[08:15] <ansyeb> hello. so I found ssh remote forwarding on one of my servers. tunnel is litening on :22001. how to find out where the other side of that tunnel is?
[08:31] <lotuspsychje> ansyeb: see also the #openssh channel
[08:32] <ansyeb> already talking there
[08:32] <ansyeb> but the solution doesnt work for me yet ((
[08:33] <lotuspsychje> ansyeb: can nmap help you findout ?
[08:52] <herald85> goodmorning everyone. new attempt: I keep having issues with apt trying to download linux-headers but failing. I've tried several mirrors but it keeps saying "Failed to fetch http://gb.archive.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-4.4.0-141_4.4.0-141.167_all.deb" .
[09:17] <tomreyn> herald85: did you run "sudo apt-get update" before you tried to install the headers? also, there should have been a second line of out put regarding this gb.archive.ubuntu.com server which should explain why it failed. please post the full output tpo a pastebin. note that i may have to leave any minute now, but this will help others diagnosing this issue.
[09:20] <tomreyn> ansyeb: try "netstat -plnt | grep -F ':22001'" or "lsof -i :22001"
[09:20] <herald85> tomreyn:   https://gist.github.com/fboux0/8fa835fd5ef2dfbff659a7a51524d9dc   only three packages because I installed the rest with ' apt upgrade --fix-missing' which cause apt to skip the headers
[09:25] <tomreyn> herald85: let's ignore gb.archive.ubuntu.com for now and focus on security.-ubuntu.com, which there are also errors with (probably for the same reason). your system resolves the security.ubuntu.com hostname correctly to 91.189.88.152 but fails to connect to it. this can be due to firewalling on your LAN (your ubuntu system, your router, the router / firewall of the network your computer is in).
[09:26] <tomreyn> another possible explanation is that your internet provider routes traffic to this ip address to a mirror server they run, but this is less likely, and they shouldn't be doing that for security.ubuntu.com.
[09:28] <tomreyn> herald85: got to run. i *may* be back in 10 minutes.
[09:53] <tomreyn> herald85: i'm back if you still need support - i've missed anything you may have said since i last spoke, though (feel free to PM).
[09:54] <herald85> tomreyn:  thanks , I wanted to verify on the fortigate but the firewall dudes are MIA
[09:57] <tomreyn> hehe, the common issue. you should run a fortimanager (virtual) appliance (in a VM) so everyone who is entitled to can view (but not modify) the current configuration.
[09:57] <herald85> I updated the gist if I try just wgetting a random file on security.ubuntu it works, if I try the linux-headers via security.ubuntu ... nothing.
[09:58] <tomreyn> i'd need the url again, lost all context
[09:58] <herald85> https://gist.github.com/fboux0/8fa835fd5ef2dfbff659a7a51524d9dc
[09:58] <herald85> oh ... wait... it worked now. huh.
[10:01] <herald85> wget failed 4 times then the 5th it was able to download
[10:01] <herald85> does this work for you ?        wget http://security.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-4.4.0-138_4.4.0-138.164_all.deb
[10:04] <tomreyn> herald85: yes, this works
[10:04] <tomreyn> you should use curl to test, though, with the --resolve option
[10:05] <tomreyn> herald85: i assume that some of the ip addresses security.ubuntu.com resolves to are whielisted in your firewall, but not all of them
[10:05] <herald85> mmh could be
[10:06] <herald85> they assured me it wasn't blocked but well .. let's visit them again :) thanks tomreyn
[10:06] <tomreyn> hmm no actually this theory is false since your gist shows that you had both a successful download and an error on this same ip address.
[10:09] <tomreyn> so you have intermittent tcp connect issues to http://91.189.88.152:80
[10:11] <herald85> I'm going to try rule out any network issues first, test outside firewall etc
[10:14] <tomreyn> sounds good.
[10:21] <tomreyn> herald85: things you can try: tracepath / mtr / traceroute, to see whether your route is to the target is mostly static and whether there is may be a broken router somewhere.
[10:24] <tomreyn> also: sudo apt-get -o 'Debug::Acquire::http=1' update
[10:24] <tomreyn> for a workaround, switching to https *may* work, but not all mirrors support it
[10:26] <tomreyn> https://github.com/tomreyn/scripts/blob/master/ubuntu_archivemirrors_https returns a lit of archive mirrors supporting httpS, but doesn't check whether they support your release or mirror security patches.
[10:43] <ansyeb> hello. "ln -snf /srv/www/.shared/TEST $WORK_DIR/releases/$TIMESTAMP/TEST" on a machine works well. but when executed by gitlab-runner over ssh, somewhy it cuts the /srv/www/.shared part and virtually tries to ln /TEST that does not exist
[10:44] <ansyeb> why???
[10:44] <ansyeb> of course fails and I can not deploy
[10:44] <ansyeb> executed as same user, both manually and during a job
[10:46] <tomreyn> ansyeb: is this an ubuntu system, since /srv/www is not a standard path on ubuntu
[10:47] <ansyeb> Ubuntu 16.04.1 LTS
[10:47] <ansyeb> path can be anything
[10:47] <tomreyn> uh, do you not install security patches then?
[10:47] <ansyeb> could this be the reason to my issue?
[10:47] <tomreyn> 16.04.5 is current
[10:48] <tomreyn> unlikely
[10:49] <tomreyn> but it'll be difficult to diagnose this without more context, and even then it looks very much like a scripting issue, not one with ubuntu
[12:22] <dexterfoo> hello. i have an ubuntu server hosted on digital ocean. with the default install, will the system clock ever be adjusted? do i need to set up automatic adjustment to the system clock if i am doing regular web stuff?
[12:24] <ahasenack> kstenerud: hi, can you perhaps run the verification steps of https://bugs.launchpad.net/ubuntu/+source/tomcat8/+bug/1606331, since the reporter hasn't yet?
[12:25] <ahasenack> I'm cleaning up pending MPs, and found that one
[12:25] <kstenerud> sure
[12:26] <ahasenack> I have one like that myself, backuppc
[13:10] <rbasak> dexterfoo: systemd-timesyncd is enabled by default on Bionic. And Xenial I think.
[13:11] <rbasak> For how that impacts DO's virtual environment you'll have to ask their support I guess.
[14:19] <ansyeb> anyone using gitlab here? gitlab IRC channel is pretty much dead
[14:26] <lotuspsychje> !crosspost | ansyeb
[17:21] <Deihmos> Any use auto mount on server 18.04
[17:22] <Deihmos> Testing Ubuntu server. Hard as hell configuring things without a GUI. How do you manage?
[17:25] <teward> Deihmos: research and learning how everything works on the CLI :P
[17:25] <teward> lots of time and effort into that too
[17:45] <baffle> Deihmos: Experience helps..
[17:58] <Ussat> whats a GUI ?
[18:22] <sarnold> Deihmos: after a while I suspect you'll find the gui gets in the way more than it helps. it's not a bad way to keep multiple terminals visible on screen at once..
[18:23] <sarnold> Deihmos: once a guy needed to issue a command along the lines of: "sudo chmod 755 /var/www
[18:23] <teward> sarnold: i'm sorry don't you mean `chmod 777` :P
[18:23] <sarnold> Deihmos: .. and proceeded to spend four hours figuring out how to run nautilus as root and wreck the permissions on who knows how many other files ...
[18:23] <sarnold> teward: lol
[18:24] <Deihmos> Nah too much typing
[18:24] <Deihmos> Time consuming
[22:27] <Deihmos> will this work to remote desktop https://www.interserver.net/tips/kb/install-xrdp-ubuntu-server-xfce-template/
[23:08] <tomreyn> Deihmos: unless you insist on using the rdp protocol, i'd recommend using either x2go or (ssh tunneled) vnc instead.
[23:08] <Deihmos> all my other computers are windows and at work i have windows
[23:08] <Deihmos> i cannot install those software but can rdp
[23:09] <Deihmos> if i install that wouldn't the server boot to a gui?
[23:09] <Deihmos> or can i have the gui only when i rdp
[23:12] <tomreyn> it will need to run the daemons but doesn't have to do the graphical processing.
[23:13] <tomreyn> the right way to manage a linux server remotely is, of course, through the shell, though
[23:13] <Deihmos> too tideous to move files
[23:13] <tomreyn> why so?
[23:13] <Deihmos> tedious
[23:14] <tomreyn> you can still use a GUI on the client
[23:14] <Deihmos> like if i want to transfer a file from my local pc to a folder on ubuntu server it is just too much of a hassle
[23:14] <tomreyn> if you have a windows client, you could use winscp for example
[23:14] <Deihmos> or auto mount my usb is a hassle
[23:14] <Deihmos> by installing gnome disks i can get it up and running with a few clicks
[23:15] <tomreyn> enabling automounting is a one-time configuration
[23:15] <Deihmos> not sure which guide to follow
[23:16] <Deihmos> so many different methods. gnome disks has a setting to auto mount. i wonder if it edits whatever file that is needed
[23:17] <tomreyn> https://help.ubuntu.com/community/Mount/USB#Auto-mounting_.28Ubuntu_Server.29
[23:18] <Deihmos> i followed that guide. recommends installing usbmount but it didn't work
[23:18] <tomreyn> i assume gnome-disks uses gio
[23:18] <Deihmos> yes and it is simple
[23:18] <tomreyn> "didn't work" isn't going to get you very far in terms of volunteer support ;-)
[23:19] <tomreyn> but if you got a solution you are happy with, that's cool
[23:19] <Deihmos> i searched and there is some issue with 18.04 and usbmount
[23:20] <tomreyn> i'd say: whatever floats your boat.
[23:23] <sarnold> Deihmos: iirc putty supports sftp
[23:23] <sarnold> Deihmos: if it doesn't, find a windows client that does..
[23:40] <tomreyn> well winscp (despit ethe name) does, and surely has a better gui than putty.