[04:24] <lotuspsychje> good morning to all
[06:10] <lordievader> Good morning
[06:24] <ducasse> good morning
[09:12] <marcoagpinto> Hello!
[10:55] <BluesKaj> Howdy al
[10:56] <BluesKaj> err, Howdy all
[11:17] <gry> hi
[11:36] <lotuspsychje> http://www.phoronix.com/scan.php?page=news_item&px=PHP-7.3-Ubuntu-19.10
[13:16] <lordievader> Brr php
[13:19] <marcoagpinto> Hello BluesKaj and everyone!
[13:20] <marcoagpinto> I am editing video, sorry for not being active
[13:54] <lotuspsychje> hi kenperkins
[13:54] <kenperkins> some commentary in the news today regarding DNS over HTTPS and how browers are going to enable this directly. Any discussion/issues that I can go read up on for native support for this at the OS level in ubuntu?
[13:55] <kenperkins> https://arstechnica.com/tech-policy/2019/09/isps-worry-a-new-chrome-feature-will-stop-them-from-spying-on-you/
[14:00] <mgedmin> OS-level support would probably rely on systemd-resolved, which would need to add support for it first
[14:00] <mgedmin> https://github.com/systemd/systemd/issues/8639
[14:02] <kenperkins> perfect! that's what I wanted to read up
[14:04] <kenperkins> now that i think about it tho, it doesn't really matter what my os supports, it's my local dns resolvers that need it
[14:04] <kenperkins> :(
[14:08] <lordievader> Considering how firefox handles this case, that doesn't matter.
[14:08] <lordievader> (per default it uses cloudflare)
[14:09] <katnip`> i believe that can be shut off though
[14:10] <kenperkins> i guess tho, I don't want my apps making decisions on a per-app basis
[14:10] <kenperkins> I want it all done at the network level
[14:10] <katnip`> correct
[14:11] <katnip`> ars had an article about it a day or two ago, or zdnet, one of those
[14:11] <kenperkins> isn't that what I just linked above?
[14:12] <katnip`> yes, sorry
[14:13] <katnip`> like you, i use my pi hole and opendns for a backup per my vpn; i dont want an app resetting that
[14:14] <lordievader> > i guess tho, I don't want my apps making decisions on a per-app basis
[14:14] <lordievader> This is one of the arguments against DoH (and DoT for that matter).
[14:14] <katnip`> yes
[14:14] <kenperkins> as I think about it, what I really want is DNS with encryption, I'm not sure I'm concerned with exactly how
[14:15] <lordievader> It becomes even more fun when you consider that different resolvers may give different answers.
[14:15] <katnip`> i thought about encryption and the only thing i could come with was a vpn
[14:15] <kenperkins> as soon as i saw comcast was doing injection of javascript in unencrypted http i switched my resolvers
[14:15] <lordievader> The way chrome solved is much more acceptable. Check if your current resolver supports DoH, if so start using DoH with that resolver. (Might have been DoT, not really sure)
[14:15] <kenperkins> (probably 5 years ago+)
[14:16] <kenperkins> still tho, I don't want my browser deciding
[14:16] <katnip`> chrome is bad though
[14:16] <kenperkins> i use chrome and ff
[14:16] <katnip`> i use brave
[14:17] <katnip`> ff for a backup
[14:17] <kenperkins> i just despise the UX in FF
[14:19] <kenperkins> switching gears; building a conatiner in docker atm from ubuntu:xenial, and it's taking _ages_ to get throug the apt-get update && apt-get install step. what could be going on?
[14:20] <lordievader> How is the io-wait?
[14:20] <kenperkins> on the host or docker?
[14:21] <kenperkins> <newish to ubuntu, so help me out>
[14:21] <lordievader> With the old build process that would usually let it grind to a halt for me.
[14:21] <lordievader> Host
[14:21] <kenperkins> do I need to install iotop or something?
[14:21] <lordievader> kenperkins: `vmstat 1`
[14:22] <lordievader> The `wa` column is your interest.
[14:22] <kenperkins> hovering between 35-90
[14:23] <kenperkins> now up to 95-99
[14:23] <kenperkins> ok, so i'm waiting a ton
[14:23] <kenperkins> next step to find out why?
[14:24] <lordievader> Yeah, that is way to high.
[14:24] <lordievader> iotop or htop can tell you that.
[14:24] <kenperkins> i mean this is a super hend end machine
[14:24] <kenperkins> high-end
[14:25] <lordievader> You won't notice that if your cpu is busy waiting for IO all the time.
[14:25] <lordcirth> kenperkins, what drive is this writing to? Is it an SSD?
[14:25] <kenperkins> lordcirth: yes
[14:26] <lordcirth> Yeah, try iotop.
[14:26] <kenperkins> nothing in iotop with much more than ~0.5% io
[14:26] <mgedmin> well, apt installs do a lot of fsyncs(), you might want to try out libeatmydata?
[14:26] <mgedmin> (assuming docker builds don't do tricks that would break LD_PRELOAD)
[14:26] <kenperkins> mgedmin: sorry, I don't quite follow that
[14:27] <mgedmin> I was wonderin if https://github.com/stewartsmith/libeatmydata#libeatmydata could speed up your apt installs
[14:29] <kenperkins> ok, before I go do something like that, i'd like to narrow down what's going on first
[14:29] <kenperkins> i haven't had a literal line of progress in ~15m on my docker build
[14:30] <kenperkins> so in iotop, what should I be looking for
[14:30] <lordcirth> kenperkins, have you checked dmesg for errors?
[14:31] <lordcirth> Also, smartctl on your SSD
[14:31] <lordievader> kenperkins: Top talkers, in terms of bandwith or iops.
[14:33] <kenperkins> almost no disk read/write going on
[14:34] <kenperkins> tbh I don't know what I'm looking for in dmesg, the rest of my system seems completely normal
[14:35] <lordcirth> kenperkins, well, mostly that it isn't spamming IO Errors
[14:35] <lordcirth> If you run 'dmesg -wT' are new entries being added?
[14:35] <kenperkins> this sounds dubious
[14:36] <kenperkins> [Mon Sep 30 01:22:01 2019] docker0: port 1(vethb83d919) entered blocking state
[14:36] <kenperkins> [Mon Sep 30 01:22:01 2019] docker0: port 1(vethb83d919) entered forwarding state
[14:37] <kenperkins> that's from a while ago, disregard
[14:37] <mgedmin> if there's no disk io, it might be waiting on the network
[14:37] <mgedmin> dstat is nicer than vmstat: it shows network as well as disk i/o
[14:38] <mgedmin> try making the docker build use your local ubuntu mirror instead of the main archive?
[14:40] <kenperkins> ok dstat shows 0 cpu wait and ~98 idle, vmstat 1 shows idle of 4 and wait of 95
[14:40] <kenperkins> something doesn't make sense
[14:42] <kenperkins> mgedmin: I'm willing to try that, once I figure out why it's not doing seemingly *anything*
[14:42] <mgedmin> strace?
[14:47] <kenperkins> and it just finished
[14:47] <kenperkins> i did see this before it ended
[14:47] <kenperkins> https://gist.github.com/kenperkins/f8d9705516696760c925c040d764cfeb
[14:47] <kenperkins> doesn't really tell me anything
[14:49] <mgedmin> it's waiting on a mutex or some other synchronization primitive
[14:51] <kenperkins> yea but no insight into why I mean
[14:53] <kenperkins> I think I want to run it again to see
[14:54] <mgedmin> then be sure to strace all processes, not just the main one
[14:54] <mgedmin> (e.g. strace -f -o /tmp/trace.log docker build whatever)
[14:54] <mgedmin> (note that strace might slow things down considerably)
[14:59] <kenperkins> ok so I think this is the problem: > 0 upgraded, 403 newly installed, 0 to remove and 4 not upgraded.
[14:59] <kenperkins> maybe it was just slowly working through the install of 403 packages? (apt-get install was with -qqq)
[15:00] <kenperkins> @mgedmin > try making the docker build use your local ubuntu mirror instead of the main archive? can you expand or link me to something on that?
[15:01] <kenperkins> do you mean adding mirror://mirros.unbuntu.com stuff to my apt sources?
[15:02] <mgedmin> no, I mean using http://COUNTRYCODE.archive.ubuntu.com/ instead of http://archive.ubuntu.com/ in /etc/apt/sources.list inside the docker container before you do the apt update && apt install steps
[15:03] <mgedmin> I've never seen mirror:// before?  does it autodetect the nearest mirror somehow?  where is it documented?
[15:03] <kenperkins> apparently
[15:03] <kenperkins> > Using mirror protocol as part of your /etc/apt/sources.list entry will instruct apt command to fetch mirrors located within your country only. In order to use mirror protocol update all lines within /etc/apt/sources.list file from the usual eg.:
[15:04] <kenperkins> from https://linuxconfig.org/how-to-select-the-fastest-apt-mirror-on-ubuntu-linux
[15:04] <kenperkins> trying to find more official docuemtnation
[15:05] <mgedmin> I wish https://wiki.ubuntu.com/Mirrors mentioned this!
[15:05] <mgedmin> the ubuntu wiki feels abandoned at times
[15:05] <kenperkins> > feel free to join us at #ubuntu-mirrors on Freenode
[15:05] <kenperkins> brb :D
[15:07] <mgedmin> huh did you notice that the mirror:// option was the slowest in the "comparing results" section of that linuxconfig page? ;)
[15:07] <mgedmin> maybe it's not mentioned for a reason
[15:07] <kenperkins> haha
[15:08] <kenperkins> interesting that the us mirror was only 8 seconds slower than the au one, while the mirror protocol was 1.5 orders of magnitude slower
[15:09] <mgedmin> maybe it spent 4 minutes 40 seconds finding the fastest mirror and then 5 seconds downloading the things :)
[15:10] <mgedmin> opinion: apt install foo failing with 'package foo has no installation candidate' when you tried it in a live session (or a fresh docker container) with an empty /var/lib/apt/lists/ is bad ux
[20:29] <tomreyn> if danielrc14 returns to #ubuntu, please point them to the bottom of https://irclogs.ubuntu.com/2019/10/02/%23ubuntu.html - thanks!
[20:30] <sarnold> tomreyn: what should be at the bottom? right now it's lordcirth's unrelated comment..
[20:31] <tomreyn> sarnold: my latest comment to them (not yet, but the log file should update soon)
[20:31] <sarnold> tomreyn: okay cool :)
[20:33] <tomreyn> http://paste.debian.net/plain/1103810
[20:33] <tomreyn> thanks, ttyl
[20:34] <sarnold> tomreyn: nice, thanks, gnight :)
[20:34] <tomreyn> i'll have. :)
[21:27] <OerHeks> naughty /dev/urandom https://lwn.net/SubscriberLink/800509/c46eba62a7bda958/
[22:07] <hggdh> OerHeks: I was sort of expecting something like that to happen one day...
[22:09] <OerHeks> well.. wait
[22:09] <OerHeks> 2018 ?
[22:09] <OerHeks> https://www.phoronix.com/scan.php?page=news_item&px=Linux-4.18-Random-Boot-Fix
[23:36] <gry> good morning
[23:42] <OerHeks> hi gry
[23:44] <OerHeks> 01:44 am .. making pancakes ..
[23:45] <OerHeks> NOOOO! i am not telling you i live on Jan van Zutphenstraat 310, Haarlem, Netherlands ... no way