/srv/irclogs.ubuntu.com/2024/12/09/#ubuntu-devel.txt

RikMills	Skia: could you wake MoM up please?	07:15
Skia	RikMills: done :-)	10:02
RikMills	Skia: ty :)	10:02
Skia	at one point I'll investigate to stop those hangings, but not today :D	10:02
=== matttbe2 is now known as matttbe
ravikant_	hey schopin, you may have some pointers here. there is this change added to busybox 1.37.0 https://git.busybox.net/busybox/commit/?id=40fa8eb998e27529fcd59830eb163b43658f9e81. It makes the build fail with `Support 64bit wide time types (TIME64) [Y/n/?] (NEW) aborted!`. I am looking at https://git.launchpad.net/ubuntu/+source/busybox/tree/scripts/kconfig/conf.c next. if I am missing something obvious, please let me know.	11:44
-ubottu:#ubuntu-devel- Commit 40fa8eb in busybox "build system: Make it possible to build with 64bit time_t"		11:44
schopin	ravikant_: is this from a merge?	11:45
ravikant_	yes	11:45
ravikant_	some more information - debian buil does not have the same issue https://buildd.debian.org/status/logs.php?pkg=busybox&arch=amd64	11:45
ravikant_	`Restart config...` looks sus, hence I am looking at conf.c	11:46
ravikant_	LP build log for referecne https://launchpad.net/~ravi-sharma/+archive/ubuntu/merge-lp2090999-plucky/+build/29375516	11:47
schopin	ravikant_: I don't have any specific insight here, sorry.	12:08
schopin	ravikant_: fwiw building the vanilla Debian package on plucky seems to work fine. Assuming you're using g-u you can maybe isolate the specific bit of delta that triggers the build issue?	12:11
ravikant_	schopin: thanks, that is very useful.	12:12
lvoytek	tsimonq2: Thanks for fixing up cacti and prometheus-mysqlrouter-exporter! That saved me a lot of time debugging. I'll add your prometheus-mysqlrouter-exporter fix to Debian too since I own the package there	13:45
=== arif-ali_ is now known as arif-ali
bdrung	!dmb-ping	16:00
ubottu	bdmurray, bdrung, rbasak, schopin, teward, tsimonq2, utkarsh2102: DMB ping	16:00
schopin	bdrung: I'm confused. I thought it was in an hour?	16:09
bdrung	let me check	16:10
bdrung	the meeting is at 16:00 UTC - we are in winter time in UTC+1	16:11
bdrung	schopin, "date -u" says Mo 9. Dez 16:12:04 UTC 2024	16:12
schopin	OK	16:12
bdrung	!dmb-ping	16:31
ubottu	bdmurray, bdrung, rbasak, schopin, teward, tsimonq2, utkarsh2102: DMB ping	16:31
ahasenack	+1 maintenance: I'm working on backuppc and fence-agents, failures that resulted from /usr/bin/ping losing its privileges	16:36
schopin	ahasenack: this might be solved by the systemd merge.	16:58
ahasenack	schopin: because it has https://salsa.debian.org/systemd-team/systemd/-/commit/f2ddf70604920bc350c4f8aa7b895518d1808e33 ?	16:58
-ubottu:#ubuntu-devel- Commit f2ddf70 in systemd-team/systemd "sysctl: Add file trigger on /usr/lib/sysctl.d to restart systemd-sysctl"		16:58
schopin	Yes.	16:59
ahasenack	in a local container (host: noble), that didn't work	16:59
ahasenack	I couldn't change net.ipv4.ping_group_range	16:59
schopin	ahasenack: what's your runtime?	17:00
ahasenack	6.8.0-49-generic	17:00
schopin	I meant your container runtime :)	17:00
ahasenack	you mean this? lxd 5.21.2-084c8c8 31214 5.21/stable	17:01
schopin	Ugh, I think I've been playing with too many different scenarios and might have confused one terminal for the other.	17:01
schopin	Because it doesn't work for me either even though I could have sworn it used to.	17:02
ahasenack	so could I	17:02
ahasenack	$ sysctl net.ipv4.ping_group_range	17:02
ahasenack	net.ipv4.ping_group_range = 65534 65534	17:02
ahasenack	I get that in a plucky fresh container, host noble	17:02
ahasenack	so let me try to change it	17:02
schopin	I can change it manually.	17:02
ahasenack	root@p:~# echo "0 2147483647" > /proc/sys/net/ipv4/ping_group_range	17:03
ahasenack	-bash: echo: write error: Invalid argument	17:03
ahasenack	is that the right syntax/values?	17:03
schopin	I just use `sysctl net.ipv4.ping_group_range="0 65534"`	17:04
ahasenack	but what is in the sysctl file, in /usr/lib/sysctl.d/50-blabla?	17:04
schopin	-net.ipv4.ping_group_range = 0 2147483647	17:05
schopin	Which wasn't the value the runtime gave me, even after reboot.	17:05
ahasenack	that's what systemd will try to apply, and it will ignore errors	17:06
schopin	ooh, good point.	17:06
schopin	# sysctl net.ipv4.ping_group_range="0 2147483647"	17:06
schopin	sysctl: setting key "net.ipv4.ping_group_range": Invalid argument	17:06
ahasenack	don't you need a -w?	17:07
ahasenack	to write	17:07
ahasenack	but looks like it tried to write anyway	17:07
schopin	"he didn't know it was impossible, so he did it"	17:07
ahasenack	love that quote	17:07
schopin	Me too :)	17:08
schopin	The kernel doesn't seem to like the very big number.	17:08
ahasenack	the 65534 we get back on a fresh container seems to be the real gid, even though we are fetching it from inside the container	17:08
ahasenack	I think the large number there is just falling outside of the gid mapping range we give containers by default	17:08
ahasenack	this worked	17:09
ahasenack	ubuntu@p:~$ sudo sysctl net.ipv4.ping_group_range="0 1000"	17:09
ahasenack	net.ipv4.ping_group_range = 0 1000	17:09
ahasenack	ubuntu@p:~$ ping 1	17:09
ahasenack	PING 1 (0.0.0.1) 56(84) bytes of data.	17:09
ahasenack	I experience a similar problem when I use containers to test active directory joins	17:09
schopin	Yeah, I used 0 65534 and it was fine.	17:09
ahasenack	the gid/uid sssd hands out by default is large, and it falls outside the mapping we setup via /etc/sub{gid,uid}	17:10
ahasenack	but this all means that the new systemd won't be able to apply the new range from within containers	17:10
ahasenack	so the fix won't work	17:10
schopin	do we need the range to be that big?	17:12
schopin	If I understand correctly it's the container's gid that is taken into account by the kernel.	17:13
schopin	Otherwise we wouldn't be able to use ping with "0 1000"	17:13
* ahasenack tries 999		17:14
ahasenack	hm, worked for my 1000 uid (inside container)	17:14
schopin	wtf?	17:14
ahasenack	https://pastebin.ubuntu.com/p/3bWYT8pNqJ/	17:15
ahasenack	so the host has a wide range, 0 - 2^31-1	17:15
ahasenack	to the host, the container is uid 1001000	17:15
ahasenack	(seen from ps aux from the host)	17:16
schopin	gotcha, but how come it didn't work at first then?	17:16
ahasenack	but the container has 0-999	17:16
ahasenack	is this namespaced somehow? This setting?	17:16
ahasenack	and	17:17
ahasenack	ubuntu@p:~$ sudo getcap /usr/bin/ping	17:17
ahasenack	ubuntu@p:~$	17:17
ahasenack	so definitely no capabilities	17:17
ahasenack	ok, this is weird	17:17
schopin	I have to run, would you mind dumping whatever you find at https://bugs.launchpad.net/ubuntu/+source/iputils/+bug/2089938 ?	17:17
-ubottu:#ubuntu-devel- Launchpad bug 2089938 in iputils (Ubuntu) "iputils 3:20240905-1 doesn't work for unprivileged users" [Undecided, New]		17:17
ahasenack	"0 1"ah	17:17
ahasenack	ah	17:17
ahasenack	supplementary groups	17:17
ahasenack	uid=1000(ubuntu) gid=1000(ubuntu) groups=1000(ubuntu),4(adm),24(cdrom),27(sudo),30(dip),104(lxd)	17:18
ahasenack	\	17:18
ahasenack	starting with 4 :)	17:18
tsimonq2	lvoytek: You're welcome! Happy to help, and it saves a step for prometheus-mysqlrouter-exporter :)	19:41
tsimonq2	lvoytek: The tl;dr is that cacti wasn't importing its initial database schemas correctly because of an error at the very top of its main SQL file, and prometheus-mysqlrouter-exporter needed a fixed config (should probably look at keeping that somewhat aligned with the default; I'll admit that I have no idea what the option I added does... but it works!)	19:42
tsimonq2	\o/ mysql-8.4 is migrating (cc RikMills )	19:44
RikMills	:D	19:46
lvoytek	:D	19:48

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!