[00:41] <linuxperia> hi all. i have a strange problem with ubuntu server. when i try to compile a programm i get this error here => "error while loading shared libraries: libtinfo.so.5: cannot open shared object file: No such file or directory" libtinfo however exist on my system and is located at /usr/lib/x86_64-linux-gnu/libtinfo.so What is wrong and how can i fix this Problem ?
[00:49] <mybalzitch> do you have a so.5 symlink to libtinfo ?
[00:51] <mybalzitch> linuxperia: ^
[00:52] <linuxperia> mybalzitch: thank you very much for your helpfull tip. i just looked it up and this is how it looks like on my side => it points to version 6 instead 5 => /usr/lib/x86_64-linux-gnu/libtinfo.so -> /lib/x86_64-linux-gnu/libtinfo.so.6
[00:52] <mybalzitch> yes, create another symlink pointing libtinfo.so.5 to libtinfo.so.6
[00:53] <linuxperia> so i need change then the version in the code to use 6 instead 5 and then everything should be perfect. ahh okey this will work also. thank you very much will do it and report back
[00:53] <mybalzitch> or recompile, yeah
[00:56] <linuxperia> Yes got one step further. now it complains that /lib/x86_64-linux-gnu/libtinfo.so.5: version `NCURSES_TINFO_5.0.19991023' not found looks like need older ncurses hmmm
[00:58] <linuxperia> mybalzitch: thank you very much for your helpfull tip with the symlink. you helped me recognize the problem!
[00:58] <mybalzitch> no problem! hope you get it sorted
=== mIk3_09 is now known as mIk3_08
=== mIk3_09 is now known as mIk3_08
=== im0nde_ is now known as im0nde
[10:49] <vlm> how can i bind sshd to an address that works through reboots? If i bind to address and manually restart daemon it works but it doesnt manage to bind to address upon booting,journalctl shows failed: "Cannot assign requested address fatal: Cannot bind to any address"
[11:03] <tomreyn>  this sounds like the ip address you're having sshd listen on isn't bound to an interface by the time sshd is starting.
[11:04] <tomreyn> you could either bind sshd to a different systemd target which ensures that the ip address has been bound to the interface, or make sshd listen on ANY and set up firewall restrictions to limit where inbound copnnections will be accepted from / to
[11:05] <tomreyn> vlm: ^
[11:28] <vlm> tomreyn: ill try those options thanks
[12:39] <rbasak> vlm: if you're using netplan with networkd or networkd on its own, then "systemctl list-units" will show you the After= target to use. For example mine is sys-subsystem-net-devices-enp0s31f6.device.
[13:17] <vlm> rbasak: nice tip ill give it ago aswell!
[13:37] <vlm> seems had it right first time only i had a spelling error, network.online.target instead of network(-)online.target,would it be any advantages with your approach rbasak?
[13:42] <rbasak> vlm: network-online.target is vague if you have multiple NICs.
[13:42] <rbasak> Or hotplug any NICs.
[13:42] <rbasak> vlm: see https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
[13:44] <rbasak> So if you're binding to an address on a specific device and need to start a service only when that address is ready, the best thing is to start the service only when that specific device is up.
[13:44] <rbasak> But as tomreyn said, better to avoid that situation altogether.
[13:44] <rbasak> Why do you need to bind ssh to a specific address anyway?
[14:21] <vlm> I was reading the link earlier on but missed that,seems its not so dependable,it works on a test system but on the server i need it doesnt,i just want to restrict traffic,i knew i could do it in firewall but got curious to how come sshd  wouldnt
[14:21] <vlm> bind on reboot so started researching
[14:27] <rbasak> Ideally sshd would adapt dyamically as the systemd documentation page describes
[14:27] <rbasak> Failing that, I'm not sure I would trust the firewall configuration on its own
[14:28] <rbasak> Maybe use Match, DenyUsers and AllowUsers directives in sshd_config and test that independently to ensure it's working as expected.
[14:28] <rbasak> And then add a firewall configuration on top of that
[15:43] <vlm> rbasak: seems like a good idea indeed,more layers of security is nice so if the one fails we got backup,started poke around pam access.conf and host.deny aswell
[15:50] <rbasak> vlm: I would pick two only. More complexity means more likelyhood of a mistake :)
[15:54] <sdeziel> vlm: to build on rbasak's suggestion, "Match LocalAddress" would probably be useful to you
[16:21] <vlm> rbasak: it could get too much also, usually i document stuff i do when it get complexed so common faults that may occur in such situations i can easily resolve,have helped me alot when things go wrong
[16:21] <vlm> sdeziel: yes that was what i was thinking aswell thanks for chime in
[16:21] <vlm> sdeziel: or i was thinking might be an option to Match ThisIp or so ,its nice to have options atleast to secure in many ways is my thought
[19:36] <rbasak> bryce: around?
[19:36] <rbasak> bryce: I implemented the mk_commit refactoring you requested
[19:37] <rbasak> But I ended up doing it as a constructor method (a classmethod) in repo_builder.Commit.
[19:37] <rbasak> Question: do you want a test for that? It's entirely within the test infrastructure so not used in production, and it's being fully exercised by the tests.
[19:38] <rbasak> Here's the implementaton: https://git.launchpad.net/~racb/usd-importer/diff/gitubuntu/repo_builder.py?h=importer-add-tests&id=a0f087ec7539a909ee01bdb68820693fc3012122
[19:38] <rbasak> (the branch is still a work in progress)
[19:39] <rbasak> In general I'm not sure what our policy needs to be for testing the test helpers
[20:31] <mbeierl> Hello.  I am looking to find the difference between Ubuntu cloud images (from https://cloud-images.ubuntu.com/bionic/20191127/ ) with .img and .vmdk extensions.  When I use the .vmdk under VMware vCloud Director, it boots, but converting the .img to .vmdk causes it to hang.  I have other .imq and .qcow2 images that I want to convert and they all exhibit the same behaviour.
[20:32] <crodriguez> Hello, I have a question regarding netplan in ubuntu 20.04. For a server with 3 interfaces with each their own gateway, how does networkd determines the default gateway? It seems like ip route get always returns the right interface,  I'm trying to understand how it chooses the correct interface as its default gateway. I haven't defined any route in the netplan config.
[20:39] <bryce> rbasak, yep just back from lunch
[20:39] <bryce> hmm good question on testing test helpers
[20:40] <bryce> in other projects I've not tended to worry about testing test helpers, since the testsuite itself exercises the code adequately most of the time
[20:41] <bryce> but for more complex helpers, or if it helps in doing the development, I suppose no reason not to allow them
[20:45] <bryce> rbasak, that said, since this code would live in the main code rather than purely in a *_test.py file, a test case would probably be appropriate
[20:45] <rbasak> OK, thanks. I'll add some tests for it.
[20:47] <rbasak> ...on Monday. Enjoy your weekend :)
[20:48] <bryce> I imagine monkeypatch could be an alternate way to do it.  No idea how easy/hard that'd be though.
[20:48] <bryce> rbasak, right, cya monday!
[20:49] <bryce> btw I (might) have jury duty next week
[20:50] <rbasak> OK
[21:47] <ericlafontaine> Hi, my name is Eric Lafontaine and I was told that some people over here could help me understand a behaviour with the networking/kernel
[21:53] <ericlafontaine> I'm having a server with 3 NIC using DHCP and all having gateways.  The behaviour I'm seeing is that the kernel is able to know that the last interface should always be the default gateway interface, whatever bouncing of the interface I do.  This seems like magic to me and I'm trying to understand how come.  all 3 default routes are present, but it's always the last interface that is used by
[21:53] <ericlafontaine>  the kernel as the route to internet.
[21:54] <ericlafontaine> (I have this behaviour with the base image of Ubuntu 20.04 )
[21:54] <ericlafontaine> (on an openstack environment)
=== ysch_ is now known as ysch
[22:04] <crodriguez> ericlafontaine: hi ! I think rbasak will be able to help you out. Maybe he's EOD though, might have to wait for Monday
[22:07] <rafaeldtinoco> ericlafontaine: why would u have 3 gateways ?!
[22:07] <ericlafontaine> Hi @crodriguez, thanks.  If anyone else want more details/are curious, please contact me directly :)
[22:08] <ericlafontaine> I'm putting a router in place to abstract network complexity.
[22:08] <rafaeldtinoco> ok but what is the purpose of having 3 gateways ?
[22:08] <rafaeldtinoco> you want to load balance traffic among all 3 ?
[22:11] <ericlafontaine> It's my first time using an IRC, so I'm not sure if I should try to summarize or go all out on explanations...
[22:12] <rafaeldtinoco> just answer the question
[22:12] <rafaeldtinoco> its easier =)
[22:12] <rafaeldtinoco> ericlafontaine: you have 3 net providers and want to load balance among them ? is that it ?
[22:12] <rafaeldtinoco> or something like it ?
[22:14] <ericlafontaine> basically, I have an intranet for which my "router" will be acting as the gateway (ubuntu server) for other servers on the intranet.  The second network is another intranet for which some routes are provided (this one doesn't actually have a gateway, but dhcp put's one in anyway... bug? maybe, didn't get time).  The third interface is the real external network and should stick to being my de
[22:14] <ericlafontaine> fault gateway whatever happens.
[22:15] <ericlafontaine> I get the behaviour I want, but I can't explain how it works, which is troubling me.
[22:15] <rafaeldtinoco> ericlafontaine: dhclient can drop gateway
[22:15] <rafaeldtinoco> for example
[22:16] <rafaeldtinoco> its not because dhcp server gives you HAVE to use =)
[22:16] <rafaeldtinoco> check /etc/dhcp/dhclient.conf
[22:16] <rafaeldtinoco> you can configure an interface not to "request" routers, for example, but request everything else
[22:16] <rafaeldtinoco> you can request only IP, or IP and NTP, IP and DNS, etc
[22:16] <ericlafontaine> I found that it's using the systemd-networkd and whatever bouncing of interface I do, my last interface stays the default interface.  I would have expected this to be like dhclient behavior you're describing, but it wasn't dhclient
[22:17] <rafaeldtinoco> ah gotcha
[22:17] <rafaeldtinoco> so you're using netplan
[22:17] <ericlafontaine> yes
[22:17] <rafaeldtinoco> with systemd-networkd backend
[22:17] <ericlafontaine> default 20.04 ubuntu server
[22:17] <rafaeldtinoco> ok lets check how to drop dhcp options in systemd
[22:17] <rafaeldtinoco> 20.04 ? (focal ?)
[22:17] <rafaeldtinoco> its -devel
[22:17] <ericlafontaine> I know :)
[22:17] <ericlafontaine> still it does what I need it to do
[22:17] <rafaeldtinoco> ok
[22:17] <ericlafontaine> which is why I was looking at it
[22:18] <ericlafontaine> my problem is that I don't understand how it can keep the last interface whatever "bouncing" I do...
[22:19] <ericlafontaine> It's an happily nice behaviour :) I just can't explain it
[22:19] <rafaeldtinoco> looks like
[22:19] <rafaeldtinoco> https://github.com/systemd/systemd/issues/5134
[22:19] <rafaeldtinoco> the feature you're looking for was in this issue
[22:22] <rafaeldtinoco> http://man7.org/linux/man-pages/man5/systemd.network.5.html
[22:22] <rafaeldtinoco> check [DHCP] section
[22:22] <rafaeldtinoco> UseRoutes=
[22:22] <rafaeldtinoco>            When true (the default), the static routes will be requested from
[22:22] <rafaeldtinoco>            the DHCP server and added to the routing table with a metric of
[22:22] <rafaeldtinoco>            1024, and a scope of "global", "link" or "host", depending on the
[22:22] <rafaeldtinoco>            route's destination and gateway. If the destination is on the
[22:22] <rafaeldtinoco>            local host, e.g., 127.x.x.x, or the same as the link's own
[22:22] <rafaeldtinoco>            address, the scope will be set to "host". Otherwise if the
[22:22] <rafaeldtinoco>            gateway is null (a direct route), a "link" scope will be used.
[22:22] <rafaeldtinoco>            For anything else, scope defaults to "global".
[22:22] <rafaeldtinoco> you can change the generated systemd file
[22:22] <rafaeldtinoco> and UseRouters=false
[22:22] <rafaeldtinoco> UseRoutes=false
[22:22] <rafaeldtinoco> for the interfaces you don't want a gateway set
[22:23] <rafaeldtinoco> (for example)
[22:23] <ericlafontaine> my network configuration only had [DHCP] active, nothing else
[22:23] <rafaeldtinoco> let me check if netplan supports it
[22:23] <rafaeldtinoco> https://netplan.io/examples
[22:23] <rafaeldtinoco> it shows an option
[22:23] <rafaeldtinoco> "dhcp4-overrides
[22:23] <rafaeldtinoco> Connecting multiple interfaces with DHCP
[22:24] <rafaeldtinoco> check this there ^
[22:24] <rafaeldtinoco> suggestion they give is to raise the route metric
[22:24] <rafaeldtinoco> so the default router is used by your main interface
[22:24] <rafaeldtinoco> and the other gateways are "ignored"
[22:24] <rafaeldtinoco> because they have a big metric
[22:24] <rafaeldtinoco> did you check that ? have you tried ?
[22:25] <ericlafontaine> yes, all my interfaces turned out to have the same metric...
[22:25] <rafaeldtinoco> even using the override ?
[22:25] <ericlafontaine> I haven't tried any change, I just tried to understand how the kernel knew...
[22:25] <ericlafontaine> can i send you the routes and netpan?
[22:26] <ericlafontaine> I have those with me.
[22:26] <rafaeldtinoco> ericlafontaine: if you put 3 gateways with same weight
[22:26] <rafaeldtinoco> or metric in this case
[22:26] <rafaeldtinoco> kernel will round robin among them
[22:26] <rafaeldtinoco> so you will use tcp retransmissions
[22:26] <ericlafontaine> that's what I would've had expected
[22:26] <rafaeldtinoco> ah thats the default behaviour
[22:26] <rafaeldtinoco> and its designed that way
[22:26] <rafaeldtinoco> because you are using the same routing table
[22:26] <rafaeldtinoco> (without knowing)
[22:26] <rafaeldtinoco> kernel has multiple routing tables you could use
[22:26] <ericlafontaine> yeah, I would have expected that, but it didn't do that
[22:27] <rafaeldtinoco> it didnt ?
[22:27] <ericlafontaine> which is why I don't understan
[22:27] <rafaeldtinoco> what did it do ?
[22:27] <ericlafontaine> it stuck with the "highest" interface in the order "ens5" > "ens4" > "ens3"
[22:28] <ericlafontaine> I've been starting to read about the kernel internal structure to understand
[22:28] <ericlafontaine> fib_tree, etc.
[22:28] <ericlafontaine> so trying to see what am I missing
[22:29] <rafaeldtinoco> so it always used the latest default router
[22:29] <ericlafontaine> I was expecting to be kicked out of the server when I restarted "ens4" but that didn't happen
[22:29] <rafaeldtinoco> routes are cached for existing connections
[22:29] <ericlafontaine> ip route show cache is always empty
[22:30] <ericlafontaine> maybe I didn't bound the interface the right way?
[22:30] <rafaeldtinoco> well you didnt assign them weights
[22:30] <ericlafontaine> "ip link set down dev ens4" ?
[22:30] <rafaeldtinoco> so im not sure the correct behavior nowadays
[22:30] <ericlafontaine> I didn't and cloud-init gave them 100 I believe by default
[22:30] <rafaeldtinoco> the old behavior was:
[22:30] <rafaeldtinoco> https://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.multiple-links.html
[22:31] <rafaeldtinoco> ahhhhhhh actually
[22:31] <rafaeldtinoco> the old behavior without weights
[22:31] <rafaeldtinoco> was not to load balance at all
[22:31] <rafaeldtinoco> was to use latest default gateway
[22:31] <rafaeldtinoco> #)
[22:31] <ericlafontaine> ?
[22:31] <rafaeldtinoco> so if you're using the same routing table
[22:31] <rafaeldtinoco> which likely you are
[22:31] <ericlafontaine> (by the way, I really appreciate :) I spent 1-2 days on this, and curiosity was killing me )
[22:31] <rafaeldtinoco> and you add 3 routes to 0.0.0.0
[22:31] <rafaeldtinoco> only the last one will work
[22:31] <rafaeldtinoco> that is what happened to you right ?
[22:32] <rafaeldtinoco> BUT if you have different routing tables
[22:32] <rafaeldtinoco> then you can assign them weights
[22:32] <rafaeldtinoco> and load balance among them
[22:32] <rafaeldtinoco> but you have to have different routing tables
[22:32] <rafaeldtinoco> not the same one
[22:32] <rafaeldtinoco> because the rules have hierarchy
[22:32] <rafaeldtinoco> if you satisfied the route, you dont need another
[22:32] <ericlafontaine> it's rules over route tables, right?
[22:32] <rafaeldtinoco> yep
[22:33] <ericlafontaine> 30 sec
[22:33] <ericlafontaine> I'll go on the server
[22:33] <rafaeldtinoco> sure
[22:33] <ericlafontaine> I might lose my connectivity...
[22:33] <rafaeldtinoco> #(
[22:39] <ericlafo_> Alright, I'm back
[22:40] <rafaeldtinoco> ok
[22:40] <ericlafo_> so I can send you the all the routing I have on the server
[22:40] <rafaeldtinoco> so.. 1st things 1st
[22:40] <rafaeldtinoco> you're using netplan to configure its nics
[22:40] <rafaeldtinoco> correct ?
[22:40] <ericlafo_> yes
[22:40] <rafaeldtinoco> can I see your /etc/netplan/* files ?
[22:40] <rafaeldtinoco> in order for that
[22:41] <rafaeldtinoco> you can pastebin them
[22:41] <rafaeldtinoco> its easer =)
[22:41] <ericlafo_> here?
[22:41] <rafaeldtinoco> paste.ubuntu.com
[22:41] <rafaeldtinoco> paste there and get me a likn
[22:42] <ericlafo_> https://paste.ubuntu.com/p/mw9fGR3QtK/
[22:42] <ericlafo_> I'll get you the routing table as well
[22:43] <rafaeldtinoco> alright
[22:43] <ericlafo_> https://paste.ubuntu.com/p/Z5t9qhzn4V/
[22:43] <ericlafo_> routing ^
[22:46] <rafaeldtinoco> default via 198.18.200.1 dev ens5 proto dhcp metric 100
[22:46] <rafaeldtinoco> default via 192.168.128.1 dev ens4 proto dhcp metric 100
[22:46] <rafaeldtinoco> default via 192.168.129.1 dev ens3 proto dhcp metric 100
[22:47] <rafaeldtinoco> so they're all in the same routing table
[22:47] <rafaeldtinoco> with the same metric
[22:47] <rafaeldtinoco> only the latest interface (to get dhcp)
[22:47] <ericlafo_> yup
[22:47] <rafaeldtinoco> will have an operatinal gateway
[22:47] <rafaeldtinoco> you should drop the gateways you dont need
[22:48] <ericlafo_> The behaviour I have is the ens5 can be the only interface not bounced and it still would be the default gateway used.
[22:48] <rafaeldtinoco> what do you mean by bounced ?
[22:49] <ericlafo_> "ip link set down ens3"
[22:49] <ericlafo_> "ip link set up ens3"
[22:49] <rafaeldtinoco> ah gotcha
[22:49] <rafaeldtinoco> so a reset
[22:49] <rafaeldtinoco> if you reset a nic then you lose the default gw
[22:49] <rafaeldtinoco> and then you lose conectivity
[22:49] <rafaeldtinoco> because the other one becomes operational
[22:50] <rafaeldtinoco> is that it ?
[22:50] <ericlafo_> nope, I'm not losing my connectivity...
[22:50] <rafaeldtinoco> lose conectivity meaning nic down / nic up again
[22:50] <ericlafo_> ens5 stays my default gateway in the server
[22:50] <rafaeldtinoco> because its your last added gateway
[22:50] <ericlafo_> which is the behaviour I wanted but I don't get how it works
[22:51] <ericlafo_> what do you mean by "last added"?
[22:51] <rafaeldtinoco> if you do this:
[22:51] <rafaeldtinoco> route add default gw 1.1.1.1
[22:51] <rafaeldtinoco> route add default gw 2.2.2.1
[22:51] <rafaeldtinoco> route add default gw 3.3.3.1
[22:51] <rafaeldtinoco> all 3 have the same metric
[22:51] <rafaeldtinoco> kernel will only reach 2.2.2.1 if 3.3.3.1 can't be reached
[22:51] <rafaeldtinoco> no ?
[22:53] <ericlafo_> well that wasn't what I would have expected since I removed the dhcp interface, no?
[22:53] <ericlafo_> so I would have expected the route to be re-applied when I was bringing the interface up again
[22:53] <rafaeldtinoco> ooooooooooo
[22:53] <rafaeldtinoco> no you did not remove the ip
[22:53] <rafaeldtinoco> its a real nic
[22:54] <rafaeldtinoco> if it was a virtual nic.. you would have dropped the nick
[22:54] <rafaeldtinoco> like veth0 for example
[22:54] <rafaeldtinoco> but for a real one
[22:54] <rafaeldtinoco> IP stays there if you up/down
[22:54] <rafaeldtinoco> have u shutdown the networkd for that nic ?
[22:55] <ericlafo_> nope, I didn't find individual interface services
[22:55] <ericlafo_>    26  systemctl status sys-subsystem-net-devices-ens3.device
[22:55] <ericlafo_>    27  systemctl restart sys-subsystem-net-devices-ens3.device
[22:55] <ericlafo_> I did try this though;
[22:55] <ericlafo_> but it was denied as an operation
[22:56] <rafaeldtinoco> are you root ?
[22:56] <rafaeldtinoco> =)
[22:56] <ericlafo_> yup
[22:56] <rafaeldtinoco> this is the device itself
[22:56] <rafaeldtinoco> its a .device unit file
[22:56] <rafaeldtinoco> so it wont restart
[22:56] <rafaeldtinoco> its internal to systemd
[22:56] <ericlafo_> so what would the service be named?  I only found the "systemd-networkd" service which seemed to manage all interfaces
[22:58] <ericlafo_> (did I say that I really appreciate?  I really do :) I've been struggling to understand )
[22:59] <rafaeldtinoco> let me get one example here
[22:59] <rafaeldtinoco> damn, all my machines are using ifupdown currently
[22:59] <rafaeldtinoco> :o)
[22:59] <ericlafo_> XD
[23:00] <rafaeldtinoco> im unsure you can control the interfaces like a systemd unit
[23:00] <ericlafo_> I'll setup my other non-work computer to be able to continue discussing here while having the server connected to tryout stuff
[23:00] <rafaeldtinoco> i think you would change your .network files
[23:00] <rafaeldtinoco> and restart networkd
[23:00] <rafaeldtinoco> and it would reconfig as you want
[23:01] <rafaeldtinoco> networkctl shows the configured nics
[23:01] <ericlafo_> I didn't find the .network file in /etc/systemd/network
[23:01] <rafaeldtinoco> thats the netplan secret
[23:01] <ericlafo_> I'll try the networkctl
[23:01] <rafaeldtinoco> if you had create the .network files on your own
[23:01] <ericlafo_> ha ha !, thanks
[23:01] <rafaeldtinoco> you could put into /etc/systemd/network
[23:01] <rafaeldtinoco> for example
[23:01] <rafaeldtinoco> yours is probably at
[23:01] <rafaeldtinoco>  /var/run/systemd/network
[23:02] <rafaeldtinoco> give it a try
[23:02] <rafaeldtinoco> cd /var/run/systemd
[23:02] <rafaeldtinoco> find . | grep -i network
[23:03] <rafaeldtinoco> i gotta go now (dinner time here)
[23:03] <rafaeldtinoco> ericlafo_: rafaeldtinoco@ubuntu.com
[23:03] <rafaeldtinoco> drop me an email if you have any other questios
[23:03] <rafaeldtinoco> ill try to address if I can
[23:04] <rafaeldtinoco> or hang around here
[23:04] <rafaeldtinoco> we're always over here =)
[23:04] <ericlafo_> alright, thanks :) I'll look through what you provided an email you the conclusions :)
[23:04] <ericlafo_> thanks a lot!
[23:04] <rafaeldtinoco> sure. good luck
[23:04] <rafaeldtinoco> my pleasure. take care o/
[23:04] <ericlafo_> o/