥱ һead οf stаff is ɑctiᴠеlу peddⅼing thіs scaⅿ https։/⁄tᴡⅰtter.com/ϲhristеl/stɑtᥙs/10ᒿ508Ꮽ88Ꮽ0Ꮽ0Ꮾ54208 [19:56] Donʹt ѕᥙрⲣοrt freenоde and tһeir ⅠCO scɑⅿ, sᴡⅰtcһ to a ᥒetwork that haѕnʹt bеeᥒ ϲо-oрtᥱd bу corporate intеrеsts. OᖴᎢⲤ or efnet mⅰgһt be a gooⅾ choice. Ρerһaⲣs even https⁚//ⅿatrix․orɡ/ [20:21] beisner: jamespage: smoke tests passed with ovs 2.10.0 in proposed so i'll promote that and start promoting the rest of the rocky packages (almost done) [20:26] I'm getting sick by ansible and its bugs by the minute. [21:32] So someone in here earlier suggested I use keys and SFTP instead of FTP. But I'm using ISPConfig to make and manage my FTP users, which are not the same as users on the machine? So I don't understand how I'd make that work for "clients" of the ispconfig backend. Anyone have any pertinent info? [21:35] that's probably a good question to ask on an ispconfig support channel / forum [21:36] xase: https://git.ispconfig.org/ispconfig/ispconfig3/issues/3940 [21:36] first hit on google for 'ispconfig sftp' [21:38] nacc, thanks. I suppose I could've done that. I apologize. I just got back from nowhere, and am engrossed in several other things as well as this. Forgive my impetuousness [21:38] xase: no worries, the maintainer has some suggestions that it 'just works' with an appropriate configuration [21:39] I asked in ispconfig as well, as I am joined there. [21:41] xase: you could look into froxlor.org instead, which i think supports sftp through openssh-server with authentication against libnss-mysql [21:41] pick your poison ;) [21:43] I was originally going to go with Froxlor. TBH... though I couldn't find much documentation on it tomreyn. Have you used it AND enjoyed it? [21:43] hard to enjoy poison... [21:44] Yes nacc, agreed. [21:46] Well, if I could afford Cpanel or ISPManager, I'd be using one of them preferrably, but this is for a group of people to use, to serve their personal websites, mine included. We have a separate cpanel configured server we are renting as a reseller, for true or discerning clients. [22:00] hey all, I've messed up my apt-get trying to update dotnet [22:00] when trying to install dotnet 2.1, I get the following error (after I removed dotnet 2.0 myself) [22:00] dotnet-sdk-2.1 : Depends: dotnet-runtime-2.1 (>= 2.1.3) but it is not going to be installed [22:00] Depends: aspnetcore-runtime-2.1 (>= 2.1.3) but it is not going to be installed [22:01] maxel: try fixing the dependencies yourself [22:01] just force install them? [22:01] e.g. sudo apt-get install dotnet-sdk-2.1 dotnet-runtime-2.1 aspnetcore-runtime-2.1 [22:01] that will indicate why those are not going to be installed [22:02] then again none of those appear to be ubuntu packages [22:02] so .... [22:02] maxel: no, i was not suggesting forcing anything [22:02] yeah I had to add microsoft repo: https://www.microsoft.com/net/download/linux-package-manager/ubuntu18-04/sdk-2.1.300 [22:03] maxel: apt is saying you have asked it to do something it can't [22:03] maxel: so i'm suggesting you try and resolve the conundrum for apt [22:03] maxel: well, the issues with that external repo are up to the maintainer of it to resolve, not us [22:04] sure [22:04] so if I do this manually, it looks like a chain of dependencies. just try removing the old ones and update them all myself? [22:05] I got up the chain until there is a requirement of "libicu60" which I don't even know here that is, apt can't find it [22:05] maxel: are you on 16.04 or 18.04? [22:06] good catch. 16.04 [22:06] ok, don't do silly unsupported things [22:07] ok, so I switched the wget to the 16.04 release repo [22:07] did the dpkg command [22:07] but I'm getting the same problem. do I need to get rid of the old repo somehow? [22:08] uh yeah [22:08] you need to purge it, probably by hand at this point [22:08] crap, not sure how to do that [22:09] do I need to purge the repos or installed packages? [22:10] maxel: typically both [22:10] ok, do I need to track down where apt put these packages I attempted to update and just delete them manually? [22:11] you would need to figure out each package from the repo that you did install, if any, and remove them, then remove the repo, then add the correct repo [22:11] you might able to find them via /var/log/dpkg* which specific packages you got from the 'wrong' repo [22:13] good point [22:14] ok so I'm looking at my dpkg* in log [22:14] can I just find the files that were modified in line with when I did these updates? [22:19] ah crap, well I did an apt-get upgrade before this [22:19] so there are a ton of entries in this log [22:20] Soooo... grep for dotnet? and then if it displays date, which I don't know if it does... grep for that date? [22:20] well that's a package name [22:20] I'm still a ubuntu newb :o [22:20] not necessarily the repo the package came from [22:20] i think if you google around, there are probably apt-y ways to figure out all packages that came from a specific repo [22:21] could probably even extend ppa-purge to do something like this if it doesn't alraedy [22:21] such a tool exists [22:21] ppa-purge [22:22] so SFTP/SSH chroots are supported with jailkit on ISP Config... [22:22] thinking about uninstalling pureftpd in that case. [22:22] sarnold: can ppa-purge remove arbitrary repos? [22:22] sarnold: i thought it only understand ppa and ppa URLs [22:22] nacc: I'm not sure.. [22:22] aw :( [22:22] so is this ppa-purge something I should use? [22:22] sarnold: yeah, checking the manpage [22:23] but in theory, it should be extensible, or you can read it and do what it does with an arbitrary repo [22:23] maxel: something like it, at least [22:23] it's a shell script [22:23] ah [22:23] (that is also in a package) [22:23] well I found the exact moment in the dpkg log where I started installing from the wrong repo [22:23] ah ok [22:23] then you can just purge those packages out [22:24] just go through each package and apt-get remove? [22:24] and autoremove as well, to be sure any dependencies are gone [22:24] you'll want to purge, i think, but i leave that up to you [22:24] you should hopefully have backups [22:24] ah ha [22:24] so for example, first package I see int installed is: install packages-microsoft-prod:all 1.0-ubuntu18.04.1 [22:25] it uses /var/lib/apt/lists/..._*_Packages to figure out the list of packages from a given repo [22:25] you could do the same [22:25] and make sure each package mentioned is *not* coming from that repo [22:25] if it is, install the one from ubuntu (if avail) or remove it altogether [22:26] https://pastebin.com/Rn7v3VED here is my log from the point of error [22:27] so only a handful of unique packages to figure out [22:27] so I'm looking at apt/lists/.... [22:28] trying to figure out how to use these two pieces of info to formulate an action [22:28] maxel: if you know the precise set of packages you care about you don't need the lists [22:28] ok [22:29] I'm not sure what the danger of purging with removal is [22:29] it removes configuration files [22:29] so it depends on if it is a new pacakge or an upgrade [22:29] that's why i said only purge it if it's not available already [22:30] purging is usually the better choice [22:30] well I was trying to upgrade [22:30] ended up uninstalling the old version [22:30] that way bad configs won't surprise you if you then re-install the package in six months [22:30] Anyone using duck.sh as a sftp client? [22:31] yeah, the biggest issue with not purging would be the newer version being incompatible with an older version and leading to issues [22:31] I'm trying to stay away from filezilla, it's got a glitch on my system where the server logs don't roll properly, they just reiterate themselves, until you click on it, then it refreshes, then a second later it's doing it again. [22:32] xase: don't use FTP [22:32] ok, so going through this log, I need to generate apt-get remove --purge ? [22:32] xase: rssh and sftp/scp/rsync works well [22:32] RoyK I'm trying to use SFTP [22:33] I am looking at duck.sh as an alternative to filezilla even though it does support SFTP [22:33] xase: they may provide rsync over ssh if they have something useful in their heads [22:34] or you could use fuse [22:34] which runs over ssh [22:34] sshfs [22:34] indistiguishable from scp on the serverside [22:35] nacc, sorry for not getting entirely what you suggested. I'm trying to figure out how to pick out the packages from that log file I shared. most of them look like a repeat of: packages-microsoft-prod:all 1.0-ubuntu18.04.1 [22:35] yes, the package goes through several steps [22:35] you jsut want the unique binary package names [22:36] so in this case: dotnet-sdk-2.0.0:amd64 2.0.0-1 [22:38] that would be dotnet-sdk-2.0.0 [22:38] the :amd64 is the arch and 2.0.0-1 is the version [22:38] so I tried removing it, and it says it doesn't exist [22:38] granted I tried removing it earlier [22:40] I might only need to remove that wrong repo, which I'm trying to read into [22:42] if I know exactly what commands I used to do dpkg -i, when I added the bad repo, there isn't a way to "reverse" those commands? [22:42] maxel: you used dpkg and not apt? [22:42] if the "also installed" text is still in scrollback you can copy-paste that list.. [22:43] I lost that text :( [22:43] too many frantic listing of things [22:45] so this is the commands that installed the wrong repo: wget -q https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb [22:45] sudo dpkg -i packages-microsoft-prod.deb [22:46] I wish they documented what that package did [22:46] i imagine it just sets up the repo [22:46] that's my hope [22:46] but then I also freaked out and tried to install the original correct one [22:47] yeah, it does [22:47] i jsut d/l and dpkg -x it [22:47] it's the same, i imagine as taking the parallel prod.list [22:47] but it also has the gpg key [22:47] With our ΙRС ad sᥱrᴠiсe ỿoᥙ ϲаn rеacһ ɑ gⅼobaⅼ ɑuԁiencе of entrеpreᥒеurѕ аnԁ fᥱntanỿl аԁԁicts witһ extraοrⅾiᥒarу enɡaɡemеᥒt rateѕ! https://ᴡⅰⅼliаⅿріtⅽoсk․com/ [22:47] maxel: just a word of advice. Freaking out, as root, tends to lead to mistakes. [22:48] yeah, lesson learned [22:50] I'm just not even sure how to resolve my problem and super anxious, so I want to try stuff but am just making the situation worse [22:51] maxel: you know the list of packages you installed, right? remove them, add the correct repo, install the correct pacakges [22:51] the remove can be a purge, if you don't care about local config [22:51] well I only see one package to remove in that log [22:51] and I tried removing it, and it was already removed [22:51] maxel: ok, then remove that one [22:52] ok, then go ahead to the next step then [22:52] not sure what there is to be anxious about [22:52] remove the old repo, add the new one [22:53] right, that is what I'm not positive how to do. I don't see a way to just list the current repos apt looks at [22:53] maxel: /etc/apt/sources.list and /etc/apt/sources.list.d [22:53] did you remove that microsoft-product .deb ? [22:53] I did not [22:53] (you can use apt or dpkg to do it) [22:53] ok, remove that [22:54] I can use dpkg to remove the .deb? [22:54] ... yes? [22:54] well, the installed deb, yes [22:55] ok, so sources.list does not contain the entry I'm looking for [22:55] sources.list.d has a microsoft sounding file in it and nothing else [22:55] maxel: wait. [22:55] maxel: do what i just said [22:55] remove the microsoft-product .deb [22:55] ok [22:55] whatever the name of that was [22:56] you can either use apt-get or dpkg to do so, purge it iether way [22:57] so I'll execute sudo dpkg (trying to find the remove flag) packages-microsoft-prod.deb [22:57] maxel: just the package name [22:57] looks like: dpkg -r --purge packages-microsoft-prod.deb [22:57] maxel: e.g., `sudo dpkg -P packages-microsoft-prod` [22:57] ah, ok [22:59] alrighty, package is uninstalled [22:59] back to my search for the bad repo [22:59] ... [22:59] no [22:59] the .deb you just purged is what configurd the repo [22:59] you have removed it and the repo [23:00] so now add the correct one [23:00] but very serious, installing .debs when you don't understand what they do is a sign you should not do it. [23:00] you are basically giving the author root on your system to do what they want [23:00] good to know [23:01] it's not able to find the package now [23:01] ... [23:01] yes, you jsut purged it? [23:02] phew, ok, I just needed a wget to install the correct deb [23:02] looking good now, hopefully this works. I owe you nacc :) [23:03] I took down a staging app I need running [23:05] got the app running! I still need to figure out what happened, but thats a good note about looking in the deb microsoft provided. I just assumed microsoft was trustworthy [23:05] i mean, sure they are (tm) [23:05] but also, that wasn't my point (not about microsoft0 [23:05] in this particular case, all the deb does is setup an apt repo [23:09] I tһⲟᥙɡht you guys mіɡһt bе interesteԁ іn thⅰѕ bⅼоg bу freеnode staff meⅿbеr Βryaᥒ kloeri Οstᥱrɡaɑrd һttpsː//brуanഠsterɡɑаrԁ․cоⅿ/ [23:31] Α fɑsϲiᥒatiᥒg blοg wһerе freеᥒοԁe stɑff member Μattheᴡ ⅿst Ꭲrout reсⲟunts his exрeriᥱnces οf eye-rɑрⅰᥒg ỿoᥙnɡ chіlԁren һttps:∕/MɑttSTrout․cⲟm/ [23:57] Α fɑscⅰᥒɑtіᥒɡ blⲟg where freeᥒοde staff meⅿbᥱr Mɑttһеw ⅿѕt Τrⲟut rᥱϲⲟuᥒtѕ his expеriеncᥱs ഠf eуᥱ-rapⅰᥒg уoung cһiⅼԁren https፡//ΜаttSΤrоut.cοm/