| === tds1 is now known as tds | ||
| === StathisA_ is now known as StathisA | ||
| === Napsterbater_ is now known as Napsterbater | ||
| === Napsterbater is now known as Guest24862 | ||
| === Napsterbater_ is now known as Napsterbater | ||
| Ussat | So, I know this is Ubuntu Server, but just a FYI, if anyone has RHEL / Centos Servers, DONT PATCH NOW: https://pastebin.com/uGgCmVsQ | 14:47 |
|---|---|---|
| tomreyn | Ussat: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1889509 | 15:39 |
| ubottu | Launchpad bug 1889509 in grub2 (Ubuntu) "grub boot error : "symbol 'grub_calloc' not found" [High,Confirmed] | 15:39 |
| Ussat | NIce | 15:39 |
| Ussat | Ya I have put off all patching untill confirmed fixes | 15:39 |
| Amadex | Hellou :D | 17:31 |
| rangergord | Ussat, if that package had been a snap, it would have auto-updated and you'd be screwed | 18:42 |
| rangergord | stuff like this is a great example were complaining about inability to disable automatic updates of snaps | 18:43 |
| rangergord | frankly it's almost insulting for Canonical to insist on this | 18:43 |
| oerheks | one can schedule snap updates. | 18:43 |
| rangergord | you mean defer for a short period of time | 18:44 |
| rangergord | can I tell it "don't update this package unless I tell you to?" No. | 18:44 |
| rangergord | to me, a snap == rolling distro. LTS stops having any meaning. | 18:45 |
| oerheks | yes; refresh.hold: delays the next refresh until the defined time and date | 18:45 |
| rangergord | can I set that date to 2030? When I followed the discussion on launchpad, the dev insisted it's their philosophy not to let you defer by more than a couple of weeks. | 18:46 |
| oerheks | seems like you are just parrotting | 18:46 |
| rangergord | I'm parroting the Canonical dev working on snapd | 18:47 |
| rangergord | (one of them) | 18:47 |
| DammitJim | since what LTS version did we make apt the standard instead of apt-get or do I have that backwards? | 20:28 |
| sarnold | apt is the new front-end | 20:28 |
| oerheks | both are valid. | 20:29 |
| DammitJim | sarnold, since when? I'm trying to come up with standards at my office as to what we should use but I also don't want people to get confused | 20:29 |
| DammitJim | we still have Ubuntu 16 servers | 20:29 |
| oerheks | apt is just superiour. | 20:29 |
| DammitJim | what I'm starting to run into is apt is more robust and has more options | 20:29 |
| sarnold | DammitJim: apt is better for interactive use; apt-get is better for scripted ues | 20:29 |
| DammitJim | is apt-get looked down upon? | 20:29 |
| DammitJim | our scripts all use apt-get | 20:29 |
| sarnold | DammitJim: apt upgrade is far safer than apt-get dist-upgrade, and handles more conditions than apt-get upgrade | 20:29 |
| oerheks | The reality is that the first stable version of apt was released in the year 2014 but people started noticing it in 2016 with the release of Ubuntu 16.04 | 20:29 |
| DammitJim | and that was one of the things I was going to ask my team to start changing | 20:30 |
| oerheks | https://itsfoss.com/apt-vs-apt-get-difference/ | 20:30 |
| DammitJim | so, if I said.. hey guys, from now on (now that we finally put to sleep the last Ubuntu 14 server) we are using apt instead of apt-get, I won't run into any inconsistencies, right? | 20:30 |
| oerheks | nope, you are fine. | 20:30 |
| oerheks | when some dependensie issue pop up, apt install -f | 20:31 |
| DammitJim | why did you feel you needed to make that last comment about apt install -f? | 20:31 |
| oerheks | see apt vs apt-get, apt-get does not solve those issues on that level | 20:32 |
| DammitJim | what? apt-get still has a lot more functionalities to offer than apt? (per the link) | 20:33 |
| DammitJim | hhhmmmm... maybe I should stick with apt-get and not complicate things | 20:33 |
| oerheks | no, but an interesting conclusion | 20:34 |
| oerheks | you have no need to edit your scripts now, indeed | 20:34 |
| DammitJim | ok, thanks! | 20:34 |
| sdeziel | sarnold: the link from oerheks says that 'apt-get dist-upgrade' is replaced by 'apt full-upgrade'. Being an all time user of apt-get dist-upgrade, I'd like to know which replacement is better and for what reasons ;) | 20:50 |
| sarnold | sdeziel: hah, good question. I'm sure someone here's told me once before what full-upgrade does that's better than dist-upgrade but I've forgotten :( | 20:53 |
| sdeziel | dang... it's OK | 20:54 |
| sdeziel | thx | 20:54 |
| Ussat | rangergord, re: snaps, I rip them totally out of all my installs | 21:04 |
| oerheks | without snapd, no livepatch for you. | 21:06 |
| Aison0 | Why is isc-dhcp-server accessing the ldap server? I have many of those messages: audit: type=1400 audit(1596185703.828:9389): apparmor="DENIED" operation="connect" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/dhcpd" name="run/slapd-inetserv.socket" pid=97436 comm="isc-worker0000" requested_mask="wr" denied_mask="wr" fsuid=110 ouid=0 | 21:43 |
| sarnold | Aison0: wild guess, is your nsswitch configured to do lookups for something through ldap? | 21:45 |
| sdeziel | Aison0: is this when dhcpd starts up? | 21:45 |
| Aison0 | Aison0, yes | 21:45 |
| Aison0 | I'm using nssswitch to lookup ldap user/groups | 21:45 |
| Aison0 | sdeziel, no, it happens regularly. dmesg is completele spamed with the message above | 21:47 |
| sdeziel | Aison0: hmm, I'd probably strace dhcpd's PID around the time those audit messages/Apparmor failures get logged | 21:49 |
| sdeziel | I can't think of anything obvious that would explain why dhcpd would do LDAP lookups | 21:50 |
| sdeziel | Aison0: maybe pastebin your nssswitch.conf? | 21:50 |
| Aison0 | https://paste.ubuntu.com/p/CTBgmGF5tR/ | 21:51 |
| sdeziel | hosts: files dns ldap | 21:51 |
| sdeziel | that's possibly why it's trying to reach out to LDAP | 21:52 |
| sdeziel | potentially trying to do a reverse DNS lookup or something | 21:52 |
| Aison0 | hmm | 21:59 |
| sdeziel | or potentially trying to resolve forward DNS from the config? | 21:59 |
| sdeziel | strac'ing should tell you | 22:00 |
| Aison0 | damn connection... | 22:24 |
| sarnold | Aison0: the last we saw was: < Aison0> hmm and you might have missed: < sdeziel> or potentially trying to resolve forward DNS from the config? < sdeziel> strac'ing should tell you | 22:26 |
| Aison0 | thx | 22:26 |
| Aison0 | I disabled ldap for hosts | 22:26 |
| Aison0 | maybe that's it | 22:26 |
| sarnold | any success? | 22:26 |
| sdeziel | could also be used for the networks and aliases lookup. I honestly don't know what those are :/ | 22:27 |
| === RoyK^ is now known as RoyK | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!