[01:49] <souldessin> I will second the using of a command line editor. Personally, I use Emacs. After a little bit of configuring, I can start editing on any computer as if I was working on it for years. Instead of spending the time fighting to get a GUI, work towards getting a better feel for a terminal where it will do exactly what you tell it.
=== genii is now known as genii-core
[05:53] <cpaelzer> good morning
[06:09] <lotuspsychje_> morning cpaelzer 
[06:19] <utkarsh2102> \o
=== lotuspsychje_ is now known as lotuspsychje
[06:38] <cpaelzer> good morning
[08:19] <mirespace> good morning
[09:04] <papopepo> hello
[09:31] <utkarsh2102> \o
[10:38] <athos> Good morning :)
[10:38] <athos> not entirely sure if I crafted this one right, but would anyone mind triggering this test:
[10:38] <athos> https://autopkgtest.ubuntu.com/request.cgi?release=jammy&arch=amd64&arch=arm64&arch=armhf&arch=ppc64el&arch=s390x&package=libreoffice&trigger=nss/2%3A3.68.2-0ubuntu1&trigger=libreoffice/1%3A7.3.1~rc1-0ubuntu3
[10:39] <utkarsh2102> athos: done!
[10:40] <athos> thanks ;)
[11:16] <mirespace> how do you test changes in other architectures? Would it be easier doing a recipe?
[12:08] <ahasenack> good morning
[12:09] <mirespace> hi ahasenack
[12:10] <ahasenack> hi nmir
[12:10] <ahasenack> hi mirespace 
[12:10] <mirespace> :)
[12:37] <ahasenack> hi server guys, I could use reviews on freeradius and samba so I can hopefully upload them before feature freeze tomorrow
[12:41] <athos> ahasenack: I will take freeradius. If nobody takes samba by the time I am done, I will do that one as well
[12:43] <athos> I will just need to step out for an hour or so now to solve some covid booster issues (the government did not enter my data into their system for some reason :/) and will jump right into it ;)
[12:43] <sergiodj> I can take samba
[12:43] <sergiodj> I was planning to take a look at it anyway
[12:45] <ahasenack> thanks athos
[12:45] <ahasenack> thanks sergio
[12:52] <cpaelzer> thanks athos and sergiodj for these fast reviews
[13:08] <ahasenack> athos: sergiodj I'll trade and go over the postgresql prs
[13:09] <sergiodj> ahasenack: thanks
[14:15] <athos> thanks :)
[14:18] <sergiodj> cpaelzer: ahasenack has reviewed and approved my postgresql-13 MRE.  would you like to take a look or can I go ahead and upload it?
=== lotuspsychje_ is now known as lotuspsychje
[14:30] <cpaelzer> sergiodj: I'll have a look after a call I'm in
[14:31] <cpaelzer> sergiodj: not that I expect anything to be wrong, but better look before than complain after
[14:35] <kanashiro> aride, I am not sure what happened but the test script for the HA iSCSI target resources is missing from the main branch in server-test-scripts repo
[14:35] <kanashiro> paride, ^
[14:36] <paride> hmm
[14:36] <paride> let me check
[14:36] <kanashiro> if you check the merge commit here it will not be present in any branch: https://github.com/canonical/server-test-scripts/pull/151
[14:36] <ubottu> Pull 151 in canonical/server-test-scripts "Test iSCSI target resources" [Merged]
[14:37] <kanashiro> I can restore the branch I used to implement this (I removed it after the merge)
[14:42] <paride> kanashiro, just to cross-check, what's the HEAD of the branch where you developed resource_iscsi_target_test.sh? b397eb0f9936eb3db52e138d7884d09e5356de5e ?
[14:43] <kanashiro> paride, yes, that's the commit hash
[14:43] <paride> yes that
[14:44] <paride> kanashiro, OK, I'm not sure of what happened TBH. I have a copy of the branch locally, re-merging it
[14:45] <kanashiro> paride, thanks
[14:46] <paride> kanashiro, done and I retriggered ha-agent-virsh-jammy-resource_iscsi_target to be sure it's all fine
[14:46] <kanashiro> awesome ;)
[14:48] <sergiodj> cpaelzer: ack
[15:01] <paride> kanashiro, test passed, all good
[15:01] <kanashiro> \o/
[15:04] <sergiodj> bryyce: hey, is it OK if I get the openvpn merge?
[15:08] <bryyce> sergiodj, sure
[15:08] <sergiodj> bryyce: thanks
[15:57] <ahasenack> sergiodj: oops, sorry about the d/changelog version mess. I reconstruct the changelog from git commits, but that doesn't have the version, which I have to paste in everytime. This time I missed "some numbers", heh
=== genii-core is now known as genii
[15:58] <sergiodj> ahasenack: np; I saw the right version in the PPA, so I knew that this was just a small hiccup in the merge process
[16:46] <smoser> ahasenack: still appropriate here to request import packages ? i'd like to have dracut imported.
[16:46] <ahasenack> sure
[16:47] <ahasenack> smoser: added to the import queue, I'll let you know when it's done
[16:52] <xnox> athos:  one can specify multiple arches simultaniously?!
[16:53] <xnox> athos:  i used to always generate one click per arch.
[17:04] <ahasenack> wait, what?
[17:04] <ahasenack> autopkgtest retries?
[17:05] <smoser>  /o\
[17:14] <teward> any of the server guys got any good *up to date* guide on how to integrate LDAP / Active Directory access into a server env?  Everything I find has not been updated since 2013, or Canonical whitepapers that're hiding behind a subscribewall...
[17:17] <athos> xnox: yeah, from the results, it just picked up the first param
[17:20] <ahasenack> teward: I wrote something for the ubuntu server guide, would be interested in your opinion/results
[17:20] <teward> ahasenack: link?  'cause Google is failing me hardcore today
[17:20] <teward> (is it sssd driven?)
[17:20] <teward> (just curious)
[17:20] <ahasenack> yes
[17:20] <ahasenack> teward: https://ubuntu.com/server/docs/service-sssd
[17:21] <teward> ahasenack: thanks, i'll let you know.  this may be one of the few times I have to AD integrate the system at FT job, because it's going to be PAM integrated with JupyterHub which can use PAM for authentication >.<
[17:21] <ahasenack> it's also doable with just samba components, sure
[17:21] <ahasenack> if you are planning in using a samba server joined to the domain, then maybe using winbind is best
[17:22] <ahasenack> in any case, we went through some great lenghts to get realmd/adcli updated and in ubuntu main to get that working
[17:22] <ahasenack> but there are many knobs to turn, obviously
[17:22] <ahasenack> the simple case is what is in the guide, maybe a good enough starting point
[17:23] <teward> all we need is the user PAM integration
[17:24] <teward> no shares, etc. in use here :P
[17:24] <ahasenack> so a workstation authenticating against AD?
[17:24] <teward> server authenticating against AD in this case, but ye.
[17:24] <ahasenack> then I would take the sssd approach
[17:24] <teward> yep
[17:24] <teward> that's the plan
[17:24] <ahasenack> it handles sid/uid translation automatically. With winbind you have to pick a range
[17:25] <teward> yeah the only guides I found were pam_ldap nss_ldap (2013 in the WIki), winbind (2015), and i know SSSD is a newer way so i was hunting the docs
[17:25] <ahasenack> just beware if you are doing that inside containers (lxd), because they have a limited uid/gid range, and the range sssd picks is quite high
[17:25] <teward> there USED to be a whitepaper on this with SSSD but i'm lazy :P
[17:25] <teward> ahasenack: how fortunate this is a VM :P
[17:26] <ahasenack> should be fine
[17:26] <teward> but yeah indeed.  i'm waiting on the VMware person to deploy the system then i'll have access, will let you know how my progress goes
[17:27] <ahasenack> sergiodj: I didn't remove the dh_perl override because I wasn't sure if the normal debhelper call included that -a parameter used in the override (dh_perl -a), do you know?
[17:27] <ahasenack> otherwise I'll do a build without the override and see how dh_perl is called
[17:29] <pksato> Hello, I have a issue with php-fpm and email() function, and I not have a current plan on install any replacemente to mail(). Ubuntu 20.04.3 php from ondrej. System email is working as intended.   But mail() don't  nooting, no email, no error, just 'silence'. Any direction?
[17:31] <sergiodj> ahasenack: that "-a" parameter is used for arch-dependent rules, and given that the override is for dh_perl-arch, then yeah, the "-a" should be added automatically
[17:32] <sergiodj> it's a good idea to build the package without it just to confirm, but if it's too much trouble then I'm OK with keeping the override there FWIW
[17:32] <ahasenack> ok
[17:33]  * sergiodj -> lunch
[17:40] <ahasenack> smoser: done https://code.launchpad.net/ubuntu/+source/dracut
[17:40] <ahasenack> (and will be kept up-to-date from now on)
[17:41] <smoser> thank you.
=== MJCD is now known as MJCDzZz
[18:13] <pksato> my issue with php mail() solved. After 'moving' msmtprc to other directory, start showing apparmor error logs. add new dir to apparmor and start sending mail. :P. 
[19:27] <teward> ahasenack: looks like it worked fine, but i have a question on sssd - can you restrict it so only certain AD groups can actually login?
[19:28] <ahasenack> probably, there are many tunables for sssd.conf
[19:28] <ahasenack> also be sure to check the provider-specific manpages, i.e., sssd-ad
[19:50] <sergiodj> OK, vsftpd MP is up, and realmd MP has just been reviewed
[19:51] <sergiodj> now onto investigating what's going on with the grafana snap
=== shokohsc4 is now known as shokohsc
=== Morfeus^ is now known as list
=== list is now known as Morfeus^
[21:05] <utkarsh2102> sergiodj: I'll take vsftpd :)
[21:09] <sergiodj> utkarsh2102: thanks
[22:19] <kilroy> so I thought I set up the GRE tunneling correctly, but they won't talk to one onther 
[22:22] <kilroy> https://0bin.net/paste/JPvpb1RN#8D7HrKppIqCtMFVYzndtAFO-xRBiBEY6SI/YGvSsc/j
[22:33] <sdeziel> kilroy: are you seeing your GRE packets showing in tcpdump on both sides?
[22:33] <kilroy> let me check
[22:36] <kilroy> I think so?
[22:37] <sdeziel> kilroy: `sudo tcpdump -ni any proto gre` should provide a definitive answer
[22:39] <kilroy> no I am not seeing anything
[22:41] <sdeziel> kilroy: can you share the steps you've done to configure both sides?
[22:41] <kilroy> on server 1 ping 10.10.10.2 (server 2)
[22:41] <kilroy> on server 2 ping 10.10.10.1 (server 1)
[22:41] <kilroy> oh config
[22:41] <kilroy> sorry I thought you said capture 
[22:42] <kilroy> I used this https://www.xmodulo.com/create-gre-tunnel-linux.html
[22:43] <sdeziel> kilroy: cool, I just tested with the same reference. My only divergence were: replace gre0 by gre1 (like you) and omit the `local` part as this one is then autofilled by the kernel
[22:44] <kilroy> I only used gre1 because I could not use gre1 and do you want me to remove the gre1 and try with out the local part
[22:44] <sdeziel> kilroy: `permaddr 127.0.0.1` in your paste is something I don't see here
[22:44] <kilroy> yea I don't know were that came from
[22:45] <kilroy> might of been from me testing
[22:45] <sdeziel> kilroy: yeah, you can try leaving the local part out, one less source of possible mistake
[22:45] <kilroy> ok
[22:46] <sdeziel> kilroy: it is only useful if you have multiple IPs locally and want your GRE traffic to come from a specific one
[22:48] <kilroy> I am trying two remote servers
[22:51] <kilroy> I think it is working now
[22:52] <sdeziel> kilroy: cool now if you want to have that tunnel brought up on boot, you might want to put it in Netplan
[22:53] <kilroy> netplan? is that that .yaml file that I never touch because I end up breaking it?
[22:53] <sdeziel> kilroy: here's an example https://termbin.com/ylt2
[22:54] <kilroy> ok thank you so much sdeziel 
[22:54] <sdeziel> kilroy: you are weldome
[22:54] <sdeziel> welcome*
[22:55] <kilroy> now that is working I just need to figure out step 2
[22:55] <sdeziel> kilroy: lastly, the `local: 0.0.0.0` in the above is to please netplan and let the kernel autoselect the right source (same as omitting the local param in your `ip tunnel` command)
[22:56] <kilroy> ah
[22:57] <sdeziel> what's step 2?
[22:58] <kilroy> make it so website traffic goes from server 2 to server 1 with out messing up the current website 
[22:58] <kilroy> make it so website traffic goes from server 2 to server 1 with out messing up the current website on server 2
[23:02] <sdeziel> OK, good luck and pipe up if you run into some problem
[23:23] <kilroy> ok thank you again sdeziel