/srv/irclogs.ubuntu.com/2018/12/14/#ubuntu.txt

plujon	VBoxManage guestcontrol $guest stat /bin/sh # hangs for me using 5.2.18_Ubuntur123745 on host and guest additions 5.2.18_KernelUbuntu r123745	00:20
plujon	VBoxManage guestcontrol $guest stat /bin/sh # does not hang when using 5.2.22 direct from Oracle.	00:28
Jerbot	anyone about?	00:34
Jerbot	I added new nvidia drivers to 18.04 and reset. after resetting the pc, I tried to log in...	00:34
Jerbot	The screen blinks and then goes back to login.	00:34
cognition___	is automatic upgrade of packages turned ON in this configuration:	00:42
cognition___	https://pastebin.com/0SEgvsBj	00:43
Jerbot	upgrade =/= update	00:46
OerHeks	20auto-upgrades and 50unattended-upgrades are responcible for that	00:47
cognition___	k, I am wondering if packages like, apache2/mariadb/redis will get upgraded	00:47
mutante	cognition___: no, it's downloading the lastest list of packages and even downloads the packages, but it stops short of installing them it looks. seems reasonable if somebody wants to keep control _when_ it happens but automate it partially	00:48
cognition___	OerHeks: theres no 50unattended-upgrades	00:50
OerHeks	hmm maybe part of livepatch, not sure	00:51
cognition___	https://pastebin.com/Jt2XieCK	00:52
cognition___	mutante: TY	00:52
cognition___	OerHeks: It is zenial 16.04.3 LTS	00:56
cognition___	xenial	00:56
OerHeks	so yes, "1" means enabled	01:00
CoreyW	`curl -v fake.url` is routing back to our network router. any ideas how to fix? this happens for any unknown hosts. so when I would normally get "server not found" errors in Chrome/Firefox, I just get our local web server trying to serve the request.	01:13
tomreyn	CoreyW: dont make your resolver respond (incorrectly) with the routers' ip address instead of NX, or switch to a resolver which works correctly.	01:16
CoreyW	tomreyn: i dont know what any of that means, aha. is that something i do on my local machine or at router level?	01:16
CoreyW	i assume my machine bc the windows machines dont have this issue	01:17
tomreyn	CoreyW: it's not a default configuration, so it is something the administrator of your computer, your network or your ISP setup.	01:19
CoreyW	tomreyn: no one has touched the computer except myself, and i just did a normal installation of ubuntu	01:20
CoreyW	`systemd-resolve --status` shows on last line `DNS Domain: ourdomain.com`, so that must be the culprit	01:21
CoreyW	not sure how to fix though	01:21
brandonkal	How can I get git to track symbolic links? It seems to be hit and miss. Thanks.	01:22
tomreyn	CoreyW: "ourdomain.com" sounds like you may have copied and pasted instructions from a tutorial, and missed to replace this by your actuual domain name.	01:23
CoreyW	tomreyn: that was just an example. it actually is our domain there	01:23
CoreyW	sorry for confusion	01:23
CoreyW	resolv.conf also has `search ourdomain.com`	01:24
tomreyn	CoreyW: this search domain is probably sent by your router upon dhcp and inherited by your ubuntu system.	01:25
CoreyW	tomreyn: ah okay. so is it okay to override that on my machine? or should i modify the router setup?	01:25
CoreyW	not sure if dhcp will overwrite my changes or not	01:26
tomreyn	CoreyW: in other words: if you don't like those lookups you should either reconfigure the router not to send it to this or all of your systems or reconfugre your ubuntu system to ignore this information received as part of the dhcp response.	01:26
CoreyW	is reconfiguring my ubuntu simple enough? i dont want to mess with router if possible.	01:27
tomreyn	if it is plain wrong and you manage the network / router then you should 'mess with the router'.	01:28
iosecure	CoreyW: That sounds like a common ISP move where they'll intercept DNS requests for invalid domains and direct them to an ISP landing page, either on the router, or elsewhere.	01:28
CoreyW	okay i will have my boss contact our ISP and see if they can get it sorted out	01:29
CoreyW	iosecure: sounds very likely	01:29
CoreyW	iosecure: in this case though its just sending it back to us, which is weird	01:29
CoreyW	thanks tomreyn	01:32
tomreyn	CoreyW: you can have the isp change it, thats good, but if this is a company environment you should also configure these values on the router yourself properly, and (beforehand) understand what they do. if you dont want to do it on the router but on the clients, it's a matter of configuring 'supersede domain-name ""' and 'supersede domain-search ""' in /etc/dhcp/dhclient.conf	01:32
CoreyW	okay. im not a network guy, but i will look into that. appreciate the information!	01:33
tomreyn	if you dont have a network guy / gal, then either have $boss hire one, teach it yourself (have your $boss have someone teach you) or find an isp which doesn't provide you with such intentionally-misconfigured-for-profit-maximization gear / network configurations.	01:36
CoreyW	tomreyn: dang, my boss just said we cant configure our router because its managed by our ISP	01:36
CoreyW	lol	01:37
fishcooker	how to calc the disk the ubuntu got when we do apt autoremove? https://bpaste.net/show/9ae148c73d0e afaik we only know only disk space needed	01:37
iosecure	CoreyW: If it were me, I'd set up a DHCP and DNS server internally, and bypass the router for those functions.	01:40
iosecure	But that's me.	01:40
tomreyn	CoreyW: so that's a small office / home office setup, not unusual. have the isp fix it and tell them you dont approve their default configurations which cause mistyped domain names and non found domain names to be sent over the (Internet) wire, in what is a non default configuration.	01:40
tomreyn	CoreyW: i'm the same as iosecure there	01:40
tomreyn	fishcooker: it will say once you actually do the autoremove	01:42
=== daniel is now known as Guest29493
=== capella\|away is now known as capella
CoreyW	iosecure: after talking more, we do have DHCP server setup here.	01:47
iosecure	CoreyW: Is it on that router?	01:47
OerHeks	apt-get dist-upgrade --dry-run #might tell?	01:47
tomreyn	brandonkal: try asking in #git if you haven't. this matches my observations: https://stackoverflow.com/questions/954560/how-does-git-handle-symbolic-links	01:47
CoreyW	tomreyn: there is line `option domain-name "ourdomain.com";` that i just commented out to see if it works. restarting dhcp service, but not sure if that resets active leases or not	01:48
CoreyW	iosecure: on that router? all i know is our router is setup to go to our local server, which has dhcp server running	01:48
tomreyn	CoreyW: it won't, since this is initiated by the clients.	01:48
CoreyW	ok. is there way to reset my machine?	01:49
tomreyn	CoreyW: actually, it will reset the leases, most likely, but the clients will have to request new ones to catch up on the new configuration	01:49
tomreyn	new ones /renewal	01:49
tomreyn	which they will do after half the lease time	01:49
brandonkal	Thanks tomreyn	01:50
CoreyW	sorry, not sure what that means	01:50
CoreyW	boss mentioned i could just take a static IP and then it prob won't be issue. but still would be nice to fix while im here	01:50
tomreyn	CoreyW: either wait or reboot the router (temporarily disconnecting all users and their connections) or restart the dhcp clients on all computers, or a combination of these.	01:52
CoreyW	ok thanks	01:54
tomreyn	CoreyW: if you use network-manager (default on ubuntu desktops), you can "systemctl restart network-manager", this shoould also restart the dhcp client or get you a new lease anyways.	01:55
tomreyn	or just use the gui to disconnect from, then reconnect to the network.	01:55
brandonkal	tomreyn, that helps. I also found: `ln -s new-file ./gitignored/file` works with git but `ln -s new-file gitignored/file` only works on the system but not in git	01:57
tomreyn	that's interesting, news to me.	01:58
CoreyW	tomreyn: i did restart network-manager after `systemctl restart dhcpd` and `system restart network` on the server for good measure. didn't seem to help commenting out the "option domain-name" line.	02:01
CoreyW	maybe its something else in our config	02:01
iosecure	Changing that domain name will not affect the function of the router in intercepting DNS queries.	02:02
CoreyW	what should i change then?	02:02
iosecure	The router's configuration, or stand up your own forwarding resolver that refers to an external DNS service that doesn't do that crap.	02:02
iosecure	As long as you're going to that router or your ISP for DNS, this will continue to occur.	02:03
CoreyW	iosecure: so youre saying it is something above our dhcp server and actually a router configuration then?	02:03
CoreyW	because i see DNS information on our DHCP server settings, it has a couple of our IPs and then 8.8.8.8 and 8.8.4.4	02:03
iosecure	Are any of those "couple of our IPs" the router itself?	02:04
iosecure	And handing an external DNS server, like 8.8.8.8/8.8.4.4, directly to clients is a bad idea.	02:04
iosecure	Clients should -always- use internal DNS, or -always- use external DNS.	02:04
CoreyW	"our IPs" may be wrong actually, they look similar to ours, but they are probably just our ISPs ips. but no, one of them is not the router	02:04
tomreyn	so the DHCP server you run is separate from the (potential, and likely existing) DHCP server on the router?	02:05
CoreyW	at least as far as i know its not the same ip	02:05
iosecure	Mixing the two will almost always lead to inconsistent behavior.	02:05
CoreyW	tomreyn: possibly.	02:05
CoreyW	best i do just consult with our ISP then.	02:05
tomreyn	CoreyW: which single system works as a DHCP server for your network is what you need out first. if it's two, kill one.	02:05
tomreyn	* nneed to find out	02:06
tomreyn	you almost never want more than one	02:06
CoreyW	tomreyn: i can view the active leases for our local DHCP server, and it shows my machine there. if that means anything	02:07
tomreyn	CoreyW: you said you (company) run your own DHCP server. whoever stated this should know where it runs. alternatively you could analyze DHCP reponses sent on the network (as a result of DHCP requests), or, simpler, switch off the router for a while (cutting everyone off the network) and see if you can still get a dhcp lease (i.e. an IP address assigned via DHCP) at the time. if that happens, you have a separate (and probably two, one in addition	02:10
tomreyn	to the router, DHCP servers which is a very bad configuration for a small company network).	02:10
tomreyn	cognition___: 16.04.3 is much outdated, 16.04.5 is current.	02:12
tomreyn	(so apparently updates ar eindeed not applied automatically, and even then you'd still need to reboot for kernel patches to be applied)	02:13
tomreyn	Jerbot: you should probably diuscuss what you mean by "I added new nvidia drivers", i.e. how you added those.	02:15
Jerbot	tomreyn I already reformatted.	02:15
TheCowboy	Is the Deja Dup app automatically backing up data to a remote server by default?	02:15
Jerbot	tomreyn What I'm trying to do is verify that my os uses the dedicated gpu when necessary.	02:16
erts	Hi! I'm trying to install Ubuntu and Elementary side by side on different partitions of the same SSD, and I would like to have a different UEFI entry for each of the systems, however both get named "ubuntu" on the UEFI bootloader. I've tried several ways to rename them but no luck. Does anybody know the right way to rename the UEFI label of an Ubuntu based distro? Thanks!!	02:16
Jerbot	tomreyn installing the driver was difficult. I added the nvidia graphics repository with some ppa command then updated then did apt install nvidia-driver-default and was shown the error E: dependencies required but not met. The nvidia-415 driver was the dependency, and it also had a dependency. So, traced the dependencies down installed them all and finally nvidia-driver-default worked....	02:18
TheCowboy	I think I figured it out, looks like the answer is No	02:18
Jerbot	Then I restarted my computer and got the "login loop" issue. Typing the correct password sends you back to the login screen.	02:18
* Jerbot breathes		02:18
tomreyn	Jerbot: i have no current first hand experience but i think the proprietary nvidia drivers provide some kind of gui to configure which applications (based on executable name) to run through the dedicated gpu. one of them could be glxinfo.	02:18
Jerbot	tomreyn I'm going to try that. Ijust don't understand why nvidia's driver-managing gui doesn't allow me to force dedicated.	02:19
CoreyW	tomreyn: i just talked to ISP, they said they have no DHCP servers running or anything special.	02:19
CoreyW	so it must be our server.	02:20
epicmetal	erts: efibootmgr probably	02:20
CoreyW	thats all the help they could offer	02:20
tomreyn	Jerbot: i'm really the wrong person to give advice regarding nvidia, i don't use it - sorry for responding at all. i hope someone else can help.	02:20
Jerbot	tomreyn Chatting about stuff helps, man. I'd rather talk to someone unknowing than nobody at all. Thanks for contributing.	02:21
erts	epicmetal: I tried using that to re-create the entry with a different name, but it doesn't work..still looks for an ubuntu directory	02:21
CoreyW	looking over our dhcpd.conf, only place i see "ourdomain.com" is on that one line. so idk where else it would be coming from	02:22
CoreyW	it has "option routers 192.168.2.1" which is our router. but i assume that is normal	02:23
CoreyW	which apparently our server is our router though, according to said boss	02:23
mutante	CoreyW: a Linux server can also be a router by flipping one switch basically	02:24
mutante	so that's possible	02:24
CoreyW	makes sense then. so something on our server/router is causing our ubuntu machines connected to it to pass unresolved requests back to itself	02:25
CoreyW	resolution is set to Hosts file > DNS > Local hostname. might that be the issue?	02:27
CoreyW	oh shoot, nvm. i see Search domains now.	02:27
mutante	CoreyW: is there "search" in /etc/resolv.conf ?	02:28
mutante	what is the issue again? i did not follow this from the start	02:29
CoreyW	yes there is	02:29
CoreyW	issue was our ubuntu machines, going to `fake.url` in browser/curl results in request made to our server/router	02:29
CoreyW	instead of 'server not found' error	02:29
mutante	CoreyW: the second part to that is /etc/nsswitch.conf it decides where names are looked up, can be "files" /etc/hosts/ or "dns" or both	02:30
CoreyW	resolve.conf has a `search ourdomain.com` line, and it says `Generated by NetworkManager` at top	02:30
mutante	CoreyW: when you say "request", do you mean the DNS lookup ?	02:31
mutante	i mean it first has to try before it knows that it is "not found"	02:31
mutante	and probably you have your DNS server set as your router	02:32
mutante	for caching	02:32
CoreyW	yes sounds right. i just mean though if i make an http request to a nonexistant domain, it ends up back at our router IP	02:32
mutante	or do you mean sometihng else, like a captive portal	02:33
mutante	where you get an actual HTML page that is on the router	02:33
CoreyW	yeah	02:33
tomreyn	CoreyW: if you want to check whether you have multiple DHCP servers on your LAN and using nmap is an option and you have it installed already, you can run this and see if you receive more than one response (i.e. if it says something other than "Response 1 of 1" you have a rogue DHCP server and need to fix this first): sudo nmap --script broadcast-dhcp-discover -e eth0	02:33
mutante	oh yea, i think this brings us back to "open a ticket with the ISP"	02:33
mutante	yea, i wanted to say that too. see here http://ask.xmodulo.com/monitor-dhcp-traffic-command-line-linux.html	02:34
mutante	how to check for DHCP traffic , where it really comes from	02:34
CoreyW	mutante: i just called them and they made it sound like they had no control over anything like that	02:34
mutante	CoreyW: ask them how _you_ can get access to it then. everything needs some admin, heh	02:34
mutante	since the boss claimed they manage it	02:35
tomreyn	CoreyW: oops, had a typo there, here's the right commands: MAINIF=$(ip -o route list default \| cut -d' ' -f5); echo "Main interface: $MAINIF"; sudo nmap --script broadcast-dhcp-discover -e $MAINIF	02:35
CoreyW	mutante: he said they manage the router, but they said all the router was doing is passing to our server. idk. this stuff is over my head mostly.	02:35
CoreyW	tomreyn: ok i'll try that.... after editing resolv.conf, it is overwritten by networkmanager and adds the search domain back in	02:35
mutante	CoreyW: ok, try to run the "sniffing" tool (tcpdump) to find out if they are saying the truth or not	02:36
CoreyW	how is that happening?	02:36
cryptodan_mobile	One should ask permission before running tools like nmap or tcpdump	02:36
omry	What could be adding things to the path of a non login bash shell except ~/.bashrc and /etc/bash.bashrc?	02:36
=== DrWatson_ is now known as DrWatson
tomreyn	CoreyW: not to insult you, maybe you should question why you are tasked with network management stuff if your boss seem to know well about it and you don't.	02:37
mutante	CoreyW: i dont think it's the search domain, unless you get "fake.url.yourdomain.com" in the browser	02:37
forgotmynick	i'm trying to install ubuntu server 18.04.1 and i'm on the screen that shows which interface i want to use as the default. if i switch to another tty how can i get the interfaces/ip addresses? ifconfig doesn't work	02:37
CoreyW	mutante: okay. no the url remains fake.url in browser.	02:38
mutante	forgotmynick: "ip" replaced "ifconfig"	02:38
CoreyW	tomreyn: youre right, hes just not concerned as i am	02:38
mutante	forgotmynick: try "ip a s"	02:38
CoreyW	tomreyn: nmap shows "Nmap done: 0 IP addresses (O hosts up)	02:39
forgotmynick	thank you	02:39
CoreyW	it showed on IP offered	02:39
CoreyW	what tcpdump command do i run?	02:39
mutante	CoreyW: it was in the link above	02:40
mutante	in method 1	02:40
cryptodan_mobile	CoreyW: I would ask permission prior to running tools like nmap or tcpdump	02:41
tomreyn	CoreyW: is there no output about "broadcast-dhcp-discover" from nmap?	02:41
CoreyW	tomreyn: yes it showed a few lines. what line has meaning?	02:42
tomreyn	cryptodan_mobile: you havbe a point, but this very command i provided only does what a dhcp client does, send a broadcast request and see whats returned.	02:42
epicmetal	erts: maybe just copy the EFI app to the default path	02:42
epicmetal	erts: EFI\BOOT\BOOTX64.EFI	02:43
CoreyW	tomreyn: https://pastebin.com/5JsW8wQA	02:43
tomreyn	CoreyW: quopting myself: if it says something other than "Response 1 of 1" you have a rogue DHCP server and need to fix this first	02:43
epicmetal	erts: where "EFI\" is a directory in the root of your ESP	02:43
tomreyn	CoreyW: oh you run an older nmap than myself, it doesn't say it in this version, but you seem to only have this one dhcp server there.	02:44
CoreyW	tomreyn: okay cool	02:44
CoreyW	so if search domain isnt the issue, i wonder what would be	02:45
tomreyn	CoreyW: so no rogue dhcp servers. line 12 lists the resolvers (Domain Name Servers) returened by your DHCP server. i don't think the google ones (#3 and #4) would return those fake responses., so it's probably either #1 or #2	02:46
CoreyW	tomreyn: those look like our ISPs IP addresses. but they claim to not be doing it.	02:46
cryptodan_mobile	CoreyW: you maybe appending your domain to URLs maybe	02:47
CoreyW	so basically its not even trying googles dns youre saying?	02:47
CoreyW	cryptodan_mobile: huh?	02:47
CoreyW	will the tcpdump be useful or was that just to check for double dhcp server?	02:48
cryptodan_mobile	CoreyW: https://askubuntu.com/a/473932	02:51
CoreyW	cryptodan_mobile: on no, i dont have that line in there	02:52
tomreyn	CoreyW: your computers will use the resolvers provided in the order they are provided, so usually the first of them and only failover to the next if the first one fails to respond entirely.	02:52
CoreyW	tomreyn: i see. so you think that the first DNS server can't find the URL, and responds by sending back our IP?	02:53
tomreyn	CoreyW: i think it's likely that the first DNS server can't find the host name you asked for ("fake.url"), then your client asks it about fake.url.$YOURDOMAIN instead and the first resolver either correctly or incorrectly responds with your routers WAN ip address.	02:56
=== mnemonic is now known as semeion
CoreyW	tomreyn: hmm.. lookin in nsswitch.conf i see `hosts: files dns myhostname`	02:56
CoreyW	literally `myhostname`	02:56
CoreyW	and the hosts file has several entries for the local and public IP of our router/server	02:58
tomreyn	CoreyW: you want to configure your DHCP server to send the dns domain-name	02:58
tomreyn	CoreyW: you want to configure your DHCP server NOT to send the dns domain-name	02:58
tomreyn	^ this	02:58
tomreyn	or maybe you want it to send a diferent domain name, one which you manage for internal DNS lookups only. but then you wouldn't know how and explaining this now takes more time than i'm willing to spend.	03:00
CoreyW	tomreyn: haha i know, and youve been super patient.	03:00
tomreyn	so the easier option is to not have it send the domain name	03:00
CoreyW	where do i set that option?	03:00
tomreyn	on the dhcp server	03:00
CoreyW	right but how?	03:01
tomreyn	the much less manageable option is to se all clients to supersede the domain-name option by the empty string	03:01
pi0	is there a web browser anitivirus	03:01
pi0	for website protection	03:01
tomreyn	CoreyW: which dhcp server do you run there?	03:02
mutante	pi0: https://en.wikipedia.org/wiki/NoScript	03:03
tomreyn	CoreyW: do you want to fix this just for yourself or for the entire organization?	03:03
CoreyW	ISC DHCPd version 4.2.5	03:03
CoreyW	entire org would be great	03:04
tomreyn	CoreyW: do folks at work usually enter things like "www" in their web browsers and expect to end up on your website?	03:04
CoreyW	tomreyn: just www by itself? no	03:05
tomreyn	or "ftp" to end up on your ftp server or similar	03:05
CoreyW	no	03:05
pi0	thank you	03:05
pi0	installing it now	03:05
pi0	how do i tweak my laptop monitor to set the settings higher	03:06
pi0	not enough to squint lol but just to have the apps navigatable	03:06
tomreyn	CoreyW: ok, then check your dhcp server's configuration files (main configuration file and zone files) for "option domain-name"	03:07
CoreyW	tomreyn: yes, its set to "emrl.com"	03:07
tomreyn	CoreyW: so comment it out or set it to the empty string, then reload the dhcp server. then clear your local dns cache and try fake.url again	03:08
CoreyW	tomreyn: i did that earlier with no luck. can try again though to make sure all is reset	03:09
mutante	pi0: for me it's System -> Preferences -> Hardware -> Displays but it depends what desktop environment you are using	03:09
CoreyW	tomreyn: restart dhcp server with `systemctl restart dhcpd` should do it yes?	03:10
tomreyn	CoreyW: be sure to know how to revert this configuration change, since this can have side effects on how your collecgues need to / expect to be able to work. as indicated above ("short names to access your website, ftp server etc. weill no longer work, people and systems need to always use the fully qualified domain name to access resources hosted on your WAN IP address).	03:11
tomreyn	CoreyW: yes, this should do it if this is a system using systemd	03:11
CoreyW	thats fine. we dont do anyting like that hear... and by local DNS cache, do you mean at my local ubuntu machine level? or browser level? DHCP server level?	03:11
CoreyW	do i need to renew lease?	03:12
tomreyn	on your client you need to: systemd-resolve --flush-caches	03:12
tomreyn	clent = your local ubuntu machine	03:12
tomreyn	...that's if it uses systemd-resolved	03:12
CoreyW	its standard 18.04 ubuntu so i assume	03:13
tomreyn	yes it does then	03:13
CoreyW	hey it worked this time! last time I just hadnt cleared the dns cache	03:13
tomreyn	ok, problem solved. it's indeed not your ISPs fault, just your org's	03:14
CoreyW	perfect! i don't know who set that before or why but i'm glad its gone now	03:14
Geo	Is there a super simple GUI analog to 'notepad' in ubuntu?	03:18
Geo	something that pops open in 1 second, just to scrawl a note real quick?	03:19
CoreyW	tomreyn: thanks very much for sticking with me. appreciate it.	03:19
CoreyW	and others as well!	03:19
mutante	Geo: try "pluma"	03:20
Bashing-om	Geo: There is namo for quickies .	03:20
sam_wong	I have trouble using the RPM command on Ubuntu 18.04. Is the command only suitable for Redhat?	03:20
mutante	Geo: also "atom" is cool but that's much more powerful	03:20
Kumool	mutante: did you seriously just suggest atom as a simple "notepad" clone?	03:21
mutante	sam_wong: yes, rpm is for redhat only, the r is for redhat	03:21
mutante	sam_wong: well and anything based on redhat, like centos, fedora, mandrake..	03:22
Geo	Bashing-om: is that namo or nano?	03:22
sam_wong	mutante: ok, thanks	03:22
tomreyn	CoreyW: for the general approach in an organization environment: it's common to have the company LAN's DHCP server return your company LAN's resolvers as DNS servers to DHCP clients, as well as a domain-name or domain-search option value of "emrl.corp" (or similar), which can't be resolved on the internet's and ISP's resolvers. then you have your own LAN-only DNS server at the location the DHCP server points your clients to, which manages the	03:22
tomreyn	"emrl.corp" zone, and allows you to point anyone on your office LAN requesting resources such as "mailserver" to "mailserver.emrl.corp", and that to your actual LAN mailserver.	03:22
Geo	sam_wong: apt is the command you're looking for on ubuntu	03:22
mutante	sam_wong: there is a package called "alien" to convert rpm to deb but first try other solutions	03:22
Bashing-om	Geo: Sorry ,, typo . nano .	03:22
sam_wong	mutante: ok	03:22
Kumool	Geo: leafpad is by far the simplest text editor/notepad looking clone	03:23
Geo	Bashing-om: no worries, wasn't sure if that was some new fork or something :P	03:23
CoreyW	tomreyn: i see. still, never seeing a "server not found" message for anything is weird isn't it?	03:23
Geo	ok, thanks all. I'll take a look at thiese	03:24
mutante	sam_wong: apt-get install <package> is the oldschool way on Debian-based distributions. Ubuntu is one of them. The more modern one is apt or aptitude	03:24
tomreyn	CoreyW: it should happen now, does it not?	03:24
Kumool	nano is not GUI Bashing-om	03:24
Bashing-om	Geo: :) .. yeah never can tell .. thinks progress so quickly.	03:24
mutante	sam_wong: or if you have a local file, dpkg -i package.deb	03:24
CoreyW	tomreyn: it does. but you were saying some orgs can type "mailserver" as shortcut, but if "mailserver" does not exist, shouldn't they still see a "server not found" page?	03:24
CoreyW	or would they expect to see their orgs page?	03:24
Bashing-om	Kumool: I do stand corrected .	03:25
sam_wong	mutante: I have to download another file with a "deb" ending, right?	03:26
mutante	sam_wong: the best optioon is you use the "apt" commands to do both for you, download AND install	03:27
mutante	sam_wong: only if that is not possible, go to option b to download a .deb manually	03:27
tomreyn	CoreyW: depends. some companies have internal-only resources, just as a local file sharing server which is to be only available form your lan. and then you don'T want to make everyone type "files.mydomain.com" in their web browsers (or whatever client application) every time they want to access it, but just "files". that's what the 'dns-search' and 'dns-domain' option are usually used for.	03:27
CoreyW	tomreyn: right i get that. but with that setup, what if someone typed "filse" (wrong spelling), what would happen?	03:28
sam_wong	mutante: the first option seems easier	03:28
mutante	sam_wong: what are you looking for specifically? you can search with apt-cache search or look on https://packages.ubuntu.com/ then all you need to know is the package name itself, not an URL	03:29
Kumool	Bashing-om: I think your full stops are not stopping well .	03:30
sam_wong	mutante: I am looking for Arduino IDE	03:31
tomreyn	CoreyW: first, clients will make a dns lookup against "filse.", which won't exist (resolver returns "NX domain"), then against "filse.emrl.corp." which your local DNS server will then repond to with what you configured it to respond to, if anything (if nothing is configued it will also respond with "NX domain" and the client software will return a DNS error)	03:31
mutante	sam_wong: "arduino - AVR development board IDE and built-in libraries	03:32
mutante	sam_wong: so that means try "apt-install arduino" and that should do it all	03:32
CoreyW	okay so i could have left the domain setting and configured something else to respond better basically?	03:32
CoreyW	im fine with the empty domain setting, but just for sake of understanding	03:32
mutante	sam_wong: sorry, either "apt-get install arduino" or "apt install arduino" , my bad	03:33
CoreyW	i gotta take off now anyways though. thanks again.	03:33
sam_wong	mutante: I am trying "sudo apt-get install arduino" and it seems to work fine	03:33
mutante	sam_wong: cool, looks good	03:33
tomreyn	CoreyW: if you would like to drive your company's network to this next level you really should have your boss send you to training though.	03:33
sam_wong	mutante: the program has been successfully installed. thanks a lot	03:34
mutante	sam_wong: you're welcome. i recommend you to always use apt-get instead of downloading manual software unless there really is none	03:35
mutante	sam_wong: that way it will stay more stable and should have no issues with dependencies	03:35
tomreyn	CoreyW: the way things were was not a good configuration, it effrectively leaked your employees DNS requests for non existing hostnames to the ISP, which is not needed and should not happen. as a company, you should always run a local DNS server for all requests from your employees (something you do not do, yet).	03:35
sam_wong	mutante: yes, you are very much helpful	03:36
CoreyW	tomreyn: yeah that would be cool.	03:36
CoreyW	or at least hire someone who knows what theyre doing more so	03:36
doge-doge	anyone here run a multihead display and use the nvidia driver? i'm having some issues apparently that xorg doesn't like...	05:04
fishcooker	noted OerHeks + tomreyn	05:05
jmazaredo	having issue when installing ubuntu server on hardware raid Intel® C246 controller. When it reaches the partition/disk stage it show 2 disk instead of hardware raid 1 then if i continue	05:29
jmazaredo	ubuntu 18.10 server	05:30
guiverc_d	jmazaredo, i have no idea, but I'd assume it was your intelc246 setup (in error), whenever I've used hardware-raid the OS only sees single-disk (without play to get past raid for smartctl diags purposes etc)	05:42
jmazaredo	I tried using other distro like centos7 only shows 1 disk	05:47
jmazaredo	actually i removed the centos7 to install ubuntu	05:48
jmazaredo	i will test the ubuntu desktop to see if same issue occurs	05:48
jmazaredo	curtain command install preparing for installation configuring storage running 'curtain block-meta custom' curtain command block-meta removing previous storage devices	06:00
guiverc_d	jmazaredo, you could ask on #ubuntu-server ; I recall there are multiple images of server, some/one I believe have less hardware-modules (drivers) on it but I don't recall details..	06:10
jmazaredo	ok im trying now the old iso anyway thanks!	06:17
jmazaredo	guiverc_d, i tried 16.04 and works just fine :D	06:23
BrickedInTheHead	Hey. Is there any point trying to upgrade lte release	07:13
lotuspsychje	BrickedInTheHead: wich is your current release?	07:14
BrickedInTheHead	16.04	07:16
lotuspsychje	!ltsupgrade \| BrickedInTheHead	07:16
ubottu	BrickedInTheHead: Upgrade from 16.04 to 18.04.1 is now available, if you do not receive the upgrade window try update-manager -c	07:16
lotuspsychje	BrickedInTheHead: you can choose yourself what to do, stay on 16.04 or move to 18.04	07:16
lotuspsychje	BrickedInTheHead: is that what you were hoping to hear?	07:20
BrickedInTheHead	Yes. Next trying for bluetooth audio	07:26
lotuspsychje	!details \| BrickedInTheHead if you need more help	07:28
ubottu	BrickedInTheHead if you need more help: Please elaborate; your question or issue may not seem clear or detailed enough for people to help you. Please give more detailed information; for example, we might need errors, steps, relevant configuration files, Ubuntu version, and hardware information. Use a !pastebin to avoid flooding the channel.	07:28
=== SP6NKW is now known as nikow
Schnabeltierchen	Dieser Kanal wurde in einen privaten Kanal umgewandelt.	08:28
lotuspsychje	!de \| Schnabeltierchen	08:31
ubottu	Schnabeltierchen: In den meisten Ubuntu-Kanälen wird nur Englisch gesprochen. Für deutschsprachige Hilfe besuche bitte #ubuntu-de, #kubuntu-de, #edubuntu-de oder #ubuntu-at. Einfach "/join #ubuntu-de" eingeben. Danke für Dein Verständnis!	08:31
Schnabeltierchen	sorry lotus, it was an automated message from my irc-relay...	08:32
=== capella is now known as capella\|away
sentiment	hello	08:45
sentiment	So I finally reinstalled 18.04 using a new image	08:46
sentiment	everything looks good except the mp3s	08:46
sentiment	stil can't get it to work	08:46
lotuspsychje	sentiment: whats wrong	08:46
sentiment	I have installed restricted extras and gstreamer stuff too	08:46
sentiment	neither banshee nor rhythmbox play mp3	08:47
sentiment	both raise an error	08:47
sentiment	I am freakin at my wits end with this	08:47
lotuspsychje	sentiment: did you try vlc or smplayer?	08:47
sentiment	it's a new installation and still doesn't work	08:47
sentiment	lotuspsychje: vlc worked in the previous installation	08:47
lotuspsychje	sentiment: wich error do you get?	08:48
sentiment	this is the exact same problem that happened in the prev installation	08:48
sentiment	vlc works, others don	08:48
sentiment	t	08:48
sentiment	GStreamer-CRITICAL **: 12:18:44.455: gst_object_unref: assertion 'object != NULL' failed	08:48
sentiment	I reinstalled 18.04 into the root directory	08:49
sentiment	but did't touch the /home directory	08:49
sentiment	so I suppose I did the right thing	08:49
sentiment	yet, this kind of crap makes me doubt that	08:49
sentiment	GStreamer-CRITICAL **: 12:18:44.111: gst_bin_add: assertion 'GST_IS_ELEMENT (element)' failed	08:50
lotuspsychje	sentiment: if you reinstall ontop of your /home you also keep all the previous configs	08:50
sentiment	I know, but what kind of 'personal' config can mess up such a basic functionality?	08:50
sentiment	is there no separation of concern in this OS?	08:51
sentiment	I formatted the root partition, and that is what should matter as far playing mp3 is concerned, because it's a system function	08:51
sentiment	what do you think I can do to make it work besides booting into Windows as I have done in the last two weeks?	08:52
lotuspsychje	sentiment: to test this, you could try booting a liveusb and see if you can play mp3 by default to compare with your current install	08:53
lotuspsychje	sentiment: is your system up to date also?	08:54
sentiment	lotuspsychje: how can I install coreelements?	08:55
sentiment	it seems to be related	08:55
sentiment	https://forums.freebsd.org/threads/gstreamer-broken.12158/	08:55
sentiment	it's almost fuckin 2019 and this distro still got issues with mp3	08:56
sentiment	And no, /home should not be related to such things at all... for gods sake	08:56
sentiment	I'm sorry but I have been struggling with this for almost 2 weeks now	08:57
lotuspsychje	sentiment: please stop complaining, you cant generalize such statements, you can only ask for your own system	08:57
TheMesquito	MP3 is proprietary I thought?	08:57
sentiment	tried various crap since the last botched upgrade and wasted freakin time over that	08:57
sentiment	until it was suggested here that I should reinstall the whole thing	08:57
lotuspsychje	!language \| sentiment	08:57
ubottu	sentiment: Please avoid any language that may be considered offensive, including acronyms and obfuscation of such - also see https://wiki.ubuntu.com/IRC/Guidelines \|\| The main channels are English only, for other languages, see https://wiki.ubuntu.com/IRC/ChannelList	08:58
sentiment	so I did that and most of issues went away except this one so far	08:58
lotuspsychje	sentiment: uname -a please?	08:59
sentiment	TheMesquito: As far as reality is concerned, ogg is more 'properietary'	09:00
sentiment	Linux Ubuntu-Desktop 4.15.0-29-generic #31-Ubuntu SMP Tue Jul 17 15:39:52 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux	09:00
lotuspsychje	sentiment: so...you come here and complain with an outdated system..	09:00
sentiment	what? mp3 needs updated software? are you serious?	09:01
sentiment	Windows 98 played it out of the box for gods sake	09:01
lotuspsychje	sentiment: in the future please only seek for help with a fully updated system	09:01
sentiment	even previous versions of Ubuntu	09:01
lotuspsychje	sentiment: if you feel to discuss it more join #ubuntu-discuss ok	09:02
TheMesquito	Why don't you just pruge gstreamer to remove any messed up cfg files and reinstall it?	09:02
TheMesquito	I've had success with doing that when various libs break	09:03
sentiment	messed up config files? I reinstalled, formatted /	09:03
groug	cpaelzer, Hi ! Is there a chance to see a QEMU 2.11.2 update for 18.04 LTS at some point ?	09:15
sentiment	so I fixed it finally	09:18
sentiment	rm -r ~/.cache/gstreamer-1.0	09:18
sentiment	you were right	09:18
lotuspsychje	!info qemu bionic	09:18
ubottu	qemu (source: qemu): fast processor emulator. In component universe, is optional. Version 1:2.11+dfsg-1ubuntu7.9 (bionic), package size 204 kB, installed size 687 kB	09:18
sentiment	but I doubt that I was wrong	09:18
lotuspsychje	groug: if you like a newer version test, try a higher ubuntu version or look into !backports or snaps	09:19
sentiment	what was the discussion channel?	09:19
lotuspsychje	groug: we dont reccomend mixing package versions on ubuntu	09:20
lotuspsychje	!discuss \| sentiment	09:20
ubottu	sentiment: Want to talk about Ubuntu, but don't have a support question? /join #ubuntu-discuss for non-support Ubuntu discussion, or try #ubuntu-offtopic for general chat. Thanks!	09:20
groug	lotuspsychje, it isn't a newer version actually, it is the latest stable release of QEMU 2.11.x... It doesn't bring new features, just bug fixes. I'd like to know if there's a chance to provide those fixes to LTS users	09:26
lotuspsychje	!latest \| groug	09:28
ubottu	groug: Packages in Ubuntu may not be the latest. Ubuntu aims for stability, so "latest" may not be a good idea. Post-release updates are only considered if they are fixes for security vulnerabilities, high impact bug fixes, or unintrusive bug fixes with substantial benefit. See also !backports, !sru, and !ppa.	09:28
lotuspsychje	groug: when security flaws are found in package versions, updates will handle those	09:28
ducasse	!sru \| groug	09:28
ubottu	groug: Stable Release Update information is at https://wiki.ubuntu.com/StableReleaseUpdates	09:28
lotuspsychje	groug: for example, ubuntu 18.10 uses Version 1:2.12+dfsg-3ubuntu8.2	09:30
groug	lotuspsychje, I'm talking about LTS... not about interim releases	09:31
=== davor_ is now known as davor
groug	lotuspsychje, the fixes I'm interested in affect Live Migration of VMs between 16.04.x and 18.04.x, which is an important feature for our (IBM) customers. I'll follow the SRU procedure and see how it goes. Thanks.	09:42
lotuspsychje	groug: see also snap find qemu	09:50
thagabe	Guys!	09:59
thagabe	Anyone know how to route traffic from ports into my lxd container?	10:00
Amok_Huginnsson	how to get pip for python.36 working on 19.04?	10:01
Amok_Huginnsson	python3.6	10:01
Ben64	19.04 isn't close to out yet	10:03
Amok_Huginnsson	Ben64: well, I have it installed on my computer	10:04
Ben64	ok, but it is supported in #ubuntu+1 until release, which is in April	10:06
Amok_Huginnsson	Ben64: thank you!	10:06
thagabe	Anyone know if this ticket does what im trying: https://github.com/lxc/lxd/issues/4512	10:09
Mrokii	Hello. Is it possible to show a DVD-movie via some video player (vlc for example) on a TV using a hdmi-cable? Are there any things I should consider or would that work out of the box?	10:10
Mrokii	I mean, playing the DVD on Ubuntu and showing the signal on a connected TV, if that wasn't clear.	10:10
thagabe	What id like is to create a lxd container that is restricted to 2 core 8GB of ram. I will have a steam game running as a server. Now this game need inbound traffic to be open at ports 7777,7778,27015, 27017 and TCP via 27020. For the life of me i cannot figure out how to get the firewall open at all. I have tried disabling the ufw on both the host	10:12
thagabe	and the container to no avail. When I finally gave up and ran the server on the host boom everything worked out of the box. This mean either 1) the filesystem in lxd is creating issues or 2) Firewall is not allowing the direction of incoming traffic through the nat btw host<->container	10:12
guiverc	Mrokii, for info on playing dvds - https://help.ubuntu.com/stable/ubuntu-help/video-dvd-restricted.html.en i haven't tried it in ages, but I've connected fine via hdmi to tv	10:13
Mrokii	guiverc: Playing DVDs works fine, that's not the problem. I was just wondering about getting the signal to the TV.	10:13
guiverc	I've connected to tv with no problems, and with problems (some where the edges aren't shown, the tv overscans I think it's called) - on some tv's it's perfect, other tv's have provided me hassle (where the tv seems to have trouble with any computer/os so it's tv & not Ubuntu in my experience)	10:16
Mrokii	guiverc: Okay, thanks, so I guess I have to give it a try.	10:16
Mrokii	guiverc: Just in general, do you know if signals are transferred automatically to a connected TV or is there usually some option I have to tweak, like redirecting the signal or something?	10:17
guiverc	no sorry I can't help there Mrokii - i have no idea how it works, just talking from my experiences..	10:19
Mrokii	okay, thanks.	10:20
Mrokii	I'll try and see what I can achieve.	10:20
ddoobb	Is it possible to access the files on an Ubuntu PC if I have forgotten the password?	10:26
Mrokii	ddoobb: As long as the files aren't encrypted, there should be no problem.	10:28
ddoobb	Mrokii how can I do this? I am seeing some tutorials that do it with "recovery mode" prompt.	10:29
TheWild	hello	10:30
Mrokii	ddoobb: As long as the files aren't encrypted they are accessible at least as a superuser (using sudo for example). I have never had that problem, so I'm not sure if there's a specific way to reset the password.	10:31
ddoobb	I don't need to reset the password, just copy them to an external drive	10:31
Mrokii	ddoobb: The easiest way to me seems to be to boot from another medium, then use "sudo" from the terminal to become superuser and then to use "cp" to copy the files from one drive to another.	10:34
ddoobb	Thanks I'm going to try this Mrokii	10:34
Mrokii	ddevault: You're welcome. Hope it helps.	10:35
TheWild	"Don't reinvent the wheel", but I can't just find a simple way to mirror a part of ubuntu repository without it relying too much on sources configuration of my PC or requiring httpd or ftpd. Say I want gedit, latest version for amd64 (http://archive.ubuntu.com/ubuntu/pool/main/g/gedit/gedit_3.30.2-1_amd64.deb) along with all its dependendies. Then let apt take packages from there. Does apt support filesystem paths or file:// at all?	10:36
TheWild	I think I'll end up writing something myself.	10:36
=== SimonNL is now known as _SimonNL
afx_	geirha, are you here?	11:06
sentiment	hey anyone knows of a dlna server that can push content to the receiver?	11:07
sentiment	i.e the the player becomes the server	11:07
sentiment	in Windows WMP could do this using PlayTo	11:07
geirha	afx_: yes-ish	11:41
=== astra` is now known as astra
=== astra is now known as ASTRA
=== ASTRA is now known as astra`
=== astra` is now known as astra
thagabe	I've given up on lxd to do what i wanted it to do	11:58
thagabe	Anyone know how to route incoming traffic from internet (0.0.0.0) -> (localhost:port) -> (kvm:port)	11:59
lotuspsychje	thagabe: perhaps a question more for ##networking ?	12:00
afx_	geirha, sorry to interrupt! I am going to add my user to the input group but I am wondering if this is a secure approach to resolve the permission issues I have with python-evdev and /dev/input/xxx	12:02
thagabe	lotuspsychje I'll give that a shot! Thanks	12:06
geirha	afx_: well, the user will get access to all the input devices	12:08
afx_	geirha, can I give access to a specific /dev/input somehow ? Are there any keylogging concerns to think about?	12:09
geirha	if you don't trust the user, it may be better to force the user to use sudo instead	12:10
geirha	e.g. In sudoers you can specify that user X are allowed to run (only) your python-script as the group input	12:11
geirha	and the user would then execute your script with sudo -g input yourpythonscript	12:12
afx_	I am the only user and I am a sudoer , so in case someone steals my password it doesnt really matter what group I am in right ?	12:13
EriC^^	afx_: maybe you could use an ACL or something on the specific /dev/input?	12:13
afx_	EriC^^, let me read about ACL	12:14
EriC^^	if you have sudo and someone gets your password then he can do whatever he wants	12:15
afx_	EriC^^, exactly! But what about a malicious keylogging program for example that is run under my user account?	12:16
EriC^^	afx_: sure that could be done	12:17
EriC^^	there's actually a keylogger in the repos i believe	12:17
BrickedInTheHead	did I Ident proper?	12:19
EriC^^	BrickedInTheHead: if you were able to join, then yeah	12:19
afx_	EriC^^, :O ! I didn't know that is a ready made solution for this :)	12:19
BrickedInTheHead	some idiot made password of 10x same digit and fat fingered one in the middle. Anyway Ill be bothering you here setting up this new environment	12:20
afx_	EriC^^, So atm without my user account being part of input group, can a keylogging program get my keyboard input ?	12:20
EriC^^	afx_: i'd think so, but anyways they could always add your user to the input group	12:20
afx_	EriC^^, let's say you don't have my passwrd ,and somehow you managed to install a keylogger .. By having the account out of the input group will the keylogger get my input ?	12:21
afx_	I am trying to understand why a user account gets restricted from accessing /dev/input/ and this is the only thing that comes to mind	12:22
EriC^^	i have no idea, i'd think so, as i dont have my user in the input group but 'xev' shows key strokes	12:22
EriC^^	ah but xev only shows the strokes if it's selected as the terminal	12:24
EriC^^	afx_: try it and see i guess, try installing the keylogger, you'll know at least if it's easily possible, or possibly just harder to do	12:24
EriC^^	!info logkeys \| afx_	12:25
ubottu	afx_: Package logkeys does not exist in bionic	12:25
EriC^^	!info logkeys xenial \| afx_	12:25
ubottu	afx_: logkeys (source: logkeys): keylogger for GNU/Linux systems. In component universe, is optional. Version 0.1.1a+git5ef6b0dcb9e3-2 (xenial), package size 32 kB, installed size 120 kB	12:25
afx_	I see, so its not in bionic	12:26
EriC^^	yeah seems so	12:26
afx_	xev as the terminal shows strokes , but I guess you can have a software emulating a terminal	12:26
afx_	so it can forward any input you do	12:27
EriC^^	afx_: yeah but xev is taking the input you're giving it i think so maybe it's different like that	12:27
EriC^^	let me try installing logkeys i'm on xenial	12:27
afx_	ok	12:28
EriC^^	afx_: it works, even though i'm not in the input user group	12:29
EriC^^	i guess since it uses sudo it can access /dev/input anyways no need for group chananigans	12:29
EriC^^	it does mention in the man page that it uses /dev/input to get the key logs	12:30
afx_	EriC^^,logkeys needs sudo ?	12:30
zprd	hi all, trouble with skype 8.34.0.78, my mic does not seem to work, it looks ok on gnome device settings though, any tips?	12:30
EriC^^	afx_: yes, it asks for sudo	12:30
afx_	EriC^^, this makes sense, as with sudo I can run the python script in question	12:30
afx_	I would like to use this but stay on the safe side too ..	12:31
EriC^^	use what? i wasnt following earlier	12:32
afx_	EriC^^ yes sorry . This is what I am trying to use https://gist.github.com/t184256/f4994037a2a204774ef3b9a2b38736dc	12:32
afx_	it uses evdev which needs access to /dev/input	12:33
afx_	EriC^^, also found this https://askubuntu.com/questions/1057120/is-adding-a-user-to-input-group-secure if that helps in any way	12:33
EriC^^	afx_: if they dont have your password i think you'd be good	12:35
EriC^^	just add to sudoers to run the python script only and set the script non writable and in a dir it cant be deleted and recreated in	12:35
afx_	EriC^^, the SE answer suggests removing the w/r access from users not in the group (???)	12:36
BrickedInTheHead	Hey. (asked in #quassel, anyone know where to get not so glitched one). And bit laggy with nvidia 560ti switching tabs. Just went with default drivers, but dont think messing with nvidia is worth it. How about disabling some of the 3d effects?	12:37
afx_	EriC^^, can you give me any instructions for this please ?	12:37
TheWild	I want to install postgres server but not start the service right now. Is there a way or just use Docker (new toy in office ;))?	12:37
TheWild	TEST	12:38
TheWild	(oh, Thunderbird screwed up)	12:38
EriC^^	afx_: put the script in like /opt/pythonscript.py and chown root: then chmod 770	12:38
EriC^^	afx_: and in sudoers add the line <your user> ALL= (ALL) NOPASSWD: /opt/pythonscript.py	12:39
EriC^^	afx_: then run the script as "sudo /opt/pythonscript.py" via some startup file or something i guess	12:40
afx_	EriC^^,thank you !	12:41
afx_	Will try that out and let you know	12:41
EriC^^	afx_: no problem, ok	12:41
geirha	make sure you use ''sudo visudo'' to edit /etc/sudoers. Don't edit it directly	12:42
pagios	Hello community, is it possible to encrypt my /home on ubuntu 18.04, i dont need full disk encryption only /home, which has all my files, what software can i use for this? and i need to decrypt upon boot as /home will be read upon successfull login	12:43
BrickedInTheHead	with TMP chip you should be able to get reasonable security without any upkeep. Likely requires uefi boot	12:44
BrickedInTheHead	tpm	12:44
EriC^^	pagios: ubuntu has a built in home encryption that uses ecryptfs	12:44
EriC^^	pagios: sudo adduser <your user> --encrypt-home creates it, it'll wrap the passphrase (be sure to write it down somewhere) using your login password, so once you log in it'll automatically decrypt it for you, obviously use a good login password as well	12:45
iosecure	BrickedInTheHead: The level of configuration and mucking around required to get a TPM working under Linux makes it not a great recommendation for someone that has to ask how to encrypt stuff in an IRC channel.	12:46
EriC^^	pagios: create another temp user, move your files there, then delete and recreate your old user using adduser and move the stuff back after logging into the account	12:47
iosecure	pagios: So you know, only encrypting /home gives very little -real- security. It leaves innumerable places for remnant data to exist: temporary files, swap space, etc.	12:48
pagios	one second	12:48
pagios	how come its not secure if i use home encryption?	12:49
iosecure	I just said that.	12:49
pagios	unless the attacker guesses the pass	12:49
pagios	swap will die on system shutdown	12:49
BrickedInTheHead	is there a suite to full drive(s) crypt that doesnt break everything?	12:49
pagios	temp files too	12:49
iosecure	No, it won't.	12:49
EriC^^	well, temp files get erased upon next booting, not while shutting down	12:49
iosecure	On boot, yes, but not on shutdown.	12:49
pagios	but temp files are on /home no?	12:50
EriC^^	in theory if the attacker has access to the pc, he could easily get the password next time you log in	12:50
iosecure	pagios: No.	12:50
BrickedInTheHead	on drives ssd/hdd the data just gets de-adressed instead of format	12:50
pagios	he can boot using resuce disk, reset the user pass no?	12:50
iosecure	There's also the reality that remnant data does not get removed upon deletion. Only unlinked.	12:50
pagios	and login as decrupted	12:50
iosecure	pagios: You are strongly advised to use LUKS or something similar to encrypt the entire system.	12:51
EriC^^	pagios: even if he resets the password, it wont decrypt it, the actual literal login you used will only work, cause it was used with the passphrase to encrypt it	12:51
pagios	but my system is already running i dont want to format	12:51
iosecure	pagios: Do you want the security that encryption provides or not?	12:51
pagios	yea	12:51
BrickedInTheHead	LUKS. I'll type that down, hope it can do chip + pass crypt	12:52
pagios	i see EriC^^	12:52
iosecure	pagios: Then you'll need a rebuild.	12:52
pagios	his only option is to bruteforce then	12:52
iosecure	Because /home-only encryption is basically crap.	12:52
EriC^^	pagios: i think it depends what you're worried of, if the laptop getting stolen is an issue, then i think home encryption would be enough	12:52
EriC^^	pagios: if you're worried of meddling then LUKS would be better	12:53
iosecure	pagios: If someone's going to steal the system with the intent of stealing data, digging through remnant data on the disk is task #1.	12:53
iosecure	If they don't care about data, they won't even notice its encrypted.	12:53
pagios	i am gonna put a desktop in a shared environment	12:53
pagios	and worried about someone stealing the hardisks	12:53
iosecure	pagios: Then you need to encrypt the entire disk, not just /home. Easiest way to do it is to create a LUKS container on the disk, use that as an LVM physical volume, and create your LVs inside that. That way you only need to unlock one disk, instead of every filesystem.	12:54
BrickedInTheHead	Too lazy to rm old assets under NDA so locked for just that. also hackmaster, typing that 24 digit passkey	12:55
pagios	i dont have lvm	12:55
iosecure	pagios: You can configure it when you rebuild the system. Yes, you need to rebuild the system.	12:56
EriC^^	pagios: ubuntu will do everything for you, just reinstall using 'encrypt disk with LUKS + LVM'	12:56
iosecure	^	12:56
EriC^^	pagios: then copy your data back and set things up again	12:56
pagios	trying to avoid a reinstall here	12:56
iosecure	pagios: Too bad. I thought I made that clear.	12:56
pagios	so a reinstall is needed	12:56
iosecure	07:52 <iosecure> pagios: Then you'll need a rebuild.	12:57
iosecure	Yes.	12:57
BrickedInTheHead	just got things running "smooth". might as well upgrade to newer LTS while at it then	12:57
EriC^^	well not necessarily, it'd just be more difficult to set it up manually, not so much i image though	12:57
=== tsglove2 is now known as tsglove
EriC^^	pagios: you dont need a reinstall, you can convert it to LUKS but you'd have to do the legwork yourself and not rely on the installer	12:57
iosecure	EriC^^: Migrating the entire system to new filesystems and hoping that the initramfs and bootloader don't vomit on you later?	12:57
iosecure	No thank you.	12:57
EriC^^	iosecure: um, he can edit the UUID and everything and update-initramfs etc	12:58
BrickedInTheHead	UEFI hehe	12:58
iosecure	EriC^^: It is NOT that simple. Sorry.	12:58
EriC^^	yes it is	12:58
iosecure	I've done that kind of conversation. It sucked.	12:58
iosecure	No, it isn't.	12:58
EriC^^	how did it suck?	12:59
iosecure	initramfs refused to recognize the LUKS container, just sat there screaming about how it couldn't find the root volume.	12:59
=== andyhuzhill_ is now known as andyhuzhill
iosecure	No amount of triple-checking configs and rebuilding the initramfs would change its mind.	13:00
=== _SimonNL is now known as SimonNL
pagios	i will buy a new hardisk , install on it the OS and then add those hardsisk to the lvm	13:00
EriC^^	well you missed the initramfs parts of the conversion i'd guess	13:00
iosecure	EriC^^: You missed the "triple-checking configs and rebuilding the initramfs" part of what I said, I'd guess.	13:00
pagios	i will install a fresh new OS on a new hardisk and add those disks at a later stage, wjats wrong with that	13:01
iosecure	EriC^^: So apparently neither sarcasm nor reading comprehension are your forte.	13:01
EriC^^	iosecure: it's a computer, if everything is right it'll work, if not it wont, so yeah you missed something	13:01
EriC^^	iosecure: no need to get nasty, i did understand what you said, i just dont agree	13:02
pagios	so?	13:02
iosecure	pagios: Honestly, the easiest thing you could do is rebuild the system on a new disk, with LUKS/LVM in place from the installer. Copy /home to the new system.	13:02
EriC^^	anyways this is all going offtopic very quickly, so let's just stop shall we	13:02
pagios	iosecure, ok	13:03
iosecure	EriC^^: Nice walk-back. If you're going to pull out condescending crap like "well you missed the initramfs parts of the conversion i'd guess," don't be surprised when someone comes back in kind.	13:03
iosecure	EriC^^: And I wasn't asking if you agreed to begin with.	13:03
EriC^^	iosecure: how is that condescending?	13:04
iosecure	pagios: I'd advise against coping anything other than /home. That can cause weirdness, depending on what you copy.	13:05
EriC^^	iosecure: you're reading into stuff a lot it seems, i just dont want pagios to think it's so difficult and 'just wont work' you said it didnt for you, i said you must have missed something for it not to, geez	13:05
pagios	thank you both, and apologies if that created a clash between you guyus	13:06
=== TheHonorableKitt is now known as ThKitten
iosecure	No clash at all.	13:07
EriC^^	no worries	13:07
BrickedInTheHead	Is the guest account similar to live boot? does it have any/configurable storage?	13:08
EriC^^	BrickedInTheHead: it's very different and limited, i think you could add storage manually	13:08
iosecure	There used to be. I'm not sure if it exists, still, as various transitions somewhat broke the functionality.	13:09
BrickedInTheHead	I did set 26GB swap. that probably is included	13:10
iosecure	26GB swap? Is that a typo?	13:10
BrickedInTheHead	more is less here?	13:11
iosecure	How much RAM do you have?	13:11
BrickedInTheHead	16GB	13:11
iosecure	Ouch, yeah. Overkill.	13:11
iosecure	Couple questions: Is this a desktop, and do you want hibernation functionality?	13:12
iosecure	(or laptop)	13:12
BrickedInTheHead	Desktop yes. And probably, ubuntu takes forever to boot. and the bios time is at least 25s on this motherboard	13:12
iosecure	Gotcha. Okay, then it isn't THAT much overkill. I'd bring it down to 20GB, save a few gigs.	13:13
iosecure	But you probably have enough storage that 6GB isn't a big deal.	13:13
griphook	hey guys	13:14
BrickedInTheHead	This HDD will die any day. 6 years running. Seagate quality +1	13:14
griphook	does gnome-tweaks not work on ubuntu 18.10 ?	13:14
iosecure	BrickedInTheHead: Oh, then totally screw with the swap sizing. Live life on the edge. ;)	13:15
rasmalabar	I have recently migrated from Ubuntu 14.04 to 18.04. In 18.04, very few applications show in the System Tray. Dropbox is consistently there, CopyQ (the clipboard manager) too shows up whenever it is on. But Pidgin, to provide an example, does not show an icon. Is this the expected behaviour in 18.04?	13:16
BrickedInTheHead	The motherboard error checks blinking like disco lights already for years. Anyway offtopic....	13:17
tomreyn	rasmalabar: how did you migrate, which desktop are you using? this is not the default behaviour on 18.04.	13:23
rasmalabar	@tomreyn: I re-installed, from scratch. I am Ubuntu with GNOME 3.28...	13:33
BrickedInTheHead	Check install media for faults	13:34
ioria	rasmalabar, you probably need an extension ; many tasks have been moved to that	13:35
ioria	rasmalabar, and, btw, has been reported as a bug (!): https://bugs.launchpad.net/ubuntu/+source/pidgin/+bug/1786084	13:36
ubottu	Launchpad bug 1786084 in pidgin (Ubuntu) "Indicator does not show as tray icon on 18.04" [Undecided,Confirmed]	13:36
rasmalabar	ioria, You mentioned about the extension, which one is it?	13:39
ioria	rasmalabar, go here https://extensions.gnome.org/# ; type 'pidgin' and see if there's something useful for you	13:39
=== TheHonorableKitt is now known as ThKitten
rasmalabar	ioria, ubottu: Thanks for the tips and will check further after going offline as it might take a while to decide on which option to choose... Thanks!	13:48
ioria	rasmalabar, ok	13:48
whallz	hi there, is it normal to have "Ubuntu 16.04.5 LTS (4.15.0-42-generic #45~16.04.1-Ubuntu SMP Mon Nov 19 13:02:27 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux)" showing unbalanced CPU usage across cores? i launched gnome-system-monitor just for fun only to encounter cpu4 is constantly peaking between 80/100% and the other 3 are almost 0/10% ?	14:06
whallz	shouldn't cpu usage be balanced between the N cores avaiable? how can i debug this?	14:06
iosecure	A process can only reside on one core.	14:08
tarzeau	whallz: no that's normal	14:08
tarzeau	what software is it that only runs on one?	14:09
tarzeau	it should be optimized to run on more (eventually)	14:09
iosecure	So if a process starts, then later starts to consume large amounts of CPU resources, it's going to max out the core where it is.	14:09
iosecure	tarzeau: Only if the application is spawning multiple processes.	14:09
iosecure	Plenty of applications are single-process. OpenVPN is a good example.	14:09
whallz	i have only google-chrome and guake with tmux running	14:10
tarzeau	iosecure: or threads?	14:10
tomreyn	running "top" (better "htop") should tell which application is keeping this core busy	14:10
whallz	if i close google chrome they all balance out around 10% for a while, then cpu4 goes back up to 80% constant	14:11
whallz	lets see	14:11
tarzeau	iosecure: plenty are multi	14:11
tarzeau	iosecure: objc2 also uses multiple cores (relevant for gnustep)	14:11
iosecure	tarzeau: And plenty are not.	14:11
iosecure	tarzeau: My statement is correct. A single process is resident on a single core.	14:12
tarzeau	unless it's a single process supporting multithreading	14:12
iosecure	Multithreading is not multiprocessing.	14:12
iosecure	A single process that spawns multiple threads is still single-core resident.	14:12
tarzeau	i know, that's why your statement is not correct	14:12
iosecure	Yes, it is.	14:13
tarzeau	iosecure: no it's not	14:13
iosecure	Yes, it is.	14:13
iosecure	By definition, yes, it is.	14:13
whallz	ok depends on multithreading, but how do i find in top/htop which one runs on just 1 core?	14:13
iosecure	whallz: Any process shown in top/htop/ps is running on a single core.	14:14
tomreyn	https://imgs.xkcd.com/comics/duty_calls.png	14:14
whallz	Xorg seems busy too xD	14:14
iosecure	whallz: Any application that shows multiple copies in those programs is potentially running on multiple cores.	14:14
whallz	iosecure: i mean, i a specific core	14:14
iosecure	whallz: Ah. Not sure how to show which core a process resides on.	14:14
whallz	iosecure: right, that what i need to find out	14:14
whallz	something is killing cpu4 while cpu1, 2 and 3 are drinking mojito	14:15
whallz	need to find out what that process is	14:15
iosecure	Likely a single runaway process.	14:15
whallz	right, but is it grabbing always the same core? is there an un-even degradation of whole cpu?	14:16
iosecure	No idea. Processes generally do not have an assigned affinity.	14:16
whallz	first, i still need to know which process is it top and htop dont help	14:16
iosecure	Whichever core it starts on, it stays on.	14:16
griphook	Guys I am running Compuwiz found here https://code.mradford.com/post/the-ubuntu-compiz-desktop/ How can I use gnome-tweaks with this?	14:17
herald85	whallz: you can configure htop to show the "PROCESSOR" column	14:17
whallz	herald85: that's what i need	14:18
herald85	open htop, press F2 , go down to 'columns'	14:19
whallz	awesome, thanks herald85	14:20
griphook	i am also on ubuntu 18.10	14:20
whallz	ok, seems to be /usr/bin/Xorg wtf	14:22
whallz	sorry /usr/lib/xorg/Xorg	14:22
conjo	hello all can anyone tell me why there are two of every application one is small in size one is large in filesize...eg vlc from the sofwware center has two choices of the same version but different file size	14:25
conjo	why does the software center have two of every application now days?	14:25
EriC^^	maybe each is an architecture specific?	14:26
whallz	cpu4 always seems busier that the other 3	14:26
EriC^^	i only have 1 vlc in software center, ubuntu 16.04 unity here	14:26
whallz	:(	14:27
conjo	I am running Ubuntu 18.10 and re architechture do you mean different versions of ubuntu eg 8.0418.10	14:27
EriC^^	conjo: no i mean 32 bit and 64bit	14:27
conjo	1810 vs 18.04	14:27
conjo	okay	14:27
BluesKaj	Hey folks	14:27
coz_	BluesKaj, hey guy	14:28
conjo	i see no mention of architecture under details how do i tell the difference	14:28
coz_	BluesKaj, I keep saying hi back, since you are one of the few I remember from way back ")	14:29
BluesKaj	hi coz_	14:29
zetheroo	where in 18.04 is the network interface names defined?	14:29
BluesKaj	yeah, coz_ guess we've been around a while	14:30
herald85	whallz: that sounds familiar, gnome-shell is horrible with software drawn windows. Do you have a slow cpu ? atom? old celeron?	14:30
coz_	BluesKaj, ") for sure	14:30
tomreyn	griphook: i would not recommend using compiz on 18.04 and newer. it's mostly considered to have failed now. https://www.reddit.com/r/linux/comments/75hxp6/why_did_compiz_die/ - better stick to gnome-shell and, if needed, customize it with extensions.	14:33
tomreyn	...and gnmoe-tweak-tool	14:34
BluesKaj	zetheroo, which "network names" ?	14:34
zetheroo	BluesKaj: eth0 eth1 etc ...	14:34
BluesKaj	zetheroo, /etc/network/interfaces	14:35
tomreyn	zetheroo: you may want to read this if you haven't https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/	14:41
zetheroo	we have a system with 18.04 which hasn't got ifup installed and there is a network interface installed as eno1p (at least it seems to be that in the /etc/netplan/*.yaml file) but how do we get the interface up?	14:46
zetheroo	we cannot install ifup because it's not online	14:47
zetheroo	also it seems that when we do 'service networking restart' there is no 'networking' service :/	14:47
tomreyn	ip link set dev eno1p up	14:47
tomreyn	pleasse read the !releasenotes	14:48
zetheroo	cannot find device eno1	14:49
olabaz	Hi, I am on 18.10 and I closed my laptop and opened it	14:49
olabaz	and now my screen is all black	14:49
olabaz	i only see the title bar up at the top	14:50
tomreyn	zetheroo: "ip link" shows available devices	14:50
olabaz	any ideas how to get the gui to pop up again?	14:51
tomreyn	zetheroo: as a result of reading the release notes, you should use use 'systemctl', not 'service', and use ip (from iproute utils), not ifup/ifdown (from ifupdown utils)	14:52
olabaz	nvm I figured it out! I just did ctrl alt f1 and logged in and everything reloaded fine	14:52
olabaz	phew	14:52
olabaz	thanks for listening lol	14:53
zetheroo	tomreyn: ok, thanks. The netplan file had the wrong interface name.	14:54
deadrom	heya	15:01
meph1st0	hey everyone	15:02
meph1st0	best linux native games?	15:02
meph1st0	share your opinion	15:02
deadrom	16.04->18.04 failed yesterday due to "cannot calculate upgrades" on do-release-upgrade. cannot figure what's offending, so I think of "upgrade from ISO", but is there an option to install over ex. system and keep custom /etc etc. or is it "raze root or bust"?	15:02
leftyfb	meph1st0: try #ubuntu-offtopic. This is a support channel	15:03
meph1st0	leftyfb, OK, THANKS :)	15:03
meph1st0	sorry for caps)	15:03
herald85	my ubuntus keep failing to download http://be.archive.ubuntu.com/ubuntu/pool/main/l/linux/linux-headers-4.4.0-140_4.4.0-140.166_all.deb , but after some experimenting I've noticed that using ftp:// works. Whats the best way to notify the repo maintainers? General ubuntu bugzilla?	15:05
BluesKaj	deadrom, I have to ask , didyou update/upgrade existing packages first?	15:08
deadrom	BluesKaj, yup	15:08
BluesKaj	deadrom, ok, is the package manager set to upgrade LTS only?	15:11
deadrom	BluesKaj, yes	15:12
BluesKaj	any ppas?	15:14
deadrom	BluesKaj, truckloads. upgrade-core tells me it disables those, though	15:14
BluesKaj	or changes to the sources.list	15:15
BluesKaj	deadrom, yeah, it's supposed to	15:15
deadrom	BluesKaj, http://paste.ubuntu.com/p/b5GkD49Ddb/ <- current sources.list	15:16
=== [1]MrMobius is now known as MrMobius
deadrom	btw I cannot paste proper outputs becuase LC_ALL=C gets me this: https://pastebin.com/Xdr1qpVL	15:20
lordcirth_	deadrom, use 'LC_ALL=en_US.UTF-8'	15:32
lordcirth_	You need UTF-8 support	15:33
koffel	can ubuntu lts support 12 cores?	15:48
nacc	koffel: ... yes	15:48
nacc	koffel: unless you mean some specific hardware version or something, but 12 cores in general, yes. It can support 100s of cores.	15:48
koffel	some reason i can only get it to see 6	15:48
lordcirth_	koffel, what CPU?	15:49
koffel	dual xeons	15:49
nate	Since most processors use some sort of threading these days, make sure you have HT/SMT on	15:49
koffel	yes i do	15:49
koffel	it shows in bios 24 cores	15:49
lordcirth_	koffel, ... more specific. What CPU model? Also, which Ubuntu LTS? 18.04?	15:49
koffel	e5656 16.04lts	15:50
nacc	koffel: 12 or 24 cores? and do you mean cores or hardware threads	15:50
koffel	my unit has 4 e5656 xeons 6 cores each	15:50
nacc	koffel: `dmesg`, `lscpu` in a pastebin	15:51
lordcirth_	I don't see the "e5656" in Intel Ark. Sure that's right?	15:51
koffel	sorry i mean e5670	15:52
koffel	Intel® Xeon® Processor X5670	15:52
lordcirth_	Ok, so each one is 6 cores, 12 threads	15:52
koffel	yes	15:53
lordcirth_	koffel, and what tool are you using, which is showing 6 cores?	15:53
koffel	lscpu	15:53
koffel	and top	15:53
nacc	top doesn't show cores, it shows logical cpus	15:54
nacc	koffel: and again, can you pastebin the output asked for?	15:54
koffel	some reason in lscpu model is blank	15:54
nacc	koffel: did you buy it after-market?	15:55
styx__	hi! is there a lxc 2.0.9 package for ubuntu 18? can't find one online :(	15:57
koffel	no nacc i bought it new in my dell poweredge r720	15:57
koffel	https://pastebin.com/3DpEBcpr	15:57
nacc	koffel: uh, you installed 32-bit	15:58
nacc	koffel: that seems wrong	15:58
nacc	and actually, that looks likea VM	15:58
koffel	oh shit i thought it was 64bit	15:58
nacc	"linux-Standard-PC-i440FX-PIIX-1996"	15:59
koffel	not vm	15:59
nacc	just to santiy check, are you trolling? :)	15:59
nacc	oh did you accept the random hostname it provides at install time?	15:59
koffel	yes	15:59
nacc	in any case, i'd install 64-bit and see if it sees your processor correctly	15:59
koffel	it a server	15:59
koffel	will do	15:59
nacc	koffel: i would suggest giving a real hostname as well	16:00
koffel	will do	16:00
koffel	thank ya	16:00
nacc	styx__: why would you want 2.0.9 in 18.04? it's at 3.0.3	16:00
styx__	nacc: project reasons :/	16:00
nacc	styx__: afaict, 2.0.9 is not in any ubuntu	16:01

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!