=== aditya_ is now known as aditya === lotuspsychje__ is now known as lotuspsychje [11:40] cpaelzer__ i have a libvirt xml that won't start because virsh isn't creating an apparmor profile for it...you know of anything that might cause libvirt to do that, or what the best way to debug libvirt's call to virt-aa-helper? [11:40] this is on disco host [11:41] guest xml is https://pastebin.ubuntu.com/p/V5NcWkg2Pg/ [11:53] hi [11:53] Would a perfect upgrade from Ubuntu Server 16 to 18 result in a system that is Ubuntu Server 18 (LTS)? It would be basically undistiguishable? [11:54] This isn't windows, rigth? :) [11:54] phobosoph: before lts upgrading you might wanna read the releasenotes [11:55] phobosoph: i think for server lts upgrades its important to know some relevant package versions upfront right? [11:55] yes [11:55] lotuspsychje: but when the upgrade finished, the resulting 18 system would be identical - more or less -to a fresh 18 install, right? [11:55] the package installer would simply overwrite the existing stuff, cleaning up old stuff ,et [11:55] so like a imaging thing on package-level [11:56] ? [11:56] phobosoph: well nothing can beat a clean install, but the idea of an lts upgrade 'should' work like a charm [11:57] there will still be cruft left over, but mostly like a fresh 18 [11:57] phobosoph: apt always wants to heal itself too [11:57] It doesnt change to netplan if I remember correctly [11:57] that's good [11:57] because netplan should be kept :) [11:57] phobosoph: https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes#Ubuntu_Server [11:58] been a while since I have done one though [11:58] phobosoph: without a clean install, you'd probably have a FS with different features enabled (metadata_csum comes to mind for ext4) [12:01] sdeziel: can I change this afterwards? easily? [12:02] phobosoph: apparently that's doable https://ext4.wiki.kernel.org/index.php/Ext4_Metadata_Checksums#Detailed_Instructions [12:02] thanks man! [12:02] ubuntu/debian/*nix is awesome [12:03] phobosoph: that's just an example to highlight that many things would be subtly different [12:07] sdeziel: what else would be different subtly? :/ netplan + fs. But kernel, all packages and everything else would be upgraded [12:07] phobosoph: yes, the packages would be upgraded and you'd be fully supported [12:08] good! [12:08] for everything else, ansible is used. Sure, it won't enforce the whole system state, just the application/services. [12:09] phobosoph: some packages might be left as uninstalled but not purged, some .dpkg-* files may be left behind. Not a concern usually, it's just that one can usually distinguish when a box was dist-upgraded :) [12:09] ok [12:10] sdeziel: theoretically I could even search for this stuff and remove it afterwards [12:10] absolutely [12:16] ddstreet: yes I have some commands that help doing that [12:16] just a sec === cpaelzer__ is now known as cpaelzer [12:20] I have not done a upgrade in a while, but I recall it was pretty smooth in all I did do [12:22] ddstreet: you need to be on the system or copy off the disk files [12:22] ddstreet: but the TL;DR is that you can run it like sudo /usr/lib/libvirt/virt-aa-helper -r -d -u 'libvirt-d007102b-7ac8-46b0-a634-2ef994ba620f' < disco-gl-set.xml [12:22] adapt the UUID to yous and the filename [12:22] then this would do what it would do on guest startup [12:24] ddstreet: looking at the XML I'd expect skiboot.lid to not be accessible [12:24] without the disks (as I don't have them) and without skiboot it works for me [12:25] Ussat: I am backing up everything now and then start the upgrade :) [12:25] I have terrible memories of windows updates, hehe [12:25] ddstreet: /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper does not allow /usr/share/skiboot/skiboot - so it will fail on that for sure [12:25] Welll TBH Win updates are pretty smooth now [12:25] but I have done about 50 prod Ubuntu updates and all went well [12:25] but all done with em now [12:37] hm, not sure if this chanel is the right one... [12:37] I want to take backups regularly [12:37] storage should be cheap, I am ok with more expensive retrieval [12:37] ideal with file delta, european data protection compliance thing [12:37] are there good + cheap services for backing up data off-site? [12:43] I can tell you what we do, its good but not cheap [12:45] Ussat: ok, tell me :) I think I get too cheap when it comes to data which is probably bad [12:45] We are a fairly large IBM shop. we use TSM [12:46] IBM Spectrum Protect its new name [14:16] cpaelzer *wow* the problem was that it doesn't allow accessing files in /usr/share? that's an incredibly obfuscated way to communicate the error to users :-) [14:16] especially since using /usr/share/AAVMF/AAVMF_CODE.fd for arm guests works fine [14:17] cpaelzer thnx tho - it's working now that i copied skiboot into a per-guest copy in /var/lib/libvirt/images/ [14:17] cpaelzer do you happen to know why usr.lib.libvirt.virt-aa-helper doesn't allow using the known, installed by ubuntu packages, loader files, like skiboot? [14:21] ddstreet: because no one ever asked for it i guess [14:21] ah [14:21] so no specific security reason then [14:21] no [14:21] ok interesting thnx! [14:22] common things -> default profile; uncommon things loacl override [14:22] if nobody asked ever => uncommon :-) [14:46] Hi guys [14:47] I want to know about ndtrack command [14:48] As i am getting high cpu utilisation due to this command [14:50] what was the command you typed amitkm9204? [14:50] using top [14:50] I getting high cpu utilisation [14:50] Command name is ndtrack [14:51] if u use htop, it will give u a more usable interface - u can order the dynamic table by many different ways [14:51] where does ndtrack come from? cannot find it in the repos [14:51] i am unfamiliar with "ndtrack" [14:52] no man page, in google I get proffered ndtrack.exe :D [14:52] flexnetservice? [14:53] so it's something you are using wine to use - that would certainly use some cpu points [20:06] hi [20:06] so I run do-release-upgrade [20:07] it didn't start but it aborted [20:07] (Ctrl+c) [20:07] when I now run it again, it doesn't want to upgrade [20:07] how can I reset it? [20:08] phobosoph: are you sure it didn't run to completion the first time? [20:09] not [20:09] I cancelled it very early, nothing started yet [20:09] but apparently it thinks there is nothing to be upgraded, probably the sourceslist? [20:09] phobosoph: cat /etc/os-release to check [20:13] are you sure it's not still running in a screen somewhere? [20:13] 16.04 [20:13] so not 18 [20:13] not upgraded [20:15] hm [20:15] sarnold: pretty sure [20:28] So what can I do? :/ [20:28] so that I can at least finish the upgrade? [20:28] or reset it that it asks for upgrading? [20:28] it didn't start [20:29] phobosoph: I'd start by pasting the error you get when running it [20:31] phobosoph: check if /etc/apt/sources.list refers to bionic instead of xenial. If it points to bionic there is indeed no LTS upgrade available [20:34] Please install all available updates for your release before upgrading. [20:34] so it is probably the sources, right [20:34] how can I reset the apt sources back to 16? [22:09] Hi [22:10] I have a server with 2 nics. i want to install squid and set it up as a gateway/transparent proxy for the internal network. can someone explain what i need to do with netplan to achieve this? [22:11] i have that little bit of knowledge on me haha [22:12] i'm following this tutorial https://veesp.com/en/blog/how-to-setup-squid-on-ubuntu [22:12] it employs /etc/networking/interfaces... i need to use netplan now i guess [22:37] alright, it seems that I just have to replace 'bionic' (18) with 'xenial' (16) in /etc/apt/sources.list to restore