[00:05] <tanja84dk> I have a small issue I'm trying to manually add a ca cert to a linux server I manage for someone else ( he runs every connection over internal proxy ) but for some reason update-ca-certificates does not pick up the cert I have added
[00:05] <tanja84dk> how come does it not pickup the newly added cert when I update the cert database? I did put it in /usr/share/ca-certificates/extra/
=== Sveta_ is now known as Sveta
[02:31] <dirtycajun> has anyone gotten arm64 working on the RPi 3 B+ ? Ive been fighting this for about 2 hours to no avail
[02:32] <lotuspsychje> !arm | dirtycajun can this help?
[02:32] <ubottu> dirtycajun can this help?: ARM is a specific (RISC) processor architecture used in a variety of applications such as handhelds and networkdevices. For more information see https://wiki.ubuntu.com/ARM . For ARM specific support, stop by the #ubuntu-arm channel.
[02:33] <dirtycajun> ah. have to go to another channel. roger
[02:33] <dirtycajun> actually that channel is for v6/v7
[02:35] <lotuspsychje> what does that mean dirtycajun
[02:35] <lotuspsychje> maybe if you explain your issue, volunteers can try to think along?
[02:39] <dirtycajun> https://wiki.ubuntu.com/ARM/RaspberryPi#Ubuntu_arm64.2FAArch64
[02:39] <dirtycajun> i followed the wiki arm64 documentation to a T
[02:39] <dirtycajun> but it will not even load the bootloader
[02:39] <dirtycajun> with armhf (v7) it boots just fine
[02:46] <gislaved> please don't tell me netplan is buggyu as hell ?
[02:46] <gislaved> *buggy
[07:39] <lordievader> Good morning
[09:20] <ducasse> cpaelzer: i didn't get around to filing the debian libvirtd bug until this morning, it's number 921713
[09:22] <cpaelzer> ducasse: thanks and ... subscribed
=== Jezus is now known as Remy
=== Remy is now known as Remy^
[11:18] <ahasenack> hi, anyone here familiar with systemd's .path files? To start units if certain path related conditions are met?
[11:18] <ahasenack> I'm trying to prevent the zpool import service from running until I have unlocked the luks-encrypted drives, it's a mirror pool
[11:18] <ahasenack> so I created /etc/systemd/system/paths.target.wants/zfs-import-cache.path
[11:18] <ahasenack> with: https://pastebin.ubuntu.com/p/Q9mckDqbVy/
[11:19] <ahasenack> but it seems to start as soon as one path exists, and I need both to be there (it's a mirror)
[11:19] <ahasenack> in other words, is that conditional an OR or an AND? The manpage isn't clear
[11:20] <ahasenack> actually, the file is /etc/systemd/system/zfs-import-cache.path
[11:21] <ahasenack> it's for the zfs-import-cache service
[11:25] <ahasenack> maybe I need to specify the two paths under one directive
[11:25]  * ahasenack tries that
[11:33] <ahasenack> hm, no, doesn't seem to work at all
[11:44] <ahasenack> rbasak: when you have a moment, I'd like to talk about https://code.launchpad.net/~orion-cora/ubuntu/+source/sssd/+git/sssd/+merge/362837
[12:04] <rbasak> ahasenack: o/
[12:04] <ahasenack> rbasak: his patch is good, but I want to add dep8 tests on top
[12:04] <ahasenack> rbasak: my options?
[12:04] <ahasenack> rbasak: a) I add it, add myself to d/changelog, upload that
[12:04] <ahasenack> rbasak: b) I ask him to do it, upload that
[12:05] <ahasenack> or something else
[12:05] <ahasenack> in the case of (a), what happens to the mp?
[12:05] <rbasak> You asked him already, right?
[12:05] <ahasenack> I did last night
[12:05] <ahasenack> but I also have (a) ready
[12:05] <rbasak> If you add to his commits and then upload tag the result, the MP should automatically get marked as merged I believe.
[12:06] <rbasak> I would make the " -- Orion..." tagline use your name unless he signs off on it.
[12:06] <ahasenack> and in the case of (a), d/changelog would have to list myself instead of him in the authorship line, right? I would just keep his name in []
[12:06] <rbasak> But he'd still get credit with the "[Orion..." section.
[12:06] <ahasenack> right
[12:06] <rbasak> You don't have to do it - nothing will stop you doing otherwise.
[12:07] <rbasak> But it feels to me that the bottom tagline is a sign-off on the whole upload.
[12:07] <ahasenack> so if (a), use my name in the tagline, his name in []
[12:07] <rbasak> Yes
[12:07] <ahasenack> if (b), I'm just in []
[12:07] <rbasak> Right
[12:07] <rbasak> And in (a), you'd also have a [] section to yourself too of course.
[12:07] <ahasenack> and we are not sure about what happens to the MP in the case of (a)
[12:08] <rbasak> I'm pretty sure that the MP will automatically be marked as merged.
[12:08] <rbasak> 90%
[12:08] <ahasenack> but d/changelog would not match
[12:08] <ahasenack> since I would be changing the tagline
[12:08] <rbasak> It's not required to match.
[12:08] <rbasak> git-ubuntu only cares that the upload tag commit tree matches the dput exactly.
[12:09] <rbasak> If so, the upload tag will end up as part of ubuntu/xenial-devel's history.
[12:09] <ahasenack> ok
[12:09] <ahasenack> it will, but his mp has something that won't be merged
[12:09] <ahasenack> and that's the d/changelog as he wrote it
[12:09] <rbasak> Launchpad machinery does the MP automatic mark as merge. To work that out, Launchpad only cares that the proposed branch of an MP has become an ancestor of the target branch, which it will be.
[12:09] <ahasenack> ah, ancestor
[12:09] <ahasenack> gotcha
[12:09] <rbasak> You'll have added a commit to the end of his branch changing d/changelogl
[12:10] <ahasenack> my branch will have his as part of my history
[12:10] <ahasenack> right
[12:10] <rbasak> So long as you don't rebase his branch, and only build on it, it should be fine.
[12:10] <rbasak> Right
[12:10] <ahasenack> very cool
[12:10] <ahasenack> ok, thanks
[12:10] <ahasenack> I might as well do (a) then, I don't want to lose this fix again
[12:10] <rbasak> The only bit of this I'm not totally sure about is Launchpad's machinery.
[12:10] <ahasenack> but I was worried about the perception to him, if he would see his branch being rejected or sometihng
[12:10] <kstenerud90> I'm getting a strange error from autopkgtest-build-lxd:
[12:10] <rbasak> I assume it cares only about the ancestor.
[12:11] <rbasak> But if not, just mark the MP as Merged manually :)
[12:11] <ahasenack> sure
[12:11] <kstenerud90> $ autopkgtest-build-lxd ubuntu-daily:disco/amd64
[12:11] <kstenerud90> Detected local apt proxy, using http://10.105.237.1:3142 as container proxy
[12:11] <kstenerud90> Creating autopkgtest-prepare-oLv
[12:11] <kstenerud90> Starting autopkgtest-prepare-oLv
[12:11] <kstenerud90> Timed out waiting for container to boot
=== kstenerud90 is now known as kstenerud
[12:11] <ahasenack> kstenerud: it's possible it cannot reach the proxy
[12:11] <ahasenack> between Starting and Timed out, you have some time, you can lxc exec into it and poke around
[12:11] <kstenerud> ahasenack: I'm not sure why it's even trying to use a proxy, let alone a proxy on address .1
[12:12] <ahasenack> kstenerud: do you have apt-proxy installed, something like that? env vars set?
[12:12] <ahasenack> might also be set in /etc/apt/apt.conf.d/*
[12:12] <kstenerud> No apt-proxy. Not sure hat env vars to look for
[12:12] <ahasenack> env|grep -i proxy
[12:12] <ahasenack> and grep -i proxy -r /etc/apt
[12:13] <ahasenack> lxd might also have a proxy configured, that's via lxc config ....something I don't remember.....
[12:13] <kstenerud> gmm
[12:13] <kstenerud>  /etc/apt/apt.conf.d/01acng:Acquire::http::Proxy "http://127.0.0.1:3142";
[12:13] <kstenerud> What would have caused that?
[12:14] <ahasenack> apt install apt-cache or what is its name
[12:14] <ahasenack> although "01acng" is a funny name
[12:14] <kstenerud> weird... it's apt-cacher-ng. I've uninstalled it
[12:14] <ahasenack> purged?
[12:15] <ahasenack> although "remove" should have disabled that I believe, since the service is removed
[12:15] <kstenerud> I don't even remember installing it to begin with... weird
[12:15] <ahasenack> you were asking about it the other day
[12:15] <kstenerud> yeah, I messed with installing it in an lxd container
[12:16] <kstenerud> maybe I mistyped and installed it in my host...
[12:16] <ahasenack> maybe you confused prompts and did in on your host too
[12:16] <ahasenack> yeah
[12:17] <kstenerud> wow... even apt purge doesn't get rid of the file
[12:19] <kstenerud> OK, cache gone, but autopkgtest still times out. According to the logs, nothing's happening
[12:20] <kstenerud> hmm
[12:20] <kstenerud> Feb  8 12:20:27 autopkgtest-prepare-xwc snapd[505]: handlers.go:394: Reported install problem for "lxd" as eaf84f2a-2b9b-11e9-9d86-fa163e102db1 OOPSID
[12:21] <kstenerud> Same error I saw when disco tries to update snapd
[12:27] <kstenerud> Might be related to https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1815173
[12:27] <ubottu> Launchpad bug 1815173 in snapd (Ubuntu) "snapd package upgrade hangs in disco container" [Undecided,New]
[12:39] <ahasenack> kstenerud: login and poke around
[12:39] <ahasenack> kstenerud: and/or list processes from the host, you should see the container processes
[12:40] <ahasenack> and it could still be a network/proxy issue, you can check with netstat if there are SYN_SENT connections for example, or what it is trying to reach
[12:41] <kstenerud> autopkgtest-build-lxd ubuntu-daily:cosmic/amd64 works fine; disco hangs and dies
[12:51] <ahasenack> rbasak: git question, any idea why that zz* file is showing up in "git add -i untracked", but not in git status? I also tried "git status --ignored": https://pastebin.ubuntu.com/p/HxW8Z7VWkZ/
[13:00] <rbasak> ahasenack: it skips entire untracked directories I think.
[13:00] <rbasak> ahasenack: try "git status -u --ignored" maybe?
[13:00] <ahasenack> rbasak: ah, then it shows up
[13:00] <ahasenack> $ git status -u --ignored|grep zz
[13:00] <ahasenack> 	debian/initramfs-tools/share/hooks/zz-dhclient
[13:01]  * ahasenack should add a "git realstatus" alias
=== jelly-home is now known as jelly
[13:59] <ahasenack> rbasak: git workflow logical step question
[13:59] <ahasenack> rbasak: we have a delta which is adding an apparmor profile
[14:00] <ahasenack> rbasak: at some point later, that apparmor needed a fix, and that has a bug number
[14:00] <ahasenack> rbasak: so now the delta looks like a) add apparmor profile; b) fix apparmor profile (#XXXXXX)
[14:00] <ahasenack> rbasak: I would squash those two together and leave just "add apparmor profile"
[14:00] <ahasenack> rbasak: but then I would lose the bug number from the changelog entry, is that relevant?
[14:00] <ahasenack> rbasak: I think not, because it will be mentioned in older changelog entries
[14:05] <rbasak> ahasenack: I agree. You can drop the bug reference and rely on older changelog entries.
[14:05] <ahasenack> ok
[15:45] <ahasenack> hi, does anybody know what's wrong with https://pastebin.ubuntu.com/p/Q9mckDqbVy/ ? I need a logical "AND" between those two path conditions, but what I'm seeing is that as soon as one of those two paths becomes available, the corresponding unit is started
[15:53] <sdeziel> ahasenack: have you tried ConditionPathExists instead?
[15:53] <ahasenack> sdeziel: that is for service units, not path "units"
[15:54] <ahasenack> but yes, I tried that for the actual service unit
[15:54] <ahasenack> it won't start then, but I would like it to automatically start then those paths become available
[15:54] <ahasenack> if I use ConditionPathExists in the foo.service file, I have to, after unlocking the disks, issue a restart for foo.service
[15:54] <ahasenack> with .path, this happens automatically
[15:56] <sdeziel> ahasenack: I'd see what #systemd folks have to suggest
[15:58] <sdeziel> ahasenack: but if I understood your requirements properly, in the .path I'd use both PathExists but would add the 2 corresponding ConditionPathExists clauses in the .service
[15:59] <sdeziel> ahasenack: this would kick the .service as soon as one of the PathExists is matched but then the ConditionPathExists that are logically AND'ed in the .service would do what you want, I think
[15:59] <lordcirth_> sdeziel, that would cause the service unit to start when 1 is up, then stop because both aren't up
[16:00] <sdeziel> lordcirth_: I was hoping it wouldn't start due to the other ConditionPathExists not being met
[16:00] <lordcirth_> ahasenack, What about making a 2 .path units, then making the service dependent on both?
[16:00] <lordcirth_> sdeziel, docs say that if ConditionPathExists is false, it will count it as started but do nothing
[16:02] <ahasenack> sdeziel: the service is being kicked just fine
[16:03] <ahasenack> but too soon. Just one path of those 2 needs to exist
[16:03] <lordcirth_> ahasenack, I think .service depending on 2 .paths is the correct answer
[16:03] <sdeziel> ahasenack: could you share the .service too?
[16:03] <ahasenack> sure, it's a standard ubuntu one
[16:04] <ahasenack> https://pastebin.ubuntu.com/p/jZSHB8rPPG/
[16:04] <ahasenack> and the corresponding .path one: https://pastebin.ubuntu.com/p/5k2gXgxx2w/
[16:05] <ahasenack> I have disabled zfs-import-cache.service
[16:05] <ahasenack> I even get a warning when I do that, saying that the corresponding .path service might still start it
[16:06] <ahasenack> the manpage allows for multiple conditions, but fails to explain how they are considered
[16:06] <ahasenack> "obvious", someone must have thought :)
[16:09] <lordcirth_> ahasenack, alternatively, have you considered getting ZFS 0.8 and using ZFS's built-in encryption?
[16:09] <lordcirth_> It's at rc3 status
[16:10] <ahasenack> my other laptop is using that
[16:10] <ahasenack> but this is for a home server nas-like, that I want to be able to reboot unattended and later login and unlock the disks, remotely
[16:10] <ahasenack> so far this other laptop is doing fine with 0.8
[16:10] <ahasenack> and nice initramfs integration, with just a small bug or two
[16:12] <lordcirth_> ahasenack, you can configure 0.8 to import the pool, do scrubs, etc on boot and then give it the key later
[16:13] <sdeziel> ahasenack: I just tested what I proposed and it worked
[16:14] <ahasenack> sdeziel: two .path services or what?
[16:14] <sdeziel> ahasenack: one .path (2 PathExists) and one .service (2 ConditionPathExists)
[16:14] <ahasenack> lordcirth_: yeah, that could perhaps work. Not on that laptop which has zfs on /, but on the nas, maybe. But I think I cannot zfs send anymore then, unless all my pools are 0.8
[16:15] <ahasenack> sdeziel: and if you remove the ConditionPathExists from the service, it stops working?
[16:15] <lordcirth_> yeah, you would need 0.8 to receive an encrypted pool
[16:15] <ahasenack> because then it should be like what I have. If it still works for you, then I have something else wrong
[16:15] <ahasenack> lordcirth_: 0.8 is the common destination, 0.7 would be the sending side. I remember testing this, but I can't remember in which direction
[16:15] <ahasenack> I think it was 0.7 to 0.8 and it failed, but I would have to retest to be sure
[16:15] <lordcirth_> that should work, but test
[16:15] <sdeziel> ahasenack: the 2 ConditionPathExists are need as it's where the logical AND is applied
[16:18] <lordcirth_> sdeziel, but ConditionPathExists doesn't do the right thing. He needs it to wait until both are true, then run the service. ConditionPathExists skips starting the service.
[16:19] <lordcirth_> ahasenack, btw, how did you install 0.8? Is there a .deb?
[16:20] <sdeziel> lordcirth_: ahasenack: my test stuff: https://paste.ubuntu.com/p/WCHtN2TxR8/ when I touch /tmp/foo-a, nothing happens with foo.service
[16:21] <sdeziel> foo.service only get started when I then touch /tmp/foo-b
[16:23] <sdeziel> after touching only foo-a, I get this: https://paste.ubuntu.com/p/P4vMsp8Yfv/
[16:25] <lordcirth_> So it starts then fails, yes
[16:26] <lordcirth_> sdeziel, and does it get automatically started again when you touch /tmp/foo-b?
[16:26] <sdeziel> lordcirth_: It never started until both conditions were met
[16:27] <sdeziel> I read "start condition failed" as "not starting due to unmet conditions"
[16:28] <lordcirth_> I see
[16:28] <sdeziel> the journal extract is from an older run which can cause some confusion
[16:29] <lordcirth_> The docs aren't very clear, then
[16:29] <ahasenack> brb, in a call
[16:56] <ahasenack> lordcirth_: from the make deb or sometihng target from upstream 0.8
[16:56] <lordcirth_> ahasenack, so you built a .deb?
[16:56] <ahasenack> yes
[16:56] <ahasenack> a bunch
[16:56] <ahasenack> one of which is a dkms
[16:58] <ahasenack> I should probably update the git branch and build new ones
[16:58] <ahasenack> something for the weekend
[16:59] <ahasenack> sdeziel: it still sounds like the .path file should be enough to trigger the start of the service, and that ConditionPathExists is just a safeguard
[16:59] <ahasenack> a safeguard that shouldn't be needed
[17:00] <lordcirth_> 0.8 is on rc3. Hopefully there will be a stable release soon.
[17:00] <ahasenack> I have rc2
[17:00] <ahasenack> 0.8.0-rc2_42_g06f3fc2a4
[17:03] <ahasenack> they are saying it's an OR :(
[17:14] <sdeziel> ahasenack: both PathExists from the .path do trigger the start of the service. The 2 ConditionPathExists are merely there to have the AND logic
[17:14] <sdeziel> ahasenack: the PathExists are documented to behave as OR conditions
[17:15] <sdeziel> ahasenack: so I don't agree on the "safeguard" word, I'd call this glue logic to have the 2 conditions AND'ed
[17:19] <ahasenack> I'll give it a try, now that it is established that the [Path] conditions are OR'ed
=== lotuspsychje_ is now known as lotuspsychje
[20:47] <TheHonorableKitt> Ok people's of the great majestic. I need ya help. Getting errors when I try to do apt-get update. Check it, please tell me what I have to do to fix these prollems without uninstalling software. https://pastebin.com/7eg2TUhy
=== TheHonorableKitt is now known as THKitten
[20:49] <sdeziel> TheHonorableKitt: wait a little (both for the mirror sync to complete and for your question to be answered...)
[20:49] <THKitten> wot?
[20:50] <THKitten> I've tried to do this update twice now, once three days ago, failed, and again today, failed. figured it was time to speak up
[20:51] <Poster> It looks like you're missing the public key for yarnpkg, please follow the instructions noted here with curl and apt-key add: https://github.com/WhitewaterFoundry/WLinux/issues/289
[20:51] <sdeziel> THKitten: hmm, I though you left but you renamed
[20:51] <THKitten> heh
[20:51] <THKitten> yeah I don't like the long name
[20:52] <sdeziel> and yes, either remove the yarnpkg repo or import the gpg key proper
[20:53] <THKitten> ok, ran the command mentioned in that link. tried again, still get errors: https://pastebin.com/p126MfuU
[20:55] <sdeziel> one less error
[20:55] <sdeziel> so linode mirrors are still sync'ing it seems but you have more problems with apt.typesafe.com
[20:56] <THKitten> yeah I dunno how to fix that one, I tried fixing it before but could never figure it out
[20:57] <Poster> Not finding their key listed, did you install the linked package? http://apt.typesafe.com/
[20:57] <lordcirth_> The package which contains the keys and is served without TLS... whyyy
[20:58] <THKitten> yeah I couldn't figure it out :(
[20:58] <lordcirth_> THKitten, did installing that package not fix it?
[20:59] <THKitten> one sec, I have to remember how to install debs.
[21:01] <THKitten> nope
[21:01] <THKitten> how do I find out what app is even using typesafe? I might not need it...
[21:07] <sarnold> remove it and see what breaks? :)
[21:07] <THKitten> lulz
[21:16] <lordcirth_> THKitten, https://www.ostechnix.com/list-installed-packages-certain-repository-linux/