/srv/irclogs.ubuntu.com/2020/10/07/#ubuntu-server.txt

=== vlm_ is now known as vlm
=== Napsterbater_ is now known as Napsterbater
=== Napsterbater_ is now known as Napsterbater
iceythanks ddstreet and rafaeldtinoco :)05:59
lordievaderGood morning06:41
=== antoine5 is now known as antoine
=== Wryhder is now known as Lucas_Gray
iceyhey rbasak - I have a DMB and/or ~ubuntu-server-dev question that I hope you can help with: The OpenStack packaging is all done through the ~ubuntu-server-dev team git repos on Launchpad, for example: https://code.launchpad.net/~ubuntu-server-dev/ubuntu/+source/python-cinderclient/+git/python-cinderclient/ ; After my recent permission change coming through the OpenStack Package Set, I have upload permissions to these packages, but not to the git repos13:11
iceythat back them. Any thoughts on the best way to resolve this?13:11
rbasakI think we're facing some legacy from when openstack wasn't split out from ~ubuntu-server-dev13:12
rbasakSince ~ubuntu-server-dev is a DMB-managed uploader team for the entire server packageset13:12
rbasakNot just the openstack packageset13:12
iceythat's exactly what I think as well13:13
rbasakI'm not sure if the openstack packageset is supposed to be a subset of the server packageset or individual packages are generally intended to be in only one of them13:13
rbasakBut I don't suppose that matters13:13
rbasakNow we have ~ubuntu-openstack-dev13:13
iceyrbasak: it's even more awesome, since I don't think most of the OpenStack package set is in the Server package set :-D13:14
rbasakSo maybe we should change the repository owner of all of those repositories over to ~ubuntu-openstack-dev?13:14
rbasakYou'd all need to update your git URLs13:14
rbasakIn any git repositories you have13:14
rbasakBut after that I think you'd be able to continue as normal13:14
iceyyeah - I think each of the packages would need updating for the d/control as well13:14
iceyI'd hold of fon doing that until the package set is up to date as well13:14
rbasakRight13:14
iceycoreycb: jamespage: thoughts / for awareness13:15
icey^13:15
rbasakddstreet: ^ FYI13:15
rbasakThough this is more about git repositories that are mostly outside DMB management13:15
rbasakicey: when you want to move them, someone who is a member of both can do it from the Launchpad UI I think, and also there's an API method I can help with if you have a big list. All core devs are a member of both teams.13:16
iceyrbasak: I'm sure I can annoy coreycb into handling that :)13:17
iceyrbasak: may be worth doing it via the API as it is probably 150+ packages13:17
coreycbrbasak: icey: I'm not opposed to moving the repos. I think we could script it and do it early in ubuntu H.13:17
coreycbor now I guess13:17
iceycoreycb: well, let's hold off until we actually get the packageset up to date (hopefully this week) :-D13:17
coreycbok13:18
rbasakicey: one possible issue. The set of repositories you want to maintain in ~ubuntu-openstack-dev is entirely up to you. Keep a systemd git repository in there if you want for example and nobody will care. Whatever makes sense for you. However the packageset itself that controls uploads is DMB-managed and there might be the odd package (now or in the future) that is "Openstack" to you but "core"13:21
rbasakelsewhere in Ubuntu or something like that, causing the DMB to avoid putting that in the packageset.13:21
rbasakThe only impact would be to your workflow13:21
iceyrbasak: for sure - some current examples that I'm thinking of are Ceph, openvswitch :-P13:22
rbasakBut in that sense then, if we consider the set of repositories in ~ubuntu-openstack-dev to be independent of the packageset, there's no need to predicate the change over ownership over the packageset update13:22
rbasakYeah ceph and openvswitch are blurry13:22
iceyand libvirt, qemu, etc :-D13:23
iceyanyways, that's a different discussion13:23
=== lotuspsychje_ is now known as lotuspsychje
=== RoyK^ is now known as RoyK
jamespagecoreycb, icey I forgot to mention this https://launchpad.net/ubuntu/+source/ceph/15.2.5-0ubuntu116:37
jamespagexnox: ^^ has your beast enablement for s390x as well16:37
coreycbjamespage: great, thanks16:38
=== Wryhder is now known as Lucas_Gray
xnoxwhoop whoop17:00
=== powersj_ is now known as powersj
linuxrhi, anyone using the limits system (/etc/security/limits.conf)? I tried to add a limit for the maximum logins of a user, but seems not to be respected in any way..any ideas?19:26
sarnoldlinuxr: do you have pam_limits configured for the services where you want it to be enforced?19:28
linuxrsarnold, no, is this not by default? how would I do this?19:32
sarnoldlinuxr: this can show you which services are configured to use it now: grep -r pam_limits /etc/pam.d19:32
linuxrsarnold, I see this among others: /etc/pam.d/login:session    required   pam_limits.so19:34
linuxrdoesn't this mean the login restriction as in the limits.conf file should be enforced?19:34
sarnoldlinuxr: yes, when the user logs in via the login service -- which is basically 'at the console'19:36
sarnoldlinuxr: if the users are logging in via sshd or xdm then those services would also need similar lines19:36
linuxrsarnold, there's a line for ssh indeed: /etc/pam.d/sshd:session    required     pam_limits.so19:37
sarnoldokay, cool, cool19:37
linuxronly that is doesnt work :/19:37
linuxrso any way of debugging this?19:40
sarnoldtry running a journalctl -f  in one terminal, then try pushing your ssh connections over the limit for the user in question, and see what gets logged19:42
linuxrwait - it actually works!19:42
sarnoldI've got a lot of extra audit rules installed that you probably don't have, so your logs will look different from mine, but perhaps seeing mine will give you some idea of what you're seeing..19:42
TJ-linuxr: add debugging. See "man pam_limits" and the 'debug' option19:42
linuxrwhen I try to connect twice from ssh, the second connection gets closed ("too many logins for user")19:43
sarnoldhttps://paste.ubuntu.com/p/5C7wmJm6V5/19:43
linuxrbut when I have a local session for that user and connect via ssh in addition, the ssh connection is accepted19:43
sarnoldthat local session for the user, was that session created with a service that uses pam_limits?19:44
linuxrsarnold, yes, also within the ssh session of another user19:44
linuxrnot a real local tty19:44
mybalzitchso how come by 18.04.05 install gets the prompt for 20.04.01 but my 20.04 machine doesn't, lol21:08
mybalzitchalso I can't seem to find the changelog for 20.04.0121:08
sarnoldmybalzitch: https://wiki.ubuntu.com/FocalFossa/ReleaseNotes/ChangeSummary/20.04.121:10
mybalzitchargh, thanks sarnold21:11
tomreyn20.04 releases wont 'get a prompt', you just install updates and one of them will change the release version number.21:11
mybalzitchoh okay, that explains that21:11
mybalzitchthanks you two21:11
sarnoldI'm surprised you got a prompt on your 18.04 system; I thought you weren't going to get one until focal isn't listed in https://changelogs.ubuntu.com/meta-release-development21:12
tomreynsarnold: you're looking at "development"21:12
tomreynhttps://changelogs.ubuntu.com/meta-release lists 20.04(.1)21:13
sarnoldtomreyn: that's the thing, I thought that items had to be *removed* from this 'devel' list in order to be promoted, and no longer require the do-release-upgrade -d  switch21:13
tomreynoh, not that i know of21:13
tomreyni think they need to be *listed* (with "supported: 1"?) in meta-release-lts or meta-release (depending on the "Prompt" setting in /etc/update-manager/release-upgrades )21:15
tomreynbut this is probably a little underdocumented, so not sure21:16
sarnoldyes, they certainly need to be listed in those files21:17

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!