=== tds1 is now known as tds === StathisA_ is now known as StathisA === Napsterbater_ is now known as Napsterbater === Napsterbater is now known as Guest24862 === Napsterbater_ is now known as Napsterbater [14:47] So, I know this is Ubuntu Server, but just a FYI, if anyone has RHEL / Centos Servers, DONT PATCH NOW: https://pastebin.com/uGgCmVsQ [15:39] Ussat: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1889509 [15:39] Launchpad bug 1889509 in grub2 (Ubuntu) "grub boot error : "symbol 'grub_calloc' not found" [High,Confirmed] [15:39] NIce [15:39] Ya I have put off all patching untill confirmed fixes [17:31] Hellou :D [18:42] Ussat, if that package had been a snap, it would have auto-updated and you'd be screwed [18:43] stuff like this is a great example were complaining about inability to disable automatic updates of snaps [18:43] frankly it's almost insulting for Canonical to insist on this [18:43] one can schedule snap updates. [18:44] you mean defer for a short period of time [18:44] can I tell it "don't update this package unless I tell you to?" No. [18:45] to me, a snap == rolling distro. LTS stops having any meaning. [18:45] yes; refresh.hold: delays the next refresh until the defined time and date [18:46] can I set that date to 2030? When I followed the discussion on launchpad, the dev insisted it's their philosophy not to let you defer by more than a couple of weeks. [18:46] seems like you are just parrotting [18:47] I'm parroting the Canonical dev working on snapd [18:47] (one of them) [20:28] since what LTS version did we make apt the standard instead of apt-get or do I have that backwards? [20:28] apt is the new front-end [20:29] both are valid. [20:29] sarnold, since when? I'm trying to come up with standards at my office as to what we should use but I also don't want people to get confused [20:29] we still have Ubuntu 16 servers [20:29] apt is just superiour. [20:29] what I'm starting to run into is apt is more robust and has more options [20:29] DammitJim: apt is better for interactive use; apt-get is better for scripted ues [20:29] is apt-get looked down upon? [20:29] our scripts all use apt-get [20:29] DammitJim: apt upgrade is far safer than apt-get dist-upgrade, and handles more conditions than apt-get upgrade [20:29] The reality is that the first stable version of apt was released in the year 2014 but people started noticing it in 2016 with the release of Ubuntu 16.04 [20:30] and that was one of the things I was going to ask my team to start changing [20:30] https://itsfoss.com/apt-vs-apt-get-difference/ [20:30] so, if I said.. hey guys, from now on (now that we finally put to sleep the last Ubuntu 14 server) we are using apt instead of apt-get, I won't run into any inconsistencies, right? [20:30] nope, you are fine. [20:31] when some dependensie issue pop up, apt install -f [20:31] why did you feel you needed to make that last comment about apt install -f? [20:32] see apt vs apt-get, apt-get does not solve those issues on that level [20:33] what? apt-get still has a lot more functionalities to offer than apt? (per the link) [20:33] hhhmmmm... maybe I should stick with apt-get and not complicate things [20:34] no, but an interesting conclusion [20:34] you have no need to edit your scripts now, indeed [20:34] ok, thanks! [20:50] sarnold: the link from oerheks says that 'apt-get dist-upgrade' is replaced by 'apt full-upgrade'. Being an all time user of apt-get dist-upgrade, I'd like to know which replacement is better and for what reasons ;) [20:53] sdeziel: hah, good question. I'm sure someone here's told me once before what full-upgrade does that's better than dist-upgrade but I've forgotten :( [20:54] dang... it's OK [20:54] thx [21:04] rangergord, re: snaps, I rip them totally out of all my installs [21:06] without snapd, no livepatch for you. [21:43] Why is isc-dhcp-server accessing the ldap server? I have many of those messages: audit: type=1400 audit(1596185703.828:9389): apparmor="DENIED" operation="connect" info="Failed name lookup - disconnected path" error=-13 profile="/usr/sbin/dhcpd" name="run/slapd-inetserv.socket" pid=97436 comm="isc-worker0000" requested_mask="wr" denied_mask="wr" fsuid=110 ouid=0 [21:45] Aison0: wild guess, is your nsswitch configured to do lookups for something through ldap? [21:45] Aison0: is this when dhcpd starts up? [21:45] Aison0, yes [21:45] I'm using nssswitch to lookup ldap user/groups [21:47] sdeziel, no, it happens regularly. dmesg is completele spamed with the message above [21:49] Aison0: hmm, I'd probably strace dhcpd's PID around the time those audit messages/Apparmor failures get logged [21:50] I can't think of anything obvious that would explain why dhcpd would do LDAP lookups [21:50] Aison0: maybe pastebin your nssswitch.conf? [21:51] https://paste.ubuntu.com/p/CTBgmGF5tR/ [21:51] hosts: files dns ldap [21:52] that's possibly why it's trying to reach out to LDAP [21:52] potentially trying to do a reverse DNS lookup or something [21:59] hmm [21:59] or potentially trying to resolve forward DNS from the config? [22:00] strac'ing should tell you [22:24] damn connection... [22:26] Aison0: the last we saw was: < Aison0> hmm and you might have missed: < sdeziel> or potentially trying to resolve forward DNS from the config? < sdeziel> strac'ing should tell you [22:26] thx [22:26] I disabled ldap for hosts [22:26] maybe that's it [22:26] any success? [22:27] could also be used for the networks and aliases lookup. I honestly don't know what those are :/ === RoyK^ is now known as RoyK