#ubuntu-server 2006-10-23
<[NB] Mahem> hi
<[NB] Mahem> after reading the topic you need to update the description on https://help.ubuntu.com/community/InternetRelayChat where it points out this is the help and discussion channel not anyting about server images :D
<infinity> [NB] Mahem: Fixed, thanks.
<[NB] Mahem> np
<CarlFK> how can I tell if an install was made with u-server?
<CarlFK> should /etc/apt/sources.list be different?
<lionelp> CarlFK: no, it is not different
<lionelp> the best way is to look the kernel
<lionelp> you should have a -server kernel
<CarlFK> Linux yate2 2.6.17-10-386 #2 Fri Oct 13 18:41:40 UTC 2006 i686 GNU/Linux
<lionelp> (check uname -r)
<lionelp> CarlFK: so probabily not
<CarlFK> uname -r  2.6.17-10-386
<CarlFK> this is a pretty out there question:
<CarlFK> if I install u-userver, so no X or anything,
<CarlFK> apt-get install spe 
<CarlFK> er... apt-get install spe openssh-server 
<CarlFK> then ssh to the box from a 2nd box with a full install (so X and everything)
<CarlFK> shouldn't apt-get install spe install whatever is needed so I can run X apps on an exported display?
<CarlFK> may have the same problem with xterm
<CarlFK> boxA: /etc/ssh/sshd_config X11Forwarding yes.  BoxB: ssh -X BoxA.  try to run xterm, get "xterm:  DISPLAY is not set"
<tmh__> CarlFK: did you restart sshd?
<tmh__> the problem is in your ssh settings, your ssh server isn't setting the DISPLAY environment variable. probably then the tunnel isn't set up either, though you can check with sudo lsof -i
<CarlFK> I didn't change /etc/ssh/sshd_config so I don't think restarting will help
<CarlFK> sudo lsof -i - what should I look for?
<tmh__> the SSH server listening on TCP 6010 or the like
<CarlFK> http://paste.ubuntu-nl.org/28008/
<tmh__> nope, the SSH server isn't tunneling the X connection
<tmh__> are you sure the line in sshd isn't commented?
<tmh__> does it have a hash sign in the front?
<CarlFK> juser@yate2:~$ sudo grep X /etc/ssh/sshd_config
<CarlFK> Password:
<CarlFK> X11Forwarding yes
<CarlFK> yup :)
<CarlFK> got it:
<CarlFK> sudo apt-get install x-window-system-core
<CarlFK> ssh ed a 2nd session, now sudo lsof -i = llocalhost:6010 (LISTEN)
<CarlFK> which seems odd that I need x-window-system-core
<CarlFK> xterm works too
<CarlFK> jsut got new -server image.  going to install again
#ubuntu-server 2006-10-24
<tmh__> it shouldn't require z-window-system-core. funny.
<tmh__> if you're sure the package you installed requires X and it didn't install the required deps, that's a bug.
<Hilmar> Anyone here who can help me with some iptables, i have tried on my own for 4 hours now with the online docs, but I cant get it to work
<Hilmar> Have tried everything and starting to get frustrated :(
<fabbione> Hilmar: it really depends what you need to do
<fabbione> this is generally not an help channel
<Hilmar> I know, I was just sent here from the ubuntu channel, since you guys maybe knows more about servers
<Hilmar> Its a single server which is going to work as a gateway for a small network
<fabbione> iptables are not -server specific but whatever ;)
<fabbione> ok ask your question.. what can't you do?
<Hilmar> Sorry, Im just desperate for help now
<Hilmar> Ok, let me paste the rules I have applied
<Hilmar> sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE
<Hilmar> sudo iptables -A FORWARD -s 192.168.0.0/16 -o ppp0 -j ACCEPT
<Hilmar> sudo iptables -A FORWARD -d 192.168.0.0/16 -m state --state ESTABLISHED,RELATED -i ppp0 -j ACCEPT
<fabbione> MEH
<Hilmar> I switched out 192.168.0.0 with 10.0.23.0, and ppp0 with eth1, which is the card which is connected to the modem
<Hilmar> So they should adjust to my system
<fabbione> halt.. one second that i need to look at my rules too
<fabbione> that will never work...
<fabbione> clear up the tables
<Hilmar> iptables --clear ?
<fabbione> iptables -t filter -F INPUT
<fabbione> iptables -t filter -F FORWARD
<fabbione> iptables -t filter -F OUTPUT
<fabbione> iptables -t nat -F PREROUTING
<fabbione> iptables -t nat -F POSTROUTING
<fabbione> this will CLEAR EVERYTHING
<fabbione> iptables -t filter -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED
<Hilmar> --flush should do it also
<fabbione> that's for the state thingy
<Hilmar> What does that mean?
<fabbione> actually.. you can skip that
<fabbione> ok did you clear the tables?
<Hilmar> I did a flush, which should clear everything
<fabbione> ok
<Hilmar> Anyway, I take notes of what you write anyway
<fabbione> first of all.. cat /proc/sys/net/ipv4/ip_forward
<Hilmar> so I can do a reboot in worst case
<fabbione> nah.. no need to reboot
<Hilmar> nothing there
<Hilmar> in ip_forward
<fabbione> can you give me the output?
<fabbione> it's either 0 or 1
<Hilmar> 0
<fabbione> ok that's the first problem
<fabbione> echo 1 > /proc/sys/net/ipv4/ip_forward
<fabbione> you need to enable IP forwarding
<Hilmar> permission denied
<fabbione> sudo..
<fabbione> you need to be root
<Hilmar> I did
<fabbione> it's impossible that gives you permission denied
<fabbione> uname -a ?
<Hilmar> 2.6.15-26-adml64-server #1 smp Date, UTC 2006 x86_64
<Hilmar> amd64*
<fabbione> it's an old kernel... and it works here...
<fabbione> i know for a fact that the above operation works
<Hilmar> I downloaded the last image today
<Hilmar> installed it and followed the docs to set it up
<fabbione> it's not the last image.. -27- is
<Hilmar> I cant understand how I could do anything wrong, there wasnt much options during the install either
<fabbione> i am just saying that if you cannot do echo 1 >... it will never work
<Hilmar> Well, I downloaded it yesterday, so maybe the mirror wasnt updated
<fabbione> that image is at least a few weeks old.. check your mirror or change it
<Hilmar> err
<Hilmar> when I opend it in pico
<Hilmar> it worked
<Hilmar> but not with echo
<Hilmar> I swear
<fabbione> ok i don't really care either way
<Hilmar> Well, it set to 1 now
<fabbione> now add only the MASQUERADE entry in your rules
<fabbione> and only that one
<Hilmar> sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE 
<Hilmar> this ?
<fabbione> if your outgoing interface is ppp0 yes
<fabbione> otherwise change it
<Hilmar> offcourse
<fabbione> ok.. now take a machine on the 192.168.0.0/16 network and try to connect to the internet
<fabbione> (I assume that the server already is connected and working)
<Hilmar> done, I need to reconnect the modem to the server again, I had to connect it to a workstation to be able to get on irc
<fabbione> well now you need to check that it's working
<Hilmar> So the other rules is not needed?
<Hilmar> but do you know why the ip_forward wasnt enabled?
<greenman> hello
<fabbione> the other rules should not be required
<greenman> I have an installation question
<Hilmar> Hi
<fabbione> Hilmar: ip forwarding is disabled by default
<fabbione> greenman: -> #ubuntu
<greenman> there are two options install to the hard disk and install a lamp server
<greenman> do i do both or one first then the other
<Hilmar> hmm, ok. thanx a lot fabbione
<Hilmar> Will try it out now
<greenman> i'm think install to hard disk then install lamp
<fabbione> Hilmar: no problem
<fabbione> greenman: it's the same..
<fabbione> lamp will just install lamp without you having to do anything later
<fabbione> makes no different
<fabbione> difference
<fabbione> anyway these are FAQ
<fabbione> so please ask in #ubuntu
<greenman> fabbione: so doing install lamp, installs ubuntu and lamp, while install to hard disk would just be ubuntu?
<greenman> fabbione: they sent me here.  sorry for the bother.
<fabbione> greenman: if you install lamp OR install ubuntu+amp will make no difference.. it's the same thing
<Hilmar> fabbione: *bows down*
<fabbione> greenman: you still need to install on an harddisk.. no matter
<fabbione> Hilmar: does it work?
<Hilmar> Aye
<fabbione> Hilmar: ok
<fabbione> Hilmar: the other rules are not required..
<fabbione> not in your specific case at least
<greenman> i guess i'll try the lamp thingie first, it should tell me if I've screwed up.  seems kinda redundant
<Hilmar> Does it hurt to applie them, or what effect do they have
<fabbione> Hilmar: it doesn't really hurt but they are useless because FORWARD policy is set to ACCEPT by default
<fabbione> you will just add an extra filter for an ip packet to go trough to obtain the same result
<Hilmar> fabbione: One more question, how can I add those rules each time it starts up, cause now I have to add them each time
<fabbione> also note that you are NATTING a private network (192.168.0.0/16) that is not routed over internet
<fabbione> there is no way to get a connection from outside
<Hilmar> I know, I need to forward ports then, right?
<fabbione> Hilmar: man interfaces and look in /etc/network/
<Hilmar> Ok
<fabbione> there are all kind of facilities for what you want
<fabbione> from now.. your best friend is google :)
<Hilmar> You couldnt just paste me the line I need to add to /etc/network/interfaces ?:P, its realy late and tired and want to get this done :)
<Hilmar> For the masqurade rule
<fabbione> Hilmar: don't be lazy
<fabbione> and you are from norway.. that means it's 7:05 am there
<fabbione> can't be late.. you might say it's early
<Hilmar> Well, I have been up all night :P
<Hilmar> But nm, I figure it out, you have been a great help anyway
<MagicFab> is there any marketing material for ubuntu server ? like past presentations / figures of TCO, security etc. ? Searched the wiki without much luck
<n3storm> hi
<n3storm> I have setup an ubuntu server
<n3storm> when a ssh user logs in the system
<n3storm> their home directory is not writable
<n3storm> Could not chdir to home directory /home/josu: Permission denied
<n3storm> I checked quotas
<n3storm> but they are ok
<n3storm> I created new users in new groups
<n3storm> and nothing
<n3storm> the last thing I have done is have a look at fstab
<n3storm> the /home partition is /dev/sdb1       /home           ext3    defaults,usrquota,grpquota        0       2
<n3storm> any idea so far?
<n3storm> really sorry guys and girls
<n3storm> I didn't read the topic
<n3storm> byes
<n3storm> :D
<stubblechin> any chance of getting nginx added as an ubuntu server package? debian has it and it beats the pants off lighttpd
<stubblechin> also, where's the best place to make this sort of request?
<ajmitch> if debian has it, then it'll likely get imported automatically to universe for feisty
<tmh__> stubblechin: https://wiki.ubuntu.com/MOTU/Packages/Candidates
<ajmitch> tmh__: hardly needed if it's already in debian
<tmh__> I guess you're right.
<tmh__> so what's the deal with apache 2.2?
<ajmitch> it's been in debian unstable for about 3 weeks
<ajmitch> so feisty will most likely get it
#ubuntu-server 2006-10-25
<tmh__> but wait. when? immediately as the feisty repos open?
<tmh__> and when will they open, btw?
<infinity> tmh__: Shortly after edgy releases.
<mm> Hey there.. Is there somewhere a place where I can look for what is planned to get in the dapper-backports? because I want to see if Postfix 2.3 and Dovecot 1.0rc will go there soon.. Because below that versions I cant use SMTP AUTH through Dovecot SASL..
<mm> Or do I have to use the edgy packages..?
<lionelp> mm: as far as i know, the best way is to search for bugs assigned to the backport team
<mm> ok thx
<J_P> hi all
<J_P> people, I need some help about this. I have three internet link with 3 diferents operators: where two links are 2mb and other is 256k. I would like have one Load balance making a virtual link with 4256k right, anyone know I do this, using iproute2 with roud robin ?
<yogurtthewise> J_P: lartc.org
<J_P> yogurtthewise: thanks, I made that with OpenBSD using roud robin, but I would like does with linux..
* yogurtthewise scratches his head
<yogurtthewise> maybe it's a joke
<yogurtthewise> J_P: have you actually tried to load that link in your browser?
<J_P> yogurtthewise: not.. I loading..
<J_P> :-)
#ubuntu-server 2006-10-26
* Starting logfile irclogs/ubuntu-server.log
<chaoticg33k> hello?
<chaoticg33k> anyone around?
<heno> Does the server CD have a live CD option, with a command prompt?
<chaoticg33k> no
<heno> Just the d-i installer?
<chaoticg33k> if you want something like that you can try out slax, I can't remember the site right off hand but if you go to google.com/linux and search for slax then you could find Slax: Server Edition
<chaoticg33k> what is d-i?
<heno> Thanks
<heno> debian-installer
<chaoticg33k> no problem
<heno> the blue one :)
<chaoticg33k> ahhh yes kinda
<chaoticg33k> on 6.06 it had a few extra things that you could do and a special lil install screen, to choose server, LAMP, and some other options
<jsgotangco> hey heno how's it going
<chaoticg33k> its crazy in #ubuntu
<Burgwork> heno: the  live cd is build differently than the server and alternate cds
<heno> jsgotangco: good, working on Feisty access features :)
<heno> A live prompt would let blind users run it with speakup
<jsgotangco> its in the kernel???
<heno> d-i is rumored to support install with speakup, but I haven't seen it yet
<heno> jsgotangco: yes
<heno> afk
<chaoticg33k> bbq
<chaoticg33k> so, I got a question, how do you guys make partitions for ubuntu server?
<jsgotangco> i don't
<jsgotangco> lvm ;)
<chaoticg33k> I mean like a / is 2GB, /usr 10, /home 20, etc. How do you make them?
<chaoticg33k> I've got this project I want to do and I want to do some smart partitioning so I can make the most out of a 40GB drive I've got.
<chaoticg33k> My project is where I take the functionality of Google Personlized homepage and recreate that minus the email. I will then add music player to it and load up my music on the server its about 5gb.
<chaoticg33k> So it will serve out pages to people who login that have RSS feeds, news, updates, music, calander, and I can upload webpages to it to let people see the webstie I created. Its gonna be a family type webpage for the parents.
<chaoticg33k> I've been reading where you can have like a 500meg root partition with /boot, /var, /usr, and /home all seperate, and I was wondering if this was possible
<chaoticg33k> I get the feeling I'm talking to myself
<chaoticg33k> hello?
#ubuntu-server 2006-10-27
<chaoticg33k> hello?
<tmh___> LVM
<chaoticg33k> huh?
<tmh___> you can do flexible, easy partitioning with LVM and change it easily later
<chaoticg33k> took a long time
<chaoticg33k> ...
<tmh___> comments like that aren't too polite.
<tmh___> and someone already replied to you 5 hours ago
<chaoticg33k> I'm sorry
<tmh___> sparsely, I guess, but anyway. 
<chaoticg33k> I was trying to joke, but it does not translate well into bits and bytes
<tmh___> oh, ok :) http://tldp.org/HOWTO/LVM-HOWTO/
<chaoticg33k> I'm very sarcastic, but it does not end up well online.
<chaoticg33k> thank you for the link
<chaoticg33k> have you looked at any version of 6.10
<tmh___> yes, Im using the release
<chaoticg33k> I see the answer you were talking about now. Looks like a shorthand for something like lol
<chaoticg33k> guess the ;) threw me off
<chaoticg33k> another question if you don't mind, Is it easy to configure the network for a ubuntu server after the install, using a line from a windows box?
<chaoticg33k> My setup is kinda weird I guess, I have two computers and I have my main windows box that has net, I'm getting another network card so I can pop it into one of the boxes and have a total of three so I can share the connection I have between the two
<chaoticg33k> I live in a college dorm room with one network jack and we can not use routers or hubs, so I wanna have internet access for both, but I'm not very sure how easy that would be
<chaoticg33k> any takers on my question?
<PenguinistaKC> If you can't use routers or hubs, then your best bet is to get wireless cards for two of your machines and set the third one up as a gateway.
<PenguinistaKC> Oops, you have two machines. Even easier.
<PenguinistaKC> Set up one machine with two network cards. Eth0 connects to jack in wall, eth1 connects to computer 2 through a cross-over cable. Set up computer 1 as your gateway
<PenguinistaKC> With windows, you use internet connection sharing. With linux, it's a little more work.
<chaoticg33k> I want the work, I want to learn more, so doing alot of work is no problem for me.
<chaoticg33k> umm... k well I installed the lamp server software package in 6.10, I skipped the DNS stuff. I bet I can get that all installed later if I need it. I'm not postive on what I want to do if I want the linux box to share the connection or the windows box. If I do the windows box then I will be able to get help as I go along if I need it, however if I do the linux box I have to know what I am doing before hand seems how I will not have n
<chaoticg33k> Ok, well I got an error when I tried to install the lamp server package, so it told me to reselect it and try agian, so I selected the DNS too.
<chaoticg33k> Ok, it gave me "Instlation step failed" again... and I had both of the packages selected this time
<chaoticg33k> ok, so far so good with no packages selected
<chaoticg33k> k well it is installed now but no predefined packages... I guess I'm gonna have to do that all manualy
<chaoticg33k> hi
<Joespower> hi, am I in the right place? I have a ubuntu server specific problem but I've never used IRC b4
<gioele> hello
<gioele> Is there going to be something like "edgy server" distribution?
<infinity> gioele: The server ISOs are right next to the regular ISOs on the dowload site.
<infinity> http://releases.ubuntu.com/6.10/
<infinity> ubuntu-6.10-server-*
<gioele> ah, ok
<gioele> because the site is not very clear. It is half updated and it seems that the server edition is going to stick with 6.06 LTS
<infinity> Well, it's encouraged that server users stick with 6.06 anyway.
<infinity> Most server users would prefer stability and 5 years of support over a few new packages, generally. :)
<gioele> well, not if you are running an ejabberd server ;)
<mpathy> Hi there.. I asked yesterday if it would be a bad idea to use edgy for my server.. But today I recognized that I perhaps HAVE TO use edgy because there is Postfix 2.3 in it, and from this version I got support for the Dovecot-SASL: http://www.postfix.org/SASL_README.html#server_dovecot
<mpathy> Or is it really a idea who is REALLY bad? :)
<mpathy> Tell me about the quality level of the server-specific issues @ edgy :)
<mpathy> Hi there! I need to switch to Edgy for recent versions of Postfix and Dovecot.. Are there some serious objections against doing that?
<mpathy> (on a server)
<infinity> I'm not doing it on my machines, but the choice is, obviously, yours.
<mpathy> infinity: Sure. But are there serious points against doing that?
<infinity> 5 years' support on dapper, versus 18 months on edgy.
<infinity> Lots of testing and stability fixes in dapper, a more rushed release with edgy.
<infinity> And the fact that I, personally, put several man-weeks into dapper's server release, and barely touched it for edgy, cause we had other goals. :)
<infinity> But I don't think it should have any *problems*, per se, I just wouldn't go out of my way to recommend it over dapper either.
<Pych0n> Hi
<Pych0n> I almosty finished to install the Ubuntu 6.06.1 on a Dell PowerEdge
<mpathy> infinity: Hmm, okay. Its clear that I use Feisty, the next LTR in april! I think I will go, until then, with Edgy
<Pych0n> Now im configuring the NICs with support for VLANs (+20 VLANS)
<Pych0n> but when the machine starts it takes to much time to setuo the network
<Pych0n> Almost +5 minutes
<mpathy> 5 years? That means in a few years you have to do support for really much releases..?
<Pych0n> hi
<infinity> mpathy: I doubt feisty will be an LTS.
<infinity> mpathy: The next one after feisty might be.
<mpathy> infinity: Really? But as I remember Mark said every second release will be one
<infinity> He said no such thing.
<mpathy> infinity: Hmm okay.. And there is no possibility that Postfix 2.3 gets somehow in dapper-backports?
<infinity> A tentative plan was every third or fourth (dapper was our fourth), but we've committed to nothing.
<infinity> mpathy: You could file a bug requestin a backport, sure.  If it compiles cleanly on dapper.
<mpathy> infinity: Wher would be the right place to do that?
<infinity> The build-deps make it look like it should build on dapper.
<infinity> https://launchpad.net/products/dapper-backports/+bugs
<infinity> Looks like it's already filed.
<infinity> https://launchpad.net/products/dapper-backports/+bug/55599
<infinity> So, follow up to thet bug and give a rationale, if you'd like.
<infinity> s/thet/that/
<Pych0n> infinity: hi
<Pych0n> infinity: would you like to help me ?
<infinity> The backports team will vet the report, see if it compiles cleanly, etc, then pass it off to the archive team (me and a few others), and we'll process it.
<infinity> Pych0n: This isn't really a support channel.
<infinity> Pych0n: That, and I don't do VLANs in Linux, I tend to use real routing and switching equipment, so I might not be very helpful.
<Pych0n> infinity: ok, where is the support channel please ?
<infinity> #ubuntu
<infinity> There is no server-specific support channel that I know of.
<infinity> If I had to guess, though, it's possible you're being bitten by something in /etc/network/if-up.d/ being run (and failing or timing out) for every single one of your 20 VLANs coming up.
<mpathy> infinity: Posted it.. Lets hope ;)
<porkpie> hi guy's I am trying to do a echo "bnx2" >> /etc/mkinitramfs/module on the latest realease but I get cannot create  blalalal  directory nonoexistent   what has replaced this 
<jbrouhard> anyone try putting this out?
<jbrouhard> http://directory.fedora.redhat.com/wiki/Howto:DebianUbuntu#Fedora_DS_on_Ubuntu.2FDebian_Howto
<Jeeves__> Is anyone able to help on a problem with ddclient? 
<Jeeves___> Does anyone have the ddclient program running?
<tmh__> just ask?
<tmh__> porkpie: I think the default is now 'initramfs-tools', apt-cache show initramfs-tools
<Jeeves___> is anyone able to help me configure logwatch, their website seams to be down? 
<chaoticg33k> ...
<chaoticg33k> hi?
#ubuntu-server 2006-10-28
<Paladine> heya folks
<Paladine> I just installed ubuntu server on my dual athlon system
<Paladine> couple of things
<Paladine> firstly it never setup the second HD in the lvm
<Paladine> secondly, it has built an smp kernel but top is only showing 1 cpu?
<Paladine> I thought you got 2 CPU lines in top with smp?
<fabbione> Paladine: if you want the second hd you need to use manual partitioned. The installer can't read your mind.
<fabbione> man top
<fabbione> there is a flag to see load per cpu
<fabbione> otherwise it shows only an aggregate
<Paladine> fabbione, I did manually partition
<Paladine> I set both drives to LVM
<Paladine> then went into configure LVM
<Paladine> but it only added hda1 to the LVG
<fabbione> i find that VERY hard to believe. anyway file a bug in malone partman-lvm
<Paladine> I don't suppose it is possible to add a second drive to lvm once it is installed? meaning I would have to reinstall to get the second drive added to lvm?
<fabbione> yes you can add it
<fabbione> just read vgextend man page
<Paladine> k thanks
<fabbione> and learn how to resize lvm volumes
<Paladine> ok I restarted the installation cos I messed up some other stuff the first time round too
<Paladine> so I am in the partition manager
<Paladine> it is seeing both drives with no partitions
<Paladine> how do I configure them both to use lvm?
<Paladine> or can you point me to an installation walkthrough for ubuntu server?
#ubuntu-server 2006-10-29
<goofey> hmm, i wonder why he wanted to use LVM in the first place....
<jbrouhard> Anyone here ever try to get Fedora Directory Server to work in Ubuntu ?
<jbrouhard> I know there's a how-to
<jbrouhard> but what about packaging it directly for a small business server CD ?
<tmh__> jbrouhard: you mean https://features.launchpad.net/people/ubuntu-directory ?
<nkassi> Hello all.
<nkassi> I can't find the answer to why the slapd package in ubuntu and debian doesn't include SSL. Anyone knows ? 
<jbrouhard> tmh__: actually, haven't tried that...
<nkassi> jbrouhard: it's still really in the planning stage.
<jbrouhard> oh ok
<nkassi> jbrouhard: they plane to built a Active Directory for Ubuntu sort of thing.
<nkassi> It sounds cool but it's for the long run I beleive
<nkassi> I would think something would be available in edgy+1
<tmh__> which might very well be on fedora directory server. if you search the wiki for the same project, there's lots of discussion about that. and the instructions on install FDS on Ubuntu
<jbrouhard> yEAH
<jbrouhard> I would be willing to provide pre-made DEB's if need be
<so_solid_moo> hey people. have you guys talked at all about a standardised ldap setup in ubuntu-server ?
<tmh__> so_solid_moo: you mean https://features.launchpad.net/people/ubuntu-directory ?
<Ries> hey guys... a bit of OT question, But I am looking for a fast referce proxy to forward httpd requests to a couple of webservers... i wast hiking about squid or apache, but they seems to be a bit big for teh task
<spike> Ries: nginx
<Ries> spike: let me check...
<Ries> spike: do you use it?
<spike> no, I just suggest things at random
<Ries> spike: hehehe... it could be :)
<spike> Ries: btw, I'm not sure what you mean with "a bit big", expecially for apache
<spike> with no modules loaded, just mod_proxy, I dont really see the "too big"
<spike> or you can even recompile it with just that module, not even the other basics that come as default
<spike> bbl
<Ries> spike: it's just a feeling... I would like to have something speacially for the task....
<Ries> spike: nginx works... thanks for teh hint
#ubuntu-server 2007-10-22
<stiv2k> hi
<stiv2k> how come my /var/log/apache2/access.log is empty?
<atouk> nbody accesed it?
<stiv2k> atouk: its been empty for months
<stiv2k> atouk: and i access it all ther time, among others
<atouk> not a clue    mine's working
<atouk> theres a setting to turn it off, but i can't remember where
<stork> your problem is apache
<stork> maybe you want lighttpd
<m1r> gn
<stiv2k> uhh
<stiv2k> why would i want lighttpd?
<stork> it's neat
<peanutb> and less of a resource hog
 * peanutb mumbles about apache hogging all his vps' ram
<peanutb> yet lighttpd wasent pheaseable for some reason
 * peanutb cant remember why
<atouk> i phorget a lot too
<peanutb> prolly because i was too lazy to port over the vhosts.ohh thats what it was. It didnt have a serveralias thingy
<peanutb> so i would have had to make a different vhost for each address
<jnc> peanutb: "feasible"  sorry to correct you if you don't like to be corrected
<peanutb> jnc, i suck and spelling, thanks for correcting me
<jnc> oh geeze, you know what, netinst is the same as either desktop or server installs
<jnc> what do I need openoffice.org installed for on my server install?
<jnc> I don't, but it's there
<jnc> what the hell!
<kgoetz> hm?
<jnc> kgoetz: 127.0.1.1       karma.pimpcat.org       karma
<jnc> why are Ubuntu installs setting this as 127.0.1.1 and not 127.0.0.1 ?
<jnc> http://lists.debian.org/debian-boot/2005/06/msg01047.html
<jnc> I am reading this, but I do not understand it
<kgoetz> jnc: thats how debian does it now, i dont know why (and i dont like it)
<kgoetz> afk. going home
<jnc> 'k
<jnc> found also http://ubuntuforums.org/showthread.php?t=388765
<jnc> peanutb: what are you using for VPS?
<peanutb> yes
<peanutb> umm
<peanutb> i think its umm.... whatever vpslink.com uses
<peanutb> i think its opensomething
<lamont> jnc: what's not to understand?
<lamont> having the system think it's proper name is 'localhost.localdomain' because eth0 isn't (or is that 'is'?) up is just silly
<peanutb> wait. how did you know i have a vps?
<lamont> peanutb: what is a vps?
<lamont> * peanutb mumbles about apache hogging all his vps' ram
<lamont> that might be how we know...
<jnc> lamont: why bother having that in the hosts file at all, then?
<lamont> which 'that'?
<jnc> just one line will do it,   127.0.0.1  localhost.localdomain hostname
<lamont> but not hostname
<jnc> hm
<lamont> if I'm on my machine and connect to it by name, it routes directly, regardless of what IP I use.
<peanutb> ohh. right
<jnc> yeah I guess it does, then
<lamont> and listing it that way is what makes things think that the proper name of the machine is 'localhost.localdomain' (e.g., /etc/mailname...)
 * jnc stabs Gutsy Xen
<peanutb> lamont: its a Virtual Private Server
<lamont> ah, ok
<peanutb> im moving to shared hosting soon though
<peanutb> too much to upkeep
<peanutb> and too much monthly
<peanutb> maybe when i get more money ill get a box to colocate
<jnc> oh I misunderstood, thought you were running a VPS business
<peanutb> no
<jnc> I have some Xen problems tonight
<peanutb> :(
<jnc> it's crashing randomly on x86
<peanutb> hmm
<peanutb> sounds like fun fun fun
<jnc> "Running hooks" ... " Segmentation fault"
<jnc> and then I get booted out of ssh, it won't let me log in again
<peanutb> hmm
<jnc> several blog entries point at TLS being flakey
<peanutb> donno
<peanutb> Xen is a weird program
<peanutb> shareing a kernel between os' scares me
<peanutb> though they do it at vpslink too
<jnc> but there's libc-xen, so why should I mess with TLS
<jnc> I had Xen working alright with a stable Debian release
<jnc> so I thought, hey Gutsy is out with better Xen support (or so I heard)
<lamont> jnc: new-n-shiny doesn't necessarily equal 'better'. :-(
<jnc> not very pleased so far, it's been problematic and I haven't found documentation that shows from A-Z a working setup
<jnc> lamont: we're not talking new and shiny here, it's a release, I kind of expected it to work.   I expect debian releases to be stable, and they are, so I am not making a fair comparison
<jnc> looks like I should be hacking with 6.06 LTS
<lamont> jnc: I meant new-n-shiny xen
<jnc> really wish this stuff Just Worked
<jnc> oh
<peanutb> openvz. thats it
<jnc> openvz is pretty common
<lamont> I'm not sure how much activity xen has seen yet.  Not much work -> some rough edges.
<lamont> gnome et al get hammered by the dev community during the process, so that part tends to be right-good.
 * peanutb is still using dapper on his vps
<peanutb> i cant afford the downtime that could arise
<peanutb> and of cource apt is messed up
<peanutb> ahh the joy
<lamont> the tradeoffs are LTS for rock solid server with time-proven bits, or current release for a good desktop experience that probably does well in the data center (and will get fixed if it doesn't, of course)
<lamont> hrm...  so when I plug a 20A UPS plug into a custom-cord that has a 15A plug on the other end and then plug that into a 15A power strip that's plugged into a 300W UPS which is plugged into a 20A circuit, is that bad?
<peanutb> wha?
<peanutb> so long as you dont use more than 20 amps at the end you should be fine, but its bad practive
<peanutb> *practice
<peanutb> lamont: ^^
<lamont> peanutb: the 300W ups will trip well before I hit 20 A
<peanutb> then you are prolly fine
<peanutb> but its still bad practice
 * lamont has done electrical construction, and majored in EE in college...
<lamont> it's extremely bad practice.
 * peanutb is still in HS
<peanutb> srry i dont have any big credentials
<lamont> then again, so is taking a perfectly good 14 gauge extension cord, and replacing the outlet end with a 20A outlet.
 * peanutb is los
<peanutb> t
<lamont> wow.  I actually used a 12 gauge cord.
 * peanutb feels sad that his only credential is an @ubuntu.com email
<lamont> 20A plug is specifically different than a normal house plug
<peanutb> oh
<peanutb> is that the erm one with the pin sidewayse (the pin that isint turned sideways for 240V?)
<jnc> peanutb: you work for the company?
<peanutb> the comapny?
<peanutb> what company?
<peanutb> i dont work for any company
<peanutb> im in highschool
<peanutb> and until august i couldent legally work for anyone (except family)
<jnc> oh.  just inquiring about the "credential" you mentioned
<peanutb> oh
<peanutb> im a "official member"
<peanutb> https://launchpad.net/~paul-bartell
<peanutb> due to my loco team involvement
<jnc> I used to develop some pro audio ebuilds for the Gentoo system
<peanutb> you see i have nothign worth showing.
 * jnc laughs along
<peanutb> i contributed a partial patch for 1 package
<peanutb> hopefully more next summer or during winter break
<jnc> 13?  Google needs to update its index a bit quicker than that
<jnc> you can look me up if you want, my name's Eric Shattow
<peanutb> 14 now actually
<jnc> you're gettin' old
<peanutb> right
<peanutb> i know... so old
<jnc> remember being 6 years old?   man, for me that was like MS-DOS games
<jnc> for you that would be... a prince song on the radio over and over again
<peanutb> lmao
<jnc> Y2k "crisis"
<peanutb> i remember the backstreet boys and N'Synch
<peanutb> lmao
<peanutb> yeah the whole Y2k thing was funny
<jnc> my kid sister is 16, so I had to live with 98 degrees, and all that boy band crap
<peanutb> i didnt get it tohough
<peanutb> nn nn nwow
<peanutb> wow
<peanutb> yeah, for some reason i pull out the old cds, and like them
<jnc> everyone does, even if the music sucked
<jnc> my secret joy is Ace of Base
<jnc> but, it's a secret.   No one understands how awesome Ace of Base is.
<jnc> not even me.
<peanutb> :)
<jnc> Do I know why I danced to michael bolton videos?
<jnc> no.
 * peanutb gets out the beatles every so often. my first cd was yellow Submarine
<jnc> ooh trippy
<peanutb> then i think it was hmm... Parachutes by coldplay
<peanutb> (which i bought in like 2003)
<jnc> better than ezra, offspring, metallica, B-52's, Guns 'n Roses, Concrete Blonde...
<jnc> ya ya
<jnc> music is what kept me interested in linux through the rough years
<peanutb> yeah
<jnc> started trading songs as WAV files, it took 2 days to send one
<peanutb> do you have a last.fm?
<jnc> nah
<jnc> social networking sites piss me off
<jnc> even for something harmless and interesting like last.fm
<peanutb> well... mines they did to me too... but i decided i had to sign up ust to stop people from asking what music i like: http://www.last.fm/user/peanutb/
<peanutb> i gotta go and finish this homework though
 * jnc laughs
<jnc> cool beans
<peanutb> beans?
<jnc> it's a line from a slasher movie
<peanutb> right i was sort of in a political-bashign mood today
<jnc> everytime the character kills someone he says "Cool beans."
<peanutb> thats why the music is erm... anit-bush
<jnc> passwords are commonly based on what music a person likes
<jnc> that makes last.fm an interesting tool for me
<jnc> ;)
<peanutb> mao
<peanutb> lmao
<peanutb> well... i dont think mine is
 * peanutb wonders what his password is for last.fm
<peanutb> oh yeah
<peanutb> or things they despise
<lamont> peanutb: http://www.elect-spec.com/nema_plgsokt.htm
<lamont> this is a NEMA 5-20 plug
<lamont> you'll notice that all 4 combinations are available
<lamont> and that you can plug a 15A plug into a 20A receptical
<peanutb> yeah. seems right
 * peanutb needs to do his homework for real this time
<peanutb> arent NEMA standards also for electrical enclosures?
 * peanutb feels stupid for takeign the long way, redoing it the short way, and then getting the same answer
<jnc> ugh, TLS issues on Gutsy Xen
<jnc> makes apt-get break, and other fun side effects
<jnc> Offending process: mount
<lamont> peanutb: National Electrical Manufacturers Association - so, yeah.
<peanutb> ok
<peanutb> gotta go to sleep
<peanutb> talk to ya someother time
<kraut> moin
<_ruben> mornin
<nrpil> morning
<AussieHatter> fresh install of 7.10 server is hanging at running local boot scripts (/etc/rc.local)  should this section be taking long ?
<Kamping_Kaiser> no
<Kamping_Kaiser> but that depends what 'long' means
<Kamping_Kaiser> and the speed fo the server
<AussieHatter> fast server, long time now
<AussieHatter> about to press reset
<AussieHatter> new dual core p4, with a painful sata chipset that needs a new kernel
<AussieHatter> ok my mistake.
<AussieHatter> it was output on the console, a shell was waiting underneath after i pressed a key
<AussieHatter> now i will suffer getting used to using sudo :)
<_ruben> ah .. the dreaded 'running bootscripts after login prompt has been displayed'
<AussieHatter> _ruben, yeah it threw me :)
<AussieHatter> is the default kernel smp enabled ?
<_ruben> yes
<_ruben> unless you ended up with the -i386 one for some reason
<AussieHatter> i see, it only shows the SMP using uname -a
<_ruben> cat /proc/cpuinfo should show you all cpu's/cores it has found
<AussieHatter> right, good one, they are both there :)
<AussieHatter> was webmin ever in ubuntu ?  i know it was removed from etch
<_ruben> webmin isnt compatible to way ubuntu has its config files organized
<_ruben> !webmin
<ubotu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system
<AussieHatter> i have been looking at something like ispconfig for easy management, is there anything else hiding away ?
<_ruben> there's ebox, but im not sure how extensive it is
<_ruben> there are rumours/plans to expand it for the next release (hoary)
<AussieHatter> what firewall manager tool is hiding in 7.10 ?
<_ruben> there's several available in the default repositories i think, i always write my own scripts
<AussieHatter> _ruben, i am familiar with shorewall, always too lazy to learn iptables
<_ruben> i really recommend at least reading a couple of tutorials, so you have at least a small grasp of what's going on
<_ruben> you shouldn't use scripts that you dont really understand, imo
<_ruben> firewalling is a rather important thing, though it also depends on the needs/environment/etc ofcourse
<AussieHatter> i have been using shorewall for years now,  i am quite familiar with whats going on
<AussieHatter> i havent found the need to invest in learning iptables proper
<AussieHatter> though i have a pretty good grasping
<AussieHatter> shorewall is a great project imo
<AussieHatter> lots of good networking tutorials
<AussieHatter> have you been a debian user ?
 * Nafallo thinks iptables is easier then shorewall
<AussieHatter> nafallo, really ?
<AussieHatter> for quick changes ? adding port frwards ? seeing logs ?
<Nafallo> yes
<AussieHatter> wow. i just found that once it gets complex shorewalls layout is easy to look at and see whats going on
<AussieHatter> are you familiar with mondo ?  it was good in sarge for backing up / cloning a running distro and saving as an .iso for bare metal restore, what would one use on ubuntu >
<AussieHatter> ?
<Nafallo> I'm not friend with shorewall since I noticed my 10Mbps in became 2Mbit in because of it.
<Nafallo> we have everything Debian has and more.
<AussieHatter> Nafallo, oh, wow, i wouldnt be either, thats nasty,
<AussieHatter> i cant find mondo
<AussieHatter> are you familiar with something similar ?
<Nafallo> nafallo@wizard:~$ apt-cache show mondo | grep ^Section
<Nafallo> Section: universe/utils
<AussieHatter> Nafallo, and once you removed shorewall your speed increased ?
<AussieHatter> ah, i see, i dont have universe turned on
<Nafallo> AussieHatter: once I wrote iptables.sh and removed shorewall yes.
<AussieHatter> Nafallo, were you familiar with iptables before that ?
<Nafallo> yes
<AussieHatter> i have just suffered the last day trying to get a via saa chipset working with etch
<AussieHatter> 'sata'
<AussieHatter> whats your thoughts on allowing root login and not using sudo ?
<Nafallo> man sudo_root
<AussieHatter> i see, thx
<_ruben> AussieHatter: i've been a debian user in the past, then moved to opensuse/sles, now in the process of moving to ubuntu (orienting and experimenting atm mostly)
<_ruben> i kinda like the sudo approach, especially the logging part so its a bit more clear which collegue managed to fuck up :-P
<_ruben> one downside tho, currently only root has a passwd set on our servers, we login using ssh keys
<_ruben> one option would probably be to give root a passwd and have the admins use that for sudo instead of their own
<Kamping_Kaiser> <_ruben> there are rumours/plans to expand it for the next release (hoary) <- hardy
 * _ruben slaps forehead
<Kamping_Kaiser> AussieHatter, used mondo on dapper, worked well
<Kamping_Kaiser> _ruben, lol
 * Kamping_Kaiser finnally reaches bottom of scrollback
<_ruben> hmm .. mondo sounds promising (from looking at the apt-cache info)
<_ruben> Kamping_Kaiser: in busy channels like these i tend to only read a few hours tops of the backlog :p
<Kamping_Kaiser> _ruben, whats the downside with you and sudo and root?
 * Kamping_Kaiser didnt get that bit
<Kamping_Kaiser> i'm bored, i have time to readd it all ;)
<_ruben> my boss probably wouldnt apreciate it if i spend most of the morning reading irc backlogs :p
<Kamping_Kaiser> lol
 * Kamping_Kaiser has only been gone 60 min
<_ruben> ah o
<_ruben> k
<_ruben> my 'backlog' was from 4pm yesterday till 8am today (3hrs ago) :p
<Kamping_Kaiser> lol.
<Kamping_Kaiser> i only stopped 8 minutes before you started ;)
<_ruben> but concerning sudo, sudo by default requires the passwd of the current user, but on our current (suse) servers, the users dont have a passwd
 * Kamping_Kaiser is lacking reasons to fanboy etch atm :( i need to find some funky feature
<Kamping_Kaiser> huh? not at all?
<_ruben> we login using ssh keys
<_ruben> and direct root login at the terminal
<Kamping_Kaiser> still, no passwords is a bit... much
<Kamping_Kaiser>        rootpw      If set, sudo will prompt for the root password instead of
<Kamping_Kaiser>                    the password of the invoking user.  This flag is off by
<Kamping_Kaiser>                    default.
<_ruben> it saves 'maintaining' ~6 passwds on ~30 servers (rough estimate)
<Kamping_Kaiser> thats understandable. still have issues with *no* password at all (then again, keys are hard to fake)
<_ruben> that's the option i opted as a decent alternative in our situation
<_ruben> Kamping_Kaiser: well, no password isnt the same an empty password, so i dont see any harm in it
<Kamping_Kaiser> _ruben, suppose so
<_ruben> at the console only root can login, and even if ssh is misconfigured (allowing non-key logins), then one could still not login as a user (but only as root, if ssh would be even more faulty configured)
<_ruben> but these are exactly the things im investigating as part of a possible move from suse to ubuntu
<oly_mk2> anyone able to help with a windows share mount problem, i have added in a share on the windows server into fstab it works fine
<oly_mk2> except when the windows server is rebooted, then ubuntu can no longer read the share
<Kamping_Kaiser> the share probably times out and is unmounted
<oly_mk2> until i go and manually unmount and remount it, which is a pain because the windows servers get rebooted a fair bit
<oly_mk2> if i try and access it i get an i/o error
<Kamping_Kaiser> you could try unmounting+remounting every X hours in a cronjob
<oly_mk2> hum, yeah its not ideal though
<oly_mk2> i tried adding errors=remount-rw in fstab like you can with ext partitions
<oly_mk2> but that does not seem to work
<Kamping_Kaiser> `man fstab` will tell you what options you get for windows shares
<oly_mk2> is cifs any better at handling this than smbfs does nay one know ?
<Kamping_Kaiser> maybe `man mount`, i cant remember
<_ruben> hmm .. that's odd .. never tried it with ubuntu, but under suse the mount resumes to work after the windows box is up and running again
<_ruben> i think i used cifs back then
<oly_mk2> okay may try cifs, and the info is in man mount i just found out
<oly_mk2> thats why i coudl not find it when i looked :)
<AussieHatter> I am back...  its dinner time here in aussie land... reading backlog
<soren> oly_mk2: cifs is preferred over smb and has been for quite a while.
<oly_mk2> oh okay, i had not even heard of cifs till today
<Kamping_Kaiser> hehe
<AussieHatter> yes i have used mondo for the last few years and it has been great untill etch where it wants to install a different kernel !! seriouslt !!
<AussieHatter> etch has been good until recent mobos and old kernel :(
<AussieHatter> pita
<AussieHatter> debians ongoing problem
<Kamping_Kaiser> AussieHatter, different kernel in the new system?
<oly_mk2> i will give it ago, also found nomand in the mount command which might fix it just need to read up on exactly what it does
<Kamping_Kaiser> AussieHatter, everyones ongoing problem
<AussieHatter> 2.6.18 in etch, via sata chipset needs 2.6.22 at least
<AussieHatter> then i tried a backported d-i which worked but then vmware wouldnt compile
<AussieHatter> grrr
<AussieHatter> after 5 or 6 hours of time wasted....
<Kamping_Kaiser> AussieHatter, ah, i saw you asking about it the other day in #debian
<AussieHatter> now I think i am finally going to make the move to ubuntu
<AussieHatter> Kamping_Kaiser, yes, it was pain
<AussieHatter> cifs has been the win stack for a long time now hasnt it ?
<Kamping_Kaiser> XP~ iirc
<Kamping_Kaiser> maybe even ME
<AussieHatter> i think so also
<AussieHatter> mounting smbfs is a good option
<AussieHatter> not sure why people stuff around with ntfs
<AussieHatter> i guess only locally or dual boot
<Kamping_Kaiser> its hard to mount using smbfs from the localhost? :)
<AussieHatter> right :)
<Kamping_Kaiser> :)
<AussieHatter> hmmm, passwordless ssh has been tempting but i've never quite felt safe enough...
<Kamping_Kaiser> keybased ftw. i just keep forgetting to set it up
<AussieHatter> one pain i've suffered with gui linux and ubuntu or debian is the X user is logged in as a normal user but then if you want to move a file or folder there is no way to elevate privileges to copy file where you want to
<AussieHatter> unless there is a way and i dont know
<Kamping_Kaiser> gksudo nautilus
<_ruben> or ksudo :)
<Kamping_Kaiser> debian used to have a 'root filebrowser' option in the Applications menu, but i note its disapeared
<Kamping_Kaiser> or that :)
<AussieHatter> so is a file browser setup to use gksudo ?  do you have to enter this in a term ?
<Kamping_Kaiser> alt+f2
<Kamping_Kaiser> put it in the box
<AussieHatter> ok i will check it out
<AussieHatter> what about plugging in a usb stick ? the other day discover found it then would only mount it read only !
<AussieHatter> on 7.04 that is
<Kamping_Kaiser> what filesystem? does it have a hardware 'read only' switch?
<AussieHatter> Kamping_Kaiser, no it was vfat
<AussieHatter> hmmm, vmware is saying i may need to upgrade libc5 to glibc ... what could this mean ?
<AussieHatter> ah, maybe because x-window-system is not installed
 * Kamping_Kaiser wouldnt know, i dont do proprietary software ;)
<AussieHatter> Kamping_Kaiser, ahhh, vmware is great :)
<Kamping_Kaiser> you can keep it :)
<AussieHatter> there isnt a free alternative as far as i know ? though they give it away for free,
<Kamping_Kaiser> bochs? qemu?
<_ruben> virtualbox, xen, ...
<Kamping_Kaiser> !free
<ubotu> freedom is important. Ubuntu is as free as we can make it, which means mostly free software. See http://www.gnu.org/philosophy/free-sw.html and http://www.ubuntu.com/ubuntu/licensing
<Kamping_Kaiser> read first link
<AussieHatter> nice :)
<Kamping_Kaiser> :)
<AussieHatter> xen doesnt run xp
<AussieHatter> dinner time
<_ruben> lunch time
<Kamping_Kaiser> later mate
<AussieHatter> mmmmmm foood
<Kamping_Kaiser> :(
 * Kamping_Kaiser is abandoned
<_ruben> well .. table soccer time, which is the usual thing to do during lunchtime here at work ;)
<Kamping_Kaiser> hehe
 * Kamping_Kaiser resumes coding
<_ruben> bbiab
<rooaus> Should "do-release-upgrade" upgrade a 7.04 install? Does the server upgrades happen at the same time as a desktop release?
<Kamping_Kaiser> yes, the servers update at the same time
<rooaus> Kamping_Kaiser: Thanks. It uses the /etc/apt/sources.list doesn't it? I have a 7.04 server at work that reports "No new release found" yet today I was able to update my laptop (desktop install). Both point to the same mirrored repo.
<Kamping_Kaiser> yes, thats the correct file
 * Kamping_Kaiser wonders why he doesnt see rooaus and AussieHatter in #ubuntu-au
<rooaus> Only difference is the work server is behind a firewall that only allows updates from the configured repo, laptop has unrestricted internet access. Strange?
<Kamping_Kaiser> there might be auto update tools, i dont know.
 * Kamping_Kaiser does such things by hand
<rooaus> heh, only found this channel now, didn't even know there was an #ubuntu-au channel :)
<Kamping_Kaiser> :)
<rooaus> might ask in that channel, maybe it is a mirroring issue. thanks.
<Kamping_Kaiser> change sources.list -> apt-get update -> apt-get dist-upgrade (or aptitude dist-upgrade) done
<Kamping_Kaiser> not sure how the mirrors matter :)
<rooaus> I read the supported upgrade method was using do-release-upgrade. I have no probs doing the apt-get upgrade just thought I would follow docs in case something went wrong, easier to explain to the boss :)
<Kamping_Kaiser> never seen do-release-upgrade, so i cant really helpa  great deal with it
<rooaus> do-release-upgrade sorry, from update-manager-core.
<Kamping_Kaiser> ah, i dont use update-manager (not sure all the ubuntu bits are in debian anyway)
<lousygarua> how is the gutsy server? does it have spinning compiz terminals? :)
<Kamping_Kaiser> lol. no.
<AussieHatter> back again, there is a #ubuntu-au ?
<AussieHatter> well, Aussieland is on the map.
<Kamping_Kaiser> :D
<Kamping_Kaiser> join us! and drink with me!
<AussieHatter> dammit ! in my sleep haze it hit something in mirc and lost the title bar
<Kamping_Kaiser> lol
<Kamping_Kaiser> xchat ftw
<AussieHatter> what is ftw ?
<Kamping_Kaiser> for the win
<AussieHatter> ah
<AussieHatter> on my xp laptop currently
<Kamping_Kaiser> and yes, theres an #ubuntu-au
<Kamping_Kaiser> search for 'silverx'
<Kamping_Kaiser> its xchat for windows
<AussieHatter> ah ok
<AussieHatter> Kamping_Kaiser, do you know where the timeout setting for sudo is ?
<Kamping_Kaiser> AussieHatter, sudoers file iirc
<AussieHatter> hmmm, no timout in that file
<AussieHatter> i will find it later :)
<Kamping_Kaiser> man sudoers
<_ruben>        timestamp_timeout
<_ruben>                    Number of minutes that can elapse before sudo will ask for a passwd again.  The default is 15.  Set this to 0 to always prompt for a password.  If set to a value less than 0 the userâs timestamp will never
<_ruben>                    expire.  This can be used to allow users to create or delete their own timestamps via sudo -v and sudo -k respectively.
<Kamping_Kaiser> we need a manpage search bot
<_ruben> that'd be nice indeed
<Kamping_Kaiser> eg !ubotu man sudoers timeout
<_ruben> tho could cause quite some spamming
<AussieHatter> good plan
<Kamping_Kaiser> PM to caller?
<_ruben> could trigger an 'excess flood' anyways
<Kamping_Kaiser> true.
<AussieHatter> omg so many times i am forgetting to put that sudo in front
<_ruben> a web search engine would do the trick, combined with a botscript that'd build the proper url to the web page
<Kamping_Kaiser> lol
<_ruben> with possibly some higlighting
<_ruben> +h
 * Kamping_Kaiser thought +h was a switch for the moment
<Kamping_Kaiser> man search +h timeout
<Kamping_Kaiser> ;)
<_ruben> haha
<rooaus> Kamping_Kaiser: You about?
<rooaus> Kamping_Kaiser: FYI, I ran wireshark while doing a "do-release-upgrade" and found it gets the release info from http://changelogs.ubuntu.com/meta-release. The server is firewalled and can only contact the configured repo.
<_ruben> sounds plausible .. the repo's dont tell you what's current or not
<rooaus> gotta love Ethereal (oops wireshark) ;)
 * _ruben is more of a tcpdump kind of person]
<sommer> anyone know if it's possible to enable smtp auth, but only for a certain group?
<sommer> using sendmail or postfix?
<ScottK> sommer: What problem are you trying to solve?
<sommer> currently we don't have smtp open from outside the network, but things have changed and we now need to.
<sommer> but I was wondering if it's possible to only allow smpt access to certain addresses
<sommer> or users
<sommer> s/smpt/smtp/
<sommer> I see you can configure what type of auth mechanisms you want to use, but not how to limit service availability.
<lamont> sommer: iptables or tcpwrapper come to mind
 * lamont would probably use iptables
<sommer> lamont: makes sense, but how would you let iptables know which users to allow
<lamont> iptables would limit what IP's could be used.
<sommer> ah... couldn't you do that from postfix/sendmail though?
<lamont> I see that maybe I misinterpreted "addresses"
<sommer> lamont: sorry email addresses
<lamont> right
<lamont> so, not an iptables thing.
<lamont> so you want mail arriving from the internet to only be allowed if the destination address is in a list of specific users?
<ScottK> sommer: Look into smtpd_sender_login_mismatch (IIRC)
<sommer> ScottK: cool will do
<lamont> ScottK: thanks.  I'm definitely having parsing issues this AM
<sommer> lamont: not exactly... I guess I want certain users to be able to use SMTP from a mua
<ScottK> sommer: The mumble login mismatch limits email addresses that can be used via SMTP Auth to certain users per address.  If you can addresses not to be useable via SMTP Auth, list them with a non-existant user.
<sommer> ScottK: thanks mumble?
<ScottK> mumble meaning I can't remember the exact name and didn't want to give it to you wrong.
<ScottK> It's in the postfix docs.
<sommer> ScottK: ah... cool I'm looking into it.
<Carry> hello, i'm new to server-software... my book says there's a bin conf and htdocs in the ServerRoot...
<Carry> not in my ubuntu 6.0 lts lamp
<Carry> :/
<Carry> help?
<sommer> Carry: all the apache configs are in /etc/apache2 and the ServerRoot is set to /var/www by default
<Carry> sommer: tnx, take a look now..
<sommer> Carry: here's a link to Ubuntu specific Apache instructions: https://help.ubuntu.com/6.06/ubuntu/serverguide/C/httpd.html
<Carry> tnx
<Carry> my book uses /usr/local/apache..
<sommer> Carry: it usally depends on which instructions you use to install Apache... if you compile from source /usr/local/apache is the default I believe.
<sommer> Carry: I find it easier to use binary packages provided by the distro myself.
<Carry> sommer: i used the server-iso, used lamp-option..
<sommer> Carry: ah... then you should have everything installed.  The next step would be to learn the configuration needed to accomplish what you want to do.
<Carry> sommer: wanted to use it to learn how it works..
<Carry> never compiled from source..
<peanutb> eep
<sommer> Carry: you should be able to use your book then, just remember to look in /etc/apache2 for configs and /var/www for the files your serving.
 * Carry is reading file apache2.conf in /etc/apache2 now
<Carry> no httpd.conf :/ ..
<soren> It's called apache2.conf nowadays.
<Carry> :/ where's the bin and conf directory :/ ? not in ServerRoot :/
<Carry> soren: tnx..
<soren> I don't know what the bin and conf directory is.
<mralphabet> Carry: cgi-bin?
<Carry> mralphabet: soren my book says in ServerRoot Directory: bin conf htdocs htdocs/manual icons
<mralphabet> is that an apache 1 book?
<Carry> mralphabet: yes, and cgi-bin
<Carry> mralphabet: apache2
<mralphabet> I actually don't know where the cgi-bin is . .. I don't use it heh
<soren> /usr/lib/cgi-bin
<Carry> soren: found...
<Carry> empty :)
<soren> What did you expect to find?
<Carry> just learn where things are..
<Carry> can't find it in /etc/apache2/apache2.conf
<soren> It's in /etc/apache2/sites-enabled/000-default
<Carry> mralphabet: book = apache 2.0
<mralphabet> Carry: yeah, caught that
<Carry> is there a new book?
 * mralphabet doesn't know
 * Carry want's it :)
<soren> Ubuntu server session in #ubuntu-classroom in 5 minutes, people.
<mutalisk> I installed ubuntu server 7.10 and on boot it stops after rc.local and doesn't give me login prompt.  I have to hit enter before it gives me a login prompt.
<mutalisk> It's not a big deal, just kind of annoying
<mutalisk> any ideas on what might be causing it?
<sommer> mutalisk: I'm not sure if this exactly what you're seeing, but this bug 65230 may be related.
<ubotu> Launchpad bug 65230 in upstart "startup messages continue on screen after first login prompt appears" [Low,Triaged] https://launchpad.net/bugs/65230
<mutalisk> yeah that doesn't seem to be lated to what I'm experiencing
<jnc> http://pastebin.ca/745702
<jnc> dammit. Xen is not happy on this box.
<jnc> now taking suggestions, is there a preferred stable Ubuntu platform for running Xen?
<mralphabet> not 7.10?
<LifeSF> is there a way to install ubuntu-server entirely with the typical automatic script and STILL be able to configure the static ip because i've been rushing with the /interfaces
<LifeSF> i'm in the re-install process right now, in expert mode... and i'm starting to think i should not be in there yet
<jnc> mralphabet: which release though
<jnc> Feisty? LTS 6.10?
<mralphabet> jnc: 7.04 should work fine
<jnc> err
<jnc> okay Feisty server.   I'll give that a whirl
<jnc> have to remember to move /lib/tls out of the way hmm
<jnc> any other cavets?
<Nafallo> jnc: no, edgy isn't an LTS.
<mralphabet> jnc: I don't know that xen has been built against the kernel in 7.10 yet
<jnc> err... 6.0n forget what n is for the Dapper
<Nafallo> mralphabet: there is a XEN flavour in Universe.
<Nafallo> jnc: 6
<Nafallo> jnc: 6.1 really
<mralphabet> Nafallo: ahh
<jnc> thing is, I went through some pains to get Xen operating on a debian r4.0 install, but it worked beautifully.  I was going to nuke the box and set it up For Real This Time, so I'm trying out all my options
<jnc> no Xen for the LTS release?
<Nafallo> without trying I would say 7.10 is the best Ubuntu for XEN right now.
<jnc> oh
<Nafallo> security supported until 9.04
<Nafallo> with LTS coming out 8.04
<jnc> Nafallo: it's certainly easy to install, but I can't make it work without causing a horrible crash
<zul> jnc: only built from source with dapper
<jnc> the Xen kernel in Gutsy causes a panic when using 'mount'
<Nafallo> zul: hehe, hi Mr. Xen. feel free to take over this discussion ;-)
<jnc> which uh, is kind of a big deal
<jnc> =)
<zul> jnc: eh?
<jnc> zul: having trouble with Gutsy Xen on a dual smp xeon (with hyperthreading) box
<zul> jnc: oh what kind of problems
<jnc> I install "ubuntu-xen-server", reboot, machine comes up fine.   Trying to xen-create-image dies and locks the box up in a panic at or around the "running hooks" phase
<zul> jnc: can you open a bug in launchpad? and i can have a look
<jnc> oh yes, of course.  What information do we want?
<zul> the oops mainly..
<jnc> I'll make the bug report, meanwhile http://pastebin.ca/745702
<jnc> is that the same as bug #135041 ?
<ubotu> Launchpad bug 135041 in linux-source-2.6.22 "xen-image-create fails with kernel panic" [Undecided,Incomplete] https://launchpad.net/bugs/135041
<jnc> I have some phobia of filing duplicate bug reports ;)
<atouk> QUESTION: since moving my pages to unbutu server i get - Warning: mysql_free_result(): supplied argument is not a valid MySQL result resource  errors
<zul> jnc: just add the information to the bug report
<mralphabet> atouk: was there a version difference in the mysql packages?
<jnc> setting up a fresh install of netboot'd hdmedia image, and Ubuntu Gutsy 7.10 Server edition ISO
<atouk> have to check
<jnc> 5g root, 5g swap...   will try to document what I do
<atouk> old box is offline so i have to power it up and get version #s
<atouk> pages were generated with dreamweaver, so I'll check their site too
<mralphabet> atouk: It sounds like it is really a code issue
<LifeSF> litteraly going nuts trying to set up a static ip; i got scared away from the expert install of ubuntu-server... i'm still a newb when it comes to linux
<LifeSF> probs in the /interfaces
<mathiaz> LifeSF: have a  look at the interfaces man page - man interfaces
<atouk> doing research now.   looks to be php warning message that was suppressed before, so it wa there, but i never saw it
<LifeSF> mathiaz: how do i do that?
<mralphabet> LifeSF: from the command line, type 'man interfaces'
<LifeSF> oki
<LifeSF> thnx
<LifeSF> mathiaz; is there a way for me to print out man interfaces?
<jnc> zul: the xen kernel is segfaulting when I run 'man tee'
<jnc> zul: very confused now.  should I continue to append to that bug report?
<zul> jnc: then something is wrong with your
<zul> 'er wrong with your 'puter might want to run something like a memory check or something
<jnc> weird, it was not a problem before, I can run memtest86
<jnc> I see in dmesg without having run xen-create-image or anything some problem shortly after device-mapper: ioctl: 4.11.0-ioctl   initalizes
<jnc> [<c014ed84>] __report_bad_irq+0x24/0x80, [<c014f059>] note_interrupt+0x279/0x2b0 ...
<jnc> irq 9: nobody cared (try booting with the "irqpoll" option)
<jnc> nobody cared?  I care. :(
<zul> jnc: try booting with irqpoll
<jnc> zul:   "linux initrd=blah irqpoll"  like this?
<zul> yeah
<LifeSF> there a way for me to print out man interfaces?
<mralphabet> LifeSF: can you print anything else?
<LifeSF> lol, i mean from the terminal
<LifeSF> or can i open them elsewhere?
<mralphabet> http://www.google.com/search?q=man+interfaces
<mralphabet> first link should be what you are looking for
<mralphabet> ;)
<LifeSF> lol alright; not identical but i'm sure the one you linked me to is better :P :) so i'll use that one :)
<jnc> zul: no change.  going to go run memtest now
<jnc> I'm confused why it would suggest running with irqpoll when I already am
<jnc> but oh well
<mralphabet> LifeSF: I don't know about better, but it should be close
<LifeSF> just wanted to say thnx :P :)
<mralphabet> np, glad to help
 * jnc pokes /proc/cmdline
<jnc> oh hey, what the heck, it's not in there :(
<jnc> okay, needs to be on GRUB module line
<jnc> zul: thanks for your help though, kernel panics are a little over my head to figure out
<zul> jnc: no probs
<atouk> got it   error reporting was set up different in php.ini.    it's always the little crap
<jnc> zul: "ACPI AWARE OS: [NO]" in BIOS settings makes everything work
<jnc> zul: is this a bug?
<jnc> if so, what kind of bug and what do I write about it, where...
<zul> jnc: i dont even know where you are getting that from since I dont know the context
<jnc> zul: the generic Ubuntu Gutsy kernel works fine with that box the way it was
<zul> yeah there is no acpi in the xen kernel
<jnc> with the Xen kernel, it has problems unless I disable ACPI in BIOS
<jnc> so hmm...  is this a bug with the Xen kernel?
<zul> nope its intentional xen doesnt support acpi
<jnc> oh this is a good byte to put in the Xen community documentation then :P
<zul> if I had time then maybe yes :)
<jnc> zul: why not ship with "acpi=off" in the grub config?
<jnc> for Xen kernels I mean
<zul> jnc: it depends on the machine
<jnc> oh okay, so it would break other machines?
<zul> for example mine works fine
<zul> anyways i have to go back to work
<stork> can anyone recommend a firewall ?
<ScottK> iptables?
<stork> maybe something for http packet filtering
<stork> or http connection throttling
<zul> again iptables
<stork> it can do throttling ?
<zul> stork: you probably want something like mod_throttle then
<stork> good thinking
<stork> but my server is running under jetty
<mralphabet> jetty?
<stork> java servlet container
<stork> i think i'll run it through lighttpd under mod_proxy
<mralphabet> ahh
<nealmcb> jnc: are you saing if you want to run a xen machine, you have to boot the physical machine without acpi in the bios?
<nealmcb> *saying
#ubuntu-server 2007-10-23
<zul> is ebox going to be added for hardy?
<kgoetz> someones planning to
<nealmcb> zul I thought a bit of it was already in gutsy, with lots more to come
<zul> nealmcb: ah
<nilson> Hi
<nilson> I run the NFS server on my machine. Apparently the default install does not include rpc.ugidd, which I want to use to map GID/UIDs across my client systems
<nilson> What would be the best way to get it? Will I need to manually configure and compile the nfs server
<jnc> nealmcb: Yes, I have to configure ACPI as disabled in BIOS, -or- alternatively I can boot the kernel with acpi=off option
<jnc> both are functionally the same result meaning if I don't do either one, then there's a kernel panic, and if I do one or both of those there is no kernel panic and everything is working as it should
<jnc> zul: I've updated the community Xen document
<jnc> (wiki)
<kjcole> Hi.  I've upgraded to Gutsy and once again my LVM stuff is dead.   Help.
<kjcole> Though I'm not running a server, this channel is supposedly more knowledgeable about LVM.
<jnc> Unfortunately we cannot overcome the limitations of your not being connected to hear the answer
<kgoetz> lol
<jnc> or...
<jnc> So, you feel that your LVM stuff is dead, do you?
<jnc> Ah... and you think this is a reoccurring experience! This is very interesting.
<kgoetz> hehehe. bloody emacs users
<ajmitch> wash your mouth out
<kgoetz> ??
<ajmitch> cursing emacs users
<kgoetz> oh right.
<scotth> easy question that I thought I knew the answer to but apparently not, how do I set the hostname on an ubuntu system, including the fqdn?
<scotth> I would like hostname to return 'foo' and hostname -f to return 'foo.example.com'
<scotth> apache keeps saying its unable to determine its own hostname
<scotth> and the reverse dns points to foo.example.com
<nealmcb> scotth: yeah - a surprisingly complicated question.
<scotth> I feel like an old tymer, but back in my day all you had to edit was /etc/hosts and /etc/hostname
<nealmcb> those two are usually involved, for sure.  exactly what does apache say?
<nealmcb> and do other things work?
<nilson> what does `hostname` return
<sommer> scotth: the way I make that apache error go away is to set the ServerName directive in /etc/apache2/apache2.conf or in the sites-available/default config file.
<nilson> scott run hostname --fqd see what it returns
<scotth> sommer: I set ServerName in the sites-avaliable
<nilson> and make sure /etc/init.d/hostname.sh is started
<jnc> scotth: there was a change to /etc/hosts with recent Ubuntu releases which may affect you, it involves changing 127.0.0.1 to 127.0.1.1 for the hostname
<sommer> mmmMMM... might also add ServerName localhost to apache2.conf
<scotth> nilson: it returns outkast
<nilson> even with the --fqd option?
<scotth> nilson: yes
<nilson> looks like your server doesn't know its domain
<scotth> jnc: my entry is still 127.0.0.1
<scotth> nilson: I have domain set in /etc/resolv.conf
<nilson> hm
<scotth> its a pretty old install that I believe started with dapper and is now at gutsy
 * ScottK wonders if Bug #8980 might be relevant.
<ubotu> Launchpad bug 8980 in netcfg "hostname -f does not return a proper FQDN" [Medium,Confirmed] https://launchpad.net/bugs/8980
<scotth> ScottK: that got it, reordering to outkast.sjhserv.net outkast got the fqdn working
<scotth> thanks, odd little behavior
<nilson> scotth: in hosts?
<scotth> yup
<nilson> Yeah mine's set up that way. I saw that it says 127.0.1.1 now too, which I found odd
<nilson> I thoght it was a mistake..
<scotth> though apache is now using 127.0.0.1 as my hostname
<scotth> but doing the 127.0.1.1 thing fixes that
<scotth> way weird
<nilson> jnc whats the reason for that switch
<kgoetz> tec/hostname should just be the alias (eg kgoetz), /etc/hosts should have (eg) kgoetz.id.au then kgoetz
<kgoetz> iirc
<highX|Humpy> Hi, I'm looking for help installing Ubuntu 7.10 onto RAID 0
<nownott> hey ubuntu folks couldnt help me. i want to edit iptables for http, ftp, ssh, and vpn <- if anyone knows how do do vpn. any help?
<kgoetz> can you be more specific in your qeustio? ;)
<kgoetz> eg what aobut iptables do you need to edit?
<kgoetz> why do you need to?
<nownott> need to b/c they are wide open right now. and i need to set them up
<kgoetz> set them up to do what?
<nownott> i want to shut all ports besides 80, 21, 22 , 1194, and enable what i need to for vpn
<kgoetz> use this as an example:
<kgoetz> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j ACCEPT
<kgoetz> that accepts all packges on interface eth0 goin to port 443
<kgoetz> and if your opening ssh to teh world, look at this http://www.debian-administration.org/articles/187
<kgoetz> also http://www.debian-administration.org/articles/23, if this is a gatway
<nownott> so the 443 is for https, the first link is for ssh, i can do 21 from the example you gave me for https. you know anything about the vpn world?
<jnc> nownott: easier solution is get another computer and run Smoothwall distro on it
<jnc> click that junk with a mouse.
<nownott> jnc: thanks but id really like to get this working
<kgoetz> nownott: look at openvpn
<kgoetz> jnc: a (dedicated) gateway might be overkill for his purpose
<nownott> kgoetz: i have openvpn installed and configed. i cant get traffic to get fowarded believe it was the way i have iptables/firewall setup
<nownott> i can connect to it just fine just no packet fowarding
<kgoetz> nownott: openvpn? tried looking at the logs? asked #openvpn?
<nownott> openvpn was no help what so ever, and logs no havent checked there
<kgoetz> you mmight need to turn up the loggin, perhaps rrun the daemon in the forground
<nownott> kgoetz: i enterd the first rule you gave me for https but it had no effect on my firewall
<kgoetz> nownott: looked at the links i gave you?
<nownott> yes
<kgoetz> setup your firewall like the gateway guide says? (with port forwarding if its a gatway)?
<nownott> didnt read that one b/c its not a gateway
<kgoetz> it will probably have rules you need
<kgoetz> but i just realised i didnt ask - how did you test 'no effect' with your firewall?
<nownott> no effect?
<kgoetz> 14:44 < nownott> kgoetz: i enterd the first rule you gave me for https but it had no effect on my firewall
<kgoetz> how did you check that?
<nownott> sudo iptables -L -v
<nownott> well i ended up doing them like this iptables -A INPUT -p udp --dport 21 -j ACCEPT
<kgoetz> SSH is a tcp based protocol
<kgoetz> iirc
<nownott> well hmm when i saved i see the prerouting that you dold me to put in there
<kgoetz> vpn will be udp
<nownott> i have my vpn to use tcp instead
<nownott> what is prerouting
<kgoetz> you should read the iptables readme files
<kgoetz>  /usr/share/doc/iptables/
<kgoetz> rustys explanatio of prerout/postrout etc will be better then mine ;)
<nownott> so do you know about the vpn stuff i need to foward etc. the tun etc
<kgoetz> if its a vpn server, you need to allow in the port listed in the vpn config file, if its a client dong worry
<kgoetz> *dont
<nownott> ya i can connect but like i said i believe it was the port fowarding that was getting me
<kgoetz> i doubt it tbh. more likely to be your routs/dns are broken
<kgoetz> but until you check out the logs and or turn up debug, who knows
<nownott> kgoetz: you have amin to look at my iptables?
<kgoetz> nownott: not atm, i'm at work :)
<kraut> moin
<RealMurphy> Hi, i have a brief question about cowbuilder: Is it really possible to build 32bit stuff with it in a 64bit environment?
<RealMurphy> I tried many variations of arch=i386 in many places and it always goes back to amd64 packages
<soren> cowbuilder is a variant of pbuilder, right?
<soren> Yes, it seems so.
<soren> RealMurphy: What you need to do is to make sure that the chroot is created as an i386 chroot.
<soren> This is usually achieved by passing --arch i386 to debootstrap.
<soren> Due to the way pbuilder accepts options, you need to pass --debootstrapopts --arch --debootstrapopts i386  to pbuilder.
<soren> RealMurphy: ...but these questions are actually more suitable for #ubuntu-motu. :)
<RealMurphy> yes, sorry, was distracted
<RealMurphy> ok, thanks alot - I was mostly overwhelmed by the number of channels available :)
<RealMurphy> soren: I havent used that way to use mutliple  --debootstrapopts, i'll try that or go to greyskull
<soren> RealMurphy: :)
<RealMurphy> soren: You hit the problem right on its head and it gone now. Thanks a lot :)
<soren> np :)
<stork> how can i find out what version i'm running ?
<zul_> stork: cat /etc/issue
<stork> cheers
<stork> is it possible to upgrade from 6.10 to 7.10 without doing a clean install ?
<soren> stork: Skipping a release is not support. You need to do 6.10 -> 7.04 -> 7.10.
<soren> "supported", I mean.
<zul_> soren: or you could whipe everything clean and just install 7.10
<soren> or poke your eye out with a rusty fork..
<zul> or you could do that but thats the easy way out
<soren> Indeed.
<ScottK> For some definition of possible that goes well into really painful and you probably don't want to do it, yes.  It's possible.
<penguim> @schedule Bahia
<ubotu> Schedule for America/Bahia: 23 Oct 12:00: Server Team | 23 Oct 13:00: Kernel Team | 30 Oct 13:00: Kernel Team | 08 Nov 12:00: Community Development Team
<nealmcb> server team meeting in 15 minutes, #ubuntu-meeting - https://wiki.ubuntu.com/ServerTeam/Meeting
<pteague_work> what do i need to do to get apache to stop complaining about not being able to reliably determine the server's fully qualified domain name?  i'm guessing i need to set something up with hostname ?
<sommer> pteague_work: try setting "ServerName localhost" in /etc/apache2/apache2.conf
<pteague_work> sommer> cool, thanks... i wasn't sure but what it was a hostname issue in the linux setup
<sommer> np
<Guiri> Hello
<Guiri> I'm on a Gutsy lamp server. I tried to install fluxbox but when I run startx I get an error about the font directory
<Guiri> I've ran fc-cache and dpkg-reconfigure fontconfig
<sommer> Guiri: you'll probably also need to install x-window-system-core xserver-xorg... if they aren't already
<Guiri> thanks. let me check
<Guiri> I was missing the core, which is conveniently install the 75 and 100 fonts packages
<Guiri> Thanks
<sommer> np
<Guiri> Now it errors with no devices detected. I thought I set the 'intel' driver in xorg. But the vesa throws the same error.
<Fenix|work> greetings... how do I go about adding framebuffer to my server install?
<sommer> Fenix|work: do you just want a higher resolution font?  if so I just add vga=791 to the end of the kernel line in /boot/grub/menu.1st
<Fenix|work> I did that... didn't work
<Fenix|work> perhaps I did it wrong
<Fenix|work> I'll look at it in a sec
<Fenix|work> just reinstalling
<sommer> you could also edit the line from grub before booting... sometimes it's up to your video card if it'll work or not I've noticed
<Fenix|work> yeah... had those problems with gentoo ...
<Fenix|work> but man, 80x25 blows :)
<sommer> ssh is always whatever resolution you want :)
<Fenix|work> yeah, haven't advanced to that stage yet though :)
<Fenix|work> I don't have any networking set up just yet
<Fenix|work> (deliberately set it up that way)
<Fenix|work> getting this set up for cloning
<sommer> sweet
<Fenix|work> sommer, for SSH, I need to install OpenSSH?
<sommer> yep, openssh-server to be exact
<Fenix|work> is there a firewall already installed?
<mralphabet> if there are no services running, there is no need for a firewall
<Fenix|work> DNS
<mralphabet> that being said, you can install iptables
<sommer> iptables is, but you'll need to configure it.
<Fenix|work> and soon openssh
<mralphabet> well, those are things you added ;)
<Fenix|work> last I want is outside to access ssh
<Fenix|work> garr...
<Fenix|work> umm, how does one fix all the stupid characters that show up in aptitude when using ssh?
<Fenix|work> putty to be specific
<mindframe-> what stupid characters?
<Fenix|work> my putty is set to utf-8
<Fenix|work> and instead of lines, I get lqqqqqqqqqqqqqqqqk\nxReally quite Aptitude?x\nmqqqqqqqqqqqj
<Fenix|work> obviously a characterset thing ...
<sommer> anyone know of a way to do page accounting with cups and samba?
<sommer> printing from a Windows client to a network printer shared through Samba
<Calin24> after upgrading from 7.04 to 7.10 I lost ldap-pam support, everything ldap-nss still works, and config for ldap-pam is still there... any idea's?
<neozen> hi there all...
<neozen> need to upgrade a headless ubuntu-server box to gutsy from feisty
<Kamping_Kaiser> Calin24, i can help per se, but i have pam-ldap working on 7.10 using the example configuration
<neozen> was sure there were instructions for this on ubuntu's site.... seem to have disappeared
<neozen> ah... here: http://www.ubuntu.com/getubuntu/upgrading
<Calin24> it seems to be misconfigured, since my user.log is showing can't reconnect to ldap server, but i'll be darned if i know where 7.10 does the config... i know nss_ldap got rid of needing nss-ldap.conf and nss-ldap.secret but no clue about pam.
<Kamping_Kaiser> Calin24, /etc/ldap.conf
<Kamping_Kaiser> iirc
<Calin24> hrmm should be working then, since nss_ldap is using the same config file, and works...
<dendrobates> Calin24: you might need to rename nss-ldap.secret to ldap.secret
<dendrobates> Calin24: were you using secret files?  Are you using TLS?
<Calin24> already done... every config file 7.04 needed is gone, and all that's left is /etc/ldap.conf /etc/ldap.secret and /etc/ldap/ldap.conf
<Calin24> no to TLS.. just secret files
<dendrobates> Calin24: I just scrolled back, it seems you have nss-ldap working fine.
<dendrobates> Calin24: if nss works pam should as well.  What are you seeing in the log's regarding pam?
<Calin24> right.. it's just pam auth that fails
<Calin24> pam_Oct 23 17:00:39 bowser sudo: pam_ldap: ldap_simple_bind Can't contact LDAP server
<dendrobates> Calin24: did you save a copy of your old pam-ldap.conf?
<Calin24> yeah
<dendrobates> Calin24: the only issue I know of, is the use of URI when doing TLS.  I'd try copying the pam-ldap.conf over ldap.conf.
<dendrobates> perhaps there is something specific to your config that was missed in the new debconf scripts.
<dendrobates> Calin24: if that fixes it, I'd like to see a diff.
<Calin24> there an easy way to reboot pam without rebooting? or is it like nss and should auto pickup changes
<dendrobates> Calin24: it should be automatic.
<Calin24> hrmm nope isn't working even with the old pam-ldap.conf ... and just tried samba, it's definately only pam that's missing some sort of config to be working
<close2__> hello, i have the problem, that my raid-arrays are not stopped correctly when rebooting: https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/111398
<ubotu> Launchpad bug 111398 in mdadm "mdadm fails to stop RAID on shutdown" [Undecided,Confirmed]
<close2__> as there is no solution there yet, I hoped, that you would have an idea, how to prevent this.
<close2__> I have 3 raid-partitions: swap, /boot and /  ; until now either swap or /boot where not correctly shutdown.
<marchpumpkin> what are recommended web interfaces for ubuntu-server?  ebox seems minimal and webmin doesn't seem to exist
 * ScottK likes vim, but ebox is planned for Hardy.
<ScottK> !webmin | marchpumpkin
<ubotu> marchpumpkin: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system
<marchpumpkin> so webmin is a no-go....and ebox will be good whenever Hardy comes out....what would anyone suggest for the time being?
<ScottK> Dunno.  I don't use a web interface.
<marchpumpkin> BIND is way too complicated for my small (dozen+) network... what would be a simple replacement?
<kjcole> Can't boot Gutsy with my LVM system any longer.  Was told -server might be a better place to ask.
#ubuntu-server 2007-10-24
<stork> mmkay
<stork> i managed to lock myself out of my own server
<stork> accidently removed my user from the sudoers group
<close2__> do you have physical access to your server?
<stork> nevermind, i had an admin account :)
<kjcole> Can't boot Gutsy with my LVM system any longer.  Was told -server might be a better place to ask.
<Znuff> Hello. Is there a known issue about samba's slow performance under ubuntu 7.04?
<zylstra555> Hello. I need to get an SMTP server going on my Ubuntu server so my forum can send out emails (like topic replys). Receiving emails back would be nice, but is not necessary. How do I do this?
<Znuff> zylstra555, you should already have a smtp server set up
<zylstra555> Znuff: How do I find out its settings and information?
<Znuff> zylstra555, can't remember exactly what is the default smtp server on ubuntu, but I'm guessing it's either exim or postfix.
<Znuff> zylstra555, so either /etc/exim or /etc/postfix
<zylstra555> hmm
<zylstra555> I will see
<ScottK> Znuff: No MTA is installed by default, but Postfix is the preferred MTA in Ubuntu.
<zylstra555> In the strange event that I just removed Postfix since I thought it was incorrectly installed (long story) what do I do?
<Znuff> ScottK, on the server install there's no mta by default?
<ScottK> That's correct.
<Znuff> zylstra555, just reinstall it
<zylstra555> ScottK: How do you find the MTA settings?
<ScottK> For postfix, the settings are in /etc/postfix
<Znuff> I'm really annoyed. I can't get passed 40Mbit/sec on my samba
<zylstra555> While I am waiting: I have an older hard drive in my computer, and this, obviously, concerns me  a little bit. Is it a bad thing if a hard drive stays on all the time?
<ScottK> Not really.  Now old?
<zylstra555> I am not sure. If it helps: Its (please dont laugh) a 3GB hard disk drive
<ScottK> I'd replace it.
<zylstra555> Somewheres around 1994-1997
<ScottK> Most hard drives have a 5 year design life.
<atouk_zug> some old drives (smaller capacities) are actually safer than new ones to keep on all the time because of the low bit densities
<ScottK> You're well past that.
<zylstra555> Goody
<zylstra555> <brb?
<atouk_zug> anyone know a cli app to torture test
<zylstra555> <back>
<Q_Continuum> Anyone here using debmirror and gutsy?  I can't seem to get it to pull down any packages.
<zylstra555> Still cant send emails. I was using the server "localhost" and the user "server"
<zylstra555> (my main account)
<zylstra555> and I have tried with and without password
<Znuff> Is that PHP?
<zylstra555> I have tried using the PHP mail option, that did not work either
<zylstra555> Shall I try it again?
<zylstra555> Does it make a difference that right now, I dont have a proper domain name?
<Znuff> zylstra555, it shouldn't
<Znuff> Do you get any error when sending an email with php's mail() function?
<zylstra555> Not in my web browser
<Znuff> zylstra555, turn on display_errors
<zylstra555> How do I do that?
<Znuff> zylstra555, php.ini
<zylstra555> (sorry for the delay, I had a severe foot cramp)
<zylstra555> Where is the php.ini file?
<zylstra555> (can you tell I dont know what I am doing? :) )
<Znuff> probably in /etc/php/apache2/php.ini
<zylstra555> Display_errors = on already
<jrsutton> Anyone alive?
<kgoetz> !ask
<ubotu> Don't ask to ask a question. Just ask your question :)
<jrsutton> :p I'm having a hard time loading Ubuntu 7.1.0 64 bit Server to load
<jrsutton> How do I get to terminal from nearly the beginning?
<jrsutton> like right after I put in the CD?
<kgoetz> its 7.10 btw :)
<kgoetz> you have to start the installer first i thik (i havent used the 7.10 install images)
<jrsutton> well I get to the splash screen
<jrsutton> but can't seem to go further
<jrsutton> so I was wanting to drop into terminal and see if I could load some newer drivers and so forth
<kgoetz> if the install cd has a 'advanced' or 'edit boot' option, turn off the splash screen. find out whts breaking
 * kgoetz mutters about splash on servers
<osmosis> how do I get the original  /etc/snmp/snmpd.conf  that came with snmpd ?
<Burgundavia> osmosis: it is probably in a  doc path
<Burgundavia> look at the files in the package
<osmosis> Burgundavia: i dont see it there.
<osmosis> how do I get the original   /etc/snmp/snmpd.conf  back?  Do i need to dpkg-reconfigure snmp? or?
<kgoetz> download the package again?
<ajmitch> that generally doesn't help
<osmosis> kgoetz: already tried that.
<ajmitch> purging & reinstalling the package would, or with something like dpkg -i --force-confoverwrite (can't recall the exact option)
<kgoetz> i'd "just" extract the file i want myself. if theres a better way i'm open to hear it
<ajmitch> ah, you could remove /etc/snmp/snmpd.conf & use dpkg -i --force-confmiss, if you really needed to
<kgoetz> dpkg -x /var/cache/apt/archives/<file that contains snmpd.conf> /tmp/snmp && cp /tmp/snmp/etc/snmp/snmpd.conf ~
<ajmitch> urgh
<kgoetz> lol.
<wasabi> --force-confmiss or missconf
<wasabi> confmiss i think
<jrsutton> How do I get packages from the CD boot terminal?
<ScottK> Anyone around with admin privs to the server-team ML'
<ScottK> jrsutton: I'm not sure what you mean.
<jrsutton> Here is my pickle. I've booted from the CD, and can get to the splash screen
<jrsutton> after that I start having problems
<ScottK> OK.
<ScottK> Get the alternate CD and use that.
<jrsutton> well that sorta works
<jrsutton> but not exactly
<ScottK> OK.
<jrsutton> I have software raid setup
<ScottK> I'd focus on that.  You need the alternate for that anyway.
<ScottK> IIRC
<jrsutton> with existant data
<jrsutton> right, so I got the alternate CD
<jrsutton> and I can drop into terminal
<ScottK> Linux software raid or Windows software rai?
<ScottK> rai/raid
<jrsutton> well NVIDIA raid
<jrsutton> was going to use dmraid
<ScottK> I don't know if that's supported or not in the kernel.
 * ScottK doesn't have it.
<jrsutton> but from the CD terminal I cannot figure out how download it and install it
<jrsutton> cd terminal, meaning prior to installing Ubuntu
<ScottK> I'm pretty sure that's not going to work, but that's not an area I'm an expert in.
<ScottK> This channel is much more active during the US/European business day.
<jrsutton> It is possible to install something while running the liveCD right?
<jrsutton> aside from it not really saving anything
<ScottK> Yes, but the alternate isn't a live CD.
<ScottK> It's the standard Debian Installer
<jrsutton> right, just thought/hoped the terminal portion would work the same way
<jrsutton> so if the liveCD would work I could install dmraid
<jrsutton> in theory
<ScottK> I don't know.
<tritium> Hi.  I installed the mail-server task on a gutsy install, and I'm following https://help.ubuntu.com/community/Postfix, and I don't think this command is working: dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd
<ScottK> What happens
<tritium> I get an error (which the doc says I should until I restart saslauthd), but I don't see any change even after starting saslauthd
<tritium> I also don't see 250-AUTH when I test it out.
 * ScottK looks at the docs
<tritium> Thanks, ScottK :)
<tritium> I'd expect that after the dpkg-statoverride command and restarting saslauthd, I'd see a /var/spool/postfix/var directory, which I don't.
<ScottK> First, do you have /var/run/saslauthd?
<tritium> yes
<ScottK> OK.
<ScottK> What I'd recommend is take Postfix out of the chroot and get it working without chroot first.  Do you know how to do that?
<tritium> No, I don't.
<tritium> Is there something wrong with the postfix wiki doc?  Did anything significant change on gutsy?
<ScottK> Shouldn't have.
<ScottK> But postfix and saslauthd both have a lot of moving parts.  Hard to say what it is at this point.
<tritium> I see.
<ScottK> To unchroot postfix, make a copy of your master.cf (you'll want it later), and then go into whatever editor you use.
<sommer> tritium: you might also try this: https://help.ubuntu.com/7.04/server/C/postfix.html
<tritium> thanks, sommer
<tritium> okay, ScottK
<sommer> hey ScottK: I'll add that wiki postfix page to my update list.
<ScottK> BTW, I wouldn't do the rm -rf /var/run/saslauthd step in the doc sommer just pointed out.
<tritium> Why is that?
<ScottK> Because then saslauthd won't work unchrooted.
<ScottK> Actually nevermind
<tritium> So the doc is wrong?
<ScottK> No.
 * ScottK was misreading.
<sommer> I think the doc recomends unchrooting.
<sommer> or guides you through removing postfix from chroot rather
<ScottK> So once you have your master.cf open, you will see a column called "chroot" with a bunch of y or n below it.
<tritium> ScottK: thanks for your help too.  Should I try to follow the official server doc at this point before doing anything else?
<ScottK> If you prefer.
<tritium> Do you believe it'll work?
<ScottK> But if you do need to unchroot, just change all the y to n in that column and restart postfix.
<ScottK> tritium: Yes.  I don't use that exact config, so I can't say for sure.
<tritium> Okay, thank you very much!  :)
<sommer> ScottK: do you know when the 7.10 docs will be on the help.ubuntu.com site?
 * tritium 's first time trying to install a mail server
<sommer> I figured they'd be there by now.
<ScottK> No I don't, but for Postfix it should be the same for 7.04/7.10
<tritium> Glad to hear that. ^^^
<tritium> How can I undo the dpkg-statoverride command I ran?
<sommer> ya, the 7.10 has a few more details though
<sommer> tritium: if you're running 7.10 on a desktop the newest Postfix guide is in the help... fyi
<tritium> sommer: newest ubuntu server postfix guide?
<tritium> i.e., same help as what the server guide will give?
<sommer> ya, click on help -> advanced topics -> installling server applications -> postfix
<tritium> Thanks, sommer
<ScottK> dendrobates: Did you unsubscribe the person that started the 'interesting' ML thread?
<sommer> tritium: yep... I've had success with it.
<tritium> good deal
<ScottK> sommer: I think the official docs no longer suggest removing the chroot.
<ScottK> sommer: If they do, I think it's a doc bug (we can work with lamont to get it right).
<tritium> sommer: I don't find it in yelp
<tritium> Sorry, I'm a liar.
<sommer> tritium: it's a little buried.
<tritium> ;)
<nealmcb> ScottK: I thought the mailing list was open, just the team was approval-only.  wish those were linked better - I hear launchpad has some plans to support mailing lists better
<tritium> Step 4 is to turn off the chroot operation for SMTP server.
<sommer> ScottK: under the SMTP Auth section it has remove chroot
<sommer> ya, what tritium said... heh
<sommer> I guess the question is, is it better to have postfix in a chroot or not?
<dendrobates> ScottK: not yet, I want to give him the opportunity to repent.
<tritium> Am I able to undo that dpkg-statoverride command?
<sommer> tritium: I'm not sure you need to.
<tritium> sommer: okay, but that command is not part of this set of docs
<sommer> tritium: ya the wiki needs updated
<tritium> So, since it's not necessary, I'd prefer to undo it.
 * tritium runs man dpkg-statoverride
<ScottK> dendrobates: OK.  Your list.
<dendrobates> ScottK: He will be banned tomorrow, when I have more rest, and am less angry.
<ScottK> sommer: Lamont and Weistse disagree on this.  Lamont views chroot as a standard security tool that almost everyone should use.  Weistse Venema views it as an advanced configuration option that only experienced admins who need it should use.
<ScottK> dendrobates: That's quite reasonable.
 * nealmcb nods
<ScottK> sommer: Since we use lamont's Postfix packages, we should try and use them the way he designed them.
<nealmcb> ScottK: nice "other subject" :-)
<ScottK> nealmcb: Thanks.
<sommer> ScootK: gotcha... I'll add the postfix guide to the list.
<ScottK> sommer: I don't know about using saslauthd with chroot.  I use sasldb and I have to remember to copy one file into the chroot after I add/change/remove a user.
<sommer> ScottK: I don't have that much experiece with sasl.
<sommer> seems like copying file for every user change could be a pain though
<ScottK> Actually we should be moving people to dovecot and away from cyrus for SASL anyway.
<ScottK> sommer: You can script it.
<sommer> heh... true that
<sommer> ScottK: can't you use SASL for a plethora of other services though
<ScottK> Sure.
<ScottK> But in Main we primarily support Dovecot for a mail delivery agent, so it makes sense (to me anyway) to use it for SASL too (Postfix supports that since 2.3) and move towards deprecating Cyrus SASL.
<ScottK> In fact, now that I think of it, I wonder if getting Cyrus SASL demoted to Universe is doable in Hardy.  I think all the other bits have been demoted already.
<ajmitch> interesting mail on the -server list
<ScottK> That's one word for it.
<ajmitch> a nice reply from dendrobates :)
<lamont> ScottK: slight correction.  Wietse views the chroot as something that causes lots of questions, and he doesn't want them from newbies.
<ScottK> lamont: Thanks.
<ScottK> lamont: Any thoughts on Dovecot versus Cyrus for SASL with Postfix?
<lamont> uh... I think I'll cook dinner before the munchkins revolt.  give me about 15 minutes
<lamont> and no, not dodging the question. bbiab
<ScottK> lamont: I'll probably have gone to bed by then, but sommer please listen to what lamont has to say for getting the docs fixed up.
<sommer> ScottK: sure thanks for your input
<jetole> hey guys
<lamont> waiting for stove to heat.
<lamont> so.
<jetole> I know this should be a simple enough answer but I need to ask anyways, I need to setup an ftp server where when I upload, rename or delete, these actions are replicates to two other ftp servers, any suggestions?
<sommer> jetole: sftp: https://help.ubuntu.com/7.04/server/C/ftp-server.html
<lamont> I expect that either works. the biggest issue is likely to be transition
<lamont> ScottK: I'm almost certainly behind you in understanding the dovecot issues.
<jetole> sommer: what does that have to do with what I asked?
 * ScottK really didn't want to hear that.
<jetole> actually, is sommer a bot?
<sommer> jetole: not that I know of
<lamont> so my main concern would be that (1) I don't want to fork postfix, so (a) cyrus needs to still work (at least in debian), and (b) I'd be happy to make it so that dovecot works too...
<sommer> jetole: didn't you ask for instructions on setting up ftp?
<lamont> jetole: rsync in a cronjob?
<jetole> I asked for instructions on setting up an ftp load balancing type system
<jetole> lamont, rsync can handle ftp?
<ScottK> lamont: Agreed.  In Ubuntu the idea would be to drop Cyrus to Universe and have Dovecot supported/documented.
<sommer> jetole: ah... apologies I misread
<jetole> ok, no problem but because it seemed like a generic answer I thought you might be bot, my mistake
<ScottK> lamont: I probably need to switch my development server first and see where the "fun" points are.
<jetole> ;)
<sommer> ScottK, lamont: I think I'm confused when you say Cyrus do mean cyrus-imapd?
<ScottK> First I need my production servers upgraded as I use the development box.
<ScottK> sommer: Cyrus has lots of parts.  There is Cyrus SASL (still in Main) that we mostly use for SASL.  There are also other bits I"ve never used.
 * ScottK really needs to head to bed.  Good night all.
<sommer> ScottK: thanks... have a good one
<jetole> lamont: I don't think it can do ftp from what I just rtfm and one of the servers in the treo is a *grunts* windows machine
<tritium> Good night, ScottK.  Thanks again for the help.
<jetole> huh, cool, irssi just made text in *bold* between * and *
<ajmitch> yes, it does that
<ajmitch> and it can _underline_
<jetole> new to me
<jetole> I only started using irssi again back in feb, before that I have been using xchat since 2k and I used irssi back before that but it's been a while
<jetole> huh, I just upgraded the ram in my desktop tonight from 2g to 4g... kinda depressing, I mean the ram guage on the taskbar just looks so... well calm
<ajmitch> 4GB just isn't enough
<jetole> well it is for now but I havn't really been busy tonight
<jetole> I think it will be enough for me for a year or two
<Burgundavia> 4gb, geez
<Burgundavia> I survive with 1/2 gig
<jetole> on your desktop?
<ajmitch> Burgundavia: a day or so ago, my system was seriously thrashing for > 30 minutes due to using up all the RAM
<jetole> must not be a multi tasker
<Burgundavia> my laptop, a 1.5 ghz celeron M
<Burgundavia> want to buy me a new laptop?
<ajmitch> sure, once I'm rich & can afford to replace mine
<ajmitch> are you going to UDS?
<jetole> mine is a dual core AMD @ 1.6 w/ 2G or ram and 160GB HDD
<jetole> ... sorry, you brought it up and I had to gloat
<jetole> I hardly ever use mine
<nealmcb_> ajmitch, jetole funny that you're talking about irssi - I just started looking more seriously at it - seems very handy to use in in a screen when on the road
<jetole> nealmcb_: yeah I know, I love that feature becuase on my desktop I have it run in a detached screen at boot with a unique name to the screen and then on my laptop I have a shell script that runs ssh with the screen and name command so I can always connect to the same session
<ajmitch> nealmcb_: that's mostly how I use it
<nealmcb_> jetole: yeah, that's how I use mutt
<jetole> only downside is getting notifications in your gui if someone triggers a filter or pm's you
<Burgundavia> jetole: well, clearly then you need to come to UDS and we can trade
<jetole> nealmcb_: I run a imap server
<jetole> whatis: UDS?
<Burgundavia> is there a good screen tutorial written by real people for real people?
<jetole> and no
<Burgundavia> ie: not Stallman or GNU
<jetole> I think it's called the man page
<nealmcb_> Burgundavia: this tired old 2001 laptop has 256 MB.  But my system76 darter will arrive tomorrow :-)
<Burgundavia> jetole: I mean, not written by Stallman or GNU
<jetole> thats written for linux people who are real people
<nealmcb_> and I will be at UDS.....
<jetole> Burgundavia: read the man page for bash
 * ajmitch is glad that a few people will be there to contribute at UDS
<jetole> what is UDS?
<ajmitch> ubuntu developers summit
<jetole> ah
<nealmcb_> in boston next week
<jetole> hmmm, well I have a few things I would like to work on but frankly I just don't have the energy, when I get home from programming all day long.. well, I don't know, sometimes I want to but starting a project just doesn't seem right for me now
<ajmitch> nealmcb_: do you have a few server specs ready to discuss?
<jetole> I think I am gonna install xmpp at work though
<jetole> there is some crap ass "effusia" server, some windows server based proprietary chat system that you have to pay per user to work and it doesn't even do that
<nealmcb_> ajmitch: I was just thinking a bit about some sort of central password/keystore proposal, having read the pidgin discussion of why they store passwords in the clear, and inspired by the infocard stuff also.  but it seems like a stretch and I haven't looked at keystores in a long time
<nealmcb_> and I'm still wanting someone to run an AD test server so we can test ubuntu against it
<ajmitch> good luck there
<nealmcb_> but I haven't even gotten my silly ubotu factoids done - keep getting distracted....
<jetole> nealmcb_: what about AD over xen/vmware?
<ajmitch> you've achieved more than I have then :)
 * ajmitch did have a very basic AD setup in vmware at one point
<ajmitch> however it's something that should be done by someone with proper AD experience, to simulate a real network
<nealmcb_> jetole: I'm cheap - don't want to pay for AD or admin it - just want to bang on one from ubuntu.  I don't have any windows boxes at all
<ajmitch> nealmcb_: I used evaluation copies of windows 2003 server
<ajmitch> legally downloaded for free from MS
<nealmcb_> huh - for some reason in irssi, the "***ajmitch" is completely invisible, like white on white
 * ajmitch makes sure to use a black background, as irssi is highlighting in bright yellow
<jetole> nealmcb_: I am cheap too, and I may or may not have, hypothetically speaking, have paid for windows server cd at home
<nealmcb_> I like white, and can see the bright yellow.
<jetole> and with xen/vmware you don't need to run windows
<jetole> you run windows in a window inside ubuntu
<Burgundavia> how many levels could you recurse?
<ajmitch> Burgundavia: about 1, with pain
<jetole> ajmitch: I am using irssi and I see * ajmitch did have a very... etc
 * ajmitch tried to do some xen testing within vmware, it was painful
<nealmcb_> jetole: sure - that would be the way to do it.  someone should just donate a windows server cd to someone willing to host it and keep restarting it when it gets pwn's
 * jetole uses irssi on white on black terminal with default theme and transparent gnome-terminal background
<jetole> nealmcb_: I would but I have no idea where my CD is and have a pile of other shit on a todo list to setup
 * nealmcb_ switches to gaim to read who just wrote that....
<nealmcb_> ! jetole !
<ubotu> Sorry, I don't know anything about jetole ! - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
<jetole> atm it is ftp replication and I think I found a solution
<jetole> still reading the article
<nealmcb_> ahh - highlighting the text shows the hidden text
<nealmcb_> it is highlighting in white
<jetole> how come I have never had that issue with irssi
<jetole> even with different themes
<tritium> I'm using the dyndns feature on my ADSL modem.  I port-forward ssh, http, imaps through to my server at 192.168.1.100.  Why doesn't my laptop resolve the dyndns fqdn to my server?  I can only ssh to it using the local IP address.
<ajmitch> because the adsl modem won't do the port forwarding from both directions
<tritium> ajmitch: so, imap doesn't work either, and I'm trying to setup my laptop to reach the mail server from both home, and when on travel
<tritium> at home, I could use the local IP, but not on travel
<jetole> holy shit, someone try typing => apt-get install fam <= AND DO NOT INSTALL IT OR USE -Y, do this from a desktop machine though
<ajmitch> tritium: bind with multiple views? :)
<ajmitch> or use iptables on the mail server to DTRT
<jetole> I like zoneedit, I can do updates to it via wget which is stored in a crontab
<tritium> heh, you *lost* me ajmitch :)
 * ajmitch just has a domain name for home
<tritium> ajmitch: so, do you have a static IP?
<ajmitch> yes
<tritium> $$$$
<ajmitch> though my DSL provider conveniently supplied a dyndns service prior to that
<ajmitch> which was updated automatically
<jetole> nice, for my home machine static ip is only available through ADSL which I don't want
<tritium> ajmitch: so, since I totally don't understand binding multiple views blah blah, I could just use local IP at home, and fqdn on travel, yes?
<ajmitch> yes
<jetole> bellsouth/att will wanna charge me a shitload for a phone line I wont use, 911 services, telecom charges etc etc etc and then limit me to 3/372 if I pay extra, comcast craps on torrents from what I have read but I have an 8/768 for a reasonable price
<jetole> **3/384
<lamont> jetole: as I read your request, you want to have uploads replicated.  my solution would require that there be one master which then mirrored to two other machines - probably not what you wanted.
<tritium> Thanks, ajmitch!
<ajmitch> not like I helped much :)
<ajmitch> bbiab
<lamont> the real issue is that you need to coordinate so that you know how to merge a diff
<jetole> lamont: that is exactly what I want
<lamont> then you want either rsync or ftpmirror
<jetole> ftpmirror? that sounds good since you missed the part about one of the hosts being a windows machine
<lamont> jetole: that's a correctable condition
<jetole> not by me it isn't
<lamont> hrm.. too lazy to go read the mailing list to find the answer.,.. can we upload to hardy yet?
<jetole> I don't run that office and its in another state
<jetole> and I am the relatively new guy on the block at this company
<lamont> jetole: that does make it more complicated to fix, yes.
<jetole> right, well I just downloaded ftpmirror to my home machine so I can rtfm
<jetole> I need a shirt that says that
<jetole> especially for my office
<lamont> mirror is the more traditional package, fwiw.  although that's perl
<tritium> hrm, bad authentication response from the postfix server I just installed according the the instructions in yelp
<tritium> s/the the/to the
<jetole> last thing I want to ask before I go to bed
<jetole> is there a way to monitor changes to any file in a directory?
<lamont> jetole: no.  I don' t have a shirt I can sell you
<lamont> :-)
<lamont> inotify would do that, I expect.
<jetole> damn, I was gonna ask you that too
<jetole> ok, cool
<jetole> well I have more stuff to read now
<lamont> as in the system call, not the package.
<lamont> so apt-cache search inotify to see what packages might actually provide an app for doing that
<lamont> likewise, nagios is good for monitoring _stuff_.
<lamont> (where "stuff" could conceivably include file chages)
<lamont> changes, even
<jetole> yes I like nagios but I think it may not apply to what I need
<tritium> do I need to change mechanism to shadow to authenticate with postfix server using system user/password?
<tritium> It's set at pam, and is currently failing.
<lamont> tritium: please don't confuse me with someone who actually knows how to use sasl... :-)
<tritium> lamont: isn't this your package?  ;)
<jetole> yeah, I am with lemont on that one, I use postfix but not sasl
<lamont> I made huge strides forward a few months back and actually configured TLS on my machines.
<jetole> I know dovecot authenticates properly via pam
<lamont> tritium: my package, not my lib. :-)
<jetole> alright, I am off to bed
<jetole> cheers
<tritium> night, jetole
<tritium> lamont: so you don't use sasl personally?
<lamont> there's a reason that debian bug 330885 has been open since 2.2.4
<ubotu> Debian bug 330885 in postfix "postfix: default configuration should enable use of TLS for stmp as default" [Wishlist,Open] http://bugs.debian.org/330885
<tritium> interesting...
<lamont> tritium: haven't ever see a need to do so
<lamont> well, I understand that there are situations that it very nicely addresses.
<lamont> and none of those have yet matched my personal situation sufficiently to cause me to actually figure it out yet.
<tritium> thanks, lamont.  I only chose to use it since it's in the ubuntu server docs ;)
<lamont> someone else wrote those docs...  SASL is on my list of things to understand, just nowhere near the cutline yet
<tritium> Well, I'll keep researching.  Thanks!
<nealmcb_> dendrobates: there is a little intro to the screen program as part of http://f0rked.com/articles/irssi
<PanzerMKZ_> screen is great program
<PanzerMKZ_> all my ubuntu machines have it
<nealmcb_> oops - that bit on screen was for Burgundavia ....^
<Burgundavia> thanks nealmcb
<maeth> hi, im trying to install a VPN on my ubuntu server
<kraut> moin
<_ruben> g'day
<MikeDX> hey folks. ive got a server that has been pre-configured by my host with 606, but I want to do a clean install so that I can set my raid up correctly. When I use the live cd, it doesnt detect my network. Is there someway I can "copy" the configuration thats already live on the system and copy it back over afterwards? Its currently a minimal installation - not even apache installed
<MikeDX> is it feesable that I tar up everything in / and untar it back when the new server is installed?
<_ruben> tar/untar an old install over a new one pretty much erase the new install and restores the old install :-)
<MikeDX> yes but it wont restore my partition setup - which is what i want to change. the host currently has a 230gig partiiton for home, and virtually nothing anywhere else - so I want to make a small /boot and have the rest as the install
<_ruben> and "doesnt detect my network" is a bit vague, and most network configs arent all that hard to do manually (or you could backup /etc/network/interfaces, but might not be enough)
<_ruben> oh ok, for some reason i thought you wanted to perform an upgrade as well in the process
<MikeDX> well, the install cd says it cannot find my network card, but the preinstall lists it as some " Unknown device 8167 (rev 10)"
<MikeDX> so they must have installed that manually (i guess)
<_ruben> ah
<_ruben> is it hard or software raid?
<MikeDX> software
<MikeDX> and the partitions need to be resized
<MikeDX> hmmm i wonder if i could copy everything in / to /home and then remount /home to /
<_ruben> one (nasty) solution would be to break the mirror, repartion one drive, create raid on new drive, copy data, repartion 2nd drive, have raid rebuild itself
<_ruben> in theory that could work as well i think, would have to play with the bootloader in either scenario
<MikeDX> is there no easy way of finding out what nic driver is being used, and supply that once the new install has been completed?
<MikeDX> of course then i'd have to setup the net manually - something i want the installer to do ideally
<_ruben> lsmod might list an 'obvious' candidate
<davekempe> MikeDX, can you switch to Alt F2 during the install and do dmesg ?
<_ruben> or check the output of dmesg
<_ruben> heh
<MikeDX> yeah let me just check
<MikeDX> i'll have to run the installer
<MikeDX> might take a while as its a remote control thing where i have to upload the cd image on the fly via a samba share
<_ruben> you should check it on the pre-inst system
<_ruben> that's the one that does load the driver
<MikeDX> ok what am i looking for in dmesg on the working system
<MikeDX> [17179574.288000] eth0: Identified chip type is 'RTL8169SC/8110SC'.
<MikeDX> [17179574.288000] eth0: r10001.02, the Linux device driver for Realtek Ethernet Controllers at 0x4000, 00:30:05:ec:33:18, IRQ 193
<MikeDX> [17179574.288000] eth0: Auto-negotiation Enabled.
<davekempe> thats the rtl8169 driver
<MikeDX> ok, but the install cd doesnt pick it up
<MikeDX> is there a workaround to supply a driver at install time?
<davekempe> hrmm the install cd should pick it up
<MikeDX> its 606.1
<MikeDX> I'm kinda stuck :(
<_ruben> the driver might not be present in a vanilla install .. it could have been inserted by the vendor
<_ruben> you could try to run gutsy's installer, newer kernel -> might detect the nic properly .. then again, since its 6.06 on it, i guess you'd want a LTS version working
<MikeDX> the other server we have with them (that we had to do the same process with), everything was picked up straight away. this one has a different nic
<MikeDX> well, thats the thing, i cant even try a newer one since we do want the LTS
<_ruben> wait 6 months ;) .. or do a data migration instead .. which is nasty thing to do remotely though
<MikeDX> not going to happen really is it
<MikeDX> whats gutsys support window? is it 2009?
<_ruben> now +18 months i think
<_ruben> with a new lts coming out in 6months
<MikeDX> should i just tar up root then, repartition, reinstall and then untar again?
<_ruben> that's one way of doing it. breaking the mirror, etc, is another. there's probably other ways as well
<_ruben> then again, having a 200G / doesnt quality as A Good Thing To Do, imho ;)
<MikeDX> no, im just doing what ive been told to do :)
<MikeDX> which is to not have a 250gb /home
<_ruben> then mount it under /data/ instead ;)
<_ruben> or wherever you do need that ammount of space ;)
<MikeDX> i'll mount it to /var/www ;)
<_ruben> for a webserver that should be a decent choice :)
<MikeDX> how can i check the raid is actually working on this machine? is there a command to show the raid setup?
<avatar_> using softwareraid? cat /proc/mdstat
<MikeDX> doesnt show anything in there :|
<MikeDX> just "unused devices: none"
<avatar_> are you using hardwareraid?
<juliux> hi all
<juliux> can i use dapper on a dual quadcore xeon with 8gb ram?
<avatar_> uh, i suppose yes
<avatar_> though amd64 may be better for large amounts of ram
<juliux> ok
<MikeDX> to be honest I am not sure if it is hardware or software raid anymore :(
<ScatterBrain> I just installed my first Gutsy server.  One thing is wrong.  vga=791 on the kernel options line in grub's configuration produces a blank screen.  The video mode changes, the monitor says it does, but no text appears on the screen.
<ScatterBrain> Any clues?
<ScatterBrain> If it matters the server is a Dell Poweredge 1950.
<ScatterBrain> Looks like it's a known bug in Gutsy.  https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.22/+bug/135613
<ubotu> Launchpad bug 135613 in linux-source-2.6.22 "Framebuffer consoles no not work in gutsy (dup-of: 129910)" [Undecided,Confirmed]
<ubotu> Launchpad bug 129910 in initramfs-tools "tty[1-6] are active but display nothing in Gutsy" [Critical,Triaged]
<ScatterBrain> eill try that solution first.
<MikeDX> for those following my plight, i'm going to remount the large /home to /data as suggested.... wish me luck
<Carry> apache2.conf and no httpd.conf, is this only in ubuntu 6 server?
 * Carry learns ubuntu-lamp...
<avatar_> httpd.conf is near empty on feisty installation with apache2
<Carry> avatar_: yes, ubuntu-way? or new apache-way?
<avatar_> hmm, might be debian/ubuntu way.
<Carry> in ubuntu 6 server it is in apache2.conf
<avatar_> i'm only running debian/ubuntu servers with recent apache
<Carry> avatar_: hmm, should i install all from source to get default?
<avatar_> and try to forget about slackware ...
<avatar_> Carry: do you need httpd.conf?
<Carry> avatar_: than you've got httpd.conf, no apache2.conf?
<Carry> avatar_: i have a book that says httpd.conf...
<Carry> wonder if book is useless..
<Carry> slackware: hard?
<avatar_> perhaps that book is about apache1.3 ?
<Carry> no, 2.0 ...
<avatar_> slackware has no decent packagemanagement
<Carry> is Apache Server 2 Bible..
<avatar_> so its hard to keep updated
<Carry> tnx for warning :)
<Carry> book = 2002, want to know if it's usefull...
<avatar_> books are outdated by the time they're in the bookshops :)
<pteague_work> it kind of depends on who's done the installation of apache... i think wamp still uses httpd.conf ... most of the debian based distros use apache.conf ...  i've not messed with any other distros in a while, last time i used mandrake (now mandriva) they used httpd.conf
<Carry> pteague_work: tnx..
<avatar_> when using ubuntu/debian i think its the best to keep it using the ubuntu way
<Carry> so learn install from source..
<avatar_> don't install from source
<pteague_work> & i haven't installed apache from source off httpd.apache.org in a while either
<Carry> package.
<avatar_> why bothter with security updates if someone already did that for you
<avatar_> realy, you don't want to go there
<Carry> hmm, so debian is httpd.conf, ubuntu(my lamp) is apache2.conf
<pteague_work> if you're just setting up apache as a dev machine & you want the experience install from source, otherwise it's not worth it unless you need a highly specialized install of apache
<Carry> mean: debian also apache2.conf
<pteague_work> last time i installed debian it was apache.conf
<Carry> pteague_work: apache2.conf, with 2?
<Carry> pteague_work: http://wiki.apache.org/httpd/DistrosDefaultLayout#head-b5762a3e9764f34f7587e35f4db9ff35d508ced1
<Carry> a2ensite  a2enmod are debian/ubuntu scripts? not apache?
<sommer>  Carry: I believe that's correct
<sommer> they create symlinks between sites-available and sites-enabled
<Carry> ah..
<Carry> tnx
<sommer> I think they're pretty handy, because they allow you to configure a site, but not enable it right away.
<sommer> but I've also configured sites and forgot to enable them :-)
<Carry> are these tools in the default installation of ubuntu-lamp?
<sommer> Carry: apache2.2-common
<Carry> ah..
<sommer> should get installed when installing apache though
 * Carry has to check again later....
<nealmcb> soren: excellent un-bleeping reply :-)  CoC in action!
<soren> nealmcb: :) I wasn't awake enough to be mad yet.
<milestone> ScottK: the Thing is, that on the page, you recommended reading, you assume, that the postfix server serves "real" accounts. It is correct to strip the realm then. In my case I was using postfix-mysql and the username was "%u@%r" and sasl stripped the realm
<milestone> and i needed it
<milestone> so on http://postfix.wiki.xs4all.nl/index.php?title=Virtual_Users_and_Domains_with_Courier-IMAP_and_MySQL#SASL2_Install i found a little note which i must have overread while reading the manpage to saslauthd and found out, that appending "-r" did the trick for me
<milestone> is that a bug? I dont think so, because the howto was written for a different audience or setup than mine
<milestone> would it make sense to write a ubuntu postfix mysql howto? Answer -> hell yeah
 * milestone hopes that there is no such howto :-)
<ScottK> milestone: Part of the reason I asked you over here is that we are doing a server documentation review
<soren> Not an ubuntu specific one, perhaps, but there is one.
<milestone> ahh i see
<milestone> i gained so much knowledge now
<ScottK> soren: I was just trying to help milestone on #postfix with a config issue.
<ScottK> I was hoping he'd be willing to help us document his situation so others might benifit
<soren> I see. That would rock!
<milestone> would you guys like a postfix+mysql+courier ((imap|ssl)(pop3|ssl)) + sasl smtp auth  howto
<milestone> from the ground up?
<ScottK> I think there may be pieces of that on the wiki
 * ScottK looks
<soren> I've used http://www.marlow.dk/site.php/tech/postfix before
<ScottK> This https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto exists, but is by definition wrong since it mentions webmin
<soren> Erk... And it's even on h.u.c :(
<ScottK> soren: Yeah.  Someone needs to go help "revise" that one.
<ScottK> milestone: Dovecot is the preferred MDA here, but I think that would be very useful even with Courier.
<milestone> ok
<milestone> so should i modify that page, or create a complete new one?
<ScottK> milestone: I'd create a new one.  Otherwise you'll end up in a wiki war with whoever has been maintaining that one.
 * ScottK thinks soren should go deal with it.
<soren> dovecot is really preferred (it's in main).
<soren> ....but dovecot is really the easiest part of that puzzl.e
<milestone> soren ok
<soren> ScottK: Err? Deal with what? Having that page removed?
<milestone> i will create it with courier, and once finished, you can decide what to do with it, ok?
<ScottK> soren: I was thinking more like educate the person that wrote it and get the webmin stuff removed.
<ScottK> soren: If that doesn't work, yeah, then have it deleted.
<ScottK> milestone: Sounds great.
<ScottK> milestone: You can always ask Ubuntu server questions here too.
<milestone> ok
<milestone> and thank you guys
<milestone> i think it will take me until monday, then i will be back and tell you guys
<ScottK> milestone: Great.
<soren> ScottK: Hm... Yeah.. I have no clue who he is, though. https://wiki.ubuntu.com/ChinthakaDeshapriya
<ScottK> soren: Me neither.  Have fun.
<soren> :p
<milestone> ok got to go now, see you guys monday
<ScottK> See you.
<ScottK> soren: How was that for recruiting?  Just started hanging out on #postfix.
<soren> ScottK: I've been hanging out in #dovecot for ages with no such luck.
<ScottK> I did have highlighting set on the word postfix.  Now that I'm on that channel, I've turned it off ;-)
 * ScottK probaby had beginner's luck.
<lamont> ScottK: ah. yeah.  that'd be a reason for me to not go there...
<ScottK> Heh.  I've just tried it for the first time.  I'm curious to see what the channel is like.
<lamont> and yes, I highlight on postfix.  tried highlighting on 'bind' once.  bad plan
<soren> lamont: Yeah, I can imagine. That would hilight all sorts of questions about bind!
<soren> Oh, wait..
<lamont> soren: it's more the non-bind comments about bind(2) type stuff that I found to be the issue...
<soren> lamont: I really can't think of any other words that contain "bind".
<soren> lamont: Oh, right.
<lamont> so not only did I get highlighted on ISC/bind stupid questions, I got highlighted by questions from people just learning about sockets.
<avatar_> anybody here using canonical landscape?
<ScatterBrain> anyone using vmware-server on gutsy yet?
<nijaba> ScatterBrain: I am
<ScatterBrain> Did you have trouble installing it?
<ScatterBrain> nijaba: Did you have any trouble installing it?
<ScatterBrain> nijaba: I can't seem to get the blasted thing to accept the serial numbers that VMware gave me.
<nijaba> ScatterBrain: I had to dig a bit in the forums...
<nijaba> ScatterBrain: there is a fix for that... let me check
<nijaba> ScatterBrain: http://blogs.techrepublic.com.com/howdoi/?p=152 point to a patch for this
<ScatterBrain> nijaba: Did you get this?: http://pastebin.com/d770d8d61
<nijaba> ScatterBrain: nope
<ScatterBrain> nijaba: Are you running the 64 bit version of Gutsy?
<nijaba> yes
<ScatterBrain> nijaba: that's the difference then.  I'm running the 32 bit version.
<nijaba> possibly, but surprising
<ScatterBrain> nijaba: I found a post that says to install ia32-libs, but I can't seem to find that.
<nijaba> apt-get ia32 ?
<nijaba> apt-get install ia32 ?
<ScatterBrain>  Couldn't find package ia32-libs
<lamont> ia32-libs - is in universe
<ScatterBrain> lamont: I've got that open.
<lamont> and exists on amd64
 * ScatterBrain goes to double-check.
<lamont> if you're running 32-bit, then you already have those libs...
<lamont> (the package exists to deliver the 32-bit libs on 64-bit)
<ScatterBrain> lamont: that's what I thought.  But why do I still get the error that the 32-bit libs cuure?
<ScatterBrain> *supposedly* cure.
<lamont> nfc
<lamont> vmware works for me.  then again,I'm running -workstation
<lamont> 5.5.5 + patches for 2.6.22
<lamont> df: `/': Function not implemented
<lamont> mdadm: cannot open : No such file or directory
<lamont> FTW!
 * ScatterBrain goes to lunch to ponder the problem.
<ScatterBrain> thanks for the help - maybe it'll come to me on a full stomach.
<mindframe-> what's the best way to automatically install updates?
<mindframe-> create a daily crontab with an appropriate apt-get line?  or is there some package out there that does a better job?
<tideline> imo automatic updates to a server is not a good idea - unless you can tolerate downtime if something goes wrong
<mindframe-> well is there a way just to install security updates?
<tideline> again automatic updates may not be the best way to handle this, you need to evaluate all possible changes to critical systems on an individual basis
<tideline> and, I may be wrong, but I don't believe that fixes are tagged in any way as security etc.
<mindframe-> this is true, but it's not really a critical system
<keescook> tideline: well, stuff that comes from the -security pocket are security updates.  You could disable the -updates pocket if you really only wanted security updates.
<tideline> keescook, good point
<tideline> keescook, would that be changed in the /etc/apt/apt.conf.d/50unattended-upgrades file?
<tideline> I see, n mine at least Unattended-upgrades::Allowed-Origins with Ubuntu feisty-security in it
<mindframe-> same here
<mindframe-> im wondering about /etc/cron.daily/apt
<keescook> tideline: honestly, I've never played with the unattented upgrades.  :P
<keescook> eval $(apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade)
<keescook> perhaps setting the APT::Periodic::Unattended-Upgrade to something non-zero?
<keescook> cat /usr/share/doc/unattended-upgrades/README
<tideline> mindframe, also check https://wiki.ubuntu.com/AutomaticUpdates
<varek> why does iptables -L take so long :\
<donspaulding> I linked a shell script into /etc/cron.daily but it doesn't appear to be running.  Is there something else I need to do to get it to run
<donspaulding> ?
<sommer> donspaulding: just a thought, but are the permissions correct on the script?
<donspaulding> you mean +x  ??
<sommer> donspaulding: yep, for owner group and world
<donspaulding> lemme check
<donspaulding> yeah, it's 755
<sommer> donspaulding: do you see any errors pertaining to your script if you do grep -i cron /var/log/syslog ?
<donspaulding> yeah, Exec format error
<donspaulding> exited with return code 1
<donspaulding> unless that rings any bells I'll go off to Google.
<donspaulding> thanks for the tip!
<sommer> not with me... probably something inside your script
<sommer> donspaulding: np
<donspaulding> it looks like run-parts needs a Shabang in it, according to the great Google of Oz
<rbrunhuber8995> every few days is get an error like this: cannot open bayes databases /var/lib/amavis/.spamassassin/bayes_* R/O: tie failed: Permission denied. Any hits how to prevent this?
<donspaulding> make that run-parts requires my script to have the shabang
<sommer> donspaulding: heh sounds about right
<donspaulding> sommer: it's always the little things.  oh well, explicit is better than implicit.
<mathiaz> varek: probably because it tries to resolve dns. try iptables -nL.
<varek> fantastic
<varek> thanks mathiaz
<varek> iptables > scriptkiddies with botnets
<varek> hey if i have a list of client that were being used to DoS attack me is there anywhere i can report them to ?
<mathiaz> varek: you could try to report the problem to their ISP.
<varek> too much effort
<varek> there's like 15 clients
<varek> and isps don't care about this stuff
<ScottK> varek: Then no, not really.
<mralphabet> varek: you can complain to your own ISP, they can filter those IP's out on their edge
<varek> iptraffic filters for me pretty well
<varek> the attack is an attempted syn flood - but i have tcp_syn_cookies enabled, so it's doing nothing except open+close ports
<Centaur5> So if I understand correctly you can't use iptable commands in firehol?
<PyroSama> Hello.
<PyroSama> I am having issues with apache2 and mod_rewrite. I've changed allowoverride to all and mod_rewrite is enabled.
<PyroSama> Yet it acts as though mod_rewrite is not even enabled.
<mathiaz> PyroSama: did you restart apache2 ?
<PyroSama> Yep.
<PyroSama> I've been at this for 2 days now.
<PyroSama> Attempted to place ifmodule in the .htaccess, apache2.conf, and even available-sites/default
<PyroSama> Tried placing rewriteengine on in all three aswell and no combination of these seem to have any effect.
#ubuntu-server 2007-10-25
<PyroSama> Why doesnt apache restore the default config files and modules in /etc/apache2 when you remove the dir and lamp then reinstall it all?
<nxvl> mathiaz: hi, i'm working on LP bug #130836
<ubotu> Launchpad bug 130836 in apache2 "Specify OpenDocument icon(s) in Apache2 configuration" [Wishlist,Triaged] https://launchpad.net/bugs/130836
<nxvl> mathiaz: should i work with apache2_2.2.6-2
<nxvl> mathiaz: or 2.2.4-3build1
<mathiaz> nxvl: apache2_2.2.6-2
<mathiaz> nxvl: this will be for hardy
<nxvl> mathiaz: ok, downloading
<nxvl> mathiaz: is it uploaded on the server or still waiting for sync/merge
<nxvl> i can't dget it from LP
<PyroSama> Any one have any idea how I can get the contents of a default /etc/apache2 folder
<mathiaz> nxvl: http://packages.ubuntu.com/hardy/web/apache2 says it's already in the archive
<soren> PyroSama: You need to purge the package and reinstall it.
<mathiaz> nxvl: http://archive.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.2.6-2.dsc
<PyroSama> I did.
<PyroSama> I get partial content.
<PyroSama> It gives me a blank httpd.conf no modules and no apache2.conf
<PyroSama> But restores every thing else that I can tell.
<soren> What exactly did you do, and what exact files are you missing?
<mathiaz> PyroSama: did you purge apache2-common ?
<PyroSama> apache2.2-common yes
<soren> PyroSama: What exactly did you do?
<PyroSama> apt-get remove apache2 apache2-mpm-prefork apache2-utils apache2.2-common libapache2-mod-php5 libapr1 libaprutil1 libdbd-mysql-perl libdbi-perl libmysqlclient15off libnet-daemon-perl libplrpc-perl libpq5 mysql-client-5.0 mysql-common mysql-server mysql-server-5.0 php5-common php5-mysql
<soren> Where's --purge?
<PyroSama> Then removed apache2 dir
<PyroSama> -- purge?
<soren> Yes. You claimed you purged it.
<PyroSama> I guess I missunderstood.
<PyroSama> I'm still new to linux.
<soren> without --purge, you're only removing.
<PyroSama> Ah.
<PyroSama> This is new to me.
<nxvl> --purge is a really nice option, it has help me with so MANY error i have made
<mathiaz> PyroSama: removing doesn't delete configuration files (/etc/apache2), purge will do it.
 * nxvl loves --purge
<soren> You see, when you remove a configuration file, that removal is remembered (since that counts as configuration, too).
<PyroSama> Where are my mysql databases stored?
<soren> ... so when you upgrade, the file will not be reinstalled. This is by design.
<PyroSama> Ah so --purge is designed to clean the slate.
<soren> ...so to get the file back, you need to purge the package (forcing dpkg to forget all about the package's configuration files) and reinstall it.
<PyroSama> Where with out it it's designed to upgrade / remove / install the binaries and not the related configuration files
<nxvl> mathiaz: i should rename it (al least on changlog) to apache2_2.2.6-2ubuntu1, didn't i?
<soren>        purge  The package is selected to be purged (i.e. we want to remove everything, even configuration files).
<PyroSama> Ok so before I do that I need to find mysql databases
<soren> PyroSama: /var/lib/mysql
<mathiaz> nxvl: yes.
<nxvl> PyroSama: why don't you just purge apache2?
<nxvl> PyroSama: and let mysql alone
<nxvl> s/let/leve/
<nxvl> s/leve/leave/
<mathiaz> nxvl: if you're changing something to the debian package, you need add ubuntu* to the revision number.
<nxvl> :P
<nxvl> mathiaz: yes, i has read that before, just ensuring :D
<mikefoo> MailScanner question, I have spamassassin, setup without mailscanner, if I setup mailscanner, and I tell it to use spamassassin, are messages being run thru spamassassin twice?
<PyroSama> nxvl I am having other issues with my server setup aswell so if I can wipe the entire thing I might aswell.
<Jaac> Hi chaps, anyone got experience with "tasksel" ?
<Jaac> The DNS server install hangs at bind9-doc, using Gutsy 7.10
<PyroSama> Thanks for the help. I'm going to see if I can take it from here.
<Jaac> Is there a log i can read, to see where the error is?
<nxvl> mathiaz: i only need to edit debian/apache2.conf, didn't i?
<mathiaz> nxvl: Probably. I don't know exactly what you have to do to fix the bug.
<nxvl> mathiaz: heh, i'm trying to change the default apache2.conf
<nxvl> mathiaz: so the cuestion is, the default one is debian/apache2.conf?
<mathiaz> nxvl: yes.
<mathiaz> nxvl: debian/apache2.conf will be copied to /etc/apache2/ during the postinstallation phase
<mathiaz> nxvl: you can check that by looking at debian/apache2-common.postinst
<PyroSama> And behold magicly mod_rewrite works...
<PyroSama> Thanks every one I'm now a happy man :D
<nxvl> mathiaz: i was looking for the postinst, thnx
<nxvl> mathiaz: i send the debdiff, can you check it please
<mathiaz> nxvl: could you add the LP bug number you've fixed ?
<mathiaz> nxvl: LP: #130836 in the changelog
<mathiaz> nxvl: I also think that the icons should be packaged.
<nxvl> mathiaz: fixing, i always forget
 * ajmitch wonders what useful servery things he can do for hardy
 * mathiaz thinks that fedora directory server may need some packaging love
<ajmitch> people still want that?
<mathiaz> I don't know actually - it was a just an idea.
<nxvl> mathiaz: the icons aren't packaged?
<mathiaz> nxvl: I don't think so.
<ajmitch> which icons are they?
<mathiaz> ajmitch: http://www.catnip.co.uk/opendocument/icons/#apache
<ajmitch> ah, extra mimetypes
<mathiaz> ajmitch: yes - bug 130836
<ubotu> Launchpad bug 130836 in apache2 "Specify OpenDocument icon(s) in Apache2 configuration" [Wishlist,Triaged] https://launchpad.net/bugs/130836
<nxvl> mathiaz: they should be on docs/icons?
<mathiaz> nxvl: hum... well. That were upstream puts the icons.
<mathiaz> nxvl: however, you'll probably have to add them using patches in debian/.
<nxvl> mathiaz: but the patch must add them to /docs/icons
<mathiaz> nxvl: yes
<nxvl> mathiaz: but sould i use a patch or a line on postinst?
<mathiaz> nxvl: I wouln't use a patch actually.
<mathiaz> nxvl: the postinst won't work either.
<mathiaz> nxvl: try to modify the rules file to install the icons during the package build
<mathiaz> nxvl: and add a subdirectory icons/ in debian/ where you'd put the extra icons files.
<nxvl> mathiaz: under "install: build" ??
<ajmitch> they'd probably need to be uuencoded
<ajmitch> due to the limitations of the packaging format, where they have to be representable in a diff
<mathiaz> nxvl: yes.
<mathiaz> ajmitch: yes - I thought about that too.
<mathiaz> ajmitch: but I've never patched a package to add binray files.
<ajmitch> it's common enough
<ajmitch> just look for any package that build-depends on sharutils
<mathiaz> ajmitch: do you know of a package that does such a thing ?
<nxvl> mathiaz: anywhere in there of before/after something?
<ScottK> ajmitch: You could stand behind soren and kick him until ebox is packaged.
<ajmitch> mathiaz: about 50 or more
<mikefoo> MailScanner question, I have spamassassin, setup without mailscanner, if I setup mailscanner, and I tell it to use spamassassin, are messages being run thru spamassassin twice?
<ajmitch> such as squid
<ajmitch> I think
 * ajmitch looks for others that b-d on sharutils
<nxvl> ajmitch: so, you are saying i need to use sharutils instead of editing debian/rules?
<ScottK> mikefoo: Didn't see you here too.  Just don't use mailscanner with Postfix.
<mathiaz> nxvl: probably after dh_install
<ajmitch> nxvl: I'm saying that sharutils contains uuencode/uudecode, which you use from debian/rules to mangle the icons
<mathiaz> nxvl: that's when stuff gets copied from debian/ to the build directory.
<nxvl> ajmitch: oh! ok
<ajmitch> aha, openssh does use it
<ajmitch>         uudecode -o debian/ssh-askpass-gnome/usr/share/pixmaps/ssh-askpass-gnome.png debian/ssh-askpass-gnome.png.uue
<ajmitch> in the install: rule
<mathiaz> ajmitch: yop. I've seen that.
<mathiaz> ajmitch: so now the question is how to create the .uue file ?
<mathiaz> I guess with uuencode on the original .png file
<ajmitch> yes
<nxvl> ok
<nxvl> i put the changes on rules
<nxvl> now, what was that uuencode stuff?
<mathiaz> nxvl: you cannot include a binary file into a debian diff.
<mathiaz> nxvl: so you need to uuencode it, and uudecode it when building the package.
<mathiaz> nxvl: have a look at the openssh package. It adds an icon for openssh-askpass-gnome.
<ScottK> lamont: Would it be wrong to make postfix conflict with mailscanner?
<Jaac> ping 192.168.1.1
<Jaac> oops
<Burgundavia> 64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=7.000ms
<kgoetz> )
<kgoetz> :)
<nxvl> heh
<nxvl> mathiaz: client or server?
<nxvl> same thing, downloading
<nxvl> ok
<nxvl> but, how do i enconde the png files?
<nxvl> by hand?
<ajmitch> yep
<ajmitch> it's an ugly hack, really
<nxvl> ajmitch: i have more the one png file
<nxvl> i need to add a decode instruction for each one?
<nxvl> s/i/do i/
<mathiaz> nxvl: yes.
<mathiaz> nxvl: you may use a loop though.
<nxvl> mathiaz: bash loop?
<mathiaz> nxvl: you'll also have to check the license of the icons you're adding.
<mathiaz> nxvl: yes. In the rules, so that you don't need to add the same line for each icon file.
<nxvl> mathiaz: http://creativecommons.org/licenses/by-sa/2.5/
<nxvl> mathiaz: whis one, that means i need to add it to COPYRIGHT, didn't it?
<nxvl> s/whis/this
<mathiaz> nxvl: you're correct.
<nxvl> ok
<nxvl> do i need to enconde on base64 or default one?
<lamont> ScottK: does mailscanner provide: mail-transport-agent
<lamont> ?
 * lamont needs to run off for an hour or so.  bbl
<mathiaz> nxvl: good question. Try the default encoding.
<mathiaz> nxvl: I guess that the source package won't build if it's not what should be done.
<ajmitch> doesn't matter what is used, as long as diff likes it
<ScottK> lamont: No, but it engenders some pretty strong reactions on postfix-users because it uses internal interfaces to interact with postfix (manipulates mail queues directly) and so is inherently unrelaible.
<ScottK> unreliable even.
<nxvl> mathiaz: done, patch send
<penguim> night all
<nxvl> mathiaz: forget it, i haven't add the license
<mathiaz> nxvl: the changelog doesn't have the correct LP syntax.
<mathiaz> nxvl: the bug number should be preceeded with LP:
<mathiaz> nxvl: ie: (Closes: LP: #130836)
<nxvl> mathiaz: ok, i will change that
<nxvl> mathiaz: i'm looking at the page where i downloaded the icons, and it says nothing about license
<nxvl> mathiaz: it mencion license about OTHER icons
<nxvl> mathiaz: not those i download
<mathiaz> nxvl: there isn't any LICENSE file in the tar archive ?
<nxvl> nop
<ajmitch> that makes it annoying
<mathiaz> hum... according to this web page: http://opendocumentfellowship.com/icon/examples
<mathiaz> a set of icons has been donated to the ASF
<mathiaz> "This icon set has been donated to the Apache Foundation under the terms of their CLA."
<nxvl> mathiaz: but not THESE set of icons
<mathiaz> nxvl: what about these icons: http://opendocumentfellowship.com/icon/examples ?
<mathiaz> nxvl: I think it's the same author.
<mathiaz> nxvl: it seems that all the icons are provided under the following license:
<mathiaz> License
<mathiaz> Permission to use and/or modify these images is granted for the identification and promotion of the OpenDocument Format (ISO 26300 and any later version published by OASIS or ISO) provided you acknowledge me, Pete Harlow, if someone asks
<mathiaz> These icons are trademarks of Pete Harlow.
<nxvl> mathiaz: ok, let use those
<nxvl> mathiaz: nop, those are the ones i downloaded
<mathiaz> nxvl: you may want to confirm with the author that everything is ok.
<nxvl> mathiaz: right click -> properties
<nxvl> license says it is
<mathiaz> nxvl: The author is subscribed to the bug so he should receive the notification.
<mathiaz> nxvl: It may also be worth making sure that this set of icons is the one that has been donated to the ASF.
<nxvl> mathiaz: the icons from the web you just send are the ones in the first one
<nxvl> mathiaz: so i think is that license
<nxvl> sending new debdiff
<mathiaz> nxvl: that's what I tought.
<mathiaz> Did you test the build ?
<nxvl> i did "dpkg-buildpackage -S -rfakeroot" if that's what your asking
<mathiaz> nxvl: hum... Could you also test the binary build ?
<nxvl> ok
<mathiaz> nxvl: -S will only build a source.
<mathiaz> nxvl: a binary build will also make sure that the changes to the rules files works correctly.
<mathiaz> nxvl: check that the added icons are shipped in the package.
<nxvl> mmm i didn't have hardy pbuilder enviroment
<nxvl> i will check
<nxvl> mathiaz: can i build it on gutsy?
<mathiaz> nxvl: that should be ok for now.
<mathiaz> nxvl: unless you wanna setup a pbuilder for hardy (you'll have to do it as some point ;) ).
<nxvl> i will do it now anyway
<nxvl> is the debbootstrat already with hardy scripts?
<mathiaz> nxvl: I did it today - I've just rebuilt hardy debootstrap for gutsy
<mathiaz> nxvl: yes. but the one in hardy.
<nxvl> last time i downloaded it doesn't work
<mathiaz> nxvl: I haven't seen anything in gutsy-backports.
<nxvl> :D
<nxvl> mmm
<nxvl> i think i forget the dependency for uue
<nxvl> :(
<mathiaz> nxvl: if you don't wanna go through rebuild hardy debootstrap for gutsy, you can just symlink the hardy script to gutsy
<mathiaz> nxvl: $ ls -l /usr/lib/debootstrap/scripts/
<mathiaz> nxvl: lrwxrwxrwx 1 root root    5 2007-10-24 15:54 hardy -> gutsy
<nxvl> does it will work fine forever?
<mathiaz> nxvl: but I think there has been other bug fixes in debootstrap - you should check the changelog.
<mathiaz> nxvl: IWFM now.
<mathiaz> nxvl: but we discover new bugs now that hardy is opened.
<mathiaz> nxvl: we might discover
<mathiaz> nxvl: I just needed to setup my pbuilders for hardy.
<nxvl> i need to go out for now, i will continue with this later
<nxvl> mathiaz: thnx for the help
<mathiaz> nxvl: you're welcome :)
<genii> soren: Hello, you here?
<mathiaz> genii: I don't think so.
<genii> Perhaps someone may know... I hear he is working on ebox. Is anyone working on or know about the debian and debian-edu status of cipux?
<kgoetz> no, what is it?
<ScottK> genii: He's on European time, so he's almost certainly sleeping right now.
<genii> another we gui admin tool, wthey are adopting it as the webmin replacement
<genii> *web, *they
<kgoetz> oh
 * kgoetz stops being interested
<genii> ScottK: OK, thanks once more
<genii> ScottK: Is ebox on launchpad?
<ScottK> NOt yet.
<genii> OK
<ScottK> He might be interested in assistance/testing though.
<genii> Cool. i have a couple of home servers on static IP
<genii> falcon etc is installed
<genii> LOL Damn whois on soren doesn't give me a clue what timezone
<genii> For logging purposes: http://wiki.debian.org/DebianEdu/CipUX
<ScottK> genii: He lives in .dk
<genii> Ah so about GMT +1 or +2
<genii> Thanks
<genii> ScottK: You're a fount of information :)
<lamont> ScottK: evil.
<lamont> there's a part of me that would support conflicting with it
<stiv2k> hi how come when trying to stream a movie over samba it keeps breaking up
<mathiaz> stiv2k: which version of samba are you using %
<mathiaz> stiv2k: ?
<fujin> Anyone running some sort of centralised authentication
<genii> Does radius count?
<fujin> I mean for PAM
<fujin> I'm running LDAP with slapd, but I'm not entirely happy with it.
<fujin> especially the client-side caching
<stiv2k> mathiaz: just upgraded to gutsy
<stiv2k> umm
<kgoetz> fujin: hi
<stiv2k> mathiaz: 3.0.26a-1ubuntu2
<fujin> Hello.
<kgoetz> fujin: i'm using ldap ,but only internal to one machines services
<fujin> I see.
<fujin> I'm thinking of rolling it to 50~ boxes, and this is the decision making time
<fujin> wether to statically push out an /etc/passwd / /etc/shadow blabla.
<fujin> or to use ldap.
<mathiaz> stiv2k: on both the client and the server ?
<stiv2k> client?
<stiv2k> no the client is windows XP
<kgoetz> fujin: not tried that myself. do you have time to try ldap and not use it if it breaks?
<kgoetz> for 50 systems its worth putting in the effort to try and centralise that stuff imo
<sommer> fujin: I concur with kgoetz... you can also authenticate webapps and other services to ldap.
 * kgoetz is in the process of tryinng that :)
<stiv2k> mathiaz: ?
<mathiaz> stiv2k: I don't really know. There was a bug about streaming from a samba server, but it was to a linux client.
<fujin> kgoetz: well, my /etc/passwd would be centralised
<fujin> but storage of the passwords would not be obviously
<fujin> unless I replaced the passwd file everytime (I use puppet for centralised management
<stiv2k> hmm
<kgoetz> fujin: thats a type of centralisation i guess
 * kgoetz has used cfengine fro a similr task in the pst
<fujin> Aye.
<fujin> I'll stick to LDAP. Just need to make sure it's going to work. I've got Puppet pushing out all the necessary stuff but am hitting issues changing from sudo to sudo-ldap
<fujin> although I think I've got aroudn that by rolling my own sudo package and telling puppet to update the boxes to the latest version of sudo
<fujin> (without the broken stuff)
<kgoetz> i've seen lots of stuff about ldap in LP, but i didnt look closely because it doesnt affect me :)
<fujin> The only major problem I can foresee is that even with nscd/nss_updatedb, the passwords are never cached
<fujin> which I guess is good
<fujin> but of course reduces functionality without connectivity
<fujin> and I haven't got around to making a master-2slave LDAP cluster yet.
<kgoetz> depends if you plan for clients to go awol i suppose
<kgoetz> brb
<osmosis> Is there a way to list the files that would be installed before installing a package ?
<kgoetz> if you have apt-files you might, or look at packages.ubuntu.com, i think it has package lists
<genii> osmosis: maybe sudo apt-get install --simulate <package>
<Burgundavia> soren: nice try on the debian mail
<Burgundavia> look there is a topic ... hey shiny other thing ..,.
<soren> Burgundavia: *G* Yeah, it's amazing how little interest they seem to have in something that's really a change to Debian Policy.
<Burgundavia> soren: the other one that baffled me was the "we should use .desktop because the world has already gone there"
<Burgundavia> there is a reason Ubuntu exists
<Burgundavia> this is it
<soren> .desktop? Er... I think I missed that one?
<kgoetz> mmm. shiny thing
<Burgundavia> soren: .desktop files are how apps show up in the menu
<Burgundavia> they are a freedesktop.org spec and used in KDE, GNOME, Xfce and some other wms
<soren> Sure, sure.
<soren> I meant that I missed the comment about using .desktop "because the world has aready gone there"?
<Burgundavia> sorry, tired
<Burgundavia> that was not what I was thinking i was writing and yet it made sense
<Burgundavia> I am good
<Burgundavia> anyway, I was saying that debian basically rejected .desktop files because about 1% of the wms used by debian users don't support it and likely because of a strong case of NIH
<soren> National Institute of Health?
 * soren is also tired :)
<kgoetz> they didnt rejet them, theh just want to make sure.menu files stay around
<Burgundavia> not invented here
<soren> Oh :)
<Burgundavia> kgoetz: that is crazy
<Burgundavia> they should have made .desktops standard and one generate the other
<kgoetz> me shrug. i'm tired. i'm goign home ;). later all
<soren> Burgundavia: I think I'll draft an actual patch to Debian Policy and send it. That might get things started.
<Burgundavia> soren: for the .desktop or your issue
<Burgundavia> ?
<soren> My issue.
<nxvl> i'm having problems with apache
<nxvl> patching LP bug
<nxvl> #130836
<nxvl> does any one can help me?
<ScottK> re: "<lamont> there's a part of me that would support conflicting with it" - The question is, is that part of you the Postfix maintainer?
<halcyonCorsair> hello
<halcyonCorsair> anyone know anything about configuring mrtg or cacti?
<_ruben> used mrtg ages ago, currently using cacti, but #cacti might be a better place
<lamont> ScottK: it's a rather abrasive move... I'd want to discuss it with the debian maintainer of mailscanner (or whatever package it was...)
<lamont> what we need is Discourages: and Strongly-Discourages: :-)
<ScottK> lamont: I agree.  It shouldn't be done unilaterally, but I do it's not unreasonable to have the packaging system avoid insanity.
<halcyonCorsair> well does anyone here know about installing cacti then?
 * ScottK is pondering adding a mailscanner factoid like the webmin one to do the strongly discouraging bit here anyway.
<lamont> ScottK: after reading the description, it looks like postfix isn't on it's supported list, which makes me feel less bad about conflicting... :-)
<lamont> anyway, I'll ponder it
<ScottK> OK.
<soren> halcyonCorsair: I know about mrtg.
<halcyonCorsair> how hard is it to get going on ubuntu server 7.04?
<soren> halcyonCorsair: ...but rumour has it that cricket is teh stuff these days.
<soren> halcyonCorsair: Not very.
<halcyonCorsair> cricket?
<soren> halcyonCorsair: Take a look at the cfgmaker man page, and you should be very close to have a working configuration.
<lamont> soren: it'll be quite sometime before the crusty cricket release.
<halcyonCorsair> soren: how hard is not very?
<soren> halcyonCorsair: How long is a piece of string?
<soren> halcyonCorsair: It's kind of hard to say, isn't it? I find it rather easy. Untrained hamsters might find it slightly more difficult.
<soren> You might find yourself in between those two somewhere.
<soren> Are you good with snmp?
<soren> If so you might find it really easy.
<halcyonCorsair> i've heard of it.... <--- nice cagey answer
<soren> Ok, if you can give me a unit of measure, I'll attempt to tell you exactly how difficult it is.
<lamont> halcyonCorsair: it stands for "Security Not My Problem."
<mralphabet> lamont: lies! ;)
<lamont> mralphabet: read the spec
<mralphabet> heh
<lamont> and name me _one_ other widely deployed protocol that still has no means of authentication other than clear text passwords.
<lamont> oh wait.  those aren't passwords.  those are "community strings"
<mralphabet> hey, community strings are secure . . .
<mralphabet> as long as you don't write them down
<lamont> or use them on a sniffable network
<halcyonCorsair> soren: so, a guide or something of some sort?
<mralphabet> that too
<soren> Well, at least it's not like there's some standard strings that everyone uses.
<soren> Oh, wait..
<mralphabet> heh
<Kamping_Kaiser> lol
<lamont> and no vendor would ever hardcode a write-capable community
<soren> halcyonCorsair: Seriously.. Take a look at cfgmaker (included in mrtg).
<soren> halcyonCorsair: It's quite easy, if you already have snmp up and running.
<soren> I got to go. I have to pack for Boston.
 * halcyonCorsair wonders what he needs to get snmp up and running
 * lamont packs for boston on saturday
<Kamping_Kaiser> how long until ... oh. saturday
<sommer> halcyonCorsair: first step is to install the snmp package.
<halcyonCorsair> done
<sommer> halcyonCorsair: then on to installing mrtg.
<halcyonCorsair> look, the whole apt-get install bit isn't the issue, its the config
<sommer> halcyonCorsair: what is your plan for mrtg?  bandwidth monitoring? service monitoring?
<MikeDX> is there a list of things somewhere that 606 installs by default - and if not, is iptables installed by default in 606 LTS?
<halcyonCorsair> sommer: bandwidth monitoring
<Kamping_Kaiser> MikeDX, iptables is part of the kernel
<Kamping_Kaiser> (read : yes)
<MikeDX> :|
<sommer> halcyonCorsair: sweet, than like soren mentioned cfgmaker is your friend
<sommer> halcyonCorsair: to use it do cfgmaker communitystring@device > device.cfg
<MikeDX> ok, next question, where is the file for me to edit to allow samba shares across my vpn?
<Kamping_Kaiser> *shrug* samba==not my problem :)
<MikeDX> ok then, where is the config file for me to edit to allow the ports that I want opened up
<sommer> halcyonCorsair: here's a guide that may help: http://www.cyberciti.biz/nixcraft/linux/docs/uniqlinuxfeatures/mrtg/
<halcyonCorsair> thanks
<halcyonCorsair> sommer: communitystring?
<sommer> it's what snmp uses as a password to gather info from devices.
<sommer> halcyonCorsair: most devices set it to the work "public" by default, which is why snmp is considered not very secure... and stuff
<sommer> s/work/word/
<MikeDX> how can i change the order in which services in init.d start up?
<MikeDX> I guess I change SNN to SAA in /etc/rc2.d
 * MikeDX tries it
<halcyonCorsair> anyone know how to get snmp going?
<sommer> halcyonCorsair: do you have a specific question?
<sommer> if you've installed the snmp package you're ready to use it.
<halcyonCorsair> sommer: i'm trying to get cacti working, and its saying "snmp: not in use"
<sommer> halcyonCorsair: have you configured the device you're trying to monitor for snmp?
<halcyonCorsair> sommer: what do i have to do for that?
<sommer> halcyonCorsair: depends on the device... what is the device?
<sommer> cisco switch, printer, server?
<halcyonCorsair> as in my nics?
<sommer> halcyonCorsair: are you trying to monitor bandwidth on a server?
<halcyonCorsair> yes
<halcyonCorsair> also could my firewall be causing issues?
<sommer> halcyonCorsair: are you trying to monitor a server on the same lan? if so you should be good to go, or are you talking about the server's firwall?
<avatar_> sommer: /etc/default/snmpd
<avatar_> halcyonCorsair: /etc/default/snmpd
<avatar_> halcyonCorsair: by default snmpd is only listening on 127.0.0.1
<halcyonCorsair> no, i have an ubuntu gateway/firewall/whatever that i want to run cacti on
<sommer> avatar_: good call, you should check that file halcyonCorsair.
<halcyonCorsair> ok, what am i checking for?
<sommer> halcyonCorsair: the ip address snmpd is listening on.
<sommer> check the SNMPDOPTS line
<halcyonCorsair> SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'
<sommer> you'll want to change 127.0.0.1 to your ip address
<halcyonCorsair> why?
<sommer> so you can connect to it using SNMP
<halcyonCorsair> aha...
<halcyonCorsair> turns out.... that /etc/init.d/snmp restart, doesn't actually restart snmp
<sommer> halcyonCorsair: did you do /etc/init.d/snmpd ?
<halcyonCorsair> yes
<halcyonCorsair> that was a type
<halcyonCorsair> *typo
<halcyonCorsair> stop stops, start starts, and i don't know what the hell restart does
<Fenix|work> I have a question with ubuntu-server VMWare and framebuffer
<Fenix|work> how can I get out of 80x25 mode using vga= on the kernel line, but also be able to see the console in my VM...
<Fenix|work> right now when I change menu.lst and add vga=791, I get Starting up... some crap on the console, but then can't see anything I'm typing
<sommer> Fenix|work: you could try 1024x768 vga=773
<Fenix|work> I didn't try 773 yet ...
<Fenix|work> I was wondering if it was related to the fact that vmware-tools didn't start
<Fenix|work> I manually started it fine, so I suppose it's in the wrong RC level
<mralphabet> Fenix|work: there is a bug with gutsy and framebuffer I think
<mralphabet> I saw a bug report about it the other day
<Fenix|work> oh poo
<Fenix|work> I also see vmware-tools starts in rc5.d
<halcyonCorsair> tim eto sleep
<Fenix|work> oh, starts in rc2 as well
<MikeDX> Fenix are you anything to do with the fenix language?
<Fenix|work> nope...
<Fenix|work> oh and 773 gives me a nice black screen
<Fenix|work> not even any graphical goop
<mralphabet> Bug #129910
<ubotu> Launchpad bug 129910 in linux-source-2.6.22 "tty[1-6] are active but display nothing in Gutsy" [Undecided,New] https://launchpad.net/bugs/129910
<Fenix|work> mralphabet, thanks
<Fenix|work> will fix initramfs
<Fenix|work> wow, all framebuffers are in the blacklist
<MikeDX> i think every version of ubuntu blacklists all the framebuffers#
<MikeDX> ls
<Fenix|work> quick question
<Fenix|work> how do I update ubuntu-server from the cl?
<Fenix|work> ok, I see... apt-get update then apt-get upgrade
<mralphabet> apt-get update && apt-get upgrade
<mralphabet> the 'upgrade' only happens if 'update' completed with no errors
<Fenix|work> I have to apologize... I come from an 'emerge' environment
<Fenix|work> :)
<mralphabet> ack! emerge! heathen!
<mralphabet> oh nos!
 * Fenix|work born again
<mralphabet> heh
<Fenix|work> otherwise I wouldn't be here :)
 * mralphabet shrugs
<Fenix|work> I use both ... but I'm tired to compiling
<mralphabet> most are glad to help
<Fenix|work> tired *of* compiling
<Fenix|work> how does one enable mouse in console here?
<Fenix|work> apt-get install gpm should suffice no?
<Fenix|work> hope vmware will let me out of console mode with gpm installed
<mralphabet> I believe
<Fenix|work> without having to ctrl-alt
<mralphabet> workstation? or server
<Fenix|work> workstation
<mralphabet> I user server and just use the web interface
<Fenix|work> I'm setting up a basic ubuntu GG server to ace clone
<mralphabet> to access the desktop I use vnc or remote desktop
<linuxpoet> what is the name of the postgresql package that is complied --with-debug?
<Jaac> I have a problem upgrading postfix, and need to know what packages are installed, is there a way i can see what packages are installed through apt-get? Or maybe another cmd?
<lamont> Jaac: dpkg -l
<Jaac> Cheers lamont
<Jaac> Another problem :o Ive shutdown postfix through init.d, same for saslauthd, but still cant write to /etc/postfix/sasl/smtpd.conf while using sudo.
<Jaac> Is there a way i can see what program is using it at the moment?
<soren> Jaac: Can't write to it? What's the error ?
 * soren wonders why he's still awake
 * ajmitch wonders the same
<ajmitch> surely you'll be flying soon?
<Burgundavia> ugh, I leave at 6am tomorrow
<Burgundavia> means I have to leave me house at 3am
<ajmitch> you're going to UDS again?
<soren> ajmitch: Approximately 9 hours from now.
<Jaac> soren: -bash: /etc/postfix/sasl/smtpd.conf: Permission denied
<soren> ajmitch: The airport is a 6 minutes drive from here, and the first leg is domestic, so I don't have to leave the house for another 8Â½ hours.
<soren> Jaac: When doing what?
<Jaac> soren:  sudo echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf
<soren> Jaac: Let me guess: sudo blahblahbabl > /etc/postfix/sasl/smtpd.conf ?
<Jaac> yup
<soren> Jaac: Right. sudo makes echo run with root privs, but the redirection is done by your shell, which is still run by you.
<soren> I.e. no pony for you.
<mikefoo> Anyone use squirrelmail?  foes some reason my filter for X-Spam-Status: Yes, just doesn't work.. everything goes to either my SPAM folder, or my inbox.. its wierd.
<soren> sudo sh -c "echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf"
<soren> Jaac: ^^ will make you happy.
<Jaac> Croocked soren, thanks heaps
<soren> np
<Jaac> You got me there, totally lost ;)
<ajmitch> or it's often just quicker to use an editor :)
<soren> ajmitch: You're always so fancy. :p
<ajmitch> well if you want complex, you can go for ed
 * soren misses ed
<soren> It's so much more fun and adventurous.
<soren> Aw, craptastic.
<soren> My scanner is returning all black pages.
<soren> It worked fine two months ago... Either gutsy broke it, or the scanner finally gave up.
#ubuntu-server 2007-10-26
<ajmitch> and I presume that you need it before you go?
<soren> Of course
<soren> Which I suppose it the main reason why I'm still awake.
<soren> The internet is an odd, odd place.
<soren> I ask google what it knows about: scanjet 3300c linux black
<soren> The first hit has the correct scanner in the title, but it's in Czech and the bit that google shows me that contains the word "black" is "blahblahblh Black Plague blahblahblha"
<Kamping_Kaiser> lol. sounds par for the course
<soren> http://people.ubuntu.com/~soren/foo.ppm  <--- Not entirely black, as it turns out.
 * soren goes to sleep
<soren> G'night, guys.
<robc4> anyone in here?
<jnc> not usually
<robc4> well, I have a question about 6.10
<robc4> I show 3 users logged in with a w or a who command
<robc4> and only one is connected via ssh
<robc4> are the other two system users doing cron commands?
<robc4> or should I be worried
<jnc> what tty
<robc4> pts/0
<robc4> is the only one showing up unless I do a who -a
<jnc> each program you run interactively opens up a pseudoterminal
<robc4> so it could be a service like a dns multicaster
<robc4> access.log looks clean
<robc4> sorry, auth.log
<alienseer23> i cannot get webcalendar to successfully launch, getting access denied, but when i use 'test connection' it works just fine. mysql settings seem to be correct, help?
<kraut> moin
<MenZa> moin
<_ruben> mornin
<_ruben> crap .. i guess i disabled ipv6 the wrong way .. now when i try to do apt-get update it complains it cant access the ipv6 ip addresses of the repo's
<_ruben> what the hell .. my 70-persistent-net-rules got altered .. it swapped my interface names
<_ruben> got 6 interfaces, using 2 at the moment, 1's still ok, the other got swapped with one of the other 4
<_ruben> never mind .. some1 pulling a network cable by accident got me confused
<CybrSpy> Anyone have experience getting gutsy to install on sun sparc t1000? I've hit a port unreachable wall after it starts getting the file from tftp.
<sommer> CybrSpy: are you doing a net install?
<CybrSpy> yep.
<sommer> CybrSpy: ah, sorry I've only done installs from CD on sparc
<sommer> CybrSpy: the tftp part starts though?
<CybrSpy> After rarpd assigns the ip address, and it goes to tftp the file(I have the name right) it starts d/ling the file then kicks off trying to hit a high udp port looking for something.. yes it starts the tfp session
<CybrSpy> er tftp
<CybrSpy> Other people have run into this - as I've found people asking about it via google.  I'm just not seeing a solution.  I'm guessing I'm missing something right in front of me..  you know.. a D'OH moment.
<sommer> CybrSpy: not sure if this will help but, there are some instructions in this post: http://ubuntuforums.org/archive/index.php/t-185136.html
<CybrSpy> Thanks.. I've not tried the preseed trick yet.. But everything else I've done.  There's actually a post in that link where someone mentions the port unreachable issue.. then a couple posts later says he's booting properly now.. But nothing as to what the issue was..    I'll try the preseed trick - maybe that will make it stop looking for a port on my boot server that's not open.
<sommer> CybrSpy: cool, good luck
<CybrSpy> thanks
<zobbo> Trying to install apache2 on Gutsy and it appears I can't install mod_auth_ldap - which wants 'apache-common' which apparantly no longer exists. Am I stuck with a source install ?
<zobbo> libapache-mod-ldap: Depends: apache-common but it is not installable
<sommer> zobbo: try apache2.2-common
<zobbo> tried - it's installed but no go :-(.
<zobbo> just found this https://lists.ubuntu.com/archives/universe-bugs/2007-September/017302.html
<mralphabet> http://packages.ubuntu.com/gutsy/web/libapache-mod-ldap
<mralphabet> hrm
<mralphabet> yes, that probably needs to be fixed
<zobbo> ah well :)
<mralphabet> zobbo: you may want to open an additional bug or append to that bug that libapache-mod-ldap also fits that bug
<zobbo> If I had half a brain I'd have found this first https://lists.ubuntu.com/archives/universe-bugs/2007-September/017341.html
<zobbo> so looks like reported and confirmed.
<XiXaQ> Hello everyone. I'm trying to setup an LDAP server for use as a single sign-on solution and for sharing contacts in  evolution. Can someone point me to a good guide on the subject?
<sommer> XiXaQ: here's a link for feisty: https://help.ubuntu.com/7.04/server/C/openldap-server.html
<sommer> also the community docs have this page: https://help.ubuntu.com/community/OpenLDAPServer
<XiXaQ> sommer, yes, I've read that, but I didn't understand anything in the last part, about using it for authentication.
<sommer> XiXaQ: do you have a specific question?  is your plan to authenticate Linux systems to LDAP?  if so check out the ldap-auth-config package.
<XiXaQ> yes, I was hoping to let the users have one systems for all services on all servers.
<sommer> XiXaQ: cool, from my experience with LDAP each service/application has a different way to be configured for LDAP.
<sommer> the ldap-auth-config tool will help you configure Linux workstations to authenticate to LDAP.
<sommer> you'll need to have your users setup in LDAP with the correct attributes first though.
<XiXaQ> heh, how do I do that?
<sommer> setup users in LDAP?
<XiXaQ> yes.
<sommer> if you're just staring out the easiest way is to import an LDIF file.
<sommer> That's covered in the guide under Populating  the LDAP Tree
<XiXaQ> but I don't have to manually create that for each user, or..?
<XiXaQ> I was hoping I could use the same tools as normal to create users, change passwords, etc?
<sommer> XiXaQ: as far as I know those tools are used to manage the local user database not an LDAP server.
<sommer> There are some gui style LDAP tools: http://phpldapadmin.sourceforge.net/ and http://luma.sourceforge.net/ are two that I use
<sommer> I don't use them to add users though!
<sommer> they don't work for me that way, because I retreive some user attributes from our main database application.
<sommer> they may work fine for your setup.
<XiXaQ> thanks :)
<sommer> XiXaQ: sure, np
<close2__> i just had quite some troubles activating a raid1 lvm2 volume
<close2__> and was wondering if i should switch to hardware-raid
<ScottK> I can report another Fiesty --> Gutsy server upgrade with no trouble at all.
<sommer> ScottK: out of curiosity what services were upgraded?
<sommer> I think I'm going to upgrade a web/print server next week.
<ScottK> It's a mail server, so Postfix, Clamav, SASL, DKIM-Milter and all the other bits that go with it.
<sommer> ah, cool
<ScottK> I didn't do it the official way.  I just apt-get dist-upgraded.
<sommer> really... did it ask you about merging configs if you do dist-upgrade ?
<ScottK> Yes.
<sommer> cool, wasn't sure if that was a do-release-upgrade thing.
<ScottK> ntp.conf is the only one I had.  That's a function of dpkg, so it doesn't matter which
<osmosis> is there a wiki page for info on upgrading for ubuntu servers ?
<leonel> sudo apt-get update
<leonel> sudo apt-get dist-upgrade
<leonel> then.
<leonel>  do-release-upgrade
<ScottK> leonel: I saw in a bug report that the Feisty clamav (not the backports one) is no longer getting database updates.  Would you look into it and see if we can fix it so it will?
<leonel> osmosis: http://www.ubuntu.com/getubuntu/upgrading  the last part
<osmosis> leonel: cool
<leonel> ScottK:  ok
<osmosis> leonel: yup, there it is.  i was still doing dist-upgrade
<ScottK> leonel: Thanks.  I think it qualifies as a security issue.
<leonel> ScottK:  booting  feisty server ..
<leonel> ScottK: freschlam updated  fine here    looking for that report ..
<ScottK> leonel: It's marked incomplete and was filed in the last few days
<ScottK> leonel: Did you have the regular clamav or the backports one installed?
<leonel> 0.91.2-3ubuntu1
<leonel> it was a backport done by me
<leonel> ScottK: let me install feisty
<leonel> clamav
<osmosis> leonel: too late, I already tried to upgrade to gutsy with  dist-upgrade, and now I have  29 not fully installed packages.  Any idea how I fix ?
<leonel> apt-get -f install ?
<leonel> ScottK:  too often connections with outdated version
<leonel> ScottK:  then  drops  the connection and tries another server  with same  response
<ScottK> leonel: Can you look into can we do something to avoid that?
<leonel> ScottK: looks like it's de  "outdated"  version .. let me check
<ScottK> Considering we've added the security fixes for the later version, I don't think it would be wrong to say it was the later version ...
<leonel> ScottK: it was with  feisty's 0.90.2-0ubuntu1.4   version
<leonel> let me test  the backported
<ScottK> Backported is fine leonel.
<leonel> ScottK: ok
<leonel> let me check with clamav.net to see what can be done ..
 * ScottK would say just make freshcalm lie about it's version.
<leonel>  dapper's version works fine    and  in clamav  they suggest to remove the mirrors.db  from the clamav db  dir
<leonel> ScottK: let me test that in feisty ..
<ScottK> Cool
<leonel> ScottK:  WORKED
<leonel> just removed  /var/lib/clamav/mirrors.dat
<ScottK> leonel: Would you please comment that in the bug.
<ScottK> leonel: Would you also talk to keescook about would he take that for a security update?
<leonel> sure but what bug ??
<leonel> is it reported on launchpad ??
<leonel> didn't find it
<ScottK> leonel: It's buried in Bug #157154
<ubotu> Launchpad bug 157154 in clamav "clamav-daemon eats 100% CPU forever on feisty server" [Undecided,Incomplete] https://launchpad.net/bugs/157154
<leonel> or should we  do an  security update  to remove  the mirrors.dat ?
<ScottK> I was thinking that if keescook agrees, file a separate bug on the updates issue and fix it in security.
<leonel> just looked to the   titles  ..
<leonel> ScottK: ok
<ScottK> Normally that's OK.
<leonel> ScottK:  made a  new fresh install  for clamav  ( rm /var/lib/clamav )   and there's no  mirrors.dat  after install     and freshclam works   when  finish  there's a new  mirrors.dat
<leonel> ScottK:   after the  first freshclam run theres a mirrors.dat    then    run again freshclan and  the same errors  came back
<leonel> removed  the mirrors.dat     and the error came back
<ScottK> Maybe needs a deeper fix then.
<leonel> ScottK:  can this be a  good chance to  push  the new clamav  when there are updates ??
<ScottK> leonel: Not unless there is just no other way.
<leonel> ScottK: then keep with backports ..
<ScottK> leonel: We will, but we also need to try and keep the regular one working too.
<leonel> ScottK: yes we must
<leonel> ScottK: works if I remove  all the contents in  /var/lib/clamav
<leonel> ScottK: but then fails again even when only  the mirrors.dat is removed
<ScottK> I'd look into claiming to be a later version.
<osmosis> help
<osmosis> Setting up openssh-server (1:4.6p1-5build1) ...
<osmosis> Segmentation fault
<osmosis> is there a bug in gutsy that causes apt-get or dpkg to give faults?
<avatar_> osmosis: i'm not aware of such a bug
<close2__> hello, as stated earlier i would to switch from software-raid to hardware-raid (raid1)
<avatar_> osmosis: segmentation fault looks very strange to me
<avatar_> osmosis: maybe check your ram
<close2__> but when I try to use the motherboard raid   (ati sb600) the ubuntu-server-live-cd doesn't respect the raid1 "property"
<close2__> how do I find out if it is possible to use hardware-raid with this motherboard?
<avatar_> close2__: why do you want hardware raid?
<avatar_> i think. with softwareraid you are much more flexible
<close2__> i had software-raid with raid1 and lvm2 (which IMO was a big mistake)
<close2__> and had big problems mounting those drives in a live-cd
<close2__> I also would like to be able to just replace a broken drive, without partitioning...
<Nafallo> close2__: not if you would have installed the proper tools to mount them
<osmosis> avatar_: i get it on every system that wasn't setup with the cd installer. They were setup with debootstrap
<Nafallo> close2__: any yea, that's what raid1 is there for.
<Nafallo> close2__: and regarding your hw-raid, are you sure it's not dmraid?
<close2__> Nafallo: i will look into dmraid
<avatar_> with hardware raid, your data is gone if your hardwareraid controller fails
<close2__> Nafallo: would there be an option in the ubuntu-server cd for installing it with dmraid?
<Nafallo> close2__: dunno
<avatar_> with software raid you can switch your disks to an other computer and it just works
<osmosis> avatar_: http://dpaste.com/23469/
<close2__> do I understand you correctly, that I cannot move raid-disks between different motherboards?
<Nafallo> close2__: no. raid-controllers :_)
<Nafallo> :-)
<close2__> I hoped that with raid1 I could just take the disk, put it into another mb and maybe "reconfigure" raid1
<close2__> if not, at least get the data
<Nafallo> close2__: sounds like mdraid ;-)
<umop-apisdn> can anyone tell me how to quiet the fans on a compaq proliant ml370 running ubuntu 7.10 i386 server?
<close2__> if i use software-raid (raid 1) , could I take one disk, put it into another machine and access the content without any special modules?
<osmosis> I can't get gutsy to work if I install it with debootstrap. I end up with a system that has a broken apt-get.
<leonel> osmosis:  apt-get -f install ?
<osmosis> leonel: gives same error.
<osmosis> leonel: im really stuck.
<leonel> osmosis: where did you get that  ssh  ?
<osmosis> leonel: this is a fresh gutsy install (from debootstrap). Im just doing  apt-get install ssh
<osmosis> leonel: I dont think its as much about the package...it think apt is giving this error for lots of packages.
<leonel> ssh ??
<leonel> openssh-client  openssh-server ..
<osmosis> just ssh, which is a meta-package for both of those.
<leonel> never used it ..
<osmosis> leonel: here it is with the client package.  http://dpaste.com/23474/
<umop-apisdn> /opt/compaq/hpasm/etc/foundation.functions: 502: Syntax error: Bad substitution <-- what does this mean?
<osmosis> how come my gutsy install has no eth0, but has a eth2?
<osmosis> is there a way to disable rules.d/75-persistent-net-generator.rules  so that it stops doing that.
<ScottK> It would be nice if the full content of the server-packages-review spec were public so that community members could actually read it before the meeting ...
<osmosis> how can I discover what compilation flags a pkg was created with ?
<osmosis> how come there is a freetds-dev  pkg, but no  freetds package?  lame.
<sommer> osmosis: you're probably looking for tdsodbc
#ubuntu-server 2007-10-27
<Joaoebordignon> Hi, I'm doing a reinstall on my ubuntu file server. And it's hanging in the "Installing the kernel - installing linux-server" for about 40 minutes now. Is it normal (it was almost 2 years since I did a server install)?
<jnc> zul: regarding Xen bug #144631 - are the scripts going to be fixed, or is the issue something specific to the kernel?
<jnc> zul: I have got past the ACPI errors and now am encountering problems with my domU's hanging on init scripts
<jimcooncat> anyone have a link on using ebox with gutsy, please?
 * lamont grumbles at ScottK 
<lamont> ScottK: dapper backport of 2.4 switches the poor user from sasl1 to sasl2
<ScottK> lamont: Everyone knows backports are crack and should be avoided.
<ScottK> Without actually being careful and stuff....
<lamont> yeah
<lamont> ScottK: it doesn't help that postfix just Suggests: them
<ScottK> Well one isn't required to use SASL for anything, so suggests is appropriate.
<jforman> i am curious, are there any packages that provide for web-based server management (other than webmin) specific for ubuntu server?
<stephenHome> hello everyone...
<sommer> sup
<stephenHome> would anyone be able to point me in the direct me in settings up how to have an smtp server soley for just relaying a newsletter system?
<stephenHome> we basically I just need a simple ubuntu-server smtp server that is just for relaying
<sommer> stephenHome: This is a guide on Postifx:  https://help.ubuntu.com/7.04/server/C/postfix.html
<sommer> if you follow that you should be able to setup users on the local machine and they can relay using SMTP AUTH.
<stephenHome> excellent - that statement alone actually helped clarify something for me thank you
<stephenHome> so if I already have postfix on a current ubuntu build the smtp auth uses the local users of the linux box
<sommer> correct
<stephenHome> think I was making it more complicated than it really was :P
<sommer> heh... if you're first staring out projects like that always seem big :)
<maek> any way to somehow see pkgs sorted by install date?
<sommer> ScottK, lamont: if you get a chance could you review this wiki page: https://help.ubuntu.com/community/Postfix
<sommer> I updated it based on our converstation about chroot, sasl, and postfix earlier in the week.
<sommer> if it looks okay to you I'll then update the "official" docs based on it.
<nomego> hey guys
<nomego> I'm having problems with a SSL-site for dokuwiki on gutsy server
<nomego> when I enable it, all my ssl-sites fail
<nomego> I don't even see an error message in the logs
<nomego> this is the configuration for the vhost: http://pastebin.com/m47b88b42
<nomego> any ideas?
<lamont> sommer: understanding SASL is on my list of things to do.... I'll look forward to updating postfix based on your document... :-(
<sommer> lamont: cool thanks lamont.
#ubuntu-server 2007-10-28
<falloutsyndrome> Anyone here able to help me set a static local IP?
<ScottK> sommer: Leaving for UDS now.  Ask me again.  I'm certain I'll forget.
<osmosis> how do I get it so that when I ssh to a host it doesn't ask me for my ssh key keyphrase every time?  kind of defeats the purpose. SHouldnt it just ask me once and then let me be for x minutes?  Enter passphrase for key 'id_rsa':
<osmosis> What config setting on a ssh server would prevent public key authentication from working?
<osmosis> is there an easy way to get php4 onto gutsy?
<close2__> hello, i have a software-raid 1; if remove 1 disk my system won't boot
<close2__> i had this problem already, and someone told me to change an option for mdadm in the initramdisk
<close2__> but I can't find this file
<close2__> (it worked the last time, I am installing another machine)
<ivoks> where does the boot stops?
<close2__> when the initrd should activate the raids
<close2__> i was told that the default configuration refuses to boot into a degenerated raid
<close2__> even if it is raid-1
<close2__> there was an option somewhere to turn this behavior off.
<ivoks> ah, right...
<ivoks> i don't know for that option :/
<close2__> where should I look for the mdadm.conf file which is used in the initrd?
<ivoks> in /etc
<close2__> ok
<zobbo> Does Ubuntu have an 'official' imap server? cyrus or courier ?
<ivoks> dovecot :)
<zobbo> :)
<leonel> ivoks: was you affected with dovecot  and the  DTS change .. or was just me  because I was in a wrong zonetime  and changed ...
<leonel>  dovecot: Time just moved backwards by 213 seconds. This might cause a lot of problems, so I'll just kill myself now.
<leonel> this was the message and  yes .. dovecot was stopped
<ivoks> leonel: it's possible
<ivoks> leonel: once i had broken date on my comp
<ivoks> and dovecot died on me
<ivoks> once i updated it
<leonel> ivoks:  it's possible you got affected  or  did you got affected ?
<ivoks> leonel: i have >10 mail servers
<ivoks> no one called :)
<soren> Mine didn't die.
<ivoks> i juset cheked 3, all are ok
<leonel> so probably was because  I changed the timezone  because I was in the wrong timezone  and the time changed ..
<ivoks> clock was changed at 3AM?
<leonel> let's see what happens  in the next time changed
<leonel> ivoks:   1 server didn't   but the rest ubuntus machines  ( no dovecot )  did change
<leonel> ivoks: and  that server was in other timezone
<leonel> so when I corrected the time zone the clock changed and dovecot  died ..
<ivoks> i just took a look at mail.log
<ivoks> it worked fine at 2:59, and at 2:00
<ivoks> so, that must be cause of timezone change
<leonel> ivoks: yes  I think  that's why I wanted to confirm  and if your servers  didn't killed dovecot  then  .. that's why mine  died ..
<leonel> thank you
<ivoks> soren: it was desktop backup :)
<soren> ivoks: Oh, good. That means I didn't miss much :)
<ivoks> :)
<maeth> hi, i got firestarter installed and im currently using it to share my internet connection to my local network, due to some problems with VPN managament on Firestarter, i have decided not use it anymore... how can i share internet connection without it?
<Burgundavia> maeth: firestarter uses iptables to share out the internet connection
<Burgundavia> I don;t know exactly, but look for an iptables tutorial on one
<ivoks> /sbin/iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
<ivoks> echo "1" > /proc/sys/net/ipv4/ip_forward
<ivoks> like that
<ivoks> oh, both left
#ubuntu-server 2008-10-20
<arrrghhh> will intrepid server use kernel 2.6.27-something?
<hads> Yah
<arrrghhh> schweet.  i hear the ntfs-nfs problem is no more in that kernel.
<arrrghhh> i'm using the nfs-user-server package instead of the kernel-server package.  i'd much rather have nfs run in kernel-space instead of user-space.
<arrrghhh> and i can just do an aptitude safe-upgrade on oct 30th and get intrepid?
<hads> You should use do-release-upgrade
<arrrghhh> i've never used that one
<arrrghhh> can i do that right now and get the beta?
<hads> Should be able to, might need a flag
<arrrghhh> like -d
<hads> Probably
<arrrghhh> well on my server i'd rather wait.  i'd really like the new kernel, but i'd much prefer stability.
<arrrghhh> the -m switch for mode - server or desktop.  is the mode assumed based on the current running system i hope?
<tr-33> can anyone help me with getting iptables to accept incoming connections on port 80 and forward these connections to an internal ip
<golb> with vm-builder, i'm supposed to have an Ubuntu intrepid installed first before running the script, aren't i?
<rascov> tr-33: iptables -t nat -A PREROUTING -p tcp -d <publicIP> --dport 80 -j DNAT --to <privateIP>:<port>
<scuser> hi all, how can I disable simple bind in openldap ?
<kraut> moin
<RockHound> hi everyone, question about mysql master/slave setup: the logrotate script on the slave fails as debian-sys-maint differs per host. How do I handle this? Just copy the debian.cnf to every host? or create a different maint user for each host?
<mathiaz> RockHound: you could replicate each maint user on the master.
<mathiaz> RockHound: so that every slave has all of the debian-sys-maint.
<mathiaz> RockHound: hm - it may not actually work now that I think of it,
<RockHound> ;-)
<mathiaz> RockHound: Your only option is probably to use the same debian-sys-maint on every host.
<RockHound> or create different users for each ost
<RockHound> *host
<mathiaz> RockHound: right - but then you'd have to modify the debian.cnf anyway
<RockHound> true
<RockHound> okay will just go ahead and run with the same debian.cnf ...
<mathiaz> RockHound: seems like the easiest way to do it
<scuser> hi all, how can I disable simple bind in openldap ?
<RockHound> scuser: check the slapd admin manual on slapd.org ... big section about security .. don't know it from the top of my head
<scuser> RockHound: I can't find slapd.org
<RockHound> http://www.openldap.org/doc/admin24/
<RockHound> sorry
<RockHound> section 13.3
<mathiaz> erichammond1: hi - have you been able to boot an ec2 guest built with vmbuilder?
<scuser> hi all, any help with that error "unwilling to perform simple authentication" ?
<scuser> hi all, how to configure an ldap client not to do simple authentication ?
<wo0f> is there a ubuntu-server XEN iso out there?
<wo0f> or is it a case of installing xenified drivers after iv virtualized it?
<yann2> I think the latest python-vm-builder can create images usable by XEN
<yann2> + it lets you configure a lot - you should have a look :)
<wo0f> oo
<wo0f> that looks exactly what im after :D (Y)
<wo0f> cheers yann2
<yann2> the clever one is in intrepid but you may find a backport :)
<scuser> hi all, how to configure an ldap client not to do simple authentication ?
<uvirtbot`> New bug: #286290 in postfix (main) "upgrade process hangs" [Undecided,Incomplete] https://launchpad.net/bugs/286290
<scuser> hi all, can anyone tell me what are the available SASL_MECH options ?
<scuser> hi all, can anyone tell me what are the available SASL_MECH options in the ldap.conf file ?
<MuelleJ> A software package I am trying to install is requiring libstdc++-libc6.2-2.so.3, can I install the libstdc++-libc6.2-2 package from gutsy in hardy?
<scuser> hi all, does anyone know how to force the client not to do simple authentication, which configuration file should I modify ?
<MuelleJ> scuser: can you elaborate, I don't understand
<scuser> MuelleJ: I'm trying to login to a client which is configured to do simple authentication in order to login; the users are stored in an ldap database which is configured not to allow simple authentication so I want to disable simple authentication in order to have a successful login, got it ?
<RockHound> scuser: with what are you trying to login?
<scuser> RockHound: the client is configured to login via kerberos
<RockHound> What is "the client"?
<scuser> RockHound: a simple computer in the network, you can call it a terminal a PC or whatever
<scuser> RockHound: any ideas
<RockHound> it is using kerberos to access a kerberos real which has LDAP as its backend?
<RockHound> or pam_ldap?
<scuser> RockHound: exactly, no pam_ldap
<RockHound> but there must be a pam module somewhere?!
<RockHound> no specifically for ldap but for kerberos
<scuser> RockHound: pam_krb5 is the one which I use
<RockHound> okay ... so the problem lies in the communication between kerberos and openldap?
<scuser> RockHound: yes
<scuser> RockHound: so could you help me with that or just give me guidance ?
<RockHound> scuser: I have not implemented such a setup myself but have you tried googling at all?
<scuser> RockHound: for almost one week :D
<RockHound> what is the exact error that you are getting?
<scuser> RockHound: the server logs reports "unwilling to perform simple authentication" error
<RockHound> http://www.semicomplete.com/articles/openldap-with-saslauthd/ maybe
<RockHound> but to answer your questions about SASL_MECHs: http://linuxcommand.org/man_pages/saslauthd8.html
<RockHound> and google really is your friend
<nijaba> RockHound: do you know about http://manpages.ubuntu.com/ ? Quite useful as well --> http://manpages.ubuntu.com/manpages/hardy/en/man8/saslauthd.html
<RockHound> nijaba: well thanks
<nijaba> RockHound: thanks to kirkland whom put it together :)
<nijaba> mathiaz, zul: I am proposing the merge of a couple additions to vmbuilder, could you please let me know what you think? -> https://code.launchpad.net/~nijaba/vmbuilder/libvirt-netopt/+merge/1355
<zul> nijaba: suuuuuure :)
<zul> looks fine to me
<tonyyarusso> Say, what's the server team recommending these days for system backup?
<tonyyarusso> Right now I'm thinking we'd probably want to do daily differential backups to a USB-attached external hard drive, maybe a weekly full backup the same way, and then a monthly backup of the most critical components to DVD+RW.
<nijaba> tonyyarusso: backuppc or bacula
<nijaba> backuppc is simpler, bacula VERY complete
<tonyyarusso> Does complete = complicated?  :P
<nijaba> tonyyarusso: as well, unfortunately
 * tonyyarusso looks at package descriptions
<tonyyarusso> We could probably get away with something simple for now (one machine), but it might be a good idea to learn the more scalable option while we're at it I suppose.
<nijaba> tonyyarusso: I think it would be a sane investment, if you have a bit of time
<tonyyarusso> In random other thoughts, samba should probably be a recommends instead of a depends for backuppc...
<tonyyarusso> also odd that bacula is in main, yet lists MOTU as the maintainer.  :P
<nijaba> tonnyarusso: mmh, that would not change much since with 8.10, recommends gets pulled by default as well, unless that's a policy comment, in which case I could not accurately comment
<nijaba> zul: see ^^, should we fix that?
<zul> tonyyarusso: yeah we should
<zul> i dont think its a big deal though
<tonyyarusso> Okay, next question:  Given recent changes to consumer data privacy law, I'd like to be able to keep the data in certain MySQL databases (but preferably not all of them) encrypted.  Is there a way to do that, or would you have to do whole partitions for it to work?  (I'm not familiar enough with how MySQL stores the data on disk.)
<tonyyarusso> zul: No, not big.  I'll drop a bug in though.
<zul> k
<tonyyarusso> Huh - according to http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389793 samba actually is needed.  Probably a bug in itself, but that's beyond the scope of what I know.
<uvirtbot`> Debian bug 389793 in backuppc "backuppc: Should not depdend on smbclient, samba-common | samba-tng-common" [Normal,Open]
<tonyyarusso> I believe http://blog.i64.pl/PiosBlog/200609/01-secure-mysql-database/ answers the latter question.  Nifty.
<Koon> nxvl: congrats on your motu-sru nomination. I could use some movement on bug 179447 :)
<uvirtbot`> Launchpad bug 179447 in tomcat5.5 "Installation of tomcat5.5 fails if sun-java-jdk is not installed" [Medium,Fix released] https://launchpad.net/bugs/179447
<mathiaz> nijaba: I'd add some checks for the net-virtio option as some distro don't support virtio at all (< hardy)
<mathiaz> nijaba: I don't know however how easy that could be implemented.
<nxvl> Koon: just send me an e-mail to check it after work hours
<nxvl> :D
<nijaba> mathiaz: hmmm, no, network virtio is supported on hardy, not the bd part.
<mathiaz> nijaba: dapper doesn't support network virtio
<nijaba> mathiaz: but I'll do some checking for older os, you are right
<nijaba> s/os/suite
<mdz> dendrobates: I just installed a recent server daily into KVM using LVM and it doesn't boot.  GRUB says "Error 15: file not found"
<dendrobates> mdz: hmm,  can you create a bug?   kirkland can you reproduce it?
<mdz> dendrobates: I just phoned cjwatson and he is looking into it
<mdz> dendrobates: it looks like it is using GRUB and uuid when it shouldn't be
<kirkland> dendrobates: i'm downloading the server iso now
<mdz> kirkland: I'm about to head onto a phone call but if you tell me which package, I'll get a bug filed when I get off
<kirkland> mdz: file against grub, assign to me, and i'll reclassify as per necessary
<nijaba> mathiaz: --net-virtio check added in the branch
<mathiaz> nijaba: ok - looks good to me. I don't know if it's a good thing to merge it in trunk now.
<nijaba> mathiaz: how so?
<mathiaz> nijaba: this is a new a feature - and we'll have to ask for a FFexception
<nijaba> mathiaz: gah, right :(
<mathiaz> nijaba: there is a bunch of new code already - most of it is bug fix.
<mathiaz> nijaba: the ec2 plugin is the only one that qualifies as a new feature.
<tonyyarusso> nijaba: Do you happen to know if the version of dvd+rw-tools in Ubuntu has the patch needed for Bacula mentioned at the bottom of http://www.bacula.org/en/dev-manual/System_Requirements.html ?
<mathiaz> nijaba: while I agree that this is useful,  I don't think *now* is the best moment to merge it.
<nijaba> mathiaz: ok, np.  maybe I'll add the check on libvirt / kvm only then
<mathiaz> nijaba: yeah - that seems like a good check to have.
<nijaba> tonyyarusso: feisty and > have 7.0 or >, so I'd ask on some bacula chan/ml if they know if the patch has been integrated, is still needed
<nijaba> tonyyarusso: http://packages.ubuntu.com/search?keywords=dvd%2Brw-tools&searchon=names&suite=all&section=all
<tonyyarusso> okay, thanks
<nijaba> mathiaz: ok, rev 252 has it
<kirkland> mdz: dendrobates: i am able to reproduce the problem
<kirkland> mdz: dendrobates: looks like a bug somewhere in the new dm code, as the grub entry is set to root=/dev/dm-0
<kirkland> mdz: dendrobates: which should not be the case
<mdz> kirkland: please liaise with Colin about it, he's looking into it as well
<kirkland> mdz: -> #ubuntu-devel, okay
<tonyyarusso> nijaba: Ah, here we go - "Note, some Linux distros such as Debian dvd+rw-tools-7.0-4 package already have the patch applied"
<nijaba> tonyyarusso: \o/
<zul> nijaba mathiaz: lp:~zulcss/vmbuilder/vmbuilder-bugfixes
<nijaba> zul: great. Will look at it after dinner. Does it include the separate package for ec2?
<zul> nijaba: of course
 * nijaba hugs zul
<zul> nijaba: tries to remember what he was doing ;)
<LordDicranius> I was wondering if anybody could help me decode my "df" output :)
<hylje> which part of it?
<LordDicranius> the device names
<LordDicranius> c0d0p*, c0d1p*, c0d2p*
<LordDicranius> c0d0 conists of 2 physical drives
<LordDicranius> c0d1 and c0d2 both consist of 3 physical drives
<hylje> it's a hardware raid setup
<LordDicranius> c0d1 and c0d2 both are one big partition
<LordDicranius> ah, ok
<hylje> as far as i can tell
<LordDicranius> ok, that makes more sense
<LordDicranius> at a new job and I'm tryin to decipher stuff since according to my IT manager he knows nothing about it, it was setup by the guy they bought it from
<LordDicranius> heh
<LordDicranius> is there a term for the c0d2p1 stretching across 3 physical hard drives?
<hylje> probably striping
<LordDicranius> in trying to research I've come across "physical partitions," "logical partitions", "physical volumes", "logical volumes" - and those are all just confusing me lol
<LordDicranius> oooh
<LordDicranius> rebooting the server and getting to the RAID controller software would probably tell me more, huh?
<hylje> look up how RAID works first
<hylje> you might not see much sense from the config you get without knowing RAID first
<LordDicranius> ok
<LordDicranius> I think that get me on the right path
<LordDicranius> thx for you help hylje :)
<hylje> you're welcome
<nijaba> zul: bzr merge  lp:~zulcss/vmbuilder/vmbuilder-bugfixes
<nijaba> Nothing to do.
<nijaba> zul: did you forget to push your changes?
<zul> yeah....
<zul> lemme check
<zul> *sigh*
<zul> gimme a sec :)
<nijaba> np
<zul> how do you delete branches?
<nijaba> zul: mark them obsolete
<nijaba> zul: click on the yellow pen icon
<nijaba> err s/obsolete/abandoned
<zul> lp:~zulcss/vmbuilder/vmbuilder-ec2fix
<nijaba> zul: re:         return '/boot/vmlinuz-2.6.27-7-server'
<nijaba> 29
<nijaba>  
<nijaba> 29
<nijaba>  
<nijaba> 30
<nijaba>     def xen_ramdisk_path(self):
<nijaba> 30
<nijaba>     def xen_ramdisk_path(self):
<nijaba> 31
<nijaba>         return '/boot/initrd.img-2.6.27-2-server'
<nijaba> 31
<nijaba>         return '/boot/initrd.img-2.6.27-7-server'
<zul> f*ck
<nijaba> zul: does this means we will need to update pvb at each kernel release?
<zul> yep
<nijaba> meh...
<zul> unless if I come up with a way to automatically detect it
 * nijaba tought he selected only one line before pasting...
<nijaba> zul: mhh, let me think about that. /me not too please at the prospect of running after the latest kernel...
<zul> nijaba: what I was thinking was to grab all of the config-2.6.27-*-server files in /boot and look for HVC_XEN and return the latest one by data
<zul> date even
<nijaba> zul: the way versioning works, latest should be last in alphabetical order as well
<zul> true
<nijaba> zul: have time to give a shot at this, or do yo need offloading?
<zul> nijaba: can you look at it, I have to look at why Im doing something wrong here
<nijaba> zul: np
<nijaba> zul: regarding http://bazaar.launchpad.net/~zulcss/vmbuilder/vmbuilder-ec2fix/revision/254?start_revid=255, did you forget to add some python-vmbuilder-ec2.install file?
<zul> indeed, I guess I didnt do a bzr add
<zul> it just contains the ec2 python directory
<nijaba> ok, I'll add it. Thanks
<sandstrom> I have installed php and mysql by themselves. Is there a difference between this and using the tasksel method?
<sandstrom> would it be better to remove apache, php and mysql and install lamp using tasksel?
<nijaba> zul: I would suggest you to install https://pastebin.canonical.com/10376/ as ~/.vim/python
<nijaba> sandstrom: if it works, it means that you should have done it very close to what tasksel would do
<ScottK> nijaba: I think it's a bit rude to use a private pastebin on a public channel like this.
<sandstrom> nijaba: so there is no point in doing it all over with tasksel?
<nijaba> ScottK: oh, sorry,  I thought I used a public one
<sandstrom> tasksel wont glue it all together in any specific way?
<ScottK> nijaba: No.  The canonical one is closed.
<nijaba> ScottK: yes, but I thought I used the ubuntu one.  So here it is: http://pastebin.ubuntu.com/60231/
<nijaba> sandstrom: no, it just makes sure you have a sensible set of packages whose install has been tuned to glue it all together.  So if you picked the same packages, you should be fine
<sandstrom> I picked php5, mysql5 and thats it
<sandstrom> (and apache2)
<nijaba> sandstrom: may need a few more to glue is all, so would advise to just run tasksel to complete
<sandstrom> but I didn't go into build-details on which php module to include or what apach2 modules to include
<sandstrom> thanks
<uvirtbot`> New bug: #286614 in openldap (main) "slapd apparmor profile needs update for multiple databases" [Undecided,New] https://launchpad.net/bugs/286614
<uvirtbot`> New bug: #286616 in openldap (main) "slapd apparmor profile needs update for multiple databases" [Undecided,New] https://launchpad.net/bugs/286616
<Linuturk> is there an rss feed of Ubuntu updates?
<Linuturk> similar to the debian feeds?
<uvirtbot`> New bug: #286643 in bacula (universe) "bacula client configuration is broken out of the box" [Undecided,New] https://launchpad.net/bugs/286643
<mathiaz> nijaba: awesome - all of my test for python-vm-builder are working now!
<nijaba> mathiaz: yes, and rev 253 now merges zul's fixes
<nijaba> mathiaz: there are a couple new bugs for vmware, but I think we'll deal with that later. time for an upload
<mathiaz> nijaba: right - I'll work on doing an upload tomorrow
<mathiaz> nijaba: kvm+libvirt testing works for me now.
<mathiaz> nijaba: I'll have to test the ec2 plugin tomorrow
<mathiaz> nijaba: and then we get something uploaded.
<mneptok> libvirt, you demon bitch goddess.
<mneptok> oh, sorry. was that out loud?
<tonyyarusso> Speaking of which, anyone want to explain the concept of KVM in oversimplified terms?  (I used VMware Fusion briefly, but I still don't really understand the different types of virtualization and whatnot, and what host/guest pairings work in each, etc.)
<tonyyarusso> I have a friend who'd like to have a Windows guest on his Ubuntu server for the sole purpose of running a distributed rendering application, so I'm starting to look into how that could be done with KVM and how it works.
<nijaba> zul: here is my experimental branch for xen https://code.launchpad.net/~nijaba/vmbuilder/xendiscoverkernel
<zul> kvm+special hardware+heady goodness
<zul> nijaba: coolio
<gsanatci> hi
 * nijaba -> bed
<nijaba> goodnight
<gsanatci> I installed ubuntu desktop edition 8.04, but i'm using like server (mysql). I'm not sure, is it correct ?
<gsanatci> Maybe i'm loosing to much performance.
<gsanatci> i think, all peoples sleeping :)
<gsanatci> good night guys.
<trashguy> [Solars],
<trashguy> what was the torrent thing u showed me
#ubuntu-server 2008-10-21
<sandstrom> I'm about to setup the firewall for my server. Do you recommend ufw or iptables?
<tonyyarusso> Isn't ufw essentially just another frontend to iptables?
<tonyyarusso> Looks like it, yeah.  So as far as security, it doesn't matter.
<uvirtbot`> New bug: #286678 in samba (main) "Samba transfer of multiple files very slow" [Undecided,New] https://launchpad.net/bugs/286678
<osmosis> does linux support AHCI RAID?
<zul> nijaba: yeah something like that but it has to be a built smarter because afaik xen is not configured in the -generic kernels
<kraut> moin
<BlueT_> moin
<scuser> hi all, does any one know how to force a linux box not to use simple bind when trying to login ?
<uvirtbot`> New bug: #286828 in samba (main) "CIFS share broken after upgrade from 8.04 -> 8.10" [Undecided,New] https://launchpad.net/bugs/286828
<scuser> hi all, does any one know how to force a linux box not to use simple bind when trying to login ?
<RockHound> scuser: you are still at it?
<scuser> RockHound: yes :'(
<RockHound> have you asked in other chats? openldap, kerberos etc?
<scuser> RockHound: I'm trying at ubuntu and openldap but in vain
<RockHound> scuser: maybe you should rethink how you phrase the question
<scuser> RockHound: simply now I found that I need to let the client know somehow how to bind, I think the user to bind and the method but I don't know how or where to configure this
<scuser> RockHound: the client now try to use simple bind and the server deny this and I want the client to use another method other than simple bind. This is the question now
<RockHound> again: which tools / services are you asking your question for? No one here can read your mind of what your setup looks like.
<scuser> RockHound: I'm using ubuntu 8.04 I have installed kerberos 5, slapd and ldap-utils as my client those are the tools I've installed
<scuser> RockHound: In the startup of the system I want the system to contact ldap server to get the user info so I get it a ticket and I want the system to use it when It's trying to connect to ldap not to use simple bind as this is risky and insecure
<soren> scuser: I think you'll have more luck if you ask how to get it to "do X" rather than ask how to get it to "not do Y".
<soren> scuser: The answer to the latter is always simple: Turn the machine off. :)
<RockHound> soren: ;)
<RockHound> scuser: to get a helpful answer, rephrasing the question to get a precise and accurate short description of what you want to do. I am sure that the openldap chat can help you then.
<scuser> ok thanks a lot :)
<RockHound> and googling for kerberos, sasl, ldap, pam should really show you something
<uvirtbot`> New bug: #286851 in php5 (main) "CVE-2008-3658,2008-3659,2008-3660" [Undecided,New] https://launchpad.net/bugs/286851
<scuser> hi all, does anyone know how to make a script that runs automatically and renews a kerberos ticket in certain time every day?
<nijaba> scuser: cron would allow you to run such a script on a regular basis.  now I have no clue what the kerberos ticket renewal would look like
<scuser> nijaba: It's just using kinit command to get a new ticket after the old one expires
<nijaba> scuser: then you should be set to add it to your user's cron
<scuser> nijaba: so what packages I have to install to have a cron and add my script to it?
<nijaba> scuser: nothing, should be installed by default.  see http://manpages.ubuntu.com/manpages/hardy/en/man1/crontab.html
<phaidros> hi, where is the correct place to report a failing ubuntu mirror? (debian.charite.de doesn't have /ubuntu anymore)
<henkjan> phaidros: #ubuntu-mirrors
<phaidros> henkjan: thx
<nijaba> phaidros: see also http://www.ubuntu.com/getubuntu/mirror/4
<scuser> nijaba: I can't find cron.allow or cron.deny and I can't find any crontab for any user on my system how can I add a crontab for a user and add scripts to it?
<nijaba> scuser: crontab -e should add it for you, IIRC
<scuser> nijaba: and what to write in that file?
<hads> man crontab will show you
<wo0f> yo
<wo0f> how easy is it to set up Ubuntu Terminal Services?
<wo0f> is there just a meta package and gui interface?
<RockHound> wo0f: take a look at ltsp
<gabryfan82> I am A server for only apache and php, i use gmail (google apps), i should used the php mail function, what MTA I use, what configure this?
<gabryfan82> thank's
<gabryfan82> thank's
<gabryfan82> I am A server for only apache and php, i use gmail (google apps), i should used the php mail function, what MTA I use, what configure this?
<gabryfan82> I am A server for only apache and php, i use gmail (google apps), i should used the php mail function, what MTA I use, what configure this?
<henkjan> gabryfan82: try postfix
<gabryfan82> ok i try this
<gabryfan82> now
<gabryfan82> apt-get install postfix
<gabryfan82> I HOW CONFIGURE THIs?
<gabryfan82> only local?
<henkjan> please, don't use CAPS
<gabryfan82> yes sorry
<gabryfan82> only local?
<gabryfan82> i how configure this?
<gabryfan82> only local?Ã¹
<henkjan> i suppose you wan't to send mail from the server
<henkjan> do you want to use a smarthost (smtp server from your provider)
<henkjan> else choose internet
<gabryfan82> only server -> user don't user -> server
<gabryfan82> site internet?
<gabryfan82> msarthost use ssl?
<gabryfan82> for gmail?
<henkjan> don't use smarthost
<henkjan> use internet site
<gabryfan82> ok
<gabryfan82> i try this
<gabryfan82> function on NAT also?
<henkjan> that should also work behind nat
<gabryfan82> dont work
<gabryfan82> how configure php?
<henkjan> wiki.ubuntu.com
<henkjan> and search
<gabryfan82> ok thank's
<ScottK> Any documentation on which Sun boxen are supported by the sparc port?
<zul> modern sparc
<ScottK> zul:  Is a 4800 modern (I've no idea about Sparc.  Just it's come up somewhere else)
<ScottK> I don't even know if that's Sparc or x86 actually.
<zul> no idea
<henkjan> 4800 looks like sparc highend (max 12 cpus)
<RockHound> http://en.wikipedia.org/wiki/Sun_Fire
<ScottK> Thanks.
<sandstrom> Trying to setup an SSH tunnel, using Localforward 3305 localhost:3306. but it doesn't work
<sandstrom> I've setup sshd to allow AllowTcpForwarding yes
<sandstrom> any suggestions?
<_ruben> hmm .. what was that command again to map dm-X names to /dev/mapper/Y names ?
<Helder_Geocrete> Hey
<Helder_Geocrete> need some advice here on a new server
<Helder_Geocrete> anyone?
<ScottK> !ask | Helder_Geocrete
<ubottu> Helder_Geocrete: Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<Helder_Geocrete> the question is simple...I need to install a new server on this new company i'm working on...and they want to use a MWSBS 2003 /2008. But i'm more inclined to use a linux distro, in this case, ubuntu... So i need to know more about the USE distro... in comparison to MSWSBS 2003/2008
<Helder_Geocrete> thanks in advance :)
<ScottK> What functionality are you interested in?
<Helder_Geocrete> active directory (seems I cannot find it in USE), mail server features, file server and security...
<Helder_Geocrete> ps: newbie in ubuntu...
<Helder_Geocrete> :$
<Koon> Helder_Geocrete: Full Active Directory features are not available, we can do a NT4 PDC at best, or a AD domain member afaict
<Koon> Helder_Geocrete: for the other features see the Server Guide
<Koon> http://doc.ubuntu.com/ubuntu/serverguide/C/
<Koon> that should give you information on how to set up things
<Helder_Geocrete> well, i'm mostly interested in member login /authentication, printer server and file server...so maybe it will do the trick
<Helder_Geocrete> thanks for the info :)
<thefish> Helder_Geocrete: thats all NT4 domain stuff anyway, samba does that but be aware that you wont have the nice windows GUIs to do it all (you also wont have to deal with SBS)
<Helder_Geocrete> well...the gui's aren't the problem...i like some hardcoding from time to time :)
<brewmaster> has anyone ever gotten a "413 Request Entity Too Large" error for "/!svn/vcc/default" in subversion?
<Helder_Geocrete> thanks for the info once again...be going now
<brewmaster> i'm using Apache/2.2.4 (Ubuntu) DAV/2 SVN/1.4.4
<kirkland> mathiaz: intrepid amd64 server manual installation to raid1 on kvm disks succeeded
<mathiaz> kirkland: great - let's see if raid0 and raid5 are working
<mathiaz> kirkland: it may just be an issue with partman-auto-raid that gets stuck
<kirkland> mathiaz: let me check booting degraded right quite
<kirkland> quick
<kirkland> mathiaz: boot degraded continues to work, great
<kirkland> mathiaz: in all of my tests, i have one large / filesystem, and one small swap
<mathiaz> kirkland: right - for raid0 and raid5 you'll have to create another partition for /boot
<kirkland> mathiaz: right
<nijaba> nealmcb: A quote for you "It's not about who votes, but about whom is counting the votes" - attributed to Joseph Stalin
<nealmcb> nijaba: yup - very true.  I've got something like that on a t-shirt
<nealmcb> if there are any django, setuptools, xml, or windows gurus out there who want to help us do a world-class audit of the election this year in Boulder CO, check out http://neal.mcburnett.org/blog/2008/10/18/electionaudits-software-help-audit-election/
<mdz> kirkland: bug 284107 has a request for your input
<uvirtbot> Launchpad bug 284107 in partman-target "Filesystem on iSCSI should have the _netdev option in /etc/fstab" [Medium,Confirmed] https://launchpad.net/bugs/284107
<mdz> kirkland: dendrobates seems to say that it's not necessary yet
<kirkland> mdz: i'll add a comment there, but here's the skinny...
<kirkland> mdz: when we rsync with debian open-iscsi for jaunty, there will be some significant improvements in terms of the boot procedures, including a blip of code in the init script that says:
<kirkland>         log_daemon_msg "Mounting network filesystems"
<kirkland>         MOUNT_RESULT=1
<kirkland>         if mount -a -O _netdev >/dev/null 2>&1; then
<kirkland>                 MOUNT_RESULT=0
<kirkland>                 break
<kirkland>         fi
<kirkland>         log_end_msg $MOUNT_RESULT
<kirkland> mdz: we don't currently have that code in intrepid (and I'm not proposing we add it)
<kirkland> mdz: however, if we do add _netdev to iscsi fstab entries, it could help us on upgrades from intrepid -> jaunty
<kirkland> mdz: otherwise, we'll need some logic to figure out what fstab entries are iscsi and need _netdev added at upgrade time
<kirkland> mdz: https://bugs.edge.launchpad.net/ubuntu/+source/partman-target/+bug/284107 updated accordingly
<uvirtbot> Launchpad bug 284107 in partman-target "Filesystem on iSCSI should have the _netdev option in /etc/fstab" [Medium,Confirmed]
<zul> mathiaz: are you handling that bacula bug?
<mathiaz> zul: yes
<zul> k
<mathiaz> zul: I've already answered
<mathiaz> zul: I'm able to boot a AMI
<mathiaz> zul: but not able to log into it
<zul> cool
<mdz> kirkland: ok, so there's no point at all in changing it for Intrepid unless we add the new init script code as well, which we aren't going to do
<kirkland> mdz: fair enough
<mdz> kirkland: I was just echoing back my understanding of what you said :-)
<kirkland> mdz: yes, that is my recommendation
<kirkland> mdz: i will be syncing/merging open-iscsi and working on it for Jaunty when the archive opens
<kirkland> mdz: but I don't think it's worth change it for Intrepid now
<kirkland> mathiaz: verified lvm install works
<kirkland> mathiaz: RAID0 isn't working so well
<mathiaz> kirkland: does it get stuck?
<kirkland> mathiaz: if i have a separate /boot partition, yeah gets stuck
<mathiaz> kirkland: where?
<kirkland> mathiaz: if i don't have a separate /boot partition, it finishes, but it's not bootable
<mathiaz> kirkland: well - it's normal;
<mathiaz> kirkland: grub doesn't support raid0 AFAICT
<kirkland> mathiaz: okay, but the hang isn't normal
<mathiaz> kirkland: could you run a ps -ef in the vm during install?
<mathiaz> kirkland: agreed. I've seen the same thing.
<mathiaz> kirkland: are you testing on an intrepid host?
<mathiaz> kirkland: and are you doing a manual partition of raid0?
<kirkland> mathiaz: intrepid host, yest
<mathiaz> kirkland: ok - I was thinking it may be an issue with the virtualization stack
<kirkland> mathiaz: manually partitioned, sda1 = 2G, sda2 = 128M, sdb1 = 2G, sdb2 = 128M
<mathiaz> kirkland: as we're using more then one block device to do that experiment
<kirkland> mathiaz: sda1+sdb1 = raid0 of 4G, with /
<kirkland> mathiaz: sda2 = /boot
<kirkland> MatBoy: sdb2 = swap
<mathiaz> kirkland: ok - so if you don't put /boot on a separate partition the installer proceed correctly?
<kirkland> mathiaz: it completes
<mathiaz> kirkland: ok
<mathiaz> kirkland: http://people.ubuntu.com/~mathiaz/intrepid-i386-raid5-ps-ef.png
<mathiaz> kirkland: this is the output of ps -ef when the installer is stuck
<kirkland> mathiaz: hmm, 07root_on_raid is mine....
<kirkland> mathiaz: i've tested the crap out of that on raid1
<kirkland> mathiaz: let me look at that code again
<mathiaz> kirkland: the fact that the install completes when you have /boot on the same partition may point to an issue with boot
<mathiaz> kirkland: you don't have a process fstab.d/hostboot?
<mathiaz> kirkland: I think that's where the problem may be
<mathiaz> kirkland: both raid{0,5} install are stuck with the same processes running
<mathiaz> kirkland: both installs have /boot on a raid1 array in order to be able to boot
<mathiaz> kirkland: I'm gonna head out. Could you investigate this raid install problem?
<kirkland> mathiaz: yeah
<erichammond1> mathiaz: just saw your question of long time ago: I am able to boot vmbuilder EC2 image but not connect to it.
<mathiaz> kirkland: great - I may check back later
<mathiaz> erichammond1: right - it seems that we need to get the kernel modules somehow.
<mathiaz> erichammond1: zul knows more about it
<erichammond1> mathiaz: Been working with him over email, but our communication loop is pretty slow.  We might have different work hours.
<zul> erichammond: hey
<erichammond1> zul: 'lo!
<mathiaz> erichammond1: I think there is a small pond between both of you
<zul> erichammond1: im working on it now and already have a solution and just trying to clear some stuff up
<zul> mathiaz: nah just a border
<erichammond1> zul: nice, look forward to it.
<erichammond1> I'm on the US West coast, but basically keep Hawaii hours :)
<zul> and different timezones
<mathiaz> hm - right - anyway I'm off for now. see ya later
<zul> erichammond1: check your /msgs
<ivoks> hi all
<ivoks> sorry, i didn't make it for the meeting :/
<jcastro> looking for -server sessions: https://wiki.ubuntu.com/UbuntuOpenWeek/Prep
<cyris|> i need to install some ldap tools that will allow me to do some queries against an ldap server. isn't their a package called openldap-tools or something that will give me ldapsearch?
<henkjan> cyris|: there is a package ldap-utils
<sommer> kirkland: I keep getting a grub error 17 when trying to install raid5 using the latest iso... just fyi
<kirkland> sommer: hey, i'm working an issue related in #ubuntu-installer, at the moment
<kirkland> sommer: also, see bug 287112
<uvirtbot> Launchpad bug 287112 in mdadm "intrepid installer hangs when installing to raid0 or raid5" [High,In progress] https://launchpad.net/bugs/287112
<kirkland> that's just been sponsored, not on the iso yet
<kirkland> glad to hear someone else is testing this ;-)
<sommer> kirkland: ah cool, just wanted to make sure
<kirkland> sommer: what does your partitioning look like?
<sommer> kirkland: 3 6.5G ide drives, with one 12.5G partition on the raid array
<kirkland> sommer: raid5 on / ?
<sommer> kirkland: yep
<kirkland> sommer: and where's /boot?
<sommer> kirkland: on the same partition, it wouldn't let me create multiple on the raid array... or did I miss configure something?
<kirkland> sommer: oh, that's a problem....
<kirkland> sommer: we may need to add something to the documentation
<kirkland> sommer: /boot can't be on a RAID0 or a RAID5 device
<kirkland> sommer: must be on it's own partition, or a RAID1
<sommer> kirkland: ooohhh... I figured it may be something like that
<kirkland> sommer: when I use a RAID5, I usually create /boot on my RAID1 devices
<kirkland> sommer: but that's what's broken, at the moment
<sommer> kirkland: the serverguide is frozen, I asked the other day to correct a typo and was denied
<kirkland> sommer: bummer
<kirkland> sommer: sorry, i should have thought about that
<sommer> kirkland: ya, could we add something to the release notes?
<kirkland> sommer: let's put an agenda item for the server guide to discuss raid5/raid1 best practices
<kirkland> sommer: yeah, it'll need to go there
<sommer> kirkland: sounds good
<kirkland> sommer: i wouldn't say it's "common knowledge", but a lot of system admins understand the raid5 limitation of grub/bootloaders
<sommer> kirkland: heh, most of my experience is with hardware raid5 :)
<sommer> kirkland: the whole disk formating filesystem thing can get complicated pretty quick :)
 * sommer is just going to use fat32 from now on
<kandjar> hi
<kandjar> I'm having an issue with my ubuntu server, I can't seem to forward X11 app
<kandjar> through ssh
<kandjar> anyone?
<sommer> kandjar: do you have a gui installed?
<kandjar> no
<kandjar> not on the server
<kandjar> do I need to have a X server on the server box?
<kandjar> I m only logging through ssh to it
<sommer> isn't that what you're trying to do?
<kandjar> I m trying to ssh to the server
<kandjar> using ssh -X or -Y
<kandjar> and having the display redirected to my remote client
<sommer> the server's display?
<kandjar> basically, I m log on a client machine
<kandjar> and I'm trying to get: 'ssh -X server xlogo' working
<trashguy> whats wrong with plain old SSH
<kandjar> ?
<kandjar> I have some xapp I wanna run :)
<sommer> I'm not sure what that is, but without a gui on the server the only thing to display is  console
<kandjar> I m remotely logged on the server
<soundray> sommer, trashguy: haven't you heard of X11 forwarding?
<sommer> yes, but the machine you're forwarding needs a gui... at least when I've done it
<sommer> since by default ubuntu-server has no gui...
<sommer> by default anyway
<soundray> sommer: that's what I'm wondering. I regularly forward a machine that doesn't have a full GUI installation -- but it must have some base X packages that kandjar is missing.
<nikkolay> hi guys. I need to move some instalation, but i need to backup a few mysql db... can i copy the /var/lib/mysql to the new server?
<nikkolay> or that doesn't work?
<sommer> nikkolay: I'd use mysqldump
<nikkolay> ok
<trashguy> soundray, X11 on a server?
<nikkolay> maybe something like: mysqldump --all-databases > /home/nikko/bakcups/mysql.sql
<nikkolay> ?
<trashguy> what kind of insanity is this
<soundray> trashguy: not everything that you cannot immediately relate to is insanity
<soundray> trashguy: I'll give you an example, if you're interested
<trashguy> I can see
<trashguy> no reasoning of waisting server resources on x
<soundray> That's the point, there is no wasting of resources
<trashguy> unless you are doing some sort of thin client thing and the soul purpose is centralized desktop etc
<soundray> I'm running CPU intensive processes on a remote cluster. It outputs images to a filesystem local to the cluster.
<trashguy> okay
<soundray> To view those images, I log into the login server of the cluster with X forwarding enabled and launch a viewer that displays selected sections from 3D or 4D image volumes.
<soundray> The graphical output is forwarded through an encrypted tunnel to be displayed locally on my (full) X server.
<soundray> The remote machine needs only basic X functionality installed, e.g. xauth
<trashguy> i did something similar with a render cluster
<trashguy> i just set up webdav to remotely open the images
<soundray> which, btw, was what was missing on kandjar's server. Now it's installed -- problem fixed
<soundray> trashguy: doesn't that mean that you have to transfer the entire file before it can be displayed?
<trashguy> yes
<trashguy> i can see
<soundray> That would be a clear disadvantage for my scenario
<trashguy> yes
<trashguy> i agree
<trashguy> majority of the people i see running x is to avoid command line though
<soundray> Burn them at the stake!
<soundray> :)
<trashguy> i been using freebsd to long im a cli nazi
<trashguy> ^^
<uvirtbot> trashguy: Error: "^" is not a valid command.
<trashguy> Zimbra doesn't play nice
<trashguy> with FreeBSD
<trashguy> so here I am ;)
<soundray> Content management?
<trashguy> Exchange alternative
<soundray> Oh, groupware
<soundray> trashguy: do you have a suggestion for calendar and todo lists that works well on the command line?
<soundray> A PIM application?
<trashguy> soundray, not somuch on CLI
<trashguy> i been inundated by the bras on how much they loved outlook at their old jobs
<trashguy> s/bras/brass/
<soundray> trashguy: I'll try 'when'
<trashguy> we are currently using oracle calendar
<trashguy> it iwll be nice when that is gone and I have one less solaris machine to deal with ^^
#ubuntu-server 2008-10-22
<BuffaloSoldier> what's the future plan for default MTA? Is it will still be Postfix? Any plans to change to Exim or etc?
<henkjan> i've not seen any discussion about the default MTA in ubuntu
<henkjan> but both postfix and exim are in main, so fully supported
<tonyyarusso> There hasn't been any mention of a change on the mailing list at least.
<BuffaloSoldier> thanks henkjan and tonyyarusso for the info :)
<highvoltage> soren: howdy
<soren> highvoltage: Hey :)
<henkjan> http://capslockday.com/
<henkjan> ALL IN CAPS TODAY
<highvoltage> soren: I hope it's ok for me to ask you directly, but I assumed that pretty much any core 2 duo supports the virtualisation required to use KVM, was that a bad assumption?
<hads> Not all
<highvoltage> ah, I just found out that my specific one isn't supported :'(
 * highvoltage crawls into fetal position and cries
<henkjan> highvoltage: bad luck
<henkjan> highvoltage: its not only your mobo that has VM extensions disabled?
<highvoltage> henkjan: a friend just let me know that the T5750 (which I happen to have) is one of the few cpu's that don't support it. I guess it's just bad luck. next time I'll check that carefully before buying new hardware.
<henkjan> highvoltage: ah, i found a list with core 2 duo's without VT at http://www.chiplist.com/ChipList2/chiplist_display_section.php?id=2205&page_number=&chiplist_version_major=&chiplist_version_minor=&chiplist_version_revision=&chiplist_version_extension=&chiplist_version_release_date=&chapter_number=19&section_number=2&subsection_number=0&paragraph_number=0&view_mode=tree2a&expansion=2
<henkjan> highvoltage: realy bad luck for you
<soren> highvoltage: Yeah, I'm afraid there's a few that don't. I never quite understood why :/
<Koon> henkjan: also see http://en.wikipedia.org/wiki/X86_virtualization#Intel_Virtualization_Technology_.28Intel_VT.29
<Koon> "Core 2 Duo all except E8190, E7xxx, E4xxx, T5200-T5550, T5750"
<hads> And some older ones
<henkjan> highvoltage: any change to return your proc to the shop for a VT enabled one?
<highvoltage> henkjan: that's a good idea. I'll call them today
<Koon> highvoltage: if you tell them you want a T7xxx they will probably be happy to sell you a extra $$
<kraut> moin
 * Koon grumbles for having missed bug 287126
<uvirtbot> Launchpad bug 287126 in tomcat6 "/var/lib/tomcat6/temp not writable by tomcat" [Undecided,New] https://launchpad.net/bugs/287126
<highvoltage> Koon: *nod*
<uvirtbot> New bug: #287420 in likewise-open (main) "likewise winbindd dumps core on startup" [Undecided,New] https://launchpad.net/bugs/287420
<Helder_Geocrete> Here's the thing... My company need's to assemble a new server, and i'm thinking on a VPN solution for the job, using the Ubuntu Server Edition. The idea is to remotely share folders and maybe printers (dunow if it is possible), authenticate using the server dhcp and work as if they were working on the LAN. Plus, I'm may need to remotely administrate the server, so if anyone has any...
<Helder_Geocrete> ...sugestion on tools or suggestions that I can use for the job, I'd be thankfull (sorry for my english, I'm portuguese :))
<Helder_Geocrete> BTW - I've searched the web and came up with the openVPN and openSSH solutions, dunow if they will do the trick :)
<hylje> hmph, box doesn't like booting from the cd
<Helder_Geocrete> (forgot to mention that the client machines will be using windows XP professional)
<hylje> (it's a ibm eseries xseries 335 from circa 2003-2004)
<hylje> with no ability to produce floppies i'm leaning towards network setup; would that be feasible at all?
<hylje> Helder_Geocrete: look up samba and what it can do for you. it doesn't however do VPN, that's for sure
<Koon> Helder_Geocrete: by "remotely" you mean "over an untrusted network" ?
<Koon> Helder_Geocrete: if this is the case, there are two different issues in your project : secure remote access and print/fail sharing
<Helder_Geocrete> yep
<Helder_Geocrete> that's the thing i'm after
<Koon> openVPN can handle the first part in a Windows-firendly way
<Koon> samba is your best bet for the second part
<Helder_Geocrete> :)
<Helder_Geocrete> so I don't need openSSH, right?
<Koon> well you could do the VPN tunnel with openssh too
<Helder_Geocrete> but openVPN is more windows Friendly, right?
<Koon> but I would advise using openVPN as it is better integrated with Windows
<Helder_Geocrete> yep...a must in this project...
<Helder_Geocrete> thanks for the tips
<Koon> Helder_Geocrete: np, I hope you'll succeed ;)
<Helder_Geocrete> btw hylje, don't you need to boot from cd in order to access the network setup?
<Helder_Geocrete> or does the PC boots itself from the network?
<Helder_Geocrete> thanks ;)
<Koon> mathiaz: about bug 287126, I prepared a debdiff on that bug, should I subscribe ubuntu-release now or just look for sponsoring first ?
<uvirtbot> Launchpad bug 287126 in tomcat6 "/var/lib/tomcat6/temp not writable by tomcat" [Medium,In progress] https://launchpad.net/bugs/287126
<mathiaz> Koon: I've subscribed ubuntu-release and will sponsor it once we've got the ack.
<mathiaz> Koon: it's not RC critical, so that will have to wait until RC is released.
<Omahn> Hello server people. I noticed in the recent server team minutes that you are looking for testing on ESX. I have access to a ESX cluster and would be more than happy to assist as we're currently evaluating Ubuntu server to run on it anyway, sounds like a nice win win to me..
<[Solars]> can a server have multiple identd running with different idents
<mathiaz> https://wiki.ubuntu.com/Testing/Cases/ServerInstall#JeOS%20Install%20on%20ESX
<mathiaz> Omahn: ^^
<mathiaz> Omahn: that seems like a good plan - please have a look at the url above
<mathiaz> Omahn: we're currently testing the isos for 8.10 RC
<mathiaz> Omahn: let me know if you have other questions.
<Omahn> mathiaz: I'll check it out, thanks.
<mathiaz> Omahn: if you could register at http://iso.qa.ubuntu.com/
<mathiaz> Omahn: this is where we track the results
<mathiaz> Omahn: for the -server cds, there is a test case for JeOS on ESX
<mathiaz> Omahn: this is the test you could help with and report whether it succeeded or not
<mathiaz> Omahn: https://wiki.ubuntu.com/Testing/ISO/Procedures <- gives an overview of the ISO testing procedure
<Omahn> Copied that too, thanks.
<Omahn> I'm at a Linux expo tomorrow but hopefully I'll have some results on Friday.
<mathiaz> Omahn: ok - by then 8.10 RC should be out
<mathiaz> Omahn: so you could test that one.
<Omahn> No problem.
<Helder_Geocrete> hey... is it advisable to have a minimal graphical support (Xserver, for instance) in a Ubuntu Server for remote administration?
<mathiaz> Helder_Geocrete: remote administration is mainly done via ssh and the command line
<Helder_Geocrete> is webadmin a good tool?
<mathiaz> Helder_Geocrete: if you still wanna have a gui on the server, you may wanna check the servergui page
<mathiaz> !servergui | Helder_Geocrete
<ubottu> Helder_Geocrete: Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
<Helder_Geocrete> thanks for the tip :)
<uvirtbot> New bug: #287126 in tomcat6 (main) "/var/lib/tomcat6/temp not writable by tomcat" [Medium,In progress] https://launchpad.net/bugs/287126
<uvirtbot> New bug: #287452 in tomcat6 (main) "/var/lib/tomcat6/temp directory could be cleaned up at each tomcat6 restart" [Low,Triaged] https://launchpad.net/bugs/287452
<Deeps> W8TAH W8TAH THERES A FLY IN MY SOUP
<Deeps> *ahem*
<Omahn> Am I right in thinking that Ubuntu JEOS is just an option from the Ubuntu Server ISO now?
<W8TAH> excuse me?
<Deeps> W8TAH: sorry, bad joke.
<mathiaz> Omahn: correct
<Omahn> mathiaz: Thanks.
<mathiaz> Omahn: the JeOS iso hasn't been merged into the -server iso
<W8TAH> ahh -- W8TAH != waiter   W8TAH = whisky eight tango alpha hotel -- my amateur radio call sign
<Omahn> mathiaz: I'm guessing it was just a different seed anyway?
<mathiaz> Omahn: you can choose it by pressing F4 at boot
<Deeps> hehe
<Omahn> ah, ok. Is it a different kernel too?
<mathiaz> Omahn: correct - a different seed is selected.
<mathiaz> Omahn: the -virtual kernel is used and only ubuntu-minimal is installed.
<mathiaz> Omahn: technically the -virtual kernel is just the -server kernel
<Omahn> Ok.
<mathiaz> Omahn: the difference is in the modules that are shipped.
<Omahn> Just trying a test ESX install now..
<mathiaz> Omahn: the -virtual kernel doesn't have *all* of the -server kernel modules
<mathiaz> Omahn: -virtual has around 30M of modules while -server has more than 100M of modules
<Omahn> That makes sense. Is it tuned to any particular hypervisor or just enough modules to cover kvm/esx?
<Omahn> Oh dear. Caused a panic in the VCPU.
<mathiaz> Omahn: hm - good question. soren or zul may have a better answer for that one
<Omahn> Oct 22 13:31:36.999: vcpu-0| [msg.log.monpanic] *** VMware ESX Server internal monitor error ***
<Omahn> Oct 22 13:31:36.999: vcpu-0| vcpu-0:NOT_IMPLEMENTED devices/lsilogic/lsilogic_monitor.c:1033 bugNr=45420
<Omahn> That's not good.
<soren> Omahn: It's meant to cover any known hypervisor.
<zul> afaik its not optimized for one hypervisor over another
<Omahn> np.
<zul> Omahn: what if you use an IDE drive?
<Omahn> zul: IDE is not supported on ESX.
<zul> really? that sucks
<Omahn> Hmm.
<soren> zul: IDE? Yeah, tell me about it.
<Omahn> Just trying again with a BusLogic SCSI adapter instead of LSI.
<soren> The LSI one ought to work, though. Hm..
<Omahn> LSI one in 8.04 works
<soren> Oh, shite.
<soren> Omahn: Could you please try with the server kernel?
<Omahn> soren: This is the server iso.
<Omahn> generic kernel by the looks of it though.
<soren> O_o
<soren> Oh, this is still in the installer, of course.
<Omahn> True.
<Omahn> ESX panic'd in the installer as soon as the modules loaded.
<soren> Yes, the installer always uses the generic kernel, but might install a different one.
<Omahn> Ok, installs fine with BusLogic adapter.
<Omahn> *installs and boots
<Omahn> Hasn't installed linux-virtual though.
<Omahn> Has anyone else tested this on ESX yet?
<Omahn> Guess not. I'll file a report.
<soren> Don't know.
<nijaba> Omahn: I think mathiaz was trying to test virtual on ESX but had some connectivity issues
<mathiaz> Omahn: nope
<mathiaz> Omahn: how did you check if linux-virtual was installed?
<Omahn> dpkg -l linux-virtual
<Omahn> I'm more concerned about the ESX panic. Just reporting it as a bug now.
<mathiaz> Omahn: right - that's more important
<mathiaz> Omahn: is ubuntu-standard installed?
<Omahn> mathiaz: Yes.
<Omahn> mathiaz: What logic are you using to determine the platform?
<mathiaz> Omahn: hm - what do you mean?
<mathiaz> Omahn: you have to manually select to install a minimal virtual machine at the boot?
<Omahn> Ok. I just wondered if some auto detection was going on.
<Omahn> Just trying again with LSI.
<mathiaz> Omahn: no. soren has some plans to figure out if the machine is running as a guest. But that's not for intrepid.
<mathiaz> Omahn: Boot CD, select your language and press F4, pick "Install a minimal virtual machine"
<mathiaz> Omahn: ^^ that's what you have to manually do to install the -virtual flavor.
<Omahn> np.
<soren> Omahn: It was meant to happen, but I never got around to it. I've got detection code for several different hypervisors already. It just needs to get implemented in the installer.
<Omahn> F4 gives 'Install a minimal system', is that the same as install a minimal VM?
<soren> Yes.
<Omahn> Cool. Trying amd64 this time.
<mathiaz> Omahn: no
<mathiaz> Omahn: you should get an 'Install minimal vm guest'
<mathiaz> Omahn: there should be three options when you press F4.
<Omahn> mathiaz: Afraid not. I get 'Install a minimal system', and only two options.
<mathiaz> Omahn: which iso are you using?
<mathiaz> Omahn: which version?
<Omahn> both x86 and amd64, server-beta. md5s to follow:
<mathiaz> Omahn: hm - I don't think the beta have the third option.
<mathiaz> Omahn: could you try the latest iso?
<mathiaz> Omahn: http://cdimage.ubuntu.com/ubuntu-server/daily/20081022/
<Omahn> Yeah, no problem, downloading now..
<mathiaz> Omahn: the LSI bug may also be fixed
<Omahn> Coool.
<Omahn> And now we have three options :-)
<yann2> nijaba > "iscsi support for interpid
<yann2> kirkland looked into fixing existing bugs but it was decided that it was too late in the cycle to try fixing them. Work on iscsi has been deferred to the next cycle."
<yann2> you got me worried - I thought iscsi was perfectly supported in hardy?
<Omahn> It's looking good...
<mathiaz> yann2: the state of iscsi in intrepid is the *same* as the one in hardy
<mathiaz> yann2: there are a couple of issues with iscsi that were alredy present in hardy
<yann2> yeah that's what I understood - does it mean it is perfectly usable for mission critical usage?
<mathiaz> yann2: these haven't been fixed in intrepid
<yann2> I'll have a look at launchpad...
<yann2> mathiaz > is there any "serious" bug that should be considered in iscsi deployment?
<mathiaz> yann2: hm - I'm trying to find the bug kirkland had been working on
<Omahn> That daily server iso works *perfectly*
<mathiaz> yann2: but I don't find it anymore. There are issues with the init script order IIRC
<mathiaz> yann2: that's what kirkland was working on.
<yann2> ok
<mathiaz> yann2: you'll get more detail once he is online
<yann2> thanks :)
<mathiaz> Omahn: great!
<mathiaz> Omahn: both amd64 and i386?
<nijaba> yann2: iscsi issues we wanted to but did not fix are: booting from iscsi and iscsi boot order when publishing NFS from it.
<Omahn> mathiaz: Just tested amd64 and that works too. Cool.
<Omahn> I've updated the iso tracker with successes.
<mathiaz> Omahn: are you pre500 on the iso tracker?
<Omahn> mathiaz: Correct.
<mathiaz> Omahn: are you subscribed to the ESX test cases?
<Omahn> Just trying to work out how to :-)
<Omahn> aha, I see.
<Omahn> Done.
<mathiaz> Omahn: awsome!
<nijaba> Omahn: thanks a lot for your involvement here :)
<mathiaz> Omahn: you'll get notified whenever there is a new build ready for testing
<Omahn> Phew! I was getting worried with ESX panic'd with that beta ISO.
<Omahn> nijaba: No problem. I've got access to a couple of large ESX clusters so I'll lend a hand whenever I can. Plus I'm hoping to move a lot of our systems to Solaris. It's a win win. :-)
<nijaba> Omahn: great to hear.  Let us know if you think there is something we should improve in this area
<Omahn> nijaba: Will do. I'm going to try and get more involved with the server stuff, time (and 7 month old baby!) permitting.
<eagles0513875> i got a question related to dns granted im running it on kubuntu but if i experience sluggish internet load times for webpgs is that a sine that somehow my dns cache has become poisoned
<eagles0513875> cuz i ran dns-clean script and things are back to normal
<eagles0513875> does the dns cache need to be flushed once in a while
<eagles0513875> can anyone enlighten me
<ScottK> No and No.
<eagles0513875> ScottK: ok and ok
<nxvl> mathiaz: should say JauntyJackalope here -> https://wiki.ubuntu.com/ServerTeam/IdeaPool
<mathiaz> nxvl: fixed. thanks :)
 * nxvl HUGS mathiaz 
<mathiaz> kirkland: thanks for fixing the raid installation.
<mathiaz> kirkland: could you confirm that a manual installation of raid0 and raid5 works on amd64?
 * eagles0513875 :(
<\sh> what? frozen bubble should be removed? WAR !
<kirkland> mathiaz: sure, no problem
<sergevn> daturan: i fixed the problem with my tcp daemons, it was NFS, stopped it and now my servers keeps working perfect. :)
<Eeyore-Jr> hi.  will ubuntu-ltsp clients work over a wireless connection?  well?
<Eeyore-Jr> is it possible to use stand alone clients (those that do not connect to LTSP) and still have network login, home, and storage directories?
<Eeyore-Jr> can i use ubuntu-ltsp server to serve e17?
<espacious> hi which packets should i install on my server to just access cacti over a browser?
<espacious> cacti - Frontend to rrdtool for monitoring systems and services
<espacious> cacti-cactid - Multi-Threading poller for cacti
<espacious> libpam-blue - PAM module for local authenticaction with bluetooth devices
<espacious> ups sorry for the dumb paste
<jcastro> mathiaz: it's that time of the year! https://wiki.ubuntu.com/UbuntuOpenWeek/Prep
<nijaba> jcastro: I think a more accurate statement would be it is that time of the *semester*
<mathiaz> jcastro: hm - should I put up a session about the server team?
<jcastro> mathiaz: sure, or multiple ones. :D
<jcastro> mathiaz: something I think would be neat would be an overview of new server features
<mathiaz> jcastro: hm - that could be interesting indeed.
<mathiaz> jcastro: I've added an Ubuntu Server Team slot
<mathiaz> jcastro: I could run the same introduction to the server team
<mathiaz> jcastro: I'll think about it
<jcastro> cool
<mathiaz> jcastro: that's the week after release right?
<jcastro> mathiaz: yep
<akuma55> hello ppl has anybody tryed to install ird-hybrid
<hylje> if i'm to install a server using netboot through a crossover cable to another computer, i do to put up services for 1) providing internet to the netbootee 2) providing the ftp for the boot image 3) provide a dhcp instructing the netbootee
<hylje> did i forget anything before i commit into it?
<Chipzz> hylje: yes. you don't use *FTP* for the boot image, you use *T*FTP*
<Chipzz> not the same thing
<Chipzz> hylje: I've recently set up a lot of debian servers with netinstall, and I used 1) dhcp server 2) tftp server 3) some apt cache thing
<Chipzz> you can replace 3) with internet access oc if you only need it for one server
<Chipzz> and 4) nameserver
<Chipzz> which you don't need oc if you give it internet access
<Eeyore-Jr> is this a dev only channel?
<ScottK> Eeyore-Jr: No.
<ScottK> Eeyore-Jr: Please read /topic
<Eeyore-Jr> what is the landscape tool?
<mathiaz_> Eeyore-Jr: http://www.canonical.com/projects/landscape
<Eeyore-Jr> thx.  landscape is for canocial customers only i see
<Eeyore-Jr> upon installation of ubuntu server there is no ltsp option.  is that now a pay only option ?
<sommer> Eeyore-Jr: you probably want edubunt
<Eeyore-Jr> edubuntu comes with a lot of educational software and ubuntu iirc.  i was considering e17 instead of the ubuntu desktop
<Eeyore-Jr> but i'm unsure
<sommer> you can always install whatever desktop you'd like then switch to it, or set it as the default
<Eeyore-Jr> k
<hylje> Chipzz: thanks
<hylje> the notion of setting up a (minimal) repository instead seems more ideal and less risky
<spiritssight1> can I get help with geting my server working again
<hylje> what problem(s) do you have?
<Chipzz> hylje: I wasn't suggesting that; there's software like apt-cacher and apt-proxy that can do the same
<spiritssight1> when I type the address (URL) it says it can not connect
<Chipzz> but if you're only installing one machine and are planning on getting it right the first time, that probably isn't necessary
<hylje> well there's a lot to be said in setting up the network
<spiritssight1> How can I tell if the server is running correct apachie and php stuff
<spiritssight1> I am using 8.10 of ubuntu desktop with lamp installed
<hylje> what's the exact error message?
<hylje> can you ping the machine?
<spiritssight1> go to http://cpe-eagle.homedns.org/\
<spiritssight1> I don't know much about this stuff, so how would I try to ping
<Chipzz> uhm
 * Chipzz frowns
<Chipzz> anyway
<Chipzz> who is working on landscape here?
<Chipzz> hylje: apt-cacher and apt-proxy all work to a different degree (they all have their problems iirc)
<Chipzz> don't remember which one I used for that setup though
<Chipzz> apt-proxy apparently
<Chipzz> hylje: using a tool like apt-proxy will save you the trouble of doing the mirroring etc
<hylje> yes
<Chipzz> wrt landscape: I administer a number of debian machines, and was planning on creating my own system based on apticron + an MTA + procmail/something similar to parse the mails apticron sends
<spiritssight1> hylje: how do I ping and how do I check to see if apachie and the php stuff is running
<Chipzz> anyway just wondering how far landscape is, and if contributions would be accepted
<spiritssight1> I just looked in the sesion area and don't see any thing in there
<Chipzz> spiritssight1: echo '<?php phpinfo() ?>' > phpinfo.php
<Chipzz> in a directory that's accessible through apache
<Chipzz> and then access the phpinfo.php file through your browser
<Chipzz> "session area"?
<Chipzz> anyway bbl
<spiritssight1> ok I have done that now what would I type to access it in the FF localhost://phpinfo.php or different
<spiritssight1> Ok I can access my website using http://localhost but its not working for the public
<spiritssight1> any one able to help I can not access my server from a brower but I can if I type localhost
<hylje> hmh
<indigo23> Is there a free Cpanel Interface out there for hosting multiple websites? I need something where i can create user accounts so that my webdesigners can create sites and test them.
<hylje> great, dnsmasq works
<hylje> now to figure out how to NAT the net
<indigo23> anyone here familiar with VHCS Pro 2.2
<J_P> ï»¿people, in my server on http area show this line: "Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.3 with Suhosin-Patch mod_wsgi/1.3 Python/2.5.2 Server at 189.2.146.8 Port 80" How I do for change that value, for example hide the name Ubuntu and so one ?
<indigo23> what is the command to verify you have a certain package installed
<J_P> indigo23: apt-get insatll package
<nijaba> indigo23: dpkg -l | grep pkgname
<indigo23> thanks
<[Solars]> whats the chmod number for the typical read/write/move
<[Solars]> this are media files and some docs
<hibana> [Solars]: depends
<hibana> what you mean with move?
 * hibana only knows about read/write/execute
<[Solars]> i guess allow users to move the files, read the files, delete the files, etc
<[Solars]> so i guess just metn r/w
<hibana> read (4), write (2), and execute (1)
<hylje> yaaaay the contraption network-wise works
<[Solars]> hibana so what magic number ? 766?
<hibana> then there is the matter of user / group / others
<hibana> and also file vs folder
<[Solars]> right right
<hibana> chmod 764 would give a use all rights, the group read and write and all others just read
<hibana> s/a use/a user/
<hibana> a folder with chmod 750 would give a user all rights, the group list and chdir rights and all others no rights
<hibana> to be allowed to delete you need write rights
<[Solars]> i thnk 764 is what i wanted
<[Solars]> now i have 4 folders that I don't want to be deleted
<[Solars]> but the contents within can be manipulated
<hibana> [Solars]: manipulated using what?
<ScottK> leonel: How's clamav patching going?
<ScottK> leonel: 0.94.1 releases 3 Nov, so expect likely more then.
<uvirtbot> New bug: #287736 in php5 (main) "package libapache2-mod-php5 5.2.4-2ubuntu5.3 failed to install during upgrade from Ubuntu 7.10 to 8.04LTS (thru the update manager)" [Undecided,New] https://launchpad.net/bugs/287736
<ClaesBas> Why does "do-release-upgrade -d" want  88.1M free space on /boot????
<sommer> ClaesBas: the kernel, the initramfs, and such
<leonel> ScottK: the patch is ready, but I really didn't saw a critical one as you can see on launchpad, and sorry  it got down on the Todo list ...
<leonel> ScottK: let's roll for 0.94.1   ... will it be ported  to hardy ??  what can  I do ?
<ScottK> leonel: The first step is going to be getting it tested on Intrepid as I hope to get permission for a post-release update there.
<ScottK> Then backports should be fairly straightforward.
<ScottK> leonel: http://www.kitterman.org/ScottK/2008/10/clamav_plans_in_ubuntu.html
<ClaesBas> sommer: You can't mean that Ubuntu needs 88M on /boot for a upgrade!?
<ClaesBas> I think this is a bug!
<ClaesBas> I have 12M on my /boot now (before my try to upgrade and 79M free)
<ClaesBas> Let me see, if it's not a bug, then 8.10 needs more then 7 times the space then 8.04...
<leonel> ScottK: great !
<sommer> ClaesBas: it may be a bug, you'll probably get a better answer #ubuntu-installer
<ClaesBas> sommer: Thanks, I try that channel...
<ClaesBas> Why does "do-release-upgrade -d" want  88.1M free space on /boot ?
<ClaesBas> I only have 12M on my /boot now (8.04)!
<ClaesBas> Sorry....
<ClaesBas> I have to go there also.....
<uvirtbot> New bug: #287781 in nut (universe) "Nut UPS user does not have access to the serial ports." [Undecided,New] https://launchpad.net/bugs/287781
#ubuntu-server 2008-10-23
<macdunbar> hello
<macdunbar> does anyone know of a good tutorial for using ubuntu server 8.04 as a replacement for a windows server?
<juannicolas> Hi, can someone telme how to save iwconfig configuration?
<juannicolas> in order to them be stared next time machines reboot
<J-_> in /etc/network/interfaces would network and gateeway be the same IP?
<tonyyarusso> no
<tonyyarusso> A gateway has a host address, which is very different from a network address.
<tonyyarusso> It's quite common for the gateway to be one higher than the network address, although there's no reason it has to be.
<J-_> Is there anyway to find out my network and gateway with a command?
<J-_> Would network in /etc/network/interfaces be the address of my router?
<tonyyarusso> J-_: No, the address of the router is the gateway address.  The network address has to do with how it's subnetted, if it is.
<tonyyarusso> If you can give actual numbers I can help.  You're looking for things that are set within your router's configuration, ultimately.
<J-_> Yeah, I think I figured that part out :) Now I'm just looking for my afraid.org DNS entries on their site.
<J-_> Will /etc/resolv.conf be a new file once I use nano to go into it on a new installation? It just created a new file.
<tonyyarusso> it will if you save
<J-_> Okay, it didn't say anything about creating a new file in the configuration tutorial.
<J-_> Now, to see if this thing works.
 * J-_ prays
<J-_> http://pastebin.com/m3fbb79f0 Does that look right?
<scuser> hi all, any help with this error http://paste.ubuntu.com/61404/ ?
<scuser> hi all, I'm trying to execute the command "sudo vos create sc02.sc.bibalex.org /vicepa root.afs -localauth" but this error arouse "Could not get an Id for volume root.afs" any help ?
<soren> J-_: No.
<soren> J-_: You need numeric adresses for nameserver.
<soren> s
<soren> J-_: Nameservers are what you use to resolve hostnames to IP's, so specifying names would be a catch-22.
<J-_> Does /etc/network/interfaces look alright, though?
<J-_> Or, should I have gateway instead of network?
<soren> J-_: It's a valid /etc/network/interfaces file.
<soren> J-_: That's about all I can say.
<soren> J-_: The numbers depend on your local configuration. It looks sane, but I can't say if it's correct.
<J-_> okay
<J-_> Thanks for the info anyway. I'll keep fooling around til I can get it right. :)
<soren> scuser: I've never used AFS. Perhaps you could try in an AFS specific channel?
<soren> scuser: There's an #openafs channel, apparantly.
<soren> J-_: What's the problem?
<scuser> soren: I'm trying now thanks for your time :)
<soren> np
<J-_> apache2: could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
<J-_> I need to find out how to restart my network now
<J-_> err network interfaces or whatever
<blue-frog> J-_: it is not an error
<J-_> hmm
<scuser> hi all, any help with this error http://paste.ubuntu.com/61419/ ?
<scuser> hi all, any help with this error "bos: failed to create new server instance ptserver of type 'simple' (entity already exists)"
<kraut> moin
<bn43> hi I'm trying to understand raid - Just picking brains
<bn43> I've read that raid1 is full reduncy
<bn43> but if your boot partition cannot fall under raid1
<bn43> which means if one of the disks fails with the boot partitition, you cannot boot?
<bn43> is that right?
<bn43> anyone?
<henkjan> bn43: http://users.piuha.net/martti/comp/ubuntu/en/raid.html
<henkjan> After installation and the first reboot I installed grub also on the second disk's (/dev/sdb) master boot record (MBR). Without this the PC will not start if the first disk (/dev/sda) fails and is removed from the PC.
<bn43> thank you
<bn43> I will read up on thatr
<mathiaz> soren: do I need to do something special to enable virtio block device support in intrepid?
<mathiaz> soren: http://paste.ubuntu.com/61431/
<mathiaz> soren: ^^ this is the error and the configuration of the host
<mathiaz> soren: ^^ this is the error and the configuration of the guest
<heno> nijaba: can you help out with some remaining server tests? esp. ESX
<nijaba> heno: ESX server expired, so I think Omahn as gently offered his help
<nijaba> s/as/has
<heno> ok, thanks
<soren> mathiaz: Can I see the rest of the XMl, please?
<mathiaz> soren: http://paste.ubuntu.com/61449/
<soren> mathiaz: That's strange. When did this start?
<mathiaz> soren: hm - if I switch to ide, the guest fails to start with "Unsupported NIC: virtio"
<mathiaz> soren: this is a brand new intrepid install
<mathiaz> soren: the kernel version is 2.6.27.7.10
<soren> mathiaz: What about kvm?
<mathiaz> soren: 1:72+dfsg-1ubuntu6
<soren> mathiaz: Could you try "kvm -drive file=/home/mathiaz/vm/tests_isos/intrepid-server-i386-default/vm/root1.qcow2,if=virtio,index=0" from a command line?
<mathiaz> soren: hm - it starts - but I had to use the vnc option
<mathiaz> soren: I don't know if it booted though
<mathiaz> soren: ok - using the following command line http://paste.ubuntu.com/61452/, the guest is able to start
<nnull> guys whats the min sys requirments for ubuntu server?
<mathiaz> soren: http://paste.ubuntu.com/61457/ <- this is the qemu log when trying to start the guest from libvirt
<mathiaz> soren: hm - why is it using qemu by default for the emulator rather then kvm?
<mathiaz> soren: that's a difference between intrepid and hardy then.
<mathiaz> soren: if you don't specify the emulator when defining the guest in libvirt, hardy defaults to kvm while intrepid defaults to qemu.
<soren> mathiaz: Gah.. That sucks.
<mathiaz> soren: I'll file a bug against libvirt
<soren> mathiaz: Thanks.
<scuser> hi all, any help with this error "fs: cell dynroot not in /etc/openafs/CellServDB" ?
<soren> scuser: This reminds me of a conversation I had earlier today...
<soren> 07:52:10 < soren> scuser: I've never used AFS. Perhaps you could try in an AFS specific channel?
<soren> :)
<soren> 07:52:43 < soren> scuser: There's an #openafs channel, apparantly.
<sommer> morning all
<zul> hi soren
<zul> i mean sommer
<jpugh> nnull: did you find what you need?
<hylje> mm
<hylje> apparently it doesn't really want to boot off network either
<hylje> woah
<mpt> soren, hi, when would be a good time to talk with you about virt-manager?
<nijaba> mpt: -> #ubuntu-virt has a good list of listener
<mpt> ah, thanks
<hylje> gah installer hangs just after getting network config
<hylje> may this be due to the NAT randomly deciding to not work?
<wo0f> yo guys
<hylje> ooh it just took a silly amount of time
<Dib> Hello I just installed apache2 php5 libapache2-mod-php5 apache works good but when i goto test.php with phpinfo() it just downloades the php file.  any ideas?
<ScottK> kirkland: Is there a way you can add man pages manually to manpages.ubuntu.com?
<Dib> don't worry I think I found something lol good on help.ubuntu ^_^
<hylje> Dib: does your apache config include the php config snippet?
<ScottK> There is a but in the Intrepid Postfix package where a couple the man pages for some new scripts didn't make it into the binary.
<Dib> hylje, I had a quick look but dident see any PHP related things
<kirkland> ScottK: hmm
<ScottK> kirkland: They're in the Postfix source package.  Could we add them to your repository so I can at least point to them in a bug?
<hylje> well that may well be the problem :)
<kirkland> ScottK: that server just mounts up a full Ubuntu mirror
<Dib> lol yeah I restarted Apache and then it worked heheh
<ScottK> kirkland: Source and binary?
<kirkland> ScottK: it only looks at .deb files
<ScottK> OK.
<ScottK> It was a thought ...
<kirkland> ScottK: I don't really have access to that machine, either
<kirkland> ScottK: i change the code in bzr, then beg IS to pull my changes
<Dib> can i use atp-get to install GDLib?
<ScottK> kirkland: If you've got an idea how you might do it it'd be nice.  Otherwise I think I'm reduced to blogging man pages or something.
<ScottK> kirkland: You can guilt lamont into doing since it's his bug.
<lamont> ScottK: more likely he could guilt me into uploading postfix. :)
<kirkland> ScottK: actually....
<ScottK> lamont: I don't think the release team is going to take 'missing a couple of man pages' as an RC bug.
<lamont> meh
<kirkland> ScottK: as soon as the Jaunty archive opens, there will be a Jaunty section in manpages.ubuntu.com
<ScottK> lamont: OTOH, if you've been holding onto a good one ...
<lamont> just have to know where their ticklish spots are
<ScottK> lamont: If you can convince them it'd be much appreciated.
<kirkland> ScottK: if you sync the postfix package there, the pages will be available, albeit against a different version
<ScottK> kirkland: True.
<ScottK> We'll see.  I'll hope lamont can find the right leverage on -release for now.
<nomoa> hi, is there a netboot image for ubuntu server 8.04?
<mathiaz> Koon: ahh - just ran into bug 274365
<uvirtbot> Launchpad bug 274365 in tomcat6 "Installation over Sun JVM might fail if JVM is not yet configured" [Low,Fix released] https://launchpad.net/bugs/274365
<mathiaz> Koon: I wasn't using the sun-java machine though
<Koon> beh
<mathiaz> Koon: http://paste.ubuntu.com/61563/
<mathiaz> Koon: It supposed to be fixed...
<Koon> argh.
<mathiaz> Koon: let me investigate that
<Koon> it's the tomcat6-(something) packages that call restart
<Koon> they don't have an || true
<mathiaz> Koon: correct
<Koon> I forgot those. and the same is true for tomcat5.5.
 * Koon grumbles
<mathiaz> Koon: could this be bug 264489?
<uvirtbot> Launchpad bug 264489 in tomcat6 "le demarrage de tomcat6 ne marche pas" [Undecided,Incomplete] https://launchpad.net/bugs/264489
<mathiaz> Koon: probably not
<mathiaz> Koon: are you preparing a fix?
<Koon> mathiaz: yeah, probably not
<Koon> mathiaz: yes -- could you check why it failed to start in the forst place ?
<Koon> first even
<Dib> I'm trying to setup vsftpd so far I can connect to it from another computer and read files and login as my main user and upload.  But can't upload with anon.  I have created a user called ftp  with a home dir of /var/ww and ww group is ftp.  any ideas?
<mathiaz> Koon: same issue as bug 274365
<uvirtbot> Launchpad bug 274365 in tomcat6 "Installation over Sun JVM might fail if JVM is not yet configured" [Low,Fix released] https://launchpad.net/bugs/274365
<Koon> you said you weren't using sun jvm ?
<mathiaz> Koon: default-jre-headless is setup before tomcat6-*
<mathiaz> Koon: but openjdk-6-jre-headless is setup after tomcat6-*
<mathiaz> Koon: first and last line of http://paste.ubuntu.com/61563/
<Koon> mathiaz: it used to work without openjdk-6-jre-headless being configured
<Koon> anyway, the workaround I put in is insufficient and should be fixed. In progress
<mathiaz> Koon: using || true in the postinst is not enough?
<Koon> I mean, putting it only on tomcat6.postinst ins not enough
<Koon> hhhhmmm
<mathiaz> Koon: ah ok - so you'll prepare a diff that will make -admin and -examples use || true?
<Koon> that was my plan. Though I just discovered they shouldn't need to... Their postinst call "status" to doublecheck tomcat6 is really running
<Koon> just a sec
<Dib> whats a good small desktop enviroment for ubuntu-server?
<Eeyore-Jr> e17
<mathiaz> !servergui | Dib
<ubottu> Dib: Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
 * Koon hides from kirkland for writing up such a lousy "status" action
<kirkland>  /etc/init.d/Koon restart
<mathiaz>  Koon not found
<Koon> /etc/init.d/Koon status -> FAIL
<Dib> mathiaz, lol thanks. I think I'll give lxde a go, as I'm just messing around and I can allways remove ^_^
<mathiaz> Koon: so what's your plan for this bug?
<Koon> fixing status
<Koon> mathiaz: posting the debdiff now, if you can have a look while I finish rebuild/testing it
 * Koon wishes he would not be sick as a dog to be more efficient
<mathiaz> Koon: which bug are you using?
<mathiaz> Koon: it seems that a new bug should be filed
<Koon> the same that got the release freeze exception
<Koon> (or the old one reopened ?)
<mathiaz> Koon: well - AFAICT it's a new bug
<Koon> yes, will file a status returncode bug
<mathiaz> Koon: related to bug 274365 though, but affecting other packages
<uvirtbot> Launchpad bug 274365 in tomcat6 "Installation over Sun JVM might fail if JVM is not yet configured" [Low,Fix released] https://launchpad.net/bugs/274365
 * Koon curses his VM that choose the wrong day to freeze
<Koon> mathiaz: the debdiff worksforme. invoke-rc.d is a little noisy when status returns nonzero though, in the future I should probably change those calls as well, but that's a more intrusive change that we'll do after release, I suppose
<mathiaz> Koon: hm - you've changed the exit code from 1 to 3.
<mathiaz> Koon: hm - scratch that
<Koon> now that I tipped kirkland, I figured I should at least put the right return codes :)
<Koon> mathiaz: i'll leave the thing to you, got to go now (probably to bed directly)
<mathiaz> Koon: ok - have a nice loooonng night
<uvirtbot> New bug: #288218 in tomcat6 (main) "tomcat6 initscript "status" action always return 0" [Undecided,New] https://launchpad.net/bugs/288218
<mathiaz> dendrobates: ^^ new bug in tomcat6
<mathiaz> dendrobates: I've milestoned for intrepid-8.10 - you may wanna look at it and change the importance/milestone
<uvirtbot> New bug: #288226 in drbd8 (universe) "DRBD 8.0.11 is unusably slow" [Undecided,New] https://launchpad.net/bugs/288226
<J-_> Man, for the life of me, can't get Hardy's /etc/network/interfaces or DNS to work proper. It was working in Dapper before I decided to do a clean install
<J-_> :(
<J-_> http://pastebin.com/m3fbb79f0 That's pretty much what I have. I'm not sure how to get /etc/resolv.conf working. My network doesn't get a static IP. It changes when my router restarts.
<J-_> Not sure what DNS entries afraid.org uses
<J-_> !lamp
<ubottu> LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process (different in Edgy+)
<J-_> I changed my DNS entries on the server, hasn't worked. I can't ping google
<mathiaz> J-_: you should use IP in resolv.conf - you cannot use dns names
<hylje> yep catch-22 otherwise
<mathiaz> J-_: as resolv.conf is supposed to bootstrap name resolution
<J-_> So would I use afraid.org's IP entries? Or, my own?
<J-_> Not sure what I'm looking for
<mathiaz> J-_: you should figure out which dns IP's your provider is using
<mathiaz> J-_: your network administrator should know that
<J-_> I'll just look in my router. there's 2 I know that.
<J-_> Hopefully it resolves the issue
<J-_> brb
<Deeps> w/w 34
<J-_> Didn't work. I still can't ping google, or get onto localhost/ my internal IP. port 80 is forwarded on the router.
<J-_> I had it working before
<uvirtbot> New bug: #287447 in tomcat6 (main) "/var/lib/tomcat6/webapps should be writeable by tomcat6" [Medium,In progress] https://launchpad.net/bugs/287447
<mathiaz> J-_: are you able to resolve google?
<J-_> no
<mathiaz> J-_: are you able to ping your router?
<J-_> let me check, brb
<J-_> Says network is unreachable
<mathiaz> J-_: what does ifconfig eth0 says?
<mathiaz> J-_: it seems that your network card/interface is not setup correctly
<J-_> Link encap:Ethernet HDaddr etc..
<J-_> mathiaz:  want me to put it in a pastebin?
<mathiaz> J-_: does it have an IP adress set?
<mathiaz> J-_: like 192.168.1.120?
<J-_> no
<mathiaz> J-_: what does /etc/init.d/networking restart say?
<mathiaz> J-_: ie - run the command: /etc/init.d/network restart
<J-_> failed to open statefile on both ifdown and ifup --/var/run/network/ifstate: permission denied on both
<mathiaz> J-_: run the command: sudo /etc/init.d/network restart
<J-_> actually I may have to sudo the command
<J-_> okay
<J-_> reconfiguring network interfaces and it was successful
<J-_> say [OK]
<J-_> says*
<mathiaz> J-_: is there an IP adresse for eth0 now?
<mathiaz> J-_: ifconfig eth0
<J-_> no
<J-_> :S
<mathiaz> J-_: are you running network manager?
<J-_> network manager? I'm on a default install of a LAMP installation with no gui on the server.
<J-_> laptop right beside me :)
<J-_> same with server
<mathiaz> J-_: is there a dhclient process running on the system?
<J-_> I didn't set one up, how can I tell?
<mathiaz> J-_: ps -ef
<mathiaz> J-_: ^^ that gives a list of all the processes running on the system
<mathiaz> J-_: *sudo* ps -ef
<J-_> mathiaz:  it doesn't look like it
<J-_> I'm on a Hardy Server install.
<thefish> J-_: do you have more than one network interface on the server?
<J-_> How would I tell? I only have 1 network card.
<J-_> Maybe I'll change my ethernet cable to see if that works.
<thefish> J-_: probably wont be that
<thefish> but i have had eth0 automagically change to eth1 before, dont think it was ubuntu, and it was ages ago, but it may be worth considering
<thefish> maybe try sudo ifconfig eth1 192.168.1.120 up
<J-_> If I type "ifconfig eth1"  it says device not found.
<J-_> k
<thefish> ah ok
<J-_> new network cable, I'll plug it in. brb
<thefish> can you pastebin the results of just "ifconfig" after you did a "sudo /etc/init.d/networking restart"
<thefish> i guess your /etc/network/interfaces is still the same as your old pastebin
<thefish> also maybe give the results of "grep eth /etc/udev/rules.d/70-persistent-net.rules"
<J-_> thefish:  I just did, "sudo /etc/init.d/networking restart" then "ifconfig" it shows a inet address of 127.0.0.1
<thefish> for interface lo
<thefish> thats normal
<J-_> let me pastebin the results
<J-_> okay
<thefish> k
<J-_> I'll have to type it out :)
<J-_> brb
<thefish> huh?
<thefish> ah ok dont worry then :)
<J-_> Well, I mean if it helps I'll do it. :)
<thefish> maybe "ifconfig | grep addr"
<thefish> look in that for anything like an ip address
<thefish> dont type it all out though!
<J-_> thefish:  inet addr:127.0.0.1 mask:255.0.0.0        inet addr: ::1/128 Scope:Host
<thefish> if still no other address, try "sudo ifconfig eth0 192.168.1.120 up"
<thefish> J-_: that looks like its your "lo" interface, the loopback
<thefish> try that manual ifconfig line and see what it says..
<J-_> sudo ifconfig eth0 192.168.1.120 up returns nothing
<J-_> let me type out(pastebin) my /etc/network/interfaces
<J-_> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu.com (make sure you give us the URL for your paste - see also the channel topic)
<thefish> ok it shouldnt return anything
<J-_> k
<thefish> but after you did it, check ifconfig again
<thefish> is your interfaces file still the same as http://pastebin.com/m3fbb79f0 ?
<J-_> I don't have auto eth0 it looks like. (I may have changed it last night)
<thefish> ok that is what makes it come up "automatically" when the network service is started ;)
<J-_> oh and, where it says gateway, it says network
<thefish> did you check the output of ifconfig after running "sudo ifconfig eth0 192.168.1.120 up" ?
<J-_> wit hthe same internal IP
<thefish> ok so you should have exactly:
<thefish> auto eth0
<thefish> iface eth0 inet static
<thefish> then indented under that a line each for address, netmask, gateway
<thefish> you can have broadcast etc if you have done fancy things, but they are not needed otherwise
<J-_> okay. above that, I have:
<J-_> auto lo
<J-_> iface lo inet loopback
<thefish> good
<J-_> k let me save. :)
<J-_> Now, should I restart /etc/network/interfaces?
<thefish> sudo /etc/init.d/network restart
<J-_> k one moment
<J-_> awesome, it worked
<J-_> I can ping google
<thefish> huzzah :)
<J-_> Thanks a lot.
<J-_> I mean, THANKS. lol :)
<thefish> no worries
<J-_> mathiaz:  Thanks too!
<J-_> much appreciated.
<J-_> Now I can work on it from ssh. :D
<J-_> Man, that broke the ice. it took me hours last night to figure the darn thing out.
<J-_> And I actually didn't figure it out
<J-_> til now :P
<J-_> Sorry.
<J-_> well, I didn't!
<thefish> J-_: do you understand how it works now?
<thefish> you can check out "man interfaces" for more detail, and some cool voodoo you can do
<mathiaz> kirkland: have you seen bug 236640?
<uvirtbot> Launchpad bug 236640 in open-iscsi "iSCSI install fails under hardy" [Undecided,New] https://launchpad.net/bugs/236640
<J-_> thefish:  I think I have a general idea... If it messes up, or if I need to reconfigure it for some reason I don't think I could do it since I need to do things a few times before remembering/ troubleshooting. This is probably my 3rd or 4th time doing it within 3 or so years.
<mathiaz> nijaba: what was the support of iscsi in hardy?
<nijaba> mathiaz: good, except for booting from it
<kirkland> mathiaz: of course i have, note who it's assigned to
<mathiaz> kirkland: hm - ok :D
<nijaba> mathiaz: we still have an issue in some condition, ask kirkland/etienneG about it
<mathiaz> kirkland: I've just received the email and thus got on my radar...
<mathiaz> nijaba: right - that's the issue with init script
<mathiaz> this is one is related to the installer
 * nijaba goes cooking for his family, back later
<J-_> hrm, I wonder if I can disable something in my bios on the server so I don't have the keyboard and mouse hanging around. I mean, I suppose those are the arms if it's a headless server.
 * J-_ palms
<J-_> I liked how hardy asked what things to install--including lamp, CUPS, and openssh.
<J-_> That's what I enabled anyway.
<J-_> Oh yes, and how it asked to create a mysql password too.
<J-_> I don't remember dapper asking me all of those things, though, I could be totally wrong :)
<Rideh> hi i'm having trouble getting openldap to work on hardy, i've followed 4 differnt guides, multiple trouble shooting recommendations, reinstalled 4 or 5 times on 2 machines.  Has anyone recently gotten it working - if so do you have a link to a resource ?
<sommer> Rideh: I have: https://help.ubuntu.com/8.04/serverguide/C/openldap-server.html
<jpugh> rideh: what kind of problems are you having? I have used the serverguide and am having no problems myself
<Rideh> i've had a few differnt problems one was related to the SSO guide which apparently wasnt complete anywyas
<Rideh> i dont have a log of all the error messages i've recieved
<Rideh> i've worked through fixing ones related to hostnames, and bind
<Rideh> but it seemed like ssl issues or tls issues kept gumming everything up
<Rideh> i've purged openldap and i'm going to try again. i'll let you know what happens here in about 8 minutes
<sommer> Rideh: it's probably better to get things working without ssl and tls, then go back and add them so you're only fighting one set of problems
<Rideh> agreed which i've tried to do as well
<J-_> What type of client should I use to update IPs that works with afraid.org? Not sure what I used before. I remember going through a couple programs a year or so ago.
<J-_> not sure if I used ddclient or not.
<Rideh> sommer: give me a few moments and i'll see what happens this go around
<sommer> Rideh: sure, just ask when you have specific questions :)
<Rideh> sure which is why i asked for a resource :)
<Rideh> i dont mind rtfm as long as it gets me somewhere in the end lol  its been driving me up the wall
<Rideh> and of course it works
<Rideh> sigh
<Rideh> litterally spent 3 days off and on trying to make this work right... no idea. thats terrible.    least all the rest of the services minus nfs are up and running
<sommer> party!
<ScottK> I'd like to suggest that those of you who have blogs on planet might want to start doing 'cool new stuff' postings now to help build interest in the release.
<tonyyarusso> Speaking of release, is there a summary separate from the general release notes of things that are new in Intrepid specific to server usage?
<J-_> What dynamic IP DNS client works with afraid.org? Not sure if I used ddclient, or not.
<tonyyarusso> (I'm going to be setting up a new server soon, and need to decide whether to use 8.04 or 8.10)
<tonyyarusso> J-_: inadyn claims to
<J-_> hmm nice.
<Rideh> tonyyarusso: i went with 8.04 for production environment
<Rideh> i'm in the same boat
<ScottK> I only have a small number of servers and so I tend to track the latest release.
<tonyyarusso> I think so far the only thing that looks interesting is the encrypted private directory, but I'm guessing there's more.
<ScottK> Upgrade from Hardy to Intrepid was totally painless on my test server.
<Rideh> my comfort level is still relatively low which lead me to go with somethign with more existing support documented (although i doubt there is significant change)
<J-_> Glad I've installed Hardy, newer packages than Dapper and, it's probably a lot better since it's a newer LTS system, let alone the evolved stated from dapper to hardy. :D
<J-_> Now I don't have stagnant programs looming around
<Rideh> sommer: ty for the help
<Rideh> off to whats next :)
<sommer> Rideh: np
<J-_> Does anyone use afraid.org here? I'm trying to get a cron working to update my DNS regularly, I came across a script and it says they're using, "echo '*/5 * * * * root /usr/bin/wget http://freedns.afraid.org/dynamic/index.php?action=script&data_id=XXXXX" But, where the XXXXX's are they said, "NOTE: In the above, the XXXXXX is an id number provided by freedns.afraid.org" I'm not sure what they mean on ID number. Anyone know what they're g
<J-_> oing on about?
<tonyyarusso> I would assume that must be something connected to your account and available from the web site...  Haven't seen it myself, but I'd go poking around the web interface for it.
<J-_> tonyyarusso:  am trying.. :P
<J-_> hmm, what's the command to make a new cronjob? cronjob -d?
<J-_> hmm
<J-_> ah hah! sudo crontab -e
<J-_> would echo '*/5 * * * * be every 5 minutes?
<J-_> Bah, yes it is. Answering my own questions. lol
<ScottK> So are you the cron job then?
<J-_> didn't work for some reason
<ScottK> Then I guess not.
<nijaba> ScottK: would you recommend interfacing postfix directly with clamav or through amavisd-new?
<nijaba> ScottK: never mind if you answered to slangacek in #ubuntu-release
<pltmnky> howdy :)
<pltmnky> question: (ubuntu 8.04) i have a print server, and a client machine. there are already pre-exisint ldap and kerberos setup (they work as expected).  I set up cups 1.3 on both, and the client machine recives the printerlist from the print server, and print over IPP.  What I am trying to do is, have cups verify that the user printing is authenticated, and so that no local users can print without authentication.  (I have set this up to work from 
<ScottK> nijaba: I answered him, but for here: The recommended way for Postfix is through amavisd-new
<ScottK> You can do it other ways.
 * lamont notes that if ScottK called it "postfi x', then it wouldn't blue-tab lamont
<lamont> :-)
<lamont> hi SchneeSchwarz
<lamont> meh.  Hi ScottK
 * ScottK notes that if lamont doesn't want to get alerted whenever someone says postfix, lamont could arrange that.
<lamont> esp since ScottK does such a good job of answering them in his place, making it even easier. :-)
 * ScottK ponders making his nick postfix.
 * lamont ponders kickbanning ScottK just for giggles
 * lamont decides that might be overkill
<tonyyarusso> Speaking of printing, I've never quite understood this - if you have a printer hooked up to a print server which is in turn on the network, why do the other client machines also need to have the printer driver?
<Rideh__> because the print server isnt actually decoding the document, its just taking the data stream to the printer
<tonyyarusso> Oh, I guess that makes sense.
<tonyyarusso> Would there be a way to make it do so, so you didn't have to worry about the clients?
<Pizarro> Hi, I have installed poptp VPN server under Linux and everything works fine except the VPN connection only lasts a few seconds and then it disconnects, please I really need help. Thanks
<Pizarro> While the VPN connection is established, I can ping other machines, etc.. but whatever is the reason when I do this (when some data is transfered between the cleint and the server) it just disconnects
<J-_> Can anyone help me get a cronjob working with afraid.org services to update my IP/ DNS?
<Pizarro> I just want to install a successfull VPN server under UBuntu, and it seems to be a nightmare
<Rideh__> is kickstart still the recommended tool to use for creating preconfigured installs?
<andol> Rideh__: Kickstart sounds more like Redhat/CentOS. How about taking a look at preseeds?
<Rideh__> andol: righton i'll look into that
<Rideh__> https://help.ubuntu.com/community/KickstartCompatibility was the ony documentation i was finding but looked old
<Rideh__> https://help.ubuntu.com/community/PXEInstallServer also referenced kickstartr
<andol> Rideh__: Well, here is one preseeds https://help.ubuntu.com/8.04/installation-guide/amd64/preseed-using.html
<andol> (Yes, preseeds works well from a pxe-boots)
<Rideh__> righton i'll look into it
<andol> The nice thing about preseeds is the natural integration with the debian-installer and debconf.
<andol> Just remember you might have to modify the example somewhat. From what I can see it is more or less taken directoy from Lenny, which doesn't behave excatly the same way as Hardy.
<uvirtbot> New bug: #288349 in php5 (main) "php5 crashed with SIGSEGV in clone()" [Undecided,New] https://launchpad.net/bugs/288349
<Rideh__> andol: i guess my question is taking this a step further
<Rideh__> andol: i am wanting a computer lab setup so if a machine goes down they can pxe boot and get a fresh install to replace it
<Rideh__> the computer lab has ldap authentication, nfs shares etc. can all those config files be preseeded?
<andol> Rideh__: Hmm, possibly. But if nothing else you can always tell preseed to run scripts post-install. That script should be able to take care of things for you.
<Rideh__> true
<Rideh__> i guess my other option
<Rideh__> is to create an image of what i want then make pxe just host that image
<Rideh__> still needing scripts to modify hostnames and such though :/
<andol> Rideh__: Myself I'm considering a solution combining kickstart and preseeds with puppet.
<andol> Rideh__: Well, do you really need to hostcode hostnames? Just let dhcp handle those settings?
<andol> s/hostcode/hardcode/
<Rideh__> i'm not familar with that
<Rideh__> and no not particuarily
<Rideh__> mind if i pm you?
<andol> np
<DCPom> I need a 10 day uranium trade. Any offers?
<Rideh__> i'm attempting ot setup a client ot authenticate off of pam
<Rideh__> it states to double check /etc/libnss-ldap.conf   after going thru the dkpg configure stuff yet this file does not exist
<Rideh__> https://help.ubuntu.com/community/LDAPClientAuthentication
<Rideh__> have i done something wrong, has this file been moved or obsolete?
<mathiaz> kirkland: you don't think bug 288226 warrants a SRU?
<uvirtbot> Launchpad bug 288226 in drbd8 "DRBD 8.0.11 is unusably slow" [Undecided,Fix released] https://launchpad.net/bugs/288226
<kirkland> mathiaz: i didn't look at it closely;  what i did see was some people getting fussy about zul's response, and a request for the appropriate policy documentation
<kirkland> mathiaz: i merely pasted the URL of the backports process
<mathiaz> kirkland: ah ok. From the changelog it looks like 8.0.13 are bugfixes only.
<mathiaz> kirkland: since it seems we have a severe performance regression it may worth looking into a SRU.
<kirkland> mathiaz: fair enough;  i'm not establishing an opinion on that one at present
<kirkland> mathiaz: i actually don't have any idea what drdb is
<mathiaz> kirkland: ok
<kirkland> mathiaz: database of doctors?  :-)
<mathiaz> kirkland: http://en.wikipedia.org/wiki/DRBD
<kirkland> mathiaz: looks cool
<mathiaz> kirkland: yeah - it's one of the basic component in 2-node failover systems
#ubuntu-server 2008-10-24
<nijaba> goodnight all
<CMD_L1N3> hello
<CMD_L1N3> i believe a computer is trying to brute force through ssh on my server
<CMD_L1N3> is this common?
<J-_> CMD_L1N3:  Change the port.
<CMD_L1N3> yes. but i was just wondering if this is a common event. i new to the server thing
<CMD_L1N3> or do i need to add some more counter measures
<J-_> I'm not sure, I don't think I've ever had anyone try to buteforce the port. Though, I don't have use it within the outside world. I just use ssh locally since my service is on my own network.
<J-_> Can anyone help me set up ddclient?
<tonyyarusso> CMD_L1N3: If you're running the default port, then yes, it will happen.  Change the port and set up fail2ban.
<J-_> s/service/server/
<Eeyore-Jr> i'm looking for some help solving a problem with getting a dhcp address on a mobo with a dual nic for ltsp server
<J-_> what does ltsp stand for?
<J-_> !ltsp
<ubottu> LTSP is the Linux Terminal Server Project, which adds thin-client support to Linux servers. See chapter 3 of the !edubuntuhandbook, http://www.ltsp.org and/or http://en.wikipedia.org/wiki/Linux_Terminal_Server_Project
<uvirtbot> New bug: #288478 in cyrus-sasl2 (main) "Ownership of /etc/sasl2db precludes direct access by Cyrus IMAP" [Undecided,New] https://launchpad.net/bugs/288478
<uvirtbot> New bug: #288496 in samba (main) "package winbind 2:3.2.3-1ubuntu3 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/288496
<Jimmy0815> #baller
<Dedi_> i can still not manage to get any backuppc files compressed, even the setting is correct
<Eeyore-Jr> anyone use asrock boards?
<kavon> so is it easy to get an unmanaged vps running ubuntu going?
<kavon> there any things i should look into that would help me manage it myself?
<tonyyarusso> Basic documentation is a good start, but there's nothing exceptional about it.  What are you trying to accomplish?
<mindframe> anyone know how to tell ntop to save data between sessions?
<paul68> Can someone help me with specific dns and dhcp configuration?
<paul68> where do I add the autoupdate in the dns and dhcp files, and where do I add the acl lists?
<nnull> when i installed the server during the install when u select what u want installed eg LAMP etc i accidently pushed enter to select the first thing i wanted installed but it skipped to the next part and didnt let me go back, how do i go about installing these things now? just manually find programs and install or?
<blue-frog> use tasksel
<kraut> moin
<nomoa> is there a command to list attached scsi ala lsusb?
<nomoa> nomoa: /proc/scsi/scsi
<jgjones> Greetings all
<jgjones> I wonder if anyone have used or have experience with iFolder?
<ScottK> zul, nijaba, and/or soren_: Please help me understand why this ec2 thing is critical to fix now?
<PecisDarbs> hi people, is there special channel about using Xen on Ubuntu or I can just ask here? Is there any up-to-date guide for creating and managing xen instances in Hardy? There is one in Ubuntu Wiki, but it is out of date
<yann2> try #ubuntu-virt
<Koon> ScottK: i suppose vm-builder would end up in multiverse if the ec2 plugin is not separated.
<ReAn> a lightweight LAMP server should use roughly how much hard drive space?
<ReAn> er, i.e. ubuntu-server's core + apache / php / mysql
<ScottK> Koon: Zul and I discussed it, so I'm clear now.  Thanks.
<ScottK> Anyone have a box handy that was a fresh Intrepid install (not upgraded) and has /etc/sasldb2 existing?
<thefish> ScottK: no /etc/sasldb2 on my intrepid install (installed from about alpha 2/3 stage), but it has /etc/sasl2
<ScottK> The sasldb2 file gets created when you add users to the database, so unless you've done that, it won't exist.
<ScottK> mathiaz: I think someone really ought to take a look at Bug #288478.  I'm sure it's too late for the release, but in the meantime we ought to get to work on fixing it ASAP.
<uvirtbot> Launchpad bug 288478 in cyrus-sasl2 "Ownership of /etc/sasl2db is root:root instead of root:sasl" [High,Confirmed] https://launchpad.net/bugs/288478
<freaky_t> hi all. can someone help me with fixing a degraded raid array? software raid ?
<slicslak_> any here familiar with ip(8)?  the replacement for ifconfig.  i want to remove one of my addresses but it's not obvious how.  and of course googling for ip is useless
<slicslak_> nevermind.  deciphered the man page succesfully
<mariussss> hello :)
<mariussss> is anyone online to help me with an Internet problem?
<daturan> if I can
<mariussss> How do I setup something like this: Internet cable goes into PC (eth0); from eth1 a cable goes into an Wireless router; the Wireless router gives Internet to other wireless devices.
<mariussss> I don't want to setup the regular Internet -> Wireless router -> PC/other wifi devices, because the PC has slow bandwith through the Wireless router...
<daturan> so is the PC a workstation? or a server?
<daturan> you could either just setup port forwarding, an easy way is to use the firestarter program.. or setup a transparent firewall
<slicslak_> mariussss, essentially you need to setup iptables, but there are many scripts/utils to do that (like firestarter)
<mariussss> slicslak_: I am using firestarter
<macd> Hardy 32bit, runs in a vbox VM, uses host networkng, I changed my Host adapter on the Host system, hardy boots to no eth0, although the device still appears in lspci, would a rename to eth1 change this?
<mariussss> but I am stuck :)
<mariussss> I've setup a static IP address in /etc/network/interfaces
<macd> I just confirmed eth1 works, but what would the adapter id change in the guest...
<macd> The MAC remains the same
<mariussss> auto eth1
<mariussss> iface eth1 inet static
<mariussss>     address        192.168.1.1
<mariussss>     netmask        255.255.255.192
<mariussss>     broadcast    192.168.1.255
<mariussss>     network        192.168.1.0
<mariussss> this is working after I restart the network
<mariussss> but I can't access the Wireless router's configuration page, which is 192.168.1.1
<mariussss> :)
<trashguy>  wait
<mariussss> I will
<trashguy> tyring to use ur box as a router?
<mariussss> yes
<mariussss> I have to network cards
<mariussss> In eth0 enters the main Internet cable
<mariussss> I want to share the Internet connection to the second network card
<mariussss> so it can give Internet to a Wireless router
<mariussss> the Wireless router will give Internet to other devices :)
<mariussss> complicated... I know :D
<trashguy> not really
<trashguy> you just need to add a bridge interface
<SchneeSchwarz> mariussss: don't give your machine the same IP as the WLAN router
<mariussss> SchneeSchwarz: I also put 10.10.1.1
<mariussss> in /etc/network/interfaces
<SchneeSchwarz> mariussss: and why should that help?
<Rideh> i'm having some problems with a client connecting to my ldap server. rebooting my client yeilds udevd[2895]: nss_ldap: failed to bind to LDAP server ldap://ip: Can't contact LDAP server could not connect to any LDAP server as cn=admin,dc=domain,dc=org - cant contact ldap server (i have the correct domain compontents
<mariussss> I know I am doing something wrong but don't know what :)
<trashguy> you dont have a bridge
<trashguy> so traffic wont pass from  one card to the other
<trashguy> sudo apt-get install bridge-utils
<mariussss> but the other card has Internet
<trashguy> yea
<mariussss> hold on
<trashguy> the one plugged in to the interwebz
<Rideh> 	nano -w /etc/sysctl.conf
<Rideh> 		net.ipv4.conf.default.forwarding=1
<Rideh> 	sudo sysctl -w net.ipv4.ip_forward=1
<Rideh> 	nano -w /etc/rc.local
<Rideh> 		/sbin/iptables -P FORWARD ACCEPT
<Rideh> 		/sbin/iptables --tabl nat -A POSTROUTING -o eth0 -j MASQUERADE
<mariussss> bridge-utils is already the newest version.
<SchneeSchwarz> mariussss: if eth1 is the connection to the WLAN router, give the interface a different address than the router has - but from the same subnet
<Rideh> try that mariussss
<mariussss> I will, hold on :)
<Rideh> oh that asumes eth0 is upstream and eth1 is down
<mariussss> SchneeSchwarz: I don't know how :)
<trashguy> meh
<Rideh> mariussss: in /etc/network/interfaces  add 2 addapters, 1 with information to the stuff above. then the other for the stuff below
<trashguy> iptables is such a filthy mess
<trashguy> dude
<trashguy> all you need to do is add a bridge
<Rideh> oh mine is doing nat
<Rideh> not just bridging
<SchneeSchwarz> mariussss: in the snippet from /etc/network/interfaces you posted, change the 192.168.1.1 to, for example 192.168.1.2. Try if accessing the router's config page works, then.
<Rideh> so i have a question above regarding an ldap client can anyone help me?
<trashguy> i use bridiging
<trashguy> for all my VMs
<trashguy> so they get real IP addresses so the can be accessed externally etc
<Rideh> oh i didnt realize he was talking bout vms
<trashguy> no no
<Rideh> right now i have a server and my laptop is acting like the "clients" with vm. but thats differnt
<trashguy> were goignt o confuse him
<trashguy> ^^
<uvirtbot> trashguy: Error: "^" is not a valid command.
<mariussss> SchneeSchwarz: I will... in a second
<mariussss> trashguy: exaclty :D
<trashguy> mariussss, do you need nat or just wanna pass traffic to your access point?
<mariussss> just pass traffic
<trashguy> here man
<trashguy> https://help.ubuntu.com/community/Router
<trashguy> you just need to bridge eth0 and eth1
<Rideh> rebooting my client yeilds udevd[2895]: nss_ldap: failed to bind to LDAP server ldap://ip: Can't contact LDAP server   could not connect to any LDAP server as cn=admin,dc=domain,dc=org - cant contact ldap server    (i have the correct domain compontents
<trashguy> can u ping the ldap server?
<Rideh> well thats the thing
<Rideh> yes
<Rideh> and if i wait like 10 minutes it'll boot up
<Rideh> and getent returns the proper users
<mariussss> SchneeSchwarz: seting 192.168.1.2 in /etc/network/interface doesn't work
<trashguy> mariussss, you are going to have to make a  birdge
<mariussss> Rideh: I've setup what you said and nothing :( should I reboot?
<trashguy> or no network traffic will cross
<Rideh> mariussss: your going to have to change the ips and nics to represent your network, but listen to these other guys they are giving you an easier way
<mariussss> :)
<trashguy> https://help.ubuntu.com/community/Router
<trashguy> thats what you want
<mariussss> guys, I know how to set a simple Internet connection sharing in the /etc/network/interfaces
<trashguy> wire to wired
<mariussss> and trust me that it works
<mariussss> the eth1 has Internet
<mariussss> If I connect a cabble from the eth1 to the Playstation 3
<mariussss> PS3 will have Internet with the IP I've setup in /etc/network/interfaces
<mariussss> the problem here is the Wireless router, I don't know its problem :)
<mariussss> I it won't accept the connection with the static IP I gave ? :(
<SchneeSchwarz> mariussss: explain "doesn't work".
<trashguy> did you assign a static ip on the wirless router?
<mariussss> no, because I can't access the wireless router
<trashguy> well
<trashguy> you have to access it directly
<mariussss> how?
<trashguy> and make sure the "WAN" conneciton can talk to your box
<trashguy> form a laoptop?
<trashguy> plug in to "LAN" side
<mariussss> ohh
<mariussss> right
<mariussss> hold on
<trashguy> if you are already routing traffic
<trashguy> then
<Rideh> i have a work issue
<trashguy> your wirelss router just either need to have an ip to talk to the box or set to dhcp or osmething
<Rideh> trying to get these clients connecting to a server - for business
<mariussss> Ok, the cable from eth1 is now in the first LAN port
<Rideh> can someone try to help me plz?
<mariussss> of the Wireless router, of course :)
<trashguy> Rideh, whats the logs say on the server
<Rideh> lol the guy who doesnt know how networking works for his ps3 is monopolizing the channel
<mariussss> :D
<mariussss> sorry :(
<Rideh> trashguy: whcih log do you want to know
<mariussss> I won't anymore...because I have just access the page :D
<mariussss> quick question.... :)
<trashguy> Rideh, auth log for ldap
<Rideh> odd
<Rideh> i'm not seeing any logging from slapd
<Rideh> i see it on client isde but it looks to be trying to auth pam_unix instead of ldap
<trashguy> is the service running?
<Rideh> yes , and running getent passwd on the client returns users from ldap
<mariussss> Guys, thank you very much!!! Everything works now :)
<Rideh> but i do see the dhcp request from the client vs the server
<Rideh> and nfs worked properly - it created a home drive for my user on my server
<Rideh> trashguy: which tells me ther eis something wrong with nss / pam
<Weasel[DK]> Rideh, don't know what you are up to, but you can set loglevel in slapd.conf and default it is going into /var/log/syslog
<Rideh> Weasel[DK]: i'm not seeing any output of it in syslog
<PlaneCrazy1> Help!
<trashguy> HALP
<PlaneCrazy1> does anyone know how to get the dual boot menu back after it has been erased by reinstalling an os?
<trashguy> you mean
<trashguy> grub
<trashguy> ?
<PlaneCrazy1> I have a server that is set up with Windoze 2003 server and Ubutu 804 server
<Weasel[DK]> Rideh, have you defined logfile <filename> in slapd.conf ?
<trashguy> PlaneCrazy1, im assuming you reinstalled windows?
<PlaneCrazy1> yup and it wiped out the grub boot menu
<trashguy> yea
<trashguy> so u go tot boot form a live cd
<PlaneCrazy1> know I can't get into the Ubuntu server software
<PlaneCrazy1> :-/
<PlaneCrazy1> ok I tried that
<trashguy> boot form an ubuntu live cd
<trashguy> and you got to reinstall grub in to your MBR
<PlaneCrazy1> yeah
<PlaneCrazy1> ok, pardon my inexperience but what is the command
<PlaneCrazy1> I tried grub-install
<PlaneCrazy1> grub-install sda
<trashguy> i sthat your hard drive?
<PlaneCrazy1> sda1 is the windoze partition, and sda2 is the Extened, sda 5 is the EXT3 partition, sda 6 is the LINUX SWAP
<trashguy> so yea
<lukehasnoname> yea
<trashguy> grub-install /dev/sda
<PlaneCrazy1> according to partition editor
<Rideh> Weasel[DK]: that didnt seem to change where its logging to
<PlaneCrazy1> hhmm
<Weasel[DK]> Rideh, hmm at least the file should be created... check the loglevel is > 0
<Rideh> Weasel[DK]: just tried it with loglvl 256 /var/log/slapd   nothing
<Weasel[DK]> Rideh, what versions are using for OS and slapd ?
<Rideh> hardy, and how do i determine the version of a package?
<trashguy> dpkg -l
<trashguy> prob wann grep
<trashguy> for what you want
<Rideh> 2.4.9
<Weasel[DK]> dpkg -s slapd
<Rideh> Weasel[DK]: what do you want to know from that?
<Weasel[DK]> Rideh, don't know yet... i have a similar setup... logging works just fine
<Rideh> i've been dicking around with getting ldap to work properly for 3 days
<Weasel[DK]> Rideh, same versions too
<Rideh> very very simple config
<Rideh> just cant get it to work right... do you have apparmor disabled?
<Rideh> Weasel[DK]: you mind pastebin'n your pam files and such?
<Rideh> and ldap.conf?
<Weasel[DK]> no problem, where do i check appamor ?
<Rideh> well you'd have done app-get remove to get rid of it
<sbeattie> Weasel[DK]:  do you have rejections in /var/log/messages
<Rideh> sbeattie: i'm the one with the issues his works fine
<Rideh> sbeattie: i'm trying to figure out whats wrong with mine ... getent passwd works fine on client after it boots after long session of spamming unable to bind to server host etc
<Weasel[DK]> no, so probably don't have it....
<sbeattie> Rideh: sorry, do you have rejections? And you should not need to apt-get remove apparmor to disable it for slpad
<ScottK> BTW, there's no need to uninstall apparmor to stop it.  sudo sh /etc/init.d/apparmor stop will make it lay down and take a rest.
<Rideh> sbeattie: i cant figure out what my problem is :/
<Rideh> i've been steadily working through issues, but its been 2 days and yet to see the light
<Rideh> here is what i've tried so far
<Rideh> http://pastebin.com/d11b443a5
<Rideh> the very last one ln 141 is my latest try, followed the instructions at the website, then below are the modifications i made since.
<sbeattie> ScottK: you don't even need to do that; for example, 'sudo aa-complain /usr/sbin/slapd' will disable enforcement of slapd's policy while keeping apparmor enforcement other applications
<Rideh> this is what i've done from the client side: http://pastebin.com/d1abcca15
<ScottK> True.
<Rideh> i get spammed by rebooting my client yeilds udevd[2895]: nss_ldap: failed to bind to LDAP server ldap://ip: Can't contact LDAP server could not connect to any LDAP server as cn=admin,dc=domain,dc=org - cant contact ldap server (i have the correct domain compontents when booting client
<Weasel[DK]> Rideh, http://pastebin.com/d2353a3be
<Weasel[DK]> Rideh, is see you are messing with ssl... you could try get it working without and put ssl in when the plain is running
<Rideh> ther eis no ssl in it righ tnow
<Rideh> those were prior attempts
<Rideh> i'm on a completley new vm :)
<Rideh> the last "installing openldap" is my latest
<Weasel[DK]> Rideh, as oyu can see i am messing with ebox atm
<Rideh> yea  what are all the ?one
<Weasel[DK]> meaning the only this level is seached for matches
<Rideh> oh
<Weasel[DK]> it can be ?sub, the it will work recursive
<Rideh> brb i need to get a drink been at this for 6 hours today
<Weasel[DK]> he he
<J-_> How can I get ssh to work when I mount my server to my desktop? I want to be able to click on the sftp folder on my desktop, add stuff to /var/www. I don't care if it asks for a password or such. I just want to be able to delete, copy, paste, move files around in sftp.
<Weasel[DK]> J-_, can't you make a short-cut from your filemanager ?
<Weasel[DK]> sftp://<blah blah>
<J-_> That's what it does when I mount it. I just don't have any permission to do anything in /var/www in my server.
<Weasel[DK]> J-_, check what group the www folder has and add your self to the group... on the server
<Weasel[DK]> J-_, check the group permissions on www
<J-_> Weasel[DK]:  How can I check what group www is, and how do I add myself to the group? Or, check the permissions on www?
<J-_> !lamp, wonder if this would help
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<J-_> !lamp
<ubottu> LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process (different in Edgy+)
<Weasel[DK]> J-_, ls -l /var look for www
<drbrown> is xen support built into the standard ubuntu server kernel?
<J-_> drwxr-xr-x  2 root root  4096 2008-10-23 01:38 www
<zul> drbrown: domU yes, dom0 you have to get it from somewhere else
<drbrown> zul: thank you very much
<Weasel[DK]> J-_, i normaly create a webmaster group (group add webmaster) add my self to the group (usermod -a webmaster <myself>)
<Weasel[DK]> change permissins on www (chgrp -r webmaster /var/www)  give group write permissions (chmod g+rwx /var/www )
<Rideh> Weasel[DK]: no luck :/
<Weasel[DK]> Rideh, what do you want to accomplish, what is the problem. i dont think logging is the only thing ;)
<Rideh> i have ldap up and running on a server, i have 25 clients i need to authetnicate off ot it
<Rideh> my client machines can connect as far as getent passwd goes
<Rideh> but they will not authenticate off of it
<Rideh> and when booting i have to watch 10 minutes of
<Rideh>  udevd[2895]: nss_ldap: failed to bind to LDAP server ldap://ip: Can't contact LDAP server could not connect to any LDAP server as cn=admin,dc=domain,dc=org - cant contact ldap server (i have the correct domain compontents when booting client
<Rideh> i just want ldap to work. i've done everything 5 differnt ways and everyone of those said "this works, this is how you do it" and none have worked
<trashguy> firewall?
<Rideh> trashguy: shouldnt be, but how can i check
<trashguy> well are you on the same network
<J-_> Weasel[DK]:  chgrp -r webmaster /var/www doesn't work
<trashguy> capital r
<trashguy> chgrp -R
<Weasel[DK]> Rideh, this tool is nice for connecting http://www.mcs.anl.gov/~gawor/ldap/
<Rideh> i have a server with static ip connected to a router on eth0 WAN.. i have eth1 connected to a switch (hosting dhcp and nat). my laptop is connected to the switch running vmware with 4 edubuntu clients
<trashguy> can your laptop connect?
<trashguy> are you natting your vms?
<Weasel[DK]> Rideh, sounds like a tricky setup...
<trashguy> or bridging
<trashguy> firstly you want to get the laptop to connect
<Rideh> trashguy: my vms are bridged. the server hostng ldap is also hosting dhcp, acting as nat etc
<trashguy> yea
<Rideh> my laptop and all the vm's get ips and are able to browse etc.
<Rideh> the clients are all able to mount exports from the server etc
<Rideh> the clients can getent passwd and see entries from the ldap
<trashguy> do you have iptables running?
<Rideh> on the server yes
<trashguy> whats ldap 389?
<Rideh> http://pastebin.com/d69da1578 are the rules for iptables
<Rideh> trashguy: what do you mean
<trashguy> god
<trashguy> iptables is so ugly vs PF
<Rideh> btw is there supposed to be a /etc/openldap/ folder? cuz i have /etc/ldap.conf and /etc/ldap/ldap.conf
<Weasel[DK]> Rideh, no... /etc/ldap/ldap.conf should be the correct one
<Rideh> grr
<Rideh> i'm so ready to dump ubuntu as a server
<paneo> Hi, someone can help me? I have a error in this line, but I donÂ´t know solve this error: Hola, estuve googleando yes no encontre el error en Ã©sta estructura de control:if [ $usuario = `cut -f 1,2 -d : /etc/passwd | grep $usuario: | cut -f 1 -d :` ]
<trashguy> Rideh, freebsd ;)
<Rideh> well the thing is
<paneo> Sorry
<Weasel[DK]> Rideh, sorry the /etc/ldap.conf is the correct
<trashguy> uw ill deal with the same situation on any linux serevr though
<Rideh> that they want to do one of the edubuntu thin client setups
<paneo> if [ $usuario = `cut -f 1,2 -d : /etc/passwd | grep $usuario: | cut -f 1 -d :` ]
<Rideh> trashguy: cept ubuntu does wierd stuff
<Rideh> like changes default folders of configs for no reason
<trashguy> Rideh, defien default
<trashguy> its different for each distribution ^^
<Rideh> yea yea
<Rideh> i like gentoo
<J-_> Weasel[DK], trashguy: Thanks a lot :)
<Rideh> lol
<Rideh> lemme go back to gentoo
<trashguy> i rather
<trashguy> bleed to death
<Weasel[DK]> J-_, NP
<trashguy> then mess with gentoo
<Rideh> i learned on gento
<Rideh> first distro i ever used. phase 1
<trashguy> portage  is a mess
<Rideh> shrug i liked portage
<trashguy> the community is lulz
<Rideh> i like the build flags
<trashguy> you can do that in ubuntu if you want
<Rideh> like when i apt-get openldap i have no idea if it has openssl support built in or not
<trashguy> Rideh, then download the devel pkg and compileit yourself
<Rideh> ok back to my problem
<Rideh> how do i fix this
<trashguy> cusrious
<trashguy> did u install libpam-ldap?
<afallenhope|work> I'm having an issue installing ubuntu server.. I get up to the point where it says: "Select and Install software" and it hangs at 6%
<Weasel[DK]> Rideh, can the users login local and/or via ssh
<Rideh> trashguy: lemme check
<Rideh> grr its rebooting might take a while
<Rideh> Weasel[DK]: no
<trashguy> why reboot take so long?
<Rideh> because 10 minutes of that spam
<Rideh> i told you about
<Rideh> it literally spams that for 10 minutes whlie booting
<trashguy> spam
<trashguy> thats obviously an issue :/
<Rideh>  udevd[2895]: nss_ldap: failed to bind to LDAP server ldap://ip: Can't contact LDAP server could not connect to any LDAP server as cn=admin,dc=domain,dc=org - cant contact ldap server (i have the correct domain compontents)
<Rideh> it'll sit there and spit that out over and over for 10 minutes
<trashguy> klol
<trashguy> libnss_ldap installed then
<Rideh> ok good
<Rideh> so i changed some stuff in nsswitch.conf and it got rid of that
<Rideh> changed from ldap files to compat ldap then _compat: ldap
<Rideh> and changed netgroup to ldap from nis
<trashguy> rideh create a gorup called nvram
<trashguy> your are expierwencing a known issue
<trashguy> https://launchpad.net/ubuntu/+source/libnss-ldap/+bug/51315
<uvirtbot> Launchpad bug 51315 in libnss-ldap "udevd: nss_ldap: failed to bind to LDAP server" [Undecided,In progress]
<trashguy> "The sleep interval is doubled each time (4,8,16,32,64 seconds) and takes a very long time to boot up."
<Rideh> trashguy: do i crate that group local on the system or in ldap?
<trashguy> the server
<Rideh> oh you linked it, i can read
<trashguy> The problem is caused by the usage of the non existing group 'nvram'
<trashguy> in /etc/udev/rules.d/40-permissions.rules: KERNEL=="nvram", GROUP="nvram"
<trashguy> brb lunch
<Rideh> trashguy: the group exists
<Rideh> that spam happens on the clients not hte server. but i got the spam gone
<Rideh> so i think my last problem is making pam autnenticate properly
<juannicolas> hi, can someone tell met how to save the iwconfig in order for the machine have the information in the next reboot?
<lukehasnoname> Hey guys
<lukehasnoname> can I reinstall over one of several partitions in an encrypted volume?
<lukehasnoname> I have an encrypted volume with home and root directories
<lukehasnoname> I only want to reinstall the root, and I want to keep the home, mounting it to /home
<lukehasnoname> can I do that?
<lukehasnoname> (I'm backing up my /home dir anyway)
<lukehasnoname> bbl, but I'll be around
<afallenhope|work> is there a ways of retrieving the user/pass of the initial setup
<lukehasnoname> I know the encrypted volume password
<uvirtbot> New bug: #288897 in openldap (main) "[intrepid] cannot upgrade from hardy to intrepid : local can only be used in a function" [Undecided,New] https://launchpad.net/bugs/288897
<bonez45> I need in setting up Print service.. on my newly installed 8.04 server edition..
<bonez45> where do I start?
<bonez45> since the server edition does NOT install X by default.. and yet the documentation indicates I should install cupsys.. how then would I administer adding and configuring printers.. ?
<ScottK> bonez45: http://ubuntu.wordpress.com/2005/10/13/enabling-cupsys-web-admin-interface/ looks like it might be relevant.
<bonez45> ScottK: I am looking into the documentation for the server on help.ubuntu.com and 8.04 which is what I just installed, and it suggests changes to files that aren't there..
<bonez45> I'll check that link
<ScottK> bonez45: For the documentation, please file bugs against ubuntu-docs.
<bonez45> thanks Scott... great name btw. it's mine too
<Codedrunk> Anyone have a good method to capture images from a webcam in a jpeg, png, or gif format?
<ewook> apt-cache search webcam
#ubuntu-server 2008-10-25
<bonez45> is there any downside , other than space taken up, by installing things like Xserver-xorg on an Ubuntu server box?
<bonez45> I am learning my way around, but I think it'd be easier to manage, with some of the GUI tools I know better.. than the command prompt...
<Eeyore-Jr> hi.  i'm running ltsp server/client structure, and wondered if it was possible to play chromium?
<Eeyore-Jr> there is ltsp server which provides for centralized login services, /home directories, and program management.  is there another way to achieve this function?
<bonez45> How can I get X to load up.. I installed gdm which installed a host of other files. and I installed xserver-xorg on my server....and i know it installed X11 too.. but I can't get it to boot up and load the GUI.. what am I missing here?
<sommer> !servergui
<ubottu> Ubuntu server does not install a desktop environment or X11 by default in order to enhance security, efficiency and performance.  !eBox provides a GUI system management option via a web interface.  See https://help.ubuntu.com/community/ServerGUI for more background and options.
<sommer> bonez45: that link should get you going
<bonez45> thanks... sommer
<sommer> np
<Eeyore-Jr> how does one use ebox?
<bonez45> sommer: ebox, eh? do you use that? I don't want to compromise this new server... so I'll try ebox..
<sommer> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<sommer> there's a section in the serverguide about ebox
<sommer> basically sudo apt-get install ebox, then go to https://servername
<sommer> ebox has multiple modules to handle varius server applications
<bonez45> sommer: the install for ebox is run on the server machine right?
<Eeyore-Jr> server name as in localhost?
<Eeyore-Jr> ah, nm, https
<sommer> bonez45: yep
<sommer> Eeyore-Jr: it'll be localhost if you're accessing on the machine you've installed box on
<Eeyore-Jr> hrm, can't get there
<Eeyore-Jr> with localhost.  did "sudo aptitude install ebox"
<sommer> mmm, you might try the ip then
<sommer> or the hostname
<bonez45> sommer: I have ebox installed and I have even logged in to it..
<bonez45> but the interface has none of the features, mentioned in the documentation.
<bonez45> could I have installed it incorrectly?
<sommer> bonez45: which modules do you have installed?
<sommer> the default doesn't do much, but depending on what type of server would dictate which ones you'll want to install
<bonez45> I haven't installed any, nor does the interface show any that I can..
<sommer> apt-cache search ebox will give you a list
<bonez45> well, I need printing, and samba.. and file server.....
<sommer> bonez45: you'll need to use the cli to install the others
<bonez45> oh, so I have to install those.. manually .. ok
<sommer> newer versions of ebox will allow you to install additional modules from the web interface
<sommer> at least that's how I understand it :)
<bonez45> sommer: lots to learn with this..
<sommer> ya, it's best to run it on a test machine to learn the ropes
<bonez45> this is a test machine.. it's not production anything
<bonez45> if I get it working, and can hook up all my printers to it.. and scanner, and other stuff.. and have it serve it all up.. I'll be happy..
<bonez45> I want to move my email server.. and apache2 to it too
<bonez45> my needs are modest at this point...
<sommer> should be able to do most of that... not sure of the scanner though
<sommer> don't have one myself
<jarrettwold> Hey I've got a quick question about building mcrypt.  I have all dependencies built.  however when I run configure I get "checking for mhash_keygen in -lmhash....no   ideas?
<Tumie> my server doesn't connects with the router
<Tumie> i think some settings are wrong..
<Tumie> does anybody know what i should do if the server doesn't connects with router??
<uvirtbot> New bug: #289060 in bind9 (main) "named bind9 apparmor profile error " [Undecided,New] https://launchpad.net/bugs/289060
<J-_> Can I increase the memory_limit for php higher than 16mb? Will it affect anything?
<Weasel[DK]> J-_, yes, it will affect you php applications...;)  config is normally located here -> /etc/php5/apache2/php.ini
<sandstrom> I wanted to allow my server to lookup hostnames. Tried this: ufw allow domain
<sandstrom> Which results in the following rules: 53:tcp ALLOW  Anywhere & 53:udp ALLOW  Anywhere
<sandstrom> Which, to me, is allowing the server do receive data on port 53, but not to send.
<sandstrom> How can I solve this?
<J-_> Weasel[DK]:  thank you thank you. :D What should I increase it to? I only have 256mb RAM. If that's dependant of the RAM?
<Weasel[DK]> J-_, depends what your application needs.. if applications need more RAM than available the it starts swapping.... but that is slow...
<Weasel[DK]> J-_, try 64 an see if your app will run
<J-_> Well, I'm using wordpress. I already have it up to 32M and it runs, still quite slow though. But, that could be my internet connection being crappiola
<J-_> is it proper that mysqld is running at 7.3 CPU percentage?
<J-_> seems kind of odd
<J-_> it's not doing anything
<sandstrom> J-_: same for me
<sandstrom> on a default installation
<J-_> So I guess it's normal?
<J-_> Must be :)
<J-_> Weasel[DK]:  64M is a lot better :D
<Weasel[DK]> Great :)
<sandstrom> J-_: I was wrong, it's the memory that stays around 7%, CPU is 0 by default.
<J-_> hmm
 * J-_ shrugs. This is probably the best it'll work unless I use something equivalent to apache like lighttpc or whatever the heck it is :)
<keithclark> I get the following errors when trying to start dansguardian...any ideas on how to correct? http://www.pastebin.ca/1236499
<ScottK> Which release are you on?
<keithclark> 8.10
<ScottK> keithclark: We just sync'ed a new version with a fix for that a few hours ago.  Wait for it to build and hit the mirrors and upgrade.
<keithclark> ScottK, Excellent and thanks!
<keithclark> ScottK, will that be an automatic update, or will I have to go in and reinstall dansguardian angain?
<ScottK> Should be a regular update.
<keithclark> Great, thanks again.
<keithclark> ScottK, downloaded dansguardian update and all is working again just fine.  Thanks.
<ScottK> Great.
<soren> kees: For filtering in postfix, I pretty much just installed amavisd-new and followed its instructions for integration with postfix, installed clamav and spamassassin, and enabled virus and spam filtering in amavisd. I think that was all.
<maw> does anyone use solidcore file integrity monitoring with Server 8.04?
<gluki> hi
<gluki> any body can help me with ubuntu server 8.04 + LAMP  + ispconfig + oracle???
<osmosis> any way to force a reboot when the reboot command doesn't work?
<Stephen|SFLC> power button :P
<azteech> have you tried "shutdown" from a terminal window?
<cpumanaz> Hello, is there a way to install ubuntu-server from the live CD?
<cpumanaz> I was not able to get my fake-raid working without it, but do not want all the extras of the desktop version.
<sommer> cpumanaz: here's some instructions for intrepid: http://doc.ubuntu.com/ubuntu/serverguide/C/advanced-installation.html
<cpumanaz> thank you sommer. I'm having a hard time, and am just lost at this point. I couldn't get the dm-raid4-5 module to load correctly with the ash shell in the alternate install, and I couldn't do the server from the destkop live cd install.
<sommer> cpumanaz: I'd recommend using the server iso cd
<sommer> at least I've never had an issue with it :0
<cpumanaz> I'm trying to dual-boot which is why I would prefer dmraid but I can try the alternate, that is a good article and it goes over many of my concerns
<sommer> cool, if anything is unclear or incorrect feel free to file a but against the ubuntu serverguide
<sommer> err bug
<cpumanaz> I think dmraid may be just a bit immature, or did not have good community involvement to work well in intrepid, it's there but not perfect and may have to wait till next spring.
<sommer> is dmraid different from software raid
<RachedTN> hello every body, I have asterik installed on debian and it works perfect, so I tried asterisk on Ubuntu server 8.04 but it doesn't work correctly, did any body knows what are the right versions of libpri+zaptel+asterisk that works on ubuntu ?
<sommer> I guess I assumed you were talking about the raid software raid optin
<sommer> option
<cpumanaz> It is software, but looks like it may be more commonly refered to as "fakeraid"
<sommer> the raid available in the kernel?
<sommer> or more specifically managed by mdadm?
<cpumanaz> it's not in the live cd
<cpumanaz> you have to install dmraid package and modprobe dm-raid4-5 before you can dmraid -ay to activate it
<cpumanaz> once done the installer will see your fakeraid partitions
<sommer> ya, the live cd doesn't have advanced disk options because gparted doesn't support it that well... or something like that, from what I underdatand
<sommer> err understand
<cpumanaz> I'm not sure how to get the server CD to do those things because it's not designed to be a live installer.
<sommer> right it's a menu driven approach, but the link I posted earlier should walk you through the process
<sommer> it may take a couple of installs before you have it down though
<sommer> at least every time I try new disk layout options I end up doing it more than one :-)
<cpumanaz> I think I'll go that way, I did try once  setting all 3 drives to RAID type and then creating 1 raid device
<cpumanaz> It would only let me put 1 partition on it
<azteech> cpumanaz: server cd is also menu driven, because it doesn't include GUI's out of the box. Not that they can't be installed, but are not included on the cd ...
<cpumanaz> I'm not familiar enough with the limited console to do those things
<cpumanaz> I know it uses an ash shell, and the installed environment is different including some commands I'm used to not being installed.
<cpumanaz> I think sommer is onto the right Idea
<cpumanaz> What I found when creating drives that way is it could not install the boot loader
<cpumanaz> Do I need to have a non raid partition set as /boot?
<cpumanaz> if so, how can the system truely be redundant?
<azteech> cpumanaz: agreed, sommer has definetly pointed you onto the right direction ...
<azteech> don't believe you need to have a non-RAID partition set up - if you did that, I believe you would defeat the purpose of RAID ....
<cpumanaz> exactly
<cpumanaz> okay I'll try this again
<cpumanaz> This is something good to learn
<azteech> yep :)
<azteech> any further problems, you can always come back here for more help :)
<cpumanaz> okay changed back to ACHI
<centaur5> If I deleted the compat entries and replaced them with ldap in nsswitch.conf and can't get to root login from rescue mode is that machine screwed?
<thepeon> I was wondering if anyone can help with a proxy gateway problem??
<thepeon> I am trying to set my server up as a firewall.  My other linux box on the system can get to the internet with no problems, but my vista laptop is having dificulties
<cpumanaz> Okay, I now have sda,sdb,sdc  3 primary partitions on ech
<cpumanaz> okay going to configure raid with the 9 partitions
<azteech> cpumanaz: good luck :)
<cpumanaz> that's much easier I've got the mount points and the raid partitions, now let's see how install goes
<cpumanaz> I got a warning about rebooting because the kernel does not know about my raid partitons
<cpumanaz> at what point is it safe to do so?
<cpumanaz> it immediately went to formatting
<avri210984> hello
<avri210984> Hi guys i have a problem with postfix configuration
<avri210984> is anyone available to help ?
<philsf> !ask
<ubottu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<avri210984> When I run sudo dpkg-reconfigure postfix
<avri210984> when it asks for a local address extention I tried + and anything else i could think of but it still gives me an error and it dosent create the mail.cf file :(
<avri210984> it tells me that its a bad recipient delimiter
<cpumanaz> azteech: The install finished without error, but I don't believe it's locating grub.
<riddlebox> is there a default firewall that is installed in server?
<hads> ufw is installed by default I believe
<hads> But nothing is blocked by default if that is what you are asking.
<riddlebox> hads, yeah I installed asterisk on it, and I cannot get a sip client from the net to connect but local clients can
<hads> Quite possibly an Asterisk config issue.
<riddlebox> hads, I have everything setup "correctly" and my router firewall has been forwarded and it all worked, before...
<cpumanaz> azteech: I believe if your going to do software raid, your /boot has to be on one of the drives (not in a raid)
<cpumanaz> It  won't boot for me
<cpumanaz> The only thing I can think of is to take the /boot out of the array
<cpumanaz> I can duplicate it on all 3 drives
<cpumanaz> but any kernel updates will only happen once place so again, not redundant
<cpumanaz> Is there a linux raid channel?
<cpumanaz> the only crappy option I have now is using Alpha 6 live CD, and my fakeraid
<cpumanaz> install and then upgrade and start removing crap
<cpumanaz> because I happen to have one of those nvidia cards :P
<uvirtbot> New bug: #289299 in samba (main) "winbind (samba 3.2) does not populate pw_gecos information for domain users" [Undecided,New] https://launchpad.net/bugs/289299
#ubuntu-server 2008-10-26
<wo0f> yo
<wo0f> is there any meta package for a vnc server?
<zul> no
<uvirtbot> New bug: #289367 in ipsec-tools (main) "camellia cipher does not work in racoon" [Undecided,New] https://launchpad.net/bugs/289367
<[Solars]> can you strip the ownership of files and folders... as well as groups?
<Weasel[DK]> Rideh, did you get your LDAP stuff working ?
<scuser> dear all, I'm trying to run the command "fs setacl /afs system:anyuser rl" and It gives this error "you don't have the required acess rights on /afs" and afs is not accessible by the cd command even when I logon as root, any ideas please?
<Wobert_> Hi guys i have a bugged sources.list file - can i fix this ?
<Wobert_> its on a server ofc, so its not like i can just plug in a cd and reinstall :/
<MatBoy> not if it's wise or not, but is it simply possible to remove sudo like you have on a debian system ?
<uvirtbot> New bug: #289470 in open-iscsi (main) "open-iscsi user-space does not match kernel module version" [Undecided,New] https://launchpad.net/bugs/289470
<Rideh> Weasel[DK]: heya
<Rideh> i'm at home now - the server i was working on is in an office that i can't ssh into
<Rideh> but no i never got pam working properly
<Weasel[DK]> Rideh, i found this one... maybe you should have a look at it. there are a few strange things in there, but it maybe can help you find what is missing in your setup
<Weasel[DK]>  http://linuxadministration.us/2008/05/17/ubuntu-804-hardy-ldap-client/
<Rideh> Weasel[DK]: ty
<Rideh> Weasel[DK]: looks like my bind problem may have been because i was using an ip for the uri
<Rideh> instead of the domain
<Rideh> Weasel[DK]: good find, ty
<Weasel[DK]> Rideh, NP ;) messing with similar stuff my self :)
<Rideh> Weasel[DK]: i'm actually working with a debian server instead of ubuntu server now in my virtual machine
<Rideh> setup / installed so much more smoothly
<Weasel[DK]> OK, last time was looking at debian i found it very "harry" to work with. Which VM are you using
<Weasel[DK]> Rideh, ?
<Rideh> vmware workstaiton
<Rideh> *workstation
<Weasel[DK]> Rideh, the free one
<Rideh> yes
<Weasel[DK]> Rideh, ok i downloaded it but have not had time to try it... :(
<Rideh> well thats vmware server, i'm using vmware workstation so 30 days trial
<arooni> im looking for a mail server that allows me to easily create/edit/update accounts from a web ui, and runs on ubuntu hardy server.  server should also be REALLY easy to set up.  suggestions?
<arooni> i was thinking kolab?
<s000501> Some help needed with NetBIOS hostname resolution.
<s000501> Adding "wins" to /etc/nsswitch.conf worked for Â«ping pc-xÂ», etcetera
<s000501> But since that change Â«smbclient -v \\\\pc-x\\share -U pc-x\\AdministratorÂ» fails.
<uvirtbot> New bug: #288914 in ntp (main) "Basic logic of NTP should not require constant use of ntpdate and restarting of ntpd (dup-of: 114505)" [Undecided,New] https://launchpad.net/bugs/288914
<drbrown> is xen dom0 support going to be removed from intrepid, or not included?
<djdarkman> hello can someone help me out with setting up a mail server?
<TANATHOS> hi
<TANATHOS> what kind of mail server ?
<djdarkman> TANATHOS: this is what I wanted to do: https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto
<djdarkman> and I've even posted the problem on the forum: http://ubuntuforums.org/showthread.php?t=959189&goto=newpost
<TANATHOS> dj
#ubuntu-server 2009-10-19
<gary0> yep.
<gary0> that's what it's for  =)
<JanC> right  :-)
<gary0> i've got a hardware RAID card with 4 drives, and room for 4 more. i wanna store my uncompressed HD on here so i can access it via OpenVPN from work.
<gary0> but i'm not good with deleting, so i'll prob need to add drives over time to the full 8.
<JanC> do you also use LVM?
<Bilge> LUKS doesn't partition drives, it formats them
<gary0> i didn't think i'd need to, since this will be the only partition on the RAID array.
<Bilge> You might be getting confused between LUKS and LVM
<gary0> i encrypted the standalone drive, too, and used LVM to cut it up into a few ext3 partitions for some VMs.
<JanC> I think LVM is what you would need to be able to enlarge "logical disks"
<gary0> yeah, LVM let's you resize live partitions dynamically.
<gary0> but since i'm only going to have the one partition on the RAID, i don't *think* i need it.
<gary0> the only think that made me pause was when i realized that i wasn't sure if i could add more free space to the encrypted partition.
<gary0> linux's handling of partitions is new to me... with windows, it's all much simpler.  =P
<JanC> gary0: it's not simpler, you just have less options  ;)
<gary0> exactly.
<gary0> i mean, if i just drop encryption and format the drive as XFS, i can add new free space to the XFS partition.
<JanC> I'm not an LVM expert, but I think you'd want to use it for the purpose you're describing
<gary0> maybe.
<gary0> i first heard of LVM 2 days ago, when i started researching all this.
<JanC> windows has something like LVM too, it's just less powerful  ;)
<JanC> and on linux/unix, people like to put things into layers
<gary0> i noticed.
<gary0> in the installer, i took the standalone drive and set it as a 'physical volume for encryption'
<gary0> which crated a new drive.
<gary0> then i took that and created an LVM group in that.
<gary0> then in the group i created the actual partitions.
<gary0> it certainly makes sense.
<JanC> once you get used to it
<gary0> and i'm pretty sure i found info on how to add another physical drive to the encrypted volume... which i can then include in the VG, and then in the VPs
<gary0> but i couldn't find anything on adding existing free space on the existing physical drive.
<gary0> or maybe i did and just didn't know that i'd found what i was looking for.
<JanC> except that currently your data on the RAID isn't inside a LVM layer?
<gary0> well i don't have any data on the RAID yet, even.
<gary0> i'm still at the installation screen  =P
<JanC> oh, in that case
<JanC> not sure about the installation screen
<gary0> right now, i've partitioned the system drive... and i was about to partition the RAID when this worry came up.
<gary0> ubuntu server's automated installer that comes on the CD
<gary0> well, the CD image on the site.
<JanC> I'd certainly make sure you use LVM in that case, if not possible during the install, then afterwards (or set up from the live CD before)
<gary0> http://kuparinen.org/martti/comp/ubuntu/en/cryptolvm.html
<gary0> that's the guide i found for setting up an encrypted partition.
<gary0> i guess using LVM doesn't hurt regardless of anything.
<gary0> it adds a layer, but as long as i can figure it out, it's not an issue.
<JanC> every layer slows things down a very little bit, but if you want encryption, that slows things down a lot...  ;-)
<gary0> well since i'm gonna be accessing this over the LAN, even with jumbo frames i won't get transfer rates higher than 60-70MB/s
<gary0> so the access time isn't an issue.
<JanC> transer rates != access times, but whatever  ;-)
<gary0> however, i was hoping to also use the server (Phenom II x2) to do transcoding and run a few VMs, so if encryption increases the cpu usage a lot, that will definitely affect me.
<gary0> i just meant that i can't imagine 4 drives in a RAID5, even with a slowdown due to on-the-fly encrypt/decryption, dropping below the 70MB/s read throughput.
<gary0> unless you meant slow things down as in the system itself...
<JanC> gary0: that's exactly the sort of thing only you can determine; every layer slows things down, and encryption slows things down considerably, but if the slow-down  is acceptable for your purpose, that's okay! ã
<JanC> it's a cost/benefit decision
<gary0> i have no idea how much of an effect it'll have.
<gary0> i guess i'll have to try and see.
<gary0> can i remove the encryption once it's in?
<gary0> or would i need to back up the data and repartition everything from scratch?
<JanC> last option, I fear
<JanC> if you have spare diskspace, you can move things around of course
<JanC> I doubt encryption would be an issue though
<gary0> i guess we'll see..  thanks for the help  =)
<luddite33> hi all - just wondering if anyone is running 9.10 beta with a apache/mysql setup up thats in production yet?
<jmarsden> Why would anyone with any sanity run a beta OS on a production server? :)
<KurtKraut> jmarsden, the high adoption of Windows on servers (and even desktops) shows how people are tolerant with system failures.
<selje> ebox users?
<uvirtbot`> New bug: #285439 in backuppc (main) "backuppc does not play nicely with updatedb" [Wishlist,New] https://launchpad.net/bugs/285439
<DKcross> hello, some know any tool with i can read what is the distro of any server?
<DKcross> I'm trying with nmap
<DKcross> sudo nmap -O  200.30.138.227
<qman__> DKcross, nmap is about the best you can get, since that information is (for good reason) not explicitly reported by remote hosts
<qman__> properly configured firewalls further obscure the information
<DKcross> qman__, thanks, my dude is for one reason.... i have hosting server, but i'm not sure what distro use...
<qman__> DKcross, if you have shell access, check /etc/issue
<DKcross> is linux but i don't know if centOS or redhat..i'm no sure
<qman__> and uname -a
<qman__> centOS and redhat are quite similar
<DKcross> qman__, Linux pikachu 2.6.29.6-aufs2-grsec-v1.4-i686-opt #10 SMP Sat Oct 3 10:27:32 PDT 2009 i686 GNU/Linux
<DKcross> this line is about uname -a
<qman__> yeah
<qman__> probably a custom kernel, I don't know of any distros code-named pikachu
<qman__> cat /etc/issue, if it's there
<qman__> might tell you
<DKcross> yes!
<DKcross> is debian server
<DKcross> [pikachu]$ cat /etc/issue
<DKcross> Debian GNU/Linux 3.1 \n \l
<qman__> nice
<qman__> personally, I really dislike redhat and derivatives
<DKcross> :o
<DKcross> what is your favorite o prefere?
<qman__> ubuntu, naturally
<qman__> but I like the debian way far better than the redhat way
<qman__> I'll even take BSD over redhat
<DKcross> good
<DKcross> what about open suse like server?
<DKcross> yes i know is similar to red hat.. because is a derivatives..
<qman__> I've actually never used suse
<DKcross> ohh ok.
<qman__> I've only used redhat 9, fedora, RHEL and centOS
<qman__> didn't much like any of them
<DKcross> RPM systems
<qman__> I much prefer apt/dpkg to yum and rpm, and I like the way debian does init scripts and conf files over redhat's tools
<qman__> and just a number of other bits about how the systems are configured
<DKcross> qman__,  +1
<DKcross> :D
<proteusguy> does Ubuntu offer a system I can run locally that let's me build my own private cloud supporting EC2 apis? i want to be able to migrate back&forth between my own cloud and EC2.
<erichammond> proteusguy: Take a look at Eucalyptus in Karmic.
<MazuGrazus> Hellow, does ubuntu fully run cloud computing? what can i do using ubuntu cloud?
<proteusguy> erichammand: this is what i've heard of but does it let me migrate my environment between my local cloud & ec2?
<Brylie> sommer: thanks for writing the ubuntu server guide :-)
<uvirtbot`> New bug: #454521 in eucalyptus (main) "Eucalyptus installer should skip range-of-public-ip's question in favour of DHCP" [Wishlist,Triaged] https://launchpad.net/bugs/454521
<uvirtbot`> New bug: #454540 in eucalyptus (main) "DHCP requests for public IPs should use DHCP options" [Wishlist,Triaged] https://launchpad.net/bugs/454540
<uvirtbot`> New bug: #455246 in eucalyptus (main) "Unnecessary depend on "ecj" adds too many packages to server CD" [Wishlist,Triaged] https://launchpad.net/bugs/455246
<blinkiz> Hi. Am trying to automate installation of a package from repository. It asks three questions with debconf style. I know I can pre define these answers with debconf-set-selections. problem is, I don't know the string to set with debconf-set-selections. How can I find out what the package are questioning about? I guess it's in the source package and debian directory?
<blinkiz> oh, found it. debconf-get-selections.. Okay. That was not so hard ;)
<nijaba> ttx: I have finished testing/updating UECInstall, should we proceed doing the switch with UEC?
<nijaba> that is on help.ubuntu.com/community/ of course
<ttx> nijaba: can't look right now, but that seems like a good idea, if the right pointers are present
<nijaba> ttx: right pointers?
<ttx> The "UEC" doc should stay to cover multi-component install ?
<ttx> (granted, it needs some fixes right now)
<ttx> maybe rename UEC -> UECmanualinstall and UECinstall -> UEC ?
<acalvo> hi
<acalvo> anyone know if the keyserver.ubuntu.com is down?
<acalvo> been trying to get a gpg key for about an hour or so and still not able to
<nijaba> ttx: renaming to UEC/PackageInstall
<nijaba> ttx: pointer is already in place
<ttx> nijaba: ok, cool
<soren> acalvo: I've had problems as well. Try another one instead.
<soren> acalvo: Like subkeys.pgp.net or something.
<nijaba> ttx: done
<acalvo> soren: thanks
 * soren lucnhes
<soren> ..and lunches
<_ruben> sounds like a plan
 * nijaba lunches and goes get a haircut :P
<J_P> hi all
<J_P> people, how I change in clock time of BRT to BRST?
<soren> J_P: You don't. It happens automatically.
<J_P> soren: yes, if as configured corectaly when was intalled. So agaim, how I change the timezone?
<soren> J_P: You don't.
<soren> It happens automatically.
<J_P> soren: here not happen
<soren> You don't have to manually  take care changing anything when daylight savings time kicks in.
<J_P> soren: here not happen
<soren> J_P: What does "date" say?
<J_P> soren: Seg Out 19 07:55:54 BRT 2009
<J_P> soren: in other machine I have right clock: Seg Out 19 08:56:40 BRST 2009
<soren> J_P: Which version of tzdata do you have installed?
<J_P> soren: I don't know, where I see?
<soren> dpkg -l tzdata
<J_P> soren: ii  tzdata                            2007e-0ubuntu0.7.04               Time Zone and Daylight Saving Time Data
<soren> You're running Feisty?
<J_P> soren: yes, feisty = 7.04
<soren> Feisty has not been supported for almost a year.
<soren> That's your problem.
<J_P> soren: yes, I know
<J_P> soren: is a joke, I need updagrade just because tzdata is not upgrade
<soren> Your tzdata version does not have correct information about when Brazil has daylight savings.
<soren> What?
<J_P> soren: yes, But I can update just tzdata, and not entire distribuition right
<soren> J_P: Feisty is not supported anymore. At all.
<J_P> soren: ok, thanks
<soren> You're likely vulnerable to a whole bunch of security problems.
<soren> You really, /REALLY/ should upgrade.
<soren> But yes, you can probably grab tzdata from a later ubuntu version and install that.
<soren> But you really, really, really should upgrade ASAP.
<J_P> soren: ASAP?
<soren> As Soon As Possible.
<J_P> ahh ok
<soren> Like... Right now.
<soren> Yesterday, if you can.
<J_P> soren: I a server, is more complicated..
<J_P> soren: because this , Now I just use ONLY LTS in servers
<soren> The version of tzdata you have is not even the most current one for Feisty.
<soren> http://old-releases.ubuntu.com/ubuntu/pool/main/t/tzdata/tzdata_2008g-0ubuntu0.7.04_all.deb
<soren> Try installing that one and see if it fixes it.
<soren> J_P: ..but you should still upgrade.
<J_P> soren: ok
<J_P> soren: I just copy /etc/locatime from 8.04 to 7.04 and works :-)
<J_P> soren: but I will upgrade it.. :-)
<Bilge> How could I get a file from a package without installing the entire package
<Bilge> For example just the init.d script
<zul> morning
<sommer> mornings :)
<Omahn> Hello all. Would this be the correct please to ask someone to follow up on a sponsorship request for bug 341256?
<uvirtbot`> Launchpad bug 341256 in unattended-upgrades "RFE: unattended-upgrades should identify host." [Medium,Fix released] https://launchpad.net/bugs/341256
<Omahn> That one :-)
<UnixDawg> morning any of the server devs here
<Omahn> Ah, cool. Any takers? :-)
<UnixDawg> I need help with some php mods I am not fimding in the repos
<UnixDawg> php5-xml php5-json php5-xmlwriter php5-xmlreader php5-posix php5-iconv php5-hash php5-simplexml php5-pcre php5-filter php5-dom php5-session php5-spl
<acalvo> UnixDawg: apt-cache search <string>
<acalvo> is what I usually do to find packages
<UnixDawg> I did they are not there
<acalvo> or use aptitude
<UnixDawg> thats the issue
<acalvo> UnixDawg: I'd do apt-cache search php xml
<greenkernel1> hello
<UnixDawg> dont find them and I need them
<greenkernel1> I would like to run a file server. could someone help me please?
<UnixDawg> use nfs or samba
<acalvo> greenkernel1: take a look at the ubuntu community help about samba
<UnixDawg> your chooice
<greenkernel1> I'm not using ubuntu server edition currently. I'm using desktop version. but, I like to add a software to help my machine runs like a server.
<greenkernel1> is that possible?
<acalvo> UnixDawg: did you take a look at php5-cli? it includes several packages
<UnixDawg> yes
<acalvo> greenkernel1: in fact is easier if you're using the desktop version
<UnixDawg> I have it installed
<acalvo> just create a folder
<acalvo> and check share permissions
<acalvo> that'd run as a file server
<greenkernel1> okay .. what software should i install?
<UnixDawg> but looking in the/usr/lib/php 1/2 the modules are not listed in the extensions.ini
<acalvo> greenkernel1: nothing, just try to do that and it'd tell you what needs to be installed
<greenkernel1> try to do what? sorry .. I'm quite new to networking.
<acalvo> greenkernel1: just create a folder and try to share it
<acalvo> it will pop-up a dialog about options
<greenkernel1> share with who?
<acalvo> share across the network
<UnixDawg> none of these php mods show up
<UnixDawg> php5-xml php5-json php5-xmlwriter php5-xmlreader php5-posix php5-iconv php5-hash php5-simplexml php5-pcre php5-filter php5-dom php5-session php5-spl
<UnixDawg> none of them show up in the repo list or in the php modules dir
<UnixDawg> they are missing
<greenkernel1> okay .. I think I need to tell you what I want to do exactly first. I want to share my files with my friends.
<zul> ttx: have you seen the likewise open evenlog bug? bug 454164
<acalvo> across the network or across the internet?
<uvirtbot`> Launchpad bug 454164 in likewise-open5 "likewise-open5-eventlog doesn't properly install" [Undecided,New] https://launchpad.net/bugs/454164
<acalvo> greenkernel1: https://help.ubuntu.com/community/SettingUpSamba
<greenkernel1> and I don't want to upload my files to another server like hosting services.
<VK7HSE> anyone have a LAMP installed in Karmic? if so what is the result from ...   php -r 'var_dump(function_exists("gzopen"));'
<ttx> zul: yes, I saw that. I need to look into it
<greenkernel1> across the internet.
<UnixDawg> well this makes deb unuseable for the project
<UnixDawg> this sucks
<UnixDawg> to many pkgs missing
<acalvo> greenkernel1: ok then, you'll need to install a ftp server
<zul> ttx: just making sure
<acalvo> UnixDawg: look http://packages.ubuntu.com/jaunty/php5-cgi
<greenkernel1> I've already installed vsftpd and tested .. it didn't work for me.
<acalvo> this modules are already in this package: bcmath bz2 calendar ctype date dba dom exif filter ftp gettext hash iconv json libxml mbstring mime_magic openssl pcre posix Reflection session shmop SimpleXML soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer wddx xml xmlreader xmlwriter zip zlib.
<acalvo> greenkernel1: https://help.ubuntu.com/8.04/serverguide/C/ftp-server.html
<UnixDawg> I have installed all the php5 libs that are in the repo and still the modules/extensions I have klisted do not show up
<greenkernel1> I just want to share my files to others (no write access to my drive). some people said it's better to run a http server.
<greenkernel1> is that right?
<acalvo> greenkernel1: ftp means file transfer protocol, so I'd point to use FTP instead of HTTP
<greenkernel1> and before we discuss further, some people said I'm behind a NAT. is it possible to run a ftp server for me?
<UnixDawg> so deb lacks alot of the php extensions
<UnixDawg> O well
<acalvo> greenkernel1: it is, if you have access to the policies of your router and you can map the port 21 to your machine (or any other port you want to use)
<UnixDawg> root@ubuntupbx:/usr/lib/php5/20060613+lfs# ls curl.so    mysqli.so  pdo_mysql.so  pdo_sqlite.so  tidy.so mcrypt.so  mysql.so   pdo_odbc.so   sqlite3.so     xmlrpc.so mhash.so   odbc.so    pdo.so        sqlite.so      xsl.so
<greenkernel1> I think I don't have access to change the policies of the router.
<greenkernel1> how could I check if I have access to the router?
<UnixDawg> is all the php extensions that are installed
<UnixDawg> php5-xml php5-json php5-xmlwriter php5-xmlreader php5-posix php5-iconv php5-hash php5-simplexml php5-pcre php5-filter php5-dom php5-session php5-spl  are missing
<UnixDawg> and I have looked for them
<acalvo> UnixDawg: why don't you try to create a test file with the modules you need and see if they're already there?
<UnixDawg> and with out these extensions the php app wont work
<acalvo> greenkernel1: you should know the IP of your router, and the user/password to access the router configuration
<UnixDawg> I am a bsd person  trying to learn deb server . I dont know how to make pkgs on deb
<greenkernel1> okay .. how could I find the IP of the router?
<UnixDawg> there not there
<acalvo> UnixDawg: I don't think you'll need to create deb packages...
<UnixDawg> they would be listed in the extensions dir if they where
<uvirtbot`> New bug: #454263 in backuppc (main) "Update of backuppc (server) crashed on update (dup-of: 445154)" [Undecided,New] https://launchpad.net/bugs/454263
<UnixDawg> installed
<Bilge> How could I get a single file from a package without installing the entire package first?
<pmatulis> Bilge: 'apt-get source foo'
<UnixDawg> cd /usr/src
<Bilge> Does source mean source code only or would it include package maintainer's files such as init.d scripts
<Guest76209> greenkernel1: Run "route" and look at the default route's IP
<pmatulis> Bilge: everything needed to build the package
<pmatulis> Bilge: what package and what file are you after?
<Bilge> znc as it happens
<Bilge> init.d script
<Bilge> Does it make any difference?
<acalvo> UnixDawg: from what I can see, almost all your packages are or inside the -cli, -cgi or standalone (like -dom or -json)
<UnixDawg> well I would need a .deb for each module so I can install them on other servers when we build
<ttx> smoser: re:"Low" : will be fixed, but not in karmic
<smoser> right.
<greenkernel1> okay .. this is my route result >> http://paste.ubuntu.com/296819/ .. can you take a look please?
<acalvo> greenkernel1: ifconfig should tell you more about your network
<pmatulis> Bilge: i'm curious
<pmatulis> Bilge: what release?
<acalvo> greenkernel1: should be 10.64.64.64
<smoser> oh, and one other poke i forgot to put in that response... "if your product claims itself as 'EC2 compatible cloud'" then bugs like "this doesn't act like EC2" are kind of important, ttx
<UnixDawg> I have searched the system for the extensions they dont exist
<greenkernel1> okay .. how should I connect to that address?
<UnixDawg> so there for it means they where not installed
<UnixDawg> so they are not in any deb pkg
<ttx> smoser: yes, I just wasn't sure how common it was to crawl the metadata service like this
<Bilge> pmatulis: 8.04
<smoser> probably not too common. admittedly.
<acalvo> UnixDawg: I wouldn't say that
<acalvo> UnixDawg: check the forums, the community, google...
<Guest76209> greenkernel1: Try browsing to it in a web browser - http://10.64.64.64/
<zul> jdstrand: ping about bug #453453 (libvirt and pulsearmor) can that be closed now since the fix 453329 has been uploaded?
<uvirtbot`> Launchpad bug 453453 in libvirt "libvirt sometimes hangs when using pulseaudio" [Undecided,New] https://launchpad.net/bugs/453453
<greenkernel1> I can't connect to that address >> the connection was reset.
<Guest76209> greenkernel1: Are you at home or on a bigger network managed by someone else?
<greenkernel1> I'm at home.
<uvirtbot`> New bug: #455293 in eucalyptus (main) "UEC management interface still has Eucalyptus as title" [Wishlist,Triaged] https://launchpad.net/bugs/455293
<greenkernel1> but, I'm using a mobile broadband.
<UnixDawg> I have been I am not finding them anywehere
<UnixDawg> I have spent 4 days searching for answers and very little true help
<Guest76209> greenkernel1: Is it Telstra (Aus)?
<UnixDawg> with these php extensions
<greenkernel1> no .. it's StarHub (Singapore).
<Bilge> pmatulis: I don't think it has any init.d script > http://packages.ubuntu.com/hardy/amd64/znc/filelist
<VK7HSE> is there any love for Bug 439407
<uvirtbot`> Launchpad bug 439407 in zlib "Abort class-pclzip.php : Missing zlib extensions" [Undecided,Confirmed] https://launchpad.net/bugs/439407
<Guest76209> greenkernel1: OK, well with Telstra the way they have it set up is all the mobile users join a massive "LAN", with a private IP address (10.x.x.x). This makes it impossible for you to run a server on that connection and have it accessible from the outside.
<Guest76209> 10.64.64.64 would be a machine managed by your ISP
<greenkernel1> I have inet addr: 10.xx.xx.xx.xx when using ifconfig.
<greenkernel1> does that mean I can't run a server?
<Guest76209> That doesn't mean anything
<pmatulis> Bilge: yeah, i was looking at the same
<pmatulis> Bilge: interesting problem, let me know how you make out
<greenkernel1> some people said 10.xx.xx.xx is a private network and usually behind a NAT. that machine could not run as a server. is it true?
<UnixDawg> I have search the repos and the full system for the extensions
<UnixDawg> they are not installed and they are not in the repos
<acalvo> UnixDawg: post in the forums, mailing lists
<UnixDawg> so with ot them it makes ubuntu useless for our project
<Guest76209> 10.64.64.64 could be an externally accessible server, but your computer will not be thanks to your ISP's configuration
<VK7HSE> greenkernel1: as long as you set up port forwarding in your router it will work...
<Guest76209> He doesn't have a router - it's wireless
<greenkernel1> yes .. i have no router.
<VK7HSE> Oh! ok...
<VK7HSE> forget I spoke! ;)
<Guest76209> You'd need a land connection with a static IP
<greenkernel1> is there any solution to switch my current network to be a static one?
<Guest76209> No
<VK7HSE> Guest76209: or a DynDNS (or similar service) to forward your IP ...
<Bilge> pmatulis: it's not a problem, I've written init.d scripts before, I just thought I'd save myself some time, but all I did was waste it instead
<Guest76209> VK7HSE: Won't work, he's only joining a bigger LAN which is using a 10.x.x.x gateway, which is managed by his ISP
<pmatulis> Bilge: by problem I meant finding the script online or otherwise
<greenkernel1> That means I can't run a server with my current network?
<Bilge> pmatulis: I assume it doesn't exist
<Guest76209> greenkernel1: Correct
<Bilge> pmatulis: http://doomclaw.de/index.php/2009/08/18/run-znc-at-boot-with-an-init-script/
<VK7HSE> Guest76209: I was referring to your comment "You'd need a land connection with a static IP"
<Guest76209> Oh
<VK7HSE> I don't have a fixed IP (from ISP) but I use DynDNS instead! ;)
<greenkernel1> So, no one is able to connect to me directly?
<Guest76209> I manage a company's network as part of my work... and their ISP stopped their landline ADSL connection and said they couldn't supply it any more. They told them they can run servers on their wireless product (3 year contract), which they can't. I had to move their mailserver offsite and now I can't even remotely managed their network.
<Guest76209> Correct
<aubre> are there daily ISO updates? where can I get them?
<VK7HSE> Guest76209: was that a Telstra suggestion?
<Guest76209> Yes
<VK7HSE> Gahh! typical... maybe have a look at Internode they are very good for business plans...
<greenkernel1> can you connect to me directly if you know my IP address?
<Guest76209> Their ADSL started dropping out. They reconnected it multiple times but it kept dropping out almost immediately. Then they said they can't do it, despite them having used it for years before.
<pmatulis> aubre: for karmic?
<Guest76209> greenkernel1: No
<aubre> pmatulis: yes, I was wanting to test the latest UEC CD install
<pmatulis> aubre: http://cdimage.ubuntu.com/daily/current/
<aubre> grazi
<Guest76209> Internode wouldn't work either. They're right on the edge of the exchange reach
<greenkernel1> okay .. you can't connect to me .. but, can I connect to you if I know your IP address?
<Guest76209> Yep
<greenkernel1> ham .. I can connect to you .. but why can't you connect to me?
<Guest76209> Because when you connect out your ISP's router remembers that you sent a request. When it gets a response for that request it sends it back to you.
<Guest76209> If I try to connect to you, I reach your ISP's router and it doesn't know who I actually want to connect to, so it won't work that way.
<greenkernel1> you have my IP address to connect with, right?
<Guest76209> No
<Guest76209> If you went to www.whatismyip.com it would tell you the external IP of your ISP's router
<Guest76209> Another user on your ISP's mobile service would get the same IP
<Guest76209> And your computer's IP is a private address (starts with 10.x.x.x), so I can't connect to it
<greenkernel1> so how does our ISP's router know what the IP address of my machine is?
<Guest76209> You connect to it when you turn on your wireless device
<greenkernel1> can you connect to me using that device's address?
<Guest76209> No, it's a private address
<greenkernel1> private address means one way traffic .. outgoing only?
<Guest76209> Sort of
<Guest76209> There are a few IP ranges which are officially private addresses and shouldn't be assigned publically
<Guest76209> One is the 10.x.x.x range
<Guest76209> My own network could use a 10.x.x.x range
<Guest76209> And if your public IP was 10.1.2.3, how would my computer know whether I mean 10.1.2.3 in my own network, or the public address?
<Guest76209> Answer: it wouldn't, which is why private addresses aren't allowed to be assigned publically
<greenkernel1> can you assign your machine that 10.1.2.3 is not your network but, another private network?
<Guest76209> No
<Guest76209> Would be nice if you could though
<nijaba> ttx: soren: still get "EC2 responded with an error for DescribeInstances" in ElasticFox connecting to a 1.6 clc...
<ttx> nijaba: euca version ?
<Guest76209> To connect to a specific machine in a different network you'd connect to their external address (router) on a port, say port 80 which is web traffic
<Guest76209> Then your router forwards port 80 to a machine in the network, which is configured in the router
<nijaba> ttx: 1.6~bzr931-0ubuntu3
<Guest76209> But your ISP manages their router and they won't configure a port forward just for one user
<ttx> nijaba: that one should be alright
<ttx> nijaba: Neil Soman upstream has been testing this, maybe he could give some insight
<greenkernel1> okay ... so, there is no way to connect to me directly?
<nijaba> ttx: is he in #eucalyptus?  what nick?
<ttx> nijaba: no clue, you can use email though
<Guest76209> greenkernel1: Correct, unless you got a different type of internet connection such as landline ADSL
<Guest76209> I have to go to bed
<Guest76209> Bye
<nijaba> ttx: ok, I will
<greenkernel1> bye Guest76209
<greenkernel1> have a good dream.
<greenkernel1> and good night.
<greenkernel1> thanks a lot for your help.
<Guest76209> Oh yes, I dream about internet routing and IP addressing
<greenkernel1> ^^
<uvirtbot`> greenkernel1: Error: "^" is not a valid command.
<aubre> I think the latest version is 1.6~bzr931-0ubuntu5
<uvirtbot`> New bug: #454566 in chkrootkit (main) "False positive for SucKit" [Low,Incomplete] https://launchpad.net/bugs/454566
<jdstrand> zul: 453453 is not fixed. apparmor didn't cause the problem. fixing #453329 only makes #453453 noticeable. I talked to kirkland about it at length on friday. he said he was able to reproduce it, though I don't recall how
<zul> k
<zul> so im gonig to set it to confirmed
<jdstrand> zul: that sounds fine. I invalidated the apparmor task
<zul> thanks for the heads up
<jdstrand> np
<ttx> kirkland: Depending on "ecj" instead of "libecj-java" was introducing all GCJ on the server CD, extra 25Mb. I uploaded a new eucalyptus to fix that
<ttx> kirkland: also the release team asked me to fix urgently the transitional packages in qemu-kvm (that also resulted in breaking UEC Node install completely)
<ttx> kirkland: bothe fixes are in, new ISo spin should arrive in the next hour
<kirkland> ttx: thanks so much
<ttx> kirkland: hopefully everything RC should be fixed in that one -- until the next issue is found :)
<ttx> kirkland: when you'll have caught up with email, I'd welcome a short session on euca bugs with you, to validate the RC/targets-of-opportunity nominations we have so far.
<kirkland> ttx: sounds good, give me a few minutes to catch up on email, and make some coffee
<ttx> kirkland: i.e. what we need to solve, and what we could solve before release
<Omahn> Any server devs free to sponsor me on bug 341256?
<uvirtbot`> Launchpad bug 341256 in unattended-upgrades "RFE: unattended-upgrades should identify host." [Medium,Fix released] https://launchpad.net/bugs/341256
<ttx> Omahn: I can try to do it tomorrow if noone else gets to it before
<Omahn> ttx: That would be great, thanks. I have an evening ahead planned on reading about the MOTU processes and structure so I might have a better idea tomorrow of the procedure anyway :-)
<nijaba> ttx: are we aware that the cloud controller services do not restart correctly after a reboot?
<ttx> nijaba: define "do not restart correctly" ?
<nijaba> ttx: got error trying to connect to the admin interface, add to manually restart the services for it to work
<ttx> nijaba: bug 444352 ?
<uvirtbot`> Launchpad bug 444352 in eucalyptus "DB deadlock on reboot prevents UEC from working, temporarily" [Low,Triaged] https://launchpad.net/bugs/444352
<ttx> nijaba: please look for DEADLOCK / Resetting hard messages in cloud-output.log to confirm
<nijaba> ttx: this is what I am doing
<ttx> nijaba: if you reproduce, try to connect 6 times in a row and see if that persists
<ttx> nijaba: and if that's the same issue, I'd raise prri on this bug (so far I was the only oen to reproduce it)
<nijaba> ttx: yep, that's the case.  Trying to reprodice
<ttx> s/prri/rpio
<ttx> prio
<ttx> grmbl
<nijaba> yep
 * ttx shouldn't try to type on two keyboards at the same time
<ttx> nijaba: please comment on that bug if it looks the same.
<nijaba> ttx: grr... can't reproduce
<nijaba> will try again
<ttx> nijaba: did you get those DEADLOCK things in your logs ?
<nijaba> ttx: yep I did
<nijaba> ttx: was rebooting after an apt-get upgrade though
<ttx> nijaba: even if you can't reproduce, please comment on the bug, so that I don't look like the only idiot with that bug.
<nijaba> ttx: nobody would ever consider you are an idiot!!
<ttx> nijaba: yeah, right...
<kirkland> ttx: okay, bug scrub?
<ttx> kirkland: yay
<ttx> kirkland: at that point there is no RC-targeted bugs for eucalyptus (release blockers), and a few karmic nominations (targets of opportunity in those frozen times): bug 453456, bug 444352 and bug 455293
<uvirtbot`> Launchpad bug 453456 in eucalyptus "excessive logs in /var/log/eucalyptus" [Low,Triaged] https://launchpad.net/bugs/453456
<uvirtbot`> Launchpad bug 444352 in eucalyptus "DB deadlock on reboot prevents UEC from working, temporarily" [Low,Triaged] https://launchpad.net/bugs/444352
<uvirtbot`> Launchpad bug 455293 in eucalyptus "UEC management interface still has Eucalyptus as title" [Wishlist,Triaged] https://launchpad.net/bugs/455293
 * kirkland opens
<ttx> I was about to remove the deadlock one when nijaba reproduced it
<ttx> so I'm not sure about it
<ttx> I think at that point it would be a SRU
<kirkland> ttx: yeah, i think we should leave that one as a placeholder for now
<kirkland> ttx: i think there is probably something wrong
<kirkland> ttx: it's probably just complex to reproduce
<ttx> Removing as a karmic target then
<kirkland> ttx: we may get users reporting it
<kirkland> ttx: agreed
<ttx> kirkland: you agree that the other two may still get fixed ?
<kirkland> ttx: regarding logs ...
<kirkland> ttx: nurmi says that eucalyptus rolls its own logs
<kirkland> ttx: i didn't see anything in logrotate.d so I didn't know that
<kirkland> ttx: he says that they definitely *won't* grow indefinitely
<ttx> yes, they do... but they are still too noisy by default
<kirkland> ttx: right, the noisy thing is related, and should also be fixed
<kirkland> ttx: i don't think it's release critical
<ttx> keeping it as a target of opportunity
<kirkland> ttx: if there was *no* rotation, then i think it's more importatn
<ttx> oh its definitely not release-critical
<ttx> but we could still attempt to fix it
<ttx> since a saner conffile default is good to have out of the box
<kirkland> ttx: okay, i agree with that
<ttx> bug 455293 is harmless and we may have another branding round anyway, so keeping it as a target of opportunity as well
<uvirtbot`> Launchpad bug 455293 in eucalyptus "UEC management interface still has Eucalyptus as title" [Wishlist,Triaged] https://launchpad.net/bugs/455293
<ttx> kirkland: anything in https://bugs.launchpad.net/ubuntu/+source/eucalyptus that we might still try to fix before release ?
<ttx> I think anything else is quite risky at that stage.
<kirkland> ttx: yeah, i was hoping friday's uploads were the *last*
<ttx> kirkland: sorry :)
<kirkland> ttx: i don't see anything as critical as the tmpfile or the network/ip address issues we solved on friday
<kirkland> ttx: the branding stuff is perhaps 'critical' from a business perspective
<kirkland> ttx: at least that is low risk
<kirkland> ttx: as for the ecj issue, my apologies
<kirkland> ttx: at some point during my testing i realized that i only needed libecj-java
<kirkland> ttx: and i built a test package with that, but forgot to commit that into the source tee
<kirkland> tree
<uvirtbot`> New bug: #361169 in xinetd (main) "[jaunty] xinetd upgrade invokes itox incorrectly" [Low,Won't fix] https://launchpad.net/bugs/361169
<kirkland> ttx: my fault, very sorry
<ttx> kirkland: just test the heck out of 20091019.1 when it's out
<ttx> kirkland: since I couldn't do any testing today
<kirkland> ttx: okay
<kirkland> ttx: yeah, our roles have reversed :-)
<kirkland> ttx: and thanks for the qemu-kvm fix; i just took that one from james_w
<ttx> kirkland: ok, so nothing else in that list that we might /try/ to fix before release ?
<ttx> kirkland: yes, not your fault :)
<nijaba> kirkland: just added my comment and log to the deadlock bug
<kirkland> ttx: i'm looking...
<ttx> james_w can make errors, apparently. I used to think he was immune to that.
<kirkland> ttx: the dpkg-stateoverrides one is clearly wrong, easy to fix, high risk of regression; defer to lucid
<uvirtbot`> New bug: #359473 in vm-builder (universe) "vmbuilder crashed with NameError in deploy()" [Low,Incomplete] https://launchpad.net/bugs/359473
<uvirtbot`> New bug: #378639 in vm-builder (universe) "firstlogin script can't be executed because the permission of /root directory is 0700 in the virtual machine created by python-vm-builder " [Low,Incomplete] https://launchpad.net/bugs/378639
<kirkland> ttx: we do need an NC upstart script; but also should defer that to lucid
<ttx> kirkland: if they are not nominated to karmic, they are lucid targets now
<kirkland> ttx: okay
<kirkland> ttx: the one-NIC bug kinda sucks
<kirkland> ttx: but i don't think we should touch the installer right now
<kirkland> ttx: i had a look at fixing that one; it's harder than it sounds
<ttx> kirkland: definitely *not* a good idea :)
<ttx> kirkland: on another subject, you have bug 443080 nominated to karmic
<uvirtbot`> Launchpad bug 443080 in mountall "ecryptfs mount does not support -f (fake mount)" [Medium,Fix committed] https://launchpad.net/bugs/443080
<ttx> is it still something you expect to land in karmic ?
<kirkland> ttx: i'm not fixing that for karmic
<ttx> ok, removing nomination then
<kirkland> ttx: it's marked won't-fix
<ttx> ah
<ttx> for some reason it's appearing in your buglist
<kirkland> ttx: how do i un-nominate?
<ttx> you did it right, it's the mountall part that fucks the buglist up
<ttx> kirkland: see http://qa.ubuntu.com/reports/team-assigned/canonical-server-assigned-bug-tasks.html
<kirkland> ttx: yeah, i'll fix that upstream, at some point
<kirkland> ttx: before lucid, but not right now
<ttx> kirkland: it appears in that list
<ttx> as Wishlist/Triaged/KK
<ttx> probably a bug in the report.
<ttx> kirkland: I opened bug 455411, and its still a target of opportunity for karmic
<uvirtbot`> Launchpad bug 455411 in qemu-kvm "Conffiles from kvm are left around on upgrade from Jaunty" [Low,Triaged] https://launchpad.net/bugs/455411
<ttx> kirkland: its a leftover of the transition packages migration as well
<ttx> kirkland: slangasek asked me to fix urgently the RC portion of it, so I left that part out
<kirkland> ttx: okay
<kirkland> ttx: thanks for the tracker
<ttx> kirkland: just so you know it's still a target of opportunity
<kirkland> ttx: right
<ttx> definitely not release critical, since its harmless
<kirkland> ttx: i spent the second half of friday trying to fix sound in qemu-kvm
<ttx> 20091019.1 is out
<uvirtbot`> New bug: #408298 in postfix (main) "package postfix 2.5.5-1.1 failed to install/upgrade: le sous-processus post-installation script a retournÃ© une erreur de sortie d'Ã©tat 1" [Low,Incomplete] https://launchpad.net/bugs/408298
<kirkland> ttx: syncing
<ttx> kirkland: doublecheck MD5sums since sometimes the current/ link is outdated
<ttx> I should have time to do basic testing before I stop for the day.
<lamont> zul: 408298 is, near as I've been able to figure out, someone nuking /etc/postfix and then upgrading postfix and wondering why it doesn't work
<zul> lamont: ok *sigh* ;)
<uvirtbot`> New bug: #327348 in kvm (universe) "keep losing ability to type in guest" [High,Fix released] https://launchpad.net/bugs/327348
<uvirtbot`> New bug: #321049 in ntp (main) "clock skew causes ntp failure on boot" [Low,Incomplete] https://launchpad.net/bugs/321049
<nijaba> Congratulations, server team, new Gartner linux market analysis from Gartner lists us among the leading distro!
<nijaba> Geoges Weiss to present this Gartner Datacenter Conference at the start of December
<zul> nifty
<ttx> nijaba: \o/
<LordBurrito> G'day.  Got some Dell 1750 rack-mount servers with PERC 4/Di RAID controllers.  Any show-stoppers on this platform with 8.04 LTS?
<uvirtbot`> New bug: #386619 in multipath-tools (main) "*** stack smashing detected ***: /sbin/mpath_prio_hds_modular terminated" [Low,Invalid] https://launchpad.net/bugs/386619
<addisonj> most likely no, use google to find out though
<addisonj> only possible problem might be the raid controllers
<iBLuCKy>  [HowTo] Fix Ubuntu Jaunty (9.04) Intel Graphics Problem and pules audio problem when i install graphic drivers?? please help
<iBLuCKy> i tryed the other room and no one is helping me wtf
<addisonj> thats because no one know how to help you
<addisonj> go back there and specify what your actual problem is
<addisonj> the more info, the more likely you are to get help
<iBLuCKy> thats the thing i new to linux
<iBLuCKy> i dont know how to say it
<iBLuCKy> everything is fine untill i install the graphics
<iBLuCKy> then i reboot
<iBLuCKy> and it make me run in low graphic
<LordBurrito> addisonj: I'll just have to give it a go.  It's the MegaRAID controller, so it *shouldn't* be a problem, I'm told.
<addisonj> most likely no, ubuntu has lots of raid support drivers
<SyL> am I able to use a 2.6.28-6-server kernel in karmic?
<addisonj> and since it is hardware raid you should be able to use normal install, software raids need the alternate install disc
<LordBurrito> *nod*
<LordBurrito> addisonj: Tnx
<ttx> kirkland, nijaba: just hit bug 452556 in ISO testing
<uvirtbot`> Launchpad bug 452556 in eucalyptus "euca-authorize default failing" [Medium,Confirmed] https://launchpad.net/bugs/452556
<nijaba> ttx: just do a run-instance, it will work right after !!
<ttx> yes, I saw that
 * soren pauses for dinner
<nijaba> was there a known install problem for NC on 20091019?  I have a journalist that is reporting an issue
 * nijaba does not know how to view history on iso.qa.ubuntu.com
<ttx> nijaba: yes
<ttx> 20090919.1 is the one to use now
<nijaba> ttx: ok, thanks
<ttx> nijaba: bug 455114 preventing Node install to succeed
<uvirtbot`> Launchpad bug 455114 in qemu-kvm "builds uninstallable package 'kvm'" [Critical,Fix released] https://launchpad.net/bugs/455114
<ttx> kirkland: amd64 tests passed / added my results to the ISO tracker
<ruben23> hi
<_BuBU> Hi there
<_BuBU>  I've a problems with number of group apache users belong under ubuntu... don't know if that's an issue for apache or for ubuntu
<_BuBU>  cat /proc/sys/kernel/ngroups_max
<_BuBU> 65536
<_BuBU> and I've several user/groups, basically 1 per virtualhost
<_BuBU> and apache belongs to all that groups
<_BuBU> rights on html files are user_xxxx:grp_xxxx and 0640 same for all images (jpg, ...)
<_BuBU> but seems first users sites are working fine.. and not after a certain number
<_BuBU> and if I update the group to have only apache to belongs to that non working user... it is working ! :(
<_BuBU> any idea ?
<spydmobile> Hi folks I am still trying to get my UEC operational, the backstory is here: http://paste.ubuntu.com/296974/ Can anyone point me to a next logical step?
<Family_> Is there anywhere I can study/learn the use of ubuntu server, other than ubuntu server guide
<Family_> or any linux manuals that would help understand using linux
<Family_> help in ubuntu server usage
<pmatulis> Family_: books (there is an official ubuntu server book) and/or online courses (offered by canonical) are options
<Family_> how much for the book, where from and do the courses cost
<pmatulis> Family_: courses: http://shop.canonical.com/index.php?cPath=21&osCsid=034c980130591292bc3c0a2dcc42aa2f
<spydmobile> Family_: More here: http://www.ubuntu.com/training
<Family_> Theres a couple of books about ubuntu sever
<Family_> which would be the best for me with no experience of linux
<MagicFab> Family_,    http://search.barnesandnoble.com/Official-Ubuntu-Server-Book/Kyle-Rankin/e/9780137036035
<Family_> u sure?
<Family_> what about http://www.amazon.com/Beginning-Ubuntu-LTS-Server-Administration/dp/1430210826/ref=sr_1_5?ie=UTF8&s=books&qid=1255973777&sr=1-5
<pmatulis> Family_: i wouldn't go for a server-specific book if you're just starting out with Linux
<Family_> yes but i must use a server specific OS
<Family_> so isint it best to get a book that is also one
<spydmobile> Family_: If you are targeting Ubu Server, dont settle for one book, get a few, these mentioned above for sure....
<pmatulis> Family_: well, learn about the basics of Linux and then move on to server-specific material
<spydmobile> Family_: also if you are new to it all, then perhaps a third edition on server 8.xx is a better approach than a first edition on 9.xx
<Family_> but im using 9.04, does things for 8.xx work for 9.04
<MagicFab> pmatulis, Family_ the book I cited starts from zero, literally
<MagicFab> check the ToC or sample chapters.
<pmatulis> MagicFab: thank you
<nijaba> kirkland: regarding your email, https://help.ubuntu.com/community/UEC/PackageInstall would be the closest we have to that, but would need quite a bit of rewriting to cover multi-cluster
<holddigga> Has anyone here successfully used KVM with a VMWare disk image? I tried to boot one up and it just pegged the host CPU at 100% and never booted (I left it going overnight). I was using Server 9.04 (Intrepid).
<EtienneG> mathiaz, kirkland: do you know if we still need to have an entry for "mailhost" on the CLC for the email to be sent correctly in Eucalyptus 1.6?
<mathiaz> EtienneG: hm - no
<mathiaz> EtienneG: technically eucalyptus tries first localhost, then mailhost
<mathiaz> EtienneG: however postfix is installed by default now
<mathiaz> EtienneG: so the first try with localhost should succeed
<EtienneG> mathiaz, ok good - you had to on 1.5 (the clc was forwarding mail through an MX by the name of "mailhost")
<EtienneG> mathiaz, on 1.5, it would not even try localhost
<mathiaz> EtienneG: reading through the code, it should try localhost first
<EtienneG> so just having postfix installed was not even, you had to add an entry to /etc/hosts
 * mathiaz nods
<EtienneG> mathiaz, that's good news (although it should really be configurable, if you ask me)
 * mathiaz nods
<EtienneG> mathiaz, while there, what are the tags you should use on a eucalyptus-related bug?
<EtienneG> like, on reported against another package but related to eucalyptus
<mathiaz> EtienneG: hm - if it's a problem with an image, use uec-images
<mathiaz> EtienneG: if it's a problem with euclyptus
<mathiaz> EtienneG: use eucalyptus
<EtienneG> mathiaz, ok, thanks, reporting a wishlist bug against d-i regarding the installer integration
<mathiaz> EtienneG: right - try to use the eucalyptus tag then
<zul> jdstrand: thanks for testing the sru (vblade) ;)
<EtienneG> it's weird that the cluster controller installer ask for the public IP range, but not for a private one
<EtienneG> I guess it defaults to 172.16.0.0/16?
<mathiaz> EtienneG: 172.19.0.0/24
<jdstrand> zul: heh-- I spent too much time trying to get vblade/aoe working in my hardy multipurpose vm for regression testing and didn't want someone else to do the same
<mathiaz> EtienneG: it's a debconf question - priority medium
<mathiaz> EtienneG: so won't be shown by default during the install
<EtienneG> mathiaz, ok, I guess the default is exotic enough not to be a problem
<jdstrand> zul: there was an article on it in Linux Journal recently, so I also updated https://help.ubuntu.com/community/ATAOverEthernet for Hardy as well
<zul> cool thanks
<jdstrand> zul: though perhaps an SRU for adding /etc/udev/rules.d/60-aoe.rules to aoetools wouldn't be a bad idea. it isn't needed for jaunty, but aoe won't create /dev/etherd without it
<jdstrand> zul: see my entry in the wiki for details
<Qwell> So, apparently I'm supposed to be asking here..  I'm a little confused about why Karmic will be shipping with an RC version of Asterisk 1.6.2.  Anybody able to comment on/discuss that?
<soren> Daviey: ^^
<soren> Qwell: Daviey's the mastermind behind asterisk here :)
<zul> jdstrand: good idea
<EtienneG> mathiaz, kirkland: the cluster controller install target ask for the private net interface *after* the dialog about the installation being finished.  Is that a known bug, or should I report it?
<EtienneG> (have not seen it in my bugmail, but I am not subscribed to d-i)
<mathiaz> EtienneG: *after* ?
<mathiaz> EtienneG: like just before rebooting?
<mathiaz> EtienneG: are you installing from an iso?
<EtienneG> mathiaz, yes.  You answer the question, and then it goes on to reboot.  very weird.
<EtienneG> yes, from today's ISO
<EtienneG> mathiaz, I understand this is an unreported bug then ...
<mathiaz> EtienneG: yes - I think so
<EtienneG> lemme try it again in a vm
<aubre> When I use the latest UEC iso on the cloud controller it configures the private interface to use dhcp - is it expecting a dhcp server of some kind to be running on the private network?
<aubre> or do I need to manually set a static ip for it? I ask because I am trying to follow http://help.ubuntu.com/community/UEC
<aubre> and this issue is not addressed
<mathiaz> EtienneG: hm - I think I know why
<mathiaz> EtienneG: do you have 2 network interfaces on the system right?
<EtienneG> mathiaz, of course
<aubre> EtienneG: mathiaz : I noticed this as well
<mathiaz> aubre: how many physical network interfaces do you have on your CC?
<aubre> mathiaz: 6 but I am only using 2 atm
<mathiaz> aubre: right
<mathiaz> aubre: well - the default for the installer is to setup a dhcp interface
<mathiaz> aubre: independently of UEC
<aubre> mathiaz: now I know I can set up my CC to use static private IP addressing, and I can set up static IPs on my nodes, but it needs to be clearer in the documentation
<EtienneG> aubre, the debian installer always configure only the primary interface.  with the UEC installation target, the primary is considered to be the public facing one, and the interfaces are left unconfigured.  I *think* this is of no consequence (the CC will run a dhcp server on that interface just for instances, using the eucalyptus private net range)
<mathiaz> aubre: right.
<aubre> mathiaz: can we make it clearer in the docs/online install ?
<Qwell> Daviey: Please nick highlight me when you're around, if you could.  I'm going to try to ignore this channel.
<aubre> mathiaz: or give the user the option to set up a static address on eth1 for example?
<Qwell> (until then, anyways)
<mathiaz> aubre: at this time of the karmic cycle documentation is the only option we have to work on
<aubre> mathiaz: ok
<mathiaz> aubre: hm - well - the UEC install will actually always set the private interface to run on dhcp if the private interface is different from the public interface
<aubre> mathiaz: also want to be sure to edit /etc/sysctl.conf and uncomment net.ipv4.ip_forward=1 too right? or is that not necessary?
<aubre> mathiaz: ok, maybe we just need to make sure that if that isn't going to work for some people that it shows up in the documentation
<mathiaz> EtienneG: could you file a bug about your issue?
<mathiaz> aubre: no - it's not needed anymore
<aubre> mathiaz: good
<mathiaz> aubre: ipv4 forward is automatically taken care of when the CC starts
<aubre> mathiaz: thanks for the help
<EtienneG> mathiaz, yep, reproducing it first to confirm
<mathiaz> EtienneG: right - I see why it does so
<EtienneG> mathiaz, I am starting to doubt the wisdom of defaulting to MANAGED-NOVLAN
<mathiaz> EtienneG: I'm not sure however why the prompt comes *after* the message to reboot is given
<EtienneG> SYSTEM was so much more straightforward ...
<mathiaz> EtienneG: I think the main issue with MANAGED-NOVLAN is to get the network environment setup properly
<EtienneG> mathiaz, I trust this bug will be shallow to cjwatson
<EtienneG> mathiaz, indeed ... but moreover, there are external dependencies (not running DHCP on the "private" lan, etc)
<EtienneG> mathiaz, this seems like a recipe for disaster
<EtienneG> mathiaz, and there is a couple of "architectural" decision to be made that really do not have a good one-size-fit-all default
<mathiaz> EtienneG: well - the default configuration assumes that the private and the public interfaces are the same
<mathiaz> EtienneG: right - the more experience we get know the better decision we'll be able to make for Lucid :)
<EtienneG> mathiaz, you're so Zen!
<mathiaz> EtienneG: I guess that what happens when you turn 30 ;)
<EtienneG> mathiaz, was it your birthday recently?
<mathiaz> EtienneG: yeah - like today :p
<EtienneG> QUICK SOMEONE, SEND ONE OF THOSE CHEESY ANSI-COLORED BIRTHDAY CAKE!!!11
<EtienneG> mathiaz, hey, happy birthday!
<EtienneG> you are not in Mtl today, right?
<mathiaz> EtienneG: I am - ask cr3
<EtienneG> damn, i have something tonight - beer would have been good otherwise
<EtienneG> mathiaz, I am faberglasted.  Installing a node, after the partition table change prompt, there are no other prompts (not even the last one, "installation finished, remove cd, blah, blah").  It just goes on and then reboot.
<EtienneG> is that intended?
<mathiaz> EtienneG: yes
<mathiaz> EtienneG: the prompt for the private interface only goes on the CC
<mathiaz> EtienneG: the assumption (I guess here) is that the NC are supposed to be on their private LAN anyway
<mathiaz> EtienneG: like a CC
<mathiaz> EtienneG: hm - like a cluseter
<mathiaz> EtienneG: *cluster*
<EtienneG> mathiaz, ok, I see, but not even "installation done, rebooting" prompt?  I mean, that's kind of unsettling
<mathiaz> EtienneG: well - that's experience we wanted to have IIRC
<mathiaz> EtienneG: as few prompts are possible
<EtienneG> mathiaz, hurmm ok
<mathiaz> EtienneG: that being said it may be a bug/whishlist to have the 'installation done, rebooting' prompt
<mathiaz> EtienneG: file a bug :)
<Daviey> Qwell: ping?
<Qwell> Daviey: one sec
<EtienneG> mathiaz, I got a few to file, and little time.  I will skip that one.  Surely someone else will report it
<mathiaz> EtienneG: well if everyone would think that way, we'd have zero bugs in LP :)
<EtienneG> mathiaz, imagine, a bug-free Linux distro!
<Qwell> Daviey: I wanted to figure out why Karmic will be shipping with an RC of Asterisk
<mathiaz> EtienneG: well - I would probably loose my job then :D
<Daviey> Qwell: Well i'm really hoping it hits stable before release.  If it doesn't, i'm hoping to propose an SRU for when it is.
<Qwell> Daviey: It won't
<EtienneG> mathiaz, that is just one step removed from saying you are purposefull yintroducing bugs for the sake of job security - I would be careful!
<EtienneG> :)
<Daviey> Qwell: well that was the *hope*.. Do you have any idea when 1.6.2 will be stable?
<Qwell> When it's ready. :)
<Qwell> I *really* don't want to have to deal with the bug reports that will come to the bug tracker if a major distro ships with an RC.
<EtienneG> bad news is that karmic will be shipping with an RC of Asterisk.  Good news is that the Asterisk RC will get tested.  Oh well!
<Daviey> it is my understanding that most people who use Ubuntu+Asterisk actually build from source.. which i dislike :(
<Qwell> sure, it's great for ubuntu.  They don't have to deal with the flurry of reports of the same (known and fixed...) issues.
<Qwell> We, however, will.  That doesn't exactly please me. :)
<mathiaz> Qwell: if the issues are fixed, they can be fixed in Stable Release Updates
<Daviey> Qwell: The installation does strictly state that reports should be reported to Ubuntu fwiw.
<mathiaz> Qwell: https://wiki.ubuntu.com/StableReleaseUpdates
<Qwell> Daviey: in theory that's great, but in practice...  they go to upstream.
<Daviey> Qwell: What do you feel is the timeframe for 1.6.2 being tagged stable?
<Qwell> Daviey: when it's ready...  I can't say anything beyond that, because we simply don't (and can't) know
<erichammond> ttx, smoser: I regularly browse the EC2 meta-data tree manually to see what values are available.  I would miss this ability if I were using Eucalyptus.
<Daviey> Qwell: Well the options are, either ship rc* and propose an SRU when it hits stable / or revert to an earlier stable release.
<Daviey> It is worth noting, that the -server team feels that non LTS versions are "technology previews" for an LTS..
<Daviey> So many suggest that non-lts releases aren't used for critical tasks
<Qwell> the -server team doesn't have to handle all the bug reports upstream gets. :)
<Daviey> All my PBX's are nstill Hardy.
<Daviey> Qwell: What timezone are you on btw?
<Qwell> central US
<Daviey> Qwell: The banner is customised to be:
<Daviey> http://bazaar.launchpad.net/~ubuntu-voip/ubuntu-voip/asterisk/annotate/head%3A/debian/patches/ubuntu-banner
<Daviey> So, i ereally was trying to shield you from bugs..
<Daviey> The hope is to triage them in Ubuntu, and forward them upstream when it is confirmed, and the correct information is provided.
<Daviey> Qwell: I'm keen to try and get a good working ethos with upstream on this.
<Daviey> I should really dash, I'm on UTC+1 and family commitments mean i'm getting my ear bending at the moment.
<Daviey> So if we can thrash this out tommorrow, I would really appreicate it.
<Qwell> Daviey: that's fine..  you can msg me or I'll be in #asterisk-dev
<smoser> erichammond, but do you know of any tools that would expect that index on / or /<api-version>
<erichammond> smoser: Yes, wget, curl, GET, etc.
<erichammond> :)
<erichammond> I'm not saying it should be more important than "Low", but I'm agreeing that API compatible should be compatible.
<aubre> whee after setting up static IPs, nodes were detected no problem by euca_conf
<aubre> I like the new services page :)
<aubre> sweet, the new setup was super easy, except that I had to set up my static IPs on my private network. Good work folks :)
<aubre> I'll be testing EBS/SC support tomorrow
<jjohansen> smoser: I have uploaded some new test kernels using just minimal config changes Bug #428692
<uvirtbot`> Launchpad bug 428692 in linux-ec2 "ec2 kernel needs CONFIG_BLK_DEV_LOOP=y and other config changes" [Medium,Triaged] https://launchpad.net/bugs/428692
<aubre> I'll wait till tomorrow to register images :)
<aubre> I could ask Mark Spencer about Asterisk. He's a friend.
<aubre> I dropped Mark an email. I'll let y'all know what he says.
<smoser> jjohansen, thanks.
<ruben23> root@Dbase:/usr/src/astguiclient/trunk/www# cp /usr/src/astguiclient/trunk/www/agc/ /var/www
<ruben23> cp: omitting directory `/usr/src/astguiclient/trunk/www/agc/'
<qman__> ruben23, -r
<ruben23> qman__:  ive done it with -a
 * soren calls it a day
<ruben23> hi anyne done performance tuning of kernel to optimize ubuntu server.>?
<uvirtbot`> New bug: #452900 in asm2 (main) "Please run testsuite during build" [Medium,Triaged] https://launchpad.net/bugs/452900
<uvirtbot`> New bug: #452926 in c3p0 (main) "Warnings during build" [Medium,Triaged] https://launchpad.net/bugs/452926
<uvirtbot`> New bug: #452939 in cglib2.1 (main) "Please run testsuite during build" [Medium,Triaged] https://launchpad.net/bugs/452939
<nijaba> First version of https://help.ubuntu.com/community/UEC/ElasticFox completed. Feel free to add to it.
 * nijaba -> bed
<cjwatson> mathiaz: is anyone in a position to test a fix for Etienne's question ordering bug, if I provide one? It would involve some manual messing around in d-i
<mathiaz> cjwatson: yes - I should be able to test such a fix
<mathiaz> cjwatson: however - how important is this to get it fixed in karmic for release?
<cjwatson> that's up to you guys I think
<cjwatson> it's a wart
<cjwatson> I wouldn't expect it to be a fatal wart
<mathiaz> cjwatson: right - It seems to be cosmetic
<mathiaz> cjwatson: it doesn't break things
<cjwatson> well, if you decide you're interested, branch pushing up to lp:~cjwatson/eucalyptus/question-ordering at the moment
<mathiaz> cjwatson: oh cool
<cjwatson> ... actually, I was just writing out directions and realised that it's painful to test
<mathiaz> cjwatson: right - a new iso needs to be respun IIUC
<cjwatson> not actually true
<cjwatson> but it's more fiddly than usual
<phoenixz> Anybody here who could tell me if ubuntu can use fibreoptic cards?
<phoenixz> To be specific, lspci gave me this : Fibre Channel: Brocade Communications Systems, Inc. 415 4Gb/815 8Gb PCIe FC HBA (rev 01)
<cjwatson> I think what you can do is build the package, put the udeb somewhere wgettable, write a preseed file that says 'd-i preseed/early_command string wget http://url/to/eucalyptus-udeb_1.6~bzr931-0ubuntu7_i386.udeb && udpkg -i eucalyptus-udeb_1.6~bzr931-0ubuntu7_i386.udeb'
<phoenixz> I have multiple of those and need to get them to work with powerpath
<cjwatson> but then the tricky bit
<cjwatson> you have to start the installer in expert mode, run through it until right before the "Select cloud installation mode" menu item, *but then* scroll down the menu and select "Download debconf preconfiguration file"
<cjwatson> after that, you can select "Change debconf priority", set it back to high, and continue as normal
<cjwatson> (obviously I meant 0ubuntu8 not 0ubuntu7, you get the idea)
<mathiaz> cjwatson: right
<mathiaz> cjwatson: thanks for the instructions - I'll paste them in teh bug
<mathiaz> cjwatson: and will try to find hardware to test the fix
<Kentuky> Can anybody help me with streaming my music collection?
<cjwatson> mathiaz: if you regard it as purely cosmetic, though, perhaps we shouldn't waste time on it
<mathiaz> cjwatson: well - I'll discuss this with kirkland and ttx
<mathiaz> cjwatson: and we'll decide whether it's worth getting into the release
<Kentuky> I'd really like an answer that'll allow my windows pc and linux laptop access my ubuntu server.
<cjwatson> mathiaz: branch finished pushing
<mathiaz> cjwatson: great - thanks!
<uvirtbot`> New bug: #455873 in apache2 (main) "mod proxy causes duplicate query strings when nocanon option is used" [Undecided,New] https://launchpad.net/bugs/455873
<Kentuky> anybody here use gnump3d or mpod?
<The2morrowMan> Does Ubuntu 9.10 promise to bring anything to the non-cloud server arena over 9.04?
<The2morrowMan> Anyone?
#ubuntu-server 2009-10-20
<sven_oostenbrink> Anybody here who could tell me if ubuntu can use fibreoptic cards? To be specific, lspci gave me this : Fibre Channel: Brocade Communications Systems, Inc. 415 4Gb/815 8Gb PCIe FC HBA (rev 01)... I have multiple of these in a server and must get them to work as one using powerpath.. Anybody who might be able to give a hand?
<JanC> sven_oostenbrink: if they are supported by linux, they should work with Ubuntu  ;)
<JanC> taking the kernel version in account of course
<sven_oostenbrink> JanC: But how do I know if they are supported by Linux? How can I see if the card is working?
<JanC> sven_oostenbrink: try the live-CD ?
<sven_oostenbrink> JanC: well, the server is already installed with ubuntu
<sven_oostenbrink> JanC: so I can just do anythign needed to get them to work
<JanC> so it doesn't work OOTB...
<JanC> ?
<sven_oostenbrink> JanC: Nope.. I did just find drivers on the brocade website (http://www.brocade.com/products-solutions/products/fabric-management-software/product-details/efcm/specifications.page) but these seem Redhad or Suse only..
<sven_oostenbrink> Any chance I could utilize those for ubuntu server?
<sven_oostenbrink> JanC: AFAIK, the cards are not yet recognized by the kernel, but Im not sure if this is the case..
<JanC> sven_oostenbrink: did you try with a recent karmic version?
<JanC> judging from that site, their linux solutions are from the last decade anyway  :-(
<sven_oostenbrink> JanC: I know.. Im right now downloading the driver for 9.04.. crossing fingers and toes here..
<awmcclain> Does cron recursively search cron.daily? If I put a symlink into a directory with a bunch of scripts I want to run, would it run them?
<Sorell> Hey guys I downloaded the latest build of ubuntu server (9.10 from today) and I am getting an error on install
<Sorell> it wants drivers for the CD drive it is loading off of, or if I try to install off of a flash drive I get the same error.
<Sorell> I don't even want to have the CD drive in the system after install.
<Sorell> any suggestions?
<uvirtbot`> New bug: #455931 in libgoogle-collections-java (main) "google-collections update breaks eucalyptus build" [Undecided,New] https://launchpad.net/bugs/455931
<quickshiftin> hey gang, im trying to complie imagemagick from source and not sure how to get it to see the requisite libs for some components
<quickshiftin> like png for example
<quickshiftin> i just did, apt-get install libpng3
<quickshiftin> and added --with-png=yes even, however the configure report is not showing that it will be used
<quickshiftin> i think i have to tell it the path to the libraries for the linker, but not sure where they are installed when i apt-get libpng3
<quickshiftin> should i build libpng from source?  i thought the point of the package was so i dont need too ..
<mathiaz> kirkland: hey!
<mathiaz> kirkland: doing some testing with raid1
<mathiaz> kirkland: I've booted one of my guest with only one drive (after a successfull install)
<mathiaz> kirkland: then restarted with the other drive only
<mathiaz> kirkland: logged in and created a file in my home directory
<mathiaz> kirkland: then restarted with both drives
<mathiaz> kirkland: the system booted with a functional raid array
<mathiaz> kirkland: and the file in my home directory went away
<mathiaz> kirkland: there were bunch of errors one the last boot though
<mathiaz> kirkland: what would be the expected behavior in that use case?
<The2morrowMan> Is Ubuntu 9.10 supposed to bring anything really nifty to the server arena, besides cloud computing integration?
<quickshiftin> libpng12-dev : theres the package ;)
<ramseize>  hello i have a question hoping that you would help me answer, i dont have any idea about server administration, and im planning to buy a vps , which os should i choose ubuntu or centos, im quite familiar with ubuntu as it is what im using for my desktop, but its different when you talk about server side, which is easy to configure cent os or ubuntu server?
<KurtKraut> ramseize, since you use Ubuntu at home, you'll be more used to Ubuntu as a server too.
<KurtKraut> ramseize, anything you do with your Ubuntu Server you'll be able to do with your Ubuntu desktop.
<skuld> Hi!  I just moved from Fedora 7 to Ubuntu Server 9.04.  I noticed that the remote desktop locks up the server (I installed the ubuntu-desktop to make it easier for me to administer until I'm more comfortable with the terminal-only commands).  Does anybody know of a fix for this?
<ramseize> but i read some great comparison with centos and ubuntu , but i am more familiar with ubuntu so you think its a great advantage for me to use ubuntu?
<ramseize> does anyone of you know of a good vps hosting but very cheap, i just need it foe education purposes
<jmarsden> ramseize: This is #ubuntu-server, so most people here are going to recommend Ubuntu :)  It is (generally) an advantage to use something you already know -- it means you have less new stuff to learn.  So if you already know Ubuntu, especially Ubuntu at the command line, I suggest you use Ubuntu server.
<med\weed> ramseize: you should check distrowatch and possibly ##linux is a better place to ask
<ramseize> ok
<ramseize> thanx
<med\weed> however i personally recommend debian for servers
<med\weed> centos is very popular too
<med\weed> i dont really like the ubuntu practice of installing everything and the kitchen sink
<ramseize> ok
<jmarsden> As for VPS recommendations, many Ubuntu folks are happy with LiNode http://www.linode.com -- lowest size VPS there is US$19.95/month
<med\weed> then turning on every service known to man
<med\weed> its better on the desktop but it puts you at a serious disadvantage security wise
<med\weed> some other distros install and turn on much less by default
<med\weed> however there is also a cost for that
<jmarsden> med\weed: Last I kknew Ubuntu server defaults to a minimal install....
<med\weed> the cost in this case is additional install / configure time
<ramseize> so what os should i choose? ubuntu or cent os?
<med\weed> jmarsden: thats not a REAL minimal
<skuld> yeah...very minimal!
<med\weed> ramseize: do you run ubuntu on your desktop?
<med\weed> if so just start with it
<med\weed> its _most_ important to learn!
<jcastro> med\weed: what unnecessary services are installed?
<jmarsden> med\weed: What services does Ubuntu server install by default that you consider to be a security risk?
<med\weed> jcastro: i'll leave that as an exersize for you
<med\weed> +sp
<ramseize> yes i run ubuntu in my desktop
<jcastro> well, you're the one making the claim, isn't the onus on you?
<med\weed> but if you want to really get down i would go so far as to say a centos default install is much more secure by default no matter what is installed.
<med\weed> as they turn a firewall on by default
 * skuld takes a number and waits in line for the current conversation to conclude...
<med\weed> oh im done with it
<skuld> I just moved from Fedora 7 to Ubuntu Server 9.04.  I noticed that the remote desktop locks up the server (I installed the ubuntu-desktop to make it easier for me to administer until I'm more comfortable with the terminal-only commands).  Does anybody know of a fix for this?
<ramseize> med\weed: rapidswitch.com  like these kind of vps hosting,
 * skuld hears the crickets chirping outside...
<skuld> I also ran the updater and the server claims it's 'everything up to-date'.
<jmarsden> skuld: Ubuntu server doesn't come with a GUI desktop, if you install one you are pretty much on your own regarding support for the resulting server/desktop hybrid setup you have created... you may just want to install Ubuntu desktop, unless this is truly a production server the differences are unlikely to be signifcant to you.
<skuld> I was opting for the server because of the built in mail and web server applications.  I'm really not that familiar with the terminal only style of the server though
<skuld> it is supposed to be a production server, and after fighting for over a week trying to get mail to work I decided to install a fresh OS
<skuld> (mail was working fine for over two years before-hand...then I guess I changed something or ran some program that changed something)
<jmarsden> skuld: You can use tasksel on a desktop install to add mail/web/whatever, just like you can on the server installation... no difference there at all.
<jmarsden> If you prefer, set up a fresh Ubuntu server with no GUI and ask for help with the mail setup here or in #postfix and I'll do what I can to help... I've been doing paid network admin work on Linux for over 15 years...
<skuld> okay.  really quick, is there a remote desktop for the terminal-only server?
<skuld> my server is in an awkward location to work on so remote capability is really handy
<jmarsden> Remote desktop?  You can run GUI programs on the server over SSH, and remote server admin is usually done at the command line in a shell anyway...
<jmarsden> If you need a web interface to it, there is ebox...
<jmarsden> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<skuld> okay.  I'll see about reinstalling server with no gui
<jmarsden> skuld: OK.  The only "extra" thing you really will want to install at the initial installation time is openssh, so you can SSH into the server.  Everything else (mail, web, etc) can be added later.
<skuld> can I use 'ssh' with a windows workstation...that's the PC I work remotly from...hence why I was using the gnome desktop with the built in remote desktop
<jmarsden> You can install Putty which is a well known free SSH client for Windows, and use that, yes.
<jmarsden> If you don't know this already you are probably not really ready to be a sysadmin of a production Linux server, though...
<skuld> okay cool.  I'm just not really all that comfortable with the command line yet...it's been years since I've worked with it
<jmarsden> OK, I can point you at some guides to try and get you up to speed on the shell if you need that.
<jmarsden> http://tldp.org/LDP/intro-linux/html/intro-linux.html   is one
<skuld> could I just 'uninstall' the ubuntu-desktop and gdm to revert back to a terminal only server, or would you recommend just a full reinstall?
<jmarsden> You can try that, and if it fixes your issue with hangs, that's fine.  I'm not sure what causes the hangs, so that worries me a little... but go ahead and try it.
<qman__> skuld, you could purge it
<qman__> simply uninstalling it would leave a LOT of unused config files
<skuld> purge?
<med\weed> definately
<jmarsden> sudo apt-get purge PACKAGENAME
<med\weed> apt-get --purge remove <packages>
<med\weed> however there is a caveot with that
<jmarsden> Rather than sudo apt-get remove PACKAGENAME
<med\weed> it also purges regex'd packages - there can be differences in what it takes out iirc
<med\weed> jmarsden: your wrong
<med\weed> my form is correct sorry ^^
<kees> med\weed: I'd take Ubuntu over Debian since Debian lacks most of the proactive security features in the built packages and kernel.
<skuld> so I'd do:  sudo apt-get purge ubuntu-desktop gdm
<qman__> med\weed, both ways work
<qman__> purge is now a valid option
<qman__> sudo apt-get remove --purge PACKAGENAME
<med\weed> what@karmiclyubu:~$ sudo apt-get purge remove gedit
<med\weed> [sudo] password for what:
<med\weed> Reading package lists... Done
<med\weed> Building dependency tree
<med\weed> Reading state information... Done
<med\weed> E: Couldn't find package remove
<qman__> sudo apt-get purge PACKAGENAME
<med\weed> i.e. your wrong.
<kees> --purge
<qman__> not purge remove, just purge
<kees> e.g. --purge remove   or just   purge
<med\weed> qman i just pasted proof
<qman__> read what you did
<jmarsden> med\weed: I'm wrong... sure... I do system admin work for a living... do you?  You mistyped the command...
<med\weed> sudo apt-get purge remove gedit does not work
<med\weed> sudo apt-get --purge remove gedit does work
<qman__> that's because that's wrong
<jmarsden> Right, and that is not what I suggested.
<med\weed> that was the whole problem i had with their examples ffs
<med\weed> look start reading its irc but i'
<qman__> you don't "purge remove", just "purge"
<med\weed> ll paste it for you one sec
<med\weed> 02:11 < jmarsden> sudo apt-get purge PACKAGENAME
<med\weed> 02:11 < jmarsden> Rather than sudo apt-get remove PACKAGENAME
<tonyyarusso> Could you use a !pastbin this time?
 * skuld sudo apt-get purge ubuntu-dekstop gdm ?
<qman__> skuld, yes
<jmarsden> med\weed: Do you see the string "purge remove" in what I typed?
<jmarsden> med\weed: Do you see the string "purge remove" in what you used as "proof"?
<jmarsden> med\weed: Do you understand the difference now?
<skuld> ummm...I *thought* it was 'ubuntu-desktop' but when I try running the command, it states that it can  not find the package by that name
<qman__> skuld, that is the correct name of the meta package for the ubuntu desktop system
<qman__> so unless you installed it manually, that should work
<skuld> I used apt-get install
<skuld> to install it
<qman__> yes, but if you installed, say, gdm, and all the other programs you wanted to use by name
<qman__> instead of installing ubuntu-desktop by name
<jmarsden> skuld: Typo?  Earlier you wrote:  sudo apt-get purge ubuntu-dekstop gdm ?     # This misspells desktop
<qman__> that won't work, you'll have to go back and uninstall all the ones you installed
<skuld> oh and me an my stupid fat fingers...I mispelled desktop
<qman__> hah
<skuld> okay, it says it purged.  rebooting the server now
<skuld> okay, that worked.  terminal only now....
<skuld> what's the package for ssh so I can work remotely?
<jmarsden> sudo tasksel install openssh-server
<Pairadimesitty> I'm trying to set a couple of things on my site and need some help.  I'm running my own server and need to set a couple of things, but don't know how.  I need to set extra perameters for default pages to load in folders ie "index.html vs index.htm"
<skuld> it's not apt-get?
<jmarsden> Pairadimesitty: Use the Apache DirectoryIndex directive to provide the list of index pages you want your server to look for.
<Pairadimesitty> in code please, I'm a total noob, don't know the language
<jmarsden> skuld: You could do that, sure.  Learning tasksel prepares you for installing web and mail tasks, though...
<med\weed> jmarsden: very well your right
<jmarsden> med\weed: Thankyou.
<med\weed> however.
<med\weed> i also do sysadmin work for a living.
<med\weed> not knowing one single command is not enough to break that out :P
<jmarsden> med\weed: OK, then perhaps you should read man pages a bit more carefully :)
<med\weed> [we're currently using 70gbits]
<skuld> cool!  it installed, now I use putty to see my server screen?
<med\weed> jmarsden: more like i should review them occationally as apparently there's value added in linux too ;)
<jmarsden> skuld: You use putty to log into the server, yes.
<med\weed> jmarsden: if it makes you feel better you probably predate me in linux :P i'm only on year 6? 7?
<med\weed> since sarge was unstable
<Pairadimesitty> actually I'm running my server on Xubuntu to help my lack of directory and terminal knowledge, so if you could just point out a file to edit that would help too
<med\weed> jmarsden: btw if your wondering wtf i'm doing here - its because my co runs ubuntu lol
<skuld> oh crap!  I need to add port 22 to my firewall
<jmarsden> Pairadimesitty: Look at /etc/apache2/mods-available/dir.conf
<med\weed> skuld: good practice to chang that port in /etc/ssh/sshd_config
<med\weed> s/chang/change
<Pairadimesitty> jmarsden: thanks, on it.
<jmarsden> I need to go AFK briefly... skuld, do you have Putty connecting to your server yet?
<skuld> I'm still trying to get it connected
<jmarsden> What is the problem?  You firewalled off your server from your admin workstation? :)
<jmarsden> OK, well, I'll be back soon I hope...
<skuld> okay, I changed the port, but how do I open my new port...say it's 553 (it's not)
<skuld> I was running firestarter back when I had the gnome desktop installed.  now I don't have that utility, so I need to know how to edit my firewall via the terminal. LOL
<Pairadimesitty> jmarsden: if you're still here thanks that did the trick.
<med\weed> skuld: what firewall?
<Pairadimesitty> The other thing I'm trying to do is integrate my forum inside my home page (/forum.php inside index.htm), but iFrames universally suck, I can't get it to resize automatically inside my content.  I'm told to use ssi, but that doesn't seem to load,
<skuld> what forum software are you using?
<Pairadimesitty> google also tells me that I need to set the server to accept htm format for it rather than only shtml
<skuld> I've been admining my own for 7 years now
<Pairadimesitty> smf
<skuld> perfect...that's what I use
<Pairadimesitty> so far I really like it
<skuld> if only I had my server up...I could *show* you.
<Pairadimesitty> thanks skuld, that's exactly who I need is your help
<skuld> you don't NEED to use SSI, that's just a bunch of functions that make things convienant
<Pairadimesitty> um
<Pairadimesitty> yeah
<skuld> I used some, but mostly I coded my own "ssi" using PHP
<Pairadimesitty> iframe shows the content, but doesn't play nice with sizing
<skuld> creating the HTML and mySQL calls that way
<skuld> what is it you're wanting to do exactly?
<Pairadimesitty> feel free to take a look epicdatanet.co.cc
<Pairadimesitty> there is a button leading to the forum at the moment, I'd like to nest it inside the home page
<skuld> why not just tweak the style.css and use the built in banner options in SMF?
<skuld> I think that would be much easier to accomplish, and cleaner.
<Pairadimesitty> I'm also planning on putting an autosizing to browser chatbox (I installed an ajaxchat mod in smf) on the left side set to follow the browser, hopefully collapseable
<skuld> :)  can I give you some adivce?
<skuld> don't install a chat box
<Pairadimesitty> but I doubt that would nest it inside the content area
<skuld> with a forum
<skuld> your forum will die
<skuld> becuase most of the talk will be in the chat and not in the forum
<Pairadimesitty> I was wondering about that
<jmarsden> I'm back but need to deal with a real life issue... car with flat (really FLAT) tire...
<skuld> I've done that and regretted it
<skuld> ewww yuck
<Pairadimesitty> I'd like to give it a shot anyway, perhaps restrict it to forum members?
<skuld> I'm still trying to connect via putty.  I think I opened the port I needed by using this command, but I don't think it's working yet.
<skuld> restrict it to advanced forum members above a certian post group if you want to do that
<jmarsden> skuld: telnet 1.2.3.4 22   will test whether you can access the SSH service on IP 1.2.3.4 ... what happens when you try?
 * jmarsden needs to go again to get a car tire (very FLAT) fixed...
 * skuld iptables -A INPUT -p tcp -d 0/0 -s 0/0 --dport 553 -j ACCEPT
<Pairadimesitty> good thinking, hopefully the mod allows that, truth be told I haven't gone through the forum options yet, just added some themes and mods
<jmarsden> skuld: 553?  OK, if you want to use 553 for SSH and have set up sshd to use it... did you do that?
<Pairadimesitty> I'm very glad I came here by the way
<skuld> you'll need to code that by hand.  I can probably help with that after i get my mess cleaned up LOL
<skuld> at least the first part, integrating the forum to the website, that's pretty easy...most of the time is just spent tweaking your smf/style.css  .... and there's a little coding in the index.template.php file to remove the SMF logo on the right.
<Pairadimesitty> I was afraid of that
<skuld> brb, have to dress my kid for bed....
<jmarsden> skuld: Whether that iptables command will work depends on the exact set of commands in the INPUT table... if there was a -j DENY at the end then appending to the table fails because the DENY rule gets reached before your new appended ACCEPT rule
<jmarsden> OK...
<Pairadimesitty> actually, with the black silk theme I'm using for smf, other than some text that shouldn't be black all I really want to change is to remove the banner all together
<Pairadimesitty> and of course frame (without frames) it inside my home page
<skuld> back
<Pairadimesitty> and no where else
<jmarsden> skuld: So what does telnet 1.2.3.4 553    do   # if 553 is your SSH port
<skuld> right
<Pairadimesitty> sorry that I'm dividing your attention skuld
<skuld> it's okay....I'm also multitasking here :)
<skuld> I can use putty to telnet, right?
<Pairadimesitty> fyi, multitasking there makes things worse for you, not better lol
<skuld> I know
<Pairadimesitty> yes you can
<jmarsden> skuld: You could,  but there is a Windows command called telnet which i was expected a Windows-using person to know and use :)
<skuld> well, when I try that, it sits there for a few seconds...like 30 and then disappers
<jmarsden> at least, there was in Win 2000 and XP, not sure about Vista and Windows 7.
<skuld> I guess it's timing out
<jmarsden> skuld: Open a console window and do it, so you can see the error message :)
<jmarsden> Start -> Programs -> Accessories -> Command Prompt
<jmarsden> Then type in    telnet 1.2.3.4 553 and press Enter.
<jmarsden> Do not "guess" that it is timing out, we need to *know* what it is doing :)
<skuld> should there be a : between the IP and port?
<jmarsden> No.  a space.
<Pairadimesitty> telnet is not a recognized command in windows 7 according to my command prompt
<skuld> you've gotta be kidding me.... I guess windows vista doesn't include telnet!
<Pairadimesitty> putty can do it according to google
<skuld> yeah, it can , but it vanishes after about 30 seconds when I try it
<jmarsden> OK, use putty I guess.  BTW, you should consider using Ubuntu desktop for your admin workstation :)
<jmarsden> skuld: There should be a Putty option to not close the window on errors... set it and retry.
<Pairadimesitty> http://www.webmasters-central.com/article-blog/tutorials/how-to-telnet-server-using-putty-ssh-client/
<skuld> I would if I could afford to do that (another machine)
<jmarsden> skuld: Dual boot?  Or run Ubuntu Desktop in a VM under Vista (better, run Vista in a VM under Ubuntu)...
<skuld> okay, trying it
<JJman6_> any recommendations on using ext3 vs ext4 for servers?  Is ext4 stable enough to be used in a production environment?
<skuld> "connection closed by remote host"
<Pairadimesitty> I've got xubuntu on my server running the desktop right now.  I'm looking at three monitors, two keyboards, two mice, a bunch of cords, a cat on my lap, and a bag of reeses
<skuld> nice....reeses.... :)
<Pairadimesitty> yes
<jmarsden> skuld: Incidentally, it would have probably been faster to reinstall Ubuntu server than to do all this :)
<jmarsden> anyway... so, is there really an sshd listening on port 553 on your server?
<skuld> yeah, but I'd loose my internet connection in the process
<jmarsden> On the server console try     sudo netstat -ntlp |grep 553
<Pairadimesitty> if it weren't for the reeses none of learning Dreamweaver, designing a site, choosing the best free host available, dumping said host, and installing my own linux server would have happened
<skuld> OH wait!!  do I need to "start" an ssh service?
<jmarsden> skuld: If you dinked with its config file, you need to restart it, yes.
<jmarsden> If you had left it alobne, it would have started on port 22 all by itself...
<Pairadimesitty> lol, it's always something simple like that
<skuld> yup, okay...off hand you know what it is?  (/etc/init.d/sshd start  ?)
<jmarsden> But someone told you to change the port... so we got into all this mess...
<Pairadimesitty> lol
<skuld> lol
<jmarsden> sudo service ssh restart
<skuld> I would have had to open the port in the firewall anyway
 * Pairadimesitty eats a reeses
<skuld> okay trying again
<jmarsden> Check it is there with   sudo netstat -ntlp | grep 553    first.
<skuld> ok
<skuld> looks like it
<jmarsden> Good.  OK, now try ssh to port 553 from Putty...
<Pairadimesitty> bet it failed
<skuld> connection timed out
<Pairadimesitty> just a hunch
<Pairadimesitty> too easy to work
<skuld> LOL
<jmarsden> skuld: OK, can you (from the server console) do     ssh -p 553 username@1.2.3.4      # and log in as your username
<skuld> how do I review that firewall iptables listing to see if there is a dENY in there
<jmarsden> first let's check the sshd is working.
<Pairadimesitty> I wish I could show you a picture of the mess of hardware in front of me
<Pairadimesitty> if I didn't have this giant thick desk it probably would have caved in
<skuld> yeah, it let me log in
<jmarsden> skuld: OK, good, you can exit to get back out of that ssh session.
<skuld> threw an error about authenticity of my ip I tried
<skuld> logged out
<skuld> yes
<jmarsden> sudo /sbin/iptables -L -n -v
<jmarsden> will display all the details of your firewall setup.
<skuld> ok
<jmarsden> One issue will be finding where firestarter put its config files and scripts... :)
<Pairadimesitty> cable modem, linksys dd-wrt router, mic, speakers, controllers (tv and game)
<Pairadimesitty> printer
<Pairadimesitty> god I need to clean up
<skuld> wow that's confusing!
<jmarsden> It's what firestarter did... now you know why using GUi tools that hide all the details is not always a good idea :)
<skuld> I didn't see any denys in there, and it was a pretty short list...lots of *
<skuld> yeah...I know... :(
<skuld> but I'm learning all kinds of cool stuff now
<jmarsden> On the server if you do    sudo apt-get install pastebinit
<jmarsden> we can then have you pastebin that iptables list somewhere I can read it...
<skuld> okay
<jmarsden> Once it is installed, do     sudo /sbin/iptables -L -n -v | pastebinit     # and tell me the URL it returns
<skuld> http://pastebin/f7f31f192
<Pairadimesitty> that's pretty handy
<skuld> I think I mis copied somehting...
<jmarsden> It would be if it worked... I'm seeing a page which says no such paste id...
<Pairadimesitty> hmm
<jmarsden> Miscopying the ID would do that ... :)
<skuld> no I copied it right
<jmarsden> Did you copy the full URL OK... just pastebin between the // and the /
<jmarsden> Looks odd to me...
<skuld> let me try again....
<skuld> http://pastebin/f54c917e4
<jmarsden> Hmmm, mine look more like  http://pastebin.com/f5b874c4e
<jmarsden> Yup.... you omitted the .com
<skuld> http://pastebin.com/f54c917e4
<skuld> duh!
<skuld> LOL
<Pairadimesitty> I was just surprised that a link without a .com actually showed up correctly on the page
<Pairadimesitty> if I put those in my browser they work
<jmarsden> Pairadimesitty: Firefox will turn WHATEVER it into www.WHATEVER.com if that URL exists...
<jmarsden> but www.pastebin.com and pastebin.com are different sites...
<Pairadimesitty> I've never seen that before, though I suppose the http:// had something to do with it, if it were just text my settings would have turned it into a google search
<skuld> my '553' port is 26
<jmarsden> I see no 553 anywhere in that listing... ?
<skuld> 553 = 26
<skuld> I guess it's on line 40?
<jmarsden> ah, that is way lower than all the DROP rules :)
<skuld> ...is that a good thing?
<ramseize> cloudhosting
<Pairadimesitty> it means confusion in virtual form skuld
<jmarsden> skuld: No.  The DROPs will drop your packets before the ACCEPT in line 40 will accept them.
<jmarsden> You want that line up around line 6 or so to work right.
<skuld> okay, so how do I fix it to do that?
<Pairadimesitty> so is it even possible to embed my forum in my site so that all links to the forum will lead to my homepage with the correct link in the forum showing?
<jmarsden> iptables -I INPUT 3 -p tcp -d 0/0 -s 0/0 --dport 26 -j ACCEPT
<jmarsden> or something close to that :)
<skuld> ok, let me try that.... @pairadimsitty:  I don't understand
<Pairadimesitty> that makes two of us
<Pairadimesitty> I want the forum framed inside my homepage, nowhere else
<aubre> when I try to associate a EBS volume with a UEC image using euca-attach-volume -i i-46C508A6 -d /dev/sdb  vol-32BA04A7 the cc.log reports bad input params to vnetAttachTunnels() and doesn't attach the SC volume to the instance
<aubre> I've tried using just sdb for the device name , that doesn't seem to make a difference
<Pairadimesitty> and if I should have a link to some part of the forum elsewhere on my site, it should show the homepage, with the appropriate forum post (or whatever) showing
<aubre> everything else is working for me to my knowledge
<skuld> okay, I can finally ssh into my server! :)
<Pairadimesitty> yay
<uvirtbot`> New bug: #434836 in augeas (main) "[MIR] augeas" [High,Incomplete] https://launchpad.net/bugs/434836
<jmarsden> skuld: OK :)  Now, do you already have some broken/half working email setup on it?  or are we starting email (postfix/dovecot?) from scratch?
<skuld> all that's done so far is the package has been installed, nothing further
<jmarsden> OK.  What is the overall plan -- you need outgoing SMTP for some PHP forum stuff, only, or you are really doing email hosting?
<skuld> @pairadimesitty:  if you're forum is embedded on your home page, then all links will also be framed there as well.
<Pairadimesitty> I have squirrel mail, just because that's what the guide I followed recommended
<Pairadimesitty> cool, I was worried about that
<skuld> I have six domains that need some number of email addresses.  a couple only need one or two, a couple need much more
<skuld> i need to have the ability to send and recieve mail (relay if needed with smtp authentication)
<skuld> I've tried almost everything....I think that's what blew up my last server...qmail finally did me in LOL
<skuld> then I read a couple posts on postfix and dovecot...should be able to handle the multiple domains...and use mysql?
<skuld> so that's what I installed was the default mail server (postfix/dovecot)
<jmarsden> Yes, Postfix is a little saner... MySQL only if you need it... are you comfortable editing text files to configure all the email accounts?
<Pairadimesitty> now I just need to embed it, preferably without frames
<jmarsden> I'm not convinced MySQL for email configs is necessary unless you are up into thousands of accounts... but that's personal preference...
<skuld> actually if I had my preference, I love the idea of it being a database back end rather than text files, but if that's what I have to do, I'm comfortable enough
<jmarsden> Either way is doable.  Let's see if I can find a howto with an approach to using MySQL for you...
<skuld> @pairadimesitty:  I'm saying you don't need to embed anything.  why not just make your smf forum your home page with just your banner, and add the menu extra menu links you need at the top?
<skuld> ok
<jmarsden> skuld: Are you running Ubuntu 9.04 Server, or 8.04.3 LTS ?
<skuld> 9.04, the latest and greatest
<Pairadimesitty> I like my existing page, and the wrap around of the content, I also plan to embed squirrel mail, I will have pages though that have no framing, and I want to be able to handle all future expansion fluidly and in the same content region
<jmarsden> OK... then http://craigballinger.com/blog/2009/07/postfix-dovecot-mailserver-on-ubuntu-904-jaunty-jackalope/  looks a good fit for what you are trying to do.
<jmarsden> Go through it slowly, ask me questions if anything looks odd or "goes wrong"...
<skuld> oddly what I did in that situation was create dynamic web pages using php.  using a variable like $content = 'stuff here' I was able to create new pages of content with out mucking up the index.php.  just created a new php file that returned $content.
<skuld> okay.  also be thinking of apache2 in the background.  I guess things have changed since the httpd days...I thought I could just copy paste my conf file, but that didn't work lOL  I'm reviewing the link you sent now
<jmarsden> skuld: Sure, I can help with the apache stuff too later on.  Debian/Ubuntu break out the configuration to make virtual hosting easier... which it is, once you understand how it all works :)  I need to go pick up my daughter from somewhere or other... back in ~20 or 30 minutes...
<russlar> crohakon: install vsftpd
<Pairadimesitty> bingo skuld, looks good, does it auto size for no frame scrollbars?
<Freddy_007> Anyone have experience configuring Tomcat to work with Apache2 ?
<crohakon> So, apparently I missed the FTP server during the install of ubuntu server edition. How can I install it now post install?
<russlar> crohakon: apt-get install vsftpd
<Freddy_007> crohakon: apt-get install vsftpd
<crohakon> wait...
<crohakon> you guys make me come here...
<skuld> it will auto size with the broswer.
<crohakon> and then you answer my questions that I asked in ubuntu? heheh
<skuld> okay.  looks like I've gotta fix apache before I continue with postfix...
<Freddy_007> ha ha
<jmarsden> skuld: Really?  Why?
<Freddy_007> that'd be for the install, more indepth requeusts for server version ... this is the best place to ask
<skuld> smf by default autosizes with the browser...that is unless you have a banner image that's really large horizontally.
<aubre> https://bugs.launchpad.net/eucalyptus/+bug/452185
<uvirtbot`> Launchpad bug 452185 in eucalyptus "can't access SC volumes in a UEC instance" [Low,Incomplete]
<jmarsden> skuld: I'd copy your httpd.conf file somewhere safe, then sudo apt-get purge apache2  && sudo apt-get install apache2   # and you should have a very basic working apache2 ... anyway, got to go, back later...
<Pairadimesitty> I know that it does, and like that, it does autosize horizontally with iframe,but iframe sucks and won't autosize virtically
<Pairadimesitty> scroll bars inside the window and stuff like that
<skuld> I'm not sure of anyway to do verticle autosizing without an iframe...
<Pairadimesitty> I saw a script online, php that is advertised to do something like that, but I'm not quite sure how to set it up, and I wasn't sure if php is the best solution
<Pairadimesitty> not because I'm against it or anything
<Pairadimesitty> I just don't know
<Pairadimesitty> like I said, this is my first experience with all this stuff
<Pairadimesitty> my first website, my first forum, my first server
<Pairadimesitty> my second host, but awardspace is about the best freehost and it didn't allow some needed php that the forum used
<crohakon> how do I exit and save when editing files with vi?
<Pairadimesitty> eventually after wading through the many free hosts out there researching I said F* it and pulled out my old optiplex gx 260
<russlar> crohakon: :wq!
<Pairadimesitty> that's why I stick with nano, it's annoying, but all the commands are listed
<crohakon> russlar; eh? I try to type that and it just... well.. types it..
<russlar> crohakon: hit escape first
<russlar> !vi
<ubottu> Text Editors: gedit (GNOME), Kate (KDE), mousepad (Xfce4) - Terminal-based: nano, vi/vim, emacs - For HTML/CSS editors, see !html - For programming editors and IDE, see !code
<crohakon> oh!
<crohakon> Thanks =)
<crohakon> Does pico still exist?
<russlar> yup
<crohakon> I really liked pico back in the day... back when I remembered how to do stuff. =(
<Pairadimesitty> perhaps ssi then skuld?
<Pairadimesitty> or do you have an idea for php, probably much better to use php?
<crohakon> How do I edit my iptables?
<crohakon> nevermind, I am dumb.
<crohakon> hehe
<skuld> sorry, I was reading a tutural....
<skuld> @pairadimesitty:  you are asking something about SSI versus PHP?
<Pairadimesitty> sort of, I really don't care what the method is so long as it's sort of clean and I can reimplement it without too much trouble
<crohakon> So, another dumb question... where would I find the httpd.conf file?
<crohakon> /var/?
<skuld>  it's in /etc/apache2/
<skuld> by default it's a zero-byte file
<jmarsden> crohakon: /etc/apache2/httpd.conf
<crohakon> I was... close..
<crohakon> hehe
<skuld> I'm still working on configuring apache2 myself
<jmarsden> Read all the files under /etc/apache2 to see how Debian/Ubuntu sets things up.
 * jmarsden is back, by the way :)
<crohakon> wait... the file is empty?
<crohakon> *gasp*
<Pairadimesitty> I just recall that some googling told me something about setting the server to accept .htm and that the default was just .shtm
 * skuld jumps up and down
<crohakon> I have to fill it... by my self?
<jmarsden> No, you have to read the other files under that directory, as I just said...
<Pairadimesitty> I'd like to be able to effectively use css to control the "frame"
<skuld> then that's all just HTML coding
 * jmarsden wonders why jumping up and down is part of the process of configuring email servers, ... ?
<Pairadimesitty> healthy body makes a healthy thinking brain?
<skuld> does cussing count?
<skuld> while jumping up and down?
<Pairadimesitty> only as entertainment
 * jmarsden thinks... but jumping up and down makes it really hard to read the screen, and even harder to type accurately...
<skuld> while configuring email servers
<skuld> LOL
<Pairadimesitty> I want a virtically resizing "frame" with no margin or border or whatever that fills my content box with proper resizing
<Pairadimesitty> I want to control it with css if I can, but I can adapt
<Pairadimesitty> and I want another reeses
<Pairadimesitty> I want to want fewer things and still be happy
 * Pairadimesitty eats another reeses
<jmarsden> Pairadimesitty: ask in #css, or #html, about those... not sure what channel would help with providing Reeses ...
<skuld> can I copy/paste between my browser and putty?
<jmarsden> skuld: Sure.  You can set options in putty for what the different mouse buttons do, I usually set it to match xterm, but Windows people find that confusing...
<Pairadimesitty> ah, I missed the html channel at first when I looked
 * jmarsden thinks maybe you should start a #reeses channel :)
<jmarsden> skuld: How is the email config coming along?
<skuld> just got finished setting up the postfixadmin superuser
<jmarsden> OK.
<crohakon> anyone know of a good guide for configuring apache2? The apache website is giving me trouble.
<ScottK> I'd start with the Ubuntu server guide
<crohakon> is that at the ubuntu website?
<Pairadimesitty> jmarsden: damn, I think that might just work
<JJman6_> pico = nano  I use pico
<Pairadimesitty> ##php pops me into ##overflow is it actually full or does that mean something else?
<jmarsden> crohakon: https://help.ubuntu.com/9.04/serverguide/C/
<jmarsden> Pairadimesitty: ##php lets me into it just fine.  Are you a registered FreeNode user?
<Pairadimesitty> ah, no
<Pairadimesitty> I only irc if there is a problem lol
<jmarsden> I don't know for sure, but that might be it.  Register your nick and try again?
<Pairadimesitty> frack
<Pairadimesitty> doesn't accept hotmail accounts?
<Pairadimesitty> that's my main email!
<ScottK> Then you must not have much interest in receiving mail.
<Pairadimesitty> at least untill I set up my squirrel mail account
<skuld> @jmarsden:  This instruction isn't clear.
<Pairadimesitty> what the heck do I have to do here
<skuld> 1.sudo nano master.cf
<skuld> dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -f ${sender} -d $(recipient)
<skuld> do I just put that at the end of the file?
<jmarsden> skuld: Edit that file using the nano editor as root (hence the sudo), and unless there is already a line starting with dovecot in there, yes, add it to the end of the file.
<skuld> ok
<jmarsden> That should all be one single line of text, in case that isn't clear either...
<jmarsden> You might need to do sudo nano -w master.cf      so it doesn't word wrap the text
<skuld> got it :)
<crohakon> okay... how can I install gnome? I give up on console. =(
<Pairadimesitty> crohakon: personally when I got fed up installing a gui free ubuntu server I switched and installed xubuntu to start over
<jmarsden> crohakon: Installing a GUI on top of Ubuntu server gets you a hybrid mess that is neither desktop nor server, and is best avoided.
<Pairadimesitty> so far it works
<jmarsden> crohakon: But what is so hard about using the command line?
<ScottK> crohakon: sudo apt-get install ubuntu-desktop, if you insist.  Any questions about it are off topic here, see #ubuntu.
<crohakon> So you suggest installing the desktop version and then just installing the servers?
<jmarsden> crohakon: Yes, if you are 100% set on having a GUI on your machine.
<jmarsden> crohakon: What I really suggest is sticking with the command line :)
<skuld> okay, got a problem with the dovecot-postfix.conf.   it failed when I restarted the service...
<crohakon> I guess I will just push on and learn something *sigh*
<skuld> sudo /etc/init.d/dovecot restart
<ScottK> That's the spirit
<skuld> I copied / pasted from the website.
<jmarsden> skuld: OK, what does the error say, and pastebinit <dovecot-postfix.conf so I can read it please?
<crohakon> I am still suffering from the vista/windows never have to use a command line to do anything syndrome.
<jmarsden> crohakon: Really?  what is the Windows GUi equivalent of the *Windows* netstat command?  or nbtstat?
<Pairadimesitty> simple, make some other program do it for you
<Pairadimesitty> that's what 3rd party is for
<jmarsden> There are plenty of command line Windows commands that a good Windows server sysadmin knows and uses.
<skuld> http://pastebin.com/f61603c18
<crohakon> <--- not a windows server sysadmin
<jmarsden> Pairadimesitty: Name a 3rd party tool that does what dcpromo does in Windows Server 2003
<skuld> holdon...it didn't say everything
<crohakon> <--- a Windows battle field 2 player
<skuld>  sudo /etc/init.d/dovecot restart
<skuld>  * Restarting IMAP/POP3 mail server dovecot                                     Error: Error in configuration file /etc/dovecot/dovecot-postfix.conf line 5: Unknown section type
<skuld> Fatal: Invalid configuration in /etc/dovecot/dovecot-postfix.conf
<Pairadimesitty> I wasn't planning on being so blunt jmsrsden, but yes, maybe he isn't
<jmarsden> crohakon: Now you are becoming a server admin, right -- you are setting up a server.  So, Windows or Linux, you will need to use the command line some of the time.
<Pairadimesitty> and how should I know, I'm not either
<Pairadimesitty> you know full well, this adventure is even my first time writing in html
<crohakon> lol. The sad thing is, I once had a fairly good understanding of the command line and how to do things. Like 8 years ago...
<jmarsden> so... the claim that "vista/windows never have to use a command line to do anything" ... seems to have been somewhat invalidated :)
<jmarsden> skuld: Can you please do    pastebinit </etc/dovecot/dovecot-postfix.conf   for me, so I can read that file?
<crohakon> No no no... I was claiming that I when using vista/windows never had to use command line. I was not speaking for everyone else. =)
<Pairadimesitty> although I know ALOT about windows in all but the earliest of it's forms, I haven't messed with the server side much, and all my networking is done through hamachi and my router
<crohakon> I guess I could have worded it better though.
 * skuld since I cant figure out how to pastebin a file... LOL
<skuld> mail_location = maildir:/var/vmail/%d/%n
<skuld> first_valid_uid = 150
<skuld> last_valid_uid = 150
<skuld> passdb sql {
<skuld> args = /etc/dovecot/dovecot-sql.conf
<skuld> }
<skuld> userdb sql {
<skuld> args = /etc/dovecot/dovecot-sql.conf
<skuld> }
<skuld> master {
<skuld> path = /var/run/dovecot/auth-master
<skuld> mode = 0660
<skuld> user = vmail
<skuld> group = mail
<skuld> }
<jmarsden> skuld:   pastebinit </etc/dovecot/dovecot-postfix.conf
<skuld> ok
<jmarsden> You will get kicked off if you flood like that :)
<crohakon> wait... you can do that?
<skuld> http://pastebin.com/f1a3134c3
<jmarsden> crohakon: Sure.  pastebinit takes whatever you give it on standard input and pastebins it and then outputs the URL of the pastebin page.
<skuld> that's better.
<skuld> sorry about taht
<jmarsden> So you can use input redirection with pastebinit just as you can with other commands.
<crohakon> that is so nice of pastebin.com
<crohakon> *nods*
<skuld> cool, I wasnt' the only one who learned something this morning LOL
<jmarsden> Morning?  It is 10pm here :)
<skuld> just past 1 am
<wizardslovak> hello people
<wizardslovak> so i just shut down my system to  upgrade memory
<wizardslovak> when i turn off pc i cant see my site
<wizardslovak> wizzy.us
<skuld> that was your first mistake  LOL
<skuld> @jmarsden, any ideas?
<wizardslovak> i can connect with webmin and putty
<wizardslovak> but when i type site it doesn show
<skuld> sudo service apache2 start
<skuld> ?
<jmarsden> skuld: I don't see anything obviously wrong there... I think we might need pastebinit </etc/dovecot/dovecot-sql.conf   # I think the error is in there somewhere
<skuld> sounds like your webserver service isn't running Wizardlovak
<jmarsden> wizardslovak: ssh in using Putty, then   sudo netstat -ntlp | grep :80    and tell us what you see
<wizardslovak> i am restaring
<wizardslovak> and i  got error
<jmarsden> wizardslovak: You'll need to be much more specific about the error :)
<wizardslovak> ok ok
<skuld> ERG!  I get permission denied
<wizardslovak>  "could not open config file : /etc/squirrelmail/apache.conf
<skuld> try: sudo vi /etc/squirlmail/apache.conf
<jmarsden> skuld: sudo cat /etc/dovecot/dovecot-sql.conf |pastebinit
<jmarsden> Also check what perms the howto says that file should have...
<wizardslovak> "wait
<wizardslovak> there is error "syntax error on line 4 of /etc.apache2/apache2.conf
<jmarsden> wizardslovak: So either the file /etc/squirrelmail/apache.conf does not exist, or it has incorrect permissions, I would think.  And apparently you also have a typo or something in your /etc/apache2/apache2.conf file.
<wizardslovak> on line 4 it says "include /etc/squirrelmail.apache.conf
<wizardslovak> i will just pu # before it
<jmarsden> wizardslovak: Do we have a . vs / problem.  No, fix it, don't hack it.
<wizardslovak> i did remove squirrelmail loong time ago with "purge"
<jmarsden> Ah, but you forgot to update other files that refer to it... OK, in that case, go ahead and comment it out.
<Phlogistique> Hi
<wizardslovak> ok now it works
<wizardslovak> thank you people very much
<jmarsden> wizardslovak: No problem.
<crohakon|afk> well, goodnight
<jmarsden> crohakon|afk: Goodnight!
<jmarsden> skuld: sudo cat /etc/dovecot/dovecot-sql.conf |pastebinit    # did this work?
<wizardslovak> btw when i reset apache there was comment "httpd (no pid file) not running" but apahce started ok
<Phlogistique> I have a server running under Ubuntu 9.04 and am a beginner to DNS configuration. I've configured my DNS in such a way that it seems to work well on my server if "nameserver 127.0.0.1" is the first line of resolv.conf, but it doesn't work from anywhere else
<Phlogistique> additionally, when trying to "dig @myserverIP mydomain.tld" I get a timeout whereas
<Phlogistique> "dig @localhost mydomain.tld" works fine
<Phlogistique> Any idea of what could be causing this?
<jmarsden> Phlogistique: Sounds like bind is configured to only use localhost
<skuld> @jmarsden:  finally got that pastebinit.... http://pastebin.com/f6e2207ab
<Phlogistique> jmarsden: uh, that's right
<skuld> okay, I lied....I keep getting permissin denied
<jmarsden> Phlogistique: So check /etc/bind/named.conf* for any options that may be restricting your named to only using localhost, and also check that /etc/hosts is correctly set up
<jmarsden> skuld: OK, sudo -s     and then    pastebinit </etc/dovecot/dovecot-sql.conf     and then exit back out of that dangerous root shell.
<Phlogistique> jmarsden: yeah, just did that, thank you
<skuld> stupid permissions!  try this Jmarsden:  http://pastebin.com/f1d985c5a
<jmarsden> Phlogistique: You can also try    sudo netstat -ntlp | grep named  to see what ports named is listening on.
<Phlogistique> jmarsden: it was listening on the loopback
<Phlogistique> jmarsden: fixed now
<jmarsden> Phlogistique: Good :)
<Phlogistique> jmarsden: thank you so much orz
<jmarsden> skuld: Shouldn't that file have more than just the user query in it?
<Pairadimesitty> and now I don't know how to create a user for squirrel mail
<jmarsden> Phlogistique: You're welcome.
<Pairadimesitty> I figured it might by default use my ubuntu login at least by default
<jmarsden> Pairadimesitty: It uses whatever your IMAP server uses for authentication.
<Pairadimesitty> I have squirrel mail properly installed (I think) I selected the D option to use default IMAP settings
<skuld> there's a lot of commented stuff.
<Pairadimesitty> squirrelmail configtest passes
<jmarsden> Pairadimesitty: How are you (in general) adding email users and storing information about them?
<skuld> I went back through and uncommented/changed the queries to what the tutorial stated.
<jmarsden> skuld: OK, and does that make it work now?
<Pairadimesitty> that's just it, besides installing and setting the automatic IMAP settings from the menu, I haven't added any users
<skuld> no.  same result
<Pairadimesitty> and don't know how
<Pairadimesitty> because I stooped
<Pairadimesitty> *becuz
<jmarsden> Pairadimesitty: It is not wise to configure a webmail system before you have basic email (SMTP and POP3/IMAP) working :)
<Pairadimesitty> I just followed the guide
<Pairadimesitty> I think it should work with just one or two settings changed
<jmarsden> Pairadimesitty: Learn what you are doing as you go and test as you go, blindly following a howto leads you... somewhere, but you don't know where :)
<jmarsden> skuld: OK, pastebinit the newly fixed up dovecot-sql.conf file for me.
<Pairadimesitty> and when I try to log in with my ubuntu user name it comes up with the error:connection dropped by IMAP server
<skuld> http://pastebin.com/f65189cea
<jmarsden> Pairadimesitty: OK, so check the dovecot logs for what it said was wrong... and recheck your dovecot configs.
<Pairadimesitty> a different username leads me to a normal incorrect user name error
<Pairadimesitty> it would be nice if I could find a guide that went from A-Z that actually explained what things were along the way in understandable english
<jmarsden> Pairadimesitty: As I said: OK, so check the dovecot logs for what it said was wrong... and recheck your dovecot configs :)
<Pairadimesitty> lol
<Pairadimesitty> the guide doesn't use dovecot
<jmarsden> Pairadimesitty: OK, whichever IMAP server you used, check its logs.
<Pairadimesitty> courier
<jmarsden> If you don't want to do it yourself, pay for webhosting on someone else's server :)  If you want to do it yourself, learn how.  There is no shortcut.
<jmarsden> There are people around who can help you, if you ask good clear questions and are willing to learn.  But it's not trivial to set up a working and secure server.
<jmarsden> As skuld is discovering :)
<jmarsden> Of course I let him use SQL and guess where we now have issues... in the SQL stuff I don't use myself :)
<skuld> LOL :)  yeah
<Pairadimesitty> found the error log
<Pairadimesitty> says ....stuff..... imapd: Connection, ip=[::1]imapd: chdir Maildir: No such file or directory
<Pairadimesitty> insert a second line there
<Pairadimesitty> sorry
<jmarsden> Pairadimesitty: OK, so your user lacks a ~/Maildir directory and you set things up to use Maildir format malboxes...
<Pairadimesitty> that good bad or ugly?
<Pairadimesitty> seems a simple fix though?
<jmarsden> Try creating the ~/Maildir and see if it helps.  Sounds like you just forgot to actually provide a place for that user's email.
<jmarsden> Yes, very simple fix -- create the directory :)
<Pairadimesitty> where just under the webmail folder?
<jmarsden> No..... this is IMAP we are talking about, not webmail.  Log in as that user and do  mkdir ~/Maildir
<Pairadimesitty> I'm already in terminal as my user set to sudo su, so you mean literally type "mkdir ~/Maildir"?
<Pairadimesitty> sorry for being a dumb@$$
<Pairadimesitty> I blame my parents
<jmarsden> Pairadimesitty: as yourself, not sudoed to anything, log in as that user.  Then type in the command    mkdir ~/Maildir
<Pairadimesitty> done
<Pairadimesitty> testing
<jmarsden> skuld: OK... still looking for what might be wrong in that SQL config file... looks reasonably sane now.
<skuld> ok
<Pairadimesitty> progress, thanks, now it seems it needs mailboxes to work
<Pairadimesitty> I recall seeing something to that effect in the squirrelmail config
<jmarsden> Pairadimesitty: OK, so now you can just create new users (with the useradd command), set their password (with the passwd command) and create their Maildir's (using mkdir ~/Maildir or similar)
<jmarsden> skuld: Just to simply the file a bit, can you try getting rid of all the comment lines so we just have http://pastebin.com/mc71e400
<Pairadimesitty> by mailbox, I mean when I log in it error saying it is unable to open the inbox
<Pairadimesitty> *errors
<jmarsden> Pairadimesitty: I'm not a courier expert at all... maybe it needs you to create  new and cur subdirectories within the Maildir/ , or something?
<Pairadimesitty> that's my guess
<Pairadimesitty> seems strange that is hasn't created them by default on install
<jmarsden> How would it know which system users you want to also be email users?
<skuld> http://pastebin.com/f244b6dac
<skuld> still get the same error
<skuld> would case matter in the queries?  I see a couple of AS and a a couple of as in the queries from the tutorial
<Pairadimesitty> well, good point, I was hoping it would set the admin that installed it as a user, but yeah, I see what you mean
<jmarsden> skuld: generally speaking SQL keywords can be either case, but strings within quotes are likely to be case-sensitive
<jmarsden> skuld: OK... I guess I'm going to create a virtual Ubuntu 9.04 server here, and follow that howto and see what happens... if it works for me we can then check what is different between your setup and mine.
<skuld> okay.  I'll be on again tomorrow.  I need to get some sleep
<skuld> thanks for your hard work, and I've learned a HUGE amount today
<skuld> well,.... yesterday anyway
<jmarsden> OK... no guarantees when I'll be here, but I often am here :)
<skuld> okay.  thanks.  mail's been broken for a couple of weeks, what's another day or so?  LOL
<jmarsden> :)  OK, goodnight.
<Pairadimesitty> night jmarsden
<jmarsden> Goodnight Pairadimesitty
<Pairadimesitty> found a guide, looks like what I need
<jmarsden> Good :)
<Pairadimesitty> will report back to whoever's here when I've gone through it
<roxy09> Hi there, I gave permission some folders in my server to a "group" but when the users connect to the file (using samba) the permision change to "Domain users" groups and the rest of the user form my "group" can not acces anymore. How I can keep the permision in a folder?
<jmarsden> roxy09: SAMBA permissions and Unix file permissions are not the same thing.  You possibly want to edit your smb.conf file so that users in your group have appropriate access to that SAMBA share?
<roxy09> maybe...I'd give permission to a "group" but when the user modify or edit files the permission in group change to "User Domain" and the users form teh original Group lost the permisions
<Pairadimesitty> yay, it shows my inbox now, I needed mkdir -p /home/usename/Maildir/{cur,new,tmp}
<Pairadimesitty> that's all
<Pairadimesitty> now to mail myself and pray
<ewook> that smells like your MTA isn't working as it should
<Pairadimesitty> hmm, interesting
<Pairadimesitty> very interesting
<Pairadimesitty> I got all the right folders set to my user, but when I sent myself mail, nothing showed up, however I DID find the email in /var/mail/ as a file (not folder) with my username
<Pairadimesitty> the only other filer in that folder is one called nobody
<uvirtbot`> New bug: #455625 in eucalyptus (main) "Eucalyptus Loses Public IP Address" [High,Incomplete] https://launchpad.net/bugs/455625
<Pairadimesitty> the file type is "mailbox
<Pairadimesitty> :
<Pairadimesitty> sorry, typo
<Pairadimesitty> "mailbox"
<jmarsden> Pairadimesitty: Sounds like half your mailsystem wants to use mailbox format in /var/mail and the other half wants to use Maildir ... fixing things to all the pieces use the same mail spool format would be good :)
<jmarsden> s/to all/so all/
<Pairadimesitty> which format would you recommend?
<Pairadimesitty> I bow before the master
<jmarsden> It all depends; for high volume mail servers, Maildir, but for just a few users (say 100 or less) the old fashioned defaults are fine.
<Pairadimesitty> If I had a webcam you would see me bowing right now
<jmarsden> :)
<Pairadimesitty> let me put that another way, how would one add a new user?
<jmarsden> Pairadimesitty: Once you have the mail services all set up consistently, that shouldn't matter; you just create the user with useradd and set their password with passwd and the mailsystem creates their mail files as needed.  At least, that's how it works for Postfix/Dovecot
<Pairadimesitty> yes, that makes sense
<Pairadimesitty> I think I get how the Maildir sorts out files now, does the other method just create one file per user or one file per email?
<jmarsden> Pairadimesitty: One per user.
<Pairadimesitty> does it allow for custom folders?
<Pairadimesitty> never mind
<soren> I would never use old style mbox files if I could avoid it.
<Pairadimesitty> seems like squirrelmail has the function, should be able to handle it
<soren> It's much less a matter of how many users there are, than it's about how much e-mail each of them will store on the server, and how much you care about the integrity of said e-mails.
<soren> What you see in /var/mail is old style mbox files. It's basically all of the user's inbox stored in one file.
<Pairadimesitty> I'll follow soren's advice, seems like all emails in one file is kinda querky
<soren> Any changes to any e-mail in that inbox requires rewriting the entire file.
<Pairadimesitty> now to figure out how to set courier and imap to the other format
<Pairadimesitty> and no I obviously don't have any emails that need saving or converting over
<soren> That /is/ possible, though.
<soren> I don't know anything about courier. Never used it.
<Pairadimesitty> I saw a guide while looking on google on switching emails over
<Pairadimesitty> let me regoogle to see if it knows what's up
<Pairadimesitty> I'm having trouble finding it, could postfix need any settings changes?
<ttx> mdz: ping
<Pairadimesitty> seems like courier is supposed to use maildir by default
<Pairadimesitty> something else must be interfering, or it's not courier
<Yuttadhammo> hey there, sorry to bother, but, I have a problem with Ubuntu Server 9.04... when I run netstat -lu  it gives: netstat: no support for `AF INET (udp)' on this system.  How do I add UDP support?
<soren> Yuttadhammo: Which kernel are you using?
<Yuttadhammo> just a sec...
<Yuttadhammo> 2.6.28.11
<soren> What's the exact output of "uname -a"?
<Yuttadhammo> Linux grid1.buddhaverse.net 2.6.29.5-grsec-hostnoc-4.2.0-i386-libata #1 SMP Thu Jul 9 01:00:08 EDT 2009 i686 GNU/Linux
<soren> There's your problem, probably.
<soren> that's not an ubuntu kernel.
<Yuttadhammo> uhoh...
<soren> ...and it's not 2.6.28.11, clearly.
<Yuttadhammo> sorry, aptitude shows it as 11
<soren> Well, it's not what you're running.
<Yuttadhammo> hmm... why does aptitude say I am?
<soren> aptitude does not know which kernel you're running. It knows which kernels were installed.
<soren> ..from .deb-packages.
<Yuttadhammo> ah
<soren> 2.6.29.5-grsec-hostnoc-4.2.0-i386-libata probably came from somewhere else. Is this a rented server, by any chance?
<Yuttadhammo> yeah
<soren> Physical or virtual?
<Yuttadhammo> physical
<soren> Ok, then you can probably just boot into another kernel somehow.
<soren> See if it uses lilo or grub.
<soren> brb, have to reboot (kernel update).
<Yuttadhammo> okay thanks a lot.
<Pairadimesitty> imapd file says maildirpath=Maildir, that right or does it need home/$user/Maildir or something like that?
<soren> Pairadimesitty: maildir paths are usually relative to the user
<soren> 's home directory.
<soren> In other words, what you have is probably fine.
<Pairadimesitty> then I'm still sure which program has it wrong and what file to edit
<soren> Yuttadhammo: Who are you renting this server from?
<Yuttadhammo> burst.net
<Yuttadhammo> I see they are on aim... I'm going to contact them...
<soren> Disabling UDP seems /quite/ odd. I wouldn
<soren> t even know how.
<Yuttadhammo> yeah, really weird.
<soren> I don
<soren> t see a kernel config option for it.
<Yuttadhammo> lol... I was almost embarassed to ask.
<sbeattie> presumably, grsecurity is being more restrictive about it.
<soren> sbeattie: Oh, right, it may actually support it, but grsecurity may be blocking netstat from showing it?
<soren> Yuttadhammo: Does it work through sudo?
<sbeattie> that's my suspicion.
<Yuttadhammo> oh, I'm really embarassed now.
<Yuttadhammo> yeah, sudo works.
<Yuttadhammo> thanks for the help.
<soren> No problem.
<soren> Hey, it works everywhere else. Don
<soren> t be embarrassed.
<Yuttadhammo> guess I need to find a way to get back to an Ubuntu kernel...
<soren> Shouldn't be too hard, hopefully.
<Yuttadhammo> if I reboot the server, will I be able to ssh into it again?
<soren> Yuttadhammo: Depends on what you changed since last reboot :)
<Yuttadhammo> I think I'll wait until the guy who knows what he's doing gets back... I'm just trying to make a UDP connection...
 * soren reboots again
 * soren managed to uninstall grub2, so grub.cfg did not get updated with new kernels, but grub still chainloaded into grub2, so kept booting and older kernel (which I thankfully hadn't deleted).
<Pairadimesitty> I'm so frustrated, what program actually gets the mail and puts it in a folder, courier is set correctly, squirrelmail is set correctly, but the mail shows up in var/mail
<soren> postfix does that.
<soren> Well..
<soren> It depends.
<soren> If you
<Pairadimesitty> I have postfix
<soren> re moving stuff around between folders in squirrelmail, it's your imap server.
<Pairadimesitty> and saslauthd, maildrop, getmail4
<soren> If it's new mail coming in over smtp, it's your SMTP server, which I gather is postfix.
<Pairadimesitty> and a couple other things I don't know
<soren> Err..
<soren> Why do you have all of those things?
<soren> The "other things I don't know" bit worries me. Is this not a system you set up yourself?
<Pairadimesitty> it is the best guide I could find for what I wanted, but it doesn't explain things worth a damn
<Pairadimesitty> or finish for that matter
<soren> I doubt you need any of maildrop or getmail4.
<Pairadimesitty> what do they do?
<soren> saslauthd, perhaps.
<Pairadimesitty> I suspect saslauthd is set up correctly
<Pairadimesitty> but again, nothing is explained
<soren> getmail4 - mail retriever with support for POP3, IMAP4 and SDPS
<soren> maildrop - mail delivery agent with filtering abilities
<soren> How do you receive e-mail from the outside world+
<soren> ?
<Pairadimesitty> the guide was rigged for more of a server host -sell webspace sort of thing
<Pairadimesitty> imap
<Pairadimesitty> does that answer your question even?
<soren> Ah.
<soren> It might.
<soren> So people send you an e-mail, and you're expected to go and grab it from someone else's mailserver?
<soren> Over IMAP.
<Pairadimesitty> hmm? no, everything is run directly off this machine next to me
<soren> That's a bit vague..
<Pairadimesitty> it's it's own mail server, dns, ssh, ftp, and web server
<soren> Say I wanted to e-mail you... How would an e-mail get from me to you? Are you set up to be your own MX?
<Pairadimesitty> the guide is http://howtoforge.org/perfect-server-ubuntu-9.04-ispconfig-3-p4
<soren> I'm not asking what you've set up.
<soren> I'm asking how you expect mail from the outside world to reach your server.
<Pairadimesitty> I installed on Xubuntu after getting annoyed with not having a gui to work with, and I skipped ISPConfig and Jailkit
<Pairadimesitty> I'd like it to simply come directly to my server from the sender and store it in the per user Maildir's
<Pairadimesitty> with a check to make sure the email sends so it doesn't get lost in the ether, but I really don't know how the protocols work
<Pairadimesitty> as I said, I'm a dumb noob and this is my first time setting up any of this, and most guides are rather difficult to follow for this sort of thing
<soren> If you intend for mail to be delivered directly to your server via SMTP, you certainly don't need getmail4.
<Pairadimesitty> would it be helpfull to grab from my hotmail account or something like that?
<soren> Dear god, no.
<Pairadimesitty> and I found a forum post mentioning postfix, trying it out
<soren> Wait, what?
<soren> You said you were already using postfix?
<Pairadimesitty> yes
<Pairadimesitty> I said that earlier
<soren> But now you're trying it out?
<soren> As opposed to before where you were... what?
<Pairadimesitty> I'm trying out the post to see if it has accurate instructions on how to make postfix use maildir
<soren> Just put "home_mailbox = Maildir/" in your main.cf
<Pairadimesitty> I found that too! yay
<Pairadimesitty> though I found a post right under one that said that
<Pairadimesitty> Setting home_mailbox won't work if you're using procmail.
<Pairadimesitty> Instead of setting those vars on the procmail command line (they're wrong anyway), it's better to create a /etc/procmailrc and set them there:DROPPRIVS=YES
<Pairadimesitty> ORGMAIL=/home/${USER}/Maildir/
<Pairadimesitty> DEFAULT=${ORGMAIL}
<Pairadimesitty> does that make sense to you?
<soren> Are you going to use procmail?
<Pairadimesitty> I'm not sure if I am using it, hang on a sec and I'll check
<Pairadimesitty> what does procmail filter anyway?
<soren> If in doubt, it's /extremely/ unlikely that you're using it.
<Pairadimesitty> apparently it's installed
<Pairadimesitty> as is spamassassin
<soren> Pairadimesitty: All these guides and forum posts and whatnot you're following... Are they writting with Ubuntu in mind?
<Pairadimesitty> yes, that's one think I make sure of
<soren> I think you can just ignore what it says about procmail.
<Yuttadhammo> :) rebooted into Ubuntu... man, that feels good.  Ubuntu rocks.
<Yuttadhammo> (sorry for the spam)
<Pairadimesitty> I'm trying it now, sending an email, then if that fails I'm going with the other and trying it and forgetting the origional
<Pairadimesitty> progress, I got an email back from myself that said the email failed to be reseaved, I'm happy to know that it sends failed email messages
<Pairadimesitty> and this error about failure to write to directory makes me think I need to chmod
<Pairadimesitty> what number should I chmod it to?
<Pairadimesitty> Yuttadhammo: this is the ubuntu irc, how can that be spam?
<brandonc503> hey all.. so i once asked about keeping people from seeing the folders in website and i was told about -option the folders.. or something.. can somone point me in the right direction pls.. tnx
<Yuttadhammo> (It's not the #fanboy channel...)
<Pairadimesitty> got it 700
<Pairadimesitty> how about #reese
<brandonc503> what is best channel to ask about htaccess
<mdz> ttx: as far as I am aware, eucalyptus is ready to release
<ttx> There are two bugs bothering me
<ttx> mdz: bug 455293 is cosmetic and quite harmless to fix
<uvirtbot`> Launchpad bug 455293 in eucalyptus "UEC management interface still has Eucalyptus as title" [Wishlist,Triaged] https://launchpad.net/bugs/455293
<ttx> bug 455816 is slightly more disturbing, should we release-note it ?
<uvirtbot`> Launchpad bug 455816 in eucalyptus "When installing a UEC cluster, the prompt for the private interface is displayed after the "Installation complete" dialog" [Medium,Confirmed] https://launchpad.net/bugs/455816
<ttx> The last one still nominated for karmic is bug 453456
<uvirtbot`> Launchpad bug 453456 in eucalyptus "excessive logs in /var/log/eucalyptus" [Low,Triaged] https://launchpad.net/bugs/453456
<ttx> mdz: which, if any, should be fixed before RC, or before GA ?
<ttx> I'm fine with keeping the current release, just making sure we are aligned on this.
<ttx> (in which case I'd drop the karmic nominations for those)
<mdz> ttx: reading
<mdz> ttx: 455293> we should go ahead and commit that to bazaar, since if we do an upload there is no reason not to include it
<ttx> mdz: OK.
<mdz> ttx: 455816> I have never seen that question; is it new?
<mdz> oh, it's only when you have multiple NICs
<ttx> mdz: yes, submitted by Etienne on that specific multi-NIC testing
<mdz> ttx: I've looked at cjwatson's diff and I'm not sure I can evaluate the risk; maybe ask cjwatson what he thinks we should do wrt RC?
<ttx> mdz: it's tricky to fix and test in the remaining timeframe
<ttx> mdz: sure
<cjwatson> I think it's an ugly wart, but not a fatal one
<ttx> mdz: I can't evaluate the risk either, and can't really test the fix with my current hw
<cjwatson> when I thought about it last night, I couldn't think of anything that would actually go wrong due to it
<mdz> ttx: 453456> if (and only if) the logs are getting rotated, we can defer this to lucid
<cjwatson> the fix is verbose but in principle straightforward - but it's a pain to test without uploading
<cjwatson> I gave mathiaz directions on testing it last night
<ttx> mdz: 453456> agreed, especially since trying to tone down those logs by configuration doesn't seem to work.
<cjwatson> my inclination, though, is to leave it be
<ttx> cjwatson: thanks for your input, I tend to agree with you.
<nijaba> hello, would anyone know how to list what nodes are registered on a cluster?
<ttx> nijaba: apparently there is no euca_conf --list-nodes
<nijaba> ttx: not in the version I am using then
<ttx> nijaba: I said "there is *no* euca_conf --list-nodes"
<nijaba> ttx: hehe sorry...
<mdz> ttx: can we confirm that?
<ttx> nijaba: grep NODES /etc/eucalyptus/eucalyptus.conf ?
<ttx> mdz: it's confirmed, there is no such option.
<mdz> ttx: I meant, can we confirm that the logs are getting rotated
<ttx> mdz: I guess we need to let a system run without touching it for a few days... that would help in confirming bug 455625 as well
<uvirtbot`> Launchpad bug 455625 in eucalyptus "Eucalyptus Loses Public IP Address" [High,Incomplete] https://launchpad.net/bugs/455625
<ttx> mdz: however I'm using my hw to test the RC ISo candidates
<ttx> mdz: I'm looking in the code to confirm, and we can ask the Eucalyptoids for more detail / confirmation
<mdz> ttx: how about we ask for a pointer to the code which implements this as well?
<mdz> so we can confirm how it is supposed to work
<ttx> mdz: will do when they are awake -- at first glance it's not obvious where it would be implemented
<mdz> ttx: I've asked in the bug
<mdz> ttx: meanwhile, we should prepare a branch which implements logrotate
<mdz> ttx: I don't think we need to do anything about this for GA, but we should be prepared to do an SRU if it turns out that the upstream rotation doesn't work
<mdz> (or is not complete enough)
<ttx> mdz: agreed. Can't find where it would be implemented in their code, but they might just inherit it from some other Java library
<ttx> mdz: should I wontfix the karmic nomination for the multiple-NIC installer issue ?
<Pairadimesitty> OH MY GOD
<Pairadimesitty> I am soooooo annoid that was it
<Pairadimesitty> annoyed
<Pairadimesitty> PO'd
<Pairadimesitty> soren: it was exactly what we both thought it was BUT it needed a / at the end and the guide didn't say that
<Pairadimesitty> home_mailbox = Maildir/
<Pairadimesitty> not home_mailbox = Maildir
<Pairadimesitty> holy hell
<Pairadimesitty> that was dumb
<soren> Pairadimesitty: Uh, yeah. That's what I said.
<soren> The slash at the end denotes Maildir format.
<Pairadimesitty> omg, you did
<Pairadimesitty> I saw a post at the same time you posted that, I don't think it did have the slash
<Pairadimesitty> I feel like the idiot I am
<Pairadimesitty> give me a virtual slap
<Pairadimesitty> I deserve it
 * soren pats Pairadimesitty on the head
<Pairadimesitty> I'm not a dog
<Pairadimesitty> I'm a pirate
<Pairadimesitty> if you want to pitty me give me booty
<Pairadimesitty> since I took procmail off should I bother putting it back on?  I liked what it did but....
<soren> Does everything work now?
<Pairadimesitty> I can get mail
<Pairadimesitty> I suppose I should try sending it before I celebrate
<soren> ...and before you start changing anything again (like adding procmail back into the mix)
<Pairadimesitty> YAY
<Pairadimesitty> it works
<Pairadimesitty> nicely
<Pairadimesitty> and quickly
<Pairadimesitty> and screw procmail until such time as I decide to start over from scratch
<Pairadimesitty> and I also believe saslauthd is set up properly, but I still don't know what all this stuff does
<Pairadimesitty> yeah, I don't think spamassassin is set up properly
<soren> Pairadimesitty: saslauthd is usually used to authenticate users so that they can send e-mail through your server.
<Pairadimesitty> I get it
<Pairadimesitty> ug, something else I'll skip for now
<mdz> ttx: re: multiple NIC issue, I defer to Colin. if we can fix it with an acceptable amount of risk for 9.10, then I would like to see it fixed. if the risk is too great, then we can accept that.
<uvirtbot`> New bug: #456238 in postfix (main) "empty message-id, no date in Evolution MUA" [Undecided,New] https://launchpad.net/bugs/456238
<Pairadimesitty> ach, ##php is very helpfull for my issue, they had me turn my home page into an include, which does autosize my forum, but  now css is messed up between both and links all lead to the forum page and I loose my homepage surround
<Pairadimesitty> so it's probably posible with php, but it's way to much work for now
<Pairadimesitty> so how do I make an iframe autoresize virtically
<aubre> Good morning - Mark Spencer told me he'd find out what the status was on Asterisk and get back to me. I guess since he's a CEO he's not as involved with actual development as he once was when he created it.
<pmatulis> aubre: the "status of Asterisk"?
<Bilge> What shall I call my backup user since "backup" is already taken? :/
<Bilge> I lack imagination
<zul> backup2
<Bilge> lol
<pmatulis> Bilge: hint, base the name on the backup tool you'll be using
<Bilge> I wrote the tool myself
<Bilge> A series of three scripts for batch, iterative and rolling backups
<soren> I would call it Oxygen.
<soren> ..since that's what my naming scheme dictates.
<soren> YMMV.
<Bilge> What
<Bilge> If I make a user who is just used to download backup files from a restricted shell, should I add it as a system user (UID < 1000) or a normal user?
<zul> soren: i sill like backup2
<soren> zul: Yeah, that's pretty good :)
<zul> soren: but all my machines at home are named after south park characters (including my wife's laptop)
<soren> zul: I have a set of virtual machines names roughly by their function. My web server is webster, my DB server is debbie, my DNS server is dennis, etc.
<soren> I have another set of servers (that are not single-purpose) named after the elements.
<zul> soren: heh originally it was simpsons characters but the new simpons episodes are kind of boring
<soren> I stopped doing
<soren> I stopped naming servers after Simpson characters when I got tired of typing comicbookguy.
<cjwatson> mdz: I'd like to make the multiple NIC issue conditional on mathiaz being able to test my branch and confirm it working, then; I don't think we have enough iterations left to be able to justify an untested upload
<uvirtbot`> New bug: #427094 in dbconfig-common (universe) "Wrong permission on file makes phpmyadmin show blank page" [Low,Incomplete] https://launchpad.net/bugs/427094
<neil-wilson> Afternoon all. Anybody in Eucalyptus mode here this afternoon. I have an issue with keypairs that is either me being an idiot or a bug.
<neil-wilson> Can't get onto any instance I spawn.
<uvirtbot`> New bug: #453739 in kerberos-configs (universe) "FFe: Sync kerberos-configs 2.2 (main) from Debian unstable (main)" [Low,Incomplete] https://launchpad.net/bugs/453739
<aubre> pmatulis: yeah people were asking when asterisk 1.6.2 was going to be stable
<aubre> hmm I am getting this now in MANAGED-NOVLAN mode, priv interface 'eth1' must be a bridge, tunneling disabled in my cc.log - not my nc.log
<aubre> this is after updating to 1.6~bzr931-0ubuntu7
<neil-wilson> aubre: I'm getting that a well for the priv interface on the cc controller.
<aubre> neil-wilson: whew - well finally I'm not alone
<aubre> neil-wilson: I'm trying to file a bug but without much success.
<neil-wilson> aubre: are you getting vlan errors as well?
<neil-wilson> failed to attach tunnels for vlan 10 during maintainNetworkState()
<aubre> neil-wilson: I get that when I tried to attach a SC volume to an instance
<aubre> neil-wilson: when I could get instances to launch, that is
<neil-wilson> I can launch instances. I just can't get onto them. For some reason soren turned off key injection and I'm trying to understand why.
<soren> Wait, what?
<soren> I did what?
<neil-wilson> soren: turned off key injection in managed mode? 7th september.
<soren> neil-wilson: Oh, in eucalyptus? Yeah.
<neil-wilson> soren: how's it supposed to work then?
<soren> neil-wilson: Like on EC2. I need to run for 10 minutes. I can explain afterwards.
<aubre> neil-wilson: hmm well all of a sudden, euca-describe-availability-zones verbose is working after I tried and succeeded in launching an instance
<aubre> neil-wilson: now to try attaching a volume
<aubre> neil-wilson: still can't attach an SC volume, now to check logfiles
<soren> neil-wilson: Just like on EC2. EC2 does't inject keys either. It offers keys through the meta-data service. At boot time, ec2-init goes and grabs the keys from the meta-data service and puts them somewhere appropriate.
<aubre> well when I try to attach an SC volume, I am getting this in my node's nc.log : http://paste.ubuntu.com/297485/
<soren> I don't even know if this is a runtime or compile time option. I just took a patch from upstream.
<soren> aubre: Is everything completely up-to-date on that system?
<neil-wilson> soren: I don't appear to be picking up the metadata - almost as though apache isn't providing it. Any idea whereabouts in the system it lives?
<aubre> aubre: yes , I am using 1.6~bzr931-0ubuntu7
<aubre> soren: yes , I am using 1.6~bzr931-0ubuntu7
<aubre> soren: I updated this morning
<soren> aubre: "everything".
<soren> aubre: Not "eucalyptus".
<aubre> soren : I did a apt-get update followed by apt-get dist-upgrade
<soren> neil-wilson: It's reachable from the instances on 169.254.169.254.
<aubre> soren: let me do it again
<_ruben> hmm, is / the only invalid character in a filename or are there more?
<soren> aubre: Ok. And everything is from Ubuntu? libvirt, kvm, kernel, etc.?
<aubre> soren: yep, that's the way I roll
<soren> _ruben: ASCII 0 is unlikely to be a good idea.
<soren> _ruben: But it depends on the filesystem.
<neil-wilson> Not on my system. A get to that address gets the default Apache 'it works' message. What service provides it?
<neil-wilson> Can't find anything recent in the logs.
<_ruben> soren: but in general (or ext3 in particular), it's pretty safe to assume that exluding \000 and / is safe?
<_ruben> the at first though obvious ones can be escaped properly if needed (like * and :)
<soren> neil-wilson: Eucalyptus provides it.
<soren> neil-wilson: The cloud controller, I would expect.
<soren> _ruben: Define "safe".
<neil-wilson> soren: Off to go digging. Thanks for your help.
<_ruben> soren: safe is wrong term indeed, allowed is a better world, from the FS point of view .. so "foo..bar" might not be considered safe, but is valid
<soren> _ruben: I /think/ if you steer clear of / and ASCII 0, you'll be alright. * and ? are both certainly aceptable filename characters.
<kirkland> soren: ping
<ttx> mathiaz: about bug 455816, do you have the necessary hardware to reproduce the issue and verify the fix ?
<uvirtbot`> Launchpad bug 455816 in eucalyptus "When installing a UEC cluster, the prompt for the private interface is displayed after the "Installation complete" dialog" [Medium,Confirmed] https://launchpad.net/bugs/455816
<kirkland> soren: is there an up-to-date uec appliance that I can try in my cloud?
<soren> kirkland: Nothing more up-to-date than what I posted last Friday.
<ttx> kirkland: tested UEC setups from amd64 and i386 20091020 -- I hit bug 444352 and bug 452556 in both cases, otherwise it's ok
<kirkland> soren: pointed to on ubuntu-devel@ ?
<uvirtbot`> Launchpad bug 444352 in eucalyptus "DB deadlock on reboot prevents UEC from working, temporarily" [Low,Won't fix] https://launchpad.net/bugs/444352
<uvirtbot`> Launchpad bug 452556 in eucalyptus "euca-authorize default failing" [Medium,Confirmed] https://launchpad.net/bugs/452556
<kirkland> ttx: okay good; java problems, i didn't get a built iso before i went to bed
<ttx> kirkland: doko fixed that
<skuld> Good morning all!
<kirkland> ttx: on the authorize failing, does it have any mal effect?
<kirkland> ttx: i found that i could ssh just fine
<ttx> kirkland: to the public address ?
<kirkland> ttx: yes
<kirkland> ttx: have you tried?
<soren> kirkland: Yes.
<jjohansen> smoser: do you know if I can just use migrate-bundle to put an aki/ari in euwest region?
<kirkland> soren: thanks
<skuld> I'm having a problem with apache2.  I configured my websites, tested it works fine on my internal ip (192.x.x.x) but when I try to use either the domain or my public IP (216.x.x.x) I get
<skuld> "unable to connect"
<ttx> kirkland: interesting... no, I didn't try that. I ran the command again, and since run-instances was run in between, it would succeed
<smoser> jjohansen, i know (thanks to our friend ross) that you cannot
<smoser> :)
<aubre> soren: maybe this is related to https://launchpad.net/bugs/452556 , but I found that I couldn't do a euca-describe-available-zones verbose until after I had launched an instance
<uvirtbot`> Launchpad bug 452556 in eucalyptus "euca-authorize default failing" [Medium,Confirmed]
<jjohansen> smoser: thanks
<smoser> jjohansen, but in the future, i will get you some setup information for publish-image so you can use it.
<soren> aubre: I'm not actually working on Eucalyptus these days, so I'm the wrong person to talk to :)
<smoser> then one command gets it in both places
<jjohansen> smoser: that sounds nice
<smoser> you're up early
<ttx> aubre: that would be bug 444352, grep DEADLOCK /var/log/eucalyptus/cloud-output.log to confirm
<uvirtbot`> Launchpad bug 444352 in eucalyptus "DB deadlock on reboot prevents UEC from working, temporarily" [Low,Won't fix] https://launchpad.net/bugs/444352
<kirkland> ttx: try it next time; i'm not sure the command is entirely necessary (which might be another bug)
<smoser> i was just about to ping you to ask you to push those to eu
<skuld> can anybody get to the site http://www.localexpresscl.com ?
<smoser> soren, what would you think about trying to fix bug 407949 for karmic?
<uvirtbot`> Launchpad bug 407949 in ec2-init "ec2-init: ec2-set-defaults needs better defaults for non US/EU regions" [Medium,Confirmed] https://launchpad.net/bugs/407949
<ttx> smoser: there is no UEC/EC2 image RC candidate yet on the test tracker -- who/when ?
<smoser> ttx, oh, sorry, i can put it there, i didn't know that it should be.
<smoser> soren, see my comment 3 in that bug, UEC will always take the fail path
<ttx> smoser: at one point the candidate for the image and the EC2 AMIs must be officialized on the ISO test tracker
<smoser> ttx, should I put one up there?
<ttx> smoser: tat would allow us to report test results, yes
<ttx> smoser: if you still expect to change it, it might not be necessary though
<smoser> ttx, well let me look real quick, fwiw, the 20091020 is up available on ec2
<aubre> ttx: you are correct sir, it was confirmed
<smoser> i have no plans on changing it
<aubre> soren: sorry then lol
<ttx> smoser: ok, who do I/you need to ping to make that happen ?
<smoser> ttx, i'll tak 10 minutes here, and just look, but i think that we just call the AMIs that are in http://uec-images.ubuntu.com/karmic/20091020/published-ec2-nightly.txt as RC.
<smoser> and then i guess we tell slangesack that
<ttx> smoser: ok, take your time
<soren> smoser: Sounds like a good idea. What do you suggest?
<smoser> soren, just an absolutely simple catch-set-default
<smoser> as en_US.utf-8
<aubre> ttx: perhaps a simple command could be put in the documentation for users which would clear the deadlock?
<soren> smoser: Feel free.
<soren> (make that UTF-8, though, not utf-8)
<ttx> aubre: attempting to run the command multiple times in a row usually autofixes it
<smoser> :)
<ttx> aubre: but not everyone hits this bug, may I ask what your setup looks like ?
<aubre> ttx: sure
<smoser> i'll work a suggested patch, but need sponsorship. i'll attach bzr karmic branch there.
 * skuld takes a number and waits in line
<aubre> ttx; 1 CC,  2 nodes.
<aubre> ttx: 1 CC, 2 nodes
<ttx> aubre: on CC: fast/slow disk ?
<aubre> ttx: CC is on raid across 4 disks
<soren> smoser: Cool, thanks.
<aubre> ttx: 7200 rpm
<aubre> ttx CC has 12 GB of RAM
<skuld> can anybody help me with apache?
<smoser> soren, so i'm going to hit 'target to release karmic' there, that will set of some flags ?
<aubre> ttx: CC has 12 GB of RAM
<ttx> aubre: hm, sounds quite different from what I run (2Gb RAM / 1x5400rpm disk)
<ttx> kirkland: planning to do a RC test install today ?
<aubre> ttx: this was bought/spec'd to be a proof-of-concept, if we get it working and we feel confident we may purchase a large system w/support
<ttx> aubre: also restarting eucalyptus after the reboot clears the deadlock condition.
<aubre> ttx: what's the best way to restart eucalyptus
<ttx> aubre: I do "sudo stop eucalyptus" then "sudo start eucalyptus"
<aubre> ttx: nice, so I don't have to shut down each process? sweet
<aubre> ttx: oh and I'm using RAID 0
<Omahn> ttx: Thanks for checking out bug 341256. One quick question, how do I change the version number to avoid the conflict? Do I just edit the version displayed when using dch -i or should I be changing somewhere else?
<uvirtbot`> Launchpad bug 341256 in unattended-upgrades "RFE: unattended-upgrades should identify host." [Medium,Fix released] https://launchpad.net/bugs/341256
<ttx> Omahn: just edit the one dch -i creates
<soren> ttx: Is EBS in reasonable shape in your UEC installations?
<Omahn> ttx: Cool, thanks, will correct and upload fresh debdiffs.
<ttx> Omahn: https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Packaging has good rules on picking up a package version number for SRU
<Omahn> ttx: I'll read up.
<ttx> Omahn: like I said, I'm not sure that's appropriate for SRU -- adding a useful feature that changes the behavior of the release is usually not appropriate
<nomoa> hi, we upgraded some servers to 9.04 and now we are confronted to a bug in smbfs. We can create files from 9.04 clients to a 7.04 samba server, but modification is impossible (e.g. touch failed with invalid argument and the file is created)
<Omahn> ttx: It's not really a feature for us, it's a necessity. Due to the volume of unattended-upgrade emails we receives its simply unmanageable without the hostname.
<Omahn> ttx: Although we are happy to just package the updated version ourselves. Just thought I would try and push it back upstream to benefit others.
<ttx> Omahn: I understand why you need it, but I also see why others could get broken by the update (imagine some tool relying on the email format)
<ttx> soren: I tested attaching a volume and saw it appear in the UEC instance -- does that count ?
<Omahn> ttx: Agreed. I'm happy with whatever line you and the SRU team recommend.
<ttx> Omahn: I defer to them.
<Omahn> ttx: No problem.
<ttx> soren: for more complex tricks, we relied on the eucalyptoids.
<ttx> soren: maybe Dustin did something more clever to tset his attach fixes.
<skuld> help?
<ttx> kirkland: please add the doc item to the meeting agenda, yes
<kirkland> ttx: will do
<kirkland> ttx: test "what" attached fixes?
<ttx> kirkland: the scsi-attach fixes
<kirkland> ttx: ah, in the interest of time, I tested using just kvm, libvirt, and virt-manager; nurmi tested the eucalyptus integration
<ttx> kirkland: soren was asking about the status of EBS support
<ttx> kirkland: ok
<kirkland> ttx: i was specifically working on the device add/remove from the kvm and libvirt side
<kirkland> ttx: once i had working reliably, i pushed nurmi the fixes, and he verified the EBS side
<uvirtbot`> New bug: #400404 in libvirt (main) "virsh --help {option} no longer works in shell" [Wishlist,Incomplete] https://launchpad.net/bugs/400404
<uvirtbot`> New bug: #411417 in libvirt (main) "virsh restore causes kernel panic in guest." [High,Incomplete] https://launchpad.net/bugs/411417
<kirkland> ttx: and uploaded when we were both independently happy
<ttx> kirkland: ok
<ttx> soren: so EBS is believed to be in good shape, though we lack in first-hand testing and multiple use cases
<nomoa> any hints on a bug which affect the open (O_WRONLY|O_CREAT|O_TRUNC) syscall on smbfs when and return ENOENT when file exists and success when file does not exist?
<soren> ttx: I tested attaching a volume and saw it appear in the UEC instance> Yes, that does count. I think that's all I really need.
<soren> nomoa: Perhaps some weirdness caused by inconsistent case? E.g. you're trying to the create "Foo", but there's already a "foo" on the remote system?
<soren> nomoa: Pure guesswork.
<nomoa> soren: no, eg : dd if=somefile of=newfile is ok, dd if=somefile of=existingfile is ko
<nomoa> strace indicate that open has failed, but it should not
<soren> nomoa: I understand. I'm just suggesting to look for files on the remote system that have names that correspond to the ones you're trying to use, but with different casing. I've seen that cause all sorts of madness before.
<nomoa> ah ok, I'm afraid that this is not my problem :(
<soren> Fair enough.
<soren> Er, hang on.
<soren> No, I'm just being silly.
<skuld> I need help with either apache or firewall or network...not sure which LOL
<mathiaz> ttx: no 100% sure I'll have access to the hardware
<mathiaz> ttx: probably ask EtienneG - he's got the right hardware
<uvirtbot`> New bug: #230839 in lm-sensors (main) "The sensors program crashes on 2.6.26+" [Medium,Fix released] https://launchpad.net/bugs/230839
<mathiaz> ttx: I don't think we need to fix bug 455816 for  release
<uvirtbot`> Launchpad bug 455816 in eucalyptus "When installing a UEC cluster, the prompt for the private interface is displayed after the "Installation complete" dialog" [Medium,Confirmed] https://launchpad.net/bugs/455816
<skuld> I set up my apache, I can get to it from my internal IP (192.x.x.x) but I can't hit any of my sites, nor the public IP (216.x.x.x).  I ran a port scanner from a website, said port 80 is open, and linux said 0.0.0.0:80 is listening.
<EtienneG> ttx, huh?
<EtienneG> ttx, I will be testing EBS at some time this week, although probably not today
<EtienneG> ttx, not sure what you mean by "multiple use"
<ttx> EtienneG: I think we don't talk about the same thing -- I was talking to mathiaz about testing the fix for bug 455816, which requires a server with multiple NICs
<uvirtbot`> Launchpad bug 455816 in eucalyptus "When installing a UEC cluster, the prompt for the private interface is displayed after the "Installation complete" dialog" [Medium,Confirmed] https://launchpad.net/bugs/455816
 * soren breaks until the meeting
<EtienneG> ttx, ah, ok.  that's my biug, actually
<EtienneG> ttx, it is easy enough to test with VMs.  Create one with two NIC, install a cluster controller
<ttx> mathiaz: we had that discussion this morning with cjwatson and mdz, and will mention it again at the meeting. Looks like it's difficult to test, and risky to fix in the remaining time we have.
<ttx> EtienneG: true.
<mathiaz> ttx: IMO it's just a cosmetic bug
<mathiaz> ttx: it's doesn't break the installation
<mathiaz> EtienneG: ^^ correct?
<ttx> mathiaz: that's Colin's opinion as well.
<mathiaz> ttx: we could add a section to the release notes
<mdz> cjwatson: works for me re: multiple NIC issue
<mdz> mathiaz: <cjwatson> mdz: I'd like to make the multiple NIC issue conditional on mathiaz being able to test my branch and confirm it working, then; I don't think we have enough iterations left to be able to justify an untested upload
<mathiaz> mdz: right - EtienneG just gave an easy way to create a test setup
<neil-wilson> Is launchpad fubared today. I can't file any bugs from server.
<mathiaz> ttx: I'll give a try to cjwatson's branch on bug 455816
<uvirtbot`> Launchpad bug 455816 in eucalyptus "When installing a UEC cluster, the prompt for the private interface is displayed after the "Installation complete" dialog" [Medium,Confirmed] https://launchpad.net/bugs/455816
<mdz> neil-wilson: it's been slow for me today, but is certainly working
<mathiaz> aubre: I think you also have access to a 2-NIC configuration
<mathiaz> aubre: would you be able to test a fix for bug 455816?
<uvirtbot`> Launchpad bug 455816 in eucalyptus "When installing a UEC cluster, the prompt for the private interface is displayed after the "Installation complete" dialog" [Medium,Confirmed] https://launchpad.net/bugs/455816
<hollman> hello *
<hollman> how can I make a backup of my System ? including users, passwords, permissions mail accounts .. ?
<aubre> mathiaz: let me take a look
<aubre> mathiaz: yes I would be able to test a fix for you, I have 6 NICs in total on the CC, 2 each on the NCs
<aubre> mathiaz: how soon would you need me to do it? I need to do some personal stuff sometime today
<mathiaz> aubre: I need to build the package first
<mathiaz> aubre: and do some testing myself
<mathiaz> aubre: the test instructions are bit complicated
<mathiaz> aubre: (they're outlined in the bug report though)
<aubre> mathiaz: no problem, I'll check back with you later today
<mathiaz> aubre: so I could provide a package to test in a couple of hours
<mathiaz> aubre: a few hours after the end of the server meeting
<aubre_afk> mathiaz: ok sounds good
<kirkland> is anyone else having trouble with usb-creator and today's server iso?
<ttx> kirkland: no
<ttx> kirkland: I used usb-creator with both i386 and amd64 images
<ttx> Team meeting on #ubuntu-meeting
<skuld> I need some help with apache/firewall...I think
<skuld> I set up my apache, I can get to it from my internal IP (192.x.x.x) but I can't hit any of my sites, nor the public IP (216.x.x.x).  I ran a port scanner from a website, said port 80 is open, and linux said 0.0.0.0:80 is listening.
<skuld> any ideas?
<Fenix2> Where can I find a bash shell tutorial
<Fenix2> on the net
<Fenix2> or a linux use tutorial or somethin
<skuld> what do you need to know about bash?
<Fenix2> well im doing my thesis on linux server
<Fenix2> and i have to first learn basics on how to use linux
<Fenix2> so thats what i need to nknow
<skuld> LOL, I've been using linux for six years, and I'm STILL learning 'basics'
<Fenix2> pretty lame if u ask me
<skuld> honestly, I would just google "howto linux termianl"
<skuld> *terminal
<Fenix2> ok
 * skuld wonders if everybody in here is taking a coffee break...
<Jeeves_> It's 17:19! No even time for a coffee break!
<skuld> LOL
<zul> mathiaz: have you seen that mysql 5.1 innodb bug?
<mathiaz> zul: yeah - need to check whether it's a regression from jaunty
<mathiaz> zul: and if it's true on karmic
<zul> ok sorry to nag ;)
<soren> jdstrand: Can you pastebin the output of "virsh capabilities"?
<skuld> does anybody know of a way to CLEAR all my iptables so I can start over with a new firewall config?
<soren> iptables -F
<soren> iptables -X
<mathiaz> skuld: be sure to *not* lock yourself out when doing so
<mathiaz> skuld: ie - check the default policies for iptables
<jdstrand> soren: http://paste.ubuntu.com/297593/
<jdstrand> soren: what's going on?
<soren> jdstrand: Ok, that looks correct. In that case, it probably /is/ a virt-manager problem, which I suspected it wasn't. That's good :)
<jdstrand> soren: right-- I updated bug #453495 with that information
<uvirtbot`> Launchpad bug 453495 in virt-manager "virt-manager does not honor other architectures when using qemu" [High,Confirmed] https://launchpad.net/bugs/453495
<soren> jdstrand: Good boy :)
<soren> jdstrand: Are you attaching the actual output?
<jdstrand> soren: no, I just said they were available. I certainly can
<soren> jdstrand: Please do. If someone else should decide to look at this and don't know how awesome you are, they might not take your word for it :)
<jdstrand> heheh
<jdstrand> soren: done
 * soren hugs jdstrand
<jdstrand> :)
<soren> jdstrand: Could you attach the full domain xml as well, please?
<soren> There's another thing I'd like to check.
<jdstrand> soren: you mean for one of the guests (eg arm) that ends up with x86_64?
<soren> jdstrand: Exactly.
<soren> jdstrand: I.e. your "virsh dumpxml testme |grep qemu" with out the grep.
<jdstrand> sure, hold on
<soren> Heh... You have this in your apport output: LiveMediaBuild: Ubuntu 9.04 "Jaunty Jackalope" - Release amd64 (20090420.1)
<soren> I wonder what that's all about.
<jdstrand> I noticed that too. I figured that must have been the disk I used to install on this machine
<jdstrand> *shrug*
<smoser> i'd like to document somewhere that you can configure your dhcp server to ignore d0:0d addresses if you wish for it to ignore UEC instances.
<smoser> where would i put that?
<smoser> kirkland, ttx ?
<kirkland> smoser: wiki :-)
<soren> Commented out in the default dhcp3-server config file?
<kirkland> smoser: we'll need to find the rigtht place
<skuld> hi again
<skuld> flushing my iptables, killed my internet connection sharing for my internal network
<jdstrand> soren: attached. I even threw in dominfo for giggle
<jdstrand> s
<skuld> so, I have the firewall set again as I should be.  Apache doesn't seem to be responding to my public ip on port 80
<soren> skuld: Are you behind a router?
<Hajuu> Hey guys
<Hajuu> is this the right place for the ubuntu cloud server?
 * nrvate this is your mind in a cloud
<Hajuu> should I be afraid? :o
<nrvate> DARE to be afraid :>
<Hajuu> I dare to be.. insidiously naked.
<Hajuu> How about them apples?
<skuld> no.  LInux is acting as my firewall, I have firestarter for internet connection sharing for my eth2
<skuld> sorry for my delayed response, my dad needed some help
<soren> skuld: So the web server is directly attached to the internet?
<Hajuu> lol so, this is the right place, or not?
<skuld> yes
<soren> skuld: and your server is aware of your public IP?
<soren> skuld: I.e. does one of its interfaces have the public IP you're trying to connect to?
<skuld> I think so?
<soren> Well, /I/ don't know :)
<skuld> eth0 is set static for my public ip
<soren> Check it.
<soren> Ok.
<Hajuu> Alright well ill just ask my question I guess heh
<uvirtbot`> New bug: #456224 in bind9 (main) "Installing bind9 with forwarders causes loss of hostname resolution." [Low,Incomplete] https://launchpad.net/bugs/456224
<Hajuu> Basicall I have 3 servers, and Im wondering if I set them up in a cloud, how that works interoperably
<Hajuu> like for example
<Hajuu> if one server goes down
<Hajuu> do the other two somehow reconfigure to be reciprocal to requests?
<Hajuu> or do I require one server to delegate requests to child servers
<skuld> soren:  here is my addr info http://pastebin.com/f2a632bfb
<skuld> any idea why my eth2 is in a state of unknown?  I don't think that would affect apache though
 * soren calls it a day
<Hajuu> buh
<Hajuu> someone somewhere must have used ubuntu cloud
<mdz> Hajuu: people mean a lot of different things when they say "cloud"
<mdz> in our case, it's about having a self-service API to manage virtual machines, a la EC2
<mdz> what you're describing is more high-availability rather than what we call "cloud"
<Hajuu> when I say ubuntu cloud server
<Hajuu> I mean.. ubuntu cloud server.
<Hajuu> not entirely suprisingly
<Hajuu> http://www.ubuntu.com/products/whatisubuntu/serveredition/cloud
<skuld> I'm not sure what it is...but it's starting to tick me off! LOL
<fahadsadah> Hi guys.
<fahadsadah> I have NSS LDAP set up on a server.
<fahadsadah> But id gives me no such user.
<fahadsadah> I've straced id, and found it's not contacting the LDAP server.
<sven_oostenbrink> When trying apt-get purge package, I get this error: Package is in a very bad inconsistent state - you should reinstall it before attempting a removal.... How do I do this? I checked man apt-get but it gives -reinstall as an option, but that doesn't work either.. how can I get rid of this package?
 * jdstrand is a bit boggled that running libvirt-bin in a jaunty/schroot actually seems to be working
<jdstrand> even more so that kvm seems to be working...
<nrvate> kvm seems pretty stable these days
<nrvate> nice and fast too :D
<jdstrand> yeah, but I am running karmic, with karmic kernel, then schroot into jaunty, install libvirt-bin and kvm, and create machines in there and have them work
<sven_oostenbrink> Could anybody take a look at this one? How can I fix this apt-get problem I cant remove, purge, reinstall or just install the package anymore :( http://pastebin.com/m55803a4e
<nrvate> geez.
<jdstrand> I really wasn't expecting that
<nrvate> that is a bit surprusing
<bogeyd6> sven_oostenbrink apt-get clean
<bogeyd6> apt-get autoclean
<bogeyd6> then apt-get install sun-java6-jre
<skuld> can I ask a favor?  can somebody please try to get to http://www.localexpresscl.com and let me know if you can connect?  Thank you!
<kirkland> mathiaz: mdz: nijaba: https://help.ubuntu.com/community/UEC/Glossary
<kirkland> I started that page, as the documentation glosses over a lot of these terms that are probably unfamiliar to many server admin's
<sbeattie> skuld: got 200 OK from wget --spider http://www.localexpresscl.com
<Hajuu> We are supporting Ubuntu
<Hajuu> By preventing piracy.
<Hajuu> One star trek at a time!
<skuld> why can't I connect to the site then?
<skuld> also I can't find the logs for apache2...I thought they were in /etc/apache2
<sbeattie> skuld: /var/log/apache2
<mdz> kirkland: nice, thanks
<mdz> kirkland: hopefully thursday we can add "multi-cluster" and "<TBD>" to that list ;-)
<kirkland> mdz: it's growing as we speak
<kirkland> mdz: i'm going through both doc's now
<kirkland> mdz: while installing today's ISOs
<Hajuu> [01:09] -> -pici- you know, banning someone after they say 'anyway, ill stop too' is really just asking for a botnet attack. Not neccisarilly from me, but I'm just saying
<Hajuu> [01:09] -> -pici- just because you have a lot of users, doesnt mean they will stand for tyranny
<Hajuu> [01:09] -> -pici- I would also direct you to the many people I helped in my time in there. Kthxbye.
<zul> mdz: for the server upgrade test I basically told the user to install jaunty select all the tasks in tasksel and then upgrade and perform the tests in the individual tests (basically the same what the desktop team has)
<mdz> zul: is it actually possible to install with all of the tasks (no conflicts)?
<mdz> zul: if so, that sounds reasonable
<skuld> I can't see anything in the logs that tell me why I can't connect via firefox.
<mdz> zul: what's the URL for the test case?
<zul> mdz: it should be able i need to test if the testcase is valid
<zul> mdz: i havent posted it yet i wanted to make sure if it was valid first
<mdz> zul: ah, ok
<skuld> I'm not behind a router either.  I don't get it...I can connect to the internal server ip (192.x.x.x) though
<skuld> I should be able to connect using both my public IP (216.x.x.x) and private (192.x.x.x), right?
<skuld> anybody?  Am I crazy?
<zul> mathiaz: oh btw puppet is finally in main
<zul> skuld: yes unless if you have a firewall blocking port 80
<skuld> my firewall states 0.0.0.0:80 is open
<zul> anything in your error_logs?
<skuld> everything looks okay...I see lots of 200's
<zul> unless an upstream router is blocking port 80
<skuld> is there a command I can use to check that?
<zul> nmap
<skuld> okay, installing it
<uvirtbot`> New bug: #456381 in apache2 (main) "/etc/init.d/apache2 missing option to stop gracefully" [Undecided,New] https://launchpad.net/bugs/456381
<skuld> do you know what command I would use with nmap to look for port 80?
<skuld> foudn it....it says (nmap --opem 216.x.x.x) port 80 is open
<skuld> any other ideas I could try?
<nijaba> kirkland: nice Golassary, thanks
<Pici> skuld: Are you trying to connect to that address from within your network? Some routers don't allow you to make loopback connections like this.
<skuld> yes
<skuld> I didn't have a problem before using redhat, very simular config
<Pici> skuld: If its running on the same address that you're connected to IRC as, then I can see it.  (I see index.html, gallery.html, partners.html)
<Pici> etc
<zul> hah squeeze will be the last kernel that has dom0 support
<sbeattie> zul|mdz: the jaunty server tasksel options all install with no conflicts.
<zul> sbeattie: cool i just finished an install as well
<mealf8801> I have my Ubuntu Samba File server set up so I can access it from computers my desktop running XP but now and my laptop when its running Ubuntu 9.10 (which is really really easy :) ) but I can't seem to connect to it when I'm running Windows Vista on my laptop and I've sept a few hours trying to figure it out without and luck can anyone help me out?
<skuld> @Pici:  Can you get to http://www.localexpresscl.com ?
<mathiaz> zul: bug 456381 - I think the bug description is clear
<uvirtbot`> Launchpad bug 456381 in apache2 "/etc/init.d/apache2 missing option to stop gracefully" [Low,Incomplete] https://launchpad.net/bugs/456381
<zul> mathiaz: i agreee but he didnt specify a version
<mathiaz> zul: right - just asking which version may be enough
<zul> mathiaz: in hind sight yes
<xperia2> hello to all ! i have a question about the security of ubuntu server
<xperia2> could it be that ubuntu server is unsecure and very easy hackable
<xperia2> becouse i have allways updated my ubuntu server
<xperia2> but i am seeng some strange logs on my side
<xperia2> and my network isnt really easy to be access from the outside
<ScottK> Generally it isn't, but it's not out of the question that you changed something to make it so.
<xperia2> i am running a standard ubuntu server version
<xperia2> the strange thing is
<xperia2> that they do some piping of my server
<xperia2> will show you just a log now
<xperia2> 02:12:50Ã¯Â¿Â½63.131.18.154Ã¯Â¿Â½static-63-131-18-154.har.onecommunications.netÃ¯Â¿Â½&nb05.188.251.26:443Ã¯Â¿Â½
<xperia2> for some reason somebody call my webpage and do call a another website
<xperia2> the destination adress is port 443 ip adress 05.188.251.26
<xperia2> the call of the website comes from a static-63-131-18-154.har.onecommunications.net
<xperia2> whats that for a fuck?
<xperia2> never seen something like this till yet
<ScottK> Running your own php scripts?
<xperia2> yes
<xperia2> self written
<xperia2> know every line of the script
<Pici> skuld: Yes, it points to the same thing I was looking at before.
<xperia2> Pici: do you have also this problem ?
<skuld> you see a directory listing instead of the website?
<Pici> skuld: Yes.
<skuld> hmmm,  where is the DirectoryIndex option supposed to go in the conf file?
<skuld> I probably have it in the wrong spot
<skuld> does it go in the <Directory> section or right under DocumentRoot
<uvirtbot`> New bug: #343898 in dhcp3 (main) "dhclient-script apparmor issues" [Undecided,Fix released] https://launchpad.net/bugs/343898
<bogeyd6> skuld did anyone help you fix your thing
<skuld> do I need to do anything with httpd.conf when setting up a new apache server?  seems like all of my virtual domains are pointing to the very first directory in my /var/www folder instead of pointing to where they are supposed to be.
<skuld> still working on it...I sort of fixed the direcotry listing problem... now i have a new issue
<skuld> could I have a problem with a "loopback"
<skuld> and...I have a problem with all of my virtual domains aren't working, only the first directory in my /var/www folder is showing up when I browse to any of my domians
<qman__> skuld, the default apache configuration doesn't actually use httpd.conf
<qman__> you have to set the document root for each site, in the sites-available/site-name file
<skuld> right.
<skuld> do I have to end each site....intelatech.net with .conf (intelatech.net.conf) for the virual hosting to work?
<qman__> you also have to set the domains for each site
<qman__> no, not at all
<qman__> example, <virtualhost www.somesite.com:80
<qman__> >
<qman__> if you have one that listens by IP, or on *:80, it will break all the other sites
<qman__> and if you use domain names, DNS has to work
<skuld> AH!  that's what I'm missing...let me try that
<qman__> the other option is using a different IP for each site, and configuring virtual interfaces
<qman__> only really practical with a couple sites
<skuld> so if I do <virtualhost intelatech.net:80>  do I have to add another one under the entire section for www.  (<virtualhost www.intelatech.net:80> ?
<qman__> no, there's another way to work around the www. thing
<qman__> the best way I know of is rewrite rule
<skuld> I'm all ears! :)
<qman__> RewriteEngine on
<qman__> RewriteCond %{HTTP_HOST} ^www\.domain\.com
<qman__> RewriteRule ^(.*)$ http://domain.com/$1 [R=permanent,L]
<qman__> I think that's correct
<qman__> the other thing you need to do is enable the rewrite module
<qman__> sudo a2enmod rewrite
<qman__> the reason I like this way, as opposed to working around it
<qman__> is it forces the user to use domain.com, instead of having two different sites
<qman__> fixes issues with cookies
<skuld> okay.  now I just need to fix this possible 'loopback' problem where I can't see any of my websites
<qman__> well, you need to check each site
<qman__> make sure none of them are listening on *, *:80, or your IP
<qman__> and then make sure that the local system is resolving DNS names correctly
<qman__> apache flips if it can't find all your FQDNs
<MagicFab> Hi all - if anyone cares, I got a freeze exception for monit - https://bugs.edge.launchpad.net/ubuntu/karmic/+source/monit/+bug/426402
<uvirtbot`> Launchpad bug 426402 in monit "Sync monit (1:5.0.3-3) from Debian Sid" [Undecided,Fix released]
<MagicFab> It's here: https://edge.launchpad.net/ubuntu/+source/monit/1:5.0.3-3
<mdeslaur> MagicFab: cool
<skuld> oh.  now I changed all my config files so that <virtualhost blah.com:80>, but I got a bunch of warnings and mentionings of things taking precedence
<qman__> well, the change is correct, so you'll have to hunt down those warnings
<skuld> don't I need like a servername directive?
<qman__> yes
<qman__> "If you are using name-based virtual hosts, the ServerName inside a <VirtualHost>  section specifies what hostname must appear in the request's Host: header to match this virtual host."
<qman__> so, each site should have a servername matching the one in the virtualhost directive
<ninjah> sommer: Thanks for the server guide... I'm reading it now.
<skuld> brb
<kirkland> mdz: i've revamped, refactored, improved, and cleaned up https://help.ubuntu.com/community/UEC
<kirkland> mdz: i'll work on the multi-cluster one after i take a break and get some food
<ruben23> hi
<ruben23> what is the config file for x server in ubuntu-server...? i mean the equivalent of xorg.conf
<Kirsch> hey all, i'm running ubuntu hardy server and i ran updates, now when i try and use certain programs, /dev/null is chmodded to 600, so a non-root user trying to access anything that needs it dies, i saw a launchpad bug about it but no real solution except to add an init script to change it to 666, is there a real solution yet?
<mdeslaur> Kirsch: I seen that happen before when someone specifies /dev/null as a log file in a configuration file somewhere
<mdeslaur> Kirsch: did you set anything to /dev/null in /etc?
<Guest72722> hi all, i dunno if my question about /dev/null went through if anyone saw it, but i'm back
<mdeslaur> Guest72722: <mdeslaur> Kirsch: I seen that happen before when someone specifies /dev/null as a log file in a configuration file somewhere
<mdeslaur> <mdeslaur> Kirsch: did you set anything to /dev/null in /etc?
<skuld> okay, so I need both <virtualhost localexpresscl.com:80> and ServerName localexrepsscl.com ?
<Kirsch> hey all, i am having a /dev/null permission issue as 600, i've googled around and i see a lot of temp solutions, like setting an init script to change it to 600, is the real cause found?
<WanHouse> I think they know it was bad for hardy, but they cant change the original chematic of the dist because its an LTS. Id like to see more people to the coders, to change things like this. Or to add in new versions of programs into older dists that are still active on the net.
<WanHouse> and more power to the coders.
<UnixDawg> hey guys
<mdeslaur> Kirsch: I seen that happen before when someone specifies /dev/null as a log file in a configuration file somewhere
<WanHouse> Mornin Doug
<mdeslaur> Kirsch: did you set anything to /dev/null in /etc?
<UnixDawg> I am short a php exten
<UnixDawg> the  php5-rewrite module
<WanHouse> remove and purge php then reinstall it, unless its a source install ?
<Panzer> I got issue with trying install the RTL8101E driver.  I am getting r8101.ko no such file
<WanHouse> Its a very new RTL card ?
<Panzer> this computer is one year old
<WanHouse> modprobe --list | grep -i rtl
<WanHouse> Its a Realtech card
<Panzer> ok I got a list of stuff
<WanHouse> How many lines ?
<Panzer> 4
<WanHouse> rtl8180.ko could work perhaps. Try to insmod it
<WanHouse> Panzer: Working ?
<Panzer> no.  the r8180 is a wireless mod.
<WanHouse> 8139too.ko or 8139cp.ko ?
<Panzer> where?
<WanHouse> Thought you had a wireless, sorry about that.
<WanHouse> modprobe 8139too
<Tohuw> Hello, general server spec question: ~100 (frequent) accessors querying a 1.5m+ record database... the actual DB and the files referenced by the DB will be on a RAID array with 15k rpm drives, but the system partition may only be on the internal RAID 5 7.5k RPM drives... would this be a serious speed hindrance? All equipment mentioned is theoretical right now, I'm just trying to determine if I should spring for faster drives for the system partitions as w
<WanHouse> Tohuw: the system disc access is only required if the DB wants access to system files.'
<WanHouse> Panzer: remove the modules that didnt work, with rmmod ModuleName
<Panzer> none of them including the ones you have listed have worked
<WanHouse> google for the solution
<Panzer> yea I have.  none of the solutions say anything about r8168.ko or r8101.ko file not found issues.
<Panzer> see http://ubuntuforums.org/showthread.php?t=843398 and http://ubuntuforums.org/showthread.php?p=4210510#post4210510
<Panzer> I don't think there is a 9.04 patch
<skuld> this is driving me crazy.
<Panzer> skuld: yea my issue too
<skuld> I can ping intelatech.net, I get the public server eth0 IP address.  yet from within my network, I use firefox, http://intelatech.net and I get "connection not established"
<skuld> I have no router
<skuld> I'm sure I'm probably missing something really small in my configuration....somewhere...It worked before I installed ubuntu with fedora
<skuld> and I can't test any of my virtualhosts until  I get this resolved!
<guntbert> skuld: my first gues: a firewall rule?
<sven_oostenbrink> Question, I need information on a 10Gbit network card that also supports iSCSI.. Could I use such a card for bot iSCSI and normal traffic, or would that require an extra, other, network card?
<skuld> I'm thinking it has to be somewhere in the firewall, but I can't find it.  I don't even remember which commands I ran to see that 0.0.0.0:80 is open
<Grim76__> skuld: try netstat -an | more
<skuld> that shows it in the list
<skuld> what a long listing
<skuld> somebody care to examine my iptables...it looks all greek to me
<qman__> skuld, sure, pastebin it
<skuld> http://pastebin.com/f1192ec32
<skuld> thanks!
<qman__> that's pretty complex
<skuld> okay, so I'm not crazy
<qman__> I wouldn't doubt if that's the problem
<qman__> any reason it's set up that way?
<skuld> I had to use firestarter to get my laptop to connect to the internet using it's Internet Connection Sharing.  If I knew how to do that and only have the handful of ports open that I need...plus being able to see my own hosted web pages from my laptop, I'd gladly get rid of firestarter and do it that way
<qman__> well
<qman__> it definitely doesn't need to be that complex to do so
<qman__> but it's not exactly simple either
<qman__> you need masquerading, but also port forwarding
<qman__> I'm guessing, anyway?
<qman__> or are all the ports you need opened on that machine
<blackxored> went back for an example, if I want a window to move on buzzed then I should intercept the signal, get the window handle and move it that's it ??
<skuld> sorry, I had a phone call
<skuld> I only need 21, 25, 26, 80, 100, 4000-4050 (forwarded to spec IP), 9100-9115 (forwarded to spec IP) open on the server
<skuld> I guess everything else in there was for the ICS (Internet connection sharing)
<skuld> and since I use IRC, I guess 6667 too
<skuld> but I didn't explicitly open that port
<skuld> and it works
<nijaba> kirkland: why are you moving everything in the UEC tuto to sub pages?  I am not sure this is making it easier to follow
<kirkland> nijaba: it will
<kirkland> nijaba: so much of this is common operations, whether doing a simple install, or a complex install
<kirkland> nijaba: getting credentials
<kirkland> nijaba: bundling an image
<kirkland> nijaba: running an image
<kirkland> nijaba: registering a node
<kirkland> nijaba: otherwise, we will have so much duplicated operations
<kirkland> nijaba: we *already* do
<kirkland> nijaba: i'm trying to clean this up
<kirkland> nijaba: then we build pages that point to the incremental steps
<nijaba> kirkland: yes, I understand the factorisation, but it makes it quite difficult to print, and since in each step you now offer many options, I am afraid first time iser may get more confused
<kirkland> nijaba: it may be slightly harder to print
<nijaba> which is the opposite of the goals that were set when ttx and I were asked to do a simple step by step set of instructions
<kirkland> nijaba: but i disagree that it's more confusing
<kirkland> nijaba: i think it's less confusing
<qman__> skuld, so you do need port forwarding as well
<nijaba> kirkland: well, we'll see Neil's and Mark's reaction to that, as they were the ones requesting it in the first place
<qman__> skuld, I don't have any time right now, I have to go to class, but you might try fixing it with firestarter
<qman__> skuld, add exceptions to allow connections from the LAN to port 80
<skuld> okay, I'll give that a ttry
<kirkland> mdz: hmm, I'm extending the UEC documentation now in the wiki, starting at https://help.ubuntu.com/community/UEC
<mdz> kirkland, have you considered using includes rather than linking to the sub-pages?
<kirkland> mdz: didn't know that was possible; will use that
<mdz> kirkland, that would let you avoid duplication while still providing all of the necessary information on one page
<kirkland> mdz: that's perfect, thanks
<mdz> kirkland, <<Include(PageName)>>
<mathiaz> kirkland: and to probably use Include, I usually add delimiters via comments in the wiki pages
<skuld> well, that didn't work
<skuld> LOL
<mathiaz> kirkland: things like: ## StartGeneratePubKey
<mathiaz> kirkland: and then you can use the Include macro with start='## StartGeneratePubKey' options
<mathiaz> kirkland: similarly there is an end option
<kirkland> mdz: perfect
<kirkland> mathiaz: cool, thanks
<mdz> mathiaz, neat, I didn't know about that
<mathiaz> mdz: see https://wiki.ubuntu.com/TeamReports/May2009
<kirkland> nijaba: https://help.ubuntu.com/community/UEC
<kirkland> nijaba: there you go ;-)
<mathiaz> mdz: that's how I usually include the server team report in the team report
<nijaba> mdz, kirkland: wonderfull -> best of both worlds
<kirkland> nijaba: do you mind if I move UEC -> UEC/CDInstall, and make a new UEC page that links to 1. UEC/CDInstall (simple, basic setup) and 2. UEC/PackageInstall (complex, custom setup)
<nijaba> kirkland: not at all, I think that would be fine
<kirkland> nijaba: thx
<SyL> kirkland: you have a UEC/CDINSTALL page?
<kirkland> SyL: https://help.ubuntu.com/community/UEC/CDInstall
<kirkland> SyL: work-in-progress
<SyL> kirkland: would suggest a page with all-in-one as well
<kirkland> SyL: what do you mean?
<SyL> cluster and node on the same machine
<SyL> kirkland: and have you gotten it working after updating the packages?
<kirkland> SyL: i have not gotten nc on the same system as the cc
<kirkland> SyL: i understand from nurmi that this is not recommended, or even possible, due to some networking configuration reasons
<ahe> oh perfect, i just wanted to ask how many machines i need to build my own uec for testing purposes
<SyL> heh
<ahe> did i get that right that i need at leas two physical machines?
<kirkland> ahe: 2, yes
<ahe> so i think i need to go shopping because i don't think that any of my spare machines fits the minimum hardware requirements
<SyL> kirkland: I thought it could work with only one machine
<kirkland> SyL: where did you see this described?
<kirkland> SyL: i'm willing to entertain the possibilty, but I have not succeeded in doing such things
<SyL> kirkland: I remember someone getting it working a few months ago. I don't see why it wouldn't even if it was for a quick proof of concept
<kirkland> SyL: you're welcome to try
<uvirtbot`> New bug: #328550 in udev (main) "qla2xxx takes ~one minute to initialize per device" [Medium,Won't fix] https://launchpad.net/bugs/328550
<nijaba> kirkland: EtienneG got it to work on a single machine, but it is a ugly that he is not willing to document.
<kirkland> nijaba: gotcha, that's what I suspect
<kirkland> SyL: ^
<nijaba> kirkland: the minimum requirements are maybe a bit too high for a simple "discovery" install.  Will work fine one lower machine, just a bit slower...
<nijaba> s/one/on
<kirkland> nijaba: okay, set the Minimum ones to what you think
<nijaba> kirkland: ok, I'll do that and then -> bed
<kirkland> nijaba: i know that my installs were *failing* because I was installing from a 32GB SSD, and it didn't have enough space to run a single VM (this was back when we had 10GB images, though)
<nijaba> kirkland: disk wise, I think your reco are fine.  It is just that you can start a cc + cloud machine with just 512Mo ram, and 1G is what I would say is minimum for the nc
<kirkland> nijaba: fair enough; you're welcome to update those Minimums
<nijaba> kirkland: done.  and now, goodnight :)
<mathiaz> zul: have you seen some issue with karmic and nmbd?
<mathiaz> zul: it seems that sometimes nmbd doesn't stat
<mathiaz> zul: *start*
<SyL> kirkland: but it works for you on 2 machiens out of the box before updating packages?
<mathiaz> zul: at boot
<nijaba> SyL: it will if you take the 20091020 iso from cdimage.ubuntu.com
<mathiaz> zul: I suspect that nmbd starts when the network is not ready yet - the last line in the log.nmbd is 2009/10/20 18:15:01,  0] nmbd/nmbd.c:693(open_sockets)
<mneptok> there is no data, only zul.
<kirkland> nijaba: night
<SyL> nijaba: ok, I will try this again
<mushroomblue> are there any common reasons for why it takes roughly 35 seconds to get a prompt after entering my password at login?
<SyL> nijaba: server too?
<ruben23> hi, is it possible to setup vsftpd server using this settings..------->http://pastebin.com/m589bf6a1
#ubuntu-server 2009-10-21
<mihalisxfsee> is apparmor still being developed for ubuntu?
<mihalisxfsee> ???
<tonyyarusso> mihalisxfsee: It certainly is still being used in Ubuntu - I don't know about where the development happens.
<mihalisxfsee> i am a litle bit woried about this SElinux's substitute (wonderful though) future after crispin cowan's left!
<mihalisxfsee> ???
<mihalisxfsee> sorry my connection went out
<mihalisxfsee> #help
<zul> mathiaz: no i havent
<skuld> anybody care to help me with this postfix/dovecot/mysql configuration problem I'm having?
<crohakon> Think it would be beneficial to me to reinstall ubuntu server edition without and of the servers installed during install but rather install them one at a time post install?
<d33d> Question - is it viable to run a server locally on my Desktop machine (laptop) for a sandbox? or will it just get too junked up by everything?
<KurtKraut> d33d, you do you mean by 'junked up by everything'?
<d33d> I mean - is it a bad idea to mix server with desktop...
<smackdaddy> i need help getting virtualhost to work for apache2..   both of my domains go to the /var/www when i specify for the 2nd domain to go to /var/www2
<skuld> wow, I had that very simular problem this afternoon....I think I got it resolved, but I can't see because I can't connect to my own web pages on my own server!
<crohakon> d33d; If it is just for a sandbox I don't think it would matter much. But it might be a better idea to install it on a spare box and console it up.
<skuld> did you use the ServerName myexamplesite1.com in each VirtualHost?
<d33d> no spare box - what about VirtualBox?
<smackdaddy> skuld, yes
<skuld> okay, ummmm..... let me see....
<skuld> in the second domain, it was different than the first one, I'm assuming....
<smackdaddy> yes
<smackdaddy> definately
<smackdaddy> lol
<smackdaddy> how do i enable from sites-available to sites-enabled
<skuld> ok...yeah, I forgot that servername directive
<skuld> I copyied them to sites-enabled
<smackdaddy> oh thatsall?
<skuld> yup
<skuld> did that help?
<smackdaddy> nah
<smackdaddy> its sayin this crap
<smackdaddy> [Tue Oct 20 21:36:13 2009] [error] (EAI 2)Name or service not known: Could not resolve host name ejsweetsonline.com -- ignoring!
<smackdaddy> [Tue Oct 20 21:36:23 2009] [error] (EAI 2)Name or service not known: Failed to resolve server name for 216.24.138.154 (check DNS) -- or specify an explicit ServerName
<smackdaddy> but it resolves for me
<smackdaddy> * Dns resolved ejsweetsonline.com to 24.155.117.48
<smackdaddy> -
<smackdaddy> dont even know what the hell this ip is ---> 216.24.138.154
<smackdaddy> lol
<aubre> did that deadlock bug ever get sorted out? I was gone longer than I thought I would be and didn't get a chance to test it
<aubre> the UEC deadlock bug?
<skuld> is ejsweetsonline.com your domain?
<smackdaddy> yes
<smackdaddy> im running dns serveron this box too
<skuld> for servername are you using an ip address or name?
<smackdaddy> name
<skuld> ok.ummmm
<smackdaddy> should there be anything in ports.conf
<skuld> do you have like an example.com in your sites-enabled?
<smackdaddy> yea i made a file for each site
<smackdaddy> this is what i have in ports.conf
<skuld> do you specifically have example.com?
<smackdaddy> should this be there
<smackdaddy> NameVirtualHost ejsweetsonline.com:80
<smackdaddy> NameVirtualHost cconnectx.com:80
<smackdaddy> Listen 80
<skuld> I'm assuming cconnectx.com is your other domain?
<smackdaddy> yes
<skuld> yeah, that's fine
<smackdaddy> k
<skuld> do you have something like:  <VirtualHost *:80>
<smackdaddy> no i replaced that with the domain name:80
<smackdaddy> for each config file
<skuld> try just using *:80
<skuld> with the servername directive below.  that's what got mine to work
<smackdaddy> ok restarting...
<smackdaddy> ok it said this...
<aubre> I wonder if the fact that I am using XFS on my CC and NC would cause my UEC SC volumes to fail to attach to instances?
<smackdaddy>  * Restarting web server apache2                                                [Tue Oct 20 22:03:13 2009] [warn] _default_ VirtualHost overlap on port 80, the first has precedence
<smackdaddy> [Tue Oct 20 22:03:13 2009] [warn] _default_ VirtualHost overlap on port 80, the first has precedence
<smackdaddy> [Tue Oct 20 22:03:13 2009] [warn] NameVirtualHost cconnectx.com:80 has no VirtualHosts
<smackdaddy> [Tue Oct 20 22:03:13 2009] [warn] NameVirtualHost ejsweetsonline.com:80 has no VirtualHosts
<smackdaddy>  ... waiting
<skuld> where you have your namevirtualhost...change the name to the IP address instead
<smackdaddy> aah
<smackdaddy> and its NameAlias *.whatever.com to make wildcard?
<smackdaddy> okit worked
<smackdaddy> thanks!!
<skuld> np
<skuld> now if I can just get my server working! LOL
<smackdaddy> whats wrong with urs
<skuld> I've been 'told' that my sites are up, but I can't validate it by navigating to them from my laptop
<skuld> internal netowrk)
<smackdaddy> ill test it.. whats the site
<skuld> http://www.intelatech.net is one
<smackdaddy> ya its working
<skuld> that's a relief, but I can't surf my own pages! LOL...I can get to my server if I use my eth2 IP (192.x.x.x) though
<smackdaddy> can you get to other pages
<skuld> yes, any other pages on the Net, just not my own
<smackdaddy> blank page or what?
<smackdaddy> can you ping
<skuld> I can ping, yes, I get..."Could not connect"...I think...let me try it again
<smackdaddy> flush dns
<smackdaddy> ?
<skuld> "unable to connect"  very fast
<skuld> how do I do that wiht the console?
<smackdaddy> in windows
<smackdaddy> ?
<skuld> oh.  you know I've never done that command
<smackdaddy> ipconfig /flushdns
<smackdaddy> in win
<smackdaddy> dont know the linux
<smackdaddy> cmd
<skuld> I can't do it..."the command requires elevation"
<smackdaddy> lol
<smackdaddy> what os r u on
<skuld> Vista
<smackdaddy> runn command as administrator
<smackdaddy> commandprompt
<smackdaddy> right click and click run as admin
<skuld> okay, I guess my windows is foobarred too...I click run as admin but nothing happens LOL
<smackdaddy> hm
<smackdaddy> ya i m using win7 and it lets me run anything
<smackdaddy> dont know vista
<smackdaddy> nvr used it
<skuld> be glad
<smackdaddy> xpto 7
<smackdaddy> lol
<smackdaddy> do you know a good webmail server solution for ubuntu
<smackdaddy> oh instead of flushdns.. restart..
<smackdaddy> maybe?
<skuld> I'm in the middle of installing postfix/dovecot with mysql for my mail solution.....i've used....um.... round somehtingorother email before for the web
<smackdaddy> postfix cool
<smackdaddy> thanks.
<skuld> I think it was roundcubemail
<skuld> okay, I'm going to try something....
<skuld> hopefully I won't get disconnected...
<smackdaddy> sounds like a dns problem..but im not sure
<smackdaddy> or browser
<JJman6> How can i give a user permissions to upload files to a web directory.  I've added that user to the admin group & even www-data group and still it says permission denied
<senkusha> this really sucks, I *have* to use firestarter to get my laptop and any other computer on my internal network onto the internet....yet I can't see my own stupid webpages from my own server! GRRR
<crohakon> I have successfully set up my first LAMP server!
<senkusha> chmod 777 dirname
<senkusha> ?
<senkusha> or even chmod 776 dirname
<senkusha> ....I've tried numerous tutorials on the web for masquarading (sp?) port forwarding and stuff for internet connection sharing, nothing seems to work -- except by using Firestarter with ICS turned on
<senkusha> I'm sure something in my network config is messed up for me not to surf my own webpages
<senkusha> ...and I can ping my own sites by domain name, they connecct, I can also connect to my apache server by internal IP, not by domain name though.
<crohakon> are the name server set up and propagated?
<crohakon> is the domain name www.yourdomain.com set to target your IP?
<senkusha> I'm not sure
<senkusha> yes
<crohakon> How long ago was the request made to have your domain target your IP?
<senkusha> for example:  http://www.intelatech.net is set to (216.x.x.x)
<senkusha> months.
<senkusha> it's worked before when I used Fedora Core 7
<crohakon> And it has work prior?
<crohakon> Ahh
<senkusha> just not since I've moved to ubuntu server
<crohakon> That is about the extent I can help then =)
<senkusha> other people can see my sites, just not me
<crohakon> oh
<senkusha> and I don't use a router....just linux with two NICs
<crohakon> so if you type in the domain name in your web browser you do not get directed to your site? But if you type in the local ip you do? But people outside of your land can use the domain name and access the site?
<senkusha> mostly yes.  only I can't access my page becuase it's a virtual page, but I get my first virutal domain.\
<senkusha> I have six domains
<crohakon> Question to anyone listening. I just got done following the server guide and installing and configuring apache2/mysql/php5/phpmyadmin and everything seemed to work fine until I uploaded a php cms and went to configure it and got this http://pastebin.com/d28284b9b
<senkusha> what are the permissions of /srv/www/index.php ?
<crohakon> senkusha; I am afraid my knowledge is not that extensive to be able to help you. I am a bit of a novice when it comes to setting up linux servers. In fact I am trying to set up my first now and if it goes well I will be hosting my domain locally.
<crohakon> You know... I had not thought to check that.
<AdamDV> senkusha: You have a problem with apache virtualhosts?
<senkusha> :) it's cool.  I'm pretty sure my problem lies somewhere with my networking interfaces config or something with iptables
<senkusha> LOL
<senkusha> yeah, AdamDV...sortof
<AdamDV> iptables wouldn't make your first virtualhost show up.
<senkusha> let me break it down.
<AdamDV> The first virtualhost is displayed when another is not found.
<senkusha> people on the Net can see all my domains by name
<AdamDV> ALright, shoot.
<senkusha> I can't see any of them by name
<AdamDV> So, say for example.
<senkusha> but if I type in http://192.x.x.x I get the very first domain directory
<AdamDV> Yes.
<AdamDV> You should.
<AdamDV> The only way your going to see others.
<AdamDV> Is by typing the name.
<AdamDV> NAME absed virtual hosting.
<senkusha> right.
<AdamDV> Typing the IP will default to the first.
<senkusha> okay.... type in http://www.intelatech.net
<AdamDV> Unless you install mod_userdir
<senkusha> you'll see the page for that site
<AdamDV> Ok
<AdamDV> Whats the problem?
<senkusha> but if I type in my internal IP, I get http://www.americansombo.com
<AdamDV> senkusha: Typing in the IP
<senkusha> the problem is that *I* cant type in http://www.intelatech.net to see my own page
<AdamDV> Will show the FIRST virtualhost.
<senkusha> I get Unable to connect
<AdamDV> Hmm
<AdamDV> Ok
<AdamDV> wait a seconf
<AdamDV> Its the same page.
<senkusha> I typed int he IP to verify that I can get to apache at all
<AdamDV> Both URL's load the same page.
<AdamDV> Can you show me your apache conf?
<senkusha> WHAT>!!
<senkusha> yeah
<AdamDV> Becuase somethingain't right.
<AdamDV> Heh
<senkusha> it's all seperated out by virtualhost
<AdamDV> Lemme see :P
<AdamDV> All of it
<senkusha> I haven't messed with the apache2.conf, but I'll show it
<AdamDV> Alright.
<AdamDV> I'm guessing.
<AdamDV> That you haven't uncommented NameVirtualHost *:80 ?
<AdamDV> in apache2.conf ?
<AdamDV> Because.
<senkusha> let met double check
<AdamDV> If you have'nt. Thats your problem.
<crohakon> how can I chmod all files and subdirectories of a directory?
<AdamDV> crohakon: chmod -R 0774 dir/*
<AdamDV> -R is recursive.
<crohakon> thanks
<AdamDV> No problem.
<senkusha> it's not in apache2.conf...it's in ports.conf, and yes, it's not commented.
<AdamDV> Can you show me your:
<AdamDV> apache2.conf
<AdamDV> ports.conf
<AdamDV> And your virtualhosts.
<senkusha> http://pastebin.com/f64ed377
<senkusha> ports.conf:  http://pastebin.com/f3e82f95
<crohakon> so, for example... sudo chmod -R 0644 /srv/www/* should set all stuffs under www to 644?
<AdamDV> crohakon: Yes.
<senkusha> americansombo.com:  http://pastebin.com/f68a093a
<AdamDV> senkusha: Whats your document root?
<crohakon> well, it did not work =(
<AdamDV> crohakon: YOu sure?
<AdamDV> Try:
<senkusha> intelatech.net:  http://pastebin.com/f28b4ee81
<AdamDV> sudo chmod -R 0644 /srv/www
<crohakon> yes, they are still all 700
<senkusha> we'll start with those two
<AdamDV> senkusha: Okay.
<AdamDV> I already see issues.
<AdamDV> Whats your doc root?
<senkusha> it's /var/www/sites/
<AdamDV> I see.
<AdamDV> Okay.
<crohakon> No, that did not work either. blah
<AdamDV> Are you logged in as root in your server?
<AdamDV> (Interactively via sudo -i or else?)
<AdamDV> Shutdown apache
<crohakon> I am not logged in as root, but using sudo
<AdamDV> Okay.
<AdamDV> Sudo up to root.
<AdamDV> For now.
<AdamDV> sudo -i
<AdamDV> brb
<senkusha> for permissions I always just navigate to the dir and do :  chmod -R 777 * (or what ever permissions I need)
<senkusha> for permissions I always just navigate to the dir and do :  sudo chmod -R 777 * (or what ever permissions I need)
<AdamDV> Alright
<AdamDV> Whoa.
<AdamDV> Nick confuse.
<AdamDV> crohakon: I dunno.
<AdamDV> senkusha: You root?
<senkusha> yes.  my I can sudo my username if needed
<AdamDV> Alright
<AdamDV> I'm gonna change your confs a little.
<senkusha> okay, cool
<senkusha> Iobviously missed something LOL
<AdamDV> Hah
<AdamDV> senkusha:
<AdamDV> http://pastebin.com/m1833ce12
<AdamDV> http://pastebin.com/m8708639
<AdamDV> http://pastebin.com/m3694b96b
<AdamDV> Also
<AdamDV> Remove the trailing slash from any "Directory" statements
<crohakon> damn, permissions are a b*tch sometimes..
<AdamDV> Also, make this:
<AdamDV> <Directory /var/www/sites/americansombo/> 		Options Indexes FollowSymLinks MultiViews 		AllowOverride None 		Order allow,deny 		allow from all
<AdamDV> The 'allow from all'
<AdamDV> make it 'Allow from all\
<AdamDV> *'Allow from all'
<AdamDV> Apache is picky.
<AdamDV> senkusha: Working now?
 * crohakon thinks adamDV knows is sh*t lol
<AdamDV> I do.
<AdamDV> :)
<AdamDV> Hehe. Not to brag, but I run a computer company that does web design and server admin.
<AdamDV> And, I'm 13.
<AdamDV> :)
<AdamDV> Anyway, good that its working now.
<AdamDV> VirtualHosts can be a bitch sometimes.
<AdamDV> senkusha: Are the other domains working?
<crohakon> Damn, i'm 25 and struggling over chmods. Keep up the good work.
<AdamDV> Heh.
<crohakon> =)
<AdamDV> crohakon: Are you on debian?
<senkusha> [warn] NameVirtualHost *:80 has no VirtualHosts
<crohakon> yes
<crohakon> ubuntu
<AdamDV> crohakon: I see.
<AdamDV> 1 sec, and I'll try to help.
<senkusha> other domains, probably not yet
<AdamDV> senkusha: [warns] aren't too hazardous.
<AdamDV> I can see that both those domains now work.
<roxy08> hi there...  I am getting this error with Winbind : Failed to issue the StartTLS instruction: Connect error. Somebody can help me?
<AdamDV> And go to seperate sites.
<senkusha> I did notice while in VI that intelatech was color coded differently than american sombo
<AdamDV> senkusha: Thats vi's fault. But, I'll look.
<AdamDV> brb
<senkusha> ok
<senkusha> I'll fix the other domains
<AdamDV> Alrighty.
<AdamDV> senkusha: Lemme see about ports,conf and that warning.
<senkusha> okay, all other domains fixed.
<AdamDV> Cool
<AdamDV> What was the issue?
<senkusha> now, that everybody else sees (the correct) sites, I can not.  I get Unable to connect.
<AdamDV> senkusha: Release your DNS.
<senkusha> how do I do that?
<AdamDV> Firstly, restart apache.
<senkusha> I just did that
<AdamDV> Secondly, are you on windows or linux?
<AdamDV> Okay.
<senkusha> my laptop is windows vista
<AdamDV> K
<AdamDV> Press start - type in cmd
<AdamDV> ipconfig /release
<AdamDV> ipconfig /renew
<AdamDV> WAIT
<AdamDV> DONT DO THAT
<crohakon> hehe
<crohakon> hehe
<AdamDV> 1second.
<senkusha> okay...windows was being slow about finding 'cmd' LOL
<crohakon> =)
<AdamDV> Haha
<AdamDV> Alright do this.
<AdamDV> ipconfig /flushdns
<AdamDV> ipconfig /release
<AdamDV> ipconfig /renew
<crohakon> senkusha, why not install ubuntu on your laptop?
<AdamDV> crohakon: Ubuntu is bitchy on laptops.
<senkusha> when I tried /flushdns, I got:  this operation requires elevation
<AdamDV> If its a dell, it'll most likely brick it.
<AdamDV> senkusha: Run cmd as administrator.
<senkusha> I need windows for a couple of applications that ubuntu just can't handle yet
<AdamDV> Did you flush the DNS?
<senkusha> okay.  doen
<senkusha> done
<AdamDV> How the fuck did you stay connected?
<AdamDV> You sure you did it all?
<crohakon> good question...
<AdamDV> As an administrator?
<senkusha> let me run it again...
<AdamDV> Yea.
<crohakon> Yeah, it should have killed your connection for a moment.
<senkusha> An error occurred while releasing interface Loopback Pseudo-Interface 1 : The sy
<senkusha> stem cannot find the file specified.
<senkusha> The operation failed as no adapter is in the state permissible for
<senkusha> this operation.
<senkusha> when I tried to /release
<senkusha> crap
<roxy08> hi there...  I am getting this error with Winbind : Failed to issue the StartTLS instruction: Connect error. Somebody can help me?
<AdamDV> What should happen ^^
<AdamDV> Anyway, if you say its flushed.
<AdamDV> Alright.
<AdamDV> Try viewing your sites.
<senkusha> yeah, flushing worked
<crohakon> no, he has an error
<crohakon> oh..
<crohakon> guess not..
<AdamDV> Can you see the sites?
<senkusha> no
<AdamDV> What happens when you type in the domain name?
<senkusha> if I'm running a webserver, do I need to run a DNS server too?
<AdamDV> Also, before I continue, tell me your not using IE.
<senkusha> "unable to connect" after about three seconds
<senkusha> firefox
<AdamDV> Thank god.
<AdamDV> Hmm
<senkusha> LOL
<crohakon> lol
<AdamDV> WHat happens when you type in the internal IP?
<senkusha> I get americansombo.com
<AdamDV> Okay.
<AdamDV> Now, open up cmd
<AdamDV> and do:
<AdamDV> ping americansombo.com
<senkusha> 216.x.x.x
<senkusha> pinged ok
<AdamDV> Then its firefox.
<AdamDV> Open firefox.
<AdamDV> Press
<AdamDV> shift ctrl delete
<AdamDV> And delete it all.
<AdamDV> Then refresh
<AdamDV> (Combination memorization = win)
<senkusha> okay...it's thinking about it LOL
<AdamDV> Haha
<senkusha> ...and still thinking...
<AdamDV> You must have been suring lots of porn.
<AdamDV> If it takes that long :P
<AdamDV> *surfing
<senkusha> refreshed using Ctrl-f5
<crohakon> =) Naughty Naughty
<senkusha> still see americansombo.
<AdamDV> That would also work. I liked my way :P
<senkusha> intelatech.net comes up as unable to connect
<AdamDV> Ping intelatech.
<AdamDV> See if it comes up under the same IP.
<crohakon> works fine for me... I can see intelatech.net just fine.
<senkusha> 216.x.x.x OK
<crohakon> =)
<AdamDV> GODDAMN IT.
<AdamDV> I SEE AMERICAN THING WHEN I TYPE INTELATECH.
<AdamDV> AUGHHH.
<AdamDV> FUCK APACHE.
<senkusha> cool, I'm not the only one pulling my hair out
<AdamDV> </rant>
<AdamDV> Yea
<AdamDV> Comes with the job Haha.
<AdamDV> Alright.
<AdamDV> IP comes back.
<senkusha> ^clears cache  ?
<uvirtbot`> senkusha: Error: "clears" is not a valid command.
<senkusha> yes
<AdamDV> Hmm
<crohakon> I see the intelatech website at intelatech.com where I used to see americansombo before you helped him.
<senkusha> did you clear YOUR history?
<crohakon> It works on my end
<AdamDV> Did you change the apache conf ?
<AdamDV> Alright, clearing mine.
<senkusha> it's intelatech.NET
<crohakon> mistype,
<crohakon> hehe
<crohakon> I meant intelatech.net
<senkusha> ok
<AdamDV> crohakon: What do you see?
<AdamDV> Blue background?
<AdamDV> American Sombo
<AdamDV> up top?
<vraa> i think i figured it out, i need to add "auto eth0" "auto eth1" all the way to "auto eth3" in my /etc/network/interfaces -- that's why my ubuntu doesnt boot - right?
<vraa> or having multiple "auto" s will cause issues, i am not understanding some of these examples, it says it's okay for loop back interface
<AdamDV> I see American Sombo
<senkusha> auto eth0 will automatically start that network interface on boot up
<crohakon> I see "Finally: Affordable, 24-Hour Computer Service!"
<AdamDV> Okay
<AdamDV> Its me then.
<senkusha> flushed your DNS?
<vraa> thanks senkusha , and if there is no wire in corresponding ethernet jack? it will just assume it is disconnected right? currently i only have "auto lo" and "auto eth2" , eth2 being the plug i have connected in
<AdamDV> Don't have one.
<AdamDV> :P
<senkusha> yes
<AdamDV> I do my own DNS, because I roll like that.
<AdamDV> Haha
<AdamDV> Anyway.
<crohakon> lol
<vraa> so curious: why didn't ubuntu already add auto ethX for the rest of the ethernet ports? btw my mobo has 4 onboard ethernet
 * senkusha is scared of the creepy DNS server configurations
<senkusha> @vraa:  I think it only does it for eth0 by default
<AdamDV> senkusha: Good idea.
<AdamDV> Whats another domain thats on that server?
<AdamDV> Because I think it might be broken.
<vraa> eth0? you mean ... the first connected/detectable connected network interface?
<vraa> i thought the eth#'s were assigned in an order of detection?
<AdamDV> vraa: Not at all.
<senkusha> aos-ff.com, sombojoe.com, asylumtattoo.com, goldenrule345.com ... .I think that's all of them
<AdamDV> Ok.
<vraa> okay, so then how come that is eth2 consistantly then? wouldn't it be eth0 ?
<senkusha> @vraa:  nope, I found that out the hard way when I discovered that one of my NIC's (used to be eth0 died)
<AdamDV> vraa: Are you on a Linode VPS?
<vraa> oh, then i guess i forgot i must've changed it a while ago, no i am not on vps, this is a computer i built at work, i have done port forwarding so i can ssh into it
<AdamDV> Ah, I see.
<crohakon> This web site at goldenrule345.com has been reported as an attack site and has been blocked based on your security preferences. <---wtf is this all about?
<AdamDV> crohakon: Google+Firefox
<senkusha> I told the owner of his site about that....I guess he never fixed it
<AdamDV> He can't.
<AdamDV> Its Google.
<senkusha> I think he was using some hitcounter he found on the Net
<AdamDV> Once they make that domain a bad one.
<AdamDV> It aint never coming back.
<crohakon> the sombo joe site is giving me a directory list... not safe methings..
<crohakon> thinks*
<AdamDV> Yea.
<AdamDV> Indexes should be turned off.
<AdamDV> -Indexes
<senkusha> crap...I need to set the directoryindex for it
<AdamDV> senkusha: Just set -Indexes in an .htaccess
<AdamDV> or in the virtualhost options
<crohakon> and aos-ff only returns "Table 'smf_avatars.smf_settings' doesn't exist" hehe
<crohakon> I think you have more work then just the vh issues =)
<AdamDV> +1
<AdamDV> senkusha: If you wan't my honest opinion.
<AdamDV> Start with making the virtualhosts just say stuff like
<AdamDV> This is intelatech.com
<AdamDV> This is <bla>
<AdamDV> And then
<AdamDV> Once that all works
<AdamDV> Put content.
<AdamDV> OR.
<AdamDV> Install virtualmin+webmin
<senkusha> I can fix the aos site....just need to rerun the forum installer and recreate the database...that was a brand new site that was added just after the backup I had on file
<vraa> so i have added auto ethX for 0 1 3, along side eth2, but this time i need to make it like so -- http://pastebin.com/df652592 -- and that will work even if there are no cables connected?
<senkusha> I just need to be able to access it first! :)
<AdamDV> Heh.
<AdamDV> Well.
<AdamDV> The only thing I can think of is Mozilla.
<AdamDV> I hate to say this but.
<AdamDV> Try it in IE.
<senkusha> ok
<crohakon> *gasps*
<crohakon> No... no...
<AdamDV> *dies*
<crohakon> chome...
<AdamDV> Chrome is better.
<crohakon> chrome..
<AdamDV> If you have it installed.
<crohakon> hehe
<senkusha> I only use IE when I *absolutly* have to
<AdamDV> Yea
<senkusha> I've got chrome too
<AdamDV> k
<AdamDV> use that.
<AdamDV> As for IE:
<AdamDV> Pull a 4chan.
<AdamDV> KILL IT WITH FIRE.
<AdamDV> :)
<senkusha> chrome:  OOPS broken link.
<AdamDV> Shit
<senkusha> IE:  msgbox:  unablable
<crohakon> I only use IE to see how broken my websites are on it. And then to attempt work arounds to get them to look right.
<senkusha> lol
<senkusha> I wish there was a log in firefox that would show me what the hell is going on as to WHY it can't connect LOL
<AdamDV1> Sorry bout that.
<AdamDV1> Hmm
<AdamDV1> senkusha: Do you use a proxy?
<crohakon> seriously... I had IE... it is such a pain in the ass when designing websites. It does not follow any of the standards.
<senkusha> no
<AdamDV1> crohakon: +1
<AdamDV1> senkusha: I hate to say it but:
<AdamDV1> "When in doubt, pull the power cable out"
<AdamDV1> Reboot.
<crohakon> LOL
<AdamDV1> Three finger salute.
<senkusha> i've tried that already
<AdamDV1> Hmm
<AdamDV1> Alright.
<crohakon> I do not have any trouble with accessing any of your domains. *shrugs*
<AdamDV1> I've got another trick in my bag.
<senkusha> well, that's a good thing... :)
<AdamDV1> senkusha: Can you access go-techo.com?
<senkusha> taht too!
<AdamDV1> ?
<crohakon> I can
<crohakon> =)
<AdamDV1> go-techo.com doesn't work?
<senkusha> I see "Main"
<AdamDV1> crohakon: Good.
<AdamDV1> And, good.
<AdamDV1> That is my company.
<AdamDV1> TO be opened in January.
<AdamDV1> Anyway.
<AdamDV1> Lemme see about the hosts file.
<senkusha> that's in /etc/hosts  , right?
<AdamDV1> senkusha: On linux.
<AdamDV1> On windows its in:
<AdamDV1> C:\Windows\System32\drivers\etc\HOSTS
<AdamDV1> Copy cats.
<AdamDV1> Anyway.
<AdamDV1> Open that file in notepad.
<AdamDV1> And paste here.
<senkusha> 127.0.0.1       localhost
<senkusha> ::1             localhost
<AdamDV1> Fuck
<AdamDV1> Hmm
<AdamDV1> Do you have any other computers?
<senkusha> I'm thinking it has to be like a iptables thing
<senkusha> yes
<AdamDV1> Unless your vista has aids.
<AdamDV1> I see no issue.
<senkusha> let me go try on the other one
<AdamDV1> Yes.
<senkusha> okay, I think it's my laptop...but aos-ff turns up with americansombo
<senkusha> (on th eother computer)
<crohakon> it all works fine for me.
<AdamDV1> Then you've got an issue with a virtualhost.
<AdamDV1> Most likely its your computer.
<AdamDV1> Or network.
<AdamDV1> Because, it works fine for crohakon
<AdamDV1> Works somewhat for me.
<AdamDV1> And doesn't for you.
<senkusha> figures LOL
<AdamDV1> Hha
<senkusha> okay...It...It looks like I might just have to wipe and start over on the laptop
<AdamDV1> I'd reccomend that for both the laptop and the server, honestly.
<AdamDV1> And start with the basics
<AdamDV1> And slowly work up.
<senkusha> if only I didn't need firestarter to share the internet connection...that could be one issue the server has
<crohakon> firestarter?
<senkusha> it's a gui firewall app for linux
<AdamDV1> Wait.
<AdamDV1> What?
<AdamDV1> Why do you need a firewall to share the internet connection?
<crohakon> yeah, I am a bit lost here as well...
<AdamDV1> senkusha: ping.
<crohakon> you use firestarter for DHCP?
<AdamDV1> Oh god.
<AdamDV1> I really really really really hope not.
<AdamDV1> Please say you don't.
<AdamDV1> Please.
<crohakon> I see firestarter also does NAT
<senkusha> I found firestarter back in my fedora days years ago.  It has DHCP and ICS with a simple wizard.  so I set it up and never gave it a second though.  then the other day when I reinstalled the server, I was welcomed to a terminal only world.  I tried several tutuorals on the net to share my connection, but none of them worked.  So I was forced to put the desktop on with firestarter.
<crohakon> *gasps*
<crohakon> *shudders*
<crohakon> *faints*
<senkusha> I don't use DCHP...all ip's are statically assigned for all my computers...since the dhcp seems to be broken in firestarter anyway
<AdamDV1> *dies*
<crohakon> https://help.ubuntu.com/9.04/serverguide/C/networking.html
<senkusha> i'd be very happy if I could find a iptables structure that get's my ICS working without firestarter
<crohakon> ubuntu's network guide really nice... simply to understand for novices like me. I got a lamp server running in 1 hour using it. My FIRST ever attempt.
<crohakon> ubuntu's server guide*
<AdamDV1> Yea
<AdamDV1> help.ubuntu.com
<ScottK> sommer: ^^^
<AdamDV1> is great sometimes
<AdamDV1> and shit others.
<AdamDV1> Anyway, I'm out
<AdamDV1> senkusha: I hope you get it working.
<crohakon> wow... wait... let me try this again... ubuntu's server guide is really nice... simple to understand for novices like me. I got a lamp server running in 1 hour using it. My FIRST ever attempt.
<senkusha> I'm not done fighting yet...just today LOL
<senkusha> I need sleep
<ScottK> crohakon: That's why I highlighted sommer, so he'd see that comment.  He coordinated putting most of it together
<crohakon> yeah, me as well.
<senkusha> I'll check out the guide...quickly looking through, I don't see anything mention of ICS, but I'm not looking indepth yet
<crohakon> read the networking section when you are more awake. =) I am sure something will help.
<senkusha> thanks for the pointer.  Later!
<crohakon> Man... that guy has an odd setup.
<crohakon> Anyway, sleep for me as well. Goodnight all, and thanks sommer for the great guide!
<roxy08> hi I am gettin this error when connect to ldap-samba:  Failed to issue the StartTLS instruction: Connect error
<roxy08> someone know about this error
<Reepicheep> roxy08: does the ldap server have StartTLS configured?
<roxy08> I suppose yes, My samba is an member server
<roxy08> you configurated in my samba server or LDAP server?
<roxy08> The only thing that i change yesterday was a digital certificate in my ldap server but is wrk in Postfix an Courier, so should no affect?
<Reepicheep> roxy08: so did it work before the certificate was changed?
<roxy08> yes
<roxy08> but is a certificate to use with email server (which is in the same ldap server), cab it be a problem?
<Reepicheep> and does Postfix and Courier-authlib use the startTLS or are they just using standard unencrypted LDAP?
<roxy08> they use SSL
<roxy08> I suppose is the same than TLS?
<roxy08> yes they use TLS
<Reepicheep> startTLS and ldaps are different
<Reepicheep> they are both SSL but implemented differently
<roxy08> ah, ok. but my question is if i didnt any change in my samba server why i am geeting that error.
<Reepicheep> is it a self signed cert?
<roxy08> also, when i do smbclient -L myserver i got failed (Error NT_STATUS_CONNECTION_REFUSED)
<roxy08> what do you mean ? is a digital certificate that I got from third part
<Reepicheep> your SSL certificate is singed by somebody.. did you sign it or did you have some CA sign it
<roxy08> I did
<Reepicheep> the reason I ask is that some clients need special settings to allow self signed certs, or chained CAs
<Reepicheep> I'm not really a samba user but I do you ldap quite abit
<Reepicheep> so the old certificate was also self signed?
<roxy08> well, i didn nothing in ldap...but i dont know why my samber server cannot connect now
<roxy08> i suppose i am new here
<Reepicheep> so where did you install the SSL cert?  the ldap server?
<roxy08> in postfix folder and courier-imap
<roxy08> but i am not sure if this is the problem?
<Hajuu> woot
 * Hajuu just got a new job :)
<Reepicheep> ok.. I was thinking you put a new cert in openldap
<Reepicheep> startTLS and ldaps both require a SSL certificate
<roxy08> no
<Reepicheep> is the ldap server and the samba server separated by an untrusted network?
<roxy08> but openldap require a third part certficate? I mean we need to buy it?
<Hajuu> lol huh
<roxy08> no
<roxy08> are in the same network but different vlan
<Hajuu> why would you need a third party cert?
<Hajuu> and moreover why would you need to buy one
<Hajuu> :/
<Reepicheep> you can use a self signed cert with open ldap if you want.. you just need to make sure that the client will accept the self signed cert.. it's different per client
<roxy08> but i can ping and I can get information about ldap directly
<roxy08> for example with getent
<Hajuu> Yeah just generate your own ssl cert, who cares.
<Reepicheep> so getent shows ldap users from the samba server?
<roxy08> in my samba server if i do it i got users from ldap
<roxy08> the problems is the connection in samba with ldap
<Reepicheep> ok.. check your ldap.conf file on the samba server is it using startTLS or ldaps?
<roxy08> smbd/connection.c:yield_connection(42)
<roxy08> ldap
<roxy08> does show me nothing with TLD
<roxy08> TLS
<Reepicheep> it's usually best to get it working with out SSL first if it's on a trusted network .. then add the SSL in when everything else is working fine if you feel you need it.
<Reepicheep> I realize it used to work .. but it may help to trouble shoot it with out the startTLS
<Reepicheep> so your connection string should be just ldap://ldap.server.name and port 389
<roxy08> how i do it?
<roxy08> yes
<Reepicheep> does Samba talk directly to the ldap server or does it use local users through nss_ldap?
<roxy08> use nss_ldap
<Reepicheep> Hajuu: so what kinda job did you get?
<Reepicheep> and "getent passwd" shows all the users?
<roxy08> yes
<roxy08> sorry
<roxy08> i am not sure what do you mean ...i configurate nsswitch but i suppose is using the ldap directly
<roxy08> no local users
<Reepicheep> getent passwd should show all the ldap users + the local users found in /etc/passwd depending on what you have set in nsswitch
<roxy08> no just show me ldap users
<Reepicheep> that should be fine.  by local users i was referring to system users (root, syslog, ssh, and the sort)
<Reepicheep> so the error shows up in samba's logs?
<roxy08> yes
<Reepicheep> hmm. so if the system can see the ldap users through nss_ldap and if samba uses nss_ldap for it's users and ldap.conf does't have any startTLS or SSL stuff in it, where is it getting the startTLS stuff from?
<roxy08> that is dont know
<roxy08> i didn see any configuration whit that
<roxy08> also say ssl no
<Reepicheep> does samba start?
<roxy08> what do you mean?
<roxy08> yes
<roxy08> is running
<Reepicheep> I was wondering if the errors where at the time when samba started.. and if so if the daemon wouldn't start at all?
<Reepicheep> roxy08: one more thought.. is openldap, postfix, courier-authlib all running on the same machine?
<Reepicheep> roxy08: I was wondering if they are on the same server is it possible that openldap was also using the certificate that was replaced with out you realizing it.
<Reepicheep> maybe it was using startTLS all along with the old cert.
<Reepicheep> if that's the case maybe a solution would be a simple as restarting slapd to get it to read the new certificate.
<Reepicheep> or make sure that openldap is not advertising support for startTLS.. that way no clients should attempt to us it
<roxy08> uf...let me read again
<roxy08> i will try with the first thing
<roxy08> the first one does not work :(
<roxy08> and the second one...i dont know how i should chek it
<roxy08> ok, yes you was right...i restart sladp and I dont get the error for smbclient now
<roxy08> i can see my samba client
<roxy08> server
<roxy08> Reepicheep, i can now do smbclient but still i cannt coonect to ldap with the same error
<_ruben> hmm .. wonder if i could /dev/shm similar to physical disks like with iostat .. running a very disk intensive job on a ram disk
<tiger2wander> Hi all
<tiger2wander> I've just installed apache2, php5 with apache2 mod, mysql-server on Ubuntu server 9.10 but when I've request: http://127.0.0.1 it return to me a index.phtml contain php source instead of html
<gamla_kossan> hi people!
<gamla_kossan> what do I need in order to run NFS on my server?
<gamla_kossan> I've got portmapper installed
<gamla_kossan> but can't seem to find the package with nfsd
<jmarsden> tiger2wander: You might want to try enabling ExecCGI in the Options line
<jmarsden> gamla_kossan: nfs-kernel-server or unfs3 I think
<tiger2wander> jmarsden: I have install only php5 package not php5-cgi, is it ok to run without cgi mod?
<gamla_kossan> jmarsden: thanks, was nfs-kernel-server
<jmarsden> tiger2wander: Yes.
<jmarsden> gamla_kossan: Good :)
<tiger2wander> jmarsden: I have seen this problem yesterday then I have purge all installed package with configuration then re-install, it working well
<tiger2wander> jmarsden: today, I have this problem again in another Ubuntu server and it problem remain even after purge and install again
<jmarsden> tiger2wander: Strange.  I had something similar before trying to get PHP on Ubuntu 9.04 working, and I am pretty sure I added Options ExecCGI to fix it.
<tiger2wander> jmarsden: Where you add the Options ExecCGI ? apache2.conf
 * tiger2wander is away: Away
<jmarsden> tiger2wander: No, /etc/apache2/sites-available/default -- the Options line for the /var/www directory.
<tiger2wander> jmarsden:: ah, OK, let's me try it out
<tiger2wander> jmarsden:: Its still response php source code :(
<jmarsden> tiger2wander: Did you restart apache2?
<tiger2wander> jmarsden:: yep, of course
<jmarsden> OK... if you create a file test.php and browse to that does it work as expected?
<Hajuu> lol jmarsden like, the author?
<jmarsden> jmarsden like the network admin :)
<tiger2wander> jmarsden:: I have installed joomla and it has index.php file
<Hajuu> lol thats less interesting
<jmarsden> tiger2wander: And it worked fine?
<tiger2wander> jmarsden:: not yet
<jmarsden> Hajuu: But maybe more useful in #ubuntu-server :)
<Hajuu> No way, what we need is some fiction!
<Hajuu> :D
<jmarsden> tiger2wander: Then don't mess with big apps like Joomla until you have PHP working :)
<tiger2wander> jmarsden:: I've just created a test.php file and it work fine, may I need to check .htaccess file :)
<jmarsden> tiger2wander: Rename the index.phtml to test.phtml, maybe the issue is with DirectoryIndex ??
<tiger2wander> jmarsden:: May be that problem related to joomla configuration in content-type response
<jmarsden> tiger2wander: OK... *that* sounds like a different thing altogether.
<tiger2wander> jmarsden:: I'm do a deep checking about it :). Anyway, thanks
<jmarsden> tiger2wander: Sure, no problem.  I need to get some sleep anyway... 01:30am here...
<tiger2wander> jmarsden:: g9
<jmarsden> tiger2wander: Goodnight.
<Hajuu> how do you figure g9 translates to goodnight?
<Hajuu> thats taking that fad too far.
<tiger2wander> jmarsden:: My time zone is afternoon :)
<Hajuu> thats obviously: Gee nine.
<tiger2wander> Hajuu:: if you can speak aloud it, it is likely digital *slang* :P
<Hajuu> well, 'gee nine' and 'goodnight' have.. 3 letters in common
<Hajuu> out of a possible 9.
<Hajuu> so its like me just using 1/3rd of all my words and just expecting people to understand
<Hajuu> 'digital slang' version: so its me just 1/3rd of my words just expecting to understand
<tiger2wander> Because almost people think and work with their relative, not absolute like machine, then I think it is for people who working much with computer can be understand it easy :)
<Hajuu> <tiger2wander> Because people think work with relative, not like, then think is for who working with computer be it easy
<Hajuu> Do you like my digital slang converter?
<Hajuu> Its based on your research
<bios> Hey, 8.1 Server, is it possible to have virtual ftp users that can access multiple directories served by apache. Currently using pure-ftpd-mysql and have users connecting, but I can seem to get the permissions right
<bios> *can't
<tiger2wander> Hajuu:: I've not like it, because your way can not understand my words but a really human can :P
 * maxb reminds bios that there's no such thing as "8.1" server :-)
<bios> lol, indeed maxb, but I'm sure you know what I mean
<maxb> Yeah, sorry, just a pet hate of mine - malformed version numbers
<maxb> Unfortuately I don't have any ftpd experience
<bios> yeah, same here, I think its a permissions issue but I can't be sure
<Hajuu> lol tiger2wander
<Hajuu> I can also understand a painting.
<Hajuu> That doesnt mean it has good language skills.
<Hajuu> :P
<tiger2wander> :D
<tiger2wander> Anyone known there error: http://openpaste.org/en/17474/ ?
<tiger2wander> It is seen like package is hold by dpkg purge process, error happen even after I reboot server
<soren> tiger2wander: There's no error there?
<tiger2wander> I see it after purge and install package again
<tiger2wander> Then I purge it, the message still display like that without version, is it normal?
<soren> tiger2wander: You remove a package and wonder why dpkg says it's not installed? Am I understanding this correctly?
<tiger2wander> soren:: yes, but why it says "|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)" ?
<soren> It just explains what the second column denotes.
<soren> Sorry, third.
<soren> tiger2wander: Look at the full output: The first line of text has a line drawn from it down to the first column. The second line of text has a line drawn from it down to the second column. The third line has a line from it down to the third column.
<tiger2wander> soren:: Yeah, It is report error for another, right?
<soren> What?
<soren> It explains how to read the three status columns.
<soren> "Desired=Unknown/Install/Remove/Purge/Hold" == "This column denotes the desired status of this package: "u" means "unknown", "i" means install, etc. etc."
<tiger2wander> soren:: ah, :(, thanks for explains
<soren> "Status=Not/Inst/Cfg-files/Unpacked/Failed-cfg/Half-inst/trig-aWait/Trig-pend": "This column denotes the current status of the package: "n" for "not (installed)", "i" for "inst(alled)", "c" for "cfg-files (left over from unpurged package)", etc. etc."
<tiger2wander> ok, I understand
<soren> "Err?=(none)/Reinst-required (Status,Err: uppercase=bad)": "This column denotes error conditions of the package. Etc. ETc.".
<tiger2wander> so, about apache2: is it control defaults page will be read in /etc/apache2/mod-enabled/dir.conf such as: index.php, index.html ?
<tiger2wander> Caused by I have got response with content-type=application/x-httpd-php instead of text/html when I'm trying to request http://domain.com/
<tiger2wander> but server response right content-type when I request http://domain.com/index.php
<tiger2wander> is there any idea about that problem?
<soren> tiger2wander: How are you testing this?
<soren> Where are you seeing this content-type=application/x-httpd-php?
<tiger2wander> I'm using curl: curl -D - http://domain.com
<soren> Then I don't know.
<tiger2wander> and firefox display download dialog with file type also
<soren> Forget about firefox for this.
<soren> Rely on curl (or wget).
<tiger2wander> yeah, It is strange, may it is a bug from Ubuntu server or apache2 :)
<tiger2wander> yeah, anyway, it can be netcat :D
<soren> No, my point is that Firefox is unreliable for this.
<soren> It has an extremely annoying habit of caching the mime-type.
 * soren lunches
 * Hajuu launches
<uvirtbot`> New bug: #457045 in bind9 (main) "Command host chooses another DNS server to query than I specified" [Undecided,New] https://launchpad.net/bugs/457045
<acalvo> Hi
<acalvo> How can I completely remove a package?
<acalvo> using apt-get purge package sometimes leaves directories with files
<soren> acalvo: That's usually a bug in the package. Which package is it, and which files are left behind?
<acalvo> soren: while I'm installing a mailing list server, I've tried sympa and mailman
<acalvo> mailman has left lots of files under /var/lib/mailman
<acalvo> it should, at least, ask to remove them
<soren> acalvo: Debian bug 176154
<uvirtbot`> Debian bug 176154 in mailman "mailman: purge of package deletes list archives and member lists." [Important,Fixed] http://bugs.debian.org/176154
<soren> acalvo: It's intentional.
<soren> uvirtbot`: nick uvirtbot
<acalvo> soren: thanks then
<soren> acalvo: Feel free to file a bug about it, if you think it's wrong.
<acalvo> soren: i'd rather ask first here, filling bugs that already exist or are useless does not help too much
<soren> acalvo: It's useful to a) know that there are differences of opinion as to what should happen to /var/lib/mailman on purge, and b) for other users who -- like yourself -- wonder why this is so.
<acalvo> soren: I'll take a closer look to the bugtracker
<acalvo> by the way, sometimes I need to return a package to its original state (configuration, files, etc...)
<acalvo> sorry
<Hajuu> you will be.
 * Hajuu shakes fist
<Boohbah> pre-emptive strike!
<garymc> Anyone know how I link a Domain name to my server ip address?
<garymc> so my server has a somain name linked to it?
<nijaba> kirkland: I just completed and install following https://help.ubuntu.com/community/UEC/PackageInstall
<nijaba> kirk it works like a charm. great job
 * nijaba -> lunch
<uvirtbot> New bug: #457092 in libvirt (main) "starting a VM with an SDL display hangs virtmanager and virsh" [Undecided,New] https://launchpad.net/bugs/457092
<kirkland> nijaba: cool
<acalvo> Hajuu: all your base are belong to us
<acalvo> hi
<acalvo> does anyone have installed mailman?
<acalvo> I'm trying to follow the 9.04 server guide howto, but I ended up having lists with name@domain.com, instead of name@lists.domain.com
<acalvo> is there any file where the address template can be defined (lists.domain.com)?
<soren> acalvo: DEFAULT_EMAIL_HOST = 'lists.ubuntu-dk.org'
<soren> acalvo: For instance.
<soren> acalvo: In /etc/mailman/mm_cfg.py
<acalvo> soren: thank you
<acalvo> I was taking a look at that file right now
<aubre> guten morgen people
<aubre> did the meeting link get put up yet?
<aubre> meeting log actually?
<bogeyd6> has anyone else tried an apt-get update and failed?
<bogeyd6> if you have, you need to "apt-get autoclean" and "apt-get clean"
<Darknet> wenas
<Darknet> alguien por ahi?
<bogeyd6> whew! we broke a thousand tickets this week
<aubre> Is it possible that since my host filesystem is XFS - that it is what is preventing me from mounting SC (EBS-style) volumes in my VMs?
<UnixDawg> what deb pkg is php5-rewrite in ?
<crohakon|afk> So, I have an issue where if I leave the server box running for a while with no activity, and I come back later, the box appears to be frozen up. Cannot SSH, no screen will come up on the monitor. Any reason this might happen?
<skuld> Can anybody help me set up internet connection sharing (without having to use Firestarter)?
<crohakon|afk> well, got to go to a trade show, I suppose I will ask when I return.
<crohakon|afk> https://help.ubuntu.com/community/Internet/ConnectionSharing
<uvirtbot> New bug: #456660 in openssh (main) "ssl(8) man page missing from package (or distribution)" [Wishlist,Confirmed] https://launchpad.net/bugs/456660
<skuld> I read that tutorial, but I guess I did something wrong, becuase it didn't work
<skuld> I did the following  before running following the doc:
<skuld> iptables -F (which closed down my ICS from firestarter)
<skuld> sudo apt-get purge firestarter
<skuld> then added the three lines for iptables
<crohakon|afk> it would be wise to disable firestarter before trying to configure your iptables...
<crohakon|afk> anyway, gotta go bye
<skuld> okay, I'll try that
<skuld> can somebody review my /etc/network/interfaces ... when I tried the ICS tutorial, my eth2 didn't come up.  I want to make sure I  have my interfaces set right
<The2morrowMan> Sure. Pastebin it.
<skuld> Thanks!
<skuld> http://pastebin.com/f6b60a956
<uvirtbot> New bug: #456308 in ntp (main) "drift file blocked by apparmor ntp profile" [Medium,Fix committed] https://launchpad.net/bugs/456308
<The2morrowMan> Well, first off, your gateway for eth2 is on a completely different network than the address or network declaration.
<Hajuu> lol
<skuld> I wasn't sure what to put for it, since I thought my gateway was eth0
<The2morrowMan> eth0 doesn't talk to the 192.168.1.0 network.
<The2morrowMan> Describe the purpose of the system. Is it a gateway/router?
<skuld> but it should after I add these, right:
<The2morrowMan> Ahhh, yes. The "Add More Shit" approach.
<skuld> sudo iptables -A FORWARD -i eth0 -o eth1 -s 192.168.0.0/24 -m conntrack --ctstate NEW -j ACCEPT
<skuld> sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
<skuld> sudo iptables -A POSTROUTING -t nat -j MASQUERADE
<skuld> fixing the ip ofcourse
<The2morrowMan> Halt.
<The2morrowMan> Cease. What is the purpose of the system?
<skuld> the server is a web and mail server
<Hajuu> hahah
<skuld> I need internet connection sharing so my laptop and other PC can get on the Net
<Hajuu> You're already dead.
<The2morrowMan> But it's got two NICs, with one appearing to point to an external network, and the other is an internal network.
<Hajuu> I know this must come as a shock
<skuld> also the server is going to be acting as a firewall
<The2morrowMan> So, it's a router, right?
<skuld> yeah
<The2morrowMan> Okay, NOW, I can work with this.
<The2morrowMan> Second question: Why is eth0 NOT using DHCP?
<skuld> eth0 is my DSL connection...using a static IP for my webserver...that my ISP gave me
<The2morrowMan> Okay.
<The2morrowMan> Network lines in the interfaces file are superfluous. The network is extrapolated via the address and netmask.
<skuld> I was wondering why I've never seen that before
<The2morrowMan> http://pastebin.com/m2cc96732
<skuld> but the doc says it's required
<The2morrowMan> Whatever tutorial you followed was written by a gorilla on acid.
<Hajuu> Who wants to help me setup the largest turnip porn empire the world has ever seen?
<skuld> LOL
<The2morrowMan> Hajuu: I am totally up for that.
<Hajuu> Cool, ill cut you in at 1%
<Hajuu> let me just do the maths..
<The2morrowMan> skuld: My interfaces file is very similar, as my server is my router.
<Hajuu> hm 1%.. multiply by.. nothing... *taps on calculator*
<The2morrowMan> skuld: Secondly, why did you decide to not assign eth2 a 192.168.1.1 address?
<Hajuu> 192.168.1.* is so.. 2008
<Hajuu> this is 2009
<Hajuu> get with the NOW
<The2morrowMan> Hajuu: 10.4.20.0?
<Hajuu> The future is all about 10.1.1.*
<skuld> for some reason, I thought 192.168.1.1 was being used by something else...maybe my wireless access point?
<Hajuu> you can have multiple networks on the same subnet as long as they arent freaking huge dhcp monsters
<Hajuu> subnet/ip block
<The2morrowMan> skuld: Oh, you've got a WLAN AP. You're going to have fun configuring that to NOT serve DHCP, and to not try routing packets.
<Hajuu> lol huh routers usually have a dhcp on/off thingy
<Hajuu> even wireless ones
<Hajuu> :o
<The2morrowMan> Hajuu: That's the easy part. Disabling its routing function is a little harder, usually.
<Hajuu> Damn, freenode wont let me change my nick to CiscoJuu
<Hajuu> meh well the easiest way is to have it as a gateway, not a router
<Hajuu> and have all trafic simply port forwarded to the gateway
<The2morrowMan> Hajuu: I just uploaded DD-WRT and disabled routing.
<Hajuu> lol why would you buy a router
<Hajuu> then turn it into a dsl modem?
<Hajuu> seems extrenuous
<The2morrowMan> Because it's not my modem.
<The2morrowMan> It's a WLAN AP, and that's it.
<skuld> okay, I'm going to restart this and see what happens.
<Hajuu> routing is like love.. even wireless AP's want it.
<Hajuu> <3
<The2morrowMan> Hajuu: Eff that.
<skuld> this is a good tutuorial for ICS?
<Hajuu> lol
<skuld> https://help.ubuntu.com/community/Internet/ConnectionSharing
<Hajuu> ICS aint no thang but a chicken wing
<Hajuu> ya herd.
<The2morrowMan> Hajuu: My AP is like a whore with no condom. It doesn't matter if she wants it or not - She gets it all, and just passes it on.
<Hajuu> hahah
<Hajuu> .. Damn.
<The2morrowMan> Heh... That was actually pretty good... :P
<Hajuu> too true.
<Hajuu> If not mildly de-childhoodizing.
<Hajuu> :((((((
<Hajuu> :D
<UnixDawg> what php deb pkg is php5-rewrite in ?
<UnixDawg> I cant find it on ubuntu
<UnixDawg> in the pkgs
<Hajuu> um
<Hajuu> php5-rewrite?
<UnixDawg> yes php5-rewrite
 * soren wanders off for a while
<Hajuu> surely you mean the apache mod_rewrite
<Hajuu> ...
<UnixDawg> there is also a phpr-rewrite
<Hajuu> its not anything to do with php
<UnixDawg> php5
<Hajuu> I doubt that.
<UnixDawg> extension
<Hajuu> ok now I know you're full of shit, as an extension would still require a script to.. use the extension
<Hajuu> and for all trafic to be directed to that script
<Hajuu> which you can setup without any extension
 * Hajuu is the manager of a php channel
<UnixDawg> sorry wrong module
<The2morrowMan> There is no php5-rewrite.
<UnixDawg> brain fart
<UnixDawg> lol
<UnixDawg> xmlwriter.so
<The2morrowMan> php5-xmlwriter
<The2morrowMan> I think.
<Hajuu> ......
<Hajuu> THATS what you meant?
<Hajuu> lol
<Hajuu> use simplxml
<Hajuu> ftw
<The2morrowMan> I'm wrong.
<UnixDawg> ok
<Hajuu> <obligatory> AREN'T YOU ALWAYS? </obligatory>
<Hajuu> :D
 * The2morrowMan cries endlessly. "I'm such a failure!"
<Hajuu> It's because you're too busy livin in tomorrow
<Hajuu> :o
<Hajuu> If I produced porn, i'd make the ladies say stuff not at all related to whats happening
<Hajuu> "Ohhh, butter! All over my hot northern kingmouth salmon!"
<Hajuu> "Mmmm, marygo round, pop my balloon sixteen times!"
<Hajuu> ...Is that weird?
<MTecknology> This is pretty offtopic for this channel..
<Hajuu> *shrug* how do you figure?
<Hajuu> Seems perfectly on topic.
<Hajuu> Maybe you've lost touch with what the topic is. :(
<MTecknology> this is -server
<Hajuu> lol
<UnixDawg> brb
<Hajuu> I'm just joking.
<Hajuu> i'll leave you guys in peace for a bit
<Hajuu> if anyone needs help with apache or php say my nick
<Hajuu> :o
<MTecknology> Hajuu: If you want to say random crap like that, you should go to #ubuntu-offtopic
<MTecknology> ;)
<UnixDawg> ok and yes I need apache mod_rewrite it seems
<Hajuu> What a mystery!
<UnixDawg> I dont see it in apt-cache search apache2
<Hajuu> it probably comes with apache
<Hajuu> it might even be built into the binary
<Hajuu> not sure
<helynux> saludos
<helynux> hi all
 * Hajuu waves
<helynux> how speak spanish?
<UnixDawg> ubuntu/deb o this so diff then the other linux/inix I have used
<Hajuu> lol
<Hajuu> how do you speak spanish
<Hajuu> Well
<Hajuu> First
<Hajuu> you learn spanish
<Hajuu> right? you with me so far?
<Hajuu> Next, you kind of.. hm, move your mouth, roughly up and down
<Hajuu> this is a distraction for your enemies
<Hajuu> to allow your toungue and throat to have time to work
<Hajuu> So, once you're moving your mouth mechanically up and down
<Hajuu> start to vibrate your toungue lightly
<Hajuu> and move this down, into the back of your throat
<Hajuu> Think of a word, phonetic symbol by symbol
<UnixDawg> got it
<UnixDawg> its now loaded
<Hajuu> slowly move from left to right
<Hajuu> Voila
<Hajuu> Speach!
<Hajuu> UnixDawg: I've never felt so proud
<helynux> solciito por favor colaboracion
<Hajuu> I promised myself I wouldn't cry :')
<Hajuu> No, I will not colaborate on killing your father!
<Hajuu> :o
<Hajuu> and im offended that you would ask.
<ttx> Hajuu: please bring random chatter to another channel, please.
<ttx> smoser: can I test the current UEC/EC2 or do you plan to respin them ?
<helynux> cuando estoy instalando ubuntu server en configuracion de discos raid en virtualbox
<smoser> they're good. 20091020.1
<ttx> smoser: ok thx
<smoser> i'll start testing ec2 here shortly.
<helynux> me aparece una advertencia de que los multidiscos no son leidos pero el sigue instalando normalmente
<helynux> cuando hago sudo fdisk -l
<ttx> helynux: #ubuntu-es please
<helynux> ok ok gracias ttx
<skuld> I really need some more help with this ICS
<skuld> and for some reason my eth2 comes up as state:UNKNOWN
<ttx> skuld: you'll get more help in a generic support channel, like #ubuntu
<skuld> ok
<skuld> wow, okay, I have no clue what changed, but now I can visit my own websites LOL
<skuld> now to move on to the other problem:  postfix +dovecot using msyql ....
<Hajuu> lol
<Hajuu> Quit networking.
<skuld> well, I thought I had my virtual hosts figured out last night, but i just found out that I'm going to other virutal domains on my server instead of the correct one
<zul> smoser: is the ec2 images up yet?
<smoser> indeed. the iso tracker has the ids
<smoser> they can also be seen at the beautifully revamped daily output, thanks to slangasek
<smoser> http://uec-images.ubuntu.com/karmic/20091020.1/
<smoser> but trust the tracker ids
<ttx> smoser: I got this message in my UEC console-output:
<ttx>  * Waiting for EC2 meta-data service                                            One or more of the mounts listed in /etc/fstab cannot yet be mounted:
<ttx> (ESC for recovery shell)
<Hajuu> What's EC2?
<skuld> anybody know how to use the apache rewrite so I don't have to specify both a www.sitename.com and a sitename.com virualhost?
<Hajuu> :D
<ttx> smoser: doesn't seem to prevent them from working
<smoser> ttx, what is in /etc/fstab ?
<smoser> my guess is that there is an entry for /mnt and eucalyptus is not providing a partition table and formated filesystem in the same way that ec2 does
<smoser> i dont think that should be new though
<ttx> smoser: starting a new instance to look in
<ttx> smoser: http://pastebin.ubuntu.com/298304/
<smoser> and i'm guessing you dont have a /proc/sd b
<smoser> err... /proc/partitions/sdb
<smoser> or if you do, its not formated.
<ttx> I don't have a /dev/sdb, I checked that already
<ttx> (sorry I already terminated that instance to let another test go)
<ttx> I can rerun one if needed
<zul> skuld: why not fix it in dns?
<smoser> ttx, so what i think is that this is a case where UEC is not behaving identically to ec2
<ttx> smoser: what should it do exactly ?
<smoser> let me check ec2 real quick.
<skuld> @zul: I'm not running a dns server
<kirkland> MagicFab: if you're running karmic as the host, you should get 1024x768 by default, at least
<MagicFab> kirkland, ah, no, we're on a Jaunty host
<kirkland> MagicFab: move to a karmic host and you'll get better res
<Hajuu> ..
<Hajuu> Or
<Hajuu> change your res :/
<Hajuu> Its not rocket science.
<Hajuu> bbl
<smoser> ttx, dump-data.sh at http://pastebin.com/f4ac20bc3
<smoser> m1.large type output at http://pastebin.com/f3c6840c0
<smoser> m1.small type output at http://pastebin.com/f5bfb9b54
<ttx> smoser: just a sec, starting i386 image right now
<smoser> so, ec2 does
<smoser> a.) gives you some block devices , that vary based on type
<smoser> b.) puts an ext2 filesystem on unpartitioned block devices that it gave you in a
<smoser> personally, i kind of think that b. is a bit frivolous, but i guess it does possibly save mke2fs time in the event that you're just going to use it that way.
<smoser> http://docs.amazonwebservices.com/AWSEC2/latest/DeveloperGuide/index.html?instance-types.html explains what you get per instance type.
<smoser> the way this is implemented in vmbuilder is:
<smoser> http://bazaar.launchpad.net/%7Eubuntu-virt/vmbuilder/trunk/annotate/head%3A/examples/ec2-amd64-part-file.txt
<smoser> and
<smoser> http://bazaar.launchpad.net/%7Eubuntu-virt/vmbuilder/trunk/annotate/head%3A/examples/ec2-i386-part-file.txt
<ttx> smoser: output in my current c1.medium instance is : http://pastebin.ubuntu.com/298329/
<acalvo> why ubuntu moved to bazaar and drop svn?
<Appiah> I had two servers that according to /var/log/messages rebooted , I dont know why. Anyway I can check how the reboot was started?
<Appiah> they did not reboot the same time
<ttx> smoser: want me to start a m1.large to compare ?
<aubre> ttx: I wonder if the fact that my front-end (and my nodes) use XFS file system is causing https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/452185
<uvirtbot> aubre: Error: Could not parse data returned by Launchpad: The read operation timed out
<smoser> ttx, i'm surprised that your /dev/sda2 didn't get mounted.
<smoser> can you mount it manually ?
<smoser> ie: sudo mount /dev/sda2 /mnt
<ttx> smoser: yes
<ttx> smoser: the issue is that fstab says its ext3
<ttx> while its ext2
<smoser> ah.
<ttx> so sudo mount /dev/sda2 /mnt works
<ttx> but sudo mount /dev/sda2 doesn't
<smoser> funny
<smoser> the change from ext2 to ext3 might be something that is reasonable to "fix" in uec
<smoser> but other than that, i think the differences are expected as designed
<smoser> ie, as long as they're consistent with:
<smoser> output of euca-describe-availability-zones verbose
<ttx> smoser: I'll gile a bug -- against what ?
<ttx> file, even
<smoser> well "eucalyptus".
<smoser> whatever does the mkfs invocation of the disks it gives to the guest
<ttx> smoser: eucalyptus writes that /etc/fstab ?
<smoser> no
<aubre> could using xfs as the file system on the front-end/node cause problems with SC functionality?
<smoser> but its a "not like ec2" bug to have ext2, not ext3.
<smoser> ttx, vmbuilder writes that /etc/fstab entry, and i will agree that a more flexible solution would useful there (possibly ec2-init changes)
<ttx> smoser: because I have strange things there. Different behavior between amd64 and i386
<smoser> so if you want to open a "vmbuilder should let ec2-init dynamically update /etc/fstab"  bug, i think that might be good for lucid
<ttx> The amd64 UEC has /dev/sdb in its fstab
<ttx> The i386 UEC image has /dev/sda2
<ttx> in both cases defined as ext3
<smoser> ttx, those are designed differences based on amd64 and i386 instance types
<smoser> well above, i put the urls of the two files in vmbuilder that get rendered to /etc/fstab in the guest.
<ttx> smoser: so the error in amd64 case is that there is no /dev/sdb...
<ttx> smoser: while in the i386 case the error in that its not the right fs that is on it
<ttx> on it = on /dev/sda2
<smoser> ok. i see two bugs
<smoser> 1.) parititions presented to instance have ext2, not ext3
<smoser> 2.) partitions presented to guests are not identical to ec2
<smoser> i dont really think that '2' is a bug, but rather a difference in instance type configurations (which i believe is possibly even modifyable in uec)
<smoser> as long as the partitions that the guest sees are determinable by the instance type configurations, i think thats fine.
<smoser> that make sense ?
<garymc> anyone know how I link a doamin name to my server at home?
<smoser> zul, you rock. thanks for running all those tests.
<zul> smoser: i know ;) thanks for building the images
<smoser> garymc, dyndns ?
<smoser> ttx, that make sense above ?
<ttx> smoser: but (2) triggers a bug on our side, right ?
<smoser> yes, we expect (via /etc/fstab) a certain layout
<ttx> smoser: like having a fstab with /dev/sdb while it should contain /dev/sda2
<garymc> is dydns free?
<smoser> garymc, there are free services. google will be able to tell you more (dynamic dns provider)
<garymc> I have already purchased the doamin name with UKREG
<smoser> zoneedit.com might be good for you then.
<smoser> ttx, i think that we should have a bug for lucid for that.
<smoser> something like "auto-mounting of partitions in guests should be more dynamic/flexible"
<smoser> which woudl affect i think ec2-init primarily (outside of removing that line in /etc/fstab in vmbuilder)
<ttx> smoser: this gets mounted correctly in EC2 ? I mean, the /dev/sdb on amd64 images ?
<smoser> yes
<ttx> ok, so I agree those are both eucalyptus EC2 non-conformity
<smoser> but the second bug is somewhat a configuration thing
<garymc> smoser I have a static Ip address do i still need dyndns?
<ttx> smoser: we could workaround (2) with a smarter ec2-init... but we wouldn't have the problem in the first place if they were compliant. right ?
<smoser> probably not, then. you might find better help in #ubuntu, i think this is offtopic here, though.
<smoser> sorry if i  misled you garymc
<garymc> ok
<smoser> ttx, for 1, absolutely that shoudl be ext3. simple.
<smoser> but even that could be worked around with smarter dynamic mounting
<ttx> smoser: ext2, you mean
<smoser> but why would anyone want ext2 is a reasonable question
<ttx> hm
<ttx> forget what I just said
<ttx> ext3.
<smoser> right
<smoser> i was confused there for a minute
 * ttx gets confused at the end of the day
<ttx> shouldn't parallelize discussions
<smoser> ok, heres a source of one of my confusions: http://testcases.qa.ubuntu.com/System/EC2CloudImages
<smoser> where are results to "User-data test" and "Rebundle test" supposed to be recorded ?
<smoser> i'm guessing that zul didn't run those, right?
<zul> no I didnt run the rebundle test
<aubre> is it possible that using XFS on the CC or NC could keep SC functionality from working?
<smoser> ttx, could you comment on my test-case question above?
<smoser> zul, did you do user-data test ?
<zul> smoser: nope just the basic functionality ill run the user-data test right now
<smoser> and where will you record those results ?
<smoser> i'm just constantly baffled by the iso testing ui
<ttx> smoser: they are not part of the ISO tracker tests
<ttx> smoser: they would warrant two extra lines in the tracker
<ttx> as of now I'd
<ttx> just report any failure in those tests as a minor bug i the instance run test
<ttx> (not triggering a FAIL)
<smoser> i dont have failures in them to report, just am always confused when i click a link that says "more information about running this test" and its got a bunch of seemingly un-relevant information
<ttx> smoser: the page contains descriptions for 4 tests
<ttx> smoser: but only two of them are used in the ISO tracker
<smoser> right.
<ttx> (if that makes any sense :)
<smoser> it does
<smoser> but because there are these 2 extra tests... its just confusing
<smoser> to my feeble brain
<ttx> smoser: upgrade it
<smoser> gaa.... we seem to not have ssh fingerprint output on ec2 again
<smoser> why does this happen!
<ttx> smoser: the cloud wants you dead
<zul> or bald
<ttx> smoser: I filed bug 457281 and bug 457283
<uvirtbot> ttx: Error: Could not parse data returned by Launchpad: The read operation timed out
<uvirtbot> ttx: Error: Could not parse data returned by Launchpad: The read operation timed out
<ttx> sigh
<uvirtbot> New bug: #457281 in eucalyptus (main) "Partitions presented to instance should be ext3, not ext2" [Medium,New] https://launchpad.net/bugs/457281
<ttx> smoser: btw I implemented the qemu-img -b COW style for my scrappable test VMs, its a lot fatser now, thank you for the tip you gave me back in Dublin
<ruben23> hi, what is the equivalent command of locate on ubuntu server..?
<Appiah> locate is avaiable on ubuntu server
<Bilge> derp
<zul> ttx: does the ssh keys get displayed on the console for uec?
<addisonj> an opinion question for you all, setting up a webserver for a department at my university, deparment has its own page, but much of the faculty then have their own sub pages which they update and manage themselves, whats the best solution for that? webdav? would you split it across multiple vhosts?
<zul> smoser: its not anything obvious to me maybe ask Keybuk
<smoser> zul, you verify that the beta had it?
<zul> not yet..gimme a sec
<fahadsadah> I have a server.
<fahadsadah> Set up to authenticate against LDAP.
<fahadsadah> id ldapusername doesn't work
<fahadsadah> Returns no such user.
<fahadsadah> I straced it.
<fahadsadah> Found it isn't connecting to the LDAP server.
<fahadsadah> nsswitch.conf is OK.
<fahadsadah> Ideas?
<ahasenack> fahadsadah: libnss-ldap needs to be installed, and /etc/ldap.conf to be configure
<fahadsadah> ahasenack: It is
<ahasenack> fahadsadah: then the user in ldap is not posixAccount
<fahadsadah> Is.
<skuld> does dovecot not compile with mysql support when installing ubuntu server?
<fahadsadah> It weirdly started working now.
<fahadsadah> I know caching wasn't the issue, though.
<fahadsadah> As I tried multiple users.
<ahasenack> fahadsadah: nscd running?
<fahadsadah> ahasenack: Yes.
<ahasenack> fahadsadah: then it's the culprit
<fahadsadah> I cleared the cache, though.
<ahasenack> nscd -i or something?
<fahadsadah> -i passwd
<fahadsadah> Be right back. Reboot.
<ahasenack> well, nscd is like that, weird
<ahasenack> it helps and also gets in the way
<KurtKraut> Talking about DNS cache, please vote for my idea: http://brainstorm.ubuntu.com/idea/20842/
<nijaba> ttx/soren: do you think it is normal that on all the clouds I have created, my access key is the same?  Secret key is different though (and I am glad it is)?
<addisonj> anyone here manage web servers?
<fahadsadah> addisonj: Among other things
<nijaba> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<addisonj> alright, well anyways, just trying to figure out the best content management system, have one main site with sections that are managed by individual users, just trying to figure out the most pain free way that isn't just giving them ssh access
 * nijaba loves drupal
<nijaba> used on www.ubuntu.com too
<addisonj> was thinking WebDav, but not so sure about security of it
<nijaba> addisonj: webdav with certs on ssl is pretty strong
<addisonj> but how do i give users only access to their section of the site under webdav?
<fahadsadah> addisonj: That's harder.
<fahadsadah> As usually, sections tend to be part of the same file.
<fahadsadah> See a CMS.
<fahadsadah> Joomla or Drupal.
<addisonj> okay so Drupal, I don't need its actual content management as much as just users and file management
<skuld> is there a way that i can tell if dovecot is compiled with mysql support?
<nijaba> skuld: dovecot --build-options?
<nijaba> skuld: and on 9.04, at least, it is
<skuld> cool!  now to find out why passdb sql{...} is blowing up
<nijaba> skuld: good luck
<skuld> thanks
<skuld> I truly don't get this.
<skuld> I followed the tutuorial exactly to set up postfix/dovecot with mysql virtual users.  The only problem i'm getting is when I try to start dovecot, I get:  Error: Error in configuration file /etc/dovecot/dovecot-postfix.conf line 5: Unknown section type
<skuld> and line 5 is: passdb sql {
<Tohuw> !firewall
<ubottu> Ubuntu, like any other linux  distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/Uncomplicated_Firewall_ufw), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI applications such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist
<skuld> and that header is defined in http://wiki.dovecot.org/MainConfig
<ruben23> hi how do i make my application run automatically upon reboot with ubuntu server
<ruben23> like mysql, apache
<ruben23> anyone have idea..?
<Tohuw> ruben23: You could call it via a daemon script in /etc/init.d
<skuld> ummm, I know there's a way...I can't remember the file though....but I know when I installed from apt-get, that was done for me automatically
<ruben23> Tohuw:  how would i do it..?
<Tohuw> ruben23: See https://help.ubuntu.com/community/UbuntuBootupHowto but consider doing it the "new" Ubuntu way, using Upstart (http://www.linux.com/archive/feature/125977)
<Tohuw> Is there any Ubuntu documentation floating around on setting up an iptables firewall with 2 NICs (one for outside interface, one for inside interface)?
<skuld> Tohuw: I've got what you need right here
<skuld> http://pastebin.com/f3a1d7b6d
<skuld> that's mine
<Tohuw> skuld: lovely, many thanks
<skuld> and this:  https://help.ubuntu.com/community/Internet/ConnectionSharing
<ruben23> hi i have installed apache2 on my ubuntu server----> what config shoudl i be setting it, is it apache2.conf or httpd.conf-----> httpd.conf is empty
<skuld> apache2.conf is the main....
<skuld> then you add virtualhosts (if you need them) in sites-enabled.
<skuld> I can show you mine ifyou'd like
<skuld> mostly I just left apache2.conf alone
<skuld> everything is now done in the sites-enabled files
<skuld> one of my domains:  http://pastebin.com/f5929b1d9
<mathiaz> kirkland: are you still editing https://help.ubuntu.com/community/UEC/PackageInstall?
<kirkland> mathiaz: i don't think so; still locked?
<mathiaz> kirkland: yes
<mathiaz> kirkland: it says the lock timed out 30 mn ago
<kirkland> mathiaz: i had to restart my browser, upgrade
<kirkland> mathiaz: you can have it
<kirkland> mathiaz: are you reviewing it?
<mathiaz> kirkland: okdiokoiekdoi
<kirkland> mathiaz: if so, thanks!
<snth> Where do I view logs about a client pinging my server?
<ikonia> smoser: pinging won't be logged unless you have something like iptables set to capture icm p
<snth> ikonia: how do I set iptables to capture it?
<skuld> iptables -L will show them
<skuld> you need a program like pastebinit to capture
<skuld> or you could just redirect:   myIPtables.txt < iptables -L
<ikonia> snth: iptalbes -L only shows your rules
<ikonia> sorry
<ikonia> skuld: iptables -L only shows your current rules
<skuld> okay.  I didn't know that :)
<ikonia> snth: you need to use tools such as ulog to log and capture the packets, but the rule you need is to block and log icmp
 * skuld wants to know if anybody has experiance with setting up postfix/dovecot with mysql userbase?
<snth> ikonia: I don't necessarily want to block it. I just want to log it and be aware that/when it happens.
<ikonia> ok, so you need to accept and log
<snth> Does that work the same  for nmap packets?
<ikonia> nmap packets ?
<ikonia> nmap is a tool
<snth> What kind of packets does nmap use? I am sorry if this isn't in the right channel.
<snth> I am just trying to figure out how to capture different kind of requests and log them.
<snth> ikonia: Thanks. ulog is what I was looking for.
<ikonia> no problem
<clusty> qt
<Reepicheep> ikonia: to log ping traffic to syslog.. you can enter an iptables rule like this:
<ikonia> Reepicheep: it's snth ^^^ who's looking for iptables rules
<Reepicheep> iptables -A INPUT -p icmp -m icmp --icmp-type 8/0 -j LOG --log-prefix "ICMP PING: Echo Request : "
<ikonia> I'm sure he'd appreicate any suggestion
<Reepicheep> on.. sorry about that .. that's for snth then
 * nijaba calls it a day.  maybe back later
<ikonia> I've never used --icmp-type before though, what's that ?
<ikonia> Reepicheep: not at all, you've just shown me something new
<Hajuu> MenZa: Fucking faggot.
<snth> Reepicheep: Thanks for that.
<Hajuu> How about that language?
<ikonia> !ops | Hajuu
<ubottu> Hajuu: Help! Channel emergency! infinity, soren, lamont, mathiaz or tom
<Hajuu> Does it offend you?
<Hajuu> kthxbye.
<Reepicheep> icmp type 0/8 is echo requests, ping requests
<Hajuu> Keep your fucking superficial selfrighteous standards to yourselves
<Hajuu> !ops | hajuu
<ubottu> Hajuu, please see my private message
<Hajuu> !ops | hajuu
<Hajuu> !ops | hajuu
<Hajuu> !ops | hajuu
<Hajuu> !ops | hajuu
<Hajuu> !ops | hajuu
<Hajuu> !ops | hajuu
<Hajuu> !ops | hajuu
<Reepicheep> you can use this to see the replies:
<Reepicheep> iptables -A INPUT -p icmp -m icmp --icmp-type 0/0 -j LOG --log-prefix "ICMP PING: Echo Replies : "
<ikonia> thank you niko
<skuld> YAY!  I finally have the postfix/dovecot/mysql email solution working!
<skuld> now....how the heck do I add the email users?  LOL
<ikonia> Reepicheep: what other --tcmp-type options are there ?
<mneptok> niko: you might want to make the host ban wider, and ident narrower
<ikonia> skuld: where are you telling it to authenticate against ?
<mneptok> *shrug*
<skuld> mysql database
<Reepicheep> snth: just make sure that those lines are before you accept the icmp traffic
<ikonia> skuld: ok - have you looked at postfix admin ?
<Reepicheep> ikonia: http://www.iana.org/assignments/icmp-parameters
<skuld> duh!
<skuld> LOL
<ikonia> Reepicheep: thank you
<Reepicheep> i misstated  it earlier .. in iptables it is 8/0 not 0/8
<Reepicheep> I had it write on the rules I posted though
<skuld> the URL is http://192.168.1.1/postfixadmin....right? LOL
<ikonia> skuld: if that's where your webserver is bound to
<ikonia> skuld: and it depends where you got postfix admin from, as the package installs it to specific places depending on who packaged it
<skuld> okay.  now I just have to go find it again
<Reepicheep> oh yeah snth, also nmap scans many different ways. for instance if nmap scans with -sP it will use ICMP pings.  but it will not on some other scan types like -sS which is a tcp syc scan
<soren> nijaba: Yes, that's perfectly normal.
<soren> nijaba: The access key is some sort of hash of the username or something like that.
<soren> nijaba: ...and since your username is always "admin"...
<soren> nijaba: It's better now than a couple of months ago.
<Didal> .
<soren> nijaba: Back then, the secret key would have been the same as well.
<snth> Is there a way to capture nmap requests on your server?
<snth> s/requests/scans/
<soren> Sure.
<soren> snort, for one, detects that sort of thing.
<flagg0204> any here have experience installing ubuntu to an iscsi target?
<snth> Reepicheep: How can I block ping requests from a specific internal IP?
<Guest70615> where can I find the 10-10-2009 version of the beta karmic CD?
<soren> Guest70615: We don't keep all the iso's around.
<soren> Guest70615: What do you need it for?
<Guest70615> soren: I'm trying to find one for eucalyptus working out of the box and the ISO I have doesn't pass the MD5 checksums.
<soren> Guest70615: The current one doesn't work?
<Reepicheep> snth:  using iptables you can block it by adding a source to the iptables rule "-s" followed by the ip address than change the "-j LOG" to "-j DROP"
<Reepicheep> you may want to look at ufw.. it could be simpler for you
<flagg0204> has anyone installed ubuntu server to an iscsi target?
<Guest70615> soren: correct.
<snth> Reepicheep: Thanks.
<Reepicheep> snth: and as for detecting all nmap scans.. you would need an IDS of some kind .. like snort that has been already suggested
<soren> Guest70615: Have you filed bugs about your problems? We need to fix everything before the release next week. The only way we can do that is if people report the problems they find.
<snth> Thanks for the help guys
<Reepicheep> flagg0204: i've installed machines to iscsi targens before .. but never ubuntu :|
<Guest70615> soren: will do
<flagg0204> Reep - yeah same here.  Is it possible to use one iscsi target for multiple machines
<flagg0204> i.e. readonly root fs
<EtienneG> hey guys
<Reepicheep> only one machine can have access to one iscsi target at a time
<soren> Reepicheep: Are you sure?
<flagg0204> Reep - i think more than 1 can have access, but only 1 can write to the target at any given time
<flagg0204> i was thinking about doing a read only root file system, then mount /var /proc. etc into a ramfs
<soren> I'd be surprised if only one initiator could connect read-write to a target.
<Reepicheep> afaik, iscsi is block level you would need something a little higher up to handle locking and block level access
<soren> Well, sure.
<Reepicheep> the only way I have ever got multiple things reading on iscsi target is by creating a snapshot and sharing the snapshot as a target.. but that is definitely read only and also a snapshot in time
<Reepicheep> I've done some stuff like that to get backups before
<jdstrand> gfs2 or similar should handle it, though I haven't done it personally
<Reepicheep> flagg0204: you may be better of using something like NFS..  I have done that before for read only system files
<flagg0204> i thought about that too,  might have to go down that road
<flagg0204> reep - you know of any good articles on doing nfsroot / readonly filesystems on ubuntu server?
<Reepicheep> flagg0204: have you looked at the LTSP project?
<flagg0204> no i havent.  looking at it now
<flagg0204> interesting....
<Reepicheep> and sorry i'm not aware of any articles about sharing system files with NFS.. but I'm guessing google knows a lot.. probably not ubuntu specific though .. but that shouldn't matter
<Reepicheep> I have a box at home that uses LTSP to be a diskless mythtv frountend.. it works pretty good and mythbuntu pretty much sets it up for you
<flagg0204> reep - ill have to do some more research with iscsi/nfs options.....thanks for the suggestions reep
<skuld> what's the command to determine if port 25 is actually open on my box?
<Reepicheep> skuld: netstat
<guntbert> skuld: lsof -i
<skuld> well lsof -i only showed 5900 open...I don't remember EVER opening that port
<guntbert> skuld: thats vnc
<skuld> right.
<skuld> is there a way to only show the ports using netstat, and not all the other... ??files??
<Reepicheep> skuld: what does "netstat -tap" show
<Reepicheep> or if you don't want the resolutions done "netstat -tapn"
<skuld> http://pastebin.com/f8e3bb98
<Reepicheep> skuld: it looks like snmp is not listening
<Reepicheep> you could narrow it down a bit to look just for snmp like this "netstat -tap | grep LISTEN | grep snmp"
<blackxored> hello everyone
<skuld> I see...now to find out why?
<skuld> for that port to show up, doesn't something have to be listening for it?
<Reepicheep> skuld: yeah some process has to have that port open and listening
<aubre> flagg0204: I share filesystems all the time using iscsi and nfs
<skuld> I just installed postfix/dovecot  and sudo /etc/init.d dovecot start and postfix start.  That *should* do it, right?
<Reepicheep> that should start the daemons as long as everything is configured correctly and it doesn't error on start up.
<aubre> what I tend to do is use OpenSolaris as an iscsi host, set up the iscsi volumes using zfs, and then share them to the ubuntu hosts that need them using ZFS
<skuld> no errors showed up
<Reepicheep> if that's the case it should show up in the logs
<skuld> postfix uses port 25 be default, and dovecot uses 110 by default, right?
<aubre> if we can ever get Oracle/Sun to release ZFS under GPLv2 then I will replace the OpenSolaris host with an Ubuntu host
<aubre> EtienneG: is it possible that using XFS on the CC or NC could keep SC functionality from working?
<aubre> crap I'm late for a meeting see yall later
<EtienneG> aubre_afk, I do not think the underlying file system would matter much to the SC
<Reepicheep> skuld: yeah postfix should us port 25 (SMTP) dovecot uses both 110 (POP3) and 143 (IMAP) depending on what dovecot services you start
<skuld> I don't have to set anything in a conf do I?
<axisys> my ubunut server network interface is not responding starting last night.. http://pastebin.com/d4caf3592 .. any suggestion how to troubleshoot it?
<axisys> how do I check from console if the link light is on ?
<axisys> mii-tool is not helping
<Reepicheep> skuld: does /var/log/mail.err say anything?
<skuld> no, it's empty
<Reepicheep> how about /var/log/mail.warn
<skuld> <quote>
<skuld> Oct 20 03:55:29 ayeka postfix/proxymap[21111]: fatal: dict_open: unsupported dictionary type: mysql:  Is the postfix-mysql package installed?
<skuld> Oct 20 03:55:30 ayeka postfix/smtpd[21110]: warning: private/proxymap socket: service dict_proxy_open: Success
<skuld> Oct 20 03:55:30 ayeka postfix/master[15613]: warning: process /usr/lib/postfix/proxymap pid 21111 exit status 1
<skuld> Oct 20 03:55:31 ayeka postfix/proxymap[21112]: fatal: dict_open: unsupported dictionary type: mysql:  Is the postfix-mysql package installed?
<skuld> Oct 20 03:55:32 ayeka postfix/smtpd[21110]: warning: private/proxymap socket: service dict_proxy_open: Success
<skuld>  
<skuld> </quote>
<skuld> I know I installed the postfix-mysql package...I think or was that dovecot-mysql?  hold on
<skuld> yup, already installed
<Reepicheep> probably should use pastebin on that .. but google that error and see if you find anything
<Reepicheep> error as in the lines with "fatal" in it
<Reepicheep> axisys: apt-get install ethtool
<Reepicheep> then "ethtool eth0" or what ever interface you are looking at
<skuld> ok, I'll try that
<Reepicheep> axisys: that is if you have access to install ethtool on that machine with the interface problems
<Reepicheep> the hardware link light on the interface and on the switch should aslo indicate the interfaces link state
<axisys> Reepicheep: apt-get install ethtool will need for the network to work first
<Reepicheep> axisys: have you tried restarting the interface? "ifdown eth0" "ifup eth0"
<axisys> Reepicheep: yep
<Reepicheep> do you have physical access to the machine and the switch to see if there is a link light?
<axisys> Reepicheep: yes.. and i unplug and replug the cable on both switch side and server side
<axisys> [  992.259472] nv_stop_tx: TransmitterStatus remained busy<6>eth3: link down.
<axisys> [  999.342789] nv_stop_tx: TransmitterStatus remained busy<6>eth3: link up.
<axisys> Reepicheep: ^ happend when i unplugged and plugged
<Reepicheep> well that would indicate a link
<axisys> but i think some other issue here ..
<axisys> it does not say eth3 link is ready
<Reepicheep> use tcpdump to see if you see any traffic on that interface
<axisys> ok.. let me run it for a min.. be right back.. need to grab a coffee real quick
<smoser> mathiaz, good news! it looks to me that bug 451881 is "must fix" now.
<uvirtbot> smoser: Error: Could not parse data returned by Launchpad: The read operation timed out
<smoser> you stink uvirtbot
<mathiaz> smoser: "must fix"?
<mathiaz> smoser: it's marked as won't fix
<smoser> it affects ec2 also :-(
<mathiaz> smoser: ouch
<smoser> at least i think they're the same. ec2 regressed since beta
<axisys> Reepicheep: back.. tcpdumo sees no traffic
<axisys> tcpdump*
<Reepicheep> any iptables rules?
<axisys> Reepicheep: ufw is disabled
<Reepicheep> and iptables-save returns no rules?
<axisys> Reepicheep: http://pastebin.com/d50c95f84 .. does not look like it
<axisys> Reepicheep: i think some hardware..
<axisys> Reepicheep: maybe modprobe -r followed by modprobe
<Reepicheep> there are some iptables rules in there .. although the should just be logging rules .. but you may run iptables -F just in case
<Reepicheep> axisys: do you have any other available interfaces on that machine that you could try with?
<ttx> smoser: about 451881 -- do you know how to fix it already ?
<smoser> i have a couple options
<smoser> i'm testing the least intrusive at the moment
<ttx> smoser: I think it's valid to respin the UEC/EC2 images for that, just confirm with the release team -- there aren't so many tests to redo
<axisys> Reepicheep: yes.. but on same card
<ttx> I can retest the UEC images tomorrow morning if needed
<axisys> i will go ahead swith over to the other if you suggest so
<axisys> Reepicheep: ^
<Reepicheep> axisys: it may be worth a try
 * ttx goes to bed
<skuld> does postfix compile with mysql support when installing from the CD during a fresh server installation?
<jdstrand> axisys: you have ufw rules in your iptables-save paste. if you are moving away from ufw to your own iptables script, please perform 'sudo ufw disable && sudo /usr/share/ufw/ufw-init flush-all'
<jdstrand> that will disable ufw now and on boot, and flush the builtin chain hooks
<axisys> jdstrand: did the disable and flush
<axisys> here is the new iptables-save http://pastebin.com/d5a92ecb7
<axisys> jdstrand: ^
<Reepicheep> skuld: what does "aptitude show postfix-mysql | grep State"
<jdstrand> axisys: that is correct. your firewall is completely flushed
<Reepicheep> return?
<axisys> Reepicheep: ran the iptables -F
<axisys> jdstrand: still no traffic
<skuld> Reepicheep: State: installed
<Reepicheep> axisys: the iptables -F will do the same as the sudo /usr/share/ufw/ufw-init flush-all
<Reepicheep> skuld: I don't use postfix but, afaik, you should have mysql support in postfix then
<skuld> that's what it looks like.  I can't find any answers to this warn message....
<Reepicheep> I'm sure it needs configured though.. if you haven't done that all ready?
<skuld> fatal: dict_open: unsupported dictionary type: mysql:  Is the postfix-mysql package installed?
<Reepicheep> skuld: are you following a howto of some sort? if so which one?
<skuld> yeah....let me get them...
<skuld> here's one:  http://craigballinger.com/blog/2009/07/postfix-dovecot-mailserver-on-ubuntu-904-jaunty-jackalope/
<skuld> and I used this to fix a problem with that tutuorial:  http://pastebin.com/f65ef08c0
<Reepicheep> skuld: and you have setup the stuff in the my_*_map.cf files like my_alias_map.cf and my_domains_map.cf and the sort?
<skuld> yes
<smackdaddy> how can i bind my domainname.com to my static ip
<skuld> I noticed an error in my dovecot.warn file....pointed to this line:
<skuld> dovecot unix -n n --pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -c /etc/dovecot/dovecot-postfix.conf -f ${sender} -d $(recipient)
<skuld> fatal: /etc/postfix/master.cf: line 84: field "private": bad value: "-n"
<skuld> BTW, is there a command in VI to let me get to the bottom of a document quickly?
<axisys> Reepicheep: trying on a different port
<Reepicheep> skuld: in vi just type "G" will take you to the end .. but if your looking at logs you may want to use less or even tail to look at them
<skuld> okay.  I know a lot of times I just need to get to the bottom or near bottom of a document :)  thanks
<skuld> can I rm /var/log/mail.warn to clean out the log?
<ScottK> skuld: You can, but why would you want to?
<skuld> I want to get rid of all the past errors to see if I have fixed all the problems
<ScottK> The file is time stamped, so you'll know if something new appears.
<ScottK> That or tail -f /var/log/mail.warn
<Reepicheep> skuld: just run "tail -f /var/log/mail.warn" on a second terminal
<skuld> cool, thanks
<skuld> I think I got all the problems fixed YAY!
<nijaba> soren: ok, thanks for getting back on this one.
<skuld> maybe....now I just have to figure out why port 110 isn't open LOL
<nijaba> kirkland: the url you gave i
<nijaba> kirkland: you gave me is not a feed but a full html
<kirkland> nijaba: oh, let me check
<nijaba> kirkland: planet will only accept feeds such as RSS or Atom
<kirkland> nijaba: okay, one minute... i just want to give you stuff i tag "Cloud"
<Reepicheep> skuld: if you got postfix up and working port 110 (POP3) should be handled by dovecot
<skuld> yeah, it should, but I just did one of those internet port scan pages and tested 110, it error'd out
<skuld> but 25 is open :)
<Reepicheep> well that netcat command we used earlier would be more accurate then a scan from the internet
<Reepicheep> netcat -tapn | grep LISTEN
<nijaba> Reepicheep: netcat -l only shows listening ports, IIRC
<kirkland> nijaba: http://blog.dustinkirkland.com/feeds/posts/default/-/Cloud
<skuld> well, now I;ve got a "local configuration error"...with dovecot
<nijaba> kirkland: updating
<kirkland> nijaba: i added a note about your survey at the bottom of mine
<kirkland> nijaba: if you'd like the text to read differently, let mek now
<AdamDV> Hello
<nijaba> kirkland: I have seen that, thanks
<skuld> good evening AdamDV!
<AdamDV> skuld: Evening :)
<AdamDV> Any issues that need fixing? (I'm here to help)
<skuld> I got my webserver working 100%, and mail is almost working
<AdamDV> Cool.
<skuld> trying to resolve a "local configuration error" with (dovecot, I think)
<Appiah> is there anyway I can see _how_ my server was shutdown? by some user? by cron? by ... whatever?
<AdamDV> skuld: Search postfix dovecot on debianadmin.com
<AdamDV> Great guide.
<AdamDV> Appiah: Not that I think.
<AdamDV> Appiah: shutdown requires sudo.
<Appiah> I meant reboot but ok
<Appiah> hmm
<Appiah> then I should be able to see in auth for someone who used sudo...
<AdamDV> Yes.
<AdamDV> reboot/shutdown need sudo
<Appiah> but what about cron?
<AdamDV> It would need to be run through root's cron.
<axisys> Reepicheep: this is odd.. when I added IP address to all the interfaces now i can ping all
<axisys> Reepicheep: and now i were able to install ethtool
<Reepicheep> axisys: you put the same IP on multiple interfaces?
<Reepicheep> just out of curiosity what does "ip route show" return?
<axisys> Reepicheep: this is Sun Fire(TM) X2100 .. no each one seprate IP
<Reepicheep> are they different IP on the same subnet?
<axisys> Reepicheep: http://pastebin.com/d3802337c .. different IP on same subnet
<axisys> i can ping them all from another host on same subnet.. but only one port is physically connected..
<axisys> that is crazy
<axisys> i guess they have 4 mac address on each physical port .. it has two physical port
<Reepicheep> what does "ip link show" return?
<Reepicheep> and I think on interface can respond for another interface's traffic if it sees it
<Reepicheep> you may try unplugging on interface at a time and see if they all quit working
<axisys> Reepicheep: http://pastebin.com/d3802337c
<Reepicheep> or better yet.. plug one interface in at a time
<axisys> Reepicheep: what u mean plug? i have two ports on this x2100 .. only one port has a cable going to switch
<axisys> Reepicheep: but as you can see multiple mac addresses
<axisys> Reepicheep: the second port has nothing connected to it
<Reepicheep> actually you pasted the old pastebin address in again
<Reepicheep> we only got your routes
<axisys> http://pastebin.com/f764dacfd (sorry)
<Reepicheep> what does ethtool eth0 through eth4 show, do they all show links and negotiation?
<Reepicheep> it looks like only eth0 is up
<Reepicheep> but like I said .. I think eth0 can actually respond to traffic destine to ip address on other interfaces
<axisys> Reepicheep: how come? ethtool shows only eth0 Link deteced: yes .. rest are no
<axisys> Reepicheep: how does eth0 respond to 192.47.0.88 when it is bind to 192.47.0.85
<Reepicheep> I think that is actually what is happening.  "ip link show" shows the same
<axisys> Reepicheep: ^ ?
<axisys> Reepicheep: ip link show show only eth3 down
<axisys> i mean No-CARRIER
<Reepicheep> I would count eth2 and eth3 as having issues also.. notice the "state UNKNOWN"
<axisys> Reepicheep: never mind `state UP' only for eth0 .. you are correct
<Reepicheep> try running "ifdown eth1" and also on eth2 and eth3 and see if it changes anything
<axisys> Reepicheep: shows 'state DOWN' for all except eth0 and network is still working
<axisys> Reepicheep: that other port might be bad
<axisys> how can i check what driver eth0 is using?
<Reepicheep> that could be a possibility
<Reepicheep> try replacing the cable if you haven't done that already
<maek> can anyone suggest a simple pop server? I have 1 account that needs to pop, I havent done mail in years so im outa the game
<axisys> Reepicheep: i have same prblem with a solaris OS on x2100 .. hmm
<axisys> just noticed
<Reepicheep> is it actually a 4 port nic card or is it something different .. like maybe one of the ports is an IMPI port or even a console port?
<Reepicheep> of course the ethernet interfaces do show up to the system
<Reepicheep> you have 4 nics
<axisys> Reepicheep: one port network and second port is a ipmi port .. i am using ipmi port
<axisys> Reepicheep: builtin to x2100
<Reepicheep> you may be able to find the module that the nic card uses via "dmesg | grep eth0"
<axisys> Reepicheep: yep.. tg3
<axisys> Reepicheep: thanks
<axisys> Broadcom Corporation NetXtreme BCM5721 Gigabit Ethernet PCI Express (rev 11)
<Reepicheep> mack: what is your backend mail box stores?
<axisys> yikes
<Reepicheep> mack: mbox, maildir, ..
<Reepicheep> axisys: you may also scan through dmesg and see if the kernel is reporting any errors on any of the nics
<axisys> Reepicheep: http://pastebin.com/d2b2d7393 .. looks like intel one is not working .. but broadcom is
<mdz> mathiaz, any chance you could help smoser with sponsorship for ec2-init?
<mdz> kirkland, or you?
<mathiaz> mdz: sure
<kirkland> mdz: yeah, you bet
<mdz> context is on #ubuntu-release
<mdz> ah, mathiaz isn't in there. kirkland, would you mind taking care of it? it's earlier for you and you have the scrollback
<kirkland> mdz: sure
<mdz> thanks
<kirkland> smoser: point me to it
<mdz> I think he may have wandered off
<axisys> Reepicheep: does did a reboot to make sure all is working.. lost network again... hehe
<axisys> s/does/i/
<axisys> ethtool eth0 show Link detected: yes
<Reepicheep> axisys: what does your interfaces file look like?
<Reepicheep> and what does your /etc/udev/rules.d/70-persistent-net.rules file look like?
<axisys> Reepicheep: interfaces -> http://pastebin.com/d20a138a8
<axisys> Reepicheep: rebooted and now I can ping again.. this is going to be fun
<axisys> http://pastebin.com/f64971976 <-- /etc/udev/rules.d/70-persistent-net.rules
<Reepicheep> that looks fine.  "00:e0:81:5d:ed:84" should always be eth0
<Reepicheep> do an iptables-save again and make sure there are no rules
<axisys> Reepicheep: iptables-save came out empty
<Reepicheep> axisys: I suppose if you can.. reboot it a couple more time and see what it does each time
<Reepicheep> make sure that the same mac address is always eth0 and check the link of eth0 with ethtool
<smoser> kirkland, in bug
<kirkland> smoser: link me
<smoser> https://bugs.edge.launchpad.net/ubuntu/karmic/+source/ec2-init/+bug/451881/comments/5
<uvirtbot> Launchpad bug 451881 in ec2-init "ssh public key fingerprint not available on console in UEC environement" [High,In progress]
<smoser> i'll just turn off daily build and hold it until its in
<flagg0204> with the latest 9.10 server, is there a way to set your iscsi initiator name during install?
<kirkland> smoser: mdz: ec2-init uploaded
<flagg0204> other os's i have done iscsi installs allow you to specify an initiator name. ubuntu seems to make you use the default openscsi
<flagg0204> iqn.2005-03.org.open-iscsi:db53f7b59e56
<flagg0204> for example
<skuld> Question:  I get a "local configuration error" bad email reply when I try to send something to my postfix/dovecot server.  Which configuration would I need to look at?  Dovecot or Postfix?
<Reepicheep> skuld: sending and receiving email is handled by the MTA (Postfix in your instance) dovecot is for mail retrieval (POP or IMAP), for when you are checking mail that is stored in an INBOX on a server from a client
<skuld> so the configuration error is part of postfix then, since something is being bounced back to my sending (gmail) account
<Reepicheep> yeah. check your /var/log/mail.* logs
<Reepicheep> both postfix and dovecot should log there
<Reepicheep> I gotta run now.. so good luck with that
<ScottK> Postfix is very careful about logging, so if it's a postfix problem, the logs will tell you
#ubuntu-server 2009-10-22
<uvirtbot> New bug: #457716 in libvirt (main) "apparmor denies save and restore" [High,Triaged] https://launchpad.net/bugs/457716
<Alysum> hello - how can I insert the date time in my shell along with user@host? thanks
<crohakon> So, I have ubuntu server edition installed on a spare box just to use as a sandbox. I have it set up with LAMP. Everything seems to be working just fine except that after a while the box freezes. Can't SSH in, can't access the websites... turn on the monitor connected to it and the login prompt is frozen. Any ideas on what can fix this? I highly doubt it is an over heating issue as my basement is cold and the report it sho
<crohakon> uld when I log in does not show dangerous heat levels.
<crohakon> I should also add that the box ran just fine without these problems with fedora
<bdmurray> jdstrand: should bug 403215 be reopened?
<uvirtbot> Launchpad bug 403215 in qemu "2.6.31 guest vm's unable to use virtio" [Medium,Fix committed] https://launchpad.net/bugs/403215
<crohakon> Anyone?
<vraa> anyone know of a good, friendly, multi-wan router? more for failover vs more bandwidth
<smoser> kirkland, you uploaded ec2-init right?
<mathiaz> smoser: I think so - https://launchpad.net/ubuntu/karmic/+queue?queue_state=1&queue_text=
<mathiaz> smoser: It hasn't been accepted though
<smoser> mathiaz, thanks i wasn't aware of this 'queue'.
<mathiaz> smoser: https://launchpad.net/ubuntu/karmic/+queue
<smoser> it has to be accepted by a release person ?
<mathiaz> smoser: ^^ has the different types of queues
<mathiaz> smoser: yes
<crohakon> When I log into my server box it tells me I have x packages can be updated... how do I update them?
<smackdaddy> i cannot figure out why i cant recieve mail on this server... i setup postfix and dovecot
<smackdaddy> wont work
<MTecknology> smackdaddy: error logs?
<MTecknology> crohakon: sudo aptitude update && sudo aptitude full-upgrade
<MTecknology> crohakon: you can use apt-get too
<MTecknology> crohakon: or you can do "sudo aptitude" then the keys to update the same was are u U g g
<smackdaddy> MT, how do i check those
<MTecknology> smackdaddy: /var/log/
<smackdaddy> mail.err is empty
<MTecknology> how are you trying to send email to the local machine?
<smackdaddy> from myyahoo account
<smackdaddy> and gmail account
<smackdaddy> im wondering if its ip hostname problem... idont know.. i used the ubuntu config website and followed all the steps.. did the test and it worked ..
<smackdaddy> telnet IP 25
<smackdaddy> all that
<smackdaddy> worked'
<MTecknology> you have it?
<skuld> what web mail client would you all recommend?
<MTecknology> make sure you have an MX record for the domain pointing at the server
<MTecknology> skuld: I like claws-mail
<skuld> is it easy to install for postfix/dovecot?
<MTecknology> hm?
<MTecknology> you mean mail server or mail client?
<MTecknology> the mail client is independent from the server
<skuld> I (think) I just got my dovecot and postfix email server working.  now I want to install a web based email reader on my server too
<MTecknology> oh
<MTecknology> webmail
<MTecknology> try roundcube or quirrelmail
<smackdaddy> that might be part ofmyproblem.. how should the mx record look
<smackdaddy> i have...
<smackdaddy>                 IN      MX      10 mail.example.com.
<smackdaddy>                 IN      MX      10 mail2.example.com.
<MTecknology> whast's the domain name?
<smackdaddy> in the forward file
<smackdaddy> cconnectx.com
<Pairadimesitty> hey folks, feeling helpful today?  I've got my forum framed now by editing the forum php and css with my site info, and I'm linking to the forum page by having my homepage index.htm load it with php include
<skuld> Pairadimesitty: hi!
<crohakon> So, I have a website hosted by a webhosting company. Is there any benefit to upgrading my home account to a static IP and doing my own hosting?
<smackdaddy> do i need a MX for just cconnectx.com with out the mail.*
<Pairadimesitty> skuld: hi, thanks for before
<MTecknology>  skuld aside from the two, there's some really high-end tools out there - but don't expect any ease of use...
<crohakon> it would cost me about +$10 a month
<MTecknology> or installation*
<skuld> crohakon: the benefits are in learning a new hobby.... and for that extra $5.00 a month or whatever, you can charge others rent-space on your server...when you'r ready
<Pairadimesitty> and there is a tiny bit of css linked to the home page that makes the home button highlight when I'm on that page and go back to normal when I click anything inside.  I love that.
<skuld> MTecknology: I just need a basic email reader for the web
<MTecknology> skuld: then you want one of those; my preference is roundcube since it's skinnable
<MTecknology> they could both use heavy development
<Pairadimesitty> my problem is that the forum doesn't request the cookie when I'm on the home page, so login and preferences dissapear there
<Pairadimesitty> I have to click inside the forum for them to show up
<skuld> Pairadimesitty: I thought of a possibility for your vertical...."framing" issue without using frames.  It *might* be possible to use a <div> tag, but I haven't worked with it a whole lot to know if it would work correctly...if at all
<Pairadimesitty> wow, cool
<skuld> Pairadimesitty: you're using smf, right?  you can just use <?php ssi_welcome; ?> (I think it is) and that will have your cookie info on your home page
<crohakon> skuld; That was kind of my thoughts... once I get my sh*t down maybe offer cheap hosting to non-profits just to offset my internet costs.
<skuld> MTecknology: cool, thanks.  I'll look into that
<MTecknology> smackdaddy: your DNS looks fine - but I can't connect to your system - so it's probably localhost only
<Pairadimesitty> just add that line to the default page?  that would rock if it was that easy, trying now
<skuld> Pairadimesitty: You also need at the very top... <?php require ('forum/SSI.php'); ?> if I remember right, and assuming your forum is located in the 'forum' dir
<Pairadimesitty> 'tis indeed
<skuld> that should be all you need.  If the user is logged in, they will get the number of messages they have in PM, if not then a login dialog will show wherever you place that welcome code.
<Pairadimesitty> both above the doctype?
<skuld> there is an advanced option if you don't want to see the welcome text if logged in, you can use.... ssi_welcome('array')
<skuld> you could try that...I usually work with PHP files only
<skuld> brb
<erichammond> kirkland: Any chance of getting "EC2" as one the primary options on your virtualization survey?  Folks using EC2 don't really think of themselves as using Xen.
<jdstrand> bdmurray: I'm not sure-- I wanted feedback from someone
<smackdaddy> MTecknology cantconnect on what port?
<MTecknology> 25
<crohakon> So, how can I install linux on a computer with no CD rom drive?
<crohakon> also, no floppy
<smackdaddy> yeah every time i try it says connecting to the wrong ip
<MTecknology> smackdaddy: I tried with 24.155.117.48:25
<MTecknology> smackdaddy: Can you connect to localhost:25 ?
<Pairadimesitty> skuld: those seems to be calling something, but they throw up errors
<smackdaddy> yes
<smackdaddy> thats the correct public iptoo
<smackdaddy> .48
<MTecknology> it's likely smtp isn't listening for internal traffic
<MTecknology> external*
<smackdaddy> i cant send either
<smackdaddy> tried emailing using user@IP
<MTecknology> check firewall rules
<smackdaddy> what config for smtp
<MTecknology> if you have ufw enabled, etc
<bdmurray> jdstrand: but if it is closed who will see it? ;-)
<MTecknology> !info courier
<ubottu> Package courier does not exist in jaunty
<MTecknology> !info dovecot
<ubottu> Package dovecot does not exist in jaunty
<MTecknology> ubottu: -_-
<MTecknology> OK
<MTecknology> It'll be right around /etc/courier/
<MTecknology> I don't have a mail server running to check
<smackdaddy> no firewall
<smackdaddy> its off
<MTecknology> ufw?
<smackdaddy> yea
<MTecknology> any router?
<smackdaddy> no
<jdstrand> bdmurray: I figured that the subscribers would...
<jdstrand> who seem to be kirkland and rtg iirc
<MTecknology> smackdaddy: dpkg-recongigure postfix
<smackdaddy> k
<MTecknology> smackdaddy: that will let you specify who can connect
<MTecknology> reboot tiem
<bdmurray> jdstrand: I don't know I heard kirkland filters fix released e-mail ;-)
<smackdaddy> after this reboot?
<jdstrand> bdmurray: heh. maybe kirkland will notice how often we are saying kirkland
<crohakon> Is there a command to check system temperature?
 * jdstrand whispers bug #403215 into kirkland's ear
<bdmurray> one can only hope
<uvirtbot> Launchpad bug 403215 in qemu "2.6.31 guest vm's unable to use virtio" [Medium,Fix committed] https://launchpad.net/bugs/403215
<smackdaddy> acpi -V or something
<smackdaddy> croh
<smackdaddy> MTecknology> on the part where it asks for all my domains do i need the TLD only, or mail.domain.com
<MTecknology> smackdaddy: I'd do localhost, domain.com, mail.domain.com
<smackdaddy> ok thanks
<smackdaddy> should i force synchronous updates onmail queue?
<MTecknology> it's up to you
<smackdaddy> if its slower...
<smackdaddy> no
<smackdaddy> lol
<MTecknology> personally - leave the majority set to defaults
<smackdaddy> k
<crohakon> smackdaddy; thanks
<smackdaddy> np
<smackdaddy> on the specify network blocks screen, just my public ip is all i need right.'
<smackdaddy> or the 127.0.0.1
 * smackdaddy needs ubuntu for retards
<smackdaddy> :(
<MTecknology> whatever is default
<smackdaddy> it erasedsince last time i didit
<smackdaddy> damn
<MTecknology> the only thing you really need to worry about is where you selected who can use it
<skuld> I'm back
<smackdaddy> ah
<MTecknology> It pulls all the defaults from the config
<MTecknology> the existing config*
<smackdaddy> ok its done
<smackdaddy> letme try it out..
<MTecknology> restart the service
<smackdaddy> done.
<MTecknology> I still can't connect
<smackdaddy> me either
<MTecknology> sudo ufw status
<smackdaddy> im looking in master.cf
<smackdaddy> ok ufw stats just lists the commands
<MTecknology> sudo ufw status
<smackdaddy> i did that
<smackdaddy> same
<MTecknology> STATUS
<MTecknology> U
<MTecknology> not stats
<smackdaddy> lol
<smackdaddy> inactive
<smackdaddy> sorry
<MTecknology> pastebing ifconfig
<smackdaddy> whats that url
<MTecknology> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. Ubuntu pastebin is at  http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from  command line | Make sure you give us the URL for your paste - see also the channel topic
<MTecknology> there's a command I'm looking for - for the life of me I can't remember what it is
<smackdaddy> pic
<smackdaddy> ?
<smackdaddy> http://paste.ubuntu.com/298723/
<MTecknology> I'm scanning your system - just fyi
<smackdaddy> np
<MTecknology> every single port - I want to at least see one of them filtered
<MTecknology> is this a static ip on the system?
<MTecknology> or is it sitting inside your house?
<smackdaddy> no, im moving to static next week
<smackdaddy> just want to get everything working athome first
<MTecknology> oh..........
<MTecknology> drop the project until next week
<MTecknology> port 25, 80, and others are blocked until you get that
<smackdaddy> mail wont work on dhcp?
<MTecknology> 99.999% of all ISP's block it
<smackdaddy> ohmy web server ftp ssh works
<MTecknology> port 80?
<smackdaddy> ya
<smackdaddy> apache2
<smackdaddy> and vsftpd
<smackdaddy> are working
<MTecknology> ok - your isp doesn't do that then.. ok
<MTecknology> there - 25/tcp filtered smtp
<MTecknology> it's being blocked somewhere
<MTecknology> your server, your isp, idk
<smackdaddy> for my domain name, registered with netfirms.. i set a custom ns,  ns.cconnectx.com, and made a A record for it, and setup bind9 also on this box...
<smackdaddy> dns is working great
<smackdaddy> web
<smackdaddy> just not mail
<smackdaddy> its wierd
<MTecknology> something is blocking it..
<smackdaddy> could be
<smackdaddy> ill assume its them til next week
<MTecknology> can another system inside the same subnet as the server get into the server?
<smackdaddy> yes
<MTecknology> then it's something on the server
<MTecknology> pastebin main.cf
<smackdaddy> http://paste.ubuntu.com/298726/
<MTecknology> home_mailbox = Maildir/
<MTecknology> It's not standard, but I usually to .mail/
<smackdaddy> for users hom dir
<smackdaddy> ?
<smackdaddy> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0/24
<smackdaddy> that part should have a public ip too?
<MTecknology> that .mail/ keeps it hidden from the user which seems to help against accidental deletion
<MTecknology> smackdaddy: This is beyond what I have the time to debug for you..
<MTecknology> smackdaddy: try in #postfix
<MTecknology> Sorry I can't help you more
<MTecknology> I gotta run
<smackdaddy> no problem,thanks  alot
<uvirtbot> New bug: #457788 in php5 (main) "package php5-cli 5.2.6.dfsg.1-3ubuntu4.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/457788
<kirkland> erichammond: hmm, ec2 made it on there in a few places....  we can't very well change it now that some people have answered the survey.  but nijaba will be conducting a much more comprehensive survey soon.  he can take that feedback into account
<kirkland> smoser: yes, i did upload it.  it's waiting for approval from the release team to be "accepted"
<smoser> right. discussion of that in #ubuntu-release
<kirkland> jdstrand: bdmurray: that's fix-released
<kirkland> jdstrand: bdmurray: are you still having trouble with virtio?
<kirkland> jdstrand: bdmurray: i'm using virtio across the board in karmic; very solid
<Pairadimesitty> skuld:I gave up and switch to a redirect
<skuld> Pairadimesitty: what? LOL
<Pairadimesitty> sorry, I mean this <meta HTTP-EQUIV="REFRESH" content="0; url=http://epicdatanet.co.cc/forum/">
<Pairadimesitty> it lacks the handy home button alternate hilighting, and it's lazy, but I'm dumb so it'll have to do
<skuld> ah.  give it some time, you'll figure it out. :)  I know what you want can be done
<Pairadimesitty> the advice you gave only spat out errors, it seemed to reference things from the wrong paths or something
<Pairadimesitty> though it was definately the right thing to do, I'm just missing something important
<skuld> I don't have my php pages in front of me so I had to guess from memory
<Pairadimesitty> how's your situation coming?
<skuld> ugh!
<Pairadimesitty> sounds lovely
<Pairadimesitty> need a Reese's Cup?
<skuld> why can't people who build email packages just set up by default to do the thing that people setting up the email servers want to do:  send email from authenticated users on the server to anybody else inthe world?
<skuld> I think I need a bag of those Dark Chocolate ones LOL
<Pairadimesitty> I don't have any dark, sorry, I do have some Ghirardelli white chocolates with vanilla specks.
<skuld> oooou  :)
<Pairadimesitty> just call me a romantic guy...
<Pairadimesitty> it sounds better than glutton
<Pairadimesitty> oh, I was changing the button hilight color of all the buttons and links in my forum theme from blue to my site's red shade, and I missed the bored navigation line
<jdstrand> kirkland: yeah, we know it is fix released. I added a comment to it today because the default install failed for me today and it looked similar to that (see my last comment)
<crohakon> What is cpanel?
<twb> cpanel is basically a manage your (virtual?) server via a web UI.
<twb> http://en.wikipedia.org/wiki/cPanel
<crohakon> thanks
<twb> e.g. "I can't fix that because I don't have ssh access, only cpanel"
<crohakon> I see it is not free..
<twb> Correct; it is a proprietary product.
<crohakon> I am just looking for something to play around with so as to help me expand my knowledge. Not willing to pay for the education at the moment. =) broke.
<crohakon> Know of an alternative?
<twb> !RUTE
<ubottu> documentation is to be found at http://help.ubuntu.com and http://wiki.ubuntu.com - General linux documentation: http://www.tldp.org - http://rute.2038bug.com
<twb> RUTE, and perhaps the Ubuntu admin guide, are the best resources I know of for learning more about Unix system administration in general.
<crohakon> oh, no, I mean I am trying to learn how to set it up so I can host for others. Mostly friends and non-profits. But, still, just to learn how to do it.
<twb> Web management isn't so much training wheels as it is a black box -- you do something via the UI and have no idea what is really happening under the hood.
<twb> crohakon: you want to learn how to set up cpanel?
<crohakon> Correct.
<crohakon> OR something like it.
<twb> We generally discourage web-based system administration here.
<twb> FSVO here = in this channel.
<crohakon> FSVO?
<twb> Some FOSS solutions include ebox (which is supported for Ubuntu server) and webmin (which is definitely NOT supported).
<twb> FSVO = For Some Value(s) Of
<twb> Personally I have been extremely unimpressed with webmin and (what little I've seen of) ebox.
<crohakon> Well, like I said, I only ask because I want to learn how to set the stuff up. Just to learn without having to fork out a lot of money to do so.
<twb> I suppose you could steal a copy.
<twb> Maybe cpanel also provides gratis temporary licenses.
<crohakon> I suppose I could, but I try to remain as legal as possible.
<twb> You could talk to the cpanel people about that.
<crohakon> there is a 15 day test license for free.
<crohakon> Anyway, it is bed time for me. Goodnight
<crohakon> Thanks for the help.
<MTecknology> holy crap - it was like at first the kernel .config was like 4,760 lines, and now it's like 2,576
<MTecknology> and at first it was all like 3.8MB and now it's all like duuude (1.7MB)
<MTecknology> then I wuz just like OMG! n like, omg we gotsta like make it smaller and like, ya no wut i meen?
<twb> MTecknology: plonk
<MTecknology> twb: :)
<MTecknology> twb: I was confused. I couldn't figure out why you were in this channel... then I noticed what channel I'm in...
<smackdaddy> how can i setup webmail for my server with postfix
<MTecknology> smackdaddy: squirrelmail and roundcube are pretty common
<smackdaddy> what 1 would you say is more userfriendly
<MTecknology> personally, roundcube can be skinned easily enough - but squirrelmail is more expandable
<MTecknology> personally I use google apps and use claws-mail - try them both and see what you like best
<smackdaddy> ok cool
<smackdaddy> during install i selected use landscape conicle.. do you know how to change that back to automatic update
<MTecknology> not offhand
<smackdaddy> ahcus it charges for landscape
<smackdaddy> heh
<syncrondi> Has anyone here installed OpenVZ on Jaunty?
<syncrondi> Or any other nice alternative to jails
<twb> I have used OpenVZ on Hardy.
<twb> Someone else did the install, though.
<syncrondi> twb: I understand it's a bit of a bear?
<twb> OpenVZ blows.
<syncrondi> Bad?
<twb> I would not recommend it to anyone who can run KVM on 10.04
<twb> OpenVZ is primarily useful if you need a very large number of VMs (like, hundreds or thousands), and you have no hardware virtualization support in your CPU.
<syncrondi> I don't have physical access to my server at the moment
<syncrondi> So a lower-level type of virtualization is out of the question
<syncrondi> And I just need a couple VMs
<twb> Running VMs in a VM is not going to work well
<twb> If by "physical access" you actually mean the ability to pick up the box in your hands -- you don't need that for hardware virtualization.
<syncrondi> eh? Well, I don't need full virtualization.. just something like solaris zones
<syncrondi> for me, all I have is ssh
<twb> Well, I guess you might need physical access to turn on VT-x in the BIOS.
<twb> syncrondi: even if you don't NEED full virtualizaton, I would still recommend KVM over OpenVZ.
<twb> IME it's more reliable, and it allows you for flexibility (e.g. "now I need unionfs support" or "now I need a RHEL VM") later.
<syncrondi> Does it require a fresh install?
<twb> Does what require a fresh install?
<syncrondi> KVM
<twb> No, it's built into the kernel.
<twb> Also, openvz receives no support from Ubuntu, whereas kvm got 18mo (hardy) and lessee...
<Boohbah> we've run VZ since 2006
<twb> Bleh, maintenance-check is taking WAY to long to fetch the jaunty seeds
<uvirtbot> New bug: #329852 in pptpd (main) "pppd or pptpd fails when client try to connect" [Low,Incomplete] https://launchpad.net/bugs/329852
<twb> Hmm, it's also 18mo in Jaunty.
<twb> This is not good!
<twb> Oh, that's because jaunty isn't an LTS.
<twb> Presumably the next LTS will have kvm in main, and thus will get 5y support.
<poningru> twb, question re: openvz
<poningru> does it really support arm?
<twb> I don't know.
<twb> OpenVZ is a bunch of patches to the Linux kernel, so in theory it should be architecture-independent.
<twb> Of course, the guest OS would also have to be supported on that CPU.
<twb> So you couldn't have an ARM gaol on an x86-64 server, but you could have ARM gaols on an ARM server.
<poningru> ah ic
<syncrondi> twb:  so you need to access the bios for sure during install of KVM?
<twb> syncrondi: it's common for VT-x to be disabled by default in the BIOS.
<poningru> syncrondi, well if its already turned on then no
<poningru> syncrondi, check /proc/cpuinfo
<syncrondi> I see. Thanks twb
<twb> poningru: of course, any time the guest architecture isn't native, you lose any VT benefits.
<poningru> twb, right
<twb> i.e. you HAVE to do full userspace virtualization.
<poningru> syncrondi, egrep '(vmx|svm)' --color=always /proc/cpuinfo
<twb> The () are unnecessary
<mneptok> such kernel patches usually require virtualization extensions in the CPU. AFAIK, ARM doesn't have such things.
<twb> mneptok: OpenVZ doesn't use hardware virtualization at all.
<mneptok> twb: ewwww ...
<syncrondi> poningru: that doesn't return anything, I'm afraid.
<mneptok> now i know why i never palyed with it :)
<twb> mneptok: OpenVZ is an extension of the chroot approach to include /proc and network segmentation.  ALL code runs natively.
<poningru> syncrondi, yeah its turned off then or your cpu doesnt have it
<poningru> what cpu do you have?
<twb> You also cannot have a different kernel inside an OpenVZ gaol.
<syncrondi> poningru: dual p4 2.8
<twb> Also, OpenVZ has poor support for e.g. NFS and completely hangs the entire machine when you try to use either unionfs or aufs.
<poningru> syncrondi, depending on the gen it probably has vt
<poningru> err I mean doesnt have vt
<twb> If all you're gonna run in your gaol is a different version of Apache and PHP and MySQL, then OpenVZ is probably not so bad.
<smoser> bug 451881
<uvirtbot> smoser: Error: Could not parse data returned by Launchpad: The read operation timed out
<syncrondi> twb: that's basically all. I just wanted to separate a new development environment from existing.
<twb> syncrondi: given that you lack VT support in your CPU, OpenVZ becomes a more reasonable choice.
<syncrondi> but I've been working with another server that's running a jail for the same situation and weird errors come up at times
<twb> syncrondi: however you may prefer to look into pbuilder
<twb> syncrondi: if you're just doing DEVELOPMENT
<syncrondi> development that could move into production
<poningru> syncrondi, also virtual box if you have X on it
<poningru> not sure if virtual box requires X
<syncrondi> Yeah, no X
<twb> AFAICT virtualbox is ill-suited for server gaols.
<poningru> http://www.howtoforge.com/vboxheadless-running-virtual-machines-with-virtualbox-2.0-on-a-headless-ubuntu-8.04-server
<twb> It's really intended for jackasses who want to run IE or something on their ridiculously over-specced personal laptop
<syncrondi> twb: I tried it on my windows and also on an OpenSolaris install and it seems a lot like VMwarez
<twb> syncrondi: yeah, VMware falls into the same category.
<Boohbah> if you want a virtualized web server, openvz or xen
<twb> You could sum up my gripes with virtualbox as "it tries to be like vmware"
<Boohbah> xen with swap is good (required) for java
<poningru> http://www.bgevolution.com/blog/virtualbox-headless-mode/
<syncrondi> twb: haha, yeah, for sure.
<twb> Xen is also a good choice compared to OpenVZ, if all you need are gaols.
<Boohbah> poningru: i didn't know virtualbox could run without X, thanks!
<poningru> :)
<Boohbah> twb: what is this 'gaol' you speak of?
<twb> Boohbah: IIRC the trick is to put it in an xvfb, which is pretty fugly
<syncrondi> A coworker was showing me solaris containers and I was pretty impressed with that
<twb> Boohbah: "jail" is a neological spelling of "gaol".
<Boohbah> or rather "gaol" is archaic "jail" :)
<Boohbah> i see
<Boohbah> Norman-derived gaol (preferred in Britain)
<twb> It's not archaic.
<Boohbah> it's just preferred in Britain?
<twb> It's "English" as opposed to "American" :-P
<twb> Boohbah: and everywhere else in the commonwealth.
<Boohbah> rubbish colour armour boot bonnet aluminium
<twb> Good gods, how do Americans say "bonnet"?
<poningru> in India we used to call the boot/trunk dickie
<twb> "Headscarf" or something?
<poningru> twb, hood
<twb> Oh, you mean of an auto.
<poningru> hehe yeah
<poningru> its funny my gf is from scotland and she taught me that in gb/uk (depending on who you ask) the queens english is considered proper
<poningru> while here in the US there is no 'proper' english
<poningru> how you speak is proper for you
<twb> It depends if you're a language instructor, or a linguist.
<twb> Language instruction is prescriptive; linguistics is descriptive.
<poningru> granted exceptions do popup for the neds/hicks
 * poningru gives twb a glassgow kiss
<poningru> nn guys
<Boohbah> i almost forgot this wasn't #defocus
<Boohbah> poningru: good night
<syncrondi> I'm out too.. thanks for the advice
<poi77> Hi! I am running Ubuntu w/ sw raid. I run mdadm to check status. At the end of output there is    " Number   Major   Minor   RaidDevice State" and then my RAID devices. What does this data mean?
<Boohbah> poi77: http://linux.die.net/man/8/mdadm
<poi77> Boohbah: thanks, I am wondering whether the "major" "minor" values have any significance and if they indicate errors?
<twb> poi77: run "cat /proc/mdstat" to check status
<twb> major and minor ar ethe block numbers.
<poi77> twb: thanks, [2/2] would mean normal, right?
<twb> see e.g. the mknod(8) manpage
<twb> It's not a quality status
<twb> it's a name, like "sdd2" means "fourth SCSI disk, second slice"
<twb> A major and minor number of "2, 7" means "I'm the seventh component of the second device"
<poi77> twb: many thanks for your explanations!
 * soren breaks
<smoser> mathiaz, its bad... hacky, but heres what i have right now
<smoser> http://paste.ubuntu.com/298860/
<smoser> am running that with input: x86_64 us-east-1 ami-7132d118
<mathiaz> smoser: yop - seems good to me
<smoser> it actually worked!
<smoser> fired off a bunch of instances, then waited, then sshed to each of them
<smoser> :)
<mathiaz> smoser: ec2-describe-images doesn't have the proper information to infer the availability zone from the output
<mathiaz> smoser: as well as the list of types
<mathiaz> smoser: I think we can infer everything from the name of the bucket/image
<mathiaz> smoser: the bucket as the -us/-eu -> region
<mathiaz> smoser: the image name has amd64/i386 -> type list
<mathiaz> smoser: the best call would be: test-ec2.sh ami-7132d118
<smoser> you can't get bucket/path without knowing region
<smoser> other than by trying both
<smoser> which would in all likelyhood be sufficient
<mathiaz> smoser: oh - you're right
<mathiaz> smoser: you need to set the region
<smoser> but arch isn't needed.
<mathiaz> smoser: well - you could use ec2-describe-region
<mathiaz> smoser: ec2-describe-regions
<smoser> mathiaz, right, you could use that to get a list and then look in each for that id
<mathiaz> smoser: and then try to find which one has the ami ;)
<smoser> unlikely, but possible that an id existed in multiple regions
<smoser> yeah. it would be good enough
<mathiaz> smoser: that's true - but the ami path would be completly different
<smoser> those tests you wrote probably cost a couple bucks per region to run
<mathiaz> smoser: it would probably not match the bucket name
<smoser> the bucket names are different. manifest name is the same. (ie, basename)
<smoser> anyway...
<smoser> i think i'm going to go to sleep now
<mathiaz> smoser: yeah - we can discuss improvments at UDS :)
<smoser> oh. the goal is nightly automated tests with logs
<smoser> its all doable.
 * mathiaz nods
<smoser> i've just spent the time doing the publishing portion of it all
<smoser> if you dont have a build out there, you can't test it :)
<mathiaz> smoser: yop - one step at a time
<smoser> i will say that at 3:00 am eastern, us-east-1 performs fairly well
<smoser> started 17 hosts in like < 50 seconds
<smoser> anyway, good night.
<dru_> can someon point me to the quick low down "drop all iptables"
<dru_> please
<dru_> :)
<twb> dru_: what about it?
<dru_> iptables must die
<th0mz> the song is invaders must die
<dru_> i need to basicly disable all tables for a test on our local network
<cemc> dru_: you could try to remove all modules
<th0mz> -F
<th0mz> if you need to clean
<cemc> dru_: lsmod, then rmmod everything iptables-related
<soren> dru_: for chain in INPUT OUTPUT FORWARD; do sudo iptables -P $chain ACCEPT ; done ; sudo iptables -F ; sudo iptables -X
<dru_> can I just "/etc/init.d/iptables stop" ?
<soren> No.
<soren> dru_: for chain in INPUT OUTPUT FORWARD; do sudo iptables -P $chain ACCEPT ; done ; sudo iptables -F ; sudo iptables -X
<soren> dru_: That's it.
<dru_> bash: syntax error near unexpected token `done'
<twb> You should not use iptables(8), because it is not atomic.
<twb> Always use iptables-restore and iptables-save.
<soren> I don't see how atomicity is really important in this case?
<twb> soren: suppose you have a script in /etc/network/if-pre-up.d/00firewall that runs a dozen iptables rules
<soren> dru_: Are you sure you copy/pasted it correctly?
<soren> twb: I don't. I'm clearing all rules.
<soren> twb: That's it.
<twb> soren: admittedly, it probably doesn't matter in THIS case, but it is a good habit to encourage.
<soren> twb: "in this case" being the operative part of my question.
<soren> twb: I'm just arguing against your "never", which seems quite out of place here.
<twb> soren: well, you could conceivably have another sysadmin logged into the box
<dru_> guys guys...
<twb> It's just very very unlikely that you'd hit that race condition :-)
<soren> dru_: That command line works for me. You mistyped, or miscopy/mispasted.
<twb> It would also mean that you couldn't accidentally set the default policy to ACCEPT, and then make a typo after your loop, such that you had all the rules still in there.  Given that you're trying to flush all the rules, that's also unlikely (but not strictly impossible) to be an issue.
<dru_> really I dont want to change any of the tables...I just need to diable them for a test as to why my centreon server isnt able to "catch snmp commands for client hosts
<twb> dru_: you cannot "disable" the iptables in the kernel without modifying them.
<twb> dru_: if you want to restore them later, dump them to a file first using iptables-save.
<soren> twb: How would you create the input file for iptables-restore?
<twb> soren: with a text editor?
<soren> From scratch?
<twb> Sure.
<soren> I don't even thing the format is documented anywhere.
<twb> It's not, but it's easy to run "iptables-save" and see what you get.
<soren> twb: But that would require you to use the dangerous, never-use-it iptables command directly first.
<twb> I mean, you can still using iptables(8) directly on a machine that's not *in production*.
<twb> soren: yep -- because some other idiot used iptables(8) directly before you got there.
<dru_> soren: im running root so :"iptables -P $chain ACCEPT ; done ; iptables -F ; iptables -X" was the used syntax . and  "bash: syntax error near unexpected token `done'"
<dru_> was the return
<dru_> ..
<twb> dru_: you have omitted the start of the for loop.
<cemc> dru_: you forgot the for chain in... part
<soren> dru_: ...
<soren> 08:02:31 < soren> dru_: for chain in INPUT OUTPUT FORWARD; do sudo iptables -P $chain ACCEPT ; done ; sudo iptables -F ;  sudo iptables -X
<twb> Hmm, does -F only apply to a single table (i.e. -t filter)?
<soren> twb: Well, /someone/ has to prime the it so that you can see what the format looks like.
<cemc> dru_: the command begins at 'for' :)
<soren> twb: I believe so.
<twb> You ought to flush any other tables that are in use, too.
<dru_> thanks soren, that semed to have worked
<soren> twb: You're right. I was typing just that when you started your "never use iptables, always use iptables-{restore,save}" rant. and I got sidetracked :)
<soren> So really, it ought to be:
<twb> soren: granting that there are exceptions to the "rule of thumb" that I stated as an absolute, *I* would still use iptables-restore to flush tables.
<soren> for table in filter nat mangle; do for chain in INPUT OUTPUT FORWARD; do sudo iptables -P $chain ACCEPT ; done ; sudo iptables -F -t table;  sudo iptables -X -t $table ;done
<twb> soren: that code will create empty nat and mangle tables if they were previously unused.
<soren> I might actually use iptables-apply instead, actually.
<twb> Which doesn't really matter, it just makes iptables-save output a bit verbose
<twb> Also, you missed the raw table
<cemc> and loads some extra modules
<twb> cemc: yeah, that's what I meant
<soren> The dude wanted his iptables cleared. I'm not going to sit here writing a 100 line shell script to make sure all that shit is taken care of so that he doesn't load an extra module or so.
<soren> :p
<cemc> ;)
<twb> "Run iptables-save, change the policy of all : lines to ACCEPT, comment out all -A lines, and then pipe it into iptables-restore"
<twb> ...apart from the user changes, where the policy is and stays "-".
<soren> twb: He managed to miscopy/mispaste a perfectly good command line. I think asking him to mangle a text file like that may be asking for more trouble.
<cemc> twb: to that the response would probably be: "huh??" :)
<twb> cemc: shrug.
<cemc> ;)
<Sorell> hey guys, is ssh turned off by default?
<twb> Sorell: ssh is not installed by default.
<Sorell> oh
<twb> Sorell: if openssh-server is installed, it will start by default and accept connections from anywhere, to any user, by default.
<twb> IMO this is a horrible default behaviour, but what can you do?
<twb> I *think* dropbear is also "on by default" after you install it.
<Sorell> idk that one.
<twb> dropbear is just another sshd/ssh implementation
<twb> Hm, is iproute installed by default?  If so, when was it first installed by default (on ubuntu-server, not desktops).
<Sorell> no idea
<Sorell> hey twb, can you try something for me?
<dru_> hey...please stop useing me as a subject of conflict
<dru_> thanks
<Sorell> I'm setting up a Eucalyptus server
<Sorell> can you tell me if you can see it?
<Sorell> https://myuniversitycenter.com:8443/
<twb> SSL error: error:00000000:lib(0):func(0):reason(0)
<twb> Sorell: you're using a crypto function that is blacklisted now
<Sorell> :/
<twb> (IIRC what that error really means)
<twb> 3-DES or whatever
<twb> Lemme see if I can find a server that doesn't track security.d.o nor hardy-security
<Sorell> any quick way to turn it off?
<Sorell> I just got the DL of 9.10 server installed.
<twb> Turn what off?
<twb> You can't un-blacklist a crypto function without recompiling libopenssl/libgnutls
<Sorell> :(
<Sorell> not something I would want to do right now.
<twb> On a Fedora Core 3 machine, neither lynx nor curl will connect at all.
<Sorell> I'm having issues with firefox / konquor too
<twb> Sorell: you shouldn't be using that crypto method in the first place!  If you're gonna futz it, you should be futzing eucalyptus to use a modern crypto algo.
<Sorell> but only if I'm not on the LAN
<twb> Sorell: no, anywhere.
<Sorell> I just used the standard install.
<twb> "It's OK, I'm behind a firewall" really means "I am only protected by one layer of security"
<twb> Sorell: report a bug against eucalyptus, then
<Sorell> okay
<twb> Sorell: note: this assumes I'm diagnosing the problem correctly.
<soren> twb: Since day 1: http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/platform.karmic/revision/1
<Sorell> I'm going to try to ask on ubuntu-cloud
<twb> soren: day 1 = karmic?
<soren> twb: Warty.
<twb> Oh, I see, that's just the branch name
<twb> soren: OK, thanks.
<soren> 2004-11-02 17:11:15
<soren> "import warty seeds from the Ubuntu wiki"
<twb> Yeah, I was just looking at the URI initially ;-)
<soren> :)
<Sorell> I'm confused, is this the bug list?
<soren> "this"?
<Sorell> the link you posted
<twb> Sorell: he's in another thread
<twb> IRC doesn't thread well
<Sorell> okay
<soren> Sorell: Bug list? No, it's the list of packages that got installed in the very first Ubuntu release 5 years ago.
<twb> 19:20 <twb> Hm, is iproute installed by default?  If so, when was it first installed by default (on ubuntu-server, not desktops).
<soren> twb: Sorry, then I lied, actually. Ubuntu server did not exist until Breezy.
<soren> iirc.
<twb> Yeah, I nearly asked that :-()
<twb> * :-)
<twb> Fat-fingered oaf that I am...
<uvirtbot> New bug: #458001 in eucalyptus (main) "Changing LOGLEVEL in eucalyptus.conf doesn't affect log verbosity" [Undecided,New] https://launchpad.net/bugs/458001
<mdz> ttx, good morning
<mdz> ttx, do you know what was resolved with regard to the EC2 images and bug 451881?  I know that Scott uploaded the fix but do not know if there was a respin
<uvirtbot> Launchpad bug 451881 in ec2-init "ssh public key fingerprint not available on console in UEC environement" [High,Fix released] https://launchpad.net/bugs/451881
<mdz> ttx, I checked http://uec-images.ubuntu.com/karmic/current/karmic-uec-i386.manifest and confirmed that the fix is there
<mdz> (20091022)
<mdz> is 20091022 the build we are releasing for RC?
<mdz> ttx, ah, ok, I was able to cross-reference the build number with the AMI ID (which is in the ISO tracker) and confirm
<mdz> the fix is in RC
<ttx> yes
<ttx> mdz: I verified it
<ttx> (on UEC images)
<ttx> mdz: updated https://wiki.ubuntu.com/ServerTeam/ReleaseStatus with current status
<mdz> ttx, thank you
<ttx> mdz: mathiaz found bug 457866 -- I think this needs to be fixed for release
<ttx> as it has security implications
<uvirtbot> ttx: Error: Could not parse data returned by Launchpad: The read operation timed out
<ttx> "Security disabled for universe in UEC/EC2 images apt/sources.list"
<ttx> mdz: we didn't get much feedback on the recent bugs filed against eucalyptus, in particular the one nurmi said he would look into
<mdz> ttx, argh
<mdz> ttx, can we not fix 457866 for RC?
<mdz> the idea of RC is that we have no known blockers for release :-)
<ttx> mdz: I wouldn't try without smoser
<ttx> mdz: but that might still be doable
<ttx> since testing is relatively fast
<ttx> and the fix should be relatively harmless
<ttx> mdz: -> #ubuntu-release ?
<tramsei_> anyone available to help me wiuth ubuntu and dhcp
<ttx> soren: what's the status for bug 410886 ? It's our only remaining release-targeted bug.
<uvirtbot> Launchpad bug 410886 in vmbuilder "VMBuilder doesn't work with grub2" [Undecided,Confirmed] https://launchpad.net/bugs/410886
<soren> ttx: I just need to upload a new VMBuilder snapshot.
<soren> ttx: Is it right-now urgent?
<ttx> soren: not sure, asking in #ubuntu-release
<ghh> i cant login to vsftp server keeps denying access, anybody know whats stopping me?
 * soren lunches
<nijaba> kirkland: good morning :)
<ttx> kirkland: tested cloud power features this morning. Goes to sleep ok but I can't seem to be able to wake it up. WakeonLan enabled in BIOS and showing up on ethtool (WakeOn g), but wakeonlan or powerwake fail.
<ttx> probably some hw issue on that Dell
<smoser> soren, i agree that vmbuilder on nectarine should be pulling from something non-trunk
<soren> smoser: Yeah. I didn't want to make the change, as I wasn't sure if it was referenced anywhere else (I at least saw the README, that had the url in it).
<smoser> rather than an 0.11 branch, i'd just as soon create a "karmic-stable" branch
<smoser> explicitly named for this
<kirkland> ttx: can you wake-on-lan that machine independent of eucalyptus/powernap/powerwake?
<ttx> kirkland: no
<kirkland> ttx: hrm, well, that stinks...  have you googled for info about that hardware and wakeonlan?
<kirkland> ttx: there are some quirks, sometimes ....
<ttx> kirkland: I wonder if my green switch is playing tricks
<ttx> kirkland: I'll have to troubleshoot that sometime in the future
<kirkland> ttx: d-link green switch?  I have the same one...
<smoser> green as in "consume less power" ?
<smoser> it would be somewhat funny if a switch marketed as green had problems with wake on lan.
<smoser> ttx, so what are we doing with bug 457866
<uvirtbot> Launchpad bug 457866 in ec2-init "Same components for every pocket in apt sources.list" [Medium,Triaged] https://launchpad.net/bugs/457866
<smoser> oh good, you're back ubottu
<smoser> oops. uvirtbot
<ghostlines> I'm trying to umount a volume, but I can't because it's in use, I stopped all processes from using it except the mount process
<ghostlines> will killing the  mount process be risky?
<ghostlines> don't want to risk losing any files
<ttx> smoser: fix it post-beta
<ttx> post-RC I mean
<ttx> smoser: see slangasek decision on #ubuntu-release
<smoser> right
<smoser> so it should be targetted somewhere ?
<ttx> smoser: it's not critical, so no
<ttx> smoser: just "very good to fix"
<ttx> so, nominated for karmic
<smoser> ok. well, theres a patch attached for it.
<smoser> we're expecting then that we want that in like tomorrow or saturday ?
<smoser> or like karmic-updates
<ttx> like tomorrow
<ttx> so that dailies can be validated asap
<ttx> kirkland: I did a pass on the doc, looks good. Fixed a few pointers in moreInfo (was mentioning old /etc/init.d things)
<kirkland> ttx: excellent!
<kirkland> ttx: https://help.ubuntu.com/community/KVM/VirtManager
<kirkland> ttx: i did that yesterday
<kirkland> ttx: i was going to do something similar for virsh
<ttx> kirkland: looking at PackageInstall now
<kirkland> ttx: PackageInstall was fun, as I hadn't installed that way previously
<ttx> kirkland: you validated it with current packages ?
<kirkland> ttx: i was going to do a PowerManagement one too, with PowerNap instructions
<kirkland> ttx: current as of Tuesday, yes
<ttx> kirkland: good
<kirkland> ttx: i created that while doing the install
<kirkland> ttx: there's on funky part that could potentially use some improvement
<kirkland> ttx: ssh key distribution
<kirkland> ttx: i used ssh-copy-id
<kirkland> ttx: but that required that I set a eucalyptus password on the node(s)
<kirkland> ttx: i gave instructions for setting it, then un-setting it
<ttx> reading right now
<nijaba> ttx: who has a muti-node setup to try reproducing a bug intel is having
<ttx> this part is a little dependent on what the user already has installed, obviously. If they disabled password auth on their SSh server that would fail. But I think that's a sane default instruction
<ttx> nijaba: maybe etienneg/mathiaz
<nijaba> ttx: it seems that as long as vm are launched, autodiscovery of additional nodes fails as the wrong ip is returned via avahi
<nijaba> ttx: can't verify it with only one node :(
<ttx> nijaba: you filed a bug already or you wait to reproduce it ?
<nijaba> ttx: I have asked Paul @ intel to file it, so that he can follow up to request for additional info
<nijaba> ttx: he now has a lab with 4 nodes running
<ttx> nijaba: that will make asking for reproduction easier
<nijaba> ttx: he also eventually can give us access to it if needed
<nijaba> ttx: an uec is his current #1 priority for the weeks to come
<ttx> nijaba: that sounds great !
<smoser> ok, ttx, i'm not going to be here tomorrow, nor around the interweb until monday AM. so bug 457866 probably be assigned to someone who will be here to fix it (soren, zul)... really it just needs a upload. if it goes into archive by 01:30 UTC tomorrow it will be in 20091023 builds automatically.
<uvirtbot> Launchpad bug 457866 in ec2-init "Same components for every pocket in apt sources.list" [Medium,Triaged] https://launchpad.net/bugs/457866
<zul> smoser: its got a debdiff attached to it?
<ttx> smoser: could you brief zul on the required action ?
<smoser> yes
<smoser> well, a bzr diff: http://launchpadlibrarian.net/34144024/bug457866-set-karmic-security-apt-sources.diff
<smoser> it would be nice if mathiaz someone could just take a look at it also, to make sure i'm not fat fingering anything
<smoser> and that my understanding of the bug is what needs to change.
<smoser> basically, all i did was s/restricted/universe/
<soren> smoser: Ah, right. Good catch.
<aubre> are y'all reliably able to attach UEC SC volumes to your UEC instances ?
<aubre> I'm considering reinstalling everything using ext3 , I can't figure out why this isn't working for me
<aubre> but if I know it is working for you , that would help me
<smoser> aubre, i have not tested that. i think that kirkland might have.
<aubre> smoser: could you just create a SC volume and try mounting it? it's fairly easy to test
<aubre> for example:
<aubre> euca-create-volume -s 1 -z vcl
<aubre> euca-attach-volume -i i-43440758 -d sdb vol-32DF04AE
<aubre> if it shows
<zul> smoser: looks reasonable
<smoser> aubre, sure. i'll test that.
<aubre> smozer: thanks
<smoser> thanks for spelling it out for me :)
<aubre> smoser: if euca-describe-volumes shows "in use" you suceeded, if it still shows "available" you failed
<aubre> smozer: if you succeeded, in the above example, you should be able to ssh into the instance and look for /dev/sdb, and then be able to fdisk /dev/sdb
<aubre> smozer: and create a mountable partition, etc etc
<aubre> in euca-create-volume -s is size in GB , and -z is zone
<ttx> aubre: smoser with an "s"
<aubre> ttx: ty
<aubre> smoser: sorry
<smoser> ok, so euca-describe-volumes shows 'available', and i'm about to type
<smoser> euca-attach-volume -i i-4AA8096D -d sdb vol-32F804B0
<smoser> right?
<aubre> smoser yep
<aubre> smoser: yep
<aubre> I'm a troublemaker lol
<smoser> $ euca-describe-volumes
<smoser> VOLUME  vol-32F804B0     1              sm-zone-1a      in-use  2009-10-22T13:53:04.836Z
<smoser> ATTACHMENT      vol-32F804B0    i-4AA8096D      unknown,requested:sdb   2009-10-22T13:56:42.522Z
<smoser> and in the instance
<aubre> smoser: looks good
<smoser> dmesg | tail showed a new 'sdb'
<aubre> smoser: you win
<smoser> and i just : mkfs.ext4 -F /dev/sdb
<aubre> smoser: ok, I will try to reinstall my cloud
<soren> smoser: Is the VMBuilder branch used on nectarine referenced anywhere other than the README and in the branch metadata of /home/vmbuilder/ec2-daily/vmbuilder/ ?
<aubre> smoser: thanks so much
<soren> smoser: I'd like to update it right now. I have some changes I'd like to make to VMBuilder for the appliance stuff, and they could start landing in the trunk at any time.
<smoser> seems like it is good, aubre. i just mounted and wrote a file there and unmounted and mounted and verified it wsa still there.
<aubre_afk> aubre_afk: thanks man
<smoser> soren, bin/bzr-pull . thats what i do to pull all the updates.
<aubre_afk> aubre_afk: I will reinstall
<smoser> oh. but all it does is 'bzr pull' in the appropriate directory
<smoser> so if you fix that it will change.
<soren> Ok. I'll fix the README as well to avoid confusion.
<smoser> right. please do.
<smoser> what branch name are you using ?
<smoser> did you see my suggestion of karmic-stable
<uvirtbot> New bug: #458163 in eucalyptus (main) "[regression] euca_rootwrap fixes broke eucalyptus power management (powerwake)" [High,In progress] https://launchpad.net/bugs/458163
<soren> smoser: lp:~ubuntu-virt/vmbuilder/0.11
<soren> smoser: 0.11 is what we have in Karmic.
<soren> smoser: It will not be developed any further (i.e. it's in bugfix only-mode).
<soren> smoser: So that branch is stable.
<smoser> ... i would prefer explicit. but ok.
<soren> smoser: I'd like to keep the branch names of VMBuilder free of Ubuntu-like names.
<soren> https://edge.launchpad.net/ubuntu/karmic/+source/vm-builder has the appropriate metadata.
<soren> ...which reminds me I need to add 0.11.2 to Launchpad.
<soren> There.
<uvirtbot> New bug: #273930 in qemu-kvm (main) "oosplash.bin crashed with SIGSEGV in splash_create_window() under KVM" [Medium,Triaged] https://launchpad.net/bugs/273930
<smoser> aubre_afk, http://paste.ubuntu.com/299078/
<smoser> kirkland, ttx, see above
<smoser> is that known behavior? user error ?
<smoser> i think i might have been missing some step to explicitly release /dev/sdb from the guest (maybe 'eject /dev/sdb' or something)
<kirkland> smoser: the stack trace on detach?
<kirkland> smoser: i've seen that, clearly wrong, but I haven't noticed any mal-effects
<smoser> yes
<kirkland> smoser: file it, and mark against upstream qemu too
<smoser> kirkland, file against kvm ?
<smoser> or eucalyptus ?
<kirkland> smoser: file against the qemu-kvm package, and add a task for the upstream QEMU project
<zul> smoser: do you want me to upload that ec2-init fix for you?
<smoser> zul, if you can upload it, and it wont magically be pulled into archive and piss people off about release, then yes.
<zul> smoser: hmm...ill wait til tomorrow then ;)
<smoser> we want it in "as soon as possible after release". so if you can accomplish that by upload now, then please do.
<smoser> i think there are gates on what gets pulled, and that it requires an explicit ACK at the moment
<smoser> so that upload wouldn't hurt
<smoser> but i'd maek sure someone more process knowledgable than i agreed.
<zul> smoser: yes someone has to ack it but I wait til rc is out just to be sure
<smoser> no problem.
<uvirtbot> New bug: #348633 in qemu-kvm "Fails to boot from CD after reboot: CDROM boot failure code: 0003" [Low,Triaged] https://launchpad.net/bugs/348633
 * soren takes a break
<smoser> bug 458201
<uvirtbot> Launchpad bug 458201 in qemu-kvm "kernel stacktrace on volume detach in kvm guest" [Undecided,New] https://launchpad.net/bugs/458201
<smoser> kirkland,
<kirkland> smoser: okay, thanks
<kirkland> ttx: okay, i'm now confirming your db error :-/
<uvirtbot> New bug: #458198 in bind9 (main) "host crashed with SIGSEGV in start_thread()" [Undecided,New] https://launchpad.net/bugs/458198
<uvirtbot> New bug: #293898 in vmbuilder "regression: vm-builder lacks --security-mirror option" [High,Fix committed] https://launchpad.net/bugs/293898
<smoser> ttx, kirkland zul i'm going to step out for ~ 1h. if you need me, call cell phone (kirkland has it)
<zul> ttx: ack
<uvirtbot> New bug: #458201 in qemu-kvm "kernel stacktrace on volume detach in kvm guest" [Undecided,New] https://launchpad.net/bugs/458201
<uvirtbot> New bug: #458203 in eucalyptus (main) "euca_conf is missing command-line completion" [Wishlist,New] https://launchpad.net/bugs/458203
<uvirtbot> New bug: #458211 in eucalyptus (main) "eucalyptus.conf is confusing and underdocumented" [Medium,New] https://launchpad.net/bugs/458211
<uvirtbot> New bug: #355410 in qemu-kvm "kvm crashed with SIGSEGV in malloc_consolidate()" [Medium,Triaged] https://launchpad.net/bugs/355410
<ttx> kirkland: I don't know if I should rejoice :)
<kirkland> ttx: on my confirming your db error?
<ttx> kirkland: yes
<ttx> kirkland: talking to the euca guys it sometimes feeled like I was the idiot with a weird error noone ever saw
<ttx> felt like, even
 * ttx jumps from call to call
<kirkland> ttx: nope, i'm with you now
<ttx> yay, lets do a LP group
<kirkland> ttx: however, it just started working again, eventually
<ttx> kirkland: oh yes, its pretty transient
<ttx> just someone might abandon after hitting that error on the first commands used, so better releasenote it
<ttx> (and fix it)
<ttx> It a "Low" but desirable-to-fix bug
<mdz> kirkland, https://bugs.edge.launchpad.net/eucalyptus/+bug/457978
<uvirtbot> Launchpad bug 457978 in eucalyptus "terminate request during instance start-up can SEGFAULT the NC (shows up under heavy load)" [High,Fix committed]
<smoser> zul, at some point you and i need to go through all of canonical's published images (a{krm}i and clean up) there a bunch of cruft
<cytotoxic> !ops
<ubottu> Help! Channel emergency! infinity, soren, lamont, mathiaz or tom
<zul> smoser: sure
<kirkland> mdz: read the bug...  what's up?
<mdz> kirkland, that's the bug that dmitrii mentioned on the call, they're not sure if it affects the KVM configuration or not but I asked that they give us the bug number and we would check into it
<mdz> (it's a heads up)
<smoser> aubre_afk, kirkland is 'euca-attach-volume' really supposed to work ?
<smoser> that should have said 'with --device'
<smoser>  --device : local device name (inside the guest VM) to use.
<smoser> that seems like a very hard thing to accomplish (requiring help from the guest)
<nijaba> has anyone played with security groups with euca?
<nijaba> seems that when I add authorization to another group than default, they are never effective when I start an instance in this group
<uvirtbot> New bug: #458274 in apache2 (main) "unnecassary dependencies of apache2 modules" [Undecided,New] https://launchpad.net/bugs/458274
<uvirtbot> New bug: #283888 in autofs (main) "strange Conflicts list" [Low,Incomplete] https://launchpad.net/bugs/283888
<ttx> smoser: I attached a device succesfully
<ttx> nijaba: not really, not above the default group
<nijaba> ttx: I opened a bug
<ttx> nijaba: you can ping the eucalyptoids in #eucalyptus to get a quick opinion
<nijaba> ttx: in a bit of a rush atm :(
<smoser> ttx, you attached it, yes, but is it actually supposed to attach with "local device name (inside the guest VM)" used ?
<smoser> just doesn't seem reasonable to me.
<nijaba> ttx: and it seems to be a LS bug.  Works fine when doing the same with efox
<ttx> LS?
<nijaba> ttx: landscape
<ttx> nijaba: ah
 * ttx will pop up again later tonight
<darkphader> trying to clean up old kernels getting errors
<darkphader> Errors were encountered while processing:
<darkphader> linux-restricted-modules-2.6.28-11-server
<darkphader> as the directory was manually deleted
<darkphader> how to remedy?
<uvirtbot> New bug: #458284 in eucalyptus (main) "New security groups are not applied" [Undecided,Invalid] https://launchpad.net/bugs/458284
<jmedina> ivoks?
<jmedina> anyone using bacula 3.0.2?
<nekro_> nijaba: I haven't seen that issue with security groups. Just tried it against the source.
<nijaba> nekro_: forget about it, was a landscape problem
<nijaba> nekro_: thanks for chekcing though
<nekro_> nijaba: oh okay. np
<nijaba> grrr: just ran into bug #457283
<uvirtbot> Launchpad bug 457283 in eucalyptus "x86_64 images should be presented a /dev/sdb, not a /dev/sda2" [Medium,Confirmed] https://launchpad.net/bugs/457283
<SyL> is there a command to reconfigure the network in commandline/
<SyL> that / was suppose to be a ?
<jmedina> SyL, AFAIK, there is no such a program, you can use your favorite text editor and modify /etc/network/interfaces and then reload networking rc script
<SyL> ok
<soren> SyL: There might be "third party" tools to do it, but the network configuration stuff you see in the installer only exists in the installer.
<nijaba> Is there a "trick" to have smaller images? I did an euca-bundle-vol of a running instance that took only 3.2G on disk (in /var/lib/eucalyptus/instances/admin/), and when I instanciate this new image it now takes 11G on disk!
<soren> nijaba: Lower the disk size in the admin console.
<soren> You probably set it to 11 to fit the old 10 GB images.
<soren> Does that sound about right?
<nijaba> soren: i did use -s 10240 in the bundle-vol.  I should not have?
<nijaba> soren: and when you say "in the admin console", you are talking about the web interface?
<soren> nijaba: Yes.
<soren> nijaba: But the -s 10240 is probably also significant.
<nijaba> soren: I would think so because in both cases (before and after) I used the same instance type.
<nijaba> it took 22 minutes to start this instance, yeah!!!
<aubre> smoser: I think that's how euca-attach-volume is supposed to work
<aubre> smoser: some of the help commands for euca* need to be refined for sure
<smoser> actually doing that, saying "add sdb" and expecting for '/dev/sdb' to show up in the guest is going to be *really* hard to maintain
<smoser> across linuxes, not to mention non-linux.
<smoser> if, instead 'sdb' means "second scsi device on first scsi controller" or something like that, then its not so bad.
<aubre> smoser: it should also be clearer  imo that you use "sdb" as the device name in the command line as opposed to "/dev/sdb"
<aubre> smoser: I agree
<soren> smoser: The problem is that Xen lets you specify the device name an attached disk will have in the guest. libata does not.
<aubre> smoser: aha
<soren> smoser: ..and this is difficult to emulate.
<smoser> even in xen, thats is not possible
<soren> smoser: Uh... Why?
<smoser> because it is dependent upon udev rules in the guest (in linux)
<smoser> in freebsd or windows i have no idea how that is done
<soren> Try it on EC2. Attach an EBS, ask for it to be called /dev/xdm6 and it will be so.
<smoser> it will be so based on a limited set of udev rules
<soren> Well, /dev/xdm, at least. I'm not sure if you can specify it as a "partition".
<soren> I'm quite sure udev just accepts whatever the kernel tells it.
<smoser> and i'm quite sure that it doesnt have too
<soren> It adds a bunch of symlinks (for UUID, id, and path based access), but the base name sticks.
<soren> Of course it doesn't have to.
<soren> You can change anything you like with udev.
<soren> Forget it. I didn't think it was going to be that sort of argument.
<aubre> wow I started downloading from here http://cdimage.ubuntu.com/ubuntu-server/daily/20091020.3/ way before lunch and it still has 16 mins to go :/ I had to double-check to make sure a new cd hadn't been released while I was downloading
<smoser> so then, asserting "the guest will name this device XXX" cannot be expected to be correct 100%
<smoser> its not "that kind of argument"
<smoser> remember adding and removing usb keys say 3 years ago ?
<soren> It very much is.
<smoser> remember what a pain it was ? sometimes it came up as /dev/sdb, you take it out, add it in, this time its /dev/sdc
<soren> I know.
<soren> It wasn't udev coming up with those names.
<soren> It was the kernel.
<smoser> i would suggest that documentation indicate that you are specifying which scsi bus/controller is to be attached (simliar to what kvm takes).
 * jmedina remembers that hell...
<soren> but whatever. Forget it. I can tell right now this is not going to be a useful argument.
<aubre> smoser: well when you remove an ethernet inteface on a vmware 3 image of ubuntu server 9.04 you don't necessarily get the same device name when you replace it. But I am used to that and it doesn't bother me.
<soren> aubre: If it has the same MAC, it should.
<soren> aubre: If not, it shouldn't.
<soren> By design.
<aubre> soren: it won't
<smoser> so anyway, i just think its silly to say "this is the name the guest will call it"
<smoser> as 'sdb' that might work
<aubre> soren: vmware assigns a new mac each time, I probably could override it
<soren> aubre: I'd like to see udev logs as well as /etc/udev/rules.d/70-persistent-net.rules from a system where that happens. It's a bug and should be fixed.
<smoser> what if i name it wackJob123
<Reepicheep> soren: smoser,  I haven't really been following to much of what your talking about but I specify partitions with xen.. It's always seemed to work
<smoser> its not going to work. so you shouldn't document or imply to the user that it will.
<Reepicheep> for example:
<Reepicheep> disk = [ "phy:vg/VM-Peter-root,sda1,w", "phy:vg/VM-Peter-swap,sda2,w" ]
<smoser> actually, even that doesn't always work.
<smoser> depending on kernel you may see that has 'xda1'
<soren> aubre: That's what I'm saying. If it gets a new MAC, it'll get a new name. If it gets the old mac, it'll reuse the name. This is intentional.
<Nivex> The release notes for Karmic indicate that installing to root on iSCSI is now supported, but my test install says otherwise (bug 457767)
<aubre> soren: That makes a lot of sense.
<uvirtbot> Launchpad bug 457767 in debian-installer "karmic: iSCSI root: boot hangs on starting iscsid" [Undecided,New] https://launchpad.net/bugs/457767
<jmedina> Reepicheep: it also works for hot plug dissk using block-attach, the guest machine will get the disk using the name you used to attachit from the dom0 machine
<aubre> soren: I just didn't know why it happened, but now I do - thanks :)
<Nivex> seems like a problem handing off from iscsistart to iscsid
<soren> aubre: sure :)
<flagg0204> nivex - had problems with iscsi install as well
<smoser> the short of my argument is that the hypervisor should not guarantee to the user that a guest will behave in a certain way.
<crohakon> how do I unzip a file in console?
<smoser> crohakon, unzip
<aubre> unzip filename
<soren> smoser: I'm not saying you can give it arbitrary names.
<jmedina> :)
<crohakon> oh, really? haha
<Nivex> flagg0204: yeah, I've been working with #ubuntu-installer to clear a lot issues up, but now it's failing inside the installed environment
<Nivex> it's so close to the line I don't know where it is
<flagg0204> nivex - do you know if its possible to specify a iscsi initiator name?
<soren> smoser: I'm saying that with paravirt Xen, within certain specifications, you get to decide the block device name in the guest.
<aubre> I haven't had a chance to test iscsi yet but I do intent to use it if/when we go to production
<Nivex> flagg0204: afaik, not yet
<flagg0204> when dealing with a netapp it uses the initiator name to determine what target you can use
<smoser> "within certain specifications" is useless to depend on
<soren> smoser: See. It's "that sort of argument".
<flagg0204> and since the installer uses a random initiator name, its impossible to predict
<Nivex> I have the feeling that will be sometime after karmic
<Nivex> seeing as the internal bits aren't even functional yet :(
<flagg0204> nivex - i fgured as much, ah well. guess its nfs root for now
<smoser> anyway. sorry to have derailed into "that kind of argument".  it is obvious that eucalyptus is neither trying to nor capable of making a device appear in the guest as a given name
<smoser> or at least not making a good effort at it. so it shouldn't imply in its help that it can.
<soren> The amount of hacks it would have to apply to make it happen with kvm (or hvm Xen) is no fun at all.
<crohakon> how do you delete all the files in a directory?
<smoser> i agree. so i think the documentation (and interface) should be more like kvm's.
<soren> It's kind of like file descriptors. You can't just say that you want to open something as file descriptor 10. You have to make sure 10 is free, and an 0-9 are taken, and then open the file.
<smoser> and euc has basically no way of knowing if 'sdb' is available
<soren> ...so if you wanted sdm, they could attach a dummy sdb, sdc..., sdl, and then the real sdm, and detach sdb..sdl. ..and assume that people have not installed special udev rules.
<smoser> but it does know if the second block device on controller 1 is taken
<zul> smoser: rc is out im going to upload it now
<aubre> "if I knew it was going to be this kind of party I would have stuck my **** in the mashed potatoes." Mantan Moreland
<soren> People have root access to these things. They are free to shoot themselves as much in the foot as they please.
<soren> If they don't, we can make reasonable guesesses as to what the names are going to be in the guest.
<mathiaz> zul: the archive is frozen until release - you could have uploaded what ever is needed before
<skuld> Today's project:  get my email working LOL.  I think I've got an authentication issue with postfix
<soren> The point is: This is good enough. The worst enemy of "good enough" is "perfect".
<Nivex> mathiaz: who do I talk to about something that's busted and might need a freeze override?
<zul> smoser: done
<zul> mathiaz: safer than sorry
<mathiaz> Nivex: the release team
<mathiaz> Nivex: I'd suggest to start by filling a bug
<smoser> i disagree with "good enough".  indeterminable behavior is not good enough.
<jfb_h2o> in Karmic I can't open X display. I thought it's related to DisallowTCP, but there is no file /etc/gdm/gdm.conf, suggestions?
<smoser> the interface gives no way for something more intelligent to drive it.
<Nivex> mathiaz: bug's in already.  no traction yet :(
<soren> What do you mean?
<soren> smoser: ^
<Egonis> I cannot seem to find a pppoe-client howto for Ubuntu Server anywhere for after-the-fact installs. Can someone point me in the right direction?
<soren> Egonis: pppoeconf - configures PPPoE/ADSL connections
<jmedina> pppoe-config?
<Egonis> soren: Which packages do I need to install?
<soren> pppoeconf
<jmedina> oh that the one
<smoser> if the interface was like kvm's it would be possible to program.
<smoser> pci_add auto|[[<domain>:]<bus>:]<slot> nic|storage|host [[vlan=n][,macaddr=addr]
<smoser> [,model=type]] [file=file][,if=type][,bus=nr]... [host=02:00.0[,name=string][,dm
<smoser> a=none] -- hot-add PCI device
<Egonis> soren, jmedina: Ahh, thank you!
<smoser> pci_add auto|[[<domain>:]<bus>:]<slot> nic|storage|host [[vlan=n][,macaddr=addr] [,model=type]] [file=file][,if=type][,bus=nr]... [host=02:00.0[,name=string][,dma=none] -- hot-add PCI device
<smoser> its less "user friendly", but more determinable.
<soren> smoser: Well, we're stuck with the "fantastic" EC2 API. Deal.
<smoser> that argument just isn't going to work indefinitely
<Egonis> Another dumb question (recently left Gentoo environment) -- how do I add a /etc/init.d script to startup?
<smoser> "ec2 sucks, so eucalyptus has to also"
<soren> smoser: Maybe this will surprise you, but amazon actualy gets away with having tools that let you specify the device name, and somehow, magically, despite the fact that people can put random shite in their udev rules to change the name of block devices when they turn up, it works for on EC2.
<smoser> i dont think that it does.
<smoser> i think their documentation is incorrect, and that people probably find that out, and deal with it in the guest
<soren> smoser: What do you base this on?
<soren> What would the motivation be to add those weird udev rules?
<soren> The amount of people who even have the skill to write them is astonishingly low.
<smoser> so if i just say "add shc", it works ?
<soren> the few who do, I'm sure can deal with the consequencees.
<soren> No. xdc, for instance.
<smoser> how about xed
<soren> smoser: "within certain specifications"
<smoser> which is valid.
<soren> Maybe xed.
<soren> I don't know.
<smoser> right.
<smoser> maybe xed
<jmedina> Egonis: just like any other sysv distro, creating symlinks, for ubuntu you can use update-rc.d
<smoser> if i had previously added xda-xdh and then xda-xdd
<smoser> or some silliness like that
<soren> Huh?
<smoser> if you've previously done no volume attaches in ec2 to your instance
<smoser> and then you say "attach xdd"
<soren> Yes.
<smoser> that will "just work" ?
<soren> Yes
<jfb_h2o> fixed: edit /etc/gdm/custom.conf
<soren> smoser: That's what I've been saying *all along*.
<smoser> i dont think it will across even all of ubuntu's images
<smoser> let alone all images on ec2
<smoser> even that extremely simple case
<soren> Give me one good reason why it wouldn't work.
<smoser> because my experience of device hotplug in linux indicates that things are lss than determinable
<soren> If you say "the admin may have made a udev rule to override it", I /will/ kick you when I see you.
<nijaba> weird, my cloud seems to have forgotten how to route all my public ips, apart from the first one
<soren> smoser: Well, that's paravirt Xen for you.
<soren> smoser: There are perfectly valid explanations why USB disks get the names they do.
<smoser> i bet it doesn't show up as /dev/xdc on windows.
<soren> smoser: It's not like it's random.
<soren> Forget it.
 * soren rolls eyes and leaves
<smoser> yes, that was off the wall.
<smoser> but the point is, hardware (and a hypervisor managment platform is emulating "hardware") should be "hardware" and not make assertions about how the softwrae that runs on it will act
<soren> I'm not here, remember?
<smoser> when you say "plug a volume into that instance" its like telling a sysadmin to walk over and attach a device.
<smoser> anyway.
<smoser> i'lll agree with you its silly
<smoser> have a nice night soren
<soren> For paravirt Xen, it's nothing at all like that.
<soren> Sorry, but it just isn't.
<nijaba> any clues on what might be going with this routing being lost?  I do see the public ip of all my instances when I do an 'ip addr', but I can only ping the first one.  Of course, all instances are from the same image and in the same security group...
<nijaba> when I say ping, it is also the same for ssh
<mathiaz> nijaba: are you pinging/sshing from the CC?
<ruben23> hi i have setup nfs on a server and client, im able to mount and view the server directory i share in my client problem is when i reboot i got this error and the mount directory is gone..------>http://pastebin.com/m447cd3e6
<nijaba> mathiaz: both from the CC and from my desktop -> same result
<ruben23> any idea on the error
<mathiaz> nijaba: try to look at the iptables rules for the nat table
<mathiaz> nijaba: this is where the public <-> private mapping is done
<mathiaz> nijaba: iptables -nL -t nat
<mathiaz> nijaba: can you ping/ssh into the instances using their *private* ips?
<nijaba> mathiaz: not the ones I cannot reach on their public ip
<nijaba> mathiaz: iptables looks good.  Do you want a pastebin?
<mathiaz> nijaba: sure
<mathiaz> nijaba: not the ones I cannot reach on their public ip? do you mean that the you cannot reach these via their private IPs as well?
<nijaba> mathiaz: http://pastebin.ubuntu.com/299266/
<nijaba> mathiaz: I can ping 10.67.108.100 and 172.19.1.2 but not 101 and 3
<mathiaz> nijaba: is the .3 guest running correclty?
<mathiaz> nijaba: can you get the console-output?
<nijaba> mathiaz: yep
<mathiaz> nijaba: can you paste the output for iptables -nL
<mathiaz> nijaba: and route -n
 * smoser heads out for the night.  I'll check in later.
<smoser> mathiaz, its a trivial change, but could you just verifiy that the patch on
<nijaba> mathiaz: http://pastebin.ubuntu.com/299268/
<smoser> bug 457866 is what you were wanting
<uvirtbot> Launchpad bug 457866 in ec2-init "Same components for every pocket in apt sources.list" [Medium,Fix released] https://launchpad.net/bugs/457866
<jmedina> ruben be sure portmap is running before nfs tryes to mount
<soren> jdstrand: Around?
<RobEss> Hi, has anyone been unable to upgrade the server version to 2.6.24-25 kernel? I'm running 8.04 version. The workstation flavor had no problems updating. The sources.list files seem identical between the two. Thanks!
<nijaba> mathiaz: hold on.  I just restarted the 2nd instance.
<nijaba> mathiaz: and of course, now it works....  /me scratches his head...
<mathiaz> nijaba: you're becoming a koala... ;)
<nijaba> AH!!
<nijaba> mathiaz: instance 1 : m1.xlarge, instance 2: m1.large: both work
<nijaba> mathiaz: but it the 2 instances and m1.xlarge, the second one does not work!!!
 * nijaba can't start to imagine what's going on...
<mathiaz> nijaba: are you using the same image?
<nijaba> mathiaz: of course I am
<mathiaz> nijaba: how many NC do you have?
<mathiaz> nijaba: you may run out of ressource (like memory or disk space) when you run two m1.xlarge instances
<nijaba> mathiaz: only one
<mathiaz> nijaba: which you wouldn't run into when you use m1.large and m1.xlarge
<nijaba> mathiaz: 5G, 8 core machine...
<mathiaz> nijaba: disk sapce?
<Egonis> Which is the typical preferred firewall/masquerade method in Ubuntu Server? I have typically used Shorewall, although am not sure what the Ubuntu standard is
<nijaba> mathiaz: df shows plenty of space left
<mathiaz> nijaba: how much?
<ScottK> Egonis: ufw
<nijaba> mathiaz: 60G
<mathiaz> Egonis: depending on what you wanna do, ufw or shorewall
<nijaba> mathiaz: out of 66
<mathiaz> Egonis: ufw is great for host based firewall
<mathiaz> Egonis: if you wanna setup a gateway with complex routing scheme (such as DMZ and public/private zones) you'd better invest some time in shorewall
<mathiaz> Egonis: you could do it with ufw - but it doesn't support everything yet for the gateway/router use case
<nekro_> "it is obvious that eucalyptus is neither trying to nor capable of making a device appear in the guest as a given name"
<mathiaz> nijaba: can you reproduce the failure with 2 m1.xlarge?
<nekro_> smoser: it works with xen
<nekro_> smoser: does not work with kvm
<mathiaz> nijaba: and the success with 1 m1.large and 1 m1.xlarge?
<nekro_> smoser: euca2ools are supposed to be compatible with Amazon and Eucalyptus. Amazon uses xen
<RobEss> Egonis, if you're going to run the firewall on a separate box, take a look at smoothwall. It's really easy to configure.
<nijaba> mathiaz: yes, 3 times already
<Egonis> RobEss: Thank you, I will check that out.
<Egonis> mathiaz: Thank you
<smoser> nekro_, i still disagree that it works with xen. it works for maybe 16 strings or something (xda->xdd)
<mathiaz> nijaba: could you double-check that the failing instance (.3) in m1.xlarge gets the correct IP address?
<mathiaz> nijaba: is there another dhcp server on the network?
<soren> smoser: What are you basing this on? And how is xda->xdd 16 strings?
<nekro_> smoser: ok, it works in most cases.
<mathiaz> nijaba: that would server dynamic ip addresses?
<ruben23> hi i have setup nfs on a server and client, im able to mount and view the server directory i share in my client problem is when i reboot i got this error and the mount directory is gone..------>http://pastebin.com/m447cd3e6
<nijaba> mathiaz: nope, isolated net, no dhcp
<nekro_> smoser: I don't want to get into this argument because it is a hypervisor level issue, but to blame it on the client tools is a bit erroneous.
<nijaba> mathiaz: how would I check the ip of an instance I cannot connect to?
<jmedina> ruben23: did you read my message about portmap?
<smoser> nekro_, it doesn't work in most cases. "most cases" would be > 50% of possible input strings
<mathiaz> nijaba: try to log on the NC and look at the kvm command
<smoser> in which case no way.
<mathiaz> nijaba: it should have the MAC address
<mathiaz> nijaba: on the CC look into the dhcpd lease file for eucalyptus
<smoser> whatever xda->xdd is . (it was a typo above).
<mathiaz> nijaba: and check if the MAC address is there
<ruben23>  jmedina: i ahvent see it
<smoser> at very least the help should tell you to use something like "sdX"
<jmedina> I see
<smoser> that would make me happy
<smoser> it would still be broken and indeterminable but at least less so
<Egonis> RobEss: I was also hoping to run Postfix for a simple Filtering gateway, can I install this into smoothwall?
<soren> smoser: Well, Xen does not name stuff sdX. It names it xdX.
<jmedina> isnt it xvdX?
<smoser> well, goign with your "ec2 sucks so so should euca" argument, then we should just say "xda" is what it should take
<soren> jmedina: Err... could be. I'm not sure.
<smoser> but anyway
<smoser> i have to go. soren you shouldn't have started up again. both of us have better things to do. at least i'd think you do :)
<ruben23>  jmedina:..? whats your message..?
<soren> Oh, I do. I really do.
<jmedina> ruben23: scroll up, I answer two times
<nekro_> smoser: I'm not making that argument. In fact, I am making no argument. We will fix software if there are legitimate bugs. File a bug if you think it is a bug. Based on how priority it is, it will be fixed at the appropriate time.
<smoser> nekro_, thank you.
<RobEss> Egonis, I'm not sure. Smoothwall comes as a self-installing ISO. It is not Ubuntu-based.
<ruben23>  jmedina: portmap should be runnning, how do i check it
<jmedina> ps?
<nijaba> mathiaz: which file.  /var/lib/dhcp3/dhcpd.leases is empty
<mathiaz> nijaba: right - that's not the eucalyptus lease file
<mathiaz> nijaba: I think it's somewhere in /var/lib/eucaluptys/
<mathiaz> nijaba: or /var/run/eucal/
<mathiaz> nijaba: if you do a ps -ef
<mathiaz> nijaba: and look for dhcpd processes you'll fine the eucalyptus lease file
<ruben23>  jmedina:  i think its running----->daemon    3952     1  0 11:55 ?        00:00:00 /sbin/portmap
<mathiaz> nijaba: as it's specified on the command line
<jmedina> ruben23: you need to be sure it is running before you try to mount nfs share
<nijaba> mathiaz: /var/run/eucalyptus/net/euca-dhcp.leases
<jmedina> you didnt say how did you mount it, or how are you tring to auto mount it
<mathiaz> nijaba: right - that's it
<ruben23> mount 192.168.0.100:/var/spool/asterisk/monitorDONE  /home/cron/RECORDINGS
<nijaba> mathiaz: it is empty :(
<ruben23> jmedina: on my fstab i have this --->http://pastebin.com/m431e8a5f
<jmedina> ruben23: sorry I have to go :S
<uvirtbot> New bug: #291590 in vm-builder "--iso option ignored?" [High,Fix released] https://launchpad.net/bugs/291590
<ka3uww> Hey I guys I installed Ubuntu server and changed to a faster box. Now it doesn't see the new nic card. Can anyone help???
<_ruben> ka3uww: sudo rm /etc/udev/rules.d/70-persistent-net.rules (or alter the mac address(es) listed in that file, then reboot
<ka3uww> TNX _ruben! I am trying it right now.... TNX agn!
<ka3uww> _ruben TNX... IT WORKS!!! TNX...
<ruben23> hi if i have serverA and ServerB then i want to copy files form my serverA to server B where should i installed the FTP server to do it..?
<guntbert> ruben23: I don't think it matters
<_ruben> just use rsync instead
<ruben23>  _ruben: what if ill used FTP...?
<ruben23> what it would be
<ruben23> where should i install the FTP server
<_ruben> the server you wont initiate the copy from .. which, again, leaves it up to yourself
<_ruben> one will be server, one will be client, data can be transfered both ways either way
<SyL> is there a link for a howto to get eucalyptus working in karmic? I remember seeing one, but I can't find the link
<ahe> SyL: you mean this one: https://help.ubuntu.com/community/UEC ?
<jdstrand> soren: hi! I noticed your vmbuilder upload and installed it. However, I can seem to boot the karmic vm after it is created. see http://paste.ubuntu.com/299317/
<jdstrand> soren: it just sits after the BIOS post with 'Booting from Hard Disk...'
<SyL> ok, maybe I'm crazy, but I'm not seeing any keys in /var/lib/eucalyptus/keys/ on the frontend or the nodes. any ideas?
<jdstrand> s/I can/I can't/
<jdstrand> soren: s/I can/I can't/
<soren> jdstrand: I'm working on that right now.
<soren> jdstrand: ..but I'm surprised you're seeing it.
<jdstrand> soren: why surprised? output not what you expected?
<soren> jdstrand: /me must be barking up the wrong tree
<jdstrand> soren: if it helps, I have grub installed, but not grub2
<soren> jdstrand: No, I was seeing the same thing, but doing something "special", and thought that was why it was breaking.
<jdstrand> hmm
<soren> jdstrand: If you're seeing it as well, I was barking up the wrong tree. In fact, I thin kI know what it is.
<jdstrand> ah good
<soren> jdstrand: Thanks for the poke. You got me back on the right track :)
<jdstrand>  5
<jdstrand> o/
<soren> ditto :)
<jdstrand> heh
 * soren waits for vmbuilder to finish.
<MTeck-ricer> !search autofs
<ubottu> Found: automount, autofs
<MTeck-ricer> !info autofs
<ubottu> autofs (source: autofs): kernel-based automounter for Linux. In component main, is extra. Version 4.1.4+debian-2.1ubuntu2 (jaunty), package size 112 kB, installed size 508 kB
<soren> jdstrand: I seem to have fixed it.
<jdstrand> \o/
<soren> Now I just need to file a bug to track it.
<bventura> i have a internal DNS server in my office, and when I try to resolve the address "example.com" without any prefix (like www.example.com) it's returning the address of the internal dns server, not my website's address which is what I want.  How can I fix that?  what DNS entry do I need to make?
<bventura> ie. someone puts in their browser "http://example.com" when they are at the office
<qman__> bventura, you need to change the "example.com" entry in your zone file
<bventura> qman__ that's what I think I am not getting here, that 'example.com' is not really specifically mentioned there except at the top line "example IN SOA dns1.example.com. dnsadmin.dns1.example.com"   then a bit down "$ORIGIN example.com."
<qman__> bventura, you need an A record for example.com
<qman__> normally such an oversight would cause bind to not start
<qman__> so, more likely, it IS defined, but you didn't notice
<qman__> the fact that $ORIGIN is defined means that the record could be
<qman__> @     IN    A     1.2.3.4
<bventura> ok qman let me check it out
#ubuntu-server 2009-10-23
<fighter> so, i just ran find . -size +0 -exec mv -i {} {}xxx \; and now i have a bunch of files that are named genericporntitle.avixxx, can anyone tell me how to get rid of the xxx's i just added to my files?
<uvirtbot> New bug: #458637 in samba (main) "samba has many issues" [Undecided,New] https://launchpad.net/bugs/458637
<qman__> fighter:  ls > list; while read file; do mv "$file" "`echo "$file" | sed s/avixxx/avi/`"; done < "list"; rm list
<qman__> there's probably a better way but that will work
<Jagged> sed s/xxx// would work as well
<qman__> yeah but the string "xxx" is more likely to be in the title than "avixxx"
<fighter> I'm willing to loset he xxx in the title
<Jagged> well
<Jagged> in that case:
<qman__> then change it to sed s/xxx//g
<Jagged> sed s/xxx//g
<fighter> i typed it but so far i'm still waiting, i'm checking the dir on my windows box and nothing has changed yet. any idea how long it should take?
<fighter> 226gb in 461 files
<qman__> should be changing them as it goes
<qman__> unless it's still waiting on the "ls > list"
<Jagged> ps ax | grep ls
<Jagged> and see if ls is still running
<qman__> and really it shouldn't take extra time based on size, since it's really just changing the name
<qman__> no need to actually move the data
<qman__> the time should be based on the number of files
<fighter> ah there we go
<fighter> got it now
<fighter> thank you for you help :)
<qman__> no problem
<smoser> erichammond, ping
<uvirtbot> New bug: #458672 in bind9 (main) "package bind9 1:9.6.1.dfsg.P1-3 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/458672
<smoser> soren, mdz erichammond feedback on release criticalness of bug 458576 and my attached patch would be nice.
<uvirtbot> Launchpad bug 458576 in ec2-init "ec2: ssh public key fingerprint in console output does not match EC2 standards" [Undecided,New] https://launchpad.net/bugs/458576
<smoser> i can definitely see an argument for it being fairly release critical.
<smoser> good night all.
<smoser> ttx, soren, zul, erichammond you have mail from me. i will see you all on monday AM.
<zul> smoser: have a good day off
<erichammond> smoser: I don't have any specific examples of who/what has automated security checks of ssh host keys, how they are implemented, or how difficult it would be for them to adjust regular expressions to work with a different console output format.
<erichammond> I'm sure this type of checking exists, but don't have any real insight.  So, I'd probably go with importance "Low" until somebody complains.  If it's going to be easier to fix now than after release, and you want to avoid complaints, then bump it up to a higher priority.
<twb> erichammond: are you talking specifically about checking for host keys generated during the Debian ssh-keygen entropy fiasco?
<erichammond> twb: checking for ssh host key fingerprints in the EC2 instance console ouptput.
<erichammond> twb: I think I know what you're talking about (a while back) and that's something different.
<twb> OK, no worries.
<twb> I was gonna say, that kind of host key scanning ought to be done by openssh-blacklist or whatever the package is.
<twb> Dunno if it's any help to RTFS that.
<twb> !guide
<ubottu> Sorry, I don't know anything about guide
<twb> !rute
<ubottu> documentation is to be found at http://help.ubuntu.com and http://wiki.ubuntu.com - General linux documentation: http://www.tldp.org - http://rute.2038bug.com
<twb> !sag
<ubottu> Sorry, I don't know anything about sag
<twb> Grr, I need to teach ubottu my mnemonics for the admin guide.
<twb> !learn sag is https://help.ubuntu.com/9.04/serverguide/C/index.html
<poningru> need help with sshfs and fstab
<poningru> here is my situation
<poningru> hmm hold on
<twb> You can't automount sshfs filesystems unless you're using passphraseless key-based authentication.
<poningru> I do
<twb> OK, carry on.
<twb> (But I highly recommend you learn about passphrases and ssh-agent for most other ssh keys.)
<poningru> I have server with username torrent that allows all the client to login
<poningru> so on one of my client computers logged in as media I do: sshfs -o allow_other torrent@consus2:/home/torrent/data/music music/
<poningru> and that mounts it properly
<poningru> but if I try to do it with fstab it does not work
<poningru> here is what I have on fstab
<poningru> sshfs#torrent@consus2:/home/torrent/data/music /home/media/music fuse comment=sshfs,auto,users,exec,allow_others,reconnect 0 0
<twb> Doing A/V files over sshfs is gonna be pretty sucky.  If you're on a LAN, have you considered using NFS or CIFS?
<poningru> ...
<poningru> I hate both of them
<poningru> sshfs ftw
<poningru> hmm
<poningru> you know I wonder...
<qman__> what's with the comment=
<qman__> something fuse specific?
<twb> qman__: probably ends up in mtab or something
<twb> poningru: what do you "hate" about NFS/CIFS?
<poningru> twb, too many issues
<twb> poningru: such as?
<qman__> NFS is difficult to secure, but that's usually not a problem on a LAN
<qman__> can't see any problems with CIFS
<poningru> ok nfs: issues with reconnecting, crashing windows/osx etc.
<qman__> I would never use NFS with windows
<qman__> CIFS is ideal for windows
<poningru> but not for linux
<qman__> it works fine on linux
<poningru> trying to setup samba on lin or osx is worse than pulling teeth
<qman__> but there's no reason you can't use both
<poningru> anyway
<qman__> not at all
<poningru> qman__, well my experience says otherwise
<twb> Surely if your machine can use sshfs well, it can use NFS well.
<poningru> twb, its not a matter of processor power
<qman__> the default configuration is pretty well set
<poningru> oh god
<qman__> adjusting it is easy
<twb> I realize that.  I was speaking about the quality of the NFS implementation.
<poningru> ok if you guys wanna argue the merits of nfs/cifs vs. sshfs ...
<poningru> I just want help with sshfs
<poningru> twb, look at the lkml discussions on nfs
<twb> sshfs has its uses, but I think it's a poor choice for distributing large A/V files over a LAN.
<poningru> well I would like to disagree with you
<qman__> I have to agree with twb, too much overhead
<poningru> not at all
<poningru> todays modern cpus?
<qman__> it's not just CPU power
<qman__> besides, why waste it on the network mount
<poningru> my 'old' pentium dual core with 1.46 I have maybe 1% overhead with sshfs
<twb> It'd be like riding a bicycle on an interstate highway
 * poningru rolls eyes
<poningru> oh god
<poningru> sorry I bothered you guys
<twb> poningru: I don't think you actually describe the problem you're having with sshfs yet.
<qman__> just saying, I wouldn't ever bother setting up sshfs that way
<qman__> as such my advice is to not use sshfs for that purpose
<poningru> twb, uh...
<poningru> qman__, point taken
<poningru> twb, <poningru> I have server with username torrent that allows all the client to login
<poningru> <poningru> so on one of my client computers logged in as media I do: sshfs -o allow_other torrent@consus2:/home/torrent/data/music music/
<poningru> <poningru> and that mounts it properly
<poningru> <poningru> but if I try to do it with fstab it does not work
<poningru> <poningru> here is what I have on fstab
<poningru> <poningru> sshfs#torrent@consus2:/home/torrent/data/music /home/media/music fuse comment=sshfs,auto,users,exec,allow_others,reconnect 0 0
<twb> poningru: ah, sorry, I missed the "not"
<qman__> having never put an sshfs mount in the fstab, my first guess is that #
<twb> poningru: the mount command is run as root, not as media.
<qman__> second guess is the comment= on the options
<twb> poningru: therefore, *root*'s .ssh/config must be set up correctly.
<qman__> but I could easily be wrong about it
<twb> qman__: the # means it's a fuse entry
<qman__> ah
<poningru> twb, right but thats what the uid and gid is for
<twb> poningru: what uid and gid?
<poningru> oh sorry that is old one
<qman__> poningru, he's right about that
<qman__> root's keys need to be set up too
<twb> qman__: well, just tell /root/.ssh/config to use ~media/.ssh/id_%h or whatever.
<poningru> well add on uid=1001,gid=1001
<poningru> right but I remember setting this up a while ago
<poningru> and putting it into root is the easy way out
<poningru> I have it working like that
<twb> poningru: that doesn't change who the operation runs as.
<poningru> twb, oh hmm
<qman__> mounting a systemwide file share as root isn't exactly risky, considering that all your other filesystems are mounted as root
<poningru> how does one do that then?
<poningru> qman__, I know
<twb> poningru: you can't.
<twb> poningru: mount -a always runs as root.
<twb> poningru: if you want to mount a filesystem as some other user, you need to put -o noauto in its fstab entry, then add an init script or an entry in /etc/rc.local.
<twb> As qman__ says, it's pretty silly to try to restrict that, generally.  What are you guarding against?
<poningru> I'm not
<poningru> I'm trying to figure it out
<poningru> curiosity
<poningru> twb, there has to be a way for a user to not have to share his private key with the root
<poningru> I mean technically the root can just view it...
<poningru> but still there has to be a way
<qman__> you generate and trust another key
<qman__> but using the key you already have set up is easier
<KurtKraut> Is there a Unified Monitoring System that doesn't rely on SNMP to gather data? I find SNMP so hard to configure.
<poningru> KurtKraut, what are you trying to configure?
<poningru> err monitor*
<KurtKraut> poningru, the essencial is: if the host is up or down (by ping) and what services are reachable by the central node (httpd, irc).
<poningru> eh go with something simple like bigbrother
<qman__> KurtKraut, you could configure a script on the monitoring host with nmap
<twb> 14:40 <poningru> twb, there has to be a way for a user to not have to share his private key with the root
<twb> poningru: if you can't trust root, you are fucked.
<poningru> twb, read what I said immediately after that
<KurtKraut> qman__, that is possible indeed. By I think this is so essential for small scenarios that I'm impressed no one has already did it.
<qman__> KurtKraut, I've been too lazy to set one up myself
<qman__> nagios does this, but it may be a little bigger scope than what you're looking for
<poningru> KurtKraut, bigbrother
<KurtKraut> poningru, is it a package name?
<poningru> http://www.bb4.org/
<poningru> no clue
<qman__> flash? really?
<qman__> I wouldn't use it on that basis alone
<poningru> qman__, yeah you can turn that shit off
<poningru> http://www.zabbix.com/
<poningru> btw another cool/simple one
<crohakon> what is that?
<KurtKraut> Zabbix rely on SNMP. This single fact makes me think this cannot be pointed out as simple.
<poningru> KurtKraut, you dont have to rely on snmp iirc with that
<poningru> I remember setting it up to do just ping/nmap tests
<poningru> crohakon, network monitoring tool
<KurtKraut> poningru, so I'll give it a try
<crohakon> for datacenters or something?
<qman__> still seems like overkill
<poningru> crohakon, eh sure
<poningru> crohakon, you can use it for your home network too
<qman__> nagios is pretty much exactly like those
<crohakon> hmmm something to play with.. =)
<qman__> and is in the ubuntu packages
<poningru> qman__, absolutely nagios is a good one too
<poningru> imho a little to much for us sys admins though
<poningru> not point and click install
<qman__> dont' know if it requires snmp to work or not
<qman__> I know it can use it
<qman__> cacti is snmp based
<poningru> right
<qman__> still overkill for my taste, which is most of why I don't have one set up
<qman__> eventually I'll write something up in php that parses a simple nmap output
<crohakon> no ubuntu package for zabbix?
<poningru> crohakon, it should be there iirc
<poningru> qman__, bb is for you then
<crohakon> iirc?
<poningru> if I recall correctly
<qman__> I see 6 zabbix packages in my apt-cache
<poningru> yeah same here
<qman__> so yes, though it may be universe/multiverse/canonical
<crohakon> So can I install this on my server, and view it from my laptop?
<qman__> looks like you install zabbix-server-??sql and zabbix-php-frontend on the server
<sub> Zabbix has a web interface, yeah
<qman__> and zabbix-agent on the systems you want to monitor
<qman__> then you just browse to the web site
<crohakon> wow, lots of little pieces.
<poningru> sub, yo
<poningru> qman__, yep
<poningru> crohakon, if you dont like snmp you may wanna try out spong
<poningru> though I have never used it
<crohakon> <--- just getting into this stuff. Not really sure what the benefits or disadvantages are of snmp.
<qman__> I'm not a fan of snmp
<qman__> it's difficult to configure, and a cleartext protocol to boot
<qman__> at least, the version everything supports is
<poningru> crohakon, eh its a little complicated unneccesarily and hard to configure
<qman__> supposedly newer versions can be encrypted but it's just a mess
<poningru> qman__, whats wrong with cleartext?
<qman__> nmap is a better option
<poningru> just put it over ssh
<poningru> qman__, nmap isnt super reliable though
<sub> hey poningru
<poningru> didnt know you hung out here
<sub> yep
<sub> here and #ubuntu-virt
<poningru> oh cool
<sub> i do some light contributing to Ubuntu VMBuilder and triag bugs in server when I have the spare time
<twb> I heartily support protocols that use cleartext, and a separate encryption layer.
<twb> It makes debugging far less painful.
<poningru> twb++
<poningru> sub, I've been meaning to get into vmbuilder
<poningru> I wanna get into getting debian/rhel/suse build be as easy as ubuntu
<sub> it's a cool little piece of code, although about to go through a heavy refactoring or rewrite
<crohakon> I want a static IP so I can host my own websites. But thats not going to happen. =)
<poningru> sub, really?
<sub> yeah
<poningru> didnt soren here write that code?
<poningru> sub, link?
<sub> yes, and he's the one who wants to rewrite it, hehe
<sub> let me see if i can find the email
<qman__> crohakon, dynamic DNS works pretty well for me, though my ISP filters ports 21, 25, 53, 80, and 445 for security reasons
<sub> oh it's lind of long, i'll see if i can find an archived one i can link you to
<sub> poningru: https://lists.launchpad.net/vmbuilder/msg00003.html
<crohakon> yeah, charter blocks those ports as well. I sent an email asking what I need to do to get a static IP and those ports unblocked. They want me to pay $99/m for a 10mb down/1mb up connection with a static IP.... not going to happen.
<qman__> hah, I have charter too
<qman__> total rip
<qman__> unfortunately there's no competition, no other options
<crohakon> 3 years ago I had a business account with verizon, and although DSL is much slower, I had a static IP for like 34/m and no ports blocked. Where I live now, however, charter is my only option.
<poningru> crohakon, that sucks
<qman__> my 5M/512k service is $50 a month on top of the "bundle" discount for getting TV with them too
<qman__> the only other option is a T1 at $400 a month
<crohakon> Currently with charter I have a 8down/1up connection with dynamic IP and ports blocked for 34.99/m... to get the same up speed and a static ip with no port blockage they want $65 extra a month.
<poningru> jeezus
 * crohakon his hand on head
<poningru> crohakon, work for cablevision
<poningru> with no vid
<crohakon> cablevision?
<poningru> 30down and 5up is about 65USD thats with a free domain, hosting, all ports open, static ip etc.
<poningru> a cable company that services ny,nj,parts of ct etc.
<crohakon> damn... I need to move.
<twb> http://www.internode.on.net/residential/broadband/adsl/nakedextreme/pricing/ (annex M)
<crohakon> Sadly, I live in the rust belt... Michigan.
<Sorrell> is anyonw having static ip issues with 9.10 ?
<crohakon> No one has work, and everything is expensive.
<poningru> Sorrell, my vm isnt
<poningru> server, install from iso
<qman__> monthly download quota? that wouldn't work
<Sorrell> :( dang, just me then.
<qman__> I exceed 150GB every month
<Sorrell> bandwidth cap = suck
<twb> And in .au, all domestic lines are rate limited (or subject to hefty excess fees) after exceeding a monthly quota.  I get the impression that's uncommon in other nation-states.
<poningru> yeah its sucks
<poningru> qman__, comcast has a technical limit of 250gig
<poningru> per month
<poningru> I do exceed that time to time
<poningru> but...
<poningru> they dont care
<twb> Theoretically our wonderful new center-left government will put in FTTH (FTTP) in the next ten years.
<qman__> I used 450GB in august
<poningru> qman__, hehe
<qman__> though that's not typical
<twb> http://en.wikipedia.org/wiki/National_Broadband_Network
<poningru> qman__, downloading ubuntu isos ;)
<qman__> let's go with that
<twb> "Download speeds of 100 mbps for 90% of Australia homes and businesses"
<poningru> cool
<poningru> http://www.phoronix.com/scan.php?page=news_item&px=NzYzMA
<qman__> wow
<twb> Of course, that won't apply to anything hosted OUTSIDE .au
<twb> And that's assuming they actually manage to build it, on time and on budget (har har har)
<qman__> yeah
<qman__> AT&T promised the US 100 meg lines to every home over a decade ago
<twb> The government said "the telco's bids don't offer value for money, so we're going to do it ourselves, for cheaper" (har har har)
<qman__> in return for tax breaks
<poningru> qman__, THANK YOU
<qman__> not only have they not delivered on that, their service hasn't improved in years
<poningru> bunch of dirty bastards
<poningru> qman__, and now everytime net neutrality comes around
<poningru> they prop up the argument that 'we own the network we can do what we like with it'
<poningru> no you dont you shit heads
<poningru> tax payers essentially paid for it with tax cuts
<twb> Have you ever gotten sick of hearing AT&T take credit for things that they didn't invent? You will.  -- Dave Hamilton
<crohakon> I wish I had the resources to get a dedicated line just for fun.
<qman__> I've seriously considered getting a T1 despite the ridiculous cost
<qman__> charter has terrible service
<twb> qman__: you could just get three separate DSL connections from separate providers, then multiplex them
<qman__> can't get DSL
<qman__> if I could, I would
<crohakon> In this area it is hard to get DSL from one provider... let alone three!
<twb> So you're saying that in .us, you can get fibre in places you can't get DSL?
<twb> WTF, are your exchanges so far apart, or just lacking DSLAMs?
<qman__> you can get a T1 anywhere if you're willing to pay
<qman__> but you can't get FIOS in most places
<twb> T1's a wire protocol.  What does it run on?
<twb> Existing copper lines?
<qman__> new copper, I'm pretty sure
<qman__> it's a dedicated line
<twb> I feel sorry for the kind of people who would lay new copper in this day and age
<crohakon> Americans like to live far apart from each other... which makes DSL difficult.
<qman__> oh, the US is far from that
<qman__> copper's not going anywhere
<twb> crohakon: you'll get that in ANYTHING that uses copper as a transport.
<qman__> my choices are 21k dialup, 512k satellite, charter cable, or a leased line (T1 or better)
<twb> crohakon: it's just that DSL uses only the high frequencies (to leave room for voice), so it attenuates quickly.
<qman__> I have no other possible service
<crohakon> Maybe I should get a lease line and try to get my neighbors to use me as an ISP. =)
<qman__> AT&T is too cheap to fix the phone lines
<qman__> there's no way they'd lay fiber here
<twb> qman__: not so much cheap as lacking competition (and antimonopoloy laws), I suspect
<twb> *monopoly
<qman__> yeah, they're the only phone provider in my specific area
<qman__> same goes for charter cable
<qman__> only cable provider
<crohakon> So, how much more bandwidth do you get with a basic T1 connection?
<qman__> less download, more upload, 1.544mbps full duplex
<crohakon> as compared to a basic cable connection?
<qman__> but, it's got a 99.999% uptime guarantee
<twb> My arse it does
<qman__> as opposed to charter, which in my area is about 90%
<twb> That's like two minutes downtime per year.
<qman__> that's what they advertise
<twb> advertising isn't the same as the contract
<crohakon> My only problem with charter in my area is that it starts to slow down after midnight (when I normally am trying to watch something on hulu or netflix
<twb> Maybe they're only giving five nines that e.g. the cable won't explode, and not that e.g. the repeaters won't shit themselves.
<qman__> probably
<qman__> but they will fix the problem
<qman__> unlike charter, who waits around for a few hours first
<crohakon> So... if I wanted to host a few websites... would a T1 be any better then a 10down/1up cable connection?
<qman__> company policy, they won't fix the problem unless at least five people make it to tier 3 and complain
<qman__> even if they know for a fact that it's down
<poningru> heh wow
<twb> Here, if you report a problem to the ISP, and it's a problem with the physical line, they wait until the end of the day to queue up all the fault requests and then send them as a batch to telstra (who own the copper itself).
<twb> And then telstra take days to get back to the ISP
<qman__> charter's DNS is also totally worthless
<qman__> I've had to run my own for years
<Sorell> is there a special way to set the static ip in ubuntu server?
<Sorell> 9.10
<twb> Sorell: /etc/network/interfaces (see "man interfaces")
<qman__> Sorell, /etc/network/interfaces
<Sorell> :/ that's what I have been doing
<twb> Sorell: purge NetworkManager
<Sorell> go in and change auto to static.
<qman__> you don't change auto
<twb> There are copious examples in the manpage
<Sorell> maybe it's dynamic then
<Sorell> I was wondering exactly for 9.10
<Sorell> I had this working in 8
<qman__> it's the same as for every previous version I'm aware of
<Sorell> .
<qman__> huh
<qman__> error upgrading, corrupted archive
<qman__> wouldn't mind except that's the kernel
<crohakon> omg... I so desire an OC-48...
<Sorell> just sign here in blood
<crohakon> lol
<Sorell> :)
<twb> I don't know why, really.
<twb> Ultimately the bandwidth all goes to bittorrent, which never has anything good on it
<crohakon> =)
<twb> Even if you wanted to watch something by Joss Wedhon, it's probably cheaper in .au to walk to the store and buy a boxed DVD set than to rent an ADSL2+ line.
<crohakon> Anyone know a good co-location host?
<twb> What are your metrics for "good"?
<twb> Fast, cheap, unaccountable, ... ?
<crohakon> yes.
<crohakon> lol
<crohakon> fast and cheap mostly
<crohakon> cheap... mostly.
<crohakon> lol
<qman__> I'm starting to regret the decision to upgrade my desktop to the RC
<qman__> corrupt packages, dbus errors abound
<twb> Fortunately, you're gonna report those bugs so they're fixed for everyone else
<crohakon> Okay, so the real reason I have been playing around with ubuntu server is that my employer wants to host his website(s) on sight. What kind of connection speed do you need to host 3-4 websites that get anywhere between 100-200 hits a day?
<qman__> depends entirely on the content
<crohakon> No video
<qman__> a few basic pages, half a meg ought to do fine
<qman__> probably 384k
<crohakon> mostly text and images. database heavy, though.
<crohakon> Yeah, I did not think it would take much.
<qman__> 100-200 hits per day suggests that you wouldn't have more than a dozen people loading pages at once
<crohakon> correct
<qman__> assuming your page downloads are small, a half meg should be able to keep up
<crohakon> Now, this connection would also handle are merchant services, quickbooks services, etc..
<crohakon> would that have any effect? I don't see where it would.
<qman__> well, if you have more than a couple users I'd suggest you throw in another 256k
<qman__> nothing serious
<qman__> "Could not install the upgrades
<qman__> The upgrade is now aborted. Your system could be in an unusable state. A recovery will run now (dpkg --configure -a)."
<qman__> bleeding edge ftw
<crohakon> and having the mysql server and the apache server on the same machine should not be a problem?
<qman__> not for that small of a load
<qman__> you can always create another mysql server and move the databases if it becomes a problem, too
<crohakon> true
<qman__> ok, I think I got all the broken packages sorted
<qman__> time to cross fingers and reboot
<qman__> bbl
<crohakon> good luck
<qman__> well, it booted up
<qman__> but firefox overrode all my settings with defaults, lost my bookmarks and everything
<crohakon> at least it booted...
<qman__> hmm
<qman__> I can get my 3.0 settings back, but I was using 3.5 before
<twb> One more reason to drop firefox
<crohakon> And what do you suggest instead of firefox?
<twb> Well, I use a combination of emacs-w3m, w3m, html2ps, midori and opera.
<twb> But obviously that is not for everyone
<qman__> I was trying to get uzbl to work, but no dice
<twb> Webkit is a featureful engine, but the downside is that it's a featureful engine
<qman__> well, I only switched to 3.5 from 3.0 a few weeks agos
<twb> Just like xulrunner, it takes like 3 hours to compile on typical hardware, and wants to use gobs or resources at runtime
<qman__> so not much lost
<crohakon> Anyone have desire for chrome to be released for linux?
<twb> Nope.
<qman__> not really
<crohakon> I have been using firefox for so long the thought of using something else has not even crossed my mind...
<qman__> I was really unhappy with firefox 3
<qman__> but 3.5 is much better
<qman__> though still not ideal, it works well enough
<crohakon> firefox has never not met my needs.
<qman__> 3 was really, really slow
<qman__> I had whole second UI delays
<twb> qman__: you think that's bad?
<qman__> and when flash would die, as it tended to do
<twb> qman__: try ssh -Xf fs firefox
<qman__> I basically had to kill it, wait five minutes, open it up, and wait five more minutes for it to reload my tabs
<twb> openoffice is even more hilarious to run remotely
<crohakon> I guess I just did not notice... most likely at the time I blamed it on my internet connection.
<qman__> hah
<twb> Both of them basically abuse the fuck out of pixmap objects to fake their own "themed" widgets -- even more so than GTK2 does
<jussi01> !language | twb
<ubottu> twb: Please watch your language and topic to help keep this channel family friendly.
<qman__> it appears afraid.org's DNS servers are down
<qman__> first time that's happened since I started using them...probably 5 years ago, now
<twb> Linguistic apartheid!
<poningru> NOOOOOOOOO
<poningru> what do you get from poningru.close.com?
<poningru> can you ping it?
<twb> downforeveryoneorjustme.com
<poningru> twb, I dont have any web sites here
<poningru> just mail
<poningru> can you ping poningru.close.com?
<qman__> oh, looks like the domain my subdomain is on got pulled for some reason
<qman__> guess I just have to wait it out
<poningru> oh ok cool
<qman__> nice site
<qman__> man, if this domain doesn't come back, I have a lot of work to do
<qman__> I have certificates to replace and everything
<poningru> oh shit
<qman__> might even have to trash my entire VPN setup
<poningru> man that sucks
<jussi01> poningru: Ive just asked twb to watch the language, if you could do same that would be great :)
<poningru> arr?
<poningru> sucks?
<poningru> oh shit? sorry
<uvirtbot> New bug: #458785 in likewise-open5 (universe) "can not unlock gnome-screensaver when password is near to expire" [Undecided,New] https://launchpad.net/bugs/458785
<altf2o> just wondering if anyone's ever used gitosis + gitweb. I have it running fine on my test virtual server, however i have everything pointed to /home/git/repositories/ , where all my repos including 'gitosis-admin.git' reside. The problem is when viewing: http://virtual_server/gitweb/ , it does show my test repos but also 'gitosis-admin.git' which is fully browsable and public keys downloadable. Surely this isn't desired, any ideas?
<altf2o> One link said to add:  [repo REPONAME] gitweb = no  , tried that, restarted apache2, no dice.
<nijaba> good morning
<crohakon> good night
 * altf2o incase anyone else wonders: In /etc/gitweb.conf , setting: $project_list = "/home/git/gitosis/projects.list";  $export_ok = ""; $strict_export = "true";  , will only allow those repos listed in /projects.list to show up. In your gitosis.conf file: [repo gitosis-admin] gitweb = no  , DOES then control if it's visible or not. Setting it to: gitweb = yes  , will make it world viewable again.
<maxagaz> hi
<maxagaz> I have a chinese video capture card for which lspci returns "02:00.0 Multimedia video controller: Conexant Systems, Inc. Device 8200", what module should I load to make it work ?
<maxagaz> Is there a module for this card ?
<twb> maxagaz: google that string
<twb> The part after the colon
<maxagaz> twb, I did it...
<maxagaz> twb, but I go nothing
<maxagaz> got
<twb> Well, I got lots of hits
<twb> I didn't look to see how useful they were
<Boohbah> twb: No results found for "Conexant Systems, Inc. Device 8200".
<Boohbah> Results for Conexant Systems, Inc. Device 8200 (without quotes):
<Boohbah> twb: useless
<twb> http://www.google.com/search?q="Conexant+Systems,+Inc.+Device+8200"8
<twb> The first three hits are ubuntu ones, for me.
<Boohbah> Your search - "Conexant Systems, Inc. Device 8200"8 - did not match any documents.
<twb> Oops, no 8
<twb> Bad copy-and-paste job.
<Boohbah> ooh, second link looks possibly good. video controller: Conexant Systems, Inc. Device 888
<twb> Boohbah: are you in China?
<Boohbah> Device 8880
<Boohbah> twb: nope
<twb> Maybe you're logged into google?
<twb> I don't know why else google would be filtering your search results
<Boohbah> am i getting chinese results? i was googling for chinese pages yesterday
<Boohbah> but i am in the US
<twb> Boohbah: Google filters its results within China
<maxagaz> i don't think they would filter results for such things
<twb> Shrug.
<maxagaz> anywway, i'm wondering if i can make this card work on ubuntu
<maxagaz> how would you try to make it work ?
<maxagaz> at least, dmesg returns no error at the boot
<twb> I would generally make it work by waiting for the revolution to put the MPAA against a wall and shoot it, since HDMI has more DRM than DVDs
<maxagaz> twb, do you mean that there are no way to make it work easily ?
<qman__> maxagaz, not likely
<qman__> if it doesn't work out of the box, and google is no help, there probably isn't a driver for it
<twb> maxagaz: the whole point of DRM is to make it impossible for FOSS projects unable to use hardware that you theoretically "own".
<qman__> did you try to see if it works?
<twb> qman__: good question!
<maxagaz> qman__, no, I didn't
<qman__> my tuner is pretty much dead, but I used to use tvtime with it
<kaushal> hi
<kaushal> is there a way to know in MySQL DB Server which query consumes more time ?
<_ruben> there's a slow query log config option
<uvirtbot> New bug: #292800 in vm-builder (universe) "run.sh shellscript doesn't accept parameters with whitespaces" [Medium,Fix released] https://launchpad.net/bugs/292800
<uvirtbot> New bug: #298109 in vm-builder (universe) "ubuntu-vm-builder is undocumented (no manpage, readme, etc)" [Low,Fix released] https://launchpad.net/bugs/298109
<uvirtbot> New bug: #458904 in eucalyptus (main) "Adding nodes in several waves after launching VMs is not possible" [Undecided,New] https://launchpad.net/bugs/458904
<kaushal> pwd
<maxagaz> how can can i check the number of kB uploaded and downloaded on a machine ? Is there a command to check the activity of my NIC ?
<soren> maxagaz: ifconfig
<maxagaz> soren, ifconfig ? how to check it with ifconfig ?
<maxagaz> soren, i'd need a tool like htop
<soren> maxagaz: By looking at it?
<soren> maxagaz: It's right there in the standard ifconfig output.
<soren>           RX bytes:3908829145 (3.9 GB)  TX bytes:69635931 (69.6 MB)
<maxagaz> what RX and TX stand for ?
<soren> One is receive, the other transmit.
<maxagaz> and X ?
<soren> Nothing, really.
<soren> It's frm the old telegraph days.
<soren> They abbreviated transmit-out as TX, and receive-in as RX.
<soren> It's /very/ commonly used.
<maxagaz> interesting
<maxagaz> soren, ifconfig isn't very convenient to monitor the nic activity
<soren> You never said anything about monitoring it.
<soren> If you want to keep track of it, look at munin.
<maxagaz> soren, yes munin...
<maxagaz> soren, I just tried ntop, it looks good
<soren> maxagaz: Well, if that's what you need, just stick with that.
<maxagaz> what i'm wondering now is, can i monitor the data flow coming the NIC of a machine and leaving the server from once of its NICs ?
<soren> What do you mean?
<uvirtbot> New bug: #458987 in php5 (main) "Segmentation fault when running Wordpress Multiuser" [Undecided,New] https://launchpad.net/bugs/458987
<alvin> I have a problem with a fresh installation of Karmic RC1. (On same server, nog problem with Jaunty):
<alvin> Sometimes, the server boots fine, but most of the time the boot process halts when it can not mount the nfs /home because the network isn't there yet.
<alvin> That's not a big problem, but the network service doesn't even try to connect after that. Is this a known problem? Shouldn't it retry connecting?
<alvin> I like the fact that you try to boot ubuntu faster, but actually, I don't find it very important on a server. Starting services one by one is ok with me. even waiting 5 minutes until the network comes online. But this is a showstopper.
<alvin> ok, another question: is there (experimental) boot logging yet?
<pmatulis> alvin: what error messages do you see?
<kRocKodile> hello
<kRocKodile> how many years of update packages has the ubuntu server?
<kRocKodile> (my english sucks)
<soren> 8.04: 5 years. 8.10, 9.04, and 9.10: 1Â½ years. 10.04: 5 years.
<soren> kRocKodile: ^
<aubre> when I try to attach a volume to an instance using SC I get bad input params to vnetAttachTunnels() followed by failed to attach tunnels for vlan 10 during maintainNetworkState() followed by network state maintainance failed - what am I doing wrong?
<aubre> that's in the cc.log btw
<aubre> reinstalling didn't fix my problem
<aubre> euca-attach-volume -i i-4F8E099C -d sdb vol-329904A4 VOLUME	vol-329904A4
<aubre> I can get everything else to work, and I am anxious to show the system to the director, but this is a show-stopper for me
<alvin> I'm going to reinstall Jaunty, because the network service starts before idmap/nfs. Is there anyone who will stop me and tell I can use Karmic, but have to change the configuration a little?
<soren> alvin: If there's problems with NFS in Karmic, we need to fix them. Can you please file a bug, so we can look at it?
<Bilge> Are services meant to be started and stopped by calling init.d scripts directly or is there a utility that's intended to be used instead?
<alvin> soren: I don't know if NFS is the problem. If I don't mount any drives, the network service will not always start either. The NFS just halts the whole boot process if there is no network available at that time. Sometimes (rare), the server does boot.
<alvin> soren: Can I perform some tests? Any suggestions?
<alvin> Hmm, now the console says: 'Gave up waiting for root device'. That happens from time to time too, but only in Karmic.
<alvin> The question is: is bringing up the network and the rootdelay related?
<alvin> soren: I'd like to file a bug, but I don't know against what. Sometimes, root is not found, and sometimes the NFS server (shared home) is not found because the network isn't there.
<pmatulis> alvin: take nfs out of the picture - use a regular home and test
<alvin> after a lot of 'giving up waiting for root device' and reboots: If the NFS server is not found, you can escape to a rescue shell. If you wait a bit, the network will come up and the server can be seen. Then you can mount by hand and continue the boot process. If you just continue, mountall stops responding and nothing can be done.
<alvin> I will try with a regular home. (please stand by)
<alvin> done, rebooting. Another thing: when booting, mountall says that the swap is busy every time the home can not be mounted. Swap is just a local volume.
<soren> alvin: File it against mountall. It may not be correct, but it's better to have it filed and then we can move it afterwards.
<heath|work> apt-get seems to be struck. I ctl+c'd it and now I can't run it. How can I get it back?
<pmatulis> heath|work: use the ps command to ensure it's no longer running
<pmatulis> heath|work: kill it if it is
<heath|work> pmatulis: thanks I got it
<alvin> soren: I will. It's certainly network related. If I omit all NFS mounts and just boots and I can log in. I can then start a ping to the fileserver. First, there is no network, then the ping is unanswered, and after a while, the ping will start responding. So, it's really the network. (side note: it is a static network)
<alvin> Hmm, my problem looks related to bug 431248, but that is reported to be fixed and I have all latest updates.
<uvirtbot> Launchpad bug 431248 in portmap "NFS not mounted" [High,Fix released] https://launchpad.net/bugs/431248
<nijaba> smoser: hello.  is the current karmic aki/ari to use on ec2 published somewhere?
<uvirtbot> New bug: #459101 in eucalyptus (main) "Relay denied from eucalyptus registration emails - source address is wrong." [Undecided,New] https://launchpad.net/bugs/459101
<zul> nijaba: he is away today
<nijaba> hey zul
<zul> hi nijaba
<nijaba> zul: would you have any clue where I could find that?
<zul> yeah i think giime a sec
<alvin> ok, reported as bug 459134. Thanks for the help. Work on this will continue on monday.  I have permission to test this a little while further before going back to Jaunty for production use.
<uvirtbot> Launchpad bug 459134 in mountall "karmic: networking is started too late in the boot process" [Undecided,New] https://launchpad.net/bugs/459134
<nijaba> zul:duh  I look in this exact directory, did not think of looking at this file
<zul> nijaba: heh
<aubre> I figured out my SC problem, my SC had registered itself (during the automatic UEC install) to use my public IP and interface, when I switched to a private IP and private interface, and subsequently created a new volume, everything works. Then the question becomes why did the UEC disk install register itself with my public interface instead of my private interface?
<aubre> could it be because it doesn't know about the private interface until the end? I changed my SC config in the web interface btw
<zul> ttx: ping
<ttx> zul: pong
<zul> ttx: do you want me to upload the fix for 458576 if its not done already?
<ttx> bug 458576
<uvirtbot> Launchpad bug 458576 in ec2-init "ec2: ssh public key fingerprint in console output does not match EC2 standards" [Low,In progress] https://launchpad.net/bugs/458576
<ttx> zul: we have another required fix in that area
<zul> ttx: k
<ttx> that may or may not also be in ec2-init
<ttx> I'd better make a single change with both...
<zul> ttx: agreed
<zul> ttx: let me know when you need my expert services
<eaman> Hello, anyone is aware of some problems with pam_mkhomedir.so (LDAP) script shipped in Karmik? Here it fails the UID of the user while creating the /home/dir (on NFS) at the first login (it goes to NOBODY).
<ahasenack> eaman: pam_mkhomedir runs as root when creating the dir. On NFS, root on the client gets translated to nobody on the server by default
<ahasenack> eaman: unless you have no_root_squash turned on
<ahasenack> eaman: which is not generally a good idea
<ahasenack> eaman: so, you shouldn't be using pam_mkhomedir with nfs mounted home directories. The home directories should be created on the server, not on the client
<aubre> ttx: since I figured out what was causing my problem in bug https://bugs.launchpad.net/eucalyptus/+bug/452185 , but it could present problems for people who set it up in the future, should I close that bug and open a new one about the interface binding issue?
<uvirtbot> Launchpad bug 452185 in eucalyptus "can't access SC volumes in a UEC instance" [Low,Incomplete]
<aubre> ttx: because while my system is working now I guarantee someone in the future will have the same thing happen to them
<ttx> aubre: just a sec
<heath|work> I'm trying to use checkinstall to install git but the git docs need to be installed also. In the INSTALL file it states to use make prefix=/usr/local install install-doc. How do I tell checkinstall to do that?
<ttx> aubre: the fact that you might need to adjust registration of components in the case of multiple NICs on your cluster controller is, I think, a known issue
<ttx> aubre: but yes, feel free to invalidate the current bug and create another one
<ttx> at the very minimum it will be a documentation wishlist
<aubre> aubre: ok. That's what I will make it
<aubre> ttx: ok that's what I will make it
<ttx> aubre: did you see the latest doc ?
<ttx> https://help.ubuntu.com/community/UEC
<ttx> feel free to fix it based on your experience
<EtienneG> ttx, mathiaz, kirkland: the text of the eucalyptus/publicips debconf template is wrong; you cannot specify range in the form 192.168.1.1-192.168.1.20 for the value of VNET_PUBLICIPS
<EtienneG> either that, or there has to be some logic in the postinst to expand that range into a list
<EtienneG> or even, Eucalyptus should take it but don't
<EtienneG> I am not sure
<EtienneG> gotta report the bug, I guess it is a pretty important one
<EtienneG> as it result in a non-working Eucalyptus setup
<eaman> ahasenac: Thanks, this make sense.
<eaman> ahasenack: And of course I'm not willing to use root squash on the nfs server
<ahasenack> *no* root squash, you probably mean ;)
<eaman> yes sorry
<eaman> So now the problems is: finding a nice way to create the user on the server, as the user creation is trigged by a PHP script running on Apache
<aubre> ttx: ok
<ahasenack> seems like you need to do one more thing in that trigger
<eaman> It comes to my mind making Apache (www-data) take some sudo priviledge in order to cast a mkdir and a chown on the new dir
<ahasenack> and copy /etc/skel/
<eaman> Well I could use a skell population as well I guess
<eaman> Yes :)
<ahasenack> sounds reasonable, if done carefully
<eaman> Well it could be the only way
<mdz> soren: ping
<mdz> ttx: thanks for testing the appliance, looks like we have some work to do
<kaushal> hi
<ttx> mdz: yes...
<kaushal> can i change catalina.out to catalina.log or something else. if its possible then how is it done ?
<kaushal> I am talking about tomcat Application server
<eaman> Weird things is that pam_mkhomedir.so is able to cast the right GID: it goes to 2000 here.
<ttx> mdz: the other remaining issue is the UEC image / ephemeral disk automount one
<eaman> And UID goes to NOBODY, which makes sense
<mdz> ttx: right
<mdz> ttx: smoser is on that, yes?
<ttx> mdz: yes, though he wasn't working today
<mdz> ah, right, he's off
<ttx> mdz: I still think he is in the best position to find the right way to fix it in the less-intrusive manner
<ttx> that would increase our chances of having it pass release management
<EtienneG> bug #459204
<uvirtbot> Launchpad bug 459204 in eucalyptus "The text debconf template eucalyptus/publicips is wrong" [High,New] https://launchpad.net/bugs/459204
<EtienneG> ttx, if you have a minute, you should look at the above
<ttx> I don't have a minute, but I can have a look
<EtienneG> ttx, sorry, man!
<ttx> EtienneG: yes you can !
<ttx> EtienneG: what makes you think you can't ?
<EtienneG> ttx, huh?  I am afraid you lost me here.
<ttx> EtienneG: specify 192.168.1.1-192.168.1.20
<EtienneG> ttx, you can, it just won't work
<EtienneG> ttx, easy enough to test without reinstalling
<ttx> hmm? works here, as far as euca-describe-addresses goes
<ttx> (or whatever the exact command is called)
<EtienneG> ttx, change VNET_PUBLICIPS to 92.168.1.1-192.168.1.20", restart eucalyptus
<EtienneG> ttx, ah, ok, then it has to be something else
<ttx> EtienneG: wht evidence do you have its *not* working ?
<ttx> doesn't show the addresses in euca-describe-addresses ?
<EtienneG> ttx, evidence?  the output of euca-run-instances, perhaps?  :)
<ttx> EtienneG: you mean its not affecting any of the addresses you configured ?
<EtienneG> ttx, and yes, the addresses do not show in the the output of euca-describe-addresses either
<ttx> hmmm... works here
<ttx> (last time I looked)
<EtienneG> ttx, which Euca version?
<EtienneG> and which VNET_MODE?
<EtienneG> ttx, fsck it, mark it Invalid
<EtienneG> my bad
<EtienneG> VNET_PUBLICIPS did not correspond to a range actually in use by the machine
<EtienneG> ttx, that was a user error
<EtienneG> ttx, sorry for wasting a few minutes of yours you did not had!
<ttx> :P
<kaushal> checking in again for my query ?
<ruben23> hi can i further optimize ubuntu..? for network- have anyone tried it..?
<uvirtbot> New bug: #459194 in eucalyptus "SC must be re-registered to the private NIC/IP after installation " [Undecided,New] https://launchpad.net/bugs/459194
<ruben23> anyone..?
<ruben23> have tried it..?
<aubre> ttx: how's this ? https://help.ubuntu.com/community/UEC/StorageController
<aubre> ttx: I need to make the command line stuff brown
<SyL> ruben23: what kinda of optimization are you looking for?
<gamla_kossan> hi people
<gamla_kossan> I seem to have isntalled some package which has broken my samba server...
<gamla_kossan> and the samba server won't start by running /etc/init.d/samba start
<gamla_kossan> (nothing happens)
<gamla_kossan> can anyone help me troubleshoot?
<ruben23> SyL:network and the system itself
<zul> mathiaz: ping any reason why autofs would conflict with itself?
<mathiaz> zul: with itself or an *earlier* version of itself?
<zul> with itself
<mathiaz> zul: hm - that's a good question - I don'tknow
<zul> debian unstable still has it as well
<mathiaz> zul: I'd ask in #ubuntu-devel about it
<uvirtbot> New bug: #459204 in eucalyptus (main) "The text debconf template eucalyptus/publicips is wrong" [High,Invalid] https://launchpad.net/bugs/459204
<ninjah> is there a difference between "apt-get dist-upgrade" and "apt-get upgrade"?
<Pici> !dist-upgrade | ninjah
<ubottu> ninjah: A dist-upgrade will install new dependencies for packages already installed and may remove packages if they are no longer needed.
<nijaba> soren: if you are around I'd love to have your point of view on the following.  I've been trying to upload your mediawiki image to ec2 using http://pastebin.ubuntu.com/299939/ but ec2-register send me the error you'll see there as well....  any idea?
<nijaba> soren: nm, sorted
<stephank> Hello! I installed 9.04 64-bit on an machine with an onboard 1GB/s intel network interface, and a broadcom 1GB/s pci express card. I bonded these two interfaces in /etc/network/interfaces, created VLANs on top of that and it all works peachy. But when I reboot, the interfaces don't come up saying "VLANs not supported on bond0".
<stephank> When the machines it booted, and I restart networking, it all works fine again. I pasted my config here: http://www.pastie.org/667009 . I also added 8021q and bonding to /etc/modules. Is there anything else I'm missing?
<uvirtbot> New bug: #423289 in autofs (main) "autofs deletes directories but does not re-create them" [Low,Incomplete] https://launchpad.net/bugs/423289
<qman__> stephank, sounds like a bug having to do with boot order to me, you could probably work around it by adding something to /etc/rc.local as a temporary measure
<stephank> qman__: hehe, neat. I'll add a networking restart there. Let's see if this works
<EtienneG> smoser, re: uec official image, the bug about waiting for /dev/sdb, is that just a matter of fixing /etc/fstab?
<stephank> qman__: trick seems to fool it. Thanks :)
<soren> nijaba: Oh, good, because I had /no/ clue :)
<soren> mdz: Yes?
<nijaba> soren: yeah, your mediawiki img is now instanciated in ec2 :P
<soren> nijaba: Working?
<nijaba> soren: quite well
<soren> nijaba: Are you subscribed to ubuntu-devel?
<soren> nijaba: ttx reported a failure, but I suspect he may have unintentionally have used an earlier version of the image.
<nijaba> soren: I am, but not reading assiduously
<nijaba> soren: I'll reply
<soren> nijaba: I'm about to follow up there, mentioning the new version. Once I've done that, can you please post your results?
<nijaba> soren: sure
<nijaba> I even have it managed with Landscape :)
<uvirtbot> New bug: #369682 in autofs (main) "AutoFS direct maps not working with NFSv4 exports" [Low,Incomplete] https://launchpad.net/bugs/369682
<SyL> is there a way to turn off ipv6 in ubuntu?
<genii> !ipv6
<ubottu> For an introduction to IPv6 and information on tunneling IPv6 through IPv4 connections, see https://wiki.ubuntu.com/IPv6 | To disable IPv6 see https://help.ubuntu.com/community/WebBrowsingSlowIPv6IPv4
<genii> SyL: Second link from the bot
<SyL> thanks
 * nijaba calls it an evening
<Zodling> anyone know if the iscsi install works in 9.10-rc ?
<ScottK> Zodling: I know there is at least one significant bug about that.  I don't know if it affects all iscsi or just some.
<BrixSat> My ubuntu wont start so many error's, i went to a live cd and i cant copy some files because they are under root! How can i copy root files?
<ScottK> BrixSat: sudo cp
<BrixSat> even on a live cd?
<Zodling> i managed to get it to install but.. it dont look to be booting right .. *i have rdp runing if anyone wants to look*
<ScottK> BrixSat: I think so.
<BrixSat> worked :) thanks
<uvirtbot> New bug: #458702 in vm-builder (universe) "vmbuilder crashed with VMBuilderException in run_cmd()" [Undecided,Incomplete] https://launchpad.net/bugs/458702
<toddobryan> Does anyone have a how-to for OpenLDAP with TLS/SSL support that actually works?
<bventura> DNS ?: is it OK to have two A records that with the same IP?   When I google this it says it's not recommended but nothing about why
<jpds> bventura: Two different domains?
<bventura> jpds: no same domain
<jpds> That seems a bit redundant.
<maswan> bventura: yes, perfectly fine
<bventura> ok cool maswan
<maswan> the PTR record should probably only be to one of these though
<bventura> right
<guntbert> bventura: of there are CNAME records too, but don't use one for your mail server
<guntbert> *of course
<maswan> But "kermit A 10.0.01" + "mail A 10.0.0.1" + "smtp A 10.0.0.1" + [in the reverse zone file] "1 PTR kermit" is perfectly fine
<maswan> In fact, there is sufficient weird corner cases for CNAMEs that I wouldn't really recommend them for most places
<bventura> right guntbert, that's what got me here, I can't use CNAME to map my mail server
<maswan> Since an IP can have lots and lots of A records.
<bventura> ok
<guntbert> bventura: but as maswan already pointed out: use two differnt A records
<bventura> i just wasn't sure when I google it, 2nd result says "When the domain name system was designed it was recommended that no two A records refer to the same IP address."
<maswan> the second paragraph of that is probably "but these days, ..."
<guntbert> bventura: that must have been before mail admins decided not to accept CNAMEs any more
<blizzkid> Lo all. does anyone have experience in taking exams for a linux course?
<bventura> OK i think I've put all this DNS stuff together , would anyone be kind enough to critique my config, it is here: http://ubuntu.pastebin.com/m1d75d683
<stimble> bventura: r u fromÂ Ventura?
<stimble> I live in a town named ventura
<bventura> cool in CA?
<stimble> yeah
<bventura> I used to live down there but ithat's actually my last name
<bventura> i gre up in newbury park
<stimble> oh
<stimble> oh, right next door
<stimble> cool
<stimble> small world on the internets :-)
<bventura> ah i miss that southern california weather tho, i'm in sonoma now
<bventura> :D
<stimble> well, good wine and near San Fran at least (2 good things in my book)
<bventura> oh yeah
<bventura> that other recreational substance is readily available too hehee
<stimble> ha
<stimble> btw, whats your dns config for, just an example?
<bventura> at this point yes, I'm just trrying to figure out how it's supposed to work but eventually I have to replace my company's primary DNS and mail server
<bventura> we have an anicent xserve running OS X server and I hate it.. I want ubuntu
<stimble> ah
<stimble> yeah, i have been considering getting an automated dns setup for my ec2 deployments
<stimble> but i hate dealing with bind, soo... havnt done it
<bventura> yeah it's a bit challenging
<guntbert> bventura: just a reminder: use a LTS for that purpose
<bventura> guntbert - I have been wondering what you just mentioned can you tell me why?
<bventura> not trying to argue I just dont think I get it
<bventura> LTS = more secure?
<ScottK> No, LTS = having to upgrade less often.
<ScottK> Actually we've introduced a number of hardening features after Hardy, so the newer releases are 'more' secure.
<alex_joni> LTS = Long Term Support .. so you get upgrades for longer
<guntbert> bventura: In my experience such servers will be put into service and the "forgotten"  - so .. ^^^
<guntbert> *then
<bventura> i'm not sure what you mean by 'get' i thought they all were free?
<bventura> 'get upgrades' *
<guntbert> !eol | bventura
<ubottu> bventura: End-Of-Life is the time when security updates for an Ubuntu release stop. See https://wiki.ubuntu.com/Releases
<bventura> eureka!  OK I gotcha now I get it
<bventura> so 8.04 LTS is the way to go i suppose
<JanC> if you want to run BIND for serious purposes, buying a book about BIND might be useful...
<stimble> or, perhaps run tinydns
<JanC> or at least read all the docs
<bventura> I have been chewing thru the docs on isc.org
<JanC> stimble: still, reading about how DNS works is very useful  ã
<stimble> or if you dont need all the bind power, i have found dnsmasq to fill most of my LAN needs
<stimble> yes, true
<bventura> i just wanted to get a 2nd pair of eyes on what I have so far
<bventura> i'm in a 1-man IT department over here ;p
<stimble> I have a fresh 6 nodes UEC cloud/cluster and am getting internal IPs of 0.0.0.2.  Anyone have hints to troubleshoot this?
<JanC> for a LAN, dnsmasq is absolutely great (it just does what you need without all the complicated stuff)
<mathiaz> stimble: internal IPs? do you refer to NC private IPs or instances IPs?
<stimble> JanC:  yeah, thats what I have found.  And it even does tftp and dns and dhcp together, which makes for a pretty nice integration, as in nice to have dhcp update your dns etc
<stimble> instance ip
<stimble> im using managed mode
<JanC> yep, I used it for that (and so do many "home routers")
<mathiaz> stimble: MANAGED-NOVLAN?
<stimble> no
<stimble> MANAGED
<mathiaz> stimble: is your network VLAN aware?
<stimble> yes
<stimble> i guess i can switch to novlan and try it again
<mathiaz> stimble: not necessarly
<mathiaz> stimble: just making sure of your configuration
<stimble> but i checked it for vlan support a while back and was pretty certain it came up positive
<mathiaz> stimble: what does euca-describe-addresses say?
<stimble> i have VNET_SUBNET="192.168.6.0"
<stimble> it lists the public_ips i have in my eucalyptus.conf
<stimble> 192.168.2.100 - 110
<stimble> 192.168.2.100 is assigned to the one running instance
<mathiaz> stimble: is there another dhcp server running on the network?
<stimble> but i cnat ping it
<stimble> yes
<mathiaz> right - is the dhcp server on the same vlan as the NC?
<stimble> well, it is plugged into the same switch
<stimble> but, i would think it should not be on the same vlan
<stimble> its a pfsense box
<mathiaz> stimble: have you checked that you have multiple VLANs and set the switch correclty?
<stimble> its an unmanaged switch
<mathiaz> stimble: if the dhcp server is on the same vlan as the UEC nodes, then there is a chance that the instances got their IP from the external dhcp server rather than the UEC dhcp server
<stimble> yeah, but then it should have been in the 192.168.2.0/24 network
<stimble> its 0.0.0.2, which just seems bonkers
<mathiaz> stimble: how did you notice that the instances had 0.0.0.2?
<stimble> euca-describe-instances
<mathiaz> stimble: could you pastebin the output of the command?
<stimble> doing that now
<mathiaz> stimble: command == euca-describe-instances
<stimble_> mathiaz: http://pastie.org/667272
<stimble_> im working from 2 machines (hence the 2 irc handles)
<Burebista> hello
<stimble> command output is at the bottom
<stimble> hello Burebista
<Burebista> i try to install a kvm server. the host server are done, but how can i install a virt machine/
<Burebista> -topic
<mathiaz> stimble: could you paste the output of: grep ^VNET /etc/eucalyptus/eucalyptus.conf
<stimble_> updated pastie
<stimble_> http://pastie.org/667272
<mathiaz> stimble_: hm - well - I don't know - sorry
<stimble_> just updated again with the full uncommented eucalyptus.conf
<stimble> when UEC installs a eucalyptus node, it never asks to create a username, password.  Anybody know how to still log into a sudo capable account on a node controller?
#ubuntu-server 2009-10-24
<uvirtbot> New bug: #459456 in mysql-dfsg-5.0 (main) "Problems on installing mysql5 from Synaptics" [Undecided,New] https://launchpad.net/bugs/459456
<clusty> i was wondering if somebody could suggets some tool to mass download all fine from a http server (disregarding apache dir showing links)
<clusty> like reordering ...
<chomwitt_> what's the shortest routr in order to manage user accounts centrally  in a server in a lan ?
<russlar> chomwitt_: besides active directory?
<russlar> chomwitt_: you can use ldap
<chomwitt_> russlar: is there a tutorial?
<russlar> chomwitt_: there's google
<chomwitt_> russlar: for ldpa
<russlar> !ldap
<ubottu> LDAP is the Lightweight Directory Access Protocol. For more information, installation instructions and getting clients to authenticate via LDAP see https://help.ubuntu.com/community/OpenLDAPServer
<chomwitt_> ok thanks!
<russlar> and there's ubottu, aparently
 * russlar petts ubottu
<chomwitt_> !ubottu
<ubottu> Hi! I'm #ubuntu-server's favorite infobot, you can search my brain yourself at http://ubottu.com/factoids.cgi - Usage info: http://wiki.ubuntu.com/UbuntuBots
<mathiaz> zul: right - may be related to NM
<mathiaz> zul: may be if the network interface is down
<zul> yeah it might
<mathiaz> zul: however mysql is supposed to bind to lo
<zul> it might be upstart as well
<mathiaz> zul: and loopback is not supposed to be handle by NM
<stimble> does ubuntu have somethign similar to kickstart?
<mathiaz> stimble: yes - there is a kickstart implementation for ubuntu - kickseed
<mathiaz> stimble: otherwise there is the preseed option
<mathiaz> stimble: https://help.ubuntu.com/9.04/installation-guide/index.html
<stimble> cool, thx mathiaz
<smackdaddy> when i load my site with apache2.. it wont display my images... any ideas?
<uvirtbot> New bug: #459530 in mysql-dfsg-5.0 (main) "It doesn't want to install. Tried manually (.deb) and through Synaptic... both failed." [Undecided,New] https://launchpad.net/bugs/459530
<arrrghhh> does anyone use mpd on their servers?
<poningru> arrrghhh, yes
<poningru> in a vm
<poningru> with data mounted through sshfs
<StrangeCharm> if i want to install karmic server, is there any benefit in downloading a dvd rather than a cd?
<jmarsden> StrangeCharm: Only if you will be installing it away from a fast Internet connection and will need packages that are on the DVD but not on the CD.
<StrangeCharm> jmarsden, so the server version can be installed from the generic dvd?
<jmarsden> No, you'd want a server DVD for that -- different kernel
<StrangeCharm> jmarsden, do you know where the server rc dvd is on the site? i'm having some trouble finding it in the directory structure.
<jmarsden> I don't even know if there is one... your question implied there was... let me look.  I use the CD iso images for server installs myself.
<StrangeCharm> jmarsden, i just don't own writable cds: only dvds. i figure that, it i'm going to use a dvd disk, i might as well give it 4.5gb of content
<jmarsden> Seems pointless downloading extra stuff you won't need to use :)  I don't see a server DVD image out there...
<jmarsden> BTW for stuff like this a few CD-RWs or DVD-RWs are nice to use, because you can re-use them when the rc is no longer useful... i.e. in a few days when the real thing comes out :)
<StrangeCharm> i would conversely suggest that, since bits are cheap, and disks are noncheap, i maximise efficiency with a dvd image
<StrangeCharm> sadly, i am not the one who controls which disks i have available, which does end up with a bunch of old leftovers, and some waste
<jmarsden> StrangeCharm: OK.  My time waiting for downloading and burning an extra 4 GB is probably worth more to me than the few cents a DVD-R costs (what are they, US$0.17 each or so?); but I recently grabbed a pack of 10 DVD-RWs just for stuff like this so even those few cents don't get spent now :)  And for testing, you can avoid optical media completely and download to hard disk and then run a test install in a virtual mac
<jmarsden> hine (using KVM or VirtualBox or whatever you prefer)... no optical media needed, very ecologically sound :) :)
<Sinkro63> Hi. Which FTP do You recommend to install?
<skuld> can any body help me get postfix working?
<skuld> I need help with postfix please.  I'm trying to use SASL authentication, I'm getting a bunch of errors in my log file....posting a snippiti....
<skuld> http://pastebin.com/f68822
<skuld> postfix configuration:  http://pastebin.com/f687e7ef4
<skuld> I'm trying to use postfix (with dovecot later for that) and mysql user database.  SASL authentication to stop open relay.
<skuld> I can send meail if I use telnet though.
<skuld> email
<foxbuntu> skuld, while I am unable to directly help, I suggest you checkout this channel: #postfix
<lamont> and generally, for bolting large things (like sasl and sql databases) onto postfix, getting it to work with postfix not-chrooted is the first step
<JanC> lamont: and AFAIK postfix is protected by AppArmor in Ubuntu, so a chroot is less important?
<lamont> JanC: apparmor is a nice security blanket.  so is a chroot.
<Noah0504> Not sure if I should talk about Karmic here, but as anyone else had trouble getting Grub 2 to install on a RAID setup?
<Noah0504> It won't do it at all.
<Noah0504> Kind of stumped.
<JanC> what sort of RAID?
<Noah0504> Well, in the past I had 4 HDDs partitioned into two.  I would mirror the first partitions and then RAID 5 the last ones... Then make the RAID 1 /boot and the RAID 5 LVM and /
<Noah0504> That would work fine in 9.04.
<Noah0504> Not so much now.
<Noah0504> Then I thought I would try just 1 RAID 5 array...
<Noah0504> No luck either.
<JanC> /boot on RAID 1 should work, as long as GRUB2 is installed on the right disk (or on all the disks)
<Noah0504> JanC: Can I hope the the installer will does this by default?
<JanC> no idea
<Noah0504> Ha.
<Noah0504> Well, I just ask because everything just seemed to work on 9.04, but can't get it figured out on 9.10.  Haha.  I can always go back, but I like newer things.
 * Noah0504 sighs.
<JanC> Noah0504: might be useful to check it instals on the right disk and/or manually install grub on all the disks
<JanC> it's not impossible that the drives are enumerated in a different order when booting from CD (or the network, or whatever)
<Noah0504> Hmm...
<JanC> also, GRUB2 should allow you to boot anyway, it has a much more extensive shell environment than GRUB1
<Noah0504> Well, it tells me the installation fails in general.
<Noah0504> So, I don't know if it is making it that far.
<JanC> if installation fails, that's something entirely different  ;)
<Noah0504> Haha.
<JanC> http://grub.enbug.org/FrontPage has most of the information about GRUB2
<Noah0504> Yeah, it's always frustrating trying to get over a new problem.  I just set up my partitions again... with the flags all set... I'm going to give it one more shot!
<Noah0504> :P
<Noah0504> If I can't figure it out now, I will just go back to 9.04 for the time being until I can mess around with it some more in a test environment.  Maybe that's part of my lesson learned.
<Noah0504> :)
<embrik> I've installed ubuntu hardy server and dhcpserver and arno-iptables-firewall. The clients get ip-addresse and can log on to nx on the server. But they can't connect to the internet. The server connects to the internet via eth0, gives away ip-addresses on eth1. Can anyone give me a hint?
<embrik> can anyone help me getting my client on the internet? I get ip from the server, the server connects to the internet with eth0
<embrik> my server is ubuntu hardy
<embrik> hmm.. are you all busy or am I alone in here? Is it too early maybe? Should I be back in some hours?
<embrik> can anyone explain to me what this message in syslog means: Connection attempt (PRIV): IN=eth0 OUT= MAC= SRC=89.11.135.7 DST=89.11.135.255
<Noah0504> JanC: Still there?
<JanC> Noah0504: sometimes  ;)
<Noah0504> So, I am still having problems.  The installer will not install GRUB on /dev/md0, which is my RAID1.
<Noah0504> And when just trying to install it on sda2 (the actual partition), it fails as well.
<skuld> Does anybody in here have experiance with Postfix?
<embrik> can anyone help me getting my clients on the internet? The server (ubuntu hardy) is set up as a dhcp-server and gives out ip on eth1. It connects to the internet on eth0.
<Noah0504> Bah!  I finally got it.
<embrik> Or show me a howto - I've been googling some time now, ,and can't figure out what I am doing wrong. The client can't ping anything else than the server
<blue-frog> embrik: is the dhcp server giving the gateway?
<embrik> blue-frog, I'm not sure. I haven't anything about the gateway in dhcpd.conf. How should it give away the gateway?
<blue-frog> embrik: option routers
<embrik> blue-frog, option routers 192.168.1.1
<blue-frog> if it is your gateway to the world yes.  Missing ; at the en dthough...
<embrik> blue-frog, but what is my gateway? eth0 (the dhcp-nic LAN is 192.168.1.5) Eth0 to the internet gets ip from my ISP
<embrik> sorry first eth1 and then eth0
<embrik> eth1 is 192.168.1.5
<blue-frog> embrik: on your server    netstat -rn
<blue-frog> embrik: in your config i wouls say 1.5 is the gateway
<embrik> blue-frog, how can I show you output from netstat -rn?
<blue-frog> pastebin.com
<embrik> blue-frog, http://pastebin.com/d7ec0f1a5
<embrik> blue-frog
<blue-frog> option routers 192.168.1.5;     restart dhcpd and try
<embrik> blue-frog, ok
<embrik> blue-frog, error when I try to restart dhcp-server. Here-s output fron netstat on client: http://pastebin.com/m74a1c51a
<|preTnLvr4f|> is there a way I can see what services are running (I just rebooted my server and want some confirmations)
<blue-frog> pretn ps -ef
<blue-frog> embrik: still fighting with dhcp?
<embrik> some application is writing to my resol.conf. could it be networmamager?
<embrik> is it safe to remove networkmanager on my ubuntu server. I have set up my nics in network/inerfaces
<blue-frog> embrik: from a client can you ping your server eth0?
<embrik> blue-frog, yes
<blue-frog> ok can you ping from a client 4.2.2.2
<embrik> blue-frog, Well, yes - There is a problem in resolv.conf I think. New lines are added without me doing it
<embrik> blue-frog, but yes I can ping external ip from the client - but not hostnames
<blue-frog> embrik: so when you were saying you can't ping anything on the internet you were trying to say you were not resolving anything in fact
<blue-frog> should you have started with that it would have speed up the processe...
<embrik> blue-frog, no, when I said that I couldn't ping anything I couldn't
<blue-frog> ok
<blue-frog> what's the resolv.conf of your client?
<embrik> it has got the wrong (old) ip adresses for the dns. I don't know why. Whenj I fill in the rioght ones everything works for a while
<blue-frog> dhcpd.conf      option domain-name-servers
<embrik> ok
<embrik> the line domain-name-servers is commented out
<embrik> should that refer to the dns server fro my isp?
<blue-frog> you have another dns server?
<embrik> no
<blue-frog> so?
<embrik> blue-frog, there are two addresses. Can I write them like this? option domain-name-servers 217.13.4.21 217.13.7.136;
<blue-frog> 217.13.4.21, 217.13.7.136;
<embrik> ok
<blue-frog> one dns is enough anyway
<embrik> ok, what about ntp-servers and netbios-name-servers and netbios-node-type? Shal I just ignore them? I don't know what they do.
<embrik> blue-frog, thanks a lot. I know how it is to give support to someone who doesn't understand more than half of it. I do it everyday at work. I really appreciate it.
#ubuntu-server 2009-10-25
<uvirtbot> New bug: #311316 in lm-sensors (main) "Wrong readings of sensors" [Low,Invalid] https://launchpad.net/bugs/311316
<Noah0504> I'm having a little trouble figuring out the right way to assign a group to a share in samba
<Noah0504> .
<uvirtbot> New bug: #459771 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 [modified: usr/share/mysql/errmsg.txt] failed to install/upgrade: subprocess post-installation script killed by signal (Interrupt)" [Medium,Incomplete] https://launchpad.net/bugs/459771
<qman__> Noah0504, depends on what precisely you mean by assign a group
<qman__> do you mean you want to grant a group access, or that you want to require all new files to belong to a given group
<qman__> in this example, all the users in the group 'smbusers' have access to the files in the share, and all new files are created belonging to the group smbusers   http://pastebin.com/m2797cc13
<qman__> the filesystem permissions grant access, the 'force group' causes new files to be created with the right group owner
<Noah0504> qman__: Well, I have a work around right now, but I was just trying to get only the users of a group be able to access a share, and give them group permissions to rwx...
<Noah0504> But, when I added myself to a group and changed the permissions on the system...
<Noah0504> Nothing!
<Noah0504> Ha.
<qman__> well, if you need to restrict within samba instead of filesystem permissions, 'valid users = @group' should work
<qman__> where 'group' is your desired local system group
<qman__> though I have not tested it myself
<NineTeen67Comet> I've got a network question; not sure if this is the forum for it, but since I run Ubuntu galore thought it'd work. I've got a network that I'm trying to get synced all around. An image of it can be seen at http://picasaweb.google.com/67comet/TechnicalCrap#5396332539025922882 .. I would like all devices to see/talk to one another, right now they can only see one another on the same router. Help?
<qman__> NineTeen67Comet, define "see"
<NineTeen67Comet> I had all devices (routers and otherwise) daisy chained from one port on my ISP's router. SLOW as heck, so I pulled it apart, put a router to each port on the ISPs ADSL router and it's much better, but seperate (all have 192.168.15.* IP addresses) ..
<NineTeen67Comet> See as in ssh to one another, file/print share etc ..
<qman__> you can't do that unless you put the routers into routing mode, instead of gateway mode
<qman__> most home routers use what's called NAT overloading, or masquerading, and as such you can't directly connect to any machines behind them unless port forwarding is configured
<qman__> you want them to act as normal routers with separate networks
<qman__> dd-wrt can do this, not sure about the others
<NineTeen67Comet> qman__: Do you know the terminology I could google it? I'd like it to all be the same node (assuming 192.168.15.---) is the same node ..
<qman__> you can't do that either
<qman__> behind each router, you will need to use a different network
<NineTeen67Comet> qman__: I've got DD-WRT on one router, and Tomato on the other. Tomato seems to be a little faster is all .. but I like both.
<qman__> for example, on one router, 192.168.1.x, another, 192.168.2.x, etc...
<qman__> if you want to run all 192.168.15.x, you need switches, not routers
<NineTeen67Comet> qman__: aha .. I assigned them 50 address blocks 100-150, 151-200 etc ..
<qman__> in order to route, you need two different networks
<qman__> 192.168.15.x is one network
<NineTeen67Comet> So if I give them all seperate nodes (192.1168.1/2/3 etc) .. would that help in gaining ssh access to them all?
<qman__> you could subnet but that's complicated and unnecesary
<qman__> that's one step that's needed
<NineTeen67Comet> The WAN side of the routers are all 192.168.1.() ..
<qman__> the other step is changing the routers from NAT overloading to just routing
<qman__> dd-wrt can do that
<qman__> tomato probably can
<NineTeen67Comet> qman__: Pretty sure (gotta go google routing though) ..
<NineTeen67Comet> The Vonage router isn't a big deal if it doesn't work like this. I can just use the ports on the WRT54G (v6 with DD-WRT micro)
<qman__> of course, all this routing would be unnecessary if you just had one big switch
<NineTeen67Comet> lol
<NineTeen67Comet> yeah tell me about i
<NineTeen67Comet> it
<NineTeen67Comet> I've e-bayed switches and they are all so expencive ..
<NineTeen67Comet> I would need managed switch right?
<qman__> no
<NineTeen67Comet> and can I still use all the ports on the ADSL router? I hate to push 17 devices through one port on the router (physical port)
<qman__> just a switch
<qman__> yes
<qman__> though, that's also pointless
<NineTeen67Comet> I've got an 8 port hub, but when I run it things are really slow
<qman__> you only need one port on the ADSL router
<qman__> think of it this way
<qman__> your internet connection is what, 10mb/s more or less
<qman__> ethernet is 100mb/s
<qman__> gigabit ethernet is 1000mb/s
<NineTeen67Comet> yeah, less .. Verizon (in Japan) sucks.
<qman__> if you put everything on one big switch behind the DSL router, only internet-bound traffic will go through that 100mb/s port
<qman__> which is far more than what your internet connection can sustain
<NineTeen67Comet> Do you have a suggestion on what kind of switch to hunt down? Let alone, I've never used one (just hubs and routers) ..
<qman__> any will do, really
<qman__> I have a 24-port netgear I like
<qman__> you don't need a managed switch
<NineTeen67Comet> This one I had a friend order .. he seems to like it .. http://www.tplink.com/products/product_des.asp?id=59
<NineTeen67Comet> I'll do some e-bay'in then .. if I can keep it under $100 that'd be a bonus ..
<qman__> overkill
<qman__> that's a managed switch
<qman__> you don't need that
<NineTeen67Comet> K .. I'll so some more searching ..
<NineTeen67Comet> I like running static IP addresses when I can too .. that's why I was searching for a managed switch ..
<qman__> something like this is more than enough   http://www.newegg.com/Product/Product.aspx?Item=N82E16817111031
<qman__> that's irrelevant to the switch
<NineTeen67Comet> qman__: thanks for this help .. I really appreciate it ..
<qman__> a switch is like a hub, in regard to management
<qman__> but it's better than a hub in every way
<NineTeen67Comet> My servers are all Ubuntu-Server (well, two of the really old Cyrix processored boxes are just Debian)
<qman__> you just plug things into it and ignore it
<NineTeen67Comet> Doesn't a switch at least keep traffic orginized a little? I know a hub is basically a line splitter ..
<qman__> unless you have a really large or compelx setup, a managed switch is completely unnecessary
<qman__> yesw
<qman__> a switch keeps track of MAC addresses
<qman__> and sends packets where it knows they need to go
<qman__> it's all automatic, behind the scenes
<qman__> and reduces line noise
<NineTeen67Comet> that's better .. I'll keep looking .. I see a lot of people saying "Switch HUB" . aka: http://cgi.ebay.com/D-LINK-DFE-2624-NETWORK-switch-Hub-24-ports_W0QQitemZ250515930961QQcmdZViewItemQQptZCOMP_EN_Hubs?hash=item3a53e9bf51
<NineTeen67Comet> Do they just not know what they are talking about? Or are there hubs they "call" a switch ?
<grim76> NineTeen67Comet, look for something like this.  http://www.newegg.com/Product/Product.aspx?Item=N82E16833129010
<grim76> If you need that many ports that is.
<qman__> that's a hub
<qman__> you don't want a hub
<NineTeen67Comet> grim76: yes I need ports .. lol
<qman__> regarding the ebay listing
<NineTeen67Comet> I've got a server room with around 10 server/computers running it it, and I run cat6 through my walls to my computer and my mythbuntu box and what ever box I'm working on ..
<qman__> usually, they put "switch hub" in the listing because either will work in many situations, but switches are always better
<NineTeen67Comet> qman__: that's wat I've been worried about .
<qman__> with hubs you have to worry about collisions
<NineTeen67Comet> grim76: thanks for the link .. I'll search for similar items ..
<NineTeen67Comet> qman__: I notice with the cheap little 8 port hub I've already got anything hooked to it (that carries much data like my movie server, file server and workstation) get really slow if I use all three at once ..
<grim76> NineTeen67Comet, no problem.
<NineTeen67Comet> can't wait to button up my degree so I can go learn more networking stuff. My home network has reached the point it's getting bigger than a small businesses .. lol and my kids want more computers so its only going to get bigger.
<grim76> Think of your hub as you are trying to shove 8 lanes of traffic down a two lane road.  A switch is like the highway where you can have all the lanes flowing and working at the same time.
<NineTeen67Comet> grim76: exactly how I think of it . That's why I've been pulling my hair out trying to get all my Linksys routers to play nice with each other ..
<NineTeen67Comet> the hub was just clogging up everything (movies wouldn't even stream through it with out a sputter)
<grim76> Understood...your setup is just way more complicated than it needs to be as qman__ pointed out.
<qman__> yeah
<qman__> one big switch behind your DSL router will do
<qman__> then put your wireless and vonage behind that switch
<qman__> but plug all the computers into the switch
<NineTeen67Comet> Not a broblem . I can sell one of my Linksys routers and just have the Vonage and Wireless routers plugged in .. all other devices will come strait off the switch ..
<qman__> home routers are actually a misnomer
<NineTeen67Comet> We're thinking of tossing Vonage too .. so that'll be gone (I'm trying to get MagicJack working in Linux .. Once I get that .. POOF no more Vonage ..
<qman__> since they have a router, a switch, and usually a wireless access point all in one device
<qman__> and are configured in a NAT overloading setup by default, instead of a routing setup
<NineTeen67Comet> qman__: I know they are pretty powerful little deals for the price .. DD-WRT and Tomato make them awesome once you figure them out ..
 * NineTeen67Comet still trying to figure out all the bells and whistles
<NineTeen67Comet> Thanks again guys .. I'm going to go hit up Amazon, Tigerdirect, Newegg and ebay for a switch .. the sooner I get one going the sooner I can kick my mythboxes back on ..
<NineTeen67Comet> awesome good help .. if you are ever in Japan I'll buy the first round .. :)
<skuld> Any postfix/sasl experts in here tonight?
<KurtKraut> skuld, if anyone appears, I suggest you to post your question in ubuntuforums.org
<KurtKraut> *if no one
<skuld> postconf -n [http://pastebin.com/f5294863e]
<skuld> okay.
<skuld> I've got postfix working (at least when I telnet) but I don't think I've got the authentication quite right.  I've got some errors in my log....
<skuld> mail log snippit:  [http://pastebin.com/f5b76146a]
<skuld> looks like a problem with /usr/lib/smtpd.  I looked it up, the file exists, I'm just not sure where *it* is expecting it to be.
<ScottK> skuld: You broke postfix somehow.  Pastbin the output of postconf -n
<skuld> postconf -n [http://pastebin.com/f5294863e]
<skuld> in the mail.err log, I see over and over again:  "postfix/smtpd[#####]: fatal: open lock file pid/inet.smtp: cannot create file exclusively: No such file or directory.
<pmatulis> chroot issue?
<ScottK> Have patience.  My system is very slow because I'm test building several packages at once right now.
<skuld> in mail.warn I see over and over:  postfix/master[######]: warning: master_wakeup_timer_event: service qmgr (public/qmgr): No such file or directory.
<ScottK> pmatulis: Not typically
<skuld> it's cool, I'm still trying to figure out where the "arrow" ispointing to LOL
<ScottK> OK, well that looked normal.
<skuld> I have my system configured (supposedly) for postfix, dovecot using a mysql backend for virtual mailboxes/domains
<ScottK> what's in master.cf?
<skuld> I think something with saslauthd...or smtpd...whatever that is is misconfigured somewhere, but I really have no clue where to look
<skuld> hold on....
<ScottK> Just pastebin the whole file
<skuld> master.cf [http://pastebin.com/f2d5fba03]
<skuld> the only things I changed in that was the very first smtp line.  chroot now = 'n', before it was '-' and the very last line, I added (dovecot)
<pmatulis> skuld: how much space is available for the /var directory?
<skuld> df -h [http://pastebin.com/f792acee9]
<skuld> it's not on a seperate partition, I have lots of room, somewhere between 0% and 1% are in use
<ScottK> skuld: I suspect you have postfix partly chrooted and partly not chrroted.
<skuld> ok
<ScottK> What happens if you change all the chroot '-' to 'n' then stop and start postfix
<skuld> trying now
<skuld> now I see [in mail.log] postfix/master [#####} fatal: open lock file /var/lib/postfix/master.lock: unable to set exclusive lock: Resource temporaily unavaiable
<skuld> [mail.err] fatal:  open /etc/postfix/my_domains_maps.cf: no such file or directory.
<skuld> but I know that file is there
<skuld> oh, wait...disregard that...I wasn't at the bottom of the log
<skuld> no change in the mail.err file
<skuld> still blowing up on pid/inet.smtp.....
<pmatulis> skuld: there may be some errant process(es) running.  kill all postfix-related processes and then start freshly
<skuld> that I know of it would be postfix, dovecot, saslauthd.......right?  is there anyway to check?
<pmatulis> skuld: reboot the server if you're not sure
<skuld> okay, hold on....
<skuld_> okay, now when I try to send a message, I get:  postfix/smtpd[######] warning: SASL authentication problem: unknown password verifier
<skuld_> warning: SASL LOGIN authentication failed:  no mechanism available
<skuld_> lost connection after AUTH
<pmatulis> skuld: how did you configure smtpd.conf?
<skuld_> the only line in that file is pwcheck_method: pam
<skuld_> it's located: /var/postfix/sasl/smtpd.conf
<skuld_> not var /etc
<pmatulis> skuld: well it looks to me like you just need to configure SASL properly
<pmatulis> skuld: what documentation are you following?
<skuld_> let me pull it up....
<skuld_> http://enc.com.au/myscripts/postfixmysql.html
<pmatulis> skuld_: well i've never used the sasl/pam/mysql combo.  the problem is in that chain somewhere
<pmatulis> skuld: check pam-related log messages, maybe increase pam logging.  is pam even being invoked?
<skuld> how do I check if pam is being invoked?
<pmatulis> logs
<skuld> I don't see anything in /var/logs for pam or pam.d
<skuld> syslog maybe?
<pmatulis> /var/log/auth.log
<skuld> ah, okay
<skuld> I see saslauthd[####]: ipc_init
<skuld> dbus-daemon: rejected send message, 4 matched rules; type="error, sender=":1.10" (uid=0 pid=4163 comm="/sbin/wap_supplicant -u -f /var/log/wpa_supplicant") interface="(unser)" member="(unser)" error name=fi.epitest.hostap.WPASupplicant.InvalidInterface" requested_reply=0 desitnation=":1.9" (uid="0" pid=4149 comm="/usr/sbin/NetworkManager --pi-file /var/run/Netwo"))
<skuld> I guess that means that pam is being invoked?
<pmatulis> skuld: not at all
<pmatulis> skuld: also, you're not using saslauthd for authentication.  you're using PAM
<skuld> okay...I'm confused. LOL
<skuld> I need to use pam becuase postfix can't authenticate against mysql directly...so I've read
<pmatulis> skuld: correct
<pmatulis> skuld: at this point you just need to take the time to read the docs, one how-to is often not enough to understand what's going on
<skuld> okay, well i guess I need a good document on postfix and authentication...in this case PAM I guess?
<pmatulis> skuld: actually, i just learned that saslauthd can authenticate against pam, so that's another option for you
<pmatulis> sasl/saslauthd/pam/mysql
<skuld> so It'd go something like postfix -> saslauthd -> pam -> mysql ?
<pmatulis> skuld: more like i wrote before your last comment
<pmatulis> skuld: start by reading http://www.postfix.org/SASL_README.html, then google for "sasl pam mysql"
<pmatulis> skuld: good luck, need to jet
<skuld> thanks
<skuld> is there any way to tell if I have cyrus already installed?
<skuld> I guess I do becuase I have saslauthd LOL
<uvirtbot> New bug: #460183 in postfix (main) "Postfix package errors during Ubuntu 9.10 upgrade" [Undecided,New] https://launchpad.net/bugs/460183
<kosmic> this isnt the place to ask about dedicated packages
<kosmic> is it
<qman__> dedicated packages?
<jmarsden> "My package is so dedicated, it runs 24/7 ?" Or maybe "This package is dedicated to my beloved mother...." ??
<jmarsden> kosmic: Do you mean native packages?  Or something else?
<kosmic> oh no
<kosmic> i mean dedicated servers
<kosmic> found a place selling a decent dedicated for $40  a month
<kosmic> but the silly site requires i have a domain registration
<kosmic> or register a domain with them
<kosmic> doesnt make sense to me ;)
<jmarsden> If it doesn't make sense, don't do business with that company :)  If it looks too good to be true, it probably *is*.  BTW, this doesn't seem to be Ubuntu server related.
<kosmic> yes yes
<kosmic> cant think of another place to ask this question ;)
<SuspectZero> hey there, when ever i ssh into my ubuntu server, i get a long like automated message
<SuspectZero> anyway i can get rid of it or edit it to my needs?
<SuspectZero> the msg has the info uname -a spits out as well as a long message about ubuntu and software included being free and what not
<maswan> SuspectZero: check out /etc/update-motd.d/ maybe?
<kosmic> i saw a movie called suspect zero
<SuspectZero> kosmic, yep :D good movie
<kosmic> haha thought so <;)
<SuspectZero> maswan, ah found it. its /etc/motd
<jmarsden> SuspectZero: Yes, but that is being created by the scripts in /etc/update-motd.d/ where maswan told you to look... so unless you deal with those scripts, any changes you make to /etc/motd itself are likely to be overwritten by the scripts...
<SuspectZero> aaahh i see
<SuspectZero> missed that
<SuspectZero> awesome thanks
<jmarsden> SuspectZero: man motd.tail     should also help you understand how this stuff works
<SuspectZero> jmarsden, im getting rid of it
<SuspectZero> i dont need motd at all
<SuspectZero> :P
<reklama> http://action.metaffiliation.com/suivi.php?mclic=S42665516A5D131
<simplexio> does anyone have idea howto tell my box that it should not take 2002: ipv6 address at all
<uvirtbot> New bug: #460234 in image-store-proxy (main) "Image story's logrotate config triggers an email every day" [Low,New] https://launchpad.net/bugs/460234
<uvirtbot> New bug: #460256 in samba (universe) "when creating share through nautilus, i cant access it until i run smbpasswd" [Undecided,New] https://launchpad.net/bugs/460256
<mobi-sheep> Hi -- What is the easiest way to add commands/scripts in the startup? I recently added something in /etc/rc.local -- but I don't want it to run as root -- but rather as my username.  Suggestion?
<uvirtbot> New bug: #458542 in euca2ools (main) "euca-bundle-vol creates unuseable image?" [Undecided,New] https://launchpad.net/bugs/458542
<Fenix> Are DNS servers depolyed only to companys who have web sites
<RoyK> huh?
<RoyK> http://en.wikipedia.org/wiki/Domain_name_system
<RoyK> read up about it
<bogdanbiv> fahadsadah: Hello!
<fahadsadah> bogdanbiv: Ohai!
<bogdanbiv> I saw you entered the channel just after me! :)
<fahadsadah> I'm in here 24/7
<fahadsadah> But infinity died.
<fahadsadah> Taking my znc with it.
<txomon> hello does anyone know how to make a vpn IN home to connect from anywhere?
<txomon> hello does anyone know how to make a vpn IN home to connect from anywhere?
<bogdanbiv> Guys and gals, how can I upgrade my server to Karmic?
<bogdanbiv> I ran sudo apt-get dist-upgrade, but after it upgraded my packages to the latest version, nothing happened. I still have Jaunty!
<monostone> i'm thinking of moving apache, mysql, to be supervised by daemontools, is this a viable idea? Any cons?
<soren> monostone: Why?
<monostone> soren, what do you mean why? I want to have those services supervised and autostart if they fall
<soren> monostone: I mean why would you want to? Are they crashing for you?
<MK13> i am having trouble accessing the ubuntu server on my lan. I recently set it up with a static ip and can ping from my laptop to it and vise versa but cannot access it through ssh or the browser as a webserver. Any ideas?
<monostone> soren, no, but sometimes they do, due to diverse reasons, and I'm not going to be available to restart them, so I need a method to do that automatically, u have qmail running under daemontools, and i love the way it handles the services, clean, organized, I would love to put all daemon processes under daemontools if possible
<soren> monostone: You really should be spending your time getting those crashes fixed.
<soren> It's not unlikely that data is lost during those crashes.
<monostone> soren, that is only one of the reasons, and the crashes are random, usually due to me having a not very good server machine handling ALOT of traffic, and once or twice every month the mysql or apache process gets blocked
<soren> bogdanbiv: There's a command called "do-release-upgrade". That's the one you want.
<monostone> soren,  my question was if any daemon process can be handled by daemontools though, not 'why does my apache or mysql crash'
<soren> bogdanbiv: It may need an extra option to upgrade to a development version (Karmic isn't released for another few days, so is still considered a development rlease).
<soren> monostone: I know what you asked. I'm just trying to save you from trouble.
<bogdanbiv> soren: Oh, ok. I'll try it and come back with the results.
<soren> monostone: But of course you can manage whatever you want with daemontools.
<soren> monostone: Doing so just isn't the supported way of running apache nor mysql under Ubuntu.
<soren> monostone: And it's a horrible, horrible way to deal with crashes.
<monostone> soren, ok, my worry was precisely that, if it was ill advised to use daemontools for anything else except qmail, djbdns, tiny-dns,etc
<MK13> monostone, http://ubuntuforums.org/showthread.php?t=352546 ?
<bogdanbiv> soren: Oh, 4 more days before Karmic is released.
<monostone> soren, not so horrible, why would qmail run supervised then?
<soren> monostone: No clue.
<bogdanbiv> I thought that it's launching sooner.
<soren> monostone: Dealing with crashes by wrapping stuff in an "whlie true; do run service; done" loop is a bad, bad, bad, horrible idea.
<soren> You should spend time fixing the crashes instead.
<soren> I do think MySQL already does something like this, though, just more elegantly.
<soren> Yeah, that's part of what mysqld_safe does.
<soren> bogdanbiv: The expected date has not changed since it was first announced back in March.
<monostone> soren, I understand what you're saying, and a constant crashing process needs to be revised in detail. But my case isn't a constantly crashing daemon, only very randomly, in fact for a 1 year, 2 month, 3 day uptime, apache has crashed, 4 times, and mysql blocked or became unresponsive 6, and mainly due probably to me running migration scripts which took system usage to over 7.5
<soren> bogdanbiv: My mistake. The date was set in February. And hasn't changed since then.
<MK13> any ideas why i can't access my server on lan with ssh but can ping to it?
<Googa> Hi
<Googa> how can i test out dns server in practice without registering a real domain name
<MK13> set up a dns server on your lan and configure your other computers to use that as a dns server
<Googa> for resolving?
<Googa> what for MK13
<Googa> would the clients use it for sending queries?
<guntbert> Googa: for starters I suggest you use 2 virtual machines  - so no harm should be done
<Googa> on same computer
<guntbert> Googa: I said that because it sounds as if you have no idea about nameservers - so play in a "sandbox" to get a feeling
<Googa> but i do
<Googa> Im just missing pieces of the puzzle
<guntbert> Googa: sorry, then I misunderstood your questions - maybe you should be more specific as to what pieces are missing :)
<Googa> IÂ´ve been reading all day about how to set a server for a domain, but i cant figure out some things about domains, where you use them etc.
<Googa> So if i have 20 computers(small buisness), why would i want to put up a dns server for them or would i
<Googa> ?
<skuld> how can I tell if my dovecot is working?
<phaidros> re
<phaidros> cups seems broken for me in karmic
<phaidros> anyone familiar with the changes regarding hal in karmic?
<phaidros> until jaunty was the hal backend for cups in hal-cups-utils
<phaidros> http://packages.ubuntu.com/search?suite=jaunty&arch=any&searchon=contents&keywords=%2Fusr%2Flib%2Fcups%2Fbackend%2Fhal
<phaidros> gone in karmic :(
<phaidros> trying to install that package from jaunty dpkg tells me that: "system-config-printer-udev conflicts with hal-cups-utils (<< 1.1.10)"
<phaidros> so, now, who tells me how I get my printer running without the hal backend then?
<phaidros> :)
<uvirtbot> New bug: #460528 in samba (main) "package samba-common 2:3.3.2-1ubuntu3.2 failed to install/upgrade: Unterprozess post-installation script gab den Fehlerwert 10 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/460528
<Jayde> anyone out there using an ubuntu-server ECU image as a domU (guest) on a Xen system?
<StrangeCharm> i'm trying to install the karmic rc. during the 'detect disks' stage, it prompts me whether to activate SATA RAID devices, but - either way - they are not visible in the partitioner. how can i make the disks attached to the SATA 'RAID' device on my mobo show up in the partitioner?
<skuld> does anybody know the command that I can use to see what the name of a group is that belongs to a GID?
<guntbert> skuld: getent group <gid>
<skuld> cool, thanks1
<guntbert> skuld: you're welcome :-)
<phaidros> Jayde: I use ubuntu-server as XEN image, but I have no clue what the ECU image is o.O
<StrangeCharm> phaidros, i think ecu is for certain server farm environments
<phaidros> k
<Bilge> If I manually compile a program that is dynamically linked to a bunch of libraries installed using the package manager, will updates to those libraries be available in my program immediately or will I still need to recompile?
<StrangeCharm> Bilge, depends whether they're compile-time dependancies, or runtime ones
<Bilge> Compile-time
<Bilge> Or so I would assume given that the configure script needs to find them for them to be enabled
<StrangeCharm> Bilge, you'll need to recompile compile-time dependancies
<Bilge> I thought as much
<Bilge> So the only benefit of choosing dynamic over static is going to be smaller binaries, right?
<zash> What would be the optimal swap settings for a web+mail+xmpp server with 128+64M RAM?
<guntbert> Bilge: no - the main benefit is that in a running system there need be only one copy of the module - instead of one for every program using it
<Bilge> But that's not a benefit
<Bilge> That's just an explanation of the difference
<guntbert> Bilge: I'd say thats a benefit for the system - think about memory usage
<Bilge> Reducing memory usage is a benefit
<Bilge> Reducing disk usage is a benefit
<Bilge> "there need be only one copy of the module" is not a benefit
<Bilge> And sadly, being able to autoamtically take advantage of library updates is also not a benefit, as it turns out
<guntbert> Bilge: I don't want to argue, but suppose there are 100 programs running on your system, all using the same library - that certainly makes a difference
<genii> Is there a way to prevent or invalidate "unset HISTFILE" ?
<guntbert> genii: a guess. look into .bashrc or .bash_profile
<genii> guntbert: I want to prevent either: user from setting that value in their .bashrc     or sneakier: make it not work when they do
<guntbert> genii: should not be  possible!
<guntbert> genii: admins don't spy on their users :)
<genii> guntbert: admins DO spy on compromised account bash history, however
<guntbert> genii: that'd be a forensics task - not really my field of expertise :)
<Bilge> guntbert: I'm guessing English isn't your first language because you're completely missing my point
<guntbert> Bilge: right you are
<Bilge> Perhaps you don't know the definition of benefit
<qman__> Bilge, English is my first language, and I agree with guntbert
<qman__> reducing the number of copies is in and of itself a benefit
<guntbert> Bilge: never mind - its off topic anyway
<Bilge> qman__: no, you only understand that reducing the number of copies is beneficial because you understand the benefits associated with reducing the number of copies implicitly. But that doesn't mean that reducing the number of copies is itself a benefit. To someone who does not understand what the benefit of reducing the number of copies is, it would not appear beneficial at all
<qman__> appearances can be deceiving
<alkisg> I'd like to be able to let my users change their own real names. Any existing way to do that, other than writing my own wrapper around usermod and making it suid root?
 * genii considers making bash execute for instance with something like bash --rcfile /somewhere-not-user-writeable/immutable-bashrc    to prevent .bash_history from not being written when user does "unset HISTFILE"
<genii> But I'm wondering if it pulls in for instance what order of /etc/bash.bashrc ~/.bashrc and /somewhere-not-user-writeable/immutable-bashrc  and if it stops when the first one is found or keeps going and does all of them, if so in what order since if ~/.bashrc is last the "unset" still works
<guntbert> genii: wouldn't help - an intruder can easily bring his own bash or use a completely different shell
<simplexio> dosent bash ctrl+r reverse-search depend from historyfile ?
 * genii sips and thinks
<uvirtbot> New bug: #460581 in bind9 (main) "[Karmic] host lookup error" [Undecided,New] https://launchpad.net/bugs/460581
<skuld> what in this mess [http://pastebin.com/f5b57a14e] tells me that port 110 is open?  it's supposed to be
<skuld> 110 *is* pop3....right?
<guntbert> skuld: yes - #
<guntbert> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
<skuld> okay, I'm confused.  why then is a port scan showing that it's closed?
<guntbert> skuld: a port scan from where? inside your network or outside?
<skuld> and I guess dovecot is messed up somewhere...not listening to pop3.... [http://pastebin.com/f46f2e379] is my lsof -i
<skuld> using one of those web port scans
<skuld> https://www.grc.com/x/ne.dll?rh1dkyd2 (port scan I used)
<guntbert> skuld: you are behind a router?
<skuld> linux is my router
<guntbert> skuld: they don't show the results to anyone :) but by default dovecot only listens on imap
<skuld> but I've got 'protocols = imap imaps pop3 pop3s' defined in dovecot.conf
<skuld> this is my dovecot -n listing:  [http://pastebin.com/f50bc6e00]
<guntbert> skuld: may I try a pop3 connection to your host?
<skuld> yes
<guntbert> skuld: I really get connection refused
<guntbert> skuld: sorry, I have to leave for some time
<skuld> I'm stumped.  I've got that port open in my firewall, yet dovecot doesn't seem to be listening to it
<skuld> it's okay, thanks.  I'll keep plugging at it
<skuld> at least I *finally* got my postfix working LOL
<guntbert> skuld: one last thought - can you tell dovecot on which interfaces to listen?
<skuld> I'm not sure...what should I check?
<ninjah> I'm running ubuntu 8.04 on a virtual server over on Amazons cloud. If I run "apt-get -y dist-upgrade" will that upgrade to another version of ubuntu?
<ninjah> I hope not...
<soren> ninjah: No.
<ninjah> soren: Cool! I just need to upgrade the package "tzdata"
<ninjah> soren: I normally use "apt-get upgrade". Is there a difference between the two? Which one should I use?
<soren> ninjah: they are mostly the same.
<soren> ninjah: dist-upgrade allows new packages to be pulled in. upgrade does not.
<ninjah> soren: Thanks! I'll use "apt-get -y dist-upgrade"
<soren> ninjah: This happens if another package being upgraded has a dependency added.
<ninjah> soren: I see... so if a dependency needs to be upgraded "apt-get upgrade" won't work.
<zul> hey soren
<JanC> that should never happen after release
<soren> JanC: Well, it does, occasionally.
<soren> The openssl vulnerabality last year did, for instance.
<soren> openssh-server suddenly had a dependency on the ssl blacklist package.
<soren> (or whatever it was called)
<soren> It's reasonably rare, though.
<JanC> oh right, but it's very very uncommon, and that was an extreme case  ;)
<guntbert> skuld: you still around?
<soren> zul: Oh, hey :)
<alkisg> I want to be able to use passwordless ssh to connect to my student accounts in remote machines. So I do `ssh-copy-id student@remote-pc`, no problem there.
<alkisg> But I also want the students to be unable to delete their ~/.ssh directories, because that would prevent me from remotely executing commands on their accounts. How would I do that, while allowing ssh to work?
<qman__> alkisg, I suppose you could make the relevant files immutable
<alkisg> qman__: right, thanks!!! chattr, I always forget about it...
<skuld> is there a way to get a list of all my users (except like system users and daemons...)?
<guntbert> skuld: getent passwd
<guntbert> skuld: did that dovecot problem work out for you?
<skuld> yes.
<skuld> I had a postfix-dovecot.conf file messing everything up
<skuld> go figure
<skuld> BUT...I did find an awesome tutuoral for postfix, dovecot,with mysql
<skuld> howto: [http://workaround.org/articles/ispmail-etch/]
<skuld> ugh...what's the command to 'untar' a file to a directory named after itself?  i know I've seen it a million times but now I can't find it
<guntbert> skuld: normally tar archives are "self contained", so tar xzf achive.tgz should work
<skuld> that was it! thanks
<guntbert> skuld: you're welcome :-)
<genii> Is there a way to make something like: script -c bash -q      *not* echo the command "exit" ?
<blue-frog> skuld: awk 'BEGIN{FS=":"} {if ($3 >= 1000) print $1}' /etc/passwd
<Nafallo> hmm. found a bug in apache2's initscript.
<Nafallo> nice! :-/
<skuld> thanks!!
<aubre> o/
<Nafallo> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/460692
<uvirtbot> Launchpad bug 460692 in apache2 "Missing dependency for apache2 init script" [Undecided,New]
<banderon> hi, can anyone here tell a linux newb hot to stop ubuntu server from trying to decrypt the encrypted partitions on boot?
#ubuntu-server 2010-10-25
<patdk-lap> setting up an outgoing email server is much much harder
<nagchampa> that's not what i want it to do
<patdk-lap> email relay?
<nagchampa> yes
<nagchampa> but filtering
<patdk-lap> accept email from users and set to other email servers
<nagchampa> also handle th eincoming mail, but have it forward to the primary mail server afterwards
<nagchampa> we've got an exchange 2010 server which it should forward incoming mail to
<patdk-lap> hmm, looks like that example, has it filter all email
<patdk-lap> no matter where it goes
<nagchampa> that's what i want
<patdk-lap> in my setups I only have it filter incoming email to me, and virus scan all email
<patdk-lap> looks pretty straight forward to me
<nagchampa> that's great, not to me
<patdk-lap> well, email has been nothing but more and more complex every few years
<patdk-lap> due to different ways of protecting from virus and spam
<nagchampa> the postfix guide details a single type of setup, but doesn't explain much about what other setups are possible
<patdk-lap> I don't see anything in there about other things for outgoing email, like spf, dkim, hostnames, dns entries
<nagchampa> spf and dkim are hanled in the mail filtering guide
<k5673> nagchampa: Look at this http://beginlinux.com/server_training/mail-server/1044-postfix-mail-gateway
<patdk-lap> na, I only see receive dkim checking, not outgoing signing
<nagchampa> i'm sure i'm not the first, but I find postfix completely overwhelming...
<patdk-lap> same for spf, but that just reqiures dns entries :)
<patdk-lap> na, postfix is very simple, and flexable
<patdk-lap> it's the flexability that makes it alittle confusing at first
<k5673> nagchampa: Try to configure sendmail
<nagchampa> patdk-lap: i'm sure it's simple once you understand how it works
<k5673> Wahahaha
<nagchampa> to me it seems overly complex
<patdk-lap> heh, I grew up on sendmail, writing cf files, before m4 came around
<k5673> The good of sendmail is it flexibility. The bad: it's flexibiity.
<patdk-lap> well, it's the monolithic flexability :)
<nagchampa> thanks for the link k5673
<patdk-lap> atleast postfix breaks it down into parts, incoming smtp, outgoing smtp, ....
<k5673> nagchampa: You're wellcome!
<nagchampa> k5673: that looks like an outgoing filter only
<patdk-lap> you don't want my setup :)
<k5673> nagchampa: but aren't you trying to send the emailz to an Exchange server?
<patdk-lap> it consists of 8 postfix installs running on one machine :)
<nagchampa> essentially i want it to sit between the internet and the mail server, when the mail server sends mail out it goes through the filter to be scanned and then sent on, and incoming mail should be received by the gateway, scanned and forwarded to exchange
<nagchampa> do i need to have seperate postfix instances?
<patdk-lap> ya, one works fine
<patdk-lap> one sec, I have 2 postfix installs doing just htat for exchange 2007
<k5673> I don't think you'll need two instances
<k5673> But, for convenience, you can virtualize them
<k5673> If you like
<k5673> KVM
<patdk-lap> heh, you can run postfix on the same machine as many times as you want, no need for two seperate ones :)
<nagchampa> the server is already running on ESXi
<nagchampa> patdk-lap: that's what i thought
<k5673> Ah! Right
<patdk-lap> my master.cf file: http://userv.pastebin.com/91xmSLq6
<patdk-lap> you probably just want to use one content filter, just set them all to the same port
<patdk-lap> I use different amvisd rules for outgoing and incoming
<nagchampa> the problem i'm having is finding clear documentation on the configuration options
<patdk-lap> google :)
<nagchampa> trust me, i'm googling
<nagchampa> exim seems to have a crapload more documentation and examples
<patdk-lap> I didn't have any issues, and I only started using postfix 4 years ago
<nagchampa> i'm starting to think it's a better option
<patdk-lap> I've installed >20 postfix setups since them now
<nagchampa> you've come from sendmail though, which has a lot of similarities (from what i've heard)
<patdk-lap> I actually came from the rfc's
<patdk-lap> I always normally read the rfc's before I attempt to do something
<patdk-lap> kind of hard to do something, if you dunno how it's suppost to work
<nagchampa> subtle
<patdk-lap> ya, I'm insane like that
<patdk-lap> ah, I see that ubuntu doc does have spamassassin disabled finally though :)
<patdk-lap> oh wait, it says enable it, heh, still screwed up
<nagchampa> you have a problem with spamassassin?
<patdk-lap> ya
<patdk-lap> why use it when it's included in amavisd?
<patdk-lap> it just eats memory, and never used
<nagchampa> i thought amavisd used spamassassin
<patdk-lap> it does
<patdk-lap> why you don't need spamd
<patdk-lap> amavisd does not use spamc
<patdk-lap> therefor no need for spamd to use memory
<patdk-lap> amavisd runs it's own version of spamd inside itself
<patdk-lap> it's like a waste of 100megs of memory
<nagchampa> example of what i'm having problems with http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall
<nagchampa> they've got a block of config with a translation following
<nagchampa> well, a ffew
<nagchampa> one of them has this in the thranslation
<nagchampa> Lines 1-7: Accept mail from local systems in $mynetworks, and accept mail from outside for "user@example.com" but not for "user@anything.example.com". The magic is in lines 4-5.
<nagchampa> of course, they don't explain what the magic is in lines 4-5, and reading the documentation for the two options that are linked leaves me none the wiser
<patdk-lap> dunno, I don't use it
<patdk-lap> but I don't have an issue with that
<nagchampa> care to explain then?
<patdk-lap> I'm pretty sure relay reciepient map handles that
<nagchampa> i'm not asking what handles it
<nagchampa> i'm asking what the hell the options mean :P
<patdk-lap> parent_domain_matches_subdomains?
<nagchampa> i get that, kind of, only match subdomains to parent domains for these things
<patdk-lap> it means, if someone uses, myname.example.com, postfix will treat it as example.com, if there isn't a match for myname.example.com
<nagchampa> why do they have it enabled for debug_peer_list and smtpd_access_maps is what i dont' get
<patdk-lap> the default is: parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
<patdk-lap> well, it does fix the case when you send email from that server itself
<patdk-lap> cause it will add it's name as default
<patdk-lap> so you will get, root@email-gateway.example.com by default
<nagchampa> so which of the two is that handled by?
<nagchampa> debug_peer_list or smtpd_access_maps?
<nagchampa> i think i'm starting to get some of this, the master.cf defines which of the postfix processes you have running (although i don't get why many are here that don't seem to be runnin gwhen postfix is running
<nagchampa> man maildrop
<nagchampa> woops
<nagchampa> :P
<Patrickdk> well, that doesn't just define daemons
<Patrickdk> it defines interactions between programs
<Patrickdk> some of them are daemons
<Patrickdk> some of them are just for handling mail, so are only started when there is email to handle
<MTecknology> I'm trying to run mysql inside of a jail.... it doesn't like me - any ideas what I'm doing wrong?
<MTecknology> I try to start it and get "start: Unknown job: mysql"
<k5673> MTecknology: have you installed mysql-server package in the chroot?
<MTecknology> k5673: ya
<MTecknology> k5673: I'm starting to think that maybe runnign things inside of a jail is not the best idea...
<k5673> MTecknology: Have you tried KVM?
<MTecknology> k5673: i have - but this system has 1GB RAM
<k5673> And?
<k5673> MTecknology: You can do it each one with 128 MB RAM
<k5673> For tests, of course
<k5673> MTecknology: For production, more RAM
<MTecknology> this is production and won't get more ram
<k5673> Ah, right
<k5673> What ar you trying to achieve, chroot-jailing all those services?
<MTecknology> ya
<MTecknology> k5673: I think I'
<MTecknology> k5673: I think I'm just going to not do the chroot jails... it'll just be easier
<k5673> MTecknology: But, what are you trying to do?
<MTecknology> k5673: I was tring to have one chroot for everything I wanted to run on the system
<k5673> MTecknology: But why, for security reasons?
<MTecknology> k5673: just to keep things neat and tidy, I'm combining a lot of different servers into one little desktop
<k5673> MTecknology: Ah right.
<MTecknology> k5673: company is liquidating so I'm downsizing what I have
<k5673> MTecknology: If that the case, keep in mind the backups. Desktops aren't too much reliable.
<MTecknology> k5673: ya, I'll plug in an external and use rsnapshot
<k5673> MTecknology: Budgets are a trouble for all. I have too much luck.
<k5673> MTecknology: Last week, i got approved a budget for two Supermicro servers. Dual Quad-core, 16 GB RAM, 4 TB RAID 5 each.
<MTecknology> lifeless: heh.. uds is going on?
<MTecknology> k5673: nice- our issue is some morons up top...
<k5673> MTecknology: Ha!
<k5673> MTecknology: I think you must install each service normally
<k5673> MTecknology: Not in chroot-jails.
<MTecknology> k5673: that's the one thing I wanted to avoid :P
<k5673> MTecknology: Jails are most for sandboxing and development
<MTecknology> k5673: I'll just toss it all only the one system - i guess with the whole downsizing thing, I'll be trimming the stuff I used to do a lot
<k5673> MTecknology: Instead, use virtual domains, with a MySQL backend for the accounts.
<k5673> MTecknology: I think that will be a solution for you
<nagchampa> Patrickdk: thanks, i've been reading the manual pages, slowly piecing it all together...
<MTecknology> k5673: not really :P
<MTecknology> k5673: thanks for the help
<k5673> OK
<MTecknology> k5673: I'm kinda biting the bullet and I think in the end I'll realize it's not that big of a deal
<k5673> MTecknology: It's not a big deal.
<MTecknology> k5673: in whose opinion ;)
<MTecknology> :P
<MTecknology> I'm kinda phsychotic when it comes to neat and clean
<k5673> MTecknology: That's right!
<ruben23> hi guys any idea on this i cant apt-get update afetr i install ubuntu-server ----------->http://pastebin.com/ph97fr5r
<k5673> ruben23: do you have tried nslookup us.archive.ubuntu.com
<k5673> ruben23: ?
<k5673> ruben23: Or, just remove all the us. from your /etc/apt/sources.list to use the main server archive.ubuntu.com
<MTecknology> k5673: yay... now the only issue seems to be either php or mysql - assuming php
<k5673> MTecknology: test your php installation, creating a file named test.php and add this http://pastebin.com/k7pA8LfX
<MTecknology> k5673: :P I always do that on one line
<MTecknology> k5673: but ya, all I get is a white screen
<k5673> MTecknology: so, the problem is php. Check the permissions and owner of the file you just created. Quick and dirty, set to 0777 and nobody:nogroup
<MTecknology> k5673: I created it as www-data
<k5673> MTecknology: if that dazent work, can be php or the interaction with nginx
<k5673> MTecknology: http://www.howtoforge.com/nginx_php5_fast_cgi_xcache_ubuntu7.04
<MTecknology> k5673: holy crap that looks ugly
<MTecknology> it really suggests using lighty for php!?
<k5673> MTecknology: It is. It is.
<MTecknology> that page is horrible
<MTecknology> no offense to the link
<MTecknology> I think it's just php5-fpm not wanting to behave itself
<MTecknology> hence the reason I tend to run with php5-cgi instead
<MTecknology> I'd rather not this time though....
<MTecknology> I'm going to go have supper with my fiancee - back in a bit
<ruben23> k5673: hi sorry i got disconnected this is my nslookup--------->http://pastebin.com/DzAue9Ct
<k5673> ruben23: the last time i got that issue, just removed the subdomain and worked.... Try it for just one. Remove the us.
<k5673> ruben23: and apt-get update again.
<ruben23> ok ill try thanks
<ruben23>  k5673: unusual still the same...:-(
<k5673> ruben23: try apt-get clean apt-get autoclean
<ruben23> yep same thing i guess ill try to re-install
<ruben23> the server again
<k5673> ruben23: nah!
<k5673> ruben23: I can't remember the procedure to get that work again
<k5673> ruben23: look at this http://ubuntuforums.org/archive/index.php/t-922471.html
<SpaceBass> hey folks
<SpaceBass> since upgrading my server box to 10.10, my server won't accept inbound web connections to its apache server, etc
<SpaceBass> any thoughts?
<Andre_Gondim> is it possible to run ubuntu server by flash driver?
<Andre_Gondim> is it possible to run ubuntu server installer by flash driver?
<twb> I don't know what a "flash driver" is.
<twb> You can certainly boot an installer from an MTD device, like a USB key or CF card.
<Jordan_U> Andre_Gondim: Yes, many people run Ubuntu server from a flash drive*.
<Andre_Gondim> twb, what I need to do? Just extract iso file in a pen driver?
<twb> Andre_Gondim: no, download and install an hd or net install medium
<twb> IIRC the hd medium expects you to also then copy an .iso file into its root directory.
<Andre_Gondim> isn't there iwconfig in ubuntu maverick server?
<i_is_broke> whats the best book to read about networking and its proto'
<twb> What's the cost per mips/flops "sweet spot" for a VT-enabled LGA775 right now?
<EspadaV8_W> hello, i was wondering if there were package lists for the ubuntu server releases
<EspadaV8_W> i'm trying to find out what's changed between 10.04 and 10.10
<twb> EspadaV8_W: the archive contains a Packages database mapping each file to a package.
<twb> Er, not Packages.
<twb> Contents-<arch>.gz
<twb> e.g. http://archive.ubuntu.com/ubuntu/dists/maverick/Contents-amd64.gz
<twb> You'd probably be better off getting installing apt-listbugs and apt-listchanges or so
<uvirtbot> New bug: #666152 in openssh (main) "package openssh-server 1:5.3p1-3ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 127" [Undecided,New] https://launchpad.net/bugs/666152
<EspadaV8_W> twb: i don't have any ubuntu installs handy, i was wondering if there was any reason to use 10.10 instead of the lts release
<twb> EspadaV8_W: there isn't
<twb> I suppose there are also release announcements that give a summary of areas of major progress.
<twb> https://lists.ubuntu.com/archives/ubuntu-announce/2010-October/000139.html
<twb> That seems to just link to a "wow, clouds r kool!" news article.
<EspadaV8_W> is lts -> lts upgrade supported? or would i need to go from 10.04 -> 10.10 -> 11.04 ... ?
<EspadaV8_W> lol
<twb> Yes, LTS-to-LTS is supported.
<jpds> EspadaV8_W: ltsâlts is supported.
<EspadaV8_W> awesome, thanks
<EspadaV8_W> i guess i'll just use the 10.04 then
<EspadaV8_W> thanks for the help guys :)
<neuro666> hi, how to manage apache2 vhost in mysql db with ubuntu server?
<joschi> neuro666: you'll have to install mod_vhost_mysql (http://fabienne.tc2.utelisys.net/~skinkie/mod_vhost_mysql2/) or mod_myvhost (http://code.google.com/p/mod-myvhost/)
<joschi> neuro666: but there's no package for either of them in Ubuntu's package tree
<neuro666> joschi : thanks, is it working in your servers under ubuntu & apache2?
<joschi> no
<neuro666> ok
<xampart> i need to put up a reverse proxy, where every request to www.example.com/wiki/ would be proxied to http://wiki.backend.com/. how would i do about doing this?
<twb> xampart: install varnish or squid or something?
<JKL_> http://httpd.apache.org/docs/2.0/misc/rewriteguide.html search for the proxy
<twb> "Varnish is an HTTP accelerator designed for content-heavy dynamic web sites. In contrast to other HTTP accelerators, many of which began life as client-side proxies or origin servers, Varnish was designed from the ground up as an HTTP accelerator."
<twb> I've also seen nginx used as a reverse proxy to SSL-tunnel traffic to a "dumb" httpd
<_ruben> xampart: kinda depends on what kind of system www.example.com runs on and if it has any proxy capabilities
<twb> And what he wants the proxy FOR
<xampart> wiki.backend.com is a confluence tomcat-webapp. i need to make it so, that users can securely (sslproxy + clientcerts) browse our wiki from outside our lan
<twb> xampart: we used pound+nginx for that
<_ruben> i've used apache+mod_proxy for that
<twb> xampart: is sslproxy something that can act like gpg-agent/ssh-agent, but for HTTPS challenges?
<twb> I've wanted such a thing for aaaages
<twb> Currently I have to hand-write a script for each site, that uses curl to acquire a session cookie and dump it into the browser
<xampart> don't really know what you're asking =) but i found this sslproxyengine directive in apache and tested it with my ca + clientcert inside lan
<xampart> _ruben: i would like to know our configuration for apache+mod_proxy. i tried "proxypass /wiki/ http://wiki.backend.com/ proxypassreverse /wiki/ http://wiki.backend.com/"
<twb> Grah!
<twb> Why, when I ssh into a lucid server running lshd (instead of sshd) as root, is PATH=/bin:/usr/bin ?
<twb> Do universe programs have to "opt in" to ubuntu's crack-addled replacement of /etc/profile with whatever GUI-happy pam-based is used now?
<lycan-work> hey guys, how can I create a new user on my ubuntu-server ?
<twb> lycan-work: "adduser fred"
<lycan-work> twb so how do i add the user to all main groups / default and root accessible ?
<lycan-work> i want the new user with admin power
<twb> To add an existing user to an existing group, "adduser fred dip"
<twb> You will want to consult documentation to learn which groups are appropriate for any given user.
<lycan-work> ah
<lycan-work> thought there was a lil console gui to add new users easier
<twb> ("dip" provides access to modems and ATM.)
<twb> There probably is, but here we expect you to learn to do things properly
<lycan-work> twb yea
<drcode> hi all
<drcode> I try to install ubuntu server 10.04, Is there recommanded on swapfile size?
<lycan-work> drcode i would do default
<lycan-work> 512m usually fine
<drcode> k
<drcode> thanx lycan-work
<twb> I don't run with swap
<twb> I don't think I've ever seen a 2.6 system that was actully utilizing the same while still being responsive enough that you could manually kill off the misbehaving process
<twb> I prefer to just leave that job to the OOM-killer
<twb> s/the same/swap/
<twb> (Oh, and a swapFILE will have worse performance than a swap partition.)
<uvirtbot> New bug: #666253 in libpam-ldap (main) "Make password change prompts translatable" [Undecided,New] https://launchpad.net/bugs/666253
<blackxored> hello guys, sadly I still have some servers using windows, I wanted to know if creating a CA with openssl on one on my boxes, will be compatible with the windows servers (by compatible I mean, I know the certs are the same, but it will allow me to choose from the CA as for windows-based ones whenever I'm installing a windows service which requires a CA)?
<mdeslaur> blackxored: yeah, it should be fine...I have done it before...I seem to recall having to package certs as pkcs12 to import them into windows though
<mdeslaur> but that's just manipulation
<blackxored> mdeslaur, ok great ;)
<blackxored> but whenever I install a windows service (which I wont' but my coworkers will), it will allow them to automatically request a new certificate for the service, or I'll have to do it manually
<blackxored> arent' we all lazy? :P
<mdeslaur> blackxored: I'm not quite sure what you mean by that...if it's webservers, they will need to send you their CSR and you will need to sign it with openssl
<blackxored> when you install most of window servers that require ssl, it prompts you for a CA, and it automatically asks for the certificate and imports it
<mdeslaur> blackxored: hmm...I'm not aware of what would do that...do you have a specific example?
<blackxored> Office Communication Services, Lync, IIS I believe
<mdeslaur> blackxored: well, last time i installed IIS, it was a manual process
<blackxored> which version?
<mdeslaur> blackxored: a long time ago...
<blackxored> well i'm talking about iis 7.x or something
<blackxored> I won't use iis
<blackxored> hehehe
<blackxored> luckly
<blackxored> apache with haproxy
<blackxored> :P
<blackxored> but still
<mdeslaur> blackxored: well, then I don't know, sorry
<blackxored> I've cited an example
<jetole> Hey guys. If I compile my own app (in this case it's libldap linked against openssl). Is there a way I can uninstall it and revert? Do you know how I can tell dpkg/apt-get/aptitude between them aside from the initial dpkg -i?
<Mankdim> Hello, can any one help me plz? I'm installing ubuntu 10.04 server, booting from usb flash disk, when I get to partition menue, it doesn't recognize the hard disk, just the the flash disk.
<ramseyd> Hi guys
<ramseyd> I am trying to do apt-get install libvirt-bin
<ramseyd> But it gets stuck
<ramseyd> like so: http://dpaste.org/VtkJ/
<ramseyd> When I try to kill the process, it tells me to run dpkg --configure -a which gets stuck again
<ramseyd> So Im running in a circular loop
<ramseyd> Any way I can resolve this problem?
<RoAkSoAx> ramseyd, do: "sudo dpkg --configure -a"
<ramseyd> RoAkSoAx: root@webhost:~# sudo dpkg --configure -a dpkg: status database area is locked by another process
<ramseyd> oh my bad, i ran that command and it got stuck
<ramseyd> root@webhost:~# sudo dpkg --configure -a Setting up hal (0.5.14-0ubuntu6) ... invoke-rc.d: ---------------------------------------------------- invoke-rc.d: WARNING: invoke-rc.d called during shutdown sequence invoke-rc.d: enabling safe mode: initscript policy layer disabled invoke-rc.d: ----------------------------------------------------
<ramseyd> http://dpaste.org/VtkJ/
<RoAkSoAx> ramseyd, seems that other process is running and it is locking it. You might wanna check that
<ramseyd> RoAkSoAx: Yea, how do I unlock that process? (The process in question being: sudo dpkg --configure -a)
<whaley> during my last `aptitude safe-upgrade` I noticed that I pulled down linux-image-2.6.32-309-ec2{a}.  Should I plan on upgrading my kernel instances or does that happen automatically?
<whaley> errr, wrong channel, sorry :)
<a_ok> how do I set the locale to something decent?
<Jeeves_> hehe, looks like the uds-connectivity is broken :)
<Mankdim> Hello, can any one help me plz? I'm installing ubuntu 10.04 server, booting from usb flash disk, when I get to partition menue, it doesn't recognize the hard disk, just the the flash disk.
<Mankdim> any tips
<k5673> Mankdim: Are your disks SATA?
<Mankdim> yes
<k5673> Mankdim: In the BIOS, try to change the mode of the SATA controller to Compatible, or something different to AHCI
<k5673> Then, try again.
<Mankdim> aha
<Mankdim> ok I'll try
<Mankdim> thanks
<k5673> Mankdim: That because the installer maybe can't recognice the controller in AHCI
<Mankdim> IC
<Mankdim> ok
<k5673> Hello Yo! I'm having an issue with samba. Ubuntu 9.04 server. Some folders and files names are corrupted, like M9DPK0~T, when browsing from Windows Explorer and Nautilus. But in the server's console, i can see the names normally.
<uvirtbot> New bug: #666363 in unixodbc (main) "unixodbc should not require x11" [Undecided,New] https://launchpad.net/bugs/666363
<k5673> Hello Yo! I'm having an issue with samba. Ubuntu 9.04 server. Some folders and files names are corrupted, like M9DPK0~T, when browsing from Windows Explorer and Nautilus. But in the server's console, i can see the names normally.
<pmatulis> k5673: note that 9.04 is now EOL
<Pici> k5673: I've seen that when browsing from Windows to files shared over samba that contain invalid characters for Windows files.
<Pici> Like colons.
<Pici> I'm not sure why nautilus would be doing it, unless you're connecting via samba too.
<uvirtbot> New bug: #666383 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.41-3ubuntu12.6 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/666383
<k5673> It doesn't have invalid chars
<drcode> hi all
<drcode> how I can run update in console?
<drcode> like auto update that I got in gui?
<soren> drcode: apt-get update
<drcode> it only update pkg list
<soren> apt-get upgrade
<drcode> it dosn't install auto update
<drcode> upgrade will not upgrade the ubuntu ver?
<soren> Let's start over. What do you want to do?
<drcode> in ubuntu gui , I got automticly info on new update pkg
<drcode> when I installed ubuntu server it ask me if I want to get auto update
<drcode> I said no
<drcode> how can I do it manualy
<soren> install unattended-upgrades
<drcode> its same like in gui?
<soren> It doesn't offer a gui.
<soren> So no.
<soren> It doesn't offer a ui at all.
<soren> It's *unattended*.
<drcode> it run auto or I can run it manualy, I prefer manauly
<soren> You *specifically* asked for auto update.
<soren> ..and I already told you how to do it manually.
<soren> 16:50 < soren> drcode: apt-get update
<soren> 16:50 < soren> apt-get upgrade
<soren> Done.
<drcode> I want to run auto update manualy
<drcode> a min
<drcode> for manualy I run apt-get upgrade?
<drcode> ok
<drcode> I undrstand
<drcode> thanx
<uvirtbot> New bug: #659854 in samba "Nautilus 2.32.0: Copy to SMB " [Undecided,New] https://launchpad.net/bugs/659854
<SpaceBass> hey folks
<SpaceBass> I upgraded from 10.4 to 10.10 and now when I run sudo su - ... or screen... I get a seg fault - any ideas?
<RoyK> SpaceBass: uh - can you strace that?
<RoyK> SpaceBass: also, keep in mind that most servers should be kept on 10.04 LTS if you don't really need 10.10 (10.10 isn't LTS)
<SpaceBass> RoyK, will strace and report back.
<RoyK> k
<SpaceBass> re: LTS vs 10.10 - its a "home server" so I dont mind being on the edge...as long as the core functions work :/
<RoyK> ok
<RoyK> your choice :)
<SpaceBass> (it was a poor choice, for the record)
<RoyK> SpaceBass: no strace yet?
<SpaceBass> RoyK, kinda got side tracked - also managed to break my ldap auth
<RoyK> ouch
<RoyK> hope you have a good backup, then
<SpaceBass> yeah, no data loss
<SpaceBass> just config errors
<consumerism> i was running dpkg-reconfigure postfix when my ssh session died. now i have logged in again but dbdriver config is locked by another process. can i kill it safely, or what should i do to run dpkg-reconfigure postfix again?
<qman__> consumerism, I would kill the process and run it again
<coxn> I'm building a preseed file, and I'd like to automatically do the lvm step like so:
<coxn> d-i partman-auto/disk string /dev/sda
<coxn> d-i partman-auto/method string lvm
<coxn> my problem comes when I later do this:
<coxn> d-i partman-auto/choose_recipe select home
<coxn> which produces a / that is too small (6.5 GB)
<coxn> so I'm left doing an expert string
<coxn> is there (a) an alternative where I could _just_ tell it that I want a bigger /
<coxn> or (b) anything I should be aware of in producing my expert string?
<SpaceBass> whoohooo! fixing ldap auth fixed sudo and screen
<coxn> I have this, which I have not tried: http://dpaste.org/FQsn/
<coxn> feedback most welcome
<SpaceBass> next challenge - no web services are responding to traffic from other hosts - can view http://localhost fine, but other hosts on same subnet get denied
<coxn> SpaceBass: are you running ufw and/or did you set a Listen directive on a specific IP?
<coxn> SpaceBass: also, do a "sudo netstat -plnt" to see what's listening where
<coxn> anybody in here have experience with preseed?
<SpaceBass> coxn, no firewall, unless the 10.04->10.10 installed and activated one. it could be listen directives, I'll check - natstat shows port 80 listening
<coxn> SpaceBass: what is it listening on? "0.0.0.0:80" or "127.0.0.1:80" or what?
<coxn> possibly "::1:80"
<_ruben> coxn: i do preseed my installs, except for the partitioning part, partman-auto is way too complex/limited/strange/etc for me :)
<coxn> _ruben: I'm discovering that. Ugh.
<coxn> _ruben: how do you do partitioning, then?
<_ruben> coxn: manually .. as a bonus it allows you to finetune the partitioning for each (type of) server
<_ruben> ideally partman(-auto) would have a sortof hook system, where it'd allow you to run a script which does the heavy lifting and return a xml/txt/whatever file to base the /etc/fstab on
<_ruben> (heavy lifting meaning: paritioning/formatting/etc)
<RoyK> SpaceBass: netstat -ln --tcp - does apache/whatever listen to something useful?
<SpaceBass> RoyK, coxn thanks, tried to reinstall one of the services - looks like mysql wasn't running - thus the error 500 in the logs
<SpaceBass> seems a lot of services didn't start when I booted
<SpaceBass> I appreciate all your great troubleshooting help and advice!
<RoyK> SpaceBass: if you try to apt-get dist-upgrade, what does it say?
<RoyK> SpaceBass: there might be some packages left hanging
<SpaceBass> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded
<RoyK> ok
<SpaceBass> and to your earlier point - my critical servers (email, etc) are still on LTS versions :)
<RoyK> good
 * RoyK got a little pissed of at work today - some IDIOT managed to reboot the Solaris 10 box used for our main file server just because of some NIS messup he couldn't understand
<uvirtbot> New bug: #666469 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/666469
 * SasaGloc_afk is away: Gone away for now
<lennart_> Any one know how I can dump installed packages to a list and use that list to install on another machine?
<helloren> how do i change the banner when someone logs in the server? i am running ubuntu 10.04 openssh server
<pmatulis> lennart_: dpkg should do it
<lennart_> The old way with dpkg --set... etc. doesn't seem to work
<lennart_> on 10.10
 * RoyK worries a little about Ubuntu's rfc2550 compliance
<pmatulis> lennart_: doesn't seem?
<lennart_> doesn't work
<pmatulis> lennart_: is there a bug?  if the man page says it should work and it doesn't then a bug needs to be filed
<lennart_> dpkg --get-selections > installed.lst
<lennart_> dpkg --set-selections < installed.lst
<pmatulis> lennart_: ok, and then?
<lennart_> nothing
<RoyK> lennart_: from the manual
<RoyK>        Note  that  this  will not actually install or remove anything, but just set the selection state on the requested packages. You will
<RoyK>        need some other application to actually download and install the requested packages. For example, run apt-get dselect-upgrade.
<lennart_> Aha that was the missing part, thanks
 * RoyK throws an RTFM at lennart_ 
<lennart_> Come on whats a manual?
<pmatulis> lennart_: man man
<lennart_> man lazy :)
<pmatulis> ;)
<SpaceBass> next challenge, different box :D
<SpaceBass> my vlan and ethernet configs arent surviving a reboot - they are correct in /etc/networking/interfaces but I have to manually bring them up each time
<RoyK> pastebin that file
<SpaceBass> k - may require some trickery since that box isn't online - just rebooted :D - one sec
<SpaceBass> interesting - lsmod shows 8021q loaded but usedby is 0
<SpaceBass> ifconfig shows my eth0.5 interface, but I can't pass any traffic
<SpaceBass> RoyK, http://pastebin.com/ZXk337n9
<SpaceBass> I'd prefer not to have eth0 at all - but if I leave it out, then eth0.5 won't come up and if I set it to dhcp it (Appropratly so) gets an address
<RoyK> SpaceBass: iirc the supported way is to use 'up ip addr add...' instead of the older eth0:n
<RoyK> SpaceBass: I might be wrong, though - btw is 8021q in /etc/modules?
<SpaceBass> RoyK, yes to module question - I got the vlan info from: https://wiki.ubuntu.com/vlan
<RoyK> I see
<RoyK> dunno then, sorry
<RoyK> SpaceBass: is this on 10.10?
<SpaceBass> thanks for the suggestions! yes 10.10
<RoyK> k
 * RoyK repeats suggestion of not using 10.10 for anything but workstations
<SpaceBass> :D
<SpaceBass> fair enough
<SpaceBass> got it! added 'auto eth0.5' and commented out the 'eth0' line
<RoyK> :)
<RoyK> but - VLANs on a home server?
<RoyK> using a dd-wrt router or something
<RoyK> ?
<SpaceBass> RoyK, PFsense
 * SpaceBass has a serious problem...er...hobby 
<RoyK> k
<SpaceBass> full server cabinet, the works
 * RoyK shares SpaceBass problems^Whobbies
<SpaceBass> glad I'm not alone, there should be a support group for people like us
<RoyK> or group therapy or something :D
<SpaceBass> :)
<SpaceBass> or more importantly, for our significant others - but I did let my wife put the laundry stuff in my server room...(maybe it was the laundry room first, but thats symantics)
<RoyK> lemme see - I've got a 20cm stack of harddisk platters for an upcoming attempt to make a sound installation - is that nerdy enough?
<SpaceBass> that counts!
<RoyK> we have a truckload of old harddrives at work, well, we did, and I've become a master of dissasembling them :D
<RoyK> 'cept some Seagate drives where the spindle is fixed with some irritating stuff
<RoyK> http://forums.seagate.com/t5/Barracuda-XT-Barracuda-and/Tool-to-disaassemble-Seagate-platters/td-p/32657
<SpaceBass> I feel like I have a ton of 250, 300, 350gb sata drives and nothing too useful to do with them - drobo is a bit on the pricey side for the little bit of storage I'd gain
<SpaceBass> RoyK, so are you cracking the drives open and fixing them?
 * RoyK just found a drawer full of 50-250MB drives
<RoyK> not fixing - just removing the platters (and the magnets)
<SpaceBass> ah
<RoyK> with all sorts of platters, smal 2,5", 3,5" platters with different thickness and those even smaller platters from 15k drives, the sound from them varies quite a bit
<RoyK> so somehow a glockenspiel out of old drives :D
<SpaceBass> ohhh you literally meant sound installation! I read that as "working install of some software platform"
<SpaceBass> very cool!
<RoyK> I did :)
<consumerism> is there a way to script the configuration of postfix in dpkg-reconfigure? i want to install it on a cloud image that would need to run every time a new server launches
<uvirtbot> New bug: #666491 in etckeeper (main) "dpkg does not trigger commit" [Undecided,New] https://launchpad.net/bugs/666491
<helloren> ok i got to the /etc/motd file, and opened it the vi editor but i can edit it some how. i know how to use the vi editor but the "i" command for vi does not work nor does the "a" command, and the back space key does not ether. anyone know why that is?
<helloren> but i cannot edit it**
<yann2> hello - how can I allow a user to run a command as another user using sudo without being required to type a password?
<Patrickdk> edit sudoers file, and tell it to not require a password
<helloren> patrickdk: what should i use for the openssh server, for ipv6 tunnel broker? i was looking at gogo6.com, as one for the server what do you think?
<Patrickdk> heh?
<Patrickdk> does it matter?
<Patrickdk> personally, I'm using he to ipv6 tunnel, but I really don't like tunnels at all
<helloren> i dont know thats why i was asking you
<_Techie_> im having some weird problems getting phpvirtualbox running
<_Techie_> my php is working for http://phpsysinfo.technz.info/ , but whenever i request the file http://vbox.technz.info/config.php  apache just hands me the file
<AlanMeta> hi all, where does apache2 store which user its running as? I've check /etc/apache2/apache2.conf but couldn't find it :-(
<erichammond> smoser: I've subscribed you to a couple bugs I thought you might be interested in.  Let me know if you'd rather I notify you of them some other way.  You're welcome to subscribe me to any related to EC2 as I'm interested in tracking these.
<AlanMeta> hi all, where does apache2 store which user its running as? I've check /etc/apache2/apache2.conf but couldn't find it :-(
<Pici> AlanMeta: A quick grep reveals that its set in /etc/apache2/envvars:export
<Pici> er, forget the :export part
<Pici> /etc/apache2/envvars
<AlanMeta> Pici thanks
<yann2> is it possible to split the sudoers file in several files? like a sudoers, and a sudoers.local?
<yann2> t is possible to include other sudoers files from within the sudoers file currently being parsed using the #include and #includedir directives. < sorry for the question, it was in the man sudoers :(
#ubuntu-server 2010-10-26
<T0aD> hi guys :)
<T0aD> hi guys, im trying to upgrade a real old ubuntu server dist (6.10) and I encounter this error while trying to install libdevmapper: mkdir: cannot create directory `/dev/.static/dev/mapper': Read-only file system. Any suggestion welcome :)
<owh> T0aD: How are you doing this upgrade?
<T0aD> like explained on https://help.ubuntu.com/community/EOLUpgrades/Edgy
<owh> Where in that process are you?
<T0aD> at : sudo ./feisty --frontend DistUpgradeViewText --mode=server
<T0aD> it downloaded all packages, it was to suppose to remove 1 package, upgrade some, install a lot
<T0aD> it blocked at removing this single package libdevmapper
<T0aD> yeah not installing my bad
<T0aD> Setting up libdevmapper1.02 (1.02.08-1ubuntu10) ...
<T0aD> mkdir: cannot create directory `/dev/.static/dev/mapper': Read-only file system
<T0aD> damn that sucks
<owh> Are you running this off the machine itself, or did you boot from something like a live-cd?
<T0aD> of the machine itself
<T0aD> its in production
<owh> That sucks.
<T0aD> definitely
<owh> Is this an LVM volume, or a crypt one?
<T0aD> nope and nope
<T0aD> a dummy software raid 1 on 1 single and unique partition
<T0aD> i know nothing about this devmapper stuff
<owh> Is the software raid Linux software raid, or a funky motherboard software fake raid?
<T0aD> its mdadm
<owh> Is the raid module loaded?
<T0aD> its a monolithic kernel and the raid support is running fine it seems
<owh> Your own kernel or a ubuntu one?
<T0aD> my own
<owh> Hmm.
<owh> I *think* you might be missing a module that ubuntu expects.
<owh> FYI, this is a *WAG*
<T0aD> hmpf
<T0aD> wag ?
<owh> Wild Ass Guess
<T0aD> yeah I understand this is no easy issue
<T0aD> I thank you for your trial though
<T0aD> Im wondering if I shouldnt just buy a new box and migrate services but thats gonna be a pain in the ass
<owh> How much data is on this?
<T0aD> 200 gB
<T0aD> but it has a lot of stuff
<owh> Ouch
<owh> Got a spare drive?
<T0aD> a mysql server, a mysql proxy, a qmail install, a vpopmail dir, 10,000 websites of users, a hacked apache install, several CGIs binaries
<owh> This was never going to be easy was it :)
<T0aD> an imap server, a ftp server, tons of crons, a dns server, Im probably forgetting stuff :)
<T0aD> well it would be easier if I had more specialized servers separated in farms :)
<T0aD> but im at the starting point so...
<T0aD> what about the spare drive ?
<T0aD> to copy the data ?
<owh> You could do a fresh install on a spare drive.
<T0aD> on the same box you mean ?
<owh> Yup
<T0aD> while the server is running ?
<owh> No.
<owh> Hold up.
<T0aD> like how ? using virtualization or something ? i dont get you
<owh> When you built your kernel, did you start with the ubuntu .config file in /boot?
<T0aD> yep
<T0aD> ah you want me to spot the differences
<T0aD> ?
<T0aD> # diff -u /boot/config-2.6.24.2lescigales /boot/config-2.6.35.2-rsbac-lescigales  | wc -l
<T0aD> 3590
<T0aD> hmpf :)
<owh> That would be helpful. But I'm wondering if you didn't fsk around too much, it may have also compiled the appropriate modules, just not loaded them.
<T0aD> there are no more modules
<T0aD> modules are for the weak !
<owh> Is lvm installed?
<T0aD> not sure, but it isnt used
<owh> dpkg -l | grep lvm
<T0aD> nothing
<owh> Does this help: http://ubuntuforums.org/showthread.php?t=620842
<owh> Better still: http://ubuntuforums.org/showthread.php?t=704273
<T0aD> well the first topic is very cryptic
<owh> I suppose the thing to take from it is, do you have any pinning set?
<owh> FYI: I'm going to have to run in 5 minutes.
<T0aD> "I've got lot work, and I've put lots of effort in this server. Reinstall and re-setup everything could take me longer than a month. For me it's not really a problem, however my boss don't share this opinion."
<T0aD> lol, sounds like me :)
<T0aD> pinning set ?
<T0aD> sorry english ain't my native language
<owh> Have a look in /etc/apt/preferences
<T0aD> nice it seems the release process is always overwriting logs in /var/log/dist-upgrade
<T0aD> ls: /etc/apt/preferences: No such file or directory
<owh> What about the second link I showed you?
<T0aD> unfortunately not useful
<T0aD> I still dont understand why its written post-installation in this log while it was telling me (I think now.. not so sure) it was about to remove it
<T0aD> anyway, maybe I should unpack deb file and read this post-installation script
<owh> I still think there is an issue with your kernel, with modules missing. Can you boot into a standard ubuntu kernel and do the upgrade from there?
<T0aD> any reboot / downtime is risky
<owh> Yeah
<owh> Reading the post-install script is a good idea.
<T0aD> yeah I might just hack it and blow this stuff
<T0aD> now i just need to find how to do that
<T0aD> dpkg -x it seems
<owh> I should be back in a couple of hours, there are others here who might be better able to help.
<T0aD> owh, I doubt it, but thanks for your time anyway :)
<owh> kirkland: nijaba, have you got anything to add for T0aD's problem? Gotta run.
<T0aD> well dpkg -x doesnt help but it seems scripts are in /var/lib/dpkg
<T0aD> lol all the postinst script does is that mkdir
<T0aD> alright hack successful
<erichammond1> What was that fix released recently that helps protect Apache2 servers from clients that connect but don't send a request (perhaps with a timeout)?  I have a custom Apache config that I think needs to have this applied quickly.
<T0aD> well apart from a firewall rule
<T0aD> I dont see what 'fix' would be realsed
<T0aD> released
<T0aD> iptables -I INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 12  -j REJECT
<T0aD> try that one
<erichammond1> Ah, looks like mod_reqtimeout
<T0aD> oh there is a module for that
<erichammond1> though I can't find it in Karmic
<T0aD> thats nice, and whats about other services ?
<T0aD> this module wont help you I think
<T0aD> well suit yourself
<erichammond1> T0aD: Thanks, but I'm not sure that the connections are coming from the same IP address and the number of available server connections can easily be overwhelmed by not that many parallel connections that take a long time to send the request.
<T0aD> well there is nothing you can do then
<T0aD> except configuring Timeout
<erichammond1> If they don't send a request, I just want to time out on them and move on to the next request.
<T0aD> its in the basic apache configuration
<T0aD> http://httpd.apache.org/docs/2.2/mod/core.html#timeout
<T0aD> im personaly using Timeout 3 and KeepAliveTimeout 3
<erichammond1> I'll give that a try.  I thought that perhaps Timeout did not kick in until the request started getting sent which was why the mod_reqtimeout patch was released.
<T0aD> you should read this module page and experiment
<T0aD> Timeout 3 rocks anyway
<T0aD> except for 14.400 bauds modems of course
<erichammond1> :)
<erichammond1> T0aD: Yep, "Timeout 3" does not start the countdown until the first "GET" line is sent by the client.
<erichammond1> T0aD: A client that connects and sends nothing, uses up an Apache child.
<erichammond1> mod_reqtimeout looks like it solves that.
<erichammond1> "Available in Apache 2.2.15 and later" so not in Karmic.
<erichammond1> I wanted to upgrade that server anyway.
<T0aD> <erichammond1> T0aD: Yep, "Timeout 3" does not start the countdown until the first "GET" line is sent by the client.
<T0aD> hm yes it does
<erichammond1> T0aD: I just tested it on my Apache 2.2.12 server and I can take much longer than 3 seconds to type in "GET /" and it's still listening.  If I type "GET / HTTP/1.0" it hangs up 3 seconds later.
<erichammond1> What Apache are you using?
<T0aD> hm maybe KeepAliveTimeout then ?
<erichammond1> I have that low, too.
<T0aD> 2.2.10
<T0aD> well I tried and its working fine here funny
<T0aD> but I have this setting for years
<T0aD> did you correctly restart your server ?
<erichammond1> Since the 3 second timeout is now working after the "GET" (it had been set to the default of 300) I believe I did, yes.
<erichammond1> This also appears to be how it is documented.
<T0aD> hm maybe Im confused with another directive..
<T0aD> no that should be it
<T0aD> proceed to a full restart (not graceful) to experiment anyway
<T0aD> root@ns1:/tmp/tmpRktNYU# time nc 217.73.17.12 80
<T0aD> real	0m6.020s
<T0aD> interesting, maybe its adding timeout+keepalivetimeout
<erichammond1> T0aD: I'm off.  Thanks for your help.
<T0aD> np
<uvirtbot> New bug: #666614 in samba (main) "package samba-common (not installed) failed to install/upgrade: subprocess installed post-installation script returned error exit status 10" [Undecided,New] https://launchpad.net/bugs/666614
<n8whnp> hey, I have a really dumb question about openldap in ubuntu server 10.10
<n8whnp> I know that the transition has been made to the cn=config style configuration
<n8whnp> is there any way to set the default password to connect and configure things. dpkg-reconfigure is not doing that
<osmosis> patdk-lap, why 100 for swappiness? other guides are telling me lower is better, like 10 or 0.
<z3cka> Hello, I'm having a strange issue with my server, when logon through the terminal at tty1 the "Welcome to Ubuntu!" message is there twice, once for 10.10 and once for 10.4 â¦ any ideas what would cause this?
<T0aD> cat /etc/motd
<T0aD> or issue or issue.net
<z3cka> yep, that give me the welcome message
<T0aD> holy crap
<T0aD> upgrade to 8.04 breaks my klogd
<z3cka> well, the real issue is it says one use is logged into 10.4 and 0 users are logged into 10.10
<z3cka> yet, eth0 has 10.10's ipaddress
<z3cka> so my network is confused
<T0aD> i really start to think do-release-upgrade is a bad idea
<z3cka> agree
<T0aD> im currently upgrading a big production server from 6.10 to at least 8.04
<T0aD> and this is hell
<z3cka> ifconfig says eth0 is 192.168.1.118 but my /etc/motd says eth0 is 192.168.15.4
<T0aD> well who cares about motd anyway
<T0aD> > /etc/motd
<T0aD> and maybe motd is speaking of your old address
<z3cka> i don't i'm just trouble shooting my network issue
<T0aD> well dont you worry
<T0aD> motd aint involved with networking
<z3cka> ping 127.0.01 doesn't even resolve
<z3cka> true, i think it gives me a clue as to what's going on
<T0aD> try w or who in that case
<z3cka> right, that tells me i'm logged in, but logged into what?
<z3cka> 10.10 or 10.4?
<z3cka> is it possible that they are both running?
<z3cka> motd says i'm logged into 10.4
<T0aD> <z3cka> is it possible that they are both running?
<T0aD> lol
<z3cka> so now that
<z3cka> so now that's funny to you?
<T0aD> I havent laugh like that for a long time, thank you
<T0aD> check out your logs
<T0aD> Im not sure what your problem is exactly
<z3cka> problem is, i'm getting an IP address network seems to not be functioning properly
<z3cka> *but
<T0aD> seems seems pretty clear
<z3cka> which logs should i look at?
<z3cka> basically i get 100% packet loss no matter what ip i ping
<z3cka> even 127.0.01
<z3cka> *127.0.0.1
<T0aD> hmm
<T0aD> ifconfig should tell you which interfaces are up
<T0aD> check that
<z3cka> yep, all seems well there
<T0aD> check sysctl icmp_echo to see if you re not ignoring pings
<T0aD> it could be so many things, firewall, kernel
<z3cka> error: "icmp_echo" is an unknown key
<T0aD> sysctl -a | grep icmp_echo
<z3cka> thanks
<z3cka> â¦icmp_echo_ignore_all = 0
<z3cka> â¦icmp_echo_ignore_broadcasts =
<z3cka> 1
<z3cka> what is eth0:metedata from ifconfig?
<eagles0513875|2> hey guys any dovecot squirrelmail post fix experts in here
<eagles0513875|2> i followed the guidelines on the wiki for each of those and im having issues connecting to the imap server
<eagles0513875|2> i have dovecot configured for imaps
<eagles0513875|2> only
<eagles0513875|2> could that be the issue
<RoyK> morning
<RoyK> eagles0513875|2: with a self-signed certificate?
<eagles0513875|2> RoyK: think i have isolated my issue to squirrelmail
<RoyK> k
<eagles0513875|2> i have dovecot setup tp use imaps only how can i config squirrelmail to do the same thing
<eagles0513875|2> RoyK: ^
<uvirtbot> New bug: #666625 in openldap (main) "slapd no longer installs default database since 10.04" [Undecided,New] https://launchpad.net/bugs/666625
<RoyK> eagles0513875|2: don't remember - I haven't use squirrelmail for years - but then, if you run squirrelmail on the same host as dovecot, the only thing you'll need is a redirect from the sqm running http, right?
<RoyK> as in <?php location('https://host.tld'); ?>
<eagles0513875|2> ya i have it mostly setup i needed to do some configuration of squirrel mail a bit
<RoyK> erm
<eagles0513875|2> using sudo squirrelmail-configure
<eagles0513875|2> to allow tls connection as well as use the imaps port
<RoyK> as in <?php header("Location: https://host.tld'); ?>
<dubphil> Hello ! I have switched from Debian to Ubuntu and I would say that I'm quite happy, good work !
<dubphil> When I put service squid stop on a script I have this error : exec: 129: stop: not found, how can I stop and start squid in a script ?
<dubphil> where are the squid init scripts ?
<eagles0513875|2> dubphil: it would have to be somethign like this
<eagles0513875|2> sudo /etc/init.d/squid stop
<eagles0513875|2> all startup shutdown and restart scripts are in /etc/init.s
<eagles0513875|2> init.d
<dubphil> eagles0513875|2: thats was the debian way, but there no more squid scripts in /etc/init.d
<eagles0513875|2> dubphil: try sudo squid stop
<eagles0513875|2> hey dubphil im gonna need your expertise with getting squid setup
<dubphil> eagles0513875|2: it is a script launched by root in a crontab
<dubphil> yes tell me
<eagles0513875|2> dubphil: where to begin lol
<eagles0513875|2> dubphil: mind if i pm you
<RoyK> dubphil: you won't notice much difference :)
<eagles0513875|2> dubphil: basically is squid easy to setup
<eagles0513875|2> im going to need it as im hosting a few sites and my server connectivity wise is quite fast, but sometimes it gets bogged down
<z3cka> T0aD: eucaluptus-cloud was causing the trouble
<dubphil> eagles0513875|2: yes it is quite easy but more complex scheme you need the more it will be difficult to setup ;)
<z3cka> sudo apt-get remove eucaluptus-cloud did the trick
<z3cka> strange
<z3cka> eth0:metadata went away
<z3cka> from my ifconfig
<dubphil> RoyK: yes for sure, the lonely difference for now is the localisation of the squid init scripts
<dubphil> where damn are they ?
<RoyK> squid-langpack - Localized error pages for Squid
<dubphil> RoyK: squid is working well, my problem is just to stop or start it in a root cronjob
<dubphil> eh I understand Iwould have not use "localisation" I ment "the place they stand"
<T0aD> <z3cka> sudo apt-get remove eucaluptus-cloud did the trick
<T0aD> lol
<RoyK> apt-get remove --purge \* # :D
 * RoyK does not recommend that
 * T0aD wonders if RoyK thinks rm -fr / is funny too ?
<RoyK> T0aD: that's far worse
<RoyK> that apt-get gives you a pretty good warning
<T0aD> its still as funny as eddie murphy
<RoyK> that rm of yours doesn't
 * z3cka wonders if T0aD is really a troll
 * T0aD hides his hair
<T0aD> z3cka, I just dont see why that is 'funny' :)
<z3cka> T0aD: i just don't see why you have to quote me and lol
<T0aD> well that was funny
<T0aD> installing a cloud and having networking issues
<T0aD> and removing it being called 'a fix'
<z3cka> you got me
<z3cka> that's true
<z3cka> wellâ¦ i wasn't using it
<T0aD> yeah, that was truly funny :)
<z3cka> i'm sure is i installed it again it would probably work
<z3cka> *if
<T0aD> no idea, im still a cloud virgin
 * T0aD is the innocent little flower
<z3cka> played with it a bit on the local lan but didn't get far
<z3cka> and then the update seemed to break the rest of the network
<z3cka> more specifically added eth0:metatdata entry to ifconfig
<z3cka> so i searched eth0:metadat and all i got was entries about problems with eucalyptus
<z3cka> so i removed it
<z3cka> hense, fixed :-)
<T0aD> you cant trust software written by koalas
<z3cka> errr *hence
<z3cka> that's true
<z3cka> or just Australians in general...
<T0aD> adios
<Zeu5> hi there, i am at my devt machine. I ssh into my server. From my server, i am trying to do a git pull from a public repo like projectlocker. I am always prompted for my ssh passphrase. i followed this but i am still prompted. please advise.http://help.github.com/working-with-key-passphrases/
<twb> IMO agent forwarding is evil and wrong
<twb> I prefer -oProxyCommand
<twb> Admittedly it wouldn't help in your case...
<twb> Zeu5: that article doesn't seem to mention agent forwarding.  Do you have it on, or off?
<twb> Zeu5: btw, if you're in an Ubuntu desktop environment, ssh-agent is started automatically when you log in, so you can skip that step.
<Zeu5> twb: this is my config file
<Zeu5> this is my config file in ~/.ssh  http://gist.github.com/646426
<Zeu5> twb: does that indicate whether i have agent-forwrading on?
<twb> And you're running "ssh staging"?
<Zeu5> twb: i am actually trying to get capistrano working. but somebody told me to do this. so i did so. if it s wrong i will gladly remove it
<twb> capistrano is a hostname?
<Zeu5> capistrano is a deployment tool
<Zeu5> twb: let me go remove the config file first
<twb> Bleh, more ruby gank
<Zeu5> twb: i am a ruby noob. more so than being a ubuntu noob. ha
<twb> Unfortunately I have no idea what that tool does
<Zeu5> its okie twb
<Zeu5> right now i just want this ssh forwarding to work.
<twb> Rather than sshing into a server and doing a "git pull" there, I guess what I would do is "git push" to the server directly
<twb> You can try "ssh-add -l" to see what keys are enabled in your agent on each host
<twb> Note that you need to run ssh-add [~/.ssh/id_rsa] to add a key to your agent.
<Zeu5> is it safe for me to paste my output when i run ssh-add -ls
<Zeu5> is it safe for me to paste my output when i run ssh-add -l ?
<twb> A line like this is safe to publish: 2048 4d:cd:2c:5b:9f:a5:d1:cd:f6:f1:2f:30:f8:74:8b:47 /home/twb/.ssh/id_cyber (RSA)
<twb> It's basically the same as your public key
<twb> (In terms of information disclosure.)
<Zeu5> username@server:/var/www/abc.biz$ ssh-add -l
<Zeu5> 2048 bf:8a:cf:e1:97:24:86:6d:8f:8a:f0:7b:86:17:5c:7f /home/ubuntu/.ssh/id_rsa (RSA)
<Zeu5> so am i doing everything correctly so far?
<twb> That means "server" has your key usable in it
<twb> So it should work without prompting for a passphrase
<Zeu5> twb: i am still prompted when i do a git pull from server
<twb> What is the command you're running?
<Zeu5> twb: http://gist.github.com/646508
<twb> OK, for some reason it is ignoring /home/ubuntu/.ssh/id_rsa and trying to use /home/username/.ssh/id_rsa instead (or first).
<twb> You could try moving that key out of the way, but other than that you're going to have to ask #openssh, since this is where my experience with agent forwarding runs out.
<twb> (You can also try just hitting ^D which will make it try the next key.)
<Zeu5> twb: i apologise beforehand. i wanted to keep my username secret. its all ubuntu
<Zeu5> twb: sorry for the misunderstanding
<Zeu5> twb: i have to go off. will be back in an hour's time to try my luck again. thank you for your assistance. appreciate it. sorry for misleading you about my username. will definitely try #openssh as well
<twb> Which, kids, is why we you don't try to elide useful, non-compromising information from your tech support staff.
<MACscr> any recommendation for resolving the following apt-get upgrade errors? http://pastebin.com/WByrVRjp
<twb> MACscr: turn -security back on?
<MACscr> huh?
<twb> libssl-dev: Depends: libssl0.9.8 (= 0.9.8k-7ubuntu8.1) but 0.9.8k-7ubuntu8.3 is installed
<twb> 0.9.8k-7ubuntu8.3 comes from lucid-security and lucid-updates.
<twb> The fact that it's trying to install an older version suggests that either those components are disabled, or you haven't run "apt-get update" lately.
<twb> I suppose it could also happen if you're using a binary package that needs a binNMU (i.e. it links against the obsolete version).  lucid-security should fix that, too.
<MACscr> its enabled
<MACscr> all the defaults are
<MACscr> and i ran apt-get update right before i attempted the upgrade
<MACscr> nvm, its working now. Weird
<MACscr> simple reboot seemed to fix it
<Zeu5> hi there, i am at my devt machine. I ssh into my server. From my server, i am trying to do a git pull from a public repo like projectlocker. I am always prompted for my ssh passphrase. i followed this but i am still prompted. please advise.http://help.github.com/working-with-key-passphrases/
<mgolisch> Zeu5: do you start ssh-agent ?
<Zeu5> mgolisch: how do i do that?
<Zeu5> i did notice that when i run "ps", there is no ssh-agent
<twb> It may be called "gpg-agent" (it can do both jobs).
<Zeu5> twb: when i run ps all i see is ps and bash
<mgolisch> is ssh-agent installed at all?
<uvirtbot> New bug: #666682 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.1 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/666682
<mgolisch> this page you linked seems to add stuff to your shellconfig to start ssh-agent automaticaly
<twb> that's keychain's job, yeah
<twb> Except that if you do a GUI login to an ubuntu desktop, ssh-agent is already started automatically, and (I assume) agent forwarding means THAT agent is the one used on the remote server.
<Zeu5> twb: i apologise. i am really not very good with this whole agent forwarding business. so are you saying tat i made a mistake in the first place?
<twb> Damned if I know.
<twb> I'm just saying that (AFAIK) if you login with gdm, you don't need keychain
<Zeu5> twb: since i am sshing into server, i guess tat means i am not login using gdm yes?
<twb> You're using agent forwarding, so your local agent (started by gdm) will talk over the ssh link to *something*
<twb> Whether that something is ssh (directly) or a remote ssh-agent (indirectly), I don't know.
<twb> As I said, I'm not a fan of agent/x11 forwarding.
<Zeu5> twb: i see. thank you.
<SAngeli> I have ubuntu server 10.10 64 bit installed and have to install Conexant HSF softmodem driver for making hylafax work with my softmodem PCI card. It is a Conexant System modem. I am following this article http://www.linuxant.com/drivers/hsf/downloads-installer.php  but when I run the script I get this error: Package not compatible with your system. Kernet module can't be compiled
<SAngeli> what do I have to do, please?
<RoyK> check what distros are supported
<RoyK> 10.10 obviosly isn't
<RoyK> or at least 10.10/64
<RoyK> http://www.linuxant.com/drivers/hsf/full/downloads.php
<RoyK> not a very promising list
<RoyK> no x64 at all
<RoyK> I guess perhaps an x86 install of 10.04 or even 10.10 might work with the bottom one
<RoyK> x64 will not work
<SAngeli> RoyK, I have to find out if I can make hylafax work with my modem. I am not able to find any distro or a Hylafax IRC Chanel to ask. How can I make this work?
<SAngeli> Any advice?
<SAngeli> even by reinstalling ubuntu or another distro
<SAngeli> RoyK, what if I install the 32 bit version of ubuntu 10.10? If not can I install a earlier verion of ubuntu server that wil be compatile with ?
<SAngeli> anyone can reply, pleaze
<patdk-lap> reply
<adamk-pl> SAngeli: i would go for 32bit
<adamk-pl> of 10.4
<twb> Apart from legacy / proprietary programs and specialist compilers, I see no reason to install i386 on an amd64 system.
<twb> ("specialist" meaning that it has one developer, and he's too overworked to port it to x86-64)
<SAngeli> adamk-pl, can you please tell me where to download the 32 ver or ubuntu server 10.4, please
<SAngeli> and thank you for your reply
<SAngeli> adamk-pl, is it this one? Ubuntu 10.04.1 LTS (Lucid Lynx)
<SAngeli> adamk-pl, found it: http://mylayn.blogspot.com/2010/05/download-ubuntu-104.html
<twb> SAngeli: uh, maybe you should try ubuntu.com; it probably has a download link on the front page
<twb> http://www.ubuntu.com/server/get-ubuntu/download
<adamk-pl> twb: exactly !
<adamk-pl> mylayn links point to torrent files, so if you prefer torrent go for torrent, i think i still seed LTS
<adamk-pl> :D
<evident> Hi everybody! On my server I get dependency problems when calling apt-get upgrade: http://hpaste.org/40892/upgrade ... can anybody tell me how I can fix these?
<twb> adamk-pl: I would trust any link I found on <random blog post>
<twb> evident: please run "export LC_ALL=C" and re-run the command
<adamk-pl> twb: sure
<twb> evident: that will give it in English :-)
<twb> evident: also, paste the *whole* output.  You can do this by running "script", which will make a copy into the file "typescript"
<evident> http://hpaste.org/paste/40892/upgrade_2#p40893
<evident> i annotated the paste with the full output (in english)
<twb> OK, thanks.
<evident> (other question: Will my outputs be in english forever now? If so: Great... been trying to do that for a while)
<twb> The procps issue shouldn't be happening; have you got bad entries in /etc/sysctl.conf?
<twb> evident: only while you stay in the shell that you ran export LC_ALL=C in
<evident> aha ok
<twb> "LC_ALL=C" means "use the C (none/us english) locale for all locale settings"
<twb> See "man 7 locale"
<evident> http://hpaste.org/paste/40892/sysctl#p40894
<evident> this is my sysctl
<twb> OK, that's strange.  You'll have to debug /etc/init/procps.conf
<evident> http://hpaste.org/paste/40892/etcinitprocpsconf#p40895
<garymc> is there a room for help with setting up an SSL web serveR?
<evident> how would I debug this? Do you see anything strange in there?
<garymc> or converting my current one to SSL
<twb> garymc: did you check the ubuntu server guide?
<twb> garymc: also, your existing httpd probably has documentation on the subject.
<dubphil> twb I don't think so :)
<dubphil> it always afraid people to deal with ssl
<twb> evident: sorry, I don't really want to deal with upstart.  It's fucking annoying.
<evident> :D
<evident> ok thank you anyways
<twb> evident: however, it does look like that's the only error there -- everything else is just complaining because it wants procps to finish first.
<evident> hmm ok... I'll try and see if I can find a way to fix it... thanks
<twb> You can bug #upstart about it, too
<megaTarzan> hello. I have iptables error while starting virt-manager local connexion's default network
<garymc> Do I have to purchase an SSL certificate?
<twb> garymc: no.
<garymc> Im told by the bank i need an intermediate SSL certificate
<twb> SSL is an hierarchical, asynchronous crypto/auth infrastructure.
<twb> It allows anyone who has your public key to know that you're "you".
<twb> In the context of web browsing, however, your end users will only have your public key *in advance* if you get your keypair signed by someone they already trust -- i.e. a signatory in the browser's default trust list.
<twb> That basically means that you can either pay someone like instantssl or verisign, or inconvenience your end users.
<twb> The latter is usually referred to as a "self-signed certificate"
<garymc> so if I get a verisign. That cost money? and would they set it up for me?
<twb> You pay for them to say "I trust garymc."
<twb> Which really means "I trust that garymc has a credit card and can afford to pay me $10/year"
<garymc> lol
<twb> Don't mind me, I'm just pissed off about the hierarchical nature being hijacked as a license for verisign et al to print money.
<garymc> yeah, Verisign seen as trusted now though :(
<garymc> Anyone heard of 3D secure?
<garymc> Ok I dont want 3D secure
<twb> In practice nobody cares *who* signs your key, just as long as there's a hierarchy of trust that ends in something that's in the default list for firefox and ie
<twb> I've heard the name instantssl(.com) being bandied about the office; I've never bothered to buy a cert myself, so I can't vouch for them personally.
<garymc> How can I tell if I have OpenSSL installed on my server?
<patdk-wk> hmm
<patdk-wk> openssl
<twb> garymc: dpkg -l, or some variation thereof.
<twb> garymc: in Ubuntu (and unix in general) there are two competing implementations: OpenSSL and GNUTLS.  Within Ubuntu each program is basically pre-compiled against one of the two; you don't get to pick which, but usually it should Just Work.
<yann2> with likewise-open, how can I do an alias to allow user to authenticate using login instead of domain\\login ?
<twb> IIRC that's proprietary software which isn't supported here
<twb> The native LDAP solution is OpenLDAP (server) and PADL libpam-ldap/libnss-ldap (client).
<twb> Oh, it appears to be GPL.
<mgolisch> yann2: did you read its documentation?
<yann2> mgolisch, went through the 100 pages yes
<yann2> scrolled through and didnt find anything in that direction :(
<twb> Searching for Ubuntu 10.04 "Likewise Open" yields https://help.ubuntu.com/10.04/serverguide/C/likewise-open.html
<twb> So it's covered in the norma Ubuntu server guide.
<mgolisch> yann2: so maybe read the link twb posted
<mgolisch> it covers that
<mgolisch> iam sure their documentation does too
<yann2> thanks
<mgolisch> atleast i remember seeing that in there
<yann2> ouch so that's what it meant
<yann2> sorry I actually also read that page :(
<mgolisch> you set the default domain
<Egonis> I want to use proxyarp in ufw, and can't seem to find a howto -- I have been using shorewall all this time for basic firewall, forwarding and arp proxying.
<tax> hi there
<tax> anyone overhere?
<pmatulis> tax: there are 297 people in this channel
<tax> is there anyone that can help me configuring squid and dansguardian?
<tax> sorry for my bad english
<pmatulis> !ask | tax
<ubottu> tax: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<tax> i'm having trouble installing squid and dansguardian
<garymc> Hi, ive just setup my server to use SSL but when i load up the https://www.mysite.com version. Firefox says this is an untrusted site. How do i get it to be a trusted site?
<patdk-wk> get a real ssl certificate
<iceflatline> garymc: you have to get a cert signed by a trusted authority. GoDaddy sells them pretty cheap.
<garymc> god damn
<iceflatline> If this is more or less a private server, then I wouldn't worry about it. Just add the cert to FF list of trusted authorities and be done with it.
<uvirtbot> New bug: #666795 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.6 failed to install/upgrade: no hi ha cap seqÃ¼Ã¨ncia en la versiÃ³ nova del paquet - s'estÃ  abandonant" [Undecided,New] https://launchpad.net/bugs/666795
<uvirtbot> New bug: #666796 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.6 failed to install/upgrade: no hi ha cap seqÃ¼Ã¨ncia en la versiÃ³ nova del paquet - s'estÃ  abandonant" [Undecided,New] https://launchpad.net/bugs/666796
<SAngeli> sorry but I need help installing a driver for the modem
<SAngeli> http://www.linuxant.com/drivers/hsf/install.php  this is what I am following
<SAngeli> i had ubuntu server 10.10 64 bit installed and now have 10.04 32 bit
<SAngeli> I get the same error saying that I cannot install because the kernel module cannot be compiled
<SAngeli> I need to install a No Pre-Compile package.
<SAngeli> Could please anyone advice me what to do so that I can solve this issue and resume my work on this server?
<SAngeli> I have a Conexant System softmodem (made by US Robbotics) and need the hsfmodem driver to be installed
<SAngeli> Please lelp
<cfairles> On an 8-cpu machine, vmstat is reporting 30k context switches a second. So thats on avg 3.75k per cpu per second... sound a little high?
<SAngeli> This is whay I currently have: Distribution: Ubuntu 10.04.1
<SAngeli>   Kernel version: 2.6.32-24-generic-pae
<SAngeli> Kernel architecture: x86
<SAngeli> and this is the error I get: ERROR: The generic package is not compatible with this system since kernel modules can't be compiled. There is also no pre-compiled package available for your kernel.
<SAngeli> ./precompiled-vs-generic: 29: let: not found
<uvirtbot> New bug: #658023 in eucalyptus "registration token computed incorrectly" [Undecided,Fix committed] https://launchpad.net/bugs/658023
<MTecknology> How do I forcefully remove a broken package?
<SAngeli> it seems this chanel is for the moment paused MTecknology  cfairles
<MTecknology> I tried aptitude purge package.. but the package is broken so it won't uninstall
<cfairles> MTecknology, have you tried dpkg -P ?
<MTecknology> cfairles: nope, thanks :)
<SAngeli> how can I solve my issue? Anyone has an advice?
<SAngeli> solve the problem, myself.
<pmatulis> SAngeli: what did you do?
<SAngeli> pmatulis, I start reading carefully as linux "always" writes you what is wrong and what you miss. not having so much experience with linux and being used to Microsoft GUI sometimes when I get errors I frick out rather than read. I had to install gcc
<pmatulis> SAngeli: ok
<blackxored> hello everybody
<blackxored> I woke up this morning
<blackxored> and I though It is possible to bond a ethernet interface with a wireless one
<SAngeli> I am reading and trying to check if I comunicate with my modem following this first part http://www.hylafax.org/content/Handbook:Basic_Server_Configuration:Checking_your_Modem  but it hangs at Connected. Is this ok to try on ubuntu? I type cu -l ttyS0  (ttyS0 being my PCI Internal modem) Or should I add sudo or ?
<blackxored> *if* possible, how do you do it? and I'd get the same benefits as normal eth bonding: increased bandwith, HA, etc?
<alcy> Anyone got a clue why I am getting "FATAL: could not load /lib/modules/2.6.35-22-server/modules.dep No such file or directory" ? This is in Virtualbox with 10.10 64-bit. Although I am able to login fine and everything else is working, but still, anyone faced this before ?
<\sh> blackxored: where do you have a "increased bandwidth" with
<ChmEarl> alcy, only in chroot have I ever got that msg, usually when trying to initramfs
<\sh> bonding? (aka bond-mode 2)
<alcy> Chm this is on a i7 cpu, so just to check I increased the no. of cpus to 8, and it works. not sure how bad a setting that is though.
<ChmEarl> alcy, using $(uname -r) in chroot
<alcy> uh ChmEarl
<alcy> ChmEarl: might also just be vbox specific issue. will see if I run into problems.
<SAngeli> Is setserial a good tool to test the internal modem? Anyone knows? When I use cu it hangs
<patdk-wk> cu?
<SAngeli> <patdk-wk>  this is wehre I got it: http://www.hylafax.org/content/Handbook:Basic_Server_Configuration:Checking_your_Modem
<patdk-wk> oh, that cu
<patdk-wk> ya, cu is like telnet for modems
<SAngeli> but it hangs after I run it
<SAngeli> it stops at Connected
<patdk-wk> it should
<patdk-wk> modems only talk back
<patdk-wk> did you type at and hit enter?
<patdk-wk> and are you sure your talking to the modem's serial port?
<SAngeli> and how shuld I get the output of what the link displays?
<SAngeli> I only typed: cu -l ttyS0
<SAngeli> it is wrong?
<SAngeli> after I hit enter I get Connected. then I am unable to see or type anything
<SAngeli> <patdk-wk> I need to make sure it works and verify its class to make sure it is for fax modem and not data
<patdk-wk> hmm
<patdk-wk> are you sure ttyS0 is your modem? normally it isn't
<patdk-wk> setserial -a /dev/ttyS0 might give you some info
<patdk-wk> but if I remember right, you where using a softmodem
<SAngeli> it is not a serial modem. It is a PCI modem patdk-wk
<SAngeli> yes, it is a softmodem and ttyS0 is for PCI modmes as I read.
<SAngeli> I also have another modem, much older still PCI made by 3Com. Who knows if it is a softmodem or not.
<SAngeli> yes, it is another winmodem
<patdk-wk> you don't have pci modems :) you might have a modem with a pci interface
<patdk-wk> but all modems are serial based (well a few are parallel but not many)
<SAngeli> <patdk-wk> sure. This is what i was intending to say
<patdk-wk> now softmodems are just soundcards, and require a program to convert
<patdk-wk> but I would find it very very unlikely it's using ttyS0
<patdk-wk> what does setserial -a /dev/ttyS0 say?
<patdk-wk> for the first line?
<SAngeli> I have to install it first
<SAngeli> <patdk-wk> here is the outpup: /dev/ttyS0, Line 0, UART: 16550A, Port: 0x03f8, IRQ: 4
<SAngeli>  Baud_base: 115200, close_delay: 50, divisor: 0
<SAngeli>  closing_wait: 3000
<SAngeli>  Flags: spd_normal skip_test
<patdk-wk> ya, that so can't be your modem
<patdk-wk> what /dev/tty* devices do you have, that don't start with numbers?
<SAngeli> <patdk-wk> here is the answer (if I did right):
<SAngeli> /dev/ttySHSF3
<SAngeli> /dev/ttySHSF4
<SAngeli> /dev/ttySHSF5
<SAngeli> /dev/ttySHSF6
<SAngeli> /dev/ttySHSF7
<SAngeli> /dev/ttySHSF0
<SAngeli> /dev/ttySHSF1
<SAngeli> /dev/ttySHSF2
<patdk-wk> those sound much more promising :)
<SAngeli> I can use scanModem as this article https://help.ubuntu.com/community/DialupModemHowto/ScanModem  says
<patdk-wk> looks like that connects to all nd looks for modems
<patdk-wk> should work
<SAngeli> so what do I have to do to check the modem status and if it is working and its specs?
<sommer> ivoks: heh, I don't deny :-)
<sommer> ivoks: passion motivates is my point
<patdk-wk> well, I can't test that scanmodem thing, as I have no computers with modem in them at the moment
<ivoks> sommer: i know
<patdk-wk> (and I refuse to load that bastard softmodem for intel hda) for my laptop
<patdk-wk> but once you know what device your modem is on
<SAngeli> patdk-wk I am sure it is ttyS0 because if I test all other ttyS* I get unknown. Same as for ttySHSF*
<patdk-wk> it's easy to send it the correct at commands to find it's abilities
<SAngeli> the only one that repors properly is ttyS0
<SAngeli> patdk-wk OK. What command should I send to inquiry it?
<patdk-wk> that is the onboard serial port in your computer
<patdk-wk> beside that +fclass thing, there is the ati0 to ati9 commands
<patdk-wk> but just typing at <enter> should give you an OK or 0 reply
<SAngeli> can you please give me line by line from the start? I type at but what should I start with?
<patdk-wk> at
<SAngeli> with at I get: Garbled time
<SAngeli> patdk-wk, what should I start with? I do not have experience with it
<SAngeli> is it so hard to help me? I was almost there and suddently I am alone again
<SAngeli> <patdk-wk> I tried cu with the correct modem (as you said) being ttySHSF0 and got this message: Connected.
<SAngeli> cu: Got hangup signal
<SAngeli>  Disconnected.
<SAngeli> <patdk-wk> any suggestion to complete my work or I have to sto hylafax as being installed and most likely running?
<uvirtbot> New bug: #666862 in samba (main) "shared folders doesn't think samba is installed" [Undecided,New] https://launchpad.net/bugs/666862
<uvirtbot> New bug: #663990 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu6 failed to install/upgrade: å­è¿ç¨ å·²å®è£ç post-installation èæ¬ è¿åäºéè¯¯å· 1" [Undecided,New] https://launchpad.net/bugs/663990
<uvirtbot> New bug: #663336 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: å­è¿ç¨ æ°ç pre-installation èæ¬ è¿åäºéè¯¯å· 1" [Undecided,New] https://launchpad.net/bugs/663336
<uvirtbot> New bug: #661371 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/661371
<uvirtbot> New bug: #656813 in apache2 (main) "package apache2.2-common 2.2.14-5ubuntu8.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/656813
<uvirtbot> New bug: #579736 in samba (main) "upgrade from hardy to lucid uninstalls samba" [Undecided,New] https://launchpad.net/bugs/579736
<patdk-wk> man I wish there was a version of zerofree for btrfs
<yann2> sorry about going back to this : https://help.ubuntu.com/10.04/serverguide/C/likewise-open.html  - after installing likewise-open on 10.4 I dont have a /etc/samba directory - though the documentation suggest I change a file there to use a default domain. Any hints?
<yann2> http://ubuntuforums.org/showthread.php?t=1430347 *sigh* :(
<k5673> Yo! 'Sup!
<k5673> I'm having an issue with samba/ubuntu_9.04_server. I'm getting random files/folder's names truncated. But the contents of the files are allright. Any ideas?
<k5673>  I'm having an issue with samba/ubuntu_9.04_server. I'm getting random files/folder's names truncated. Like FTHH9O~L, but the contents of the files are allright. Any ideas?
<tax> does anyone know how is the syntax of ACL in squid3?
<k5673> tax: what do you want to do?
<k5673> tax: http://wiki.squid-cache.org/SquidFaq/SquidAcl
 * RoyK hands k5673 a beer
<RoyK> k5673: what filesystem are you using?
<tax> i try to make a squid and dansguardian
<tax> firewall
<tax> and i'm stuck to the configuration of squid
<tax> when i try to put the ip range of my localnetwork into squid.conf and allow it,
<tax> i get this message and squid doesn'nt work
<tax> 2010/10/26 23:54:19| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
<tax> 2010/10/26 23:54:19| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
<tax> 2010/10/26 23:54:19| WARNING: For now we will assume you meant to write /0
<k5673> ext3
<k5673> RoyK: ext3
<guntbert> tax: use /24 instead of /255.255.255.0
<RoyK> k5673: reboot into single, or just init s, and fsck that
<k5673> RoyK: I'll try it. It's my 1TB fileserver, in a highschool.
<k5673> RoyK: the fail wrecked havoc among the teachers.
<RoyK> k5673: if filenames are truncated, first check for data errors in dmesg
<RoyK> if you have data errors, well, it's not your fault
<RoyK> if it's ext3 fucking up, not your fault either
<tax> can you tell me what does 24 mean?
<k5673> RoyK:I know, i know.
 * RoyK uses zfs for storage these days
<k5673> tax: the network mask
<k5673> tax: 24 stands for 255.255.255.0
<RoyK> tax: 255.255.255.0 => 8.8.8.0 bits
<RoyK> simple addition
<tax> ok, try it at once
<guntbert> tax: If you're speaking to someone in particular, please put their nickname in what you say (use !tab), or else messages get lost and it becomes confusing :)
<tax> guntbert: soory, i'm new to irc
<guntbert> tax: no problem :) it just makes it easier to see your responses
<RoyK> !tab guntbert test
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<RoyK> hm... didn't work too well
<RoyK> /me uses the old commands
<tax> k5673: it works
<Pici> tab is a key on your keyboard...
<tax> thanx to RoyK too
<k5673> tax: OK
<tax> k5673: so the proxy is working, but my goal is to make it work with dansguardian
<tax> and to make it transparent
<k5673> k5673: in order to make squid transparent, use http_port 8080 transparent, where 8080 is the port which squid is listening
<tax> k5673: I try to find how it works and i will post back here if i have some trouble
<k5673> k5673: and you have to add the rules.
<k5673> k5673: i have a running squid setup, but with iptables. I've never user dansguardian.
<k5673> k5673: i can share my squid.conf with you.
<k5673> k5673: want to see?
<guntbert> k5673: don't talk to yourself :-)
<k5673> Oh
<RoyK> the port isn't important, but you'll need to configure squid to allow transparent connections where squid plays the webserver
<k5673> Sorry
<tax> k5673: ok
<k5673> tax: Just redirect all the web traffic from/to your firewall to the squid
 * SasaGloc_afk is away: Gone away for now
<tax> k5673: the aadvantage of dansguardian is that it can blacklist some sites
<tax> k5673: i tried to make it with firestarter, but it doesn't work fine
<tax> k5673: but i have to keep it working because it was the only way to share internet connexion that was working for me
<k5673> tax: http://pastebin.com/bRxzjmSF
<tax> k5673: thank you
 * SasaGloc is back.
 * RoyK runs
<k5673> tax: and my iptables script http://pastebin.com/6XSrLZzH
<k5673> This one is important...
<k5673> tax: i thing you can do a lot just using iptables.
<k5673> tax: i'm managing 200 users and 8 servers with squid and iptables
<k5673> In a common PC
<tax> k5673: wow!
<RoyK> what did I miss_
<RoyK> ?
<tax> k5673: can you have a traffic monitoring?
<k5673> tax: Evil, isn't.
<k5673> tax: AND, if you wank to see what your peers are looking, just tail -f /var/log /squid/access.log
<k5673> Nope. No more pizza for RoyK. Sorry.
<tax> k5673: what do you mean by 'tail'?
<k5673> tax: Sorry.
<k5673> tax: tail -f /var/log /squid/access.log
<k5673> tax: tail is a command
<tax> ok
<tax> k5673: ok
<k5673> tax: to see the end of a file, and the -f switch makes tail follow the file in progress.
<tax> k5673: i get an error
<k5673> tax: let's see.
<tax> ==> /var/log <==
<tax> tail: Erreur lors de la lecture `/var/log': est un dossier
<tax> tail: /var/log: ne peut dÃ©terminer la fin de ce type de fichier; abandon sur ce nom
<tax> tail: Ne peut ouvrir `/squid/access.log' en lecture: Aucun fichier ou dossier de ce type
<tax> k5673
<tax> k5673: sorry
<k5673> tax: the file doesn't exist
<Pici> get rid of the space between /var/log and /squid/access.log
<tax> k5673: do i have to create it?
<k5673> tax: do not worry
<k5673> tax: no, the file is created by squid
<tax> k5673:it was the space
<tax> Pici:Thank you
<Pici> tax: no problem
<guntbert> !pastebin | tax (lesson 2 :-))
<ubottu> tax (lesson 2 :-)): For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<tax> guntbert: sorry, didn't know
<guntbert> tax: don't worry - this channel is rather quiet :-)
<tax> back here after a few hours squid is not transparent
<tax> Pici: do you know how to configure dansguardian?
<Pici> tax: Sorry, no. :/
<tax> Pici: and what about to make squid transparent?
#ubuntu-server 2010-10-27
<owh> I have a hardy server with 2 x 500Gb HDD configured as a software raid1 set. The drives are almost full. I need to replace them with 2 x 2Tb drives. I have 2 sata connectors. What is the smartest way to migrate?
<owh> Is there an RTFM someone might point me at?
<twb> Put all four disks in the machine, configure a four-way RAID1, then remove the old pair and grow the array
<owh> Not enough sata connectors.
<twb> Then one way is to degrade the array first, then do the merge one-half of old and one-half of new
<owh> Can I remove 1 x 500Gb, add 1 x 2Tb, boot from CD, then dd the data from small to large, rinse and repeat with the other two, then bring it up, then grow it?
<twb> I suppose so, but that means your machine will be offline for the entire resync
<twb> (You wouldn't use dd from one of the 2TBs to the other; you'd just assemble the array.)
<owh> Yeah, I was thinking dd from each of the 500Gb to each of the 2Tb.
<twb> It's a mirror
<twb> there's no point doing that
<owh> You're suggesting, degrade the array, shutdown, remove 1 drive, add a new drive, add the new drive to the array, resync, degrade the array again, add the other new drive - right?
<twb> shut down, replace one 500Gb with one 2TB; bootdegraded from the remaining 500GB, add the 2TB to the array, let it resync.
<owh> Right, and then rinse and repeat.
<twb> Then, shut down, replace the remaining 500GB with the second 2TB, bootdegraded from the first 2TB, add the second to the array
<twb> Finally, call mdadm with the appropriate command to say "notice that there's more space now"
<qman__> that's not enough though, you still need to expand the filesystem afterward
<twb> --grow, I think.  I haven't done it for a while
<qman__> whcih is an offline operation
<twb> qman__: not on ext3
<qman__> in any case, it's quite time consuming
<twb> A resize2fs *grow* takes negligible time
<twb> It's probably O(n), but the k is quite small
<qman__> I meant the process as a whole
<twb> Granted
<owh> And I'm partitioning the 2Tb the same as the 500Gb?
<qman__> taking more space, of course
<owh> Or am I partitioning it in the way that I want it to become?
<qman__> if your 500GB is one full-size raid partition, your 2TB would be one full size raid partition
<owh> No, two partitions, swap and /
<qman__> I guess that's a bad way to explain it
<qman__> you want the new raid partition to be the size of the new raid
<owh> And mdadm won't choke that the partitions are not the same size?
<qman__> of course not
<qman__> it uses the full capacity of the smallest device in the raid
<twb> owh: the partitions on the new disks should be full size
<qman__> the extra space is simply wasted until you eliminate the small disk and grow the array
<twb> Yep
<owh> Excellent, seems we have a plan. Any gotchas?
<twb> owh: the case edges are probably sharp
<qman__> you will not be redundant while it's resyncing
<owh> ROTFL
<owh> qman__: Yeah
<qman__> so don't do something silly like wiping your 500GB drive before everything is said and done
<owh> I wasn't intending to wipe it at all - nice offline backup :)
<qman__> you'd think that would go without saying, but I've seen people do it
<owh> Any merit in making home a new partition on the new large drive.
<qman__> that's why I mention it
<owh> qman__: fair enough
<qman__> not really
<qman__> the only reason you might do that is convenience if you wipe / frequently
<qman__> or if you use encrypted filesystems
<owh> No, more from a perspective that silly users cannot fill the server / and bring it down :)
<qman__> that's what quotas are for
<qman__> filling home will prevent users from logging on
<owh> :)
<twb> On any multi-user system, I always make user data separate from the OS
<qman__> there's certainly good reasons to do it
<owh> Yeah, this is a *historic* server and I'm trying to regain some composure while attempting to avoid shooting my foot off with a large cannon.
<qman__> but it's not a necessity, and it will involve more downtime
<qman__> up to you
<twb> Of course, I'd also be using LVM
<owh> This will be over the weekend, so I'm expecting to at least have the server up and syncing in 48 hours, down-time over the weekend not so much an issue.
<qman__> resyncing 2TB can take considerably longer than 48 hours
<owh> twb: I've been shy to use LVM, last time I used it, it ate my data.
<owh> qman__: Only 500Gb, not 2Tb.
<katronixserf> Hi all, can someone tell me which Firewall Jaunty came with?
<twb> katronixserf: linux only has one firewall: netfilter
<katronixserf> oh ok, not iptables?
<twb> iptables is the UI for netfilter
<qman__> and UFW is a frontend for iptables
<twb> Right
<qman__> owh, I see three resync operations, 500GB to the first 2TB, 500GB to the second 2TB, and then the expansion operation
<twb> qman__: the third isn't a resync
<owh> qman__: Right, but I only need to be on-site for the first one, since I'll need to reboot before 1, between 1 and 2, the rest shouldn't affect connectivity.
<katronixserf> does: http://pastebin.com/vKRMSptr mean nothing is blocked?
<qman__> that's true, I'm forgetting this is raid 1, not raid 5/6
<twb> katronixserf: in the filter table, yes.
<qman__> I added two drives to a raid 5 and it took over three days to finish expanding
<twb> katronixserf: you could be doing something silly in the nat, mangle, raw tables, etc.
<owh> How much should I budget for the first 500Gb sync?
<katronixserf> haven't touched it, tried running an app that connects using port 9000, and wanted to see if it was being blocked or not
<qman__> katronixserf, ubuntu has, by default, an accept all policy with no rules
<qman__> in essence no firewall, just the kernel modules
<katronixserf> k
<qman__> owh, that depends a lot on how fast your disks are
<qman__> I'm going to take a fairly safe guess at 80MB/s
<qman__> if you tweak the kernel to allow full speed syncing, that would theoretically be the same as a flat dd
<qman__> quick calculator suggests about 2 hours
<owh> So, double it, add 1 for good measure, 5 - that's doable :-)
<qman__> but yeah, make sure you tweak the kernel during the resync
<owh> How?
<qman__> it has settings that slow it down to prevent excessive iowait during operations on an active server
<owh> Which RTFM should I consult?
<qman__> http://www.cyberciti.biz/tips/linux-raid-increase-resync-rebuild-speed.html
<owh> Niice
<qman__> if you just set them absurdly high it'll go full speed
<qman__> no need to change any configuration, just echo to proc
<owh> It won't lock the console?
<qman__> no
<owh> Excellent.
<qman__> the system's actually quite responsive
 * owh guesses that booting in single mode would be a GOOD IDEA.
<qman__> I did on mine
<owh> Yeah, as I said, no users to worry about :)
<qman__> you don't have to, but I wasn't taking any risks
<owh> I've heard suggestions, in addition to those uttered by twb to use LVM, but as I said, last time it ate my data - very, very unhappy, since it didn't eat it when I did it, just later when the users were actually using the system. As luck would have it, right before the regular backup :(
<owh> Any comments about why I should consider LVM?
<twb> Because it allows you to resize partitions on the fly, and to move them between disks -- without an outage
<twb> In particular, it allows you to allocate only (say) 2GB to / and 10GB to /home, and increase this later when the users whinge
<owh> So this would be useful in a high-availability environment, not so much in a - we can fix it on the weekend environment?
<owh> In essence, I'd be adding another layer of abstraction between the os and the drive - right?
<qman__> you use LVM basically instead of partitioning, though with a RAID the order is different
<qman__> in non-raid, it goes full-disk partition, LVM, filesystems
<qman__> in raid, it goes full disk partition, mdadm, LVM, filesystems
<owh> I understand. I cannot do a full disk partition software raid with 2 sata connectors and only two drives - or did I miss something?
<qman__> you could
<qman__> but it would be very difficult to convert what you have to that
<qman__> or at least a lot more difficult than if you could hook all the drives up
<qman__> also of note, I normally put /boot outside any LVM or raid to avoid any hassles with grub
<qman__> but 255MB off the size of the raid is insignificant with today's disk sizes
<owh> Well, theoretically I could connect the sata drives via two sata/usb adapters, but I'm not sure what that gains me, other than a slower resync.
<owh> s/slower/much much slower/
<qman__> yeah, looking at about 40MB/s if each disk is on a separate controller
<owh> In return for time, do I get some other benefits that don't appear obvious to me?
<qman__> well, you don't have to open your server as many times
<qman__> and normally, it would be a time saving operation
<owh> Other than that the first resync would take much longer and I'd still need to be there to do the final swap.
<owh> Well, this has been enlightening, thanks qman__ and twb, much appreciated.
<katronixserf> which package provides cmp?
<owh> katronixserf: diff
<twb> katronixserf: dpkg -S or apt-file will tell you
<owh> twb: dpkg will only tell if you have it already installed.
<twb> owh: hence apt-file
<owh> twb: Fair enough :)
<twb> If I have a hardy NFS server and a bunch of harder workstations, and I want user quotas, do I need to install "quota" on the client machines?
<twb> IIRC I only need to install it on the server itself, and that's only to modify/inspect quotas -- the actual quota enforcement is entirely done in the kernel.
<yuri_sevatz> hello
<yuri_sevatz> I'm having an issue with the installer cd getting stuck at "Configuring linux-image-2.6.35"
<yuri_sevatz> did a verification and the cd integrity said perfect
<yuri_sevatz> this is the 10.10 edition
 * RoyK += 0xc0ffee
<Error404NotFound> i am trying to generate a multidomain ssl, but when i visit second domain firefox reports that cert is only valid for domain1, http://pastebin.com/1ANmNUKY
<Error404NotFound> even tried with: http://pastebin.com/pXV5krTk (new conf at bottom)
<Error404NotFound> updated pastebin: http://pastebin.com/Cwq89rRX
<Error404NotFound> further updated: http://pastebin.com/7gz03Mrt seems like method 1 doesn't work at all
<git__> anyone here work with sheepdog ?
<a_ok> what is the best place to add a location to path for all users?
<\sh> a_ok: /etc/login.defs ?
<a_ok> \sh: well accourding to the documentation I just found /etc/envirionment. never knew of login.defs
<\sh> a_ok: yes that's also possible...depending on when and where you want to use the paths
<Error404NotFound> a_ok, environment is the recommended place, there are other places as well, but conventionally /etc/environment has been used to define global settings such as PATH, HTTP_PROXY, JAVA_HOME, etc
<a_ok> \sh: when do I want to use login.defs?
<theblueone> can anyone point me to the location upstart logs process output to by default?
<theblueone> I can't seem to find this anywhere
<ghaleb> hello, I have ubuntu-server 8.10 installed and configured on server, and I moved the os disk to another server and it's not working, when the kernel starts it ends up with errors in modprob and starts initramfs, any help what to do ?
<drcode> hi all
<drcode> I can't make samba with printer to work
<drcode> I am running on ubuntu 10.04
<drcode> I have strange this error:
<drcode> [2010/10/27 11:17:06,  0] smbd/server.c:1115(main)
<drcode>   standard input is not a socket, assuming -D option
<drcode>  any idea?
<twister004> hi guys.. during ubuntu 10.04 server installation, i selected 'do not update'and now, when i do an 'apt-get install <pkg>', it gives the following errors: "Couldn't find the package".. please advise if there is anything i can do to prevent this
<twister004> i have uncommented entries in the sources.list file
<mike9055> is there anyway i can see how much data my server has transfered to a certain ip
<_bt> twister004: suso apt-get update
<_bt> sorry   "sudo"
<twister004> i did that
<twister004> i get errors... Failed to fetch http://us.archive.ubuntu.com.......... Hash Sum mismatch
<jpds> twister004: Are you behind a proxy?
<twister004> no
<twister004> i did a apt-get clean
<twister004> and ... apt-get update && apt-get upgrade
<twister004> seems to be downloading something
<jpds> twister004: Try: sudo apt-get -o Acquire::http::No-Cache=true update
<twister004> yes.. i did that
<jpds> With the No-cache flag/
<twister004> yes
<jpds> Righto.
<twister004> it's downloading some stuff now...
<twister004> ill try downloading the app and check
<twister004> thanks a lot!!!
<binBASH> http://lackrack.org/
<binBASH> haha, this is nice idea ;)
<cemc> I have a 10.04 with snmpd on it. every time there's a request from another machine, the snmpd daemon writes a log entry "Connection from UDP etc etc". how can I disable that?
<joschi> cemc: http://raetsel.wordpress.com/2008/02/15/snmpd-filling-up-varlogmessages/
<joschi> cemc: alternatively filter these messages in your syslog daemon
<cemc> joschi: mhm, thanks. found it in the meantime
<MrWise> running cap deploy, it asks for my git user pass twice, then just goes "Password:" and no matter what I type in I get permission denied
<MrWise> any ideas as of what I'm doing wrong? :|
<AndyGraybeal> hi, i'm having a problem destroying a machine; it says it times out.
<AndyGraybeal> what do i do to kill it?
<AndyGraybeal> i'm using libvirt's virsh with kvm
<k5673> AndyGrayBeal: A virtual one?
<k5673> Ah
<AndyGraybeal> yes, no power button on this guy
<k5673> AndyGrayBeal: I'm having issues shuting down the machine, not destroying it
<AndyGraybeal> yea, i can't connect, shutdown or destroy :(
<AndyGraybeal> if there was a virtual knife .....
<k5673> AndyGrayBeal: No idea. Are you controlling a remote kvm or local one?
<AndyGraybeal> local
<AndyGraybeal> the other virtual machines are running just fine
<binBASH> AndyGraybeal: ps -ef|grep kvm
<binBASH> :D
<binBASH> and how you kill processes?
<k5673> AndyGrayBeal: You can destroy them using virt-manager
<AndyGraybeal> k5673: i've tried tht too.. it acts the same as virsh
<binBASH> and yup with virt-manager you can see their console as well
<AndyGraybeal> binBASH: i can't connect to it
<binBASH> you can't connect to it with virt-manager?
<binBASH> weird ;)
<AndyGraybeal> yea, virt-viewer doesn't work either
<binBASH> or do you mean, virt-manager is unable to connect to your libvirt daemon?
<k5673> So, there's your problem
<AndyGraybeal> virt-manager connects to libvirt fine, i can connect to my other machines just fine.  they are all running just fine.
<k5673> AndyGraybeal: can you see anything running virsh --connect qemu:///system list
<k5673> AndyGraybeal: ?
<AndyGraybeal> yes, that works stupendously.
<binBASH> ok
<k5673> AndyGraybeal: OK
<AndyGraybeal> it's specifically one machine that times out
<AndyGraybeal> binBASH: i will try to destroy the process now
<binBASH> yup
<binBASH> try it
<binBASH> then restart the machine in virt-manager and open the console
<binBASH> maybe you can see what's the issue
<AndyGraybeal> that appears to have worked.
<mrpeters-isl> hey all anyone here use virt-manager and know the trick to getting a virt-manager graphical console to the dom0 is?  just simply instaling a vnc server on dom0?  something else?  Ubuntu 10.04 for virt-manager but Debian Lenny dom0's
<k5673> AndyGraybeal: Maybe is an issue with the ACPI support for your guests
<AndyGraybeal> k5673: i'm not sure, it's ubuntu 10.04 on ubuntu 10.04
<sommer> morning
<k5673> morning
<k5673> AndyGraybeal: It can be possible
<k5673> AndyGraybeal: May be.
<k5673> AndyGraybeal: Remember. The destroy feature lis like unplugging the power cord from the wall. Or pressing the power button for 4 seconds. That behavior is controlled by ACPI
<AndyGraybeal> well it has worked fine until today
<AndyGraybeal> this morning
<k5673> AndyGraybeal: Can you see ACPI errors in dmesg | more, inside your guest?
<AndyGraybeal> lemme look
<k5673> AndyGraybeal: Ah
<k5673> AndyGraybeal: It's just an idea...
<AndyGraybeal> nope no errros in dmesg
<k5673> AndyGraybeal: Mmmmmmm
<AndyGraybeal> it's working now, killing the process allievated whatever issue was happening.
<AndyGraybeal> :)
<k5673> AndyGraybeal: What process? KVM?
<uvirtbot> New bug: #667269 in samba (main) "winbind crashes" [Undecided,New] https://launchpad.net/bugs/667269
<garymc> Anyone ever bought a SSL certificate? I bought one yesterday from Godadddy but its PENDING. Anyone know how long it takes till i can use this SSL certificate on my server?
<AndyGraybeal> garymc: i want to buy some from startssl
<patdk-wk> pending? what kind of cert did you get? normally it's like a few min
<patdk-wk> unless you get one that needs some kind of background check
<garymc> I got the best one they did
<garymc> they say they are doing checks
<garymc> taking ages pissing me right off
<MrWise> I accidentally chmod -R 777 /
<MrWise> am I fucked? :|
<patdk-wk> use the undo command :)
<MrWise> sorry, what?
<MrWise> I have nothing that runns from 'undo'
<patdk-wk> I'm joking
<MrWise> :|
<patdk-wk> pretty much, going be annoying as hell to fix
<MrWise> chmod SHOULD have an undo command :P
<patdk-wk> that would be your filesystem :)
<alvin> (I did the same some 9 years ago on a live production system.) Did the command complete, or did you interrupt?
<MrWise> it completed
<patdk-wk> how can I get a user to have access to raw disks?
<patdk-wk> I added the user to the disk group, but it's just not going
<pmatulis> MrWise: i recommend a re-install
<patdk-wk> ah fixed it, had to reloging to notice the new group
<Reyuken> does anybody know if the pure-ftpd package is still in a repository?
<lau> I got smbd INTERNAL ERROR: Signal 11 I tried to get a gdb backtrace of the smbd process
<Reyuken> i clearly installed universe, but it gives me a cant find package error
<lau> http://dpaste.com/265175/ but i am not familiar with those symbols
<Reyuken> http://paste-it.net/public/p84f849/
<lau> Reyuken: did you try packages.ubuntu.com ?
<Reyuken> hmm
<Reyuken> ill try adding that one
<lau> no check the http://packages.ubuntu.com
<etcetera> how intensive is it for rsync to sync a directory of thousands of files to an ftp every 5 seconds or so?
<rbnicknej> Reyuken, I found pure-ftpd package in lucid/universe
<Reyuken> i Think i added that one
<Reyuken> as shown in the paste-it above
<etcetera> anyone? we are doing something similar on windows with a 3rd party utility, and we know the rsync algo is pretty fast.
<etcetera> just not sure how well it handles large batches of < 1KB files.
<patdk-wk> etcetera, depends
<patdk-wk> it syncs millions of files for me pretty damned quick
<patdk-wk> it's harddrive intensive though, if all those files metadata doesn't fit in ram
<etcetera> patdk-wk: yea, not near millions of files.
<etcetera> we clear out stuff older than a day every day.
<etcetera> maybe thousands, < 100K / day.
<rbnicknej> Reyuken, you try 'sudo apt-get update && sudo apt-get upgrade' after adding them?
<patdk-wk> what I don't know is exactly how much bandwidth that will use up
<patdk-wk> using unison instead, will keep bandwidth down to basically nothing, if files don't change
<etcetera> patdk-wk: right we are only syncing new files.
<patdk-wk> doesn't matter if you sync only new or not
<patdk-wk> it still has to check the metadata to know what is new or not
<etcetera> right, obviouly you're IO bound.
<patdk-wk> na, I'm not io bound, my metadata fits in ram nicely, and stays there :)
<etcetera> patdk-wk: how does it get disposed?
<patdk-wk> disposed?
<patdk-wk> it's cache data, if the system needs the ram for something else, out it goes
<LowValueTarget> WTH.... i just had a db consultant tell one of my clients that Ubuntu is not good for a MySQL environment
<etcetera> most people are stupid, let the benchmarks speak for your specific use case.
<LowValueTarget> etcetera: this was Percona.... the "MySQL Experts"
<ChmEarl> LowValueTarget, BestPractical uses latest Ubuntu to host their site (rt3 authors)
<zul__> everyone has their own agenda
<Reyuken> <rbnicknej> Reyuken, you try 'sudo apt-get update && sudo apt-get upgrade' after adding them?
<Reyuken> hah that, works, thanks alot!
<Reyuken> im such a newbie when it comes to linux
<ciastek> where should i write about wrong information in ubuntu server guide?
<etcetera> LowValueTarget: who cares?
<etcetera> I plan on using postgres + ubuntu on the server.
<etcetera> and Windows on the web server.
<jcastro> ciastek: is it on the wiki?
<LowValueTarget> etcetera: just bothers me
<etcetera> it's appropriate for my use case and by budget.
<jcastro> you can just fix it
<etcetera> let them show you why.
<LowValueTarget> we deploy hundreds of ubuntu servers
<LowValueTarget> i just called them asking for benchmarks... none
<LowValueTarget> must be the consultants personal pref
<jcastro> ciastek: asommer can help you but we're at UDS this week so not on irc so much. If it's on the wiki and wrong dive in and fix it. :)
<ninja1> When i try to do /oper on my ircd-hybrid server i always get wrong password even if i wrote right password, someone had this problem before?
<ciastek> jcastro: it's not wiki, but i've found launchpad page for ubuntu-docs, so i fill a bug here
<ciastek> jcastro: thank you
<etcetera> LowValueTarget: what do they prefer?
<Error404NotFound> can i ask an openssl related question here?
<tax> I would like to install a mailserver (pop3, smtp), what is the best way to do it?
<cfairles> tax, https://help.ubuntu.com/10.04/serverguide/C/email-services.html
<tax> k5673: thnak you for your help yesterday, i succeeded in my firewall made of squid firestarter and dansguardia
<cfairles> tax, i think dovecot is the most popular for an MDA, i dont really know though, i use postfix for an MTA
<etcetera> is anyone using zimbra on ubuntu?
<etcetera> the server component.
<lieuwe> hey, i'm looking for a torrent client for on my server, so it needs an webinterface. but google isn't really helping, any ideas?
<jeiworth> lieuwe: mldonkey
<tax> cfairles: can you have the same users on the both of them?
<Pici> lieuwe: transmission-daemon provides a web interface.
<tax> does anyone know how to use exim?
<k5673> tax:OK
<progre55> hi people. I upgraded libc6 from backports, but now I want to downgrade. when I say "apt-get remove libc6" ubuntu wants to remove half of my server. any suggestions, please?
<Error404NotFound> progre55, disable backports and may be try apt-get install --reinstall, not sure if that will work or not
<Error404NotFound> progre55, using backports/proposed on production environments is really a good idea btw
<progre55> thanks, I'll try that
<progre55> Error404NotFound: now when I open the link, it's offering me the php file to download.. I think I've broken some config files..
<progre55> it's actually a phtml file
<Error404NotFound> progre55, which link?
<Error404NotFound> progre55, webserver? make sure you have php module loaded, try apache2ctl -l, that small "L"
<progre55> Error404NotFound: actually, I have the php mod enabled, just forgot to add .phtml to AddType in the apache conf file =)
<Error404NotFound> progre55, that was "apache2ctl -t -D DUMP_MODULES" to list all modules
<Error404NotFound> progre55, aah, great
<Error404NotFound> so it works now?
<progre55> sec, let me try restarting it now
<progre55> Error404NotFound: well, still now working
<progre55> and there is php5_module loaded
<Error404NotFound> progre55, are you using userdir?
<progre55> in apache?
<Error404NotFound> progre55, yes
<progre55> Error404NotFound: no
<Error404NotFound> progre55, what if you try with a .php instead of .phtml?
<progre55> Error404NotFound: oh, it's working.. I guess it was my browser cache =)
<progre55> when I opened it with a different browser, it works fine
<Error404NotFound> progre55, good..
<progre55> Error404NotFound: pardon my ignorance =)
<progre55> Error404NotFound: thanks a lot for the support
<Error404NotFound> progre55, at these times using Incognito/private browsing mode, thats good for testing
<progre55> I'll consider that, thanks
<ivoks> is ubuntu one really running on IIS?
<ivoks> i got IIS's error at one point
<ivoks> it's powered by 7digital, so i guess it's their server
<Reyuken> when i do usermod -d it strangely tells me the user is currently logged in
<Reyuken> but the who command only shows root as logged in ?
<lieuwe> is it possible to set up an samba share so that it's password protected?
<patdk-wk> heh? you can password protect stuff?
<patdk-wk> normally you just limit users to shares, then the user is required to enter their password, therefor protected
<lieuwe> patdk-wk: indeed, but there are three shares. two of which should only be accessible to the lan, one of which should be public and have a pw
<patdk-wk> so?
<lieuwe> patdk-wk: i don't want the two lan shares to have a password
<RoyK> lieuwe: still running with security = share?
<lieuwe> RoyK: yes, my parents need to acces it and they forget passwords like shit
<RoyK> lieuwe: you can't combine share security with authentication
<lieuwe> RoyK: sure? no way to do something like this?
<patdk-wk> but you can easily make a guest user :)
<RoyK> not that I know about
<lieuwe> FFFUUU
<lieuwe> RoyK: thanks :-3
<RoyK> lieuwe: create a user guest passwd guest
<RoyK> allow that user access to the 'public' areas
<RoyK> set security = user
<RoyK> case closed
<patdk-wk> this is where I don't know about samba that much
<lieuwe> RoyK: too difficult for my peeps :-/
<patdk-wk> but can you limit a user login to source ip's? or share access based on ip?
<patdk-wk> that would fix it up fine
<ivoks> bad user = guest
<RoyK> lieuwe: just save the password on their boxes while mapping the shares
<ivoks> allways use security = user
<lieuwe> hmehhhmmmmmpfffffffffffff
<RoyK> patdk-wk: you can only allow/disallow from IPs
<lieuwe> RoyK: ip ranges?
<patdk-wk> I know, but he wants to allow/disallow shares
<patdk-wk> the shares that have guest
<patdk-wk> so that would work
<_Techie_> does samba allow for authentication on a per IP basis?
<RoyK> ivoks: he was on some time back and wanted to know how to share to everyone in the household, so I told him security = share will _turn_off_ auth, which was what he wanted at that time
<patdk-wk> unless the allow/disallow is samba global
<RoyK> _Techie_: not that I know
<ivoks> RoyK: even that's bad
<ivoks> RoyK: vista and 7 probably won't work with that setup
<RoyK> ivoks: it's a choice
<RoyK> ivoks: it does
<ivoks> map to guest = Bad User
<ivoks> if you have a share that need auth
<ivoks> and a share that doesn't need it
<ivoks> then set up security = user
<ivoks> and for public shares add
<ivoks> map to guest = Bad User
<ivoks> that's it
<patdk-wk> hmm
<RoyK> ivoks: samba will still ask for auth for those connections
<ivoks> it won't
<patdk-wk> maybe I am reading this wrong
<ivoks> so:
<patdk-wk> "but there are three shares. two of which should only be accessible to the lan, one of which should be public and have a pw"
<ivoks> [global]
<ivoks>     security = user
<patdk-wk> that mean two for local network with guest access, and one world accesable?
<ivoks> [private_share]
<ivoks>   guest ok = no
<ivoks> [public_share]
<ivoks>   guest ok = yes
<ivoks>   map to guest = Bad User
<RoyK> ivoks: that will still ask for authentication
<lieuwe> patdk-wk: no, the two lans should be without pass, and the global one with
<qman__> depends on your client
<RoyK> ivoks: also, please use a pastebin for that sort of multiline output
<patdk-wk> lieuwe, yes, but what is the definition of GLOBAL?
<patdk-wk> world wide over the internet?
<qman__> depending on the policy set, many versions of windows will simply auth as guest
<patdk-wk> cause that doesn't work
<lieuwe> patdk-wk: world wide
<patdk-wk> won't work
<qman__> which has caused me all sorts of trouble in the past
<patdk-wk> use a vpn
<lieuwe> patdk-wk: why wont it work?
<qman__> yeah, you can't use samba over the net directly
 * RoyK wonders what some people in here are smoking
<qman__> it's not a routable protocol
<lieuwe> wtf
<patdk-wk> hehe
<lieuwe> why not? seems awfully limited
<patdk-wk> most isp's block the ports samba uses, for good purpose
<qman__> well, it is routable, but yeah
<_Techie_> qman__, i could prolly get samba working on the net, but have no needd for it
<qman__> the name service isn't
<_Techie_> quite easily
<qman__> and most places block it
<_Techie_> port 445
<RoyK> qman__: netbeui is not routable, but samba uses this protocol called IP, see, so it's routable
 * patdk-wk doesn't use winserv
<ivoks> http://pastebin.com/3A3gv5sk
<ivoks> this works
<ivoks> those that don't belive, read smb.conf or try
<ivoks> of course, add other variables
<patdk-wk> ivoks, yes, but that doesn't answer his question :)
<patdk-wk> getting that public share to work with user auth, over the internet :)
<ivoks> over the internet?
<patdk-wk> yep
<ivoks> smb over the internet?
<ivoks> do not do that
<qman__> even if you could, it's still a bad idea
<ivoks> period.
<qman__> use sftp
<lieuwe> okay, i get the point, never mind :P
<ivoks> if you need something like that, setup webdav
<lieuwe> i better just host some files using apache then...
 * patdk-wk just uses ipsec/openvpn/....
<sobersabre> hi guys.
<sobersabre> what's the "right" way to install an init script ?
<RoyK> SMB/CIFS over the internet is a PITA - the protocol is so chatty it'll slow down your multimegabit connection down to a single B-channel ISDN link for random access
<sobersabre> I'm reading insserv manual, and I don't see examples of usage.
<sobersabre> is insserv "the" way ? or update-rc.d ?
<sobersabre> (I'm on 10.04)
<qman__> well, 10.04 is most of the way changed over to upstart
<sobersabre> qman__: so ... what do I do ?
<qman__> so only a few straggling init scripts left
<ivoks> sobersabre: copy it in /etc/init.d/ and then update-rc.d
<sobersabre> ivoks: but I looked in /etc/rc2.d and it has SO few scripts in there.
<sobersabre> so, I assume more scripts have been invoked, because of some changes.
<sobersabre> and I haven't been in sync with this.
<ivoks> sobersabre: ubuntu is moving to upstart
<ivoks> sobersabre: those are in /etc/init/
<sobersabre> ivoks:  so what do I do, how do I use upstart ?
<sobersabre> I ran insserv, and got many warnings, loops, etc.
<qman__> the entire sysvinit in 10.04 is just compatibility
<Reyuken> does anybody know how to create a user with ftp access to / ?
<ivoks> i administred debian/ubuntu systems for more than a decade
<ivoks> i've never used insserv :)
<Reyuken> i know i shouldnt change a users home directory to /
<qman__> you shouldn't be using ftp
<patdk-wk> never used insserv also
<sobersabre> ivoks: I am running the script as S99 and it's supposed to be the last.
<sobersabre> but it IS NOT running the last.
<ivoks> sobersabre: it's not the last
<soren> sobersabre: Why does it need to be last?
<qman__> especially if you're not locked down to a chroot
<ivoks> sobersabre: i told you, ubuntu is moving to upstart
<Reyuken> i just want something to move files over easily to my server
<ivoks> upstart works differently
<sobersabre> ivoks: I'm at its homepage.
<Reyuken> ftp would be a good option imo
<qman__> Reyuken, use sftp
<qman__> it's part of SSH, which you probably have anyway
<ivoks> sobersabre: look at some examples in /etc/init/
<sobersabre> how do I upstart myself ? :)
<qman__> and, FTP is never a good option
<sobersabre> init!
<sobersabre> ok.
<sobersabre> moment.
<ivoks> sobersabre: figure out what your program requires to start
<soren> sobersabre: Again, why does it need to be last?
<sobersabre> soren: I don't have time to investigate who it depends upon.
<soren> sobersabre: What is it?
<sobersabre> if it runs manually after the system has been up
<ivoks> soren: it's a secret :)
<sobersabre> it brings up a bridge and nas interface
<soren> sobersabre: But if you don't know what it depends on, put it in S99, add a "sleep 3600" to the top, and you should be fine.
<qman__> Reyuken, http://mywiki.wooledge.org/FtpMustDie
<ivoks> then it starts after networking
<soren> Probably.
<sobersabre> I assume it should be after $network.
<Reyuken> heh
<ivoks> start on started networking
<ivoks> done
<sobersabre> OK... I'll copy from ssh.
<ivoks> ssh doesn't start after network
<ivoks> cause ssh is smart; it detects network changes :)
<Reyuken> oh my, using my root account details via sftp brings me to the root directory automaticly
<Reyuken> problem solved i guess
<Reyuken>  /*
<patdk-wk> or, created :)
<sobersabre> ivoks: yep. so assuming I did modify ssh.conf to this thing, do I need to install anything, or is it supposed to work as soon as this script has been created ?
<ivoks> sobersabre: restart ssh
<_Techie_> Reyuken, rm -R /*
<_Techie_> JK
<sobersabre> ivoks: no, it's not ssh :)
<yann2> btw, what's the best place to learn how to write upstart files?
<Reyuken> lol
<ivoks> then start your_service
<sobersabre> yep.
<sobersabre> now, questions...
<sobersabre> expect fork. I don't run daemon... I removed this. OK ?
<sobersabre> respawn, don't run daemons.
<sobersabre> removed.
<Reyuken> im still incapable of changing home directories though, usermod just keeps telling me that the user in question is logged in :/
<ivoks> sobersabre: http://upstart.ubuntu.com/wiki/Stanzas
<_Techie_> Reyuken, usually if you have the godly root access, then it shouldnt matter
<ivoks> yann2: start with existing jobs in /etc/init/ and look at http://upstart.ubuntu.com/wiki/Stanzas
<binBASH> btw. soren good tip with that cloud stuff, I didn't buy many servers now :D But it took 4 weeks to adopt software :)
<Reyuken> i kinda prefer to put everything under a ftp folder of some kind
<Reyuken> instead of lots of folders in home
<sobersabre> OK.
<yann2> bookmarked, cheers, that'll be useful :)
<qkumbers> is there no longer a #ubuntu-virt room?
<soren> No.
<soren> (and they're called channels)
<qkumbers> I'm trying to find a good example of how to take advantage of qemu overlays, but I'm not using virt-manager
<qkumbers> I created the virtual machine with vmbuilder and I use virsh to manage it
<k5673> Yo!
<k5673> soren: vmbuilder can not build maverick guests in lucid. ALready updated the packages.
<k5673> Why?!
<soren> Because it sucks.
<ivoks> :)
<alex88> hi, i've setup the vsftp server, i'm in a folder owned by user, connected as user.. but it says permission denied for upload (i can connect and download)
<alex88> how do i troubleshoot this?
<alex88> no one?
<ivoks> vsftpd.conf
<alex88> oh..write_enable was default..
<benedikt> if i have a libvirt/qemu/kvm system with a couple of virtual machines, what is the best way to peridocly backup the guest systems to a remote server?
<benedikt> or is there any other way then to transfer the disc images as they are?
<benedikt> im hoping for a incremental backup alternative
<owh> benedikt: Well, you can backup from within the guest using rsync. Alternatively you can shutdown/suspend the guest and backup the disc image. I'm using OS X as my host with a sparse-bundle disk image where all my virtual machines are stored. Time machine (rsync gui) does the differential backup, since the sparse-bundle is a collection of disk blocks in a directory structure.
<owh> I've also heard of LVM snapshots being used for this purpose, but I have no experience with it.
<benedikt> owh: but the problem is that I dont have access to all of the guest systems
<benedikt> (but they are not mission critical anyways)
<benedikt> so regular backup it is
<owh> You could store all the images for each machine on an LVM volume and snapshot that, but I have no personal experience with that.
<benedikt> neither do i
<benedikt> im not even using lvm
<owh> Google: http://tldp.org/HOWTO/LVM-HOWTO/snapshots_backup.html
<owh> More: http://rhcelinuxguide.wordpress.com/2006/06/03/what-is-a-logical-volume-manager-lvm-snapshot-and-how-do-i-use-it/
<zealiod> hey, i have inherited a network that has 10 vlans on eth.111, eth.112, etc - I want them all to share a common subnet - how can this be made possible?
<zealiod> and what is a proxy network?
#ubuntu-server 2010-10-28
<b0gatyr_> has anyone every used mailcleaner?
<b0gatyr_> ever*
<twb> How do you tell ISC dhcpd not to serve an IP to a particular MAC?
<sorrell> anyone know anything about phpmyadmin? I installed it through apt and it woun;t come up when I go to localhost/phpmyadmin
<sorrell> it just tells me it doesn't exist.
<twb> sorrell: did you read /usr/share/doc/<package name>/README.Debian?
<i_is_broke> can anyone point me in the direction on how to install a virtual desktop on a server with no gui?
<sorrell> twb, I will do that now, thank you.
<twb> i_is_broke: we usually encourage people to learn to use a CLI instead
<i_is_broke> twb, ive tried, but im kind of thick skulled and am not getting some of it i read...and there for fubar my system from time to time.
<twb> i_is_broke: are you thinking of VNC, or what?
<i_is_broke> twb: well i was told by someone that qemu, kvm would do it, but i cant really find anything on how to do it.
<twb> qemu/kvm is for a "virtual desktop" in the sense of emulating a whole new system
<i_is_broke> twb: yeah thats what i want to do.
<twb> I don't know if you mean that or if you just mean something like Windows Terminal Services, where you remote desktop in
<i_is_broke> twb: that way i can have a gui when i need it so if i need to look for a clue on how to do something i can google it.:D
<i_is_broke> twb, but i have tried to google this but i must be wording it wrong or something cause it takes me clear back the 8.04 way of installing it...and with a gui.
<sorrell> you can always
<sorrell> apt-get install gnome-desktop
<i_is_broke> sorrell, why run all of that for only needing a gui for like maybe 20 minutes a week?
<sorrell> the GUI won't run uless you call it up.
<sorrell> also having a VM won't give you a GUI.
<i_is_broke> so if i run a vm i cant use things that use a gui?
<sorrell> YOU CAN'T RUN A gui ON A SYSTEM THAT DOESN'T HAVE A gui.
<sorrell> sry for the caps.
<i_is_broke> sorrell: i was going to say i can read small print to...lol. but ok thats all i wanted to know thank you.
<sorrell> twb, the file is compressed as a .gz and I can't find how to uncompress it.
<i_is_broke> untar it
<sorrell> i_is_broke, yeah sorry I had caps lock on and didn't know it. :(
<sorrell> I'm stupid so how do I do that via the CL?
<i_is_broke> sorrell: just tar -xvf file.gz or something like that.
<sorrell> ty
<i_is_broke> oh you have to have build-essentials installed.
<sorrell> k
<i_is_broke> i do know a little about the cli... just not good at doing a few things that im not sure about with it... like some networking.
<twb> sorrell: just run less (or zless) on it
<twb> sorrell: if LESSPIPE is set (which it probably is), less will automatically recognize and decompress .gz documents.
<sorrell> sweet
<sorrell> thanks twb
<i_is_broke> or things like that...lol
<i_is_broke> thats what i would need google for...lol
<i_is_broke> ok, thanks and g/bye
<sorrell> why don't you just SSH into the server?
<sorrell> then you can use the GUI on your system and still have a GUI less server.
<sorrell> oh he left....
<sorrell> should have said something to him about links too.
<qman__> he shouldn't be using the GUI to configure networking anyawy
<qman__> that uses networkmanager, which is nothing but trouble on a server
<sorrell> is that what he was trying to do?
<qman__> I honestly have no idea
<qman__> he apparently wanted a GUI on his server, and someone mistakenly guided him to install a virtual machine
<uvirtbot> New bug: #667597 in openldap (main) "conf.d directory not a configuration directory" [Undecided,New] https://launchpad.net/bugs/667597
<whalesalad> Hey guys... I am pretty good with unix in general but I've never been able to completely understand file permissions, particularly groups stuff
<whalesalad> I would like a few users to be able to collaborate in a folder... its a web app that justs serves files out of a dir, so a few users need to be able to access that dir
<twb> whalesalad: that's because posix dac semantics are retarded
<whalesalad> ??
<twb> whalesalad: re "unix file permissions"
<whalesalad> ah
<whalesalad> yeah its kinda confusing to me
<whalesalad> both users have the same primary group
<whalesalad> the folder is owned by that group, staff
<whalesalad> all sub folders are owned by that group
<rbniknej> the files would then just need to be made group-writeable by that group. They may need to chgroup them to that group
<whalesalad> mmk
<whalesalad> hmm... I just did a "chgrp -R staff foldername" and it isn't helping
<rbniknej> try 'chmod g+w foldername
<rbniknej> *'chmod -R g+w foldername'
<whalesalad> okay
<rbniknej> did that help any?
<whalesalad> thanks!
<whalesalad> fixed
<rbniknej> np :)
<whalesalad> I actually have umask g+w in my .bash_profile ;)
<twb> Huh, I had no idea umask could take a symbolic argument
<twb> whalesalad: rather than changing primary groups to all be "staff", suggest just making the directories in question set-gid.
<twb> If a dir is sgid, new children get the dir's group by default
<jmazaredo> where shuld i put this rule SecRule REMOTE_ADDR "^192\.168\.1\100$" phase:1,nolog,allow,ctl:ruleEngine=Off,ctl:auditEngine=Off
<jmazaredo> modesecurity
<jmazaredo> dont know where to put this in my server
<drcode> hi all
<drcode> I have setup and working hp allinone
<drcode> I can print from xp to ubuntu, but I can't send fax from xp -> samba ->cups ->hp any idea?
<gorkhaan> hey. Does anyone know an remote update/upgrade tool based on apt-get? Like  apt-dater. WebGUI should be great.
<twb> jmazaredo: what service are you talking about?
<twb> gorkhaan: define `remote'
<jmazaredo> modsecurity
<gorkhaan> Managing update for softwares. Let's say I have plenty of server, so I want to see what updates can be installed centrally
<jmazaredo> i need to white list an ip
<gorkhaan> like apt-dater + over ssh
<jmazaredo> in their site doesnt say what file to edit just the code
<twb> apt-dater's package description impies it works over ssh
<twb> jmazaredo: do you perhaps mean apache-mod-security?
<jmazaredo> yes
<twb> Er, libapache-mod-security.
<twb> jmazaredo: sorry, I don't know much about apache.  Presumably somewhere in /etc/apache2
<twb> jmazaredo: of course, you can always blacklist a host using simple tcpwrappers, i.e. /etc/hosts.deny
<jmazaredo> http://www.modsecurity.org/documentation/faq.html#d0e400 this is their docs they say to put the code but dunno where
<jmazaredo> i need to allow but mod_security is blocking it
<twb> jmazaredo: try looking through /etc/apache2 for existing SecRules
<twb> (Personally, I wouldn't trust anything that's using regular expressions to match IPv4 addresses...)
<jmazaredo> yep done that but whenever i paste the code, and restart nothing happes ;)
<jmazaredo> their channel is sleeping hehehe
<sander^work> INFO: task apache2 ... blocked for more than 120 sec <-- I get this on 2.6.35-22-server kernel..
<twb> sander^work: maybe because your I/O is through the roof?
<sander^work> twb, It was several days earlier.. but I got this message after I just rebooted.
<twb> Shrug
<sander^work> Maybe its related to the hyper-v drivers i'm using?
<sander^work> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/276476
<uvirtbot> Launchpad bug 276476 in linux "Idle-priority scheduling bug blocks tasks" [Medium,Fix released]
<sander^work> If you scroll down to the bottom.. it says its happening with ppa kernel 2.6.35-22-server
<twb> sander^work: I can't comment on Microsoft products, sorry.
<sander^work> twb, I guess its not related to that.. since other people also got it.
<twb> Shrug
<twb> I don't run apache, either :-)
<sander^work> It's happening to other processes aswell.. as you see in the bug report.
<twb> That says if your kernel is up to date, it's not that bug
<alvin> sander^work: This has been happening for a long time now. I stopped using LVM snapshots and it helped somewhat.
<garymc> Hi, I bought SSL certificates off Godaddy. All is well. But my certificates arnt working properly. Apparently ive installed them wrong on my server. I cant work out what ive done wrong... can anyone help me or do i need to visit a differnt channel?
<overlord_tm> whats the error?
<garymc> in the bottom right of the browser on the paddlock
<garymc> Warning: Conatians unathenticated content
<garymc> I spoke to godaddy and they said ive installed the certs incorrectly
<garymc> because its a private server they cant help me
<garymc> Also when i restart apache it now asks me for Key passphrase
<overlord_tm> maybe you load some images via http, not https
<overlord_tm> u got to remove pass from key ;)
<overlord_tm> otherwise you have to enter key on every reboot
<garymc> overlord_tm : How?
<overlord_tm> http://www.madboa.com/geek/openssl/
<overlord_tm> search for passphrase
<garymc> Ahh all images got to be on https server?
<overlord_tm> if you dont want to get warning :)
<garymc> overlord_tm : you was right about the images. Thanks
<garymc> Just need to remove the passphrase. DAMN!
<overlord_tm> garymc, http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#removepassphrase
<garymc> Thanks :)
<garymc> Yes cool overlord_tm thanks for the help :)
<garymc> Im a happy guy now
<garymc> speak later
<uvirtbot> New bug: #667700 in mysql-5.1 (main) "Simple MySQL queries return wrong result after update from 5.1.41 (10.04, Lucid Lynx) to 5.1.49 (10.10, Maverick Meerkat)" [Undecided,New] https://launchpad.net/bugs/667700
<MorkBork> anyone know why in /etc/shadow some of my ubuntu systems have * for root and others have !?
<MorkBork> was that a change in the distro or did some random package make that change
<MorkBork> actually im only seeing one with *, the rest have !
<MorkBork> is there anywhere i can search to see what packages may have potentially manually modified /etc/passwd
<MorkBork> err /etc/shadow*
<patdk-wk> * means no password, can't login
<patdk-wk> ! means account locked, password optional, but still can't login
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<MorkBork> yea
<MorkBork> i know the differences
<patdk-wk> ! wasn't for you, you bot! :)
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<MorkBork> but im not sure why one system has * and the rest have !
<MorkBork> i didnt manually modify them
<patdk-wk> is it ! with something following it?
<MorkBork> nope
<patdk-wk> it just ! by itself?
<MorkBork> the default seems to be just a !
<patdk-wk> no idea, should give the same result, I believe
<patdk-wk> as ! isn't a valid hash, of anything, so should do the same thing
<MorkBork> ive looked at 3 ubuntu systems: i have a fresh install of 10.10 that just has a !, i have a system that started at like 8.10 and has been updated every step of the way and is running 10.10 now that has !
<MorkBork> and i have a 10.04 system that was updated to 10.10 that has a *
<patdk-wk> my maverick/natty system has !, it started at karmic
<MorkBork> yea
<patdk-wk> all my other systems have *, but they are all lucid or lower
<MorkBork> okay
<MorkBork> so lucid probably used *
<MorkBork> sometime back in the 7.x or 8.x days it used !
<MorkBork> so basically in the 8.x-10.04 timeframe the default musta been * i guess?
<patdk-wk> hmm, ya, my 8.04 systems are using ! too
<MorkBork> i looked through bug reports, etc
<MorkBork> nothing jumped out
<patdk-wk> anoyher 8.04 system has lots of !
<MorkBork> im betting it was an installer change
<patdk-wk> root, ntp, lubuuid, mysql, tbd, dhcp, klog, sshd
<MorkBork> i have a lot more ubuntu systems in random places
<MorkBork> seems to depend on when they were setup
<sobersabre> hi. I've written an upstart script file based on hostname.conf
<sobersabre> it is simply supposed to run another script (will paste the script in a moment)
<sobersabre> it has "start on started network" clause
<sobersabre> and the exec clause
<sobersabre> that's it.
<sobersabre> what can make the script NOT to be run ?
<Guest61040> greetings, I want to make a backup of my disk to boot in virtualbox. Is this the advisable command for making the image:  sudo dd if=/dev/cciss/c0d1p1 of=/home/ken/server.iso
<Guest61040> where my drive is /dev/cciss/c0d1p1
<mgolisch> if thats your disk device it should be fine
<Guest61040> cheers
<mgolisch> but dont name it iso its not a cd image..
<Guest61040> what should it be called then
<mgolisch> and you probably want to specify a block size
<mgolisch> using bs=something
<mgolisch> 1M or so for speedup
<Guest61040> 1024 i think, sure
<mgolisch> hm i name them .raw or .dd but anything should be fine aslong as you remember what it is
<Guest61040> kk, thanks
<J_P> hi all
<J_P> people, ubuntu don't have package name glibc. What package correspond to this package?
<pmatulis> J_P: investigate 'libc6'
<k5673> J_P: use "apt-cache search libc"
<J_P> k5673:  and pmatulis thanks!
<k5673> J_P: the same "apt-cache search pmatulis"
<k5673> J_P: apt-cache is your monochrome cli-based friend
<andreserl> .win 4
<mgolisch> or just browse packages.ubuntu.com
<k5673> That's an option, too!
<kaushal> hi
<kaushal> is there a way to find out the Hardware is capable of 64 Bit or 32 Bit ?
<shauno> kaushal: if you look in /proc/cpuinfo, I believe the 'lm' cpu flag is x86_64
<kaushal> shauno: ok
<kaushal> so its 64 Bit capable
<shauno> if lm is present, yes.  if it's not .. it's not.  feel free to google X86_FEATURE_LM for the grizzly details :)
<patdk-wk> hehe :)
<patdk-wk> I have one system that is very odd
<patdk-wk> I plugged in a 64bit cpu, used a 64bit os, and all is good
<patdk-wk> but the motherboard still has a 32bit memory limit :(
<patdk-wk> stupid motherboard
<patdk-wk> good thing it goes in the trash in a few weeks
<uvirtbot> New bug: #667793 in euca2ools (main) "euca-bundle-vol should copy filesystem label" [Undecided,New] https://launchpad.net/bugs/667793
<JeffJassky> Hey, guys. Brand new to Ubuntu this morning (and linux) and I've been tasked with setting up a web server with apache, php, mysql, email, ftp, etc.. Could anyone point me in the direction I might need to go? Any tutorials on using apt-get, dealing with repositories, etc? Thanks, everyone :)
<k5673> JeffJassky: just type tasksel in console
<k5673> JeffJassky: There is the option to install a LAMP server (Linux Apache MySQL PHP)
<JeffJassky> k5673: Thanks, man.. I actually just ran ... aptitude install apache2 php5-mysql libapache2-mod-php5 mysql-server
<JeffJassky> Does that look about right?
<k5673> JeffJasky: That's fine, too.
<sobersabre> this is the upstart conf file I created: http://pastie.org/1255501
<sobersabre> the script runs properly if run by root manually
<sobersabre> I mean /usr/sbin one.
<sobersabre> shall I expect this job run by only creating such a file ?
<sheetzam> greetings all - I have a bug in Ubuntu Server 10.04 I'm trying to troubleshoot
<sheetzam> I get a kernel panic on one of my servers when I run apt-cache search oauth
<sheetzam> tried the same thing on another server (different hardware) and had no problem
<SpamapS> sheetzam: can you paste the panic?
<sheetzam> checked the files, and they have the same md5sum.
<sheetzam> how do I capture the panic?
<SpamapS> that can be tricky ;)
<sheetzam> no doubt
<SpamapS> how different is the hardware?
<sheetzam> it said "this is not a software problem"
<sheetzam> very
<SpamapS> yeah its likely a badly behaving driver or broken hardware
<sheetzam> so, what's next step, any idea?
<SpamapS> can you look at the panic and see what failed? it does have some human readable information?
<sheetzam> the server that works is an older dell desktop machine
<sheetzam> some
<sheetzam> how about I take a pic and post it?
<sheetzam> oh, and some of the info scrolls off screen very quickly
<sheetzam> is there a boot switch to change the rows and columns of the console?
<sheetzam> might help to capture more output
<SpamapS> I seem to recall there's a way to get the SysRQ key to write the panic to kern.log if possible
<sheetzam> ok, I'll be back in a few
<SpamapS> the call trace is really whats important
<SpamapS> the top 3 or 4 items should help a lot
<sheetzam> kk
<uvirtbot> New bug: #667817 in euca2ools "euca-bundle-vol should create target filesystem same as source" [Undecided,New] https://launchpad.net/bugs/667817
<sheetzam> and now it works fine
<sheetzam> go figure
<garymc> Hi guys. Anyone know how I get my website to display as http://secure.mysite.com instead of http://www.mysite.com ?
<k5673> garymc: you must register the subdomain to your noc.
<garymc> my NOC?
<garymc> whats noc?
<jpds> garymc: Surely if it was secure it would be using https:// instead?
<garymc> sorry yes it is https
<k5673> garymc: network operations center. Or the guy who assigned that domain to your IP
<garymc> that would be me :S
<Pici> subdomains don't need to be registered, just setup in your apache/webserver config.
<sheetzam> they need to be registered with a dns someplace
<sheetzam> however you pointed www.mysite.com to your server, you need to also add secure.mysite.com, and point it to your server
<garymc> yeah apache config thats what i need
<garymc> Pici im on your level of thinking here
<garymc> where could i get some help with doing that on apache etc
<sheetzam> https://help.ubuntu.com/10.04/serverguide/C/httpd.html is a good place to start
<jpds> garymc: You need to do something with mod_rewrite.
<garymc> i do?
<garymc> Ok what should i search for in google
<Pici> Wait, are we talking about setting up a subdomain, or pointing www.mysite.com to whatever.mysite.com?
<jpds> I appear to have lost my short note on how to do this.
<garymc> I just want my secured domain to appear as https://secure.mysite.com instead of https://www.mysite.com
<jpds> Pici: www.site.com â 301 â secure.site.com is what I thought it was.
<jpds> garymc: http://www.cyberciti.biz/tips/howto-apache-force-https-secure-connections.html
<jpds> garymc: "Force webmail login over SSL https session" bit, changing "%{HTTP_HOST}" to secure.site.com.
<garymc> No i dont think thats it
<garymc> see I dont even have secure.mysite.com setup anywhere
<sheetzam> ok, got another kernel panic
<sheetzam> and I have a pic of the console output
<jpds> garymc: So you'll need to give the subdomain an IP in DNS and point it at your server?
<sheetzam> would the trace help?
<garymc> ok
<garymc> would that affect my SSL certificate?
<jpds> garymc: The IP? Don't think so, as long as the common name for the cert is valid.
<garymc> ok
<sheetzam> so, the kernel panic starts by claiming a hardware error
<sheetzam> call trace:
<sheetzam> printk
<sheetzam> panic
<sheetzam> mce_panic
<sheetzam> mce_reign
<sheetzam> mce_end
<sheetzam> do_machine_check
<sheetzam> _wake_up
<sheetzam> do_machine_check
<sheetzam> error_code
<sheetzam> any ideas where to start troubleshooting this?
<ppetraki> sheetzam, hmm. run a memory check lately?
<sheetzam> I have not.  Will do so
<sheetzam> though this was a recent upgrade to 10.04.  Was working fine in 8.04
<ppetraki> sheetzam, well, time moved on as well, the machine isn't getting any younger :)
<sheetzam> true
<sheetzam> the timing is interesting
<sheetzam> that's all
<sheetzam> however, lunch time approaches, and it's a development box, so...
<sheetzam> will report back
<ppetraki> cool
<sheetzam> ok, thinking that's not the problem - just completed one pass successfully
<sheetzam> how easy is it to enable netconsole in the ubuntu kernel?
<sheetzam> I've also seen indications that this could be caused by a bad power supply?
<sheetzam> would it make sense to try a different flavor of the kernel?
<sobersabre> guys, what is the way to determing what is run by upstart the last ?
<sobersabre> I want to put something after it.
<sobersabre> or maybe a way to display the whole list of what upstart runs in which order ?
<sobersabre> how can I do this ? (what tool to rtfm the man for)
<ppetraki> sheetzam, not familiar with netconsole.
<ppetraki> sheetzam, looking at the code path you triggered, the machine check was very real
<sheetzam> ah, doesn't matter really.   I need to solve the problem, not get more infomration
<sheetzam> interesting
<ppetraki> sheetzam, if the HW is sounds them perhaps the intepretation of the platform has changed
<ppetraki> sheetzam, acpi runtime has advanced considerably in the meanwhile
<ppetraki> sheetzam, how many cpus do you have?
<sheetzam> I forget, checking
<sheetzam> it's a dual core Core Duo
<sheetzam> always feel stupid saying that
<ppetraki> nah, dont be
<sheetzam> so, one cpu, two cores
<sheetzam> I think
<sheetzam> hmm
<ppetraki> I don't even care anymore, I just ask QA to bring me one of those "things"
<sheetzam> heh
<sheetzam> and they are both listed as core 2
<ppetraki> sheetzam, so how frequent is this event? Say after you boot, time till failure
<sheetzam> it doesn't seem time dependent, it seems action dependent
<sheetzam> it's been up and stable since I ran the memtest
<sheetzam> first triggered it when I did an apt-cache search
<sheetzam> was able to trigger it again doing the same apt-cache search after the machine had been up for only a few minutes
<ppetraki> so lets try a big hammer and if it works, try to dissect it from there
<ppetraki> im thinking to start by disabling acpi completely
<sheetzam> wow
<ppetraki> which will make your system a uni
<sheetzam> ok, remind me how I do that?
<sheetzam> bios setting?
 * ppetraki looking up kern parama
<ppetraki> no, kernel arg
<sheetzam> ok
<ppetraki> acpi=off
<sheetzam> simple as acpi=off at the boot prompt?
<sheetzam> ok
<ppetraki> add that to your grub line, update-grub, reboot, cat /proc/cmdline, verify it's there, proceed with testcase
<sheetzam> there's a raid sync going on right now
<ppetraki> time for more coffee then :)
<sheetzam> right
<sheetzam> ok, I'll report back in a while
<sheetzam> and thank you very much for your help
<ppetraki> ping me when you have something
<sheetzam> will do
<zygot> ada yang pakai puppy?
<RoyK> hi all
<alcy> folks, how do I convert slapd.d to slapd.conf ? would have been nice if the devs could have provided a slapd.conf under /usr/share/slapd
<jo-erlend> alcy, have you checked this page? https://help.ubuntu.com/10.04/serverguide/C/openldap-server.html
<alcy> jo-erlend: yes, I do have setup  a bunch of servers using that (pretty helpful !) doc, but since I have been used to slapd.conf for quite some time, I was wondering if there was a way to do the inverse, converting slapd.d to slapd.conf.
<alcy> or I could simply copy paste one of my existing configs.
<zamarax> hi, q: I have ubuntu 9.04 server install, x64 and it doesn't seem to recognize my dual intel PT nic cards
<zamarax> atleast I don't see them in /etc/network/interfaces, is there a way to list all installed NIC cards?
<alcy> zamarax: ifconfig -a
<zamarax> oh ok, they are there, I'm assuming that means that they are recognized?
<jo-erlend> have you just installed 9.04, or replaced your nics or something?
<zamarax> replaced the nics
<zamarax> i remember playing with a version 6 ubuntu and it always had the nics listed under interfaces but just to auto
<jo-erlend> zamarax, then you'll probably have to fix your udev rules. I usually just rm /etc/udev/rules.7/70-persistent-net.rules
<jo-erlend> you might want to back up the file before deleting it, or just renaming it to something else.
<Pici> zamarax: Please think about upgrading from 9.04 to something more recent, as it has reached its End Of Life.
<jo-erlend> when you've done that, reboot the server, and I think it should be ok. However, you should really consider upgrading it, as 9.04 is no longer supported.
<zamarax> understood, that's not an option right now, it's a custom captive portal that just had a nic kick out on it
<zamarax> so I need to quickly swap
<jo-erlend> 10.04 will be supported until april 2015 on the server.
<jo-erlend> zamarax, ok. Just rename /etc/udev/rules.d/70-persistent-net.rules and reboot. That should fix it.
<zamarax> ok appears to have worked
<zamarax> thanks alot :-)
<zamarax> I'll see about upgrading it, but it's going to be something to task for later.
<Trixboxer> Hi, May I ask a LTSP related question here ?
<uvirtbot> New bug: #666177 in samba (main) "Not able to use Network Printer" [Undecided,Incomplete] https://launchpad.net/bugs/666177
<RoyK> Trixboxer: the general rule is 'don't ask to ask, just ask'
<Trixboxer> RoyK:  I'm facing small problem while logging in a dumb ltsp terminal, daemon.log on server says nbd-server "Disconnect request received." , my image size is 540 mB and hence I think the nbd server is giving error.. how can I resolve this ?
<RoyK> Trixboxer: sorry - I don't use ltsp, but I guess there might be others using it
<RoyK> there's a channel for it as well - #ltsp
<Trixboxer> yeah Im in it :)
<sheetzam> ppetraki - acpi is now off
<ppetraki> sheetzam, so cat /proc/cmdline confirms it?
<sheetzam> yes: root=/dev/md2 ro quiet splash acpi=off
<ppetraki> sheetzam, and lscpu should only show one cpu
<sheetzam> correct
<sheetzam> hmm
<ppetraki> sheetzam, ok, try and crash it :)
<sheetzam> wait
<sheetzam> root@bounce:~# lscpu
<sheetzam> Architecture:          i686
<sheetzam> CPU op-mode(s):        32-bit, 64-bit
<sheetzam> CPU(s):                2
<sheetzam> Thread(s) per core:    1
<sheetzam> Core(s) per socket:    2
<sheetzam> that as expected?
<ppetraki> hmm /proc/cpuinfo may be more accurate
<sheetzam> it lists two processors also
<sheetzam> :(
<sheetzam> top thinks there are two, as well
<ppetraki> perhaps it's noapic that turns you into a uni
<ppetraki> :)
<ppetraki> oh well, proceed with test #1
<sheetzam> well, so far I've been unable to make it crash, but still trying
<RoyK> sheetzam: pastebin cpuinfo output
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<sheetzam> http://paste.ubuntu.com/521574/
<sheetzam> cool feature
<RoyK> two cores, one cpu, single thread per core
<RoyK> should behave like a dual-cpu system (somehow)
<sheetzam> right
<sheetzam> one minute, I'll give you more background
<ppetraki> sheetzam, yeah, I just confirmed on an old laptop, your cpu count should be what it was
<sheetzam> ok
<ppetraki> sheetzam, your interrupt routing however should have changed
<ppetraki> because acpi isn't there to inform it anymore of it's preferences
<sheetzam> ok
<sheetzam> http://imagebin.org/120704
<sheetzam> RoyK - got the kernel panic in the image above when running apt-cache search earlier today
<sheetzam> was relatively reproduceable
<sheetzam> now, not so much
<RoyK> mce_panic?
<RoyK> wtf is mce?
<sheetzam> machine check exception?
<ppetraki> note that it's citing memory banks
<sheetzam> yeah, but memtest86 found no issues
<ppetraki> have you tried running the messages log through the tool it suggested?
 * ppetraki this is interesting
<sheetzam> so, I have to capture more information during the crash, somehow, in order to use mcelog
<sheetzam> well, I may have it set up to get more info, I'm not sure
<sheetzam> now I wait...
<sheetzam> no idea what to think if I can't get it to crash now
<ppetraki> sheetzam, so you can setup crashdump to get a kernel core, which will have the dmesg buffer, though that takes some effort to configure
<ppetraki> sheetzam, lets try a single cpu approach
<sheetzam> ok
<sheetzam> noapic?
<ppetraki> add, 'nosmp' to the cli, keep acpi=off too
<sheetzam> ok
<ppetraki> this implicitly disables the io-apic
<sheetzam> more /proc/cmdline:
<sheetzam> root=/dev/md2 ro nosmp acpi=off
<ppetraki> sheetzam, alrighty then
<sheetzam> now we wait...
<ppetraki> let's break it again
<sheetzam> yup, trying :)
<sheetzam> would using burnP6 be a good thing to try?
<sheetzam> not sure how to get it to crash, at this point
<ppetraki> iozone would be my choice
<ppetraki> good memory disk stress
<sheetzam> lscpu reports a single cpu
<ppetraki> good
<ppetraki> if it doesn't break, then rollback the 'acpi=off' and retry
<ppetraki> if it's still stable, I believe there's a way to disable the advanced apic while maintaining SMP
<sheetzam> ok
<sheetzam> though, really, it'd be good to get it fixed without that
<sheetzam> you have an iozone set of switches to use?
<ppetraki> sure
<ppetraki>  iozone -R -l 5 -u 5 -r 4k -s 100m
<sheetzam> kk
<ppetraki> just run it in a loop. while true do... done
<sheetzam> k
<sheetzam> ppetraki - you going to be on tomorrow?
<ppetraki> sheetzam, every day
<sheetzam> awesome, thanks!
<ppetraki> :)
<ppetraki> ubuntu server is now part of job description so I thought I should start paying attention to irc :)
<sheetzam> that does seem logical, yeah
<sheetzam> your Linkedin profile lead me to believe you probably know what you're talking about
<ppetraki> oh you googled me :-p
<ppetraki> yeah, I know a little bit about servers :)
<\sh> ppetraki: ubuntu server a part of your job description? which company? ;)
<ppetraki> \sh, gee I wonder :)
<\sh> ppetraki: hrmpf...I should have known ;)
<osmosis> libvirt is forgetting that guests have eth devices. is there a existing bug for this?
<uvirtbot> New bug: #667762 in net-snmp (main) "tkmib problem." [Undecided,New] https://launchpad.net/bugs/667762
<ppetraki> osmosis, not in the new bug list... the lucid or maverick?
<ppetraki> ^this
<uvirtbot> ppetraki: Error: "this" is not a valid command.
<osmosis> ppetraki, lucid
<osmosis> ppetraki, i guess I should file a bug then.
<ppetraki> osmosis, yeah, with a reproducible case please too
<osmosis> ppetraki, it drops out randomly... but frequently.
<ppetraki> osmosis, hmmm, euc should be seeing this then
<osmosis> ppetraki, i can provide how to test for it happening, but dont know what the trigger is.
<ppetraki> osmosis, well, its a good start
<sheetzam> ppetraki - so far so good, I'll see how it weathers the night
<sheetzam> good night
<osmosis> ppetraki, filed,  https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/668042
<uvirtbot> Launchpad bug 668042 in libvirt "target device info is not in dumpxml" [Undecided,New]
<ppetraki> osmosis, thanks
<Error404NotFound> I have a freshly installed Maverick on this box, while a External USB harddisk is attached which contains my maverick setup from last night which crashed after a kernal upgrade. How can i clone exact same install from that hd except kernel?
<ppetraki> dpkg --get-selections > installed-software
<ppetraki> then remove the kernel from the list
<ppetraki> dpkg --set-selections < installed-software && deselect
<ppetraki> to install it
<patdk-wk> crashed after a kernel upgrade?
<patdk-wk> why not just boot with the old kernel?
<ppetraki> cmagina, busy I see?
<cmagina> ppetraki: always :)
<storrgie> Can I install ubuntu to a disk that is plugged into my computer, while I am in ubuntu already?
<ppetraki> hmmm
<ppetraki> perhaps using kvm
<osmosis> what does Triaged mean?  does it mean fixed?
<ppetraki> osmosis, it means someone has looked at it, and priority and assigning it to someone comes next
<osmosis> storrgie, https://help.ubuntu.com/community/KVM
<osmosis> storrgie, or look into virtualbox
<storrgie> no i dont mean i want virting
<storrgie> i want to literally do a full install on disk
<ppetraki> storrgie, just make sure it emulates things like io-apic, or the image won't be able to talk to the bare metal
<storrgie> you saying I could simulate that though vbox or qemu?
<ppetraki> Haven't tried it, but you're basically doing the inverse of p2v
<storrgie> I'ma just push it into the machine and plug another monitor in
<storrgie> just was trying not to move my hands from the keyboard
<ppetraki> so something like 'kvm -m 1024 -hda /dev/<external disk> -cdrom <isoimage>"
<Error404NotFound> ppetraki, but that won't restore all configs, right?
<sobersabre> need help with upstart jobs order
<Error404NotFound> patdk-wk, that was an option if another guy didn't mess up with old disk :(
<ppetraki> Error404NotFound, nope, just installed packages, you can just tar up etc in that case
 * ppetraki which is what I do
<sobersabre> Q: how do I determine the order of all upstart jobs ?
<sobersabre> A:... no idea.
<ppetraki> just be careful when restoring your fstab
<ppetraki> sobersabre, so there's supposed to be a tool that makes a graph for you
<ppetraki> sobersabre, to determine dependancies
<sobersabre> hm... ppetraki I don't mind CLI, just tell me the name. or where I can find it.
<sobersabre> is it listed in the upstart homepage ?
<sobersabre> (I prefer cli)
<ppetraki> i'm looking right now
<ppetraki> sobersabre, ugh, I don't have quick answer for you
<sobersabre> hm :(
<ppetraki> sobersabre, there's bootchart but that's overkill
<sobersabre> ppetraki: I don't want a chart.
<sobersabre> A list would be enough.
<ppetraki> sobersabre, me neither :)
<sobersabre> I can't find my hands and feet with upstart.
<sobersabre> is there a way to start a job AFTER all the others are done ?
<ppetraki> rc.local
<sobersabre> start on started all ?
<ppetraki> unfortunetely trying to get someone's attention this week is kinda hard with UDS going on
<ppetraki> /etc/rc.local would be a good start, if you just want to run a job
<ppetraki> I agree that we could do a better job illustrating dependantcies
<meonkeys> is dbus-daemon needed on a server?
<ppetraki> strickly speaking, no
<osmosis> can anyone link me to the win2k3 virtio network and block drivers?
<meonkeys> ppetraki: cool, thanks
<ppetraki> meonkeys, the most you need I think is libdbus, because upstart can make dbus calls, but that doesn't mean the server has to be there to listen :)
<meonkeys> ok
<ppetraki> http://pastebin.com/9q2DKLTs
<sobersabre> hi. got kicked for some reason.
<ruben23> hi guys tried to update my ubuntu-server and im getting this error-------> http://pastebin.com/4YzaZNHq
<Tobu> I had permission errors on http://packages.ubuntu.com/ for a while, someone must be working on those sites.
<Tobu> Use a country mirror
<ruben23> Tobu: how do i used other mirrior..?
<Tobu> Ah no, it's security.
<Tobu> You could change security.ubuntu.com into use.archive, but remember to change it back
<sobersabre> ppetraki: I've found what I was looking for.
<ppetraki> sobersabre, oh?
<sobersabre> I simply dpkg -L on upstart.
<sobersabre> and the result had executables.
<sobersabre> man initctl
<ppetraki> sobersabre, best answer I could get was add --debug and watch the log
<sobersabre> nope. rtfm initctl
<sobersabre> :)
<sobersabre> initctl list
<sobersabre> lists the jobs.
<sobersabre> as they were executed.
<sobersabre> and this is good enough for me.
<ppetraki> oh no kidding
<ppetraki> sweet
<ppetraki> now I learned something   :)
<sobersabre> indeed :-] took me 2 hours to discover, but it IS sweet.
<adac> Is there a deb package with apt for openvpn-as?
<adac> Access server
<ehcah> Can someone point me to a tutorial for assigning static names on top of static IP's for my network devices?  cName records maybe?
#ubuntu-server 2010-10-29
<uvirtbot> New bug: #668088 in dovecot (main) "imap fails to find proper mail_location" [Undecided,New] https://launchpad.net/bugs/668088
<beny> hi everybody
<beny> i have a problem with the virtual box
<beny> and this is
<beny> whe i work whit my virtual disk in windows, it work good
<beny> but in my kubuntu, it don'ts start
<beny> whitch is the problem?
<power> hi, ive a /backup mount point on fstab (a USB disk), which seems broken i guess, now i cannot boot (hangs at cannot boot /backup)
<power> cannt mount0
<power> mount*
<twb> If it needn't be mounted at boot, add "noauto" to the fstab line
<twb> Oh, and remember that in recent versions (ones that have a "mountall" daemon), noauto is actually overloaded to mean something completely different -- sigh.
<power> edited fstab with some livecd
<power> thanks
<uvirtbot> New bug: #668177 in mysql-dfsg-5.1 (main) "package mysql-client-core-5.1 (not installed) failed to install/upgrade: trying to overwrite '/usr/bin/mysql', which is also in package mysql-cluster-client-5.1 0:7.0.9-1ubuntu7" [Undecided,New] https://launchpad.net/bugs/668177
 * RoyK += 0xc0ffee
<jetole> Hey guys. Does anyone know if there is a way I can "preseed" a particular package when I am installing it? Kinda like what we do with preseeding but to use those same values to install a package on a already setup system and therefor skip the part where it asks us all the configuration questions when we set it up?
<DGM> hey somehow my main drive is really full. I'm running console only (server). df -h outputs /dev/sda1              65G   59G  2.5G  97%. But i can't figure out what's using so much space. I have tried every main folder in / with sudo du -h, but nothing is bigger then 1gb... whats an easy way to determine whats causing this?
<maxb> DGM: You might try 'lsof +L1' to check for deleted files being retainted because they are still open
<DGM> maxb: hmm "30623787368     0 3017275 /var/log/kern.log (deleted)"
<DGM> and also debug
<maxb> 30GB logfile? ouch
<DGM> maxb: hehe yea. Its a clean install i only use KVM with the drives for that on seperate harddiscs. Can i change this log behaviour somewhere?
<DGM> maxb: figured it out. I had a bandwidth monitor that logged a bit more then i was expecting
<DGM> maxb: thanks :)
<eagles0513875|2> hey guys i need some help with mail. i followed the tutorials for postfix dovecot and squirrelmail, but im not able to send out going mail via smtp. this is the error i get 0 Can't open SMTP stream. i can recieve incoming mails just fine
<jetole> DGM: actually use the du tool. There are better ways to do this then how I remember off the top of my head but I run du -h / to show the file size of all directories and when you find the big one, run du -h /that-directory
<jetole> DGM: keep going down the directory tree till you find the big one
<jetole> i.e. maybe /var is the biggest dir in / so then you run du -h /var and it says /var/log is the biggest dir in var so you run du -h /var/log and it tells you /var/log/mysql is the biggest did and thats where all your big files that are taking up so much space are
<eagles0513875|2> hey guys do you know if there is a ppa somewhere that has a newer version of squirrelmail
<jetole> eagles0513875|2: http://www.google.com/search?&q=ppa+squirrelmail
<eagles0513875|2> ty jetole
<_Techie_> eagles0513875|2, go go gadget brain
<eagles0513875|2> _Techie_: haha
<serard> Hello everybody
<serard> I have a question regarding Ubuntu Enterprise and cloud. I want to create a cloud, and a generic VM that can be distributed to my clients to ease the use of the cloud. So basically they will install the VM on their computer, run it, and that's it. Then they'll be able to connect to this VM via www (lamp stack) and get access to services offered by the cloud. Is this hard to do ?
<serard> "Is this hard to do ?" I'm talking about creating this VM with ubuntu enterprise, make it connect seamlessly to the cloud, etc
<serard> Without having the user to be a linux-ubuntu  guru
<serard> "Then they'll be able to connect to this VM via www (lamp stack)" > They'll be able to connect to the VM via local network, I mean
<serard> No one there ? :/
<RoyK>  
<jpds> I agree.
<serard> :)
<binBASH> all gone
<binBASH> ;)
<uvirtbot> New bug: #668310 in samba (main) "Corruption on mdbs with multiple clients" [Undecided,New] https://launchpad.net/bugs/668310
<trogdoro> if I added my own key to authorized_keys and can successfully ssh to the box...
<trogdoro> is there any reason I shouldn't delete the key that amazon originally put in authorized_keys?
<Krazyderek> can i change the visible size of a samba share without having to change the partitions them selve's? i'm having issue's with photoshop saving to my ubuntu raid 10 fileserver
<orudie> anyone here familiar with zoneedit ? I am trying to transfer some domains to zoneedit, but I don't see a place where to enter transfer auth. codes
<sommer> ivoks: your office should be in Orlando this week ;-)
<ivoks> sommer: not really :)
<sommer> heh
<\sh> mutt
<\sh> grmpf...
<sheetzam> ppetraki - server stayed up over night - think we're on to something
<sheetzam> so next step is nosmp, but leave acpi on?
<ppetraki> sheetzam, great news
<ppetraki> sheetzam, yup
<sheetzam> ok, set and waiting for it to crash now
<JenniferB2> hi folks... how can I add stuff to the PATH variable from one script file under my home/scripts directory ?
<JenniferB2> i do not like the bash.rc or profile.d stuff .. because I would like to centralize all my files into one place if I ever need to do simple backups
<_ruben> JenniferB2: not sure i understand your issue. do you want to alter your $PATH for just one script?
<_ruben> as in: within that script?
<JenniferB2> _ruben: I want to change my PATH variable at login... I have previously done stuff like that from profile.d but after reinstalling ubuntu now, i realized that I forgot to copy that file before formatting.. and lost that file and other files spread elsewhere.. so I am trying to place my files in /home including these scripts...
<JenniferB2> i could probably just call my scripts from profile.d.. but I was thinking that there is a command to install startup scripts
<sjefen6> What is the easiest way to make a fresh ubuntu-server 10.10 install play an ogg stream to an audio output?
<dlublink>  I want to create a bootable USB key using the mini 10.04 iso ( 12.5 megs ) instead of a full installer. But the usb creation menu doesn't seem to like the minimal installer and cat mini.iso >/dev/sdb1 works, but won't boot. Any ideas?
<dlublink> Maybe the computer I am trying to boot with just doesn't work properly
<ppetraki> sheetzam, still alive?
<sheetzam> yup
<ppetraki> let it go through lunch time
<ppetraki> I think I know what happened, but need to run a few more tests to be sure
<sheetzam> ok, glad to hear it
<ppetraki> who make's this thing?
<CharlieSu> Question about logrotate.  In my logrotate definition I'm doing '/usr/bin/killall -HUP rsyslogd' in the 'postrotate' directive.  I'm finding that the PID for Rsyslog doesn't change and that rsyslog will take ~30 seconds before it will start accepting messages again.  This is a centralized logging server that is getting logs from remote servers.  Any idea why it would take ~30 seconds after I run logrotate before rsysl
<hallyn> kirkland: just a reminder, if you get a chance can you take another look at the natty kvm merge?
<SpamapS> ;/win 21
<uvirtbot> New bug: #668368 in samba (main) "Default [homes] share template uses incorrect %S macro." [Undecided,New] https://launchpad.net/bugs/668368
<hallyn> (though by now its been long enough that maybe i should grab the newer tag)
<sheetzam> ppetraki - sorry was the "who make's this thing" aimed at me?
<ppetraki> sheetzam, :)
<ppetraki> sheetzam, server make and model
<sheetzam> it's an e-racks quietized server
<sheetzam> about 3 years old
<sheetzam> http://eracks.com/products/Quiet%20Systems/config?sku=QUIET2
<sheetzam> is the current version
<sheetzam> gotta run to lunch, can get more details when I return
<ppetraki> sheetzam, interesting, I wonder who the ODM is
<ppetraki> sheetzam, still running eh?
<alex88> hi, my vps isn't starting up..now it's mounted on /repair where can i find logs?
<alex88> all files in /var/log has time before the restarts
<alex88> it has been shutted down for "cannot allocate memory"
<Error404NotFound> how long does it take to upgrade a typical LAMP server based on ubuntu from lucid to maverick typically?
<Error404NotFound> :)
<alex88> well, old pc? or fast machine?
<consumerism> how can i troubleshoot users being able to login? what log file?
<uvirtbot> New bug: #668434 in ec2-ami-tools (multiverse) "ec2-bundle-vol should copy filesystem label" [Undecided,New] https://launchpad.net/bugs/668434
<pmatulis> consumerism: /var/log/auth.log
<consumerism> pmatulis: it's empty.
<pmatulis> consumerism: is this a standard server install?
<sheetzam> ppetraki - back
<sheetzam> and the server has stayed up
<ruben23> hi gys i freshly installed ubuntu server and when i get update still i get this issue -------> http://pastebin.com/1bRH1H4Y
<pmatulis> ruben23: proxy issue?
<ruben23>  pmatulis how should i correct this..?
<pmatulis> ruben23: you first need to know if you are using a proxy on your network.  if so, get it configured so you can do what you want to do
<osmosis> ive been googling for a few days, and cant find a clear answer on if  Win2k3 as a guest should use ACPI, APIC,and or PAE.
<RoyK> osmosis: just a guess, but ACPI and APIC should be there, where PAE shouldn't be needed if on a 64bit platform
<latenite> Hi folks, why is "df -T" now showing the filesystemtype? http://pastie.org/1258579
<osmosis> RoyK, ive read that ACPI can slow it down a lot, and that PAE actually helps on 64 bit systems.  https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/105195/comments/50
<uvirtbot> Launchpad bug 105195 in libvirt "kvm can not run Windows XP" [Undecided,Confirmed]
<RoyK> osmosis: erm - PAE is a 32bit thing - if both host and guest are 64bit, PAE doesn't matter
<ruben23> pmatulis: what to configure on it, yes i got procy server on my network..
<osmosis> RoyK, ahh..guest is 32 bit though
<RoyK> osmosis: how much guest memory?
<pmatulis> ruben23: that depends what kind it is.  maybe all you need to do is configure your local environment appropriately (credentials?)
<RoyK> AFAIK win2k3 32bit doesn't support more than 3,5 gigs or so anyway
<osmosis> RoyK, just a gig. way under the 4g mark.
<RoyK> osmosis: then PAE isn't something you should worry about
<RoyK> PAE = physical address expansion
<RoyK> as in, for addressing >4gigs on 32bit
<RoyK> s/expansion/extension/
<osmosis> RoyK,  i know that, but its a glitchy work around i suppose. check out, https://bugs.launchpad.net/ubuntu/+source/kvm/+bug/105195
<uvirtbot> Launchpad bug 105195 in libvirt "kvm can not run Windows XP" [Undecided,Confirmed]
<RoyK> as with ACPI and APIC,  I don't really think it matters if they are enabled
<osmosis> RoyK, see comment 50
<RoyK> osmosis: ok - well - is this going to be a high-pressure vm?
<RoyK> I don't use kvm for windoze stuff myself (we have hyper-v at work, and I just have linux VMs with my kvm setup)
<latenite> anyone got a clue on my problem. Hi folks, why is "df -T" now showing the filesystemtype? http://pastie.org/1258579
<pmatulis> latenite: well, b/c that's what -T does
<osmosis> RoyK, high pressure?
 * RoyK RTFMs latenite 
<latenite> pmatulis, b/c ?? what the meening of B/C
<RoyK> osmosis: high load?
<pmatulis> latenite: b/c = because
<RoyK> latenite: because
<latenite> ** TYPO now = NOT see my paste
<osmosis> RoyK, not so much
<osmosis> RoyK, 1 cpu should be fine
<RoyK> osmosis: then it probably won't matter much
<RoyK> osmosis: what sort of server? web server or something?
<pmatulis> latenite: it is showing 'devtmpfs' as type
<pmatulis> latenite: what's your problem?
<osmosis> RoyK, yes
<latenite> pmatulis, and above I reformated it as ext3...can you see
<RoyK> osmosis: then just install it without any of those options and see if it works well
<latenite> RoyK, no I NEED t show fs-type
<RoyK> latenite: man df
<latenite> RoyK, I read all of it. where am I fof track?
<ppetraki> sheetzam, :)
<ppetraki> sheetzam, so refresh my memory, what does /proc/cmdline say?
<sheetzam> root=/dev/md2 ro nosmp
<RoyK> latenite: fof track?
<ppetraki> sheetzam, ok, replace nosmp with noapic
<sheetzam> ok
<pmatulis> latenite: why don't you try mounting your filesystem and *then* checking it?
<ppetraki> sheetzam, I believe this will restore SMP but still use legacy interrupts
<sheetzam> ok
<latenite> RoyK, "of track" = where am I woring...why is it not showing "ext3"?
<ppetraki> sheetzam, if this succeed's then it's likely ACPI that did you in
<latenite> pmatulis, it is a handmade install scrpt...I dont feel willing to mount JUST to get fs.tyope....WHYT is the deal with df -T ?
<ppetraki> sheetzam, so while your hardware stays the same, the ACPI_OSI_NAME advances to match the latest windows
<sheetzam> I sorta follow
<ppetraki> sheetzam, this causes different code to be execute from the ACPI runtime, just a bunch of tables provided by the firmware
<sheetzam> ah, I see
<sheetzam> and you suspect that one of those is now mapped incorrectly?
<RoyK> osmosis: oh - I see
<ppetraki> sheetzam, well, the new runtime code might have misinformed the kernel as to what it needs
<RoyK> osmosis: might be a bug - which distro version is this?
<ppetraki> sheetzam, which can cause all sorts of havoc
<sheetzam> ppetraki - /proc/cmdline: root=/dev/md2 ro noapic
<sheetzam> right
<ppetraki> sheetzam,  so if noapic succeeds, acpi=noirq should be equivilent
<ppetraki> sheetzam, then we can try pretending to be different versions of windows :)
<sheetzam> ppetraki - succeeds as in crashes?
<ppetraki> sheetzam, succeeds as in stays up
<sheetzam> ok
<ppetraki> sheetzam, we're isolating the code that deals with interrupt routing
<sheetzam> got it
<sheetzam> so far so good
<ppetraki> :)
<pmatulis> latenite: b/c that's the way it works
<latenite> pmatulis, you saiy "I CAN NOT" determin fs-type of a unmounted partition with df -T??
<pmatulis> latenite: that's right
<latenite> pmatulis, is there ANY way to determin fs-type WITHOUT the need to mount
<pmatulis> latenite: probably
<latenite> pmatulis, would you know a way? and tell
<pmatulis> latenite: query the superblock somehow
<osmosis> RoyK, im on lucid
<pmatulis> latenite: 'sudo tune2fs -l /dev/sda1 | grep magic' then translate that number to what f/s it represents
<latenite> pmatulis, wow cool idea. Now Where on my sysetm would I find such a list?
<pmatulis> latenite: you've gone far enough.  please do some footwork
<pmatulis> latenite: footwork = research
<latenite> pmatulis, sure , ok. Thanks for the hint :)
<pmatulis> anybody know why my preseeding install prompts for hostname when it got one from dhcp (host line)?
<sheetzam> ppetraki - no crashing so far.  Figure let it run over the weekend, pick it up on monday.  You going to be around?
<ppetraki> sheetzam, everyday
<ppetraki> sheetzam,  so all your cpus are up now?
<sheetzam> everyday?  Hopefully not the weekend!
<sheetzam> yeah
<ppetraki> sheetzam, great!
<ppetraki> sheetzam,  so the good news is, even if we don't get a root cause, since you're running a server, you can probably run this way indefinitely
<sheetzam> true
<sheetzam> I'd rather have a solution, though :)
<ppetraki> sheetzam, same here
<ppetraki> sheetzam, so as long as you
<ppetraki> re
<ppetraki> willing to continue we can nail this :)
<sheetzam> fortunately this is our dev box, but the prod box is the exact same hardware
<sheetzam> yeah, be happy to
<ppetraki> great
<sheetzam> so far it's been pretty educational
<ppetraki> I'm full of useful things, and something else, depends who you ask :-p
<sheetzam> right
<qubozik> Hi everyone. I'm trying to decide between RHEL and ubuntu. Can someone tell merge benefits of choosing Ubuntu?
<qubozik> Me the*
<qubozik> For a web server
<RoyK> qubozik: we're moving all our linux boxes to ubuntu these days
<uvirtbot> New bug: #668500 in checksecurity (main) "Please merge checksecurity 2.0.14 (main) from Debian unstable (main)" [Undecided,Confirmed] https://launchpad.net/bugs/668500
<RoyK> the reasons are diverse, but the most important reason is that ubuntu has more users, and thus bugs are found and fixed faster
<RoyK> also, more packages are available, meaning no need for installing from source in most cases
<qubozik> RoyK: Yeah I totally agree about the packages. That I agood point. Trying to get certain peel and php modules have been a pain in the past with RHEL
<qubozik> Thank you for your reply
<qubozik> I'm going to switch to ubuntu too
<qubozik> At least run a test box for a bit
<RoyK> qubozik: I still can't say I'm completely objective about this, having used debian/ubuntu for 10+ years
<RoyK> but still, ubuntu is stable and works better than RHEL (IMHO)
<RoyK> the LTS releases should be used, the non-LTS releases only have 18 months support
<RoyK> and they aren't prirotitised like LTS releases support-wise
<qubozik> I agree too. I use it on my desktop for quite sometime, but at work we use promary RHEL on servers. I was looking to go to ubuntu server but didn't know much about the server version
<sheetzam> my company has been using Ubuntu LTS servers for 4 years now, and have no significant issues, and plenty of occasions when stuff just worked
<qubozik> Yeah 10.04 is the latest LTS release right?
<RoyK> yes
<qubozik> Ok that's good to know
<qubozik> Ok
<RoyK> 12.04 will be the next
<qubozik> Yeah in going to setup a test box and fiddle with it in our environment
<qubozik> Ok that sounds good
<sheetzam> be careful - test boxes turn in to production boxes very quickly and easily :)
<qubozik> Are their PPA repos for server versions?
<qubozik> For certain packages?
<qubozik> Haha yes they do
<qubozik> There*
<RoyK> qubozik: I work for a research institute, and we have a bunch of researchers needing lots of packages not available on redhat and the likes
<RoyK> with ubuntu, apt-get works well for 99% of those
<RoyK> PPA?
<qubozik> Ok . Looks like the best thing to do is try it out. Thanks for the great info
<RoyK> the ubuntu repos are shared between the different distros (server, desktop ...) with the same platform
<qubozik> Ppa repos. On ubuntu desktop you can add a ppa repo for an application. Like pidgin or banshee. Its a developmentrepo that jas the lasted version of the app
<RoyK> ah
<RoyK> ok
<RoyK> yes, you can add custom repos
<qubozik> So like it is doubtful that a long term release would upgrade php between major versions. So technically I couldadd a ppa php repo and ge the later version without installinghe latest ubuntu
<qubozik> Ok cool
<qubozik> I'll check it out
<qubozik> Thanks again RoyK
<ehcah> I am in the process of modifying one of my bind/zone/ files based on a tutorial I found.  It suggests the following line: "home.lan. IN SOA ubuntu.home.lan. hostmaster.home.lan."  When I modify it, I assume it should be: "mydomain.com. IN SOA myservername.mydomain.com. hostmaster.mydomain.com.".   What in this case, is the difference between "ubuntu" and "hostmaster"?  Is it redundant?
<alex88> hi guys.. someone have ever seen a folder called mc-root?
<highvoltage> yep
<alex88> highvoltage, what's about? in tmp folder?
<highvoltage> alex88: it's usually created by mc.
<alex88> cause after a restart of my vps due high memory usage services not start..
<alex88> network and ssh has to be started manually by vps hoster
<alex88> highvoltage, and? who's that?
<alex88> highvoltage, is that midnight commander?
<guntbert> alex88: yes
<alex88> guntbert, i've found that in /tmp and i haven't ever installed it..
<guntbert> alex88: look who owns it, but usually you get that file when running mc as root, else it will be mc-alessandr (or whatever)
<alex88> root
<alex88> damn..
<alex88> it says 20:28, but at that time the server was down..
<alex88> probably virtuozzo repair mode creates that..
<Sultan_Mirza> i have exim setup on ubuntu 10.04,  and i want to add some authentication rules any exim guru here
<RoyK> Sultan_Mirza: I guess it'll be simpler to try #exim
 * RoyK only uses postfix
<Sultan_Mirza> well i tried it on exim but seems everybody is asleep there : )
<Sultan_Mirza> RoyK: so i thought there must be someone familiar with these rules here
<RoyK> sorry, I don't use exim
<Sultan_Mirza> RoyK: yeah i got that but in case any here familiar with exim
<Sultan_Mirza> http://pastebin.com/UP186itF this is the rule i applied in acl_smpt_rcpt
<RoyK> sorry, I don't use exim
<Sultan_Mirza> RoyK: ok
<Sultan_Mirza> anybody here familiar with exim???
<RoyK> you already asked
<Sultan_Mirza> RoyK: sorry man
<ehcah> RoyK:  I have to ask.  And I assume this will get me banned from this channel.   Do you hate your life or get beaten on all day long?  Anonymity is great, but can leave some people feeling a little over-empowered.  Whenever I've asked questions, or read you responding to others, I'm always impressed with your knowledge.  Heck, I respect it and have changed the way I do things as a result.  BUT - Have yo
<ehcah> u ever read the tone of your dialogue?  Do you ever consider that those with less experience than you have tried other channels, google, linuxquestions.org or other medium before posting here?  I HATE posting in this channel.  Before I post, I'm already assuming that if I get a response at all, I'll probably look like an idiot for even asking.  I get that most of you are administrators and enthusiasts w
<ehcah> ell above the level of hobbyist.  Tell me though...  Where else can one go to ask Ubuntu Server related questions?  If this channel isn't here for help, lock it down to an invite-only status.
<_Techie_> ehcah, it may seem suprising to you, but we all started somewhere
<guntbert> ehcah: although the level here gets very high sometimes this channel is for ubuntu-server discussion AND support
<guntbert> ehcah: so don't expect as big a helper squad as in #ubuntu -- as to your last question .. consider asking in #bind
<RoyK> ehcah: I really donÂ§t understand what you're getting at
<ehcah> guntbert:  I wasn't  concerned about the lack of response to my question. My feedback is based on the way another after mine was responded to.
<RoyK> ehcah: wtf are you talking about, sir?
<ivoks> ehcah: notice that UDS is this week
<ivoks> ehcah: most of the people aren't there
<guntbert> ehcah: I understood -- part of the problem (in tone too) seem to be that this channel has two purposes - discussion (mostly between "experts") and support - and its not always easy to switch between those
<guntbert> RoyK: easy on the language please
<_Techie_> also, none of us get payed for this, so its to be expected that we may occasionally use 'improper' tones (if you can call them tones in text based chat)
<RoyK> guntbert: the language of mine is quite eased, but I still want to know why ehcah is so upset
<guntbert> RoyK: its not for me to interpret his concern - but I can confirm that you sometimes tend to be less than polite :-)
<ehcah> guntbert:  I don't disagree.  Maybe, and it would be up to those (as _Techie_) mentions willing to offer up their time to create a channel like #ubuntu-server-beginners.  I'm sure others like myself would respect the distinction between both channels.  Again, I certainly appreciate that no one here gets paid for support.  I did not to intend to insinuate, if I did, that each question deserves an answer,
<ehcah>  simply because it was asked.  Everyone, please accept my apologies if that is how it was interpreted.
<RoyK> guntbert: mostly I'm quite polite, I help out more than quite  a lot of others here
<ehcah> RoyK:  I am slow to respond as I am trying to chose my words carefully.
<RoyK> ehcah: I can't remember to have answered rudely to you
<ivoks> there's no need for -beginners
<RoyK> nor any others here, unless they ask questions repeatedly that are documented
<ivoks> instead of looking at you guys outsmarting each other, it would be better to actually see *the question*
<guntbert> RoyK: certainly you help a lot - appreciated :-))
<RoyK> to ask people to RTFM now and then is normal
<_Techie_> ehcah, -beginners is a good idea, but it would only overcomplicate things and make the support even worse
<ehcah> RoyK:  It is not my intention to start a public debate.  I was simply trying to remind you that at the end of the day, people ask questions in this group because they have a similar interest.
<RoyK> ehcah: I also ask silly question in here
<RoyK> ehcah: I just don't understand why you attack me for being something speacial
<guntbert> splitting up a channel that already has a very thin "helper population" would be a bad idea in my opinion
<RoyK> #ubuntu-server shouldn't be split up
<guntbert> RoyK: agreed!!!
<RoyK> there are newbies here, sure, but most of them behave
<ehcah> RoyK:  As an example.  Go up this thread about a page and a half.  Sultan_Mirza asked a question.  You responded that you didn't know his product.  Big deal.  When he asked the group again, your answer almost appeared to come from the group, rather than you.
<qkumbers> does anyone know how to unconfigure an ldap client?
<ivoks> unconfigure ldap client?
<ivoks> which ldap client and what's there to unconfigure?
<RoyK> ehcah: he asked for help on exim, got no answer, and went on asking, which isn't really netiquette
<ehcah> I beleive the question was asked a second time because the individual would have felt the first conversation had ended, and needed to start again.
<ehcah> just my 2 cents...
<guntbert> qkumbers: please answer to ivoks
 * RoyK hands back ehcah his 2 cents 
<qkumbers> ivoks: sorry, what i meant was, i set up an ldap server, then i configured another ubuntu server as a client. i would like to undo that configuration via auth-client-config
<RoyK> ivoks: if it's PAM, it all goes in /etc/pam.d
<ivoks> qkumbers: purge auth-client-config?
<qkumbers> ivoks: is that a command or are you asking a question? if the latter, then the answer is yes
<ivoks> qkumbers: i don't know exact command with auth-client-config
<ivoks> qkumbers: i do know which files it changed
<qkumbers> i wonder if there is a basic profile i can load with auth-client-config as opposed to lac_ldap
<ivoks> there is
<ivoks> qkumbers: try with lac_pam or lac_unix
<qkumbers> also, there is a --reset option, but i don't understand if i still pass in a profile or not
<ivoks> or lac_shadow
<qkumbers> ivoks: oh ok, let me give that a shot, which would you recommend first?
<ivoks> --reset probably does th trick
<ivoks> did you read man page?
<qkumbers> ivoks: yes, but i didn't understand at first, now i see an example
<ivoks> https://wiki.ubuntu.com/AuthClientConfig
<qkumbers> i think it is auth-client-config -t nss -p lac_ldap -r
<ivoks> that should be it, yes
<ivoks> or, better:
<ivoks> auth-client-config -a -p lac_ldap -r
<qkumbers> ivoks: ok, hopefully that doesn't hurt
<qkumbers> ivoks: no, -t nss was the better choice it turned out
<qkumbers> because the original command was run with that option
<qkumbers> thanks for your help
<RoyK> guntbert: if you're jalous about not knowing too much, please don't let that harm orthers
<uvirtbot> New bug: #668571 in samba (main) "package samba-common 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: el subproceso script post-installation instalado devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/668571
<jdimatteo> hi all, I'm trying to setup NIS to better handle when the network connection drops.  How can I configure NIS to first check the local passwd file when logging in as a local user such as root?  I'd like to avoid the NIS timeout and warning/errors like "do_ypcall: clnt_call: RPC: Unable to receive; errno = No route to host"
<jdimatteo> I'd really appreciate some help.  I couldn't find an easy answer on google, I'm sort of a linux admin newbie, and the NIS manualls are friggen huge
<pmatulis> jdimatteo: edit /etc/nsswitch.conf
<pmatulis> jdimatteo: man nsswitch.conf
#ubuntu-server 2010-10-30
<CarlFK> topic have 10.04 changed to https://help.ubuntu.com/10.10/serverguide/C/
<CarlFK> is there a package I can apt-get that will set the "different Kernel options" somewhat described on https://help.ubuntu.com/10.10/serverguide/C/preparing-to-install.html#intro-server-differences
<pmatulis> CarlFK: you need to recompile the kernel in order to have different options
<pmatulis> CarlFK: why do you want to change the kernel?
<CarlFK> pmatulis: mainly experimenting - it's just a p4 box in my basement that I will use for a proxy, so doesn't really matter
<CarlFK> I am guessing there is a package that contains the -server kernel? (I know the installer doesn't compile it on the fly.. that would be generally too much trouble :)
<pmatulis> CarlFK: there are some wiki pages that describe how to compile the kernel.  i suggest you stick to ubuntu-specific instructions
<CarlFK> you mean like this one: https://wiki.ubuntu.com/CarlKarsten  "My kernel howto" :)
<CarlFK> like I said... I don't want to compile - I want to use whatever the installer installs.  just having trouble figuring out what it installs
<CarlFK> here we go:linux-server - Complete Linux kernel on Server Equipment.
<pmatulis> CarlFK: try to find some official ubuntu documentation
<Ejdesgaard> Hi, i'm running 10.10 desktop and have installed qemu, kvm and virt-manager. I have setup a bridge and want to use it on a guest, but i can't see the bridge when i start virt-manager as a normal user (with libvirtd group)... how can i fix this?
<Ejdesgaard> i have tried to follow https://help.ubuntu.com/community/KVM/Networking but i can't get it working
<nerdy_kid> hello, I am trying to fix my ftp server and need to know, what are the 39 68 numbers in this message? "227 Entering Passive Mode (192,168,1,2,39,68)"  I think that they are port numbers but they do not relate to tcpdump output.
<nerdy_kid> I am trying to get passive ftp to work (i have a router).
<pmatulis> Ejdesgaard: you need to connect to libvirtd in system mode
<Ejdesgaard> pmatulis, how?
<pmatulis> Ejdesgaard: you add a local connection to virt-manager
<pmatulis> Ejdesgaard: you want to see 'localhost (QEMU)' in the menu
<Ejdesgaard> pmatulis, i have "localhost (QEMU Usermode)"
<pmatulis> Ejdesgaard: exactly, you don't want that
<pmatulis> Ejdesgaard: you want system mode
<Ejdesgaard> i want to be able to choose br0 NAT for the NIC on a client. and i would like to be able to do it without "sudo virt-manager"
<pmatulis> Ejdesgaard: i'm trying to tell you how
<Ejdesgaard> pmatulis, virt-manager -c qemu://system was the answer :)
<Ejdesgaard> thanks for the help
<pmatulis> Ejdesgaard: keep on truckin'
<pmatulis> Ejdesgaard: but you should be able to add a connection to get that
<pmatulis> Ejdesgaard: i just tried it
<Ejdesgaard> hmm... yes
<jdimatteo> pmatulis: thanks (please excuse my delayed response)
<fishscene> Greetings. I realize this might be a VSFTP problem, but I'm not sure...  I'm trying to get a vsftp server running on an Ubuntu installation. I need to change the port from the default of 21. I'm able to successfully change the port, but the "list" command doesn't execute properly. I suspect because the server is trying to send information to the client over port 20. I tried changing that too, but to no avail. Does anyone know how to chan
<fishscene> nvm. topic moved to #ubuntu
<domas> hi!
<domas> does anyone know why XFS/LVM/mdadm snapshots are corrupt in 10.04? :)
<uvirtbot> New bug: #668617 in mysql-5.1 (main) "mysql-server fails to configure and install under dpkg" [Undecided,New] https://launchpad.net/bugs/668617
<drcode> hi all
<drcode> is there software that mount disk automticly in console?
<BlackJamMan> are there any console email checkers other than mail, and pine ?
<CarlFK> BlackJamMan: tons.  elm and mutt come to mind
<BlackJamMan> CarlFK: eh I'll just have to wait on the system admin I think.  I can read it with more /var/spool/mail/myuser though
<Error404NotFound> Quick Poll: what is better, LTS or non LTS for a server? [In the dilemma of Upgrade/Do not Upgrade/Upgrade/Do not upgrade]
<joschi> Error404NotFound: LTS
<joschi> Error404NotFound: well, at least if it's a productive system. if you just want to play, go with whatever you like
<Error404NotFound> joschi, and the last plucked petal also says LTS/Do not Upgrade :)
<joschi> Error404NotFound: that's one smart flower ;)
<Error404NotFound> joschi, ofcourse, it belongs to me afterall :) ^_^
<jaakkop> 'ello
<RoyK>  
<jaakkop> Hmm, does anyone use ufw for gateway + firewall?
<RoyK> jaakkop: for fw, yes
<jaakkop> I was just wondering what would be the most suitable solution for a home router.
<RoyK> jaakkop: dedicated router?
<RoyK> or server/router/something?
<jaakkop> A small server used as my home network's router among other things.
<RoyK> ok, ufw can be used with that quite easily
<jaakkop> Yeah
<Zeu5> hi there, i have the following dir /var/www/folder which has the permissions username:username drwxrwxr-x i want my apache to be able to access this folder and write new files. currently it cannot. please advise.
<RoyK> that is - last I checked ufw doesn't have any built-in stuff for NAT, so you need to do that manually with iptables (which is the underlying infrastructure under ufw)
<RoyK> Zeu5: with 775 permissions, as you have, only user and group can write there
<jaakkop> I know. I'm just wondering it's the best solution for a gw+fw. :-)
<RoyK> I'd say pfSense :)
<Zeu5> RoyK:thank you for your response.  so i have no choice but to make it 777?
<RoyK> Zeu5: or make sure www-data is in the same group...
<Error404NotFound> I rebooted my server after upgrade, everything wine fine, it loads fine, except that i don't see a prompt on console...
<RoyK> Zeu5: or use posix ACLs
<jaakkop> I think I'll just use ufw for now then...
<Zeu5> RoyK: i am unfamiliar with either option. i am new to ubuntu. which option would you advise to someone like me?
<RoyK> Zeu5: ls -ld dirname - that shows you which user/group owns the file - vi /etc/group and add www-data to that group
 * RoyK hands Zeu5 a 'learning unix systems' bible
<Zeu5> RoyK: thank you :)
<Zeu5> RoyK: which book would that be? not all such books are created equally. would love to hear what book an expert like yourself would recommend to me
<RoyK> sorry - I really don't know
 * RoyK has never had a book about linux, but then, he installed his first linux box back in 1994 and is still learning
<Zeu5> RoyK: that is cool. I am learning too. thanks for your coaching :) :)
<SAngeli> what tool to use to inquiry a seral port modem to see all specs and which seral port is connected?
<RoyK> SAngeli: minicom?
<SAngeli> thank you. I was able to get wvdialconf to work as of now
<RoyK> SAngeli: are you using a modem for dialup?
<Zeu5> RoyK: it worked!!!!!!!!
 * RoyK is slightly impressed someone still uses that technology
<SAngeli> RoyK, :-) Am using a modem for fax services
<SAngeli> am trying to install Hylafax
<Zeu5> RoyK: thank you thank you :) :)
<RoyK> SAngeli: ah
<RoyK> Zeu5: np
<SAngeli> it would be really cool if for dial-up, in the 2010 ;-)
<Zeu5> RoyK: :) :) :)
 * Zeu5 is happy
<RoyK> SAngeli: actually, we're using modems for dialup at work :)
<RoyK> and we still have some DOS apps
<SAngeli> wow
<RoyK> and a couple of VMS boxes
<RoyK> and even a few Solaris 8 machines
<RoyK> and an old HP/UX box that refuses to die
<SAngeli> cooooool
<SAngeli> I like the refuses to die
<SAngeli> very nice
 * RoyK works for nilu.no - we have quite a lot of old stuff around
<RoyK> I recently found a Sun Ultra 5 on the network
<RoyK> no idea where it is, though, but someone is clearly using it for something
<SAngeli> where is on the internet the official ubuntu server ports so that I can see all available packages?
<RoyK> apt-cache search ""
<RoyK> that should give you a good listing
<SAngeli> on the web? Something similar to this one: http://www.freebsd.org/cgi/ports.cgi  ? Does ubuntu have one?
<RoyK> it'll take some time reading through it, though
<RoyK> http://tinyurl.com/2bvm53r
<SAngeli> nice. thank you
<SAngeli> I like this link, RoyK
<SAngeli> Is it better to install Hylafax by just doing apt-get install hylafax being release (6.0.3-5.1ubuntu1) or follow these instructions: http://www.hylafax.org/content/Handbook:Binary_Package_Install#Debian_Linux_.28also_applies_to_Ubuntu.29  (being also release 6.0.5)?
<SAngeli> Will apt-get take care all all that is needed?
<SAngeli> or better question: how to be able to install The current release is version 6.0.5.0 of hylafax considering that Ubuntu has only available (if I did not make any mistake reading) rel 6.0.5? http://packages.ubuntu.com/search?keywords=hylafax&searchon=names&suite=lucid&section=all
<Error404NotFound> my server is getting stuck at http://pastebin.com/wKCEaaRE on every boot
<Error404NotFound> services like apache, mysql seem to be working though
<Error404NotFound> no ssh
<Error404NotFound> firewall seems to be running fine as well
<uvirtbot> New bug: #668692 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/668692
<Cute_boy> hello
<zealiod> How can  use ebtables log mac addresses with a certain vlan tag?
<nerdy_kid> e the 39 68 numbers in this message? "227 Entering Passive Mode (192,168,1,2,39,68)"  I think they are ports but they do not correspond to tcpdump data
<nerdy_kid> hello, I am trying to get my ftp server to work through a router and need to know, what are the 39 68 numbers in this message? "227 Entering Passive Mode (192,168,1,2,39,68)"  I think they are ports but they do not correspond to tcpdump data
<SAngeli> Hi, I am unable to find faxgetty  to install on ubuntu server. can anyone please help? I also am unable to find and install egetty-link as needed from hylafax
<SAngeli> http://manpages.ubuntu.com/manpages/dapper/man8/faxgetty.8.html  here is a ubuntu page but
<SAngeli> It seems that the file is present: ubuntu:~$ ls -la /usr/sbin/faxgetty
<SAngeli> -rwxr-xr-x 1 root root 474448 2010-09-06 00:03 /usr/sbin/faxgetty
<SAngeli> how do I install a symbolic link for /etc/hylafax/getty-link that points to my program being hylafax?
<SAngeli> Is it like this one: /usr/sbin/faxgetty /dev/ttyS1
<brontoeee> what OS should one use to run multiple lamp virtual appliances?
<brontoeee> host OS i mean
<c0nv1ct> brontoeee, linux
<brontoeee> c0nv1ct, which one?
<c0nv1ct> brontoeee, any...
<c0nv1ct> brontoeee, look into openvz or LXC, they work in any linux
<brontoeee> c0nv1ct, ok, thanks
<c0nv1ct> you'll have low overhead that way, or you could do full virtualization with something like kvm
<c0nv1ct> (more overhead)
<brontoeee> openvz seems to be fedora related?
<joschi> brontoeee: not really. it's just that parallels provides prebuilt kernels for rhel/centos
<brontoeee> is there something thats preinstalled into ubuntu-server to be used for such virtualization?
<joschi> brontoeee: https://help.ubuntu.com/community/OpenVZ
<brontoeee> also related q: can i make such an apliance, dev it locally, then just copy/paste it on production server, or what is the workflow?
<joschi> brontoeee: you basically just have to copy the container file which contains the VE's filesystem
<brontoeee> how is cpu/IO management done on the production server, say i would like to have certain machines to have more cpu avaliable?
<makomi> hi, iÂ´ve got questions about kvm and I want to join #ubuntu-virt but I donÂ´t have a invitation. so anybody know how to join chan?
<yann2> doesnt exist anymore
<yann2> has been moved to.. here :)
<makomi> yann2: thanks
<makomi> And now my question :) - iÂ´ve installed 10.10 and want to use vmbuilder du build a maverick vm, but "vmbuilder kvm ubuntu --suite maverick" wonÂ´t work because vmbuilder donÂ´t know maverick
<Jeeves_> hehe :)
<makomi>  ERROR   : Invalid suite: "maverick". Valid suites are: dapper gutsy hardy intrepid jaunty karmic lucid
<resno> someone here told me about a ppa to get openvnz install on 10.04
<resno> ah, its lxc now, i remember
<c0nv1ct> resno, ya, i just made the switch from openvz to lxc, still trying to figure out lxc
<resno> c0nv1ct: ive never worked with it, do you download containers or what?
<c0nv1ct> resno, apparently you can migrate existing openvz templates
<resno> have you tried it?
<c0nv1ct> i haven't gotten that far yet, i just completely redid my server yesterday :)
<resno> ah, of course :-\
<c0nv1ct> once i finish prelude/snort i'll finish setting up lxc, i got as far as creating the bridge
<resno> you got a public server or a prive home network thing?
<c0nv1ct> this one is private
<resno> i think ill just uninstal lxc for the time being
<resno> seems more complicated then i want to jump into now
<c0nv1ct> yeah, it doesnt seem as mature as openvz, not yet at least
<c0nv1ct> openvz was up and running in a matter of minutes when i first used it in gentoo
<resno> openvz isnt supported?
<c0nv1ct> i believe it is, but is being phased out
<c0nv1ct> afaik, lxc hasn't replaced it entirely as of yet
<zealiod> when a static ip on a laptop moves on the network from on switch port to another I loose sight of it from the server, even though they still have connectivity - if i clear the arp table on the server everything is fine... how can i prevent this
<zealiod> Arp and bridging dont seem to ne working... i have 3 interfaces on br0, eth1, eth2, eth3 - ARP is not reliable, one i move a device that is attached to eth1 to eth3, then I can not ping the device again, unless I clear my arp cache, can this be avoided?
<RoyK> zealiod: that's basically how arp caching work
<RoyK> zealiod: also, different NICs shouldn't be on the same IP net unless you use link aggregation
<c0nv1ct> zealiod, why do you have 3 interfaces isolated yet on the same network?
<zealiod> RoyK: What about a roaming NIC, such as one on a laptop that has a fixed IP - how does ARP work then?
<zealiod> RoyK: Can ARP caching be turned off for certain IPs
<RoyK> doubt it
<RoyK> what do you mean "roaming nic"?
<zealiod> RoyK: a NIC ton a latop for example
<zealiod> *laptop
<zealiod> c0nv1ct: I'm bridging VLANs
<RoyK> zealiod: arp caching work - I just don't get what you're trying to do
<zealiod> RoyK: OK, so, I plug my laptop into eth1 and ping myself 192.168.101 from the server, all good...
<zealiod> RoyK: I then plug myself into eth2 and I can no longer ping myself from the server
<RoyK> zealiod: please explain the configuration of the server
<zealiod> RoyK: I flush the arp table on the server, and I can then ping 192.168.1.101 - I move back to eth1... and I can no longer ping the IP...
<zealiod> I have 3 interfaces that are bridged to 1 interface br0
<RoyK> why do you use two NICs on the same IP network?
<zealiod> RoyK: I'm bruding them
<zealiod> *bridging them
<c0nv1ct> you dont bridge within the same ip network...
<c0nv1ct> a bridge connects different ip networks
<zealiod> eth1 0.0.0.0, eth2 0.0.0.0 and then I add those nics to br0 on 192.168.1.1
<zealiod> works a charm
<c0nv1ct> nm, you are right, i'm tarded this morning... that should work
<RoyK> zealiod: a bridge is something between two physical network
<RoyK> zealiod: what you're doing isn't really a good idea
<c0nv1ct> RoyK, isnt that what he has? one physical network behind eth1 and another behind eth2
<RoyK> c0nv1ct: didn't seem like that to me, but then, I have no idea what he's trying to do - he hasn't detailed the setup
<c0nv1ct> RoyK, it seems like he is trying to setup the linux box basically as a layer 2 switch
<c0nv1ct> it would help to know more info though
<RoyK> zealiod_: please detail your setup
<RoyK> it's no use for us to start guessing
<uvirtbot> New bug: #668775 in samba (main) "read only = no for Profiles in default smb.conf" [Undecided,New] https://launchpad.net/bugs/668775
<uvirtbot> New bug: #668818 in keepalived (main) "Please merge keepalived 1:1.1.20-1 (main) from debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/668818
<Error404NotFound> how can i force a run of crons inside my crontab? these are not in cron.*/ dirs...
<SpamapS> Error404NotFound: what do you mean force a run?
<Error404NotFound> SpamapS, manual run of each cron entry inside crontab
<SpamapS> Error404NotFound: well, you could just run them
 * SpamapS waits patiently as his Hardy download crushes the wifi at the airport
<ksx4system> SpammapS: already did it? ;>
<uvirtbot> New bug: #668842 in etckeeper (main) "Please merge etckeeper 0.50(main) from debian unstable(main)" [Undecided,New] https://launchpad.net/bugs/668842
<kobrien> greetings. I have a J2EE application. I wish to deploy in on a private ubuntu cloud. I have 2 questions. 1: Do I have to rewrite my code. 2: Will my app distribute across multiple nodes automatically?
<SpamapS> 1. no, a private cloud is just a way to spawn virtual machines. 2. see 1.
<kobrien> will using Amazons cloud give me this functionality then?
<user> hi
<CarlFK> http://ubuntuforums.org/showthread.php?t=846480  HOWTO Control Fan Speed July 2nd, 2008
<CarlFK> E: Unable to locate package powersaved
<CarlFK> anyone know of a more recent doc?
<uvirtbot> New bug: #668872 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/668872
<CarlFK> fancontrol i guess.. trying it
<makomi> why i cant create in 10.10 with vmbuilder a maverick vm? I get error "Invalid suite: "maverick". Valid suites are: dapper gutsy hardy intrepid jaunty karmic lucid"
#ubuntu-server 2010-10-31
<uvirtbot> New bug: #668927 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/668927
<uvirtbot> New bug: #668933 in autofs5 (main) "autofs5 may fail if map contains utf8 characters" [Undecided,New] https://launchpad.net/bugs/668933
<FFForever> Any vpn daemon recommendations?
<jpds> openvpn?
<k5673> !openvpn
<ubottu> OpenVPN is a vpn technology in Ubuntu, sudo apt-get install openvpn and then see http://openvpn.net/ and see the documentation "HOWTO" noting you have already installed it. ;-) It rocks!
<k5673> !openvpn > FFForever
<ubottu> FFForever, please see my private message
<zealiod> Can I give a bridge interface an alias?
<_Techie_> if i create a virtual interface, eg eth0:0 will it be able to recieve an ip fro eth0?
<_Techie_> via DHCP on et0*
<_Techie_> eth0*
<_Techie_> x
<airtonix> is it normal for phpldapadmin to be missing the groupOfUniqueNames template ?
<airtonix> as defined under "Apache Integration" here : https://help.ubuntu.com/community/OpenLDAPServer#Apache%20Integration
<uvirtbot> New bug: #669005 in apache2 (main) "Apache2 crashes on reload" [Undecided,New] https://launchpad.net/bugs/669005
<nedhead> With Ubuntu Server 10.10 x86, when I connect (SFTP) it restricts me to my home directory. Where do I need to look to authorize me full control over /var/www? Thanks!
<WhiteStarEOF> Got a head-scratcher here. I'm trying to get tftpd-hpa running as seen https://help.ubuntu.com/community/PXEInstallServer here and in other places. The instructions seem to be the same, but it doesn't seem to work. It starts without issue, just trying to tftp anything times out. Nothing in the messages file. I even tried throwing gibberish in to /etc/default/tftpd-hpa, and it never complained on startup. Thoughts and opinions
<joschi> WhiteStarEOF: what's the content of your /etc/default/tftpd-hpa? how do you run tftpd-hpa, standalone or via (x)inetd?
<WhiteStarEOF> tftpd-hpa config file just has RUN_DAEMON="yes" and OPTIONS="-l -s /var/lib/tftpboot" like it says on the page. Also, /var/lib/tftpboot is where I dumped my files. I basically walked through that walkthrough using the defaults (worrying about customization later) until the "Install Apache" section as that seemed to be for added features.
<joschi> WhiteStarEOF: check if /etc/inetd.conf or /etc/xinetd.d/tftp-hpa try to run tftp-hpa and check with lsof or netstat if the correct process is listening on the tftp port
<WhiteStarEOF> Looks like I don't have an /etc/xinetd.d directory. When I do 'start tftpd-hpa' I do a 'netstat -a | grep tftpd' and it doesn't find anything.
<joschi> WhiteStarEOF: is tftpd-hpa running at all?
<WhiteStarEOF> Not that I can tell.
<WhiteStarEOF> I get nothing out of netstat, nmap doesn't show port 69 as being open.
<airtonix> WhiteStarEOF, for what its worth i don't understand why i should need to use xinetd, so i used atftp instead.
<KB1JWQ> WhiteStarEOF: You're aware that tftp is a UDP based protocol, right?
<joschi> airtonix: tftpd-hpa can also run in standalone mode without (x)inetd
<WhiteStarEOF> That wasn't in my mind, but that does make sense.
<airtonix> joschi, well when i installed i expected to be able to use service tftpd-hpa stop|start|restart ...
<airtonix> joschi, but from my brief inspection (and according to setup docs if i want it to be a daemon then i need to install and setup YET another daemon)...
<airtonix> atftp however...
<joschi> airtonix: actually I run tftpd-hpa without (x)inetd
<airtonix> joschi, it didnt do what i wanted without stuffing around with another package so i removed it
<airtonix> joschi, installed atftp, and it did what i wanted right away
<uvirtbot> New bug: #669011 in bind9 (main) "package libisccc60 1:9.7.0.dfsg.P1-1 failed to install/upgrade: ErrorMessage: ne peut pas accÃ©der Ã  l'archive: Aucun fichier ou dossier de ce type" [Undecided,New] https://launchpad.net/bugs/669011
<WhiteStarEOF> Huh. atftp worked. However it may be worth noting that I changed the path for tftp files from /srv/tftp to another location and despite multiple restarts, it insists on putting the files in /srv/tftp. In the end, however, I'm up and running.
<nedhead_> Ubuntu Server 10.10 x86: How can I prevent Ubuntu from turning off my laptop's display while it's running?  (XWindows is not installed or running.)  Thanks!
<adac> Shouldnt that enable the iptables rule also on bootup: http://pastie.org/1261887
<pmatulis> adac: no
<adac> pmatulis, In debian it does. ubuntu not. So i needed to add it to /etc/network/if-pre-up.d/
<pmatulis> adac: no, that wouldn't make your rules permanent on debian either
<pmatulis> adac: from the iptables-save man page: "dump iptables rules to stdout"
<adac> pmatulis, hmm then I guess the howto was wrong, or i understood it wrong.
<adac> or the guy who wrote it did forget about the fact that a restart does drop the rules
<adac> see: http://www.zoleet.com/index.php/basic-openvpn-server-ubuntu-and-debian-openvz
<pmatulis> adac: i guess he used iptables-save just to prove that the rule was now in effect
<pmatulis> adac: nowhere does he say this will bring back the rule upon bootup
<adac> pmatulis,nope he doesn't. bu he should mention that i guess. I will write a comment
<adac> all in all the howto is great, works perfect
<pmatulis> adac: ok
<adac> ERROR: Could not read CAPTCHA token file.  hehe
<adac> commenting is broken ;)
<unknownworlds> i've cloned my ubuntu installation with dd and startet them with kvm/qemu. i've changed the ips of the ubuntu clients and all works fine, but some programms crap the wrong default ip and dont start correctly.
<unknownworlds> i've just changed the /etc/network config (all static). i dont think ubuntu caches any default ip elsewhere.
<unknownworlds> so i restart the host, vnet interfaces, checked the routing and so on. all looks fine, but still the default ip is wrong in some programs
<uvirtbot> New bug: #669131 in samba (main) "Samba won't connect after boot, requires restart of smbd" [Undecided,New] https://launchpad.net/bugs/669131
<peta_> hello everybody
<uvirtbot> New bug: #668748 in ntp (main) "Unable to contact time server" [Undecided,New] https://launchpad.net/bugs/668748
<Guest87153> I can't install wireless driver :bcm4312 in dell loptop OS xubuntu . I read FQT and do it but i cant active this.can you help?
<mablue> I can't install wireless driver :bcm4312 in dell loptop OS xubuntu . I read FQT and do it but i cant active this.can you help?
<peta_> i'm faced with the decision to chose a os for my new root server. i must decide between Debian 5 and Ubuntu 10.10 server.  i'm using debian etch on my current one and it's pretty familiar to me. so my first intention was to chose debian 5. however, i wondered what advantages ubuntu 10.10 would offer that debian would not. what do you think?
<Patrickdk> root server?
<ndroftheline> hello
<ndroftheline> i'm trying to get ubuntu server installed but i simply can't get my laptop to boot the cd
<ndroftheline> i've tried desktop, Server, and even Netbook. i think it's a failed CDrom
<ndroftheline> the bios won't allow me to boot to usb
<ndroftheline> any suggestions?
<Patrickdk> put the cd on a usb stick?
<ndroftheline> ndroftheline: the bios won't allow me to boot to usb
<ndroftheline> besides it's only got usb 1.1 i believe lol
<Patrickdk> so?
<Patrickdk> net boot it via pxe?
<ndroftheline> that'd be great, how do i do that
<ndroftheline> the tutorials i've discovered online address similar things but not what i want
<Patrickdk> find an example somewhere, it's not too hard, but there are lots of peices to the puzzle
<ndroftheline> <nods>
<Patrickdk> dhcp, tftp, pxe, ubuntu netboot files, ...
<ndroftheline> righto.
<ndroftheline> ok
<ndroftheline> do you have any experience uisng preseed files in 10.10?
<Patrickdk> na, I don't do preseed
<Patrickdk> I just only do min installs
<ndroftheline> #min-install
<ndroftheline> hrm. what's that
<Tommo> Hi guys - hopefully an easy question... does anyone know what user apache2 runs as on the 6.06 edition?  Thanks for any responses (I am doing a test install of moodle on a local server)
<ndroftheline> what open-source disk imaging solution sholud i use to make a backup image on a secondary partition
<Tommo> ndroftheline: try wikipedia 'dd unix'
<ndroftheline> preferably something that won't take days to re-copy an image of several gigs, with compression and possibly a rudimentary gui?
<uvirtbot> New bug: #669183 in bacula (main) "package bacula-director-mysql 5.0.2-1ubuntu1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/669183
<andres_> hi everybody
<andres_> where mysql save the bd's
<RoyK> andres_: /var/lib/mysql iirc
<_Techie_> ndroftheline, clonezilla, or clonezilla-live
<amarcolino> I have been given a static ip by my isp how do I apply it to my server?
<guntbert> amarcolino: please see https://help.ubuntu.com/10.04/serverguide/C/tcpip.html
<amarcolino> guntbert, will read it now, thanks
<guntbert> amarcolino: happy reading, the server-guide is really good, if questions remain don't hesitate to come back
<Hazuki> What would be stopping a software-RAID1 (mirroring, 2 x 500 GB disk) array from loading on boot? Machine is Poweredge T110 (Dell) server, version 10.04 LTS 64-bit
<k5673> Hazuki: software RAID or hardware RAID?
<Hazuki> software raid
<k5673> Hazuki: try to boot from the other HDD. Last time, i got the same problem. And that just fixed it. But is not a normal behavior.
<Hazuki> I boot from a single disk, and the RAID array is for other things
<Hazuki> there's a 320 GB drive with /boot, swap, /, and /home on it, and the RAID1 array is at /mnt/RAID (/dev/md0)
<Hazuki> it just doesn't mount at bootup, but I can go in and manually mount it from gnome's disk tool
<k5673> Hazuki: have you added the RAID volume in /etc/fstab?
<Hazuki> yes
<k5673> Hazuki: Do you see something unusual in dmesg? About the RAID?
<Hazuki> i can't check it now unfortunately ><
<k5673> Hazuki: Any wrong option or something?
<k5673> Hazuki:...
<k5673> Hazuki:If the volume is in fstab, it can be a wrong option or something?
<k5673> Hazuki:Why you can't see the dmesg output?
<Hazuki> because I'm nowhere near the machine and the boss isn;t in today
<k5673> Hazuki: Do you have SSH access?
<Hazuki> supposedly...i'm looking for the machine's external name now
<k5673> Hazuki: So... use dmesg | more
<k5673> Hazuki: you can use nmap, to search the machine on the network
<Hazuki> i'm not on the same network. i just need to remember where the boss said he hooked it up to
<k5673> Hazuki: nmap -sP 192.168.0.0/24  .Replace the 192.168.0.0/24 with your actual network and netmask.
<dark-matter> hello everyone
<dark-matter> I came across a strange issue the other day with a new installation of ubuntu server 10.10
<dark-matter> When the system boots, if you reboot it before finishes booting, then it will boot to the grub menu, even though I have grub configured for a timeout of 0
<dark-matter> Anyone have an idea of how to make it boot regardless?
<dark-matter> I have a ubuntu server 9.04 server and it doesn't have the same issue
<dark-matter> i assume it is something new with grub2
<mrroth> hi what is a rtorrent webfrontend I can install via apt
<k5673> !torrentflux > mrroth
<mrroth> k
<mrroth> it based on rotorrent
<mrroth> cool
<Aison> argh, since 10.10 i've got problems with nfs :(  i guess it's related to version 4
<mrroth> hi
<mrroth> so how do I add user www-data to /mnt/media/Downloads
<mrroth> so torrentflux can access it
<mrroth> anyidea
<qman__> mrroth, the way permissions work in linux, you do not add users and groups to files
<qman__> each file has one owner and one group-owner
<qman__> and read/write/execute is set for the owner, the group-owner, and everyone else
<qman__> to make it work, you can do one of several things
#ubuntu-server 2011-10-24
<Patrickdk> there is none, that I know of
<Patrickdk> this is what pre-up, up, post-up are useful for
<twb> kaushal: one moment
<twb> kaushal: here is mine http://paste.debian.net/139315/
<kaushal> twb: ok
<kaushal> twb: if i just set gateway someip in /etc/network/interfaces ?
<kaushal> is that sufficient ?
<twb> kaushal: that depends what you want.
<kaushal> I mean make it permanent
<kaushal> am i doing it wrong ?
<twb> Probably.
<kaushal> twb: Probably ?
<kaushal> not sure i understand
<twb> kaushal: I mean: I think you're an idiot, and you want someone to do your homework for you.
<kaushal> twb: mind your words ?
<kaushal> its pretty bad
<twb> I have a bunch of LXC jails, which drop SYS_ADMIN, and thus cannot lower niceness levels.  Cron is hard-coded to do so, so I get messages like this: bleed CRON: pam_limits(cron:session): Could not set limit for 'nice' to soft=20, hard=0: Operation not permitted; uid=0,euid=0
<twb> Now, this I can understand, but recently I created a new jail, and for some reason it is saying the same with uid=20 instead of uid=0.
<twb> How can this be?  That uid is not in use, and UIDs below 100 are reserved for distro-wide hard-coded use.
<amero> why in oneiric, nic aliasing only show the main ip of the nic?
<twb> amero: pastebin the output of "ip a"
<patdk-lap> who exactly are you *showing* this info?
<twb> s/who/how/ ?
<amero> i could see all the additional ips in 'ip a' but not in ifconfig -a
<patdk-lap> heh, it worked both ways :)
<twb> amero: that's because ifconfig is crap
<patdk-lap> ipconfig has been depressiated a long time ago
<twb> amero: it predates the idea that interfaces can have >1 address
<patdk-lap> how did you make the alias?
<twb> patdk-lap: er, *ifconfig; *deprecated.  Go drink some coffee :-)
<patdk-lap> heh
<twb> And "depreciated" is something that happens to money, not code
<patdk-lap> well, it happens to code :) we just call it bitrot :)
<patdk-lap> looks like ubuntu opted to not fix it, but passed it upstream to debian, and waiting for them to fix it
<patdk-lap> bug #876829
<uvirtbot> Launchpad bug 876829 in ifupdown "Oneiric's ifupdown breaks ip aliases" [High,Triaged] https://launchpad.net/bugs/876829
<twb> patdk-lap: wow, someone actually made a nontrivial change to ifupdown?
<twb> Like, made it use ip(8) ?
 * stgraber notices a familiar bug # :)
<stgraber> so yeah, regarding that bug, I'm not familiar enough with ifupdown's code to fix it, especially as the bug is in Debian's 0.7 branch too
<twb> ifupdown is fucking awful code
<stgraber> the aliasing actually works (as in, the IP gets assigned to the interface), the problem is the missing label
<stgraber> so hopefully now that the source of the problem is known, it should be quite easy for the author to fix it. Once it's fixed upstream, I'll try to isolate the fix and push it to Oneiric as an SRU.
<patdk-lap> stgraber, should be a simple fix :)
<patdk-lap> figured someone would have patched it by now though
<patdk-lap> maybe if I have a moment this week I'll make one
<patdk-lap> but that big isn't big for me, as I don't use oneiric
<patdk-lap> hmm, 7hours before I can verify this patch works :(
<stgraber> patdk-lap: I started looking at the diff last week, though the 0.6 -> 0.7 diff is pretty big so figuring out exactly what broke wasn't too trivial. Though now that I know it's definitely label related, pin pointing the change and reverting/fixing it should be a lot easier.
<stgraber> I may try to do that next week if I'm not too busy with pre-UDS preparation
<patdk-lap> stgraber, can I see the diff?
<patdk-lap> it really should be a very simple patch, should be pretty ovious
<stgraber> patdk-lap: http://pastebin.com/p2Eht102 is the diff from 0.6.10ubuntu5 to 0.7~alpha5.1ubuntu1 (so basically from the latest 0.6 release to the earliest 0.7 release)
<stgraber> patdk-lap: http://pastebin.com/d40HanPQ when restricting to ifupdown.nw
<patdk-lap> there you go :)
<patdk-lap> that paste pastebin
<patdk-lap> line 940
<patdk-lap> ip link set dev %iface% up label %iface%
<patdk-lap> should do it
<patdk-lap> maybe for 985/986 also? or is that part of a comment?
<twb> I thought ifupdown 0.7~a was still classed as "here be dragons"
<patdk-lap> actially, I wonder if that would work
<patdk-lap> wonder what iface is set too there
<patdk-lap> I'll have to install an oneiric machine and play
<stgraber> twb: yeah, my understanding is that we got it in Oneiric to have it well tested for the LTS and because we wanted IPv6 support
<twb> I guess
<patdk-lap> ipv6 support for what?
<stgraber> patdk-lap: IIRC ifupdown 0.7 brings a few more options to "inet6 static" and the one currently in Debian brings dhcpv6 support too
<patdk-lap> hmm, I haven't done dhcpv6 yet, just stick with static and auto v6 so far
<twb> The main use is resolv.conf
<bao_> how to delete mysqmail
<Takyoji> Anyone know of a way to have scripted input for debconf when installing packages that require human input? (such as for the case of deploying the installation of something across a network of systems, silently; without having to put in data manually at each system.
<twb> Takyoji: DEBIAN_INTERFACE=noninteractive
<twb> But you probably want something like puppet
<Takyoji> because I'm trying to deploy a LDAP/NFS setup on fresh installations and so on
<Takyoji> ahh; apparently you can even just set it (as a variable) before any apt-get command rather than having to permanently set it, as I thought was the only option
<twb> Also preseeding
<Takyoji> preseeding being?
<uvirtbot> New bug: #813398 in lxc (main) "lxc-create -t ubuntu spews locale errors " [Low,Won't fix] https://launchpad.net/bugs/813398
<twb> Takyoji: answering questions in advance
<twb> Like debconf-set-selections <<<'ldap-auth-config ldap-auth-config/override boolean false'
<Takyoji> I'm most likely to be going without puppet; I pretty much already have a bash script written
<Takyoji> with non-interactive; does that mean you can just specify the values using stdin, or?
<twb> Takyoji: no, it means you can't specify anything
<Takyoji> So it just ignores the configuration part entirely?
<twb> It doesn't prompt you at all
<Zanzacar> Hi I am trying to mount a western digital usb hdd. but I am runing into errors
<Zanzacar> mount -t vfat /dev/sdc /media/external -o uid-1000,gid=1000,utf8,dmask=027,fmask=137
<Zanzacar> that is the command I used.
<Takyoji> so it assumes some default value instead then, or?
<twb> Takyoji: it'll take the defaults (or preseed), yes
<twb> Takyoji: occasionally it'll email you (e.g. debmirror) if there is no useful default
<Zanzacar> it said wrong fs type, bad option, bad superblock on /dev/sdc
<Takyoji> /dev/sdc is a whole harddrive, not a specific partition
<twb> Zanzacar: try sdc1
<Zanzacar> tried that got the same error
<twb> Zanzacar: pastebin "cat /proc/partitions"; pastebin "file -s /dev/sdc*"
<Zanzacar> I was following the ubuntu help guide on it till I got the errors then came here.
<twb> Make that "sudo file -s /dev/sdc*"
<Zanzacar> http://paste.pocoo.org/show/497153/
<Zanzacar> http://paste.pocoo.org/show/497154/
<twb> Blergh
<twb> Well, /dev/sdc1 is definitely right, so something else is wrong -- like maybe you weren't running mount as root?
<twb> Surprised they're shipping with FAT though, you'd think NTFS would be saner...
<Zanzacar> I had a typo, uid-1000 needed to be uid=1000
<Zanzacar> sorry about that guys
<twb> Zanzacar: oh, sorry I didn't spot that
<Zanzacar> no I just need to figure out how to copy all .mp4 movies over to the hdd haha.
<twb> upsmon to upsd, that's client pull oriented, right?
<Zanzacar> yay I figured it all out, now I can copy 125gigs in less then 5 days.
<Zanzacar> usb vs. lan...... lan wins
<Zanzacar> whoops
<Zanzacar> usb vs ftp.... usb wins
<Zanzacar> haha
<nathwill> zanzacar: sneaker-net always wins :)
<twb> station-wagon full of tapes
<Zanzacar> what is flush-8 command? I am copying a bunch of movies from my server HDD to a fat32 HDD
<Zanzacar> I am looking at my IO read writes and its says its reading and writing a lot
<Zanzacar> man pages says something about email, smtp but I didnt think I had a mail service on this server
<twb> Zanzacar: it's probably a kernel thread responsible for getting the data onto the actual platters of the disk
<twb> Zanzacar: it's 8 because you have 8 CPUs
<twb> Zanzacar: the anpage
<twb> Zanzacar: the manpage is for postfix; unrelated
<Zanzacar> twb: thanks I was wondering why it didnt make any since.
<twb> If you're in top and you hit "c", or in ps auxf output, kernel threads have []'s around them
<Zanzacar> th0mz: thanks for the info
<Zanzacar> twb: O thats pretty cool, ya it says its a kernel thread
<twb> Yeah, well, they piss me off
<twb> ps auxf | grep -v ]$
<Zanzacar> the kernel threads piss you off?
<Zanzacar> o thats really cool its like a tree of where the commands are coming from basically?
<twb> They piss me off when they fill up the first three pages of top because I have 8 cores instead of 2
<Zanzacar> I am still learning all this, I only started using linux about 2 months ago maybe.
<Zanzacar> had a server up after about 1 month.
<Zanzacar> every problem I run into I try to figure it out research it, etc.
<Zanzacar> I did a bunch of bash stuff but got really frustrated with the syntax so I learned python instead.
<Zanzacar> All I know is now that I know linux I never want to go back to pc
<twb> I don't really care about your personal epiphanies.
<Zanzacar> twb: ok
<Takyoji> How do you specify a preseed file when installing packages with apt-get? Or do I just append it to some system-wide file, or?
<twb> Takyoji: you pass it to debconf-set-selections before installing the package in question
<Takyoji> ahh, I think I understand what you were specifying earlier.
<twb> Quite
<Takyoji> and you generate the preseed config how? Do the installation as normal and get the added info to debconf-get-selections, or?
<twb> Takyoji: using your brain
<twb> debconf-get-selections helps
<josePhoenix> So, I just did do-release-upgrade... it's been stuck on installing a new version of /etc/mysql/debian-start for a few minutes.
<josePhoenix> How long until I should be worried?
<josePhoenix> Well.. I'm already worried. How long until I should ctrl-c? Or what should I do?
<RoyK> josePhoenix: you may want to try to strace it
<josePhoenix> I don't know which process invoked by do-release-upgrade is actually running
<josePhoenix> ah, pstree..
<twb> josePhoenix: if you interrupt d-r-u it'll explode
<twb> josePhoenix: it really doesn't cope well with that
<josePhoenix> Okay, noted
<twb> at least, that's my experience -- I get told off for bad-mouthing d-r-u all the time
<josePhoenix> can I kill the hung process (looks like restarting mysql) and will d-r-u move on
<josePhoenix> ?
<twb> Dunno
<josePhoenix> So... what's the least-bad way out of here?
<twb> Probably kill it off as cleanly as possible, then pick up the pieces
<twb> I would try killing off just the mysql restart at first
<josePhoenix> Cool, that seems to have gotten it moving again
<josePhoenix> I guess I have to figure out why mysql won't start some other time -.-
<twb> Cos it's crap
<twb> postgres ftw
<josePhoenix> Well yeah
<josePhoenix> have to support both though
<josePhoenix> not my choice
<twb> Stupid users :-/
<josePhoenix> you're telling me
<twb> Just tell them it's a security risk
<josePhoenix> and they'll complain about not being able to use wordpress
<josePhoenix> which is also a security risk >.>
<twb> hear, hear
<josePhoenix> What the hell
<josePhoenix> Have a script that spawns some processes on boot (using "@reboot" in a user crontab)
<josePhoenix> 60 sec after they're spawned, they get SIGKILL and exit
<josePhoenix> Is there some kind of throttling going on?
<josePhoenix> no, that's not it.. those lines don't show up until later
<twb> josePhoenix: what's the proc named?
<twb> A thing I've seen sometimes is the init script does like "killall squid" and kills both the squid process and itself, because it's called /etc/init.d/squid
<josePhoenix> I think I figured it out.. apparently php5-fpm doesn't clean up its own pid file, and my startup script isn't handling that nicely
<josePhoenix> Hm. How can I find per-user crontabs? I need to update this in a few users' crontabs at once
<twb> josePhoenix: /var/spool/cron/ somewhere
<twb> Not sure if you should be blatting them directly, though
<josePhoenix> Isn't that warning just because cron needs a sighup to know to rescan the crontabs?
<josePhoenix> I'm going to be rebooting anyway
<twb> something like that, yeah
<josePhoenix> might be able to fix this without touching the crontabs though... so that'd be nice
<jamespage_> morning all
<RoyK> morning
<elz89> morning all, what would be the best way of making all of my ubuntu client single sign on against my fresh install of oneiric server?
<TeTeT> elz89: probably via LDAP authentication, https://help.ubuntu.com/community/OpenLDAPServer and https://help.ubuntu.com/community/LDAPClientAuthentication
<elz89> TeTeT: thank you
<uvirtbot> New bug: #880716 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/880716
<lynxman> morning o/
<koolhead17> hi all
<uksysadmin> hello koolhead17
<koolhead17> hey uksysadmin !!! how are you sir? :)
<koolhead17> lynxman: hola
<koolhead17> hey Daviey
<uksysadmin> I'm good thanks. and you?
<koolhead17> uksysadmin: am awesome!! so how is hacking coming along?
<trapmax> logcheck gives "subprocess installed post-installation script returned error exit status 2" on 10.04. after failed upgrade aptitude shows partially installed. how do i fix this?
<trapmax> *partially configured
<uksysadmin> I like awesome. I'm getting there. I know the #juju channel will like me saying this - but that's equally as awesome (and all I've done is type juju bootstrap and juju deploy a mysql server!) lol
<koolhead17> uksysadmin: yes juju rocks!!  you can try charm for CMS like drupal or wordpress as well :)
<uksysadmin> indeed - I'm following kim0 tutorial and its working
<uksysadmin> just limited in hardware at the mo which is being alleviated this week and over the next few weeks
<koolhead17> uksysadmin: awesome!! :)
<uksysadmin> indeed
<uksysadmin> ubuntu rocks [just trying to get it back on track for this room] ;-)
<koolhead17> uksysadmin: i need to install oneric as well on my laptop to use LXC and stop using AWS for deplyment test
<uksysadmin> (that's me standing on the stage and saying "Anyone here use Ubuntu?" followed by cheers... ;-)
 * koolhead17 thinks most folks around here are still in weekend hangover!1 :P
<uksysadmin> yeah I need to do that - but I'm primarily focussed on OpenStack so providing I can get that up and running then do juju stuff to install to it - that's enough for a couple of demos to the engineers and execs here to show the power of it all
<koolhead17> hmm.
<uksysadmin> btw - I wouldn't upgrade to oineric on a desktop... its great for the OpenStack stuff, but Unity sucks (sorry for those who like it and have allegiance to it - its not for me) plus its buggy as hell.
 * uksysadmin puts flame-retardant underwear on
<koolhead17> uksysadmin: we are server folks here, and you always have choice :D
<koolhead17> i will install xubuntu/lubuntu on my netbook
<uksysadmin> I've had about 10,000 hits over a few days to my blog since putting up a fix that is caused by an upgrade to 11.04 to 11.10 in some circumstances.
<uksysadmin> that's not the desktop distro that has previously "just worked" out of the box that people came to love
<uksysadmin> though us Linux folk are fickle I guess - and that comes through choice.
<koolhead17> :P
<koolhead17> uksysadmin: am using LTS on my desktop
<koolhead17> currently
<uksysadmin> keep it that way ;-)
<w00> uksysadmin, link to the post?:)
<koolhead17> w00: google for uksysadmin i think :D
<w00> oh right
<uksysadmin> http://uksysadmin.wordpress.com/2011/10/14/upgrade-to-ubuntu-11-10-problem-waiting-for-network-configuration-then-black-screen-solution/
<w00> oh, i read that already cause i got bitten by it :)
 * w00 thanks uksysadmin
<uksysadmin> w00, its poor for something that IMHO shouldn't have gotten past testing...
<uksysadmin> BUT - how many people upgraded 11.04 (or maybe earlier) to one of the betas? I didn't - I tested the betas using a fresh install
<w00> uksysadmin, tell me about it, i'm kind of dissapointed as a user who just started using Ubuntu few months ago
<uksysadmin> I can only guess that it didn't handle /var/run (a mounted fs) in 11.04 and earlier which has files that possibly are in use because you're doing a live upgrade... it doesn't/can't remove it whilst its in use... so when you reboot /var/run doesn't have the needed structure that /run has which is a new tmpfs area
<trapmax> dpkg --configure logcheck also gives same error
<uksysadmin> and most/all packages refer to /var/run so 11.10 symlinks to /run... on a clean install this is the case, on an upgrade you're left with a /run that isn't linked to /var/run
<uksysadmin> its made worse by the fact it means networking fails - so if its your one and only desktop - you can't even google for a solution
<uksysadmin> dhclient eth0 (or whatever) will sort that out on a dhcp network - but desktop users who have ditched Windows for a cleaner experience mightn't know the magic keypresses and commands to get this going again.
 * uksysadmin stops ranting now
<koolhead17> :P
<patdk-lap> heh, I have had issues with tmpfs /var/run before
<patdk-lap> mainly programs making subdirs in it, and using them
<patdk-lap> that means you either can't have them use /var/run, or you have to recreate that dir each boot
<uvirtbot> New bug: #880778 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/880778
<trapmax> http://pastebin.com/2QjTHNZS
<Daviey> Anyone want to tackle a bitesize bug?
<koolhead17> Daviey: ?
<Daviey> koolhead17: bug 875262 is a good bitesize bug to tackle
<uvirtbot> Launchpad bug 875262 in php5 "PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626+lfs/sqlite.so'" [High,Confirmed] https://launchpad.net/bugs/875262
<koolhead17> Daviey: waoo. i saw/faced it last night itself
<Daviey> koolhead17: Great!  It should be pretty easy to fix... :)
<koolhead17> during installation of owncloud2
<uvirtbot> New bug: #880791 in samba (main) "Automated Bug Report during Oneiric Upgrade w/Samba" [Undecided,New] https://launchpad.net/bugs/880791
<Daviey> koolhead17: note, you can't use UDD for it. :/
<koolhead17> Daviey: show me the path o master!1 :)
<Daviey> koolhead17: $ pull-lp-source php5
<Daviey> :)
<koolhead17> k
<koolhead17> Daviey: the suggestion was to remove /etc/php5/conf.d/sqlite3.ini as the same bug was reported for 8.04 as well
<Daviey> koolhead17: *no*, /etc/php5/conf.d/sqlite.ini
<koolhead17> Daviey: oops
<koolhead17> yes
<koolhead17> Daviey: am on it then. :)
<koolhead17> i have it downloaded now.
<koolhead17> Daviey: https://bugs.launchpad.net/ubuntu/+source/php-sqlite3/+bug/281714 are they both not linked ?
<uvirtbot> Launchpad bug 281714 in php-sqlite3 "PHP Startup: Unable to load dynamic library '/usr/lib/php5/20060613+lfs/sqlite3.so'" [Undecided,Confirmed]
<Daviey> Hah, no - they are opposite. :)
<Daviey> koolhead17: That was a bug on hardy.
<koolhead17> Daviey: yeah. so what about apps which uses sqlite not sqlite3 ?
<koolhead17> even now?
 * koolhead17 is curious
<Daviey> koolhead17: SoL
<koolhead17> Daviey: SoL ?
<koolhead17> Daviey: sorry am finding too n00b with all the terms!! :D
<Ursinha> good morning
<Daviey> koolhead17: sorry, Sad Out of Luck
 * koolhead17 writes the meaning in his slag list :D
<Daviey> koolhead17: as per, bug 747325
<uvirtbot> Launchpad bug 747325 in sqlite "demote sqlite, or remove it from the archive" [High,Fix released] https://launchpad.net/bugs/747325
<lynxman> Daviey: hey small question for you, what's our HA ipvs of choice right now? :)
<Daviey> lynxman: simple answer?
<lynxman> Daviey: yeah
<Daviey> lynxman: We have none recommended.. If you want kernel level, ip_vs_dh
<Daviey> I don't believe it is in Lucid.
<lynxman> Daviey: was looking for something with a bit more punch, virtual IP and active monitoring of DRBD
<soren> Daviey: Not in Lucid? Really? It was there in Hardy.
<soren> Daviey: It's there in Lucid, too.
<Daviey> soren: Oh, i didn't realise it was a module in hardy or lucid.
<Daviey> ISTR having to do something funky when using it with Lucid, but i could be wrong.
<Daviey> lynxman: Really need more detail :)
<Daviey> lynxman: looked at pacemanker or drbd8 and OCFS2
<lynxman> Daviey: pacemaker, that's it :)
<lynxman> Daviey: thanks!
<koolhead17> Daviey: so is sqlite will be removed from precise :D
<soren> Daviey: Every single Ubuntu release ever has had it as a module.
<soren> Daviey: All the way back to Warty.
<amero> since ifconfig cant recognize alias nic in oneiric, what's the alt way to disable the alias nic?
<patdk-wk> damn, ifdown on a alias, downs the whole interface, but doesn't mark the raw interface as down
<patdk-wk> that is annoying
<amero> holy.. i was gonna try it with ifdown just now. so glad that i haven't done it
 * patdk-wk tests if this works for alias
<patdk-wk> but hmm, making ifdown not break everything will be harder I think
<patdk-wk> yep, quick easy fix to make ifup work :)
<patdk-wk> in ifupdown-0.7~alpha5.1ubuntu5/ifupdown.nw
<patdk-wk> line 4380, add: label %iface%, to the end
 * koolhead17 is bit excited
<patdk-wk> I also did it on 4494, but probably not needed, but might be, for tun interfaces
<patdk-wk> the testbuild file needs to be edited to add the label onto those checks for all ipv4 tests though, easy enough
<patdk-wk> see if I can locate the ifdown issue
<patdk-wk> well, locate is esay, fixing it not so much
<patdk-wk> hmm, ifdown isn't too hard, depending
<patdk-wk> need to add label %iface% to the ip flush dev
<patdk-wk> but then, need not all link set down at all, or it brings the whole interface down
<Ursinha> Daviey, hello
<BrixSAT> Hello
<BrixSAT> im trying to make wpa_suplicant connect to a hidden ssid but not successfull :(
<jdstrand> Daviey: fyi, while cyrus-imapd-2.2 is in universe, I thought I might point out http://people.canonical.com/~ubuntu-security/d2u/. there are several simple merge candidates for several releases. this could be good practice for core-dev/motu for someone here
<jdstrand> Daviey: and hello! :)
<MuNk``> Wondering if anyone here has had any success in getting Ubuntu to install on HP rx2620? after booting from the installation CD you enter setup and it then fails to continue to reconnize the CD anymore
<Daviey> jdstrand: Ooo, thanks!
<Daviey> Ursinha: heya
<Ursinha> Daviey, hey
<Daviey> hey Ursinha
<Daviey> jdstrand: Am i being a banana?  There are not yet LP bugs for those CVE's are therE?
<Daviey> (I assume you don't help a helper tool for raising bugs, where you throw in a CVE number? :)
<jdstrand> Daviey: I don't see bugs for that, no. we also don't have a tool to add a bug to LP. I won't go into why, but suffice it to say that LP does not meet the security team's needs for CVE triage, and we work out of https://launchpad.net/ubuntu-cve-tracker (add bug references to it when they come in)
<jdstrand> Daviey: if you open a bug, ping me and I'll add it to the open CVEs
<Daviey> jdstrand: sad, it looked like LP did start to do some good stuff for CVE work.  I guess it didn't get finished.
<jdstrand> Daviey: well, we need to track just way to much stuff. to get an idea, see README in uct
<Daviey> jdstrand: It's been a few months since i tried to switch to uct, is it that time again to try again? :)
<jdstrand> hehe
<Daviey> jdstrand: is bug 880909 correct?  (series targets?))
<uvirtbot> Launchpad bug 880909 in cyrus-imapd-2.2 "bypass access restrictions for some commands" [Medium,Confirmed] https://launchpad.net/bugs/880909
<jdstrand> Daviey: yeah. fyi, there is also CVE-2011-1926 and CVE-2011-3208
<uvirtbot> jdstrand: The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1926)
<uvirtbot> jdstrand: Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3208)
<zul> mornin
<Daviey> uvirtbot: Yeah, i was about to open seperate bugs for those.
<uvirtbot> Daviey: Error: "Yeah," is not a valid command.
<Daviey> err, jdstrand
<jdstrand> ack
<hallyn> stgraber, do you see any reason why we need resolvconf in the default list of packages installed by the ubuntu lxc template?
<hallyn> (re bug 880020)
<uvirtbot> Launchpad bug 880020 in lxc "oneiric container install problem #1: resolvconf" [Medium,Confirmed] https://launchpad.net/bugs/880020
<stgraber> hallyn: nope, it's actually the first thing I remove in my containers
<patdk-wk> stgraber, I updated that ifupdown bug with a mostly working fix :)
<hallyn> stgraber, ok, i'm still wondering why that fails to install, but i'll go ahead and remove that
<hallyn> i guess we can just remove it upstream and let it trickle down?  or do you think it's more urgent than that?
<hallyn> it only fails when inetutils-ping is also in the packagelist, btw
<stgraber> cool, I saw some comments in the debian bug too (for the ifupdown one)
<patdk-wk> what is the debian one?
<patdk-wk> see if I can steal any ideas to totally fix mine :)
<stgraber> yeah, I'm fine with removing it upstream
<patdk-wk> not that I care, as long as it's fixed for 12.04 :)
<dkn> hey all, accidentally mounted my external over a mount point that already had another partition mounted to it, everyworked, except, now the original mount is stuck and i can't stop the process relying on the mount, and i can't unmount cause the process is relying on it.... ? i'm sure a reboot would fix it, but i can't really do that right now
<stgraber> its linked from the one in launchpad, sorry I'm on my cell :)
<patdk-wk> no problem, just didn't notice it
<patdk-wk> heh, the debian people are misdirected on this issue :(
<hallyn> stgraber, funky actually i think resolvconf isn't hte problem, but inetutils-ping
 * patdk-wk wonders if his email got lost, or if debian just takes forever to update bugs
<stgraber> It took alma
<stgraber> doh...
<stgraber> It took almost an hour last time I sent a mail to the bugtracker
<patdk-wk> yuk
<patdk-wk> heh, it updated :)
 * koolhead17 thinks why is he so dumb
<scalability-junk> does someone have a rutorrent installation running on ubuntu 11.10?
<elz89> Why is it that when I 'apt-get update' on a fresh oneiric install, the last package fails with Hash Sum Mismatch?
<rbasak> Daviey: I've commented on bug 878180, you aren't subscribed. Not sure whether to put certain comments in the bug or the merge request or what.
<uvirtbot> Launchpad bug 878180 in xmlrpc-c "missing Breaks/Replaces" [High,Confirmed] https://launchpad.net/bugs/878180
<elz89> I was told to uncomment the CD line in sources.list, but this does not help the matter, and I can't figure out why I have the same CD line commented twice. I really do not understand how a fresh installation can be bug ridden. This is not the first stupid and trivial little problem I have had with this new Ubuntu Server Oneiric either?
<Ursinha> elz89, after commenting the lines, did you run a sudo apt-get update
<Ursinha> ?
<elz89> Ursinha: O it was you! lmao yes, of course I did, I just followed your instructions :-)
<Ursinha> elz89, :)
<Ursinha> elz89, and you keep getting the same error?
<Daviey> rbasak: wow, helluva script
<elz89> yeah
<rbasak> Daviey: yeah well, it beats doing it by hand again and making mistakes :)
<rbasak> Daviey: I don't expect that the script covers all cases but I'm pretty sure it covers this one OK
<rbasak> Daviey: (since the results are almost identical to what I got by hand last time)
<rbasak> Daviey: (and I've checked the differences by hand)
<elz89> Ursinha: yes
<Ursinha> elz89, hmm.. can you paste the whole thing for me on a pastebin? pastebinit is a really useful tool to do that :)
<Daviey> rbasak: well it looks good, but i am getting confused myself..
<Daviey> :)
<rbasak> Lots of things changed between those three versions :)
<uvirtbot> New bug: #880968 in lxc (main) "natty containers do not shut down - ureadahead task keeps running" [Undecided,New] https://launchpad.net/bugs/880968
<elz89> Ursinha: ok
<koolhead11> grrrrrrrrrr
<koolhead11> Daviey: am still at same :(
<hallyn> stgraber, are you still on cell phone?
<hallyn> stgraber, if not, could you review and sponsor http://people.canonical.com/~serge/lxc-resolvconf.debdiff ?
<uvirtbot> New bug: #880984 in cloud-init (main) "error resizing root filesystem" [Undecided,New] https://launchpad.net/bugs/880984
<stgraber> hallyn: I'm back from lunch. Having a look now
<stgraber> hallyn: oh nice, I meant to write that /run/lock fix as I had to do it for some of my containers already :)
<stgraber> hallyn: patch looks good, uploading now
 * koolhead11 needs some help with pbuilder
<hallyn> stgraber, thanks
<koolhead17> http://paste.ubuntu.com/718047/
<hallyn> guess i'ts time to sync lxc
<BuenGenio> guys, I will try to stay calm - it's 3am and I've been in the DC installing this new server for the last 6 hours
<BuenGenio> I have one question
<BuenGenio> # apache2ctl start
<BuenGenio> Action 'start' failed.
<BuenGenio> The Apache error log may have more information.
<BuenGenio> what is the flippin' problem?
<BuenGenio> the log file is empty
<BuenGenio> and for some reason the apache binary can't tell me what the error is on the command line
<SpamapS> BuenGenio: nothing in /var/log/apache2/error.log ?
<BuenGenio> no
<SpamapS> BuenGenio: did you try just 'apache2' ?
<BuenGenio>  apache2
<BuenGenio> apache2: bad user name ${APACHE_RUN_USER}
<SpamapS> sudo -u www-data apache2
<BuenGenio> sudo -u www-data apache2
<BuenGenio> apache2: bad user name ${APACHE_RUN_USER}
<SpamapS> oh haha right
<SpamapS> sudo sh -c 'APACHE_RUN_USER=www-data APACHE_RUN_GROUP=www-data apache2'
<BuenGenio> (2)No such file or directory: apache2: could not open error log file /etc/apache2/${APACHE_LOG_DIR}/error.log.
<BuenGenio> Unable to open logs
<BuenGenio> finally something..
<RoyK> BuenGenio: what's the owner/mode of that dir?
<SpamapS> BuenGenio: that may be a red herring ;)
<SpamapS> apachectl sets that variable IIRC
<BuenGenio> where?
<RoyK> SpamapS: shouldn't that be apaceh2ctl?
<SpamapS> yeah
<BuenGenio> now the error log says
<BuenGenio> 2)No such file or directory: apache2: could not open error log file /etc/apache2/${APACHE_LOG_DIR}/error.log.
<BuenGenio> Unable to open logs
<BuenGenio> root@cyclon:/etc/apache2#
<RoyK> BuenGenio: which distro version is this?
<BuenGenio> 11.10
<SpamapS> Heh.. 11.10 and you're up at 3am to fix it?
<RoyK> and, excuse me for asking, but why would you want to install something bleeding edge as oneiric on a server?
<SpamapS> RoyK: there are plenty of reasons.. if your website is only going to live for 6 months.. ;)
<RoyK> lol
<BuenGenio> ffs
 * SpamapS has flashbacks to consulting for "marketing companies"
<BuenGenio> bleeding-edge?
<RoyK> BuenGenio: it was released a week ago
<RoyK> BuenGenio: use LTS for servers
<SpamapS> BuenGenio: yes, 11.10 would be considered bleeding edge, having been released 2 weeks ago, and only having 18 months of updates
<BuenGenio> yes, well
<SpamapS> BuenGenio: still, it should work. :)
<SpamapS> I switched to nginx on my test servers back in 11.04 or I'd test it out for you there... ;)
<RoyK> SpamapS: famous last words....
<koolhead17> and only having 18 months of updates
<RoyK> BuenGenio: really, stick to LTS for servers unless you have a very good reason not to
<SpamapS> BuenGenio: anyway, back to your issue....
 * RoyK hands BuenGenio a lucid cd
<SpamapS> BuenGenio: how about 'sh -x /etc/init.d/apache2 start'
<SpamapS> BuenGenio: thats going to print *a lot*
<SpamapS> BuenGenio: but the thing I'm most interested in is the part where it execs apache2
<BuenGenio> http://pastebin.com/zsQS1wC9
 * SpamapS loves a good debugging partner who knows how to pastebin fast. :)
<genii-around> apache2 is not yet converted to upstart?
<SpamapS> no
<SpamapS> its probably never going to be
<RoyK> SpamapS: why??
<SpamapS> I honestly see no point in converting everything.
<SpamapS> all the desktop stuff, the boot-supporting stuff, yes
<SpamapS> but once you get to runlevel 2 .. just start normally
<SpamapS> RoyK: maybe when cgroups is in effect so we don't have to deal with expect fork.
<SpamapS> BuenGenio: ls -la /var/log/apache2
 * RoyK sometimes wonders why lucid was moved to upstart in the first place
<BuenGenio> -rw-r-----  1 www-data www-data  563077 Oct 25 02:41 access.log
<BuenGenio> -rw-r-----  1 www-data www-data   66324 Oct 23 16:54 access.log.1
<BuenGenio> -rw-r-----  1 www-data www-data     346 Oct 12 11:18 access.log.2.gz
<BuenGenio> -rw-r-----  1 www-data www-data   28853 Oct 25 03:22 error.log
<BuenGenio> -rw-r-----  1 www-data www-data  350245 Oct 23 06:25 error.log.1
<BuenGenio> -rw-r-----  1 www-data www-data    4675 Oct 16 06:25 error.log.2.gz
<BuenGenio> -rw-r-----  1 www-data www-data 1161523 Oct 25 02:41 other_vhosts_access.log
<BuenGenio> -rw-r-----  1 www-data www-data 1498700 Oct 22 12:39 other_vhosts_access.log.1
<SpamapS> BuenGenio: ack!
<BuenGenio> -rw-r--r--  1 www-data www-data    8939 Oct 15 14:46 other_vhosts_access.log.2.gz
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<BuenGenio> sorry
<SpamapS> BuenGenio: looks like there's stuff in error.log
<BuenGenio> it's way past my bed time
<BuenGenio> ;)
<BuenGenio> SpamapS, I set LogLevel to debug
<BuenGenio> that's why
<SpamapS> RoyK: upstart is necessary and useful for many, many things
<BuenGenio> http://pastebin.com/SX9qfYjK
<RoyK> SpamapS: sure, but sysv scripts work too.....
<BuenGenio> nothing unusual there
<SpamapS> RoyK: but for just the run of the mill network services.. I don't really think its a place to focus much attention.
<SpamapS> like, samba is integrated into auth and boot stuff.. its all intertwined, and needs the event based approach to start when needed
<SpamapS> but apache.. apache just needs to work.
<zul> apache and upstart? bah...
<SpamapS> BuenGenio: do you by any chance have any *encrypted* SSL keys?
<RoyK> BuenGenio: I'm just saying it'll be a lot easier to maintain the system if you chose lucid - it's LTS, supported until 2015...
<BuenGenio> it just seemed natural to go for the latest version....
<SpamapS> BuenGenio: think about how long that server is expected to live
<RoyK> BuenGenio: I know, but on ubuntu, that's not the case for servers
<SpamapS> BuenGenio: if its more than 18 months.. you *must* upgrade or be left without patches.
<RoyK> BuenGenio: that's why there are two tracks, LTS and "normal"
<RoyK> imho the "normal" track should be labelled "frequent"
<pmatulis> BuenGenio: maybe 'sudo strace -o start.txt apache2ctl start' and pastebin start.txt
<BuenGenio> I think it's done
<BuenGenio> it was an SSL website
<BuenGenio> I just toook it out ouf the config
<BuenGenio> well, can I not upgrade from 11.10 to an LTS release
<BuenGenio> when it's out?
<pmatulis> BuenGenio: yes, of course
<pmatulis> BuenGenio: which is a very reasonable approach, don't let these guys scare you  :D
<BuenGenio> i just wish it apache told me what the problem was right away =)
<pmatulis> BuenGenio: you had an encryted ssl private key then?
<BuenGenio> tayes
<BuenGenio> yes
<alaing> I'm not sure if this is the right place but here goes. I'm using ubuntu server edition 11.04 and apache. I've just installed coldfusion which by default places its admin pages under /var/www now I've moved those out inthe the filing system for security reasons. I'm getting the basic page layout but the css/images are not working because they looking for the files under /var/www is there away...
<alaing> ...I can get apache to redirect those requests to the new folder structure?
<cjs226> where's the proper place to put an init script if not using upstart?  I've tried /etc/rc0.d/K01â¦  but it's not working
<SpamapS> BuenGenio: actually thats most likely a bug in code that I wrote.
<BuenGenio> well, I hope I helped you fix it ;-)
<BuenGenio> I'm really looking foward to bed now :P
<RoyK> BuenGenio: 12.04 will be released in half a year or so
<SpamapS> BuenGenio: SSLPassPhraseDialog  exec:/usr/share/apache2/ask-for-passphrase
<SpamapS> BuenGenio: don't you still need that one SSL site to be up? ;)
<RoyK> BuenGenio: and will change the update manager config to default to upgrading only LTS
<BuenGenio> thanks guys, wiill parse the chat logs tomorrow ;)
<SpamapS> cjs226: /etc/init.d
<BuenGenio> thanks
<SpamapS> cjs226: for all that I said about not using upstart.. I do think its easier to write an upstart job for simple services than it is to write a sysvinit script ;)
<SpamapS> BuenGenio: anyway, when you're ready to try and fix that SSl site, try commenting that line out of /etc/apache2/mods-enabled/ssl.conf ... if that fixes it.. please file a bug. :)
<cjs226> SpamapS: easier even for shutdown?  i need to include some logic and am thinking I'd rather just use init.d.  to my question, i have the script in /etc/init.d and link it to /etc/rc0.d/K01â¦  is that the correct procedure?
<SpamapS> cjs226: yes its easy for shutdown too
<SpamapS> cjs226: no, the correct thing to do is put the script in /etc/init.d , then use 'update-rc.d' to enable /disable it.
<cjs226> SpamapS: true. i did that and it appeared to just link it like the ole days
<cjs226> SpamapS: but didn't run upon shutdown
<SpamapS> cjs226: are you sure it didn't run? maybe it had an error
<cjs226> SpamapS: i don't believe it did.  in fact i appended everything with a echo out to a log which was never updated.  ok, maybe i should start fresh.  if i wanted to use upstart, the normal logic, etc. I'd use in an init script would go in a pre-stop stanza?
<SpamapS> cjs226: depends on a few factors
<SpamapS> cjs226: if you need to do more than just send SIGTERM .. then yes, do that in pre-stop
<cjs226> SpamapS: thx
<SpamapS> cjs226: also if you are doing anything that will take longer than 10 seconds, its advisable to 'stop on starting rc RUNLEVEL=[016]' and 'start on runlevel [2345]' ..
<SpamapS> cjs226: the shutdown only waits about 10 seconds for stuff to stop cleanly if it does 'stop on runlevel [016]'
 * RoAkSoAx will be back in an hour
<lauris> hi, what's the best choice of IMAP server on ubuntu?
<lauris> in terms of security/performance
<jMCg> lauris: Last time I managed one, it was dovecot
<andol> lauris: Well, dovecot is at least not the wrong choice.
<jMCg> These days I use Zimbra.
<lauris> i tried Zimbra once, the feel was like it is very heavy & slow
 * RoyK too
<RoyK> that is, I use zimbra
<RoyK> it's on the heavy side, truely, probably because of the java bits, but it works well and is easy to administer
<lauris> how about performance?
<RoyK> but then, you need a dedicated machine or VM with 2GB RAM or so
<RoyK> lauris: sufficient
<jMCg> I give mine about 3.5G, IIRC.
<lauris> broadly speaking, zimbra is an alternative to exchange?
<RoyK> lauris: yes
<lauris> RAM is cheap these days
<jMCg> Java eats RAM, and lots of it. The more RAM you can spare the more performance it'll deliver.
<lauris> so this is not an issue
<lauris> is there a mobile app for zimbra?
<lauris> iOS/Android
<RoyK> lauris: depends how long you strech it ... MS concludes that memory overcommit isn't needed in hyper-v for that reason :P
<jMCg> memory overcommit isn't needed. [Period]
<lauris> :))
<lauris> i'll try it
<RoyK> jMCg: it's very useful with xen and vmware .....
<jMCg> http://lwn.net/Articles/104179/
<jMCg> The red part is where they explain how memory overcommit + OOM killer work nicely together in an analogy understandable to everyone.
<jMCg> RoyK: what works well for Xen and VMware is COW. And we've know and used that kind of stuff since ~1974. Even Linux has it.
<RoyK> jMCg: memory overcommit in kvm sucks rather badly, it's better in xen and it works even better in vmware - I have that info from people who have used all of those platforms
<RoyK> memory overcommit != CoW
<lauris> RoyK, does open source edition have all the features from commercial version?
<RoyK> lauris: zimbra?
<lauris> yes
<RoyK> lauris: IIRC the OSS zimbra lacks some smartphone things, outlook connector and a few others - ask on #zimbra
<lauris> oh, sorry :)
<RoyK> np, just pointing you to a better place ;)
<jMCg> RoyK: my experience so far is limited to Xen and KVM, but the point I'm arguing against here I really experienced *in* the guests. I give them 4G of memory, they pretend to have unlimited amount, give it freely on malloc() and then start OOMkilling processes, because, low and behold, we're running out of *real* memory.
<jMCg> That's something I really like about Solaris: You want to spawn a process? You want a malloc()? Well sorry, no more memory. Let's start swapping like crazy. If you don't want to see this, buy more RAM.
<lauris> RoyK, i found a page of product comparison
<RoyK> k
<jMCg> lauris, RoyK - I use icssync for the calendar on my Android and the mail works just fine with the mail app.
<jMCg> But you don't get push.
<lauris> for my personal needs i use gmail, it syncs perfectly on my android phone :)
<jMCg> While forwarding all my data to google for ad-analysis.
<RoyK> that's not really relevant to zimbra, is it? ;)
<Wietienkie> hi, I'm having a problem with RAM detection on a 64bit installation
<Wietienkie> there's 6 GB in the server, but only 3 GB are recognised...
<Wietienkie> I'm using 10.04
<Wietienkie> anyone know what might be the cause?
<Wietienkie> been googling all evening, couldn't really find something
<RoyK> Wietienkie: what does uname -a have to say?
<uvirtbot> New bug: #881097 in ipsec-tools (main) "Please merge ipsec-tools 1:0.8.0-9 (main) from Debain unstable (main)" [Undecided,In progress] https://launchpad.net/bugs/881097
<Wietienkie> RoyK: already checked that, but here goes:
<Wietienkie> Linux hkserv 2.6.32-34-server #77-Ubuntu SMP Tue Sep 13 20:54:38 UTC 2011 x86_64 GNU/Linux
<Wietienkie> so yeah, it's x86_64
<RoyK> Wietienkie: does linux see less memory than what's reported by BIOS?
<Wietienkie> I have no access to the bios now, sadly
<RoyK> I guess you'll have to check that first
<RoyK> also, pastebin lshw output
<Wietienkie> I checked with cat /proc/meminfo though, and it reports 3GB only, so I do fear the bios sees 3GB only
<Wietienkie> the mobo is supposed to support 8GB
<Patrickdk> if they installed high desity ram, instead of low density, then yes, it would do that
<Wietienkie> http://pastebin.com/19sPbmDL
<Patrickdk> maybe they where put in the wrong banks?
<Patrickdk> so that the 1g stick is paired with the 2gig stick? instead of 1g to 1g
<Wietienkie> well that's what I'm thinking of too right now, but I'm not sure though
<Wietienkie> yeah, the 1 GB is paired with the 2 GB stick
<RoyK> wierd - the DIMMs are therÃ«... I've seen similar stuff on linux machines, though
<Wietienkie> fffff, shouldn't have been so lazy and have looked up what's the best
<Patrickdk> royk, that isn't too odd :)
<Wietienkie> damnit, google is revealing something more to me
<Patrickdk> that just reports what the stick says it is, 2gigs
<Patrickdk> doesn't mean the computer can see the whole 2gig stick :)
<Wietienkie> Due to Intel 965 chipset limitation, max addressable memory is 4GB
<Wietienkie> chipset is P965...
<RoyK> Patrickdk: but 3GB? not 4?
<Patrickdk> most likely
<Patrickdk> it limits each ram slot to 1gig
<Patrickdk> actually, that was 64bit
<Patrickdk> depends
<Wietienkie> yeah well, don't really get it
<Patrickdk> not sure how that chipset works, it might use up that space for pci stuff
<Patrickdk> I have had systems limited to 2.4gigs ram cause the rest was pci/pcie/agp crap
<RoyK> Patrickdk: 1+2+1+2 should be either 6GB or 4GB IMHO
<Wietienkie> I know the P945 was a bitch on supporting max 4 GB while declaring to be 64 bit
<Wietienkie> strange thing
 * RoyK is off to bed - night all
<Patrickdk> royk, yes, but you have reserved memory space
<RoyK> Patrickdk: not 1GB!
<Patrickdk> if the computer can't map that extra ram to >4g, you loose it
<Wietienkie> also on the details of the motherboard it states it supports up to 8 GB
<Patrickdk> roy, I have lost up to 1.5gigs cause of it
<RoyK> sounds very unlikely
<RoyK> but then - it's late - night ladies
<Wietienkie> night
<webPragmatist> anyone have an idea how to get sftp to obey a umask
<webPragmatist> i tried pretty much everything on http://jeff.robbins.ws/articles/setting-the-umask-for-sftp-transactions
<webPragmatist> currently i have Subsystem sftp /bin/sh -c 'umask 0002; /usr/lib/openssh/sftp-server'
<webPragmatist> also tried modifying pam.d
<webPragmatist> :(
<webPragmatist> what the heck
<Takyoji[laptop]> Is it possible to have apt-cache (or whatever works best) on a 10.04 LTS server and passively cache packages for 11.10 desktops?
<Takyoji[laptop]> I'm working on a school setup; and the download speed is only ~1Mbps (T1)
<webPragmatist> it doesn't run the .sh if i modify the Subsystem
<qman__> Takyoji, yes
<qman__> how you do it depends on which software you choose, but proxies will cache anything you want
<qman__> and mirrors you have to set up each distro you want to mirror for
<Takyoji[laptop]> So what would be a reasonable minimalistic setup for such>
<qman__> caching proxy
<qman__> probably apt-proxy or squid
<qman__> mirrors are on the very costly side, proxies only keep what you download
<qman__> but if your internet is really slow or unreliable a mirror may be the way to go
<Takyoji[laptop]> and I'm also thinking what precautions would be needed for the sake of limiting it from being a way around the firewall
<qman__> you run it through the firewall just like everything else
<Takyoji[laptop]> But the server is exempt from all the rules
<qman__> all it needs to do is download HTTP from the mirror sites
<uvirtbot> New bug: #881146 in samba (main) "doing a system upgrade (ubuntu natty to 11.10) samba cannot be upgrded.package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/881146
<qman__> why, exactly?
<Takyoji[laptop]> but anyway, doesn't apt-cache-ng pretty much passively cache?
<webPragmatist> ratherâ¦ the sftp-server.sh script works but umask 0002; does nothing
<qman__> don't know
<qman__> but the best way to do it IMO is a transparent inline proxy
<qman__> no client setup needed
<Takyoji[laptop]> I think the reason is: there's no internet access allowed at all, unless if you HTTP auth with the proxy
<qman__> well, if you're already running a proxy, you'll have to configure that proxy to cache apt
<qman__> you can't use two different proxies at once
<webPragmatist> dir is drwsrwsr-x
<qman__> or chain them with firewall trickery
<qman__> but I can see that causing some issues
<qman__> actually, you probably could use two different proxies if you configure apt to one and browsers to another
<Takyoji[laptop]> but as stated, the server itself is exempt, thus doesn't even need to configure with a proxy. It's some awkward trickery of an Astaro server (or at least of how they configured it)
<qman__> but it's still a mess you really don't need, just configure the one proxy
<Takyoji[laptop]> my point is that I don't want the apt package cache as a way around the firewall for client desktops with malintent
<qman__> then set the firewall up properly
<qman__> the server shouldn't be completely exempt from the firewall, it should have exceptions for what it needs to do
<qman__> but if your clients are already using a proxy
<qman__> just configure that proxy to cache apt
<Takyoji[laptop]> The reason for the firewall is so that you have to authenticate to get internet access entirely. I don't think there's any domain-specific restrictions or anything. Also, the firewall isn't a Windows/Linux system, it's some proprietary server rack, not even sure how it's configured
<qman__> black boxes aren't good security practice
<qman__> but even so, if you go the squid route, you can configure squid to only allow outgoing connections to the mirrors you want to cache
<qman__> a site whitelist
<Takyoji[laptop]> and yes, if I was the decision maker, I wouldn't have something that's pretty much a black box for security at all. xP
<qman__> it's not that it's a proprietary system, it's that you don't know how it's set up and what it does
<webPragmatist> daskjfdsfjsdfsadiojf\\\
<webPragmatist> what the heck
<SpamapS> Takyoji[laptop]: so you can get the admins to poke a hole out for a restricted proxy, right?
<Takyoji[laptop]> It's how they originally set it up; I haven't had any intervention
<Takyoji[laptop]> Anyone know the different between apt-proxy and apt-cacher?
<Takyoji[laptop]> difference*
<twb> Takyoji[laptop]: yeah, they do the same job but were written by different people
<SpamapS> Takyoji[laptop]: apt-cacher-ng is "the next gen" cacher.. I guess. ;)
<Patrickdk> they work differently though
<Patrickdk> apt-proxy I thought worked before the fact, and apt-cacher was as needed
<twb> I have used both, and they have lots of annoying heisenbugs
<Patrickdk> apt-cacher is slower than dirt for me, apt-cacher-ng works good
<twb> Either use a proper (if partial) mirror with debmirror or apt-mirror, or use a "dumb" cacher like squid
<Patrickdk> twb, I have had nothing but issues with squid and .deb
<twb> I use debmirror now and I have no problems with it, and the end result is MUCH fast
<twb> Patrickdk: it's mainly an issue if you rice up your squid.conf, like "don't cache small files"
<Patrickdk> apt-mirror is nice, just a huge hog if you don't need everything
<twb> I don't know about a-m, but debmirror allows you to exclude stuff
<Patrickdk> twb, na, I had it cache everything up to 20gigs
<Patrickdk> I'm happy with apt-cacher-ng though
<Patrickdk> I use one hostname for it
<twb> Shrug
<Patrickdk> and use local overrides at different locations, so that it goes to my home apt-cacher-ng, or colo apt-cacher-ng if I'm roaming
<Patrickdk> so I pretty much always have something relatively fast
<twb> http://paste.debian.net/139591/ is what I do, it uses 78GiB today, and it pulls from an unmetered ISP mirror so I don't care.
 * Patrickdk is annoyed do-release-upgrade isn't using apt-get proxy settings :(
<twb> And that means all my jails have a bind-mounted or NFS-mounted file:// mirror which means it's super fast
<Takyoji[laptop]> also can a person resize a (md) software RAID 1? :P
<Patrickdk> sure
<Patrickdk> just give md a larger drive
<Takyoji[laptop]> I mean smaller
<Patrickdk> sure, just reformat
<SpamapS> Actually I believe there is a known issue with squid and the archive having to do with Release and Packages files coming from slightly out of sync mirrors .. but it only should affect dev releases and occasionally security/updates when they change.
<Patrickdk> dunno md supports that really
<Takyoji[laptop]> When I was installing the OS through the alternate CD, it didn't really give me the option of more than one partition for the RAID
<SpamapS> Something to do with the mtimes and Expires headers that the mirrors give back
<Takyoji[laptop]> and I hope I don't have to fully reformat and install again. xP
<Patrickdk> spamaps, I seem to hit that issue a few times a week
<Patrickdk> I finally gave up on squid
<SpamapS> Patrickdk: yeah I think there may actually be investigation underway to handle this better
<Patrickdk> I seemed to have pushed the ifupdown issue along on debian some
<Patrickdk> but someone with enough knowledge about it is going have to finish fixing it
<Patrickdk> that part doesn't sound promising
<SpamapS> Patrickdk: working at using iproute2 for the static method?
<Patrickdk> well for aliases
<Patrickdk> would defently annoy me in 12.04 :)
<Patrickdk> and my ipvs config
<Patrickdk> that is the whole point I'm here :)
<Patrickdk> to push along things, and resolve issues that affect me :)
<Patrickdk> I totally don't get whatever language ifupdown.nw is written in though
<SpamapS> nowebm
<SpamapS> Its C+postscript .. totally nuts
<SpamapS> "literate" programming
<Patrickdk> oh, a cobal offtake? :)
<SpamapS> the theory is you print out the program with its documentation or something like that
<SpamapS> I find it to be *maddening*
<Patrickdk> ya, I had a huge issue attempting to tell code from documentation
<SpamapS> because its not just nowebm that makes it hard to understand, it also does some weird, weird code generation
<Patrickdk> then I seemed to notice it was kind of like a badly made makefile
<Takyoji[laptop]> So awkward that postfix is hinted to be installed when installing mdadm
<Patrickdk> why?
<Patrickdk> how else would mdadm warn you of a bad drive?
<Takyoji[laptop]> ahh, true
<SpamapS> the defn2c.pl script is my favorite
<SpamapS> perl to translate some made up thing into C
<Nicolas> Hi! I have a problem with setting up 2 network cards with 2 static ip adresses. I set up the /etc/network/interfaces file but no way I can bring eth1 to life... or eth0:1 just to give a try to the virtual network card.... Can somebody help? Thanks! (ubuntu 11.10 server 32 bit)
<matrix3000> I need assistance with DNS, for some reason I am unable to establish a lookup from another system. When pointing to the bind dns server, on ubuntu, and i updated the /etc/resolv.conf on the client system to point to the ubuntu bind dns server I cannot browse the internet. Was there anything I am missing in terms of allowing a lookup against the root zone?
<Patrickdk> nicolas, what exactly is a virtual network card?
<omni_> Is there a command to log out of a GUI back into terminal?
<Patrickdk> omni_, ubuntu-server has no gui
<omni_> Patrickdk, i know, i installed one and realized it was not what i wanted. Now when i re-boot i log into the Gnome and want to get out of it.
<Nicolas> Preickdk: I have just seen in many how to that you can set up virtual interfaces with this, but I have to phisical NIC, eth0 and eth1
<Patrickdk> totally not sure what exacly eth0:1 has to do with a virtual interface, *:x are aliases, not virtual
<Nicolas> yes, alias, my mistake sorry
<Patrickdk> what does ifconfig eth1 show?
<Nicolas> the thing is that a separate IP address is needed for one domain but the others are on a different and that is why i would like to setup eth1
<Patrickdk> nothing in that last sentense made any sense at all, but it all sounds completely non-relevent
<Nicolas> auto lo
<Nicolas> iface lo inet loopback
<Nicolas> # The primary network interface
<Nicolas> auto eth0
<Nicolas> iface eth0 inet static
<Nicolas>         address 94.247.88.164
<Nicolas>         netmask 255.255.255.0
<Nicolas>         network 94.247.88.0
<Nicolas>         broadcast 94.247.88.255
<twb> Urk
<Nicolas>         gateway 94.247.88.1
<Nicolas>         #dns-* options are implemented by the resolvconf package, if installed
<Patrickdk> nicolas, you need lots of help
<Nicolas>         #dns-search binga.hu
<Nicolas> auto eth1
<Nicolas> iface eth1 inet static
<Nicolas>         address 94.247.88.245
<Nicolas>         netmask 255.255.255.0
<Patrickdk> use a pastebin, and no one asked for that
<Nicolas>         network 94.247.88.0
<Nicolas>         broadcast 94.247.88.255
<Nicolas>         gateway 94.247.88.1
<Nicolas>         #dns-* options are implemented by the resolvconf package, if installed
<twb> He needs to have his network access administratively revoked
<Nicolas>         #dns-search barnabees.hu
<Nicolas> oops sorry :$
<Patrickdk> that config though, is totally messsed up
<Nicolas> yes, I know :(
<Patrickdk> linux really doesn't like to have multible nics on the same network
<Patrickdk> normally you get lots of, packet received on wrong nic, errors
<twb> Patrickdk: short of bridging
<twb> Nicolas: just put both addresses on one interface
<Patrickdk> twb, wouldn't bridging just cause stp to make one not work? therefor fixing the issue?
<matrix3000> anyone want to help me with a dns issue? basically i can resolve domains on teh dns, but it isn't using the root servers fro anything else
<twb> Patrickdk: er, sorry, trunking
<Patrickdk> ya, trunking is totally different :)
<Patrickdk> trunking/bonding
<uvirtbot> New bug: #881160 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/881160
<Nicolas> and how can I do it?
<Nicolas> sorry I am very noob to this....
<Patrickdk> Nicolas, what is your goal?
<Patrickdk> you haven't told us what your attempting
<Patrickdk> other then show us what you did, and we said, wouldn't work
<Nicolas> my goal is to make both IP addresses work, one is for only one domain and the other is for many
<methods1> where are init jobs configured now ?
<methods1> there is no more inittab right ?
<Patrickdk> Nicolas, what is *a domain*
<twb> http://paste.debian.net/139595/
<twb> Nicolas: ^^ that is an interfaces stanza that puts multiple addresses on one interface
<Nicolas> there is a domain name that needed a separate ip addreess because of an ssl certificate or something like this and I got a new IP from the ISP and I would like to make it work in the sever
<Patrickdk> nicolas, ya, using eth1 is not going be easy for that
<Patrickdk> use eth0:1 instead
<Patrickdk> and when you do that, use a netmask of 255.255.255.255
#ubuntu-server 2011-10-25
<Patrickdk> remove the network/broadcast/gateway/dns*
<twb> Patrickdk: nooooo
<twb> Patrickdk: :1 bullshit is the old stinky way
<Patrickdk> hmm?
<Patrickdk> using up, isn't new/better
<twb> Patrickdk: ifconfig doesn't understand that interfaces can have zero, or many, addresses, so that :1 stuff is a dirty hack
<Patrickdk> as it does the exact same thing
<Patrickdk> eth0:1 doesn't even use ifconfig
<Patrickdk> so why does it matter?
<twb> Er, ifupdown uses ifconfig internally as at 0.6
<Patrickdk> twb, but ubuntu doesn't use 0.6 anymore
<Patrickdk> twb where have you been living? :)
<twb> LTS
<Patrickdk> he said 11.10 :)
<twb> OK I missed that
<twb> But I still think :1 is a stupid stinky way to simply have multiple addresses
<Patrickdk> it is
<Patrickdk> but as long as the interfaces file supports it
<Patrickdk> why use a nother hack to get around a hack
<Patrickdk> atleast the supported hack is suppost to be supported :)
<Patrickdk> iface eth0:1 static, is the same as ip addr xxxx, now
<Patrickdk> and that is what has caused the issue with ifupdown
<Patrickdk> that we are getting fixed on debian/ubuntu
<Patrickdk> ifup works fine
<Patrickdk> issue is ifdown
<Patrickdk> but that won't really affect him
<twb> meh, I don't see inet manual as that big a hack
<Patrickdk> inet manual?
<twb> see pastebin
<Nicolas> now i did the following: auto eth0:1 iface eth0:1 inet static address 94.247.88.245 netmask 255.255.255.255 but still not working
<Patrickdk> oh, that is very dirty hack to me
<Patrickdk> how can I take down/up one ip at a time
<Patrickdk> expecially for failover
<Patrickdk> not with that code
<twb> Use ip, I guess
<twb> I haven't ever needed to do that
<Patrickdk> I only do in my ipvs configs
<Patrickdk> nicolas, what is classified as not working?
<twb> I guess what it boiils down to is that ifupdown has pissed me off enough over the years with being baroque and flaky, that I use inet manual because I can see what's happening and it tells ifupdown not to be clever
<Patrickdk> what was the *test*?
<twb> And obviously setting netmask and/or brd by hand blows
<Nicolas> trying to ssh or entered into the browser: no respone
<Patrickdk> output of 'ip a'
<Patrickdk> IN A PASTEBIN
<Nicolas> I am trying to find how to use the pastebin :$
<Patrickdk> http://pastebin.ubuntu.com
<Patrickdk> copy/paste, click submit :)
<Nicolas> http://pastebin.ubuntu.com/718385/
<Nicolas> thanks! :)
<Patrickdk> heh? eth1 is still active
<Patrickdk> ifdown eth1
<Patrickdk> ifup eth0:1
<Patrickdk> then pastebin again
<Nicolas> ok
<Patrickdk> twb, I used to do a /etc/init.d/networking restart :) back in 7.04 :)
<Patrickdk> glad I have stopped that
<Patrickdk> not even sure why I did that anyways, probably just being lazy
<twb> Patrickdk: because if you do it remotely without screen, bad juju can happen
<Nicolas> http://pastebin.ubuntu.com/718386/
<Patrickdk> always did it remotely without screen :)
<Patrickdk> nicolas, oh, you removed eth1 already so you can't ifdown eth1 :(
<Patrickdk> add auto eth0:1
<Patrickdk> so it looks like eth0
<Patrickdk> or it won't come up after reboot
<Nicolas> ok
<Patrickdk> and type in, ip set link dev eth1 down
<Patrickdk> actually
<Patrickdk> ip link set eth1 down
<Patrickdk> then pastebin once more
<Nicolas> ok thanks!!
<Nicolas> http://pastebin.ubuntu.com/718393/
<Patrickdk> looks good
<Nicolas> yes but still cannot connect with the ip 94.247.88.245 via ssh or when i enter into the browser it is timeout :S
<Patrickdk> is this server at a colo?
<twb> Nicolas: should that be a /32 ?
<Patrickdk> most likely the mac is cached on the swithc/router
<Patrickdk> and can take 8hours to timeout
<Nicolas> oh
<twb> Seems to me you want both to be /24's and the .164 to be primary
<Patrickdk> twb, I always use /32 for aliases
<twb> Patrickdk: huh, I'm surprised it works
<Patrickdk> cause it doesn't matter as long as one ip is within the netmask of the gateway
<Patrickdk> twb, why?
<twb> It just looks like it shouldn't
<Patrickdk> I have had mixed results of it not working when I don't use /32
<Patrickdk> where /32 always works
<twb> Mine looks more like this, and FWIW it works fine: http://paste.debian.net/139599/
<Nicolas> anyway, 245 would be the "master ip" and the 164 is for only one domain but I can change the domain's dns records once it works well :)
<twb> Nicolas: primary vs. secondary only matters here for outbound traffic to that net, and since you have a /32 it doesn't matter at all
<twb> Nicolas: outbound traffic will always pick the outbound /24 as the source ip
<Patrickdk> Nicolas, what is the network it's plugged into?
<Patrickdk> is it under your control or not? a colocation/vps place?
<twb> Incidentally when testing recommend trying ICMP echo-request and -reply before SSH; ICMP is connectionless so if you fuck up and have e.g. triangle routing, you can still see the response packets.  Might want to tcpdump, too
 * Patrickdk still bets it's a cisco router doing 8hour arp mac caching
<Nicolas> the server is at a hosting company
<Patrickdk> that way customers are less likely to spoof other customers
<Patrickdk> well, arp poison
<twb> :-)
<twb> Should just use IPv6, no ARP there :P
<Patrickdk> sure it is, just renamed to nd :)
<Takyoji[laptop]> I did something stupid and `rm /etc/ldap/slapd.d/*` and tried to uninstall slapd, although it backup up files in the directory I removed, therefore it freaks out and stops uninstalling, and I want to get slapd reinstalled fresh; any ideas?
<Patrickdk> same thing, same issue, same solution :)
<twb> Hum, I thought it was IPsec'ized ICMPv6
<Patrickdk> but atleast it lives in the ip layer then
<Patrickdk> no
<twb> Stupid tutle book lied to me!
<Patrickdk> arp in ipv6 is called ND, works the same as arp basically
<twb> *turtle
<Patrickdk> but ND lives in ICMPv6
<twb> Well, that's lame
<Patrickdk> instead of directly on layer2
<twb> I assumed it was protected by ipsec
<Patrickdk> no, it means you can do ND over layer 3 :)
<Patrickdk> it makes it really nice for like tunnels and stuff
<Nicolas> i so I have to wait 8 hours?
<Patrickdk> so you don't always hve to use tap
<Patrickdk> Nicolas, normally, or ask your colocation people to reset it
<twb> Now I will have to go back to plan B, which is to turn off arp/nd and hard-code ip neighbours tables in /etc/ntab or so
<Nicolas> ok, thanks!
<Patrickdk> twb, no one said you can't run icmpv6 on ipsec :)
<Patrickdk> but it doesn't by default
<twb> Patrickdk: hum, OK
<Patrickdk> I mean, it's ipsec, how would it do that by default :)
<twb> Patrickdk: I thought it was required for the "change-y" bits
<Patrickdk> change-y?
<twb> Like echo reply wasn't secized but stuff like "hey your new route should be over here" was
<Patrickdk> twb, nope
<Patrickdk> RA, ND, ... are not protected at all
<Patrickdk> same issues as ipv4
<Patrickdk> there might be a future additon map planned to do so, but not in use
<Patrickdk> I haven't read all rfc's
<Patrickdk> but I have read most, and haven't run across that
<Nicolas> I have changed the 88.245 to 88.165 and here it is the result: http://94.247.88.165/
<Nicolas> so i have to set the config file to 245 and wait for the switch... The guy tried to reset it but cannot do it
<patdk-lap> ya, if another ip works just fine
<patdk-lap> it's just arp/mac caching
<patdk-lap> if they dunno how to reset it, just let it timeout
<patdk-lap> normally the highest they can set it to is like 8hours
<Nicolas> ok, thanks!!
<Nicolas> thanks for your help!
<Takyoji[laptop]> So yes, is there a way to completely rid of the history of a package?
<twb> OK, who knows how to configure nut?  I have the master running on lucid, but I have a couple of old, fucked-up hosts that can't easily run upsmon.  So I need the master to use ssh forced-commands to shut them down at the right time -- I think I do this with NOTIFYCMD, but I'm not too sure what a worked example would look like.
<twb> Actually, a better way I think would be to replace SHUTDOWNCMD with a wrapper that SSH's the dumb hosts, then does the existing "shutdown -h now"
<lucascastro> oh... I'm trying to implement a traffic control on lucid.
<lucascastro> I've created a qdisc with htb and class with rate 512kbit and subclass with rate 128kbit and ceil 128kbit. But when I'm gonna do some download, get up of that.
<qman__> I've only had success limiting upload, downloads don't seem to work no matter what I do
<twb> ingress queuing is nontrivial
<lucascastro> I've not tried the upload, but you get me on a ideia. Try over the local interface, the problem is the local traffic will be limited.
<twb> It isn't helped by the kernel people pushing IFB when the rest of the world is sticking with IMQ
<lucascastro> I'll do some testes about it.
<qman__> you can mark traffic by its originating point
<qman__> with the iptables rule
<twb> And OBVIOUSLY you can't directly reduce the number of packets sent to you
<twb> s/number of/rate at which/
<twb> You can fiddle-fart around with e.g. TCP congestion stuff
<qman__> as in, rather than just mark all traffic destined to the LAN, only mark traffic that came from the internet
<lucascastro> qman__: I
<lucascastro> qman__: I'm doin' in that way.
<twb> What's the actual goal here?
<lucascastro> twb: traffic control coming from the internet.
<twb> tc as in rate limiting, prioritization, or both, or something else?
<lucascastro> yes.
<twb> :-)
<qman__> well, that's the means
<qman__> what's the situation requiring it?
<twb> I haven't done much myself but AIUI you want to go read about IMQ and/or IFB
<twb> qman__: good point
<lucascastro> but... I'm using it and had define the rate and ceil, but the download always get up of that.
<lucascastro> using TC I meant.
<qman__> I use it on my torrent box to limit global uploads and be nice to everything else on the network
<twb> lucascastro: so you tried something, and it didn't work?
<qman__> I don't actually have any shaping or QoS on my router
<qman__> works better without it
<twb> qman__: you probably have pfifo_fast
<lucascastro> twb: no pfifo_fast on the interface that htb it is.
<lucascastro> I checked it.
<lucascastro> I'll read abou IMQ and IFB
<twb> I meant on his router
<twb> That allegedly does no qos
<lucascastro> twb: Oh, yeah, sure.
<qman__> well, by that I meant it's just defaults
<qman__> no special configuration
<qman__> ubuntu server with ip_forward=1
<twb> pfifo_fast is the default on linux
<twb> It fifo buckets by ToS
<smoser> SpamapS, kirkland what apt mirror software do you use use?
<smoser> my full rsync mirror is running out of space thanks to precise. so i need a approx or squid-deb-proxy
<twb> smoser: debmirror
<kirkland> smoser: just plan squid now
<smoser> do you do anything to seed the development release ?
<smoser> ie, to keep it fresh while you sleep
<smoser> and can you share config ?
<smoser> kirkland, ^
<kirkland> smoser: nope, i suffer through the first one
<smoser> twb, thanks for your input.  for some reason i tihnk i'm leaning towards the caching proxy.
<kirkland> smoser: and gravy after that
<twb> smoser: cos yer dumb :P
<smoser> well, yes.
<smoser> but i think in the end it gives me better use of what i need here.
<smoser> kirkland, configs ? you just run squid on one box and point the others at that?
<twb> smoser: FWIW everyone I've met that runs either debmirror or apt-mirror has been happy with it and hasn't had any problems
<twb> smoser: and you can tell not to download e.g. priority: extra or section: games
<smoser> twb, well i was happy with the rsync mirror until i ran out of space.
<twb> plain rsync will pull in *everything* for all arches
<twb> Oh, and debmirror can use rsync as a backend :-)
<twb> 10:33 <twb> http://paste.debian.net/139591/ is what I do, it uses 78GiB today, and it pulls from an unmetered ISP mirror so I don't care.
<twb> But I'll stop the advocacy now :-)
<smoser> twb, you make a convincing argument
<BuenGenio> hello
<BuenGenio> we upgraded the mailserver to a new hardware yesterday, but during the upgrades we plugged and unplugged the old server several times, which means some new emails from yesteday stayed on the old box
<BuenGenio> we have the old server mounted over NFS on the new one - how do I reliably copy only the missing files from the old Maildirs to make sure people get their emails?
<BuenGenio> rsync, cp -ru ?
<twb> BuenGenio: IIRC maildir more or less just deals with that
<twb> cp -rnv I imagine
<twb> Fuck, I don't know
<twb> Best is just to let the users deal with it themselves by leaving dovecot running on the old system for a week
<twb> That's what I did
<BuenGenio> problem is we switched to the new server
<twb> "Dear users, the new mail server is <here> the old one is still <there>; in a week the latter will vanish, if you want that mail kept, move it from <there> to <here> before then."
<BuenGenio> so I unpacked the backup of the mail from the previous day
<qman__> I run into this problem on a regular basis with windows servers
<BuenGenio> which means there's a day's worth and a bit missing
<twb> Or just say "tough shit, you lost some mail."
<qman__> basically, if they're picky, I go in their outlook and do it for them, otherwise they're just cool with it
<twb> "Be thankful you get anything"
<twb> Tell them to treat it like an unexpected outage
<qman__> most customers understand that when you replace their server, sometimes shit happens
<qman__> for the rest, you just have to spend the time picking through their mail, or risk losing them
<BuenGenio> i'd rather they didn't
<BuenGenio> it's a rather large company, and I'm working here
<smoser> twb, so stupid question
<smoser> what happens when i i use debmirror and the cache misses ?
<twb> How do you mean?
<twb> debmirror creates a conventional first-class (i.e. internally consistent) apt repo
<twb> It's not a cache in the sense that it's partially missing
<smoser> right. so when it misses, what happens?
<smoser> say you had told it to not include '--section multiverse'
<smoser> and then 'apt-get install some-multiverse-pkg'
<twb> You get "no such package, WTF are you talking about"
<twb> What I typically do, mainly to guard against the debmirror cron job breaking, is to add a second entry for mirrors://... or so, so that if I ask for something not mirrored, it'll fall back on upstream (probably via squid)
<smoser> ok. that swhat i was asking.
<twb> Right, sorry, I misunderstood the question at first
<twb> Another example would be that I don't mirror sources at all, so deb-src just points straight to upstream
<TheEvilPhoenix> anyone know why nginx does not work with php5-gd?
<TheEvilPhoenix> nginx is configured to work with php, but it won't recognize php5-gd
<smoser> twb, mirror started. thanks.
<twb> OK, let me lay this on you
<twb> I have a host with- no, that can't be the issue
<twb> OK, so I have a KVM VM running lucid server, it's a client for LDAP/SSL and NFSv3.
<twb> Three times now I've caught it completely failing to run users' cron jobs
<twb> This time, cron is running and the problem occurred after the VM was rebooted.  IIRC the previous two times, cron wasn't running at all.
<twb> I was about to say "it's because it can't read /home when cron starts", but the crontabs live in /var/spool
<twb> One of the cron jobs is a script that automatically siphons money into my bank account, so I'm not anxious for it to silently stop working :-/
<Takyoji[laptop]> What would be a reason for an NFS share not mounting until a user authenticates?
<twb> Takyoji[laptop]: krb?
<twb> Takyoji[laptop]: what's fstab say
<Takyoji[laptop]> The params are: rsize=8192,wsize=8192,timeo=14,intr
<twb> Pastebin the entire fstab and the entire /proc/mounts
<Takyoji[laptop]> I'll have to login on the other system then, one moment
<twb> Might as well paste exports and thingo from the server, too
<Takyoji[desktop]> http://paste.ubuntu.com/718479/
<qman__> no auto?
<qman__> or is that not needed anymore?
<Takyoji[desktop]> Server http://paste.ubuntu.com/718480/
<Takyoji[desktop]> ahh, perhaps it might be needed
<twb> qman__: for NFS?
<Takyoji[desktop]> I'll test the on one system
<Takyoji[desktop]> I'll test that on one system*
<twb> NFS at boot time is pretty much broken by upstart, at least in lucid
<twb> mountall(8) is a great steam pile of kludge
<qman__> heh
<qman__> I'm behind the times with NFS anyway
<Takyoji[desktop]> So I'd probably have to resort to writing an upstart script? xP
<Takyoji[desktop]> Hay, auto helped
<twb> Takyoji[desktop]: har har
<Takyoji[desktop]> You sir, win one free internet and a stuffed penguin!
<twb> Takyoji[desktop]: more like throw away upstart and use a deterministic boot process
<magn3ts> How can I get nginx to start on boot in Oeniric?
<qman__> I set this thing up on 7.10 and haven't touched the configuration since, continued to work through all five release upgrades
<qman__> figured it was worth mentioning it
<twb> magn3ts: install it?
<magn3ts> twb, yeah, that's not cutting it. :/
<magn3ts> twb, I thought that's all I did in 11.04, but it didn't do such in 11.10 :[
<RoAkSoAx> win 3
<twb> magn3ts: does it provide an /etc/init or only an /etc/init.d?
<cjs226> I've run "/etc/init.d# update-rc.d myprocess_stop stop 1 0 1 6 ." which adds the appropriate links to /etc/rc0.d rc1.d and rc6.d.  however the scripts are called until AFTER a reboot.  any ideas?
<twb> Blergh
<twb> cjs226: it happens after a reboot because you're in single-user mode (runlevel 1)
<cjs226> no, I'm in runlevel 2
<alaing> hi i've got a usb wireless adaptor which is using RALink RT2870 chipset.I had it working on my ubuntu server edtion 11.04 until recently when I upgraded to 11.10. Can someone help me with it please
<josePhoenix> Hello all
<josePhoenix> My PostgreSQL db is saying "could not fork new process for connection: Resource temporarily unavailable"
<josePhoenix> Where should I look first? The system doesn't seem to be under heavy load (well the three load numbers in top look > 1, but actual cpu usage seems low)
<alaing> hi i've got a usb wireless adaptor which is using RALink RT2870 chipset.I had it working on my ubuntu server edtion 11.04 until recently when I upgraded to 11.10. Can someone help me with it please
<uvirtbot> New bug: #881304 in keystone (universe) "issues with ec2 middleware" [Undecided,New] https://launchpad.net/bugs/881304
<lynxman> morning o/
<Veovis_Muaddib> I'm looking through the man page and other sources for rsync, and I'd just like to make sure it's the best option before I start using it.  I would like to syncronize files on my Windows 7 desktop and netbook (Large files like videos or large amounts of smaller files like music) and keep the most up to date version on my server at home.  Is there a faster way to do this than learning rsync, or should I just go for it?
<Veovis_Muaddib> To clarify, I want to take files from my desktop and have them sync up to the server and then back down to my netbook, and vice versa
<BrixSat> hello i have a problem connecting wpa_supplicant to a hidden wpa network :/ it does not connect
<koolhead17> hi all
<uvirtbot> New bug: #881361 in puppet (main) "puppetmaster-passenger fails to install with puppet 2.6.4-2ubuntu2.5" [Undecided,New] https://launchpad.net/bugs/881361
<Daviey> lynxman: How is mcollective looking?
<lynxman> Daviey: almost done!
<Daviey> lynxman: crikey, if it is this complicated - we are doing something wrong
<Daviey> mdeslaur: around?
<mdeslaur> Daviey: yeah, looking at busted puppet
<Daviey> mdeslaur: Are comfortable triaging it?
<mdeslaur> Daviey: huh? I'm working on it, it's busted because of the security update (se much for the test suite...)
<Daviey> mdeslaur: Oh yes, just wanted to clarify that you are driving the issue?
<mdeslaur> Daviey: yes, I am, you can assign me to whatever bug comes in
<Daviey> rocking!  Thanks mdeslaur
 * koolhead17 pokes Daviey 
 * Daviey frowns at koolhead17 
<koolhead17> :P
<koolhead17> Daviey: how should i handle that php error issue during compilation then?
<koolhead17> hey lynxman
<Daviey> koolhead17: sorry, can you pastebin the error again?
<Daviey> (FWIW, Debian switched to git packaging and somewhat tried to switch to native packaging, badly.)
<koolhead17> Daviey: http://paste.ubuntu.com/718047/
<Daviey> koolhead17: the lintian W's are all warnings, which are on the Debian package aswell.
<Daviey> It's not something you have introduced.
<Daviey> The gpg error is because you don't have a gpg key, but you don't need that to get sponsored.
<Daviey> So it's all ok
<koolhead17> Daviey: whats next step now :)
<Daviey> koolhead17: have you built the package?
<Daviey> pbuilder-dist precise i386 build *ubuntu2.dsc
<Daviey> then install it from ~/pbuilder/pubilder_i386-result/*.deb (iirc)
<Daviey> then run "php5" and see if you get the warning
<Daviey> (best confirm this before installing)
<koolhead17> k
<Daviey> m_3: Are you around sir?
<koolhead17> Daviey: i should run chroot once am inside builder directory ?
<Daviey> koolhead17: erm, no
<koolhead17> Daviey: i am on oneiric machine and currently inside the pbuilder/precise_i386_result directory. i can see many .deb pkgs there.
<Daviey> koolhead17: kool
<Daviey> erm, so run "~:$ php5"
<Daviey> you shoudl see the error, correct?
<koolhead17> yes
<koolhead17> :~/pbuilder/precise-i386_result$ php5 The program 'php5' is currently not installed.  You can install it by typing: sudo apt-get install php5-cli
<Daviey> koolhead17: so, sudo dpkg -i *sqlite*.deb
<Daviey> err, wait
<koolhead17> :p
<Daviey> That is not the error, i was talking about
<rbasak> Daviey: looks to me like bug 858878 is an architectural issue with cobbler-web and any patch will not be trivial
<uvirtbot> Launchpad bug 858878 in cobbler "lack of csrf protection in cobbler-web" [High,Triaged] https://launchpad.net/bugs/858878
<rbasak> Daviey: cobbler-web is using things like GET requests with side effects
<Daviey> rbasak: Have you managed to create a minimal testcase which proves it's an issue?
<Daviey> koolhead17: you need to install php5 and php5-sqlite3
<Daviey> Check you hit the bug.
<Daviey> then install your *sqlite*.deb, and see if the error goes away
<rbasak> Daviey: not right now, because it started to download gigs of images (presumably that's what it is) I killed the instance to avoid running up a bill
<koolhead17> Daviey: cool. the two packages from the packages i built. using dpkg -l comamnd
<koolhead17> dpkg -i ok doing it
<Daviey> rbasak: you should be able to install cobbler on it's own without that, no?
<Daviey> koolhead17: wait
<koolhead17> k
<rbasak> yeah I tried cobbler on its own but the default configuration doesn't seem to work
<Daviey> koolhead17: I want you to proove the bug first, with packages from the archive
<rbasak> So I tried orchestra and that set it up sensibly
<Daviey> Then dpkg -i, to proove you have fixed t
<Daviey> it
<koolhead17> Daviey: got it
<koolhead17> Daviey: the package name is php5-sqlite :)
<Daviey> good stuff
<zul> morning
<koolhead17> Daviey: apache error log shows same warning as mentioned in bug. i will remove both package which i got from repo without deleting its deps and install the one i generated via pbuiled. i hope that is what is needed. :)
<lynxman> zul: morning o/
<lynxman> koolhead17: hey :)
<koolhead17> lynxman: this 4square is killer apps man!! tells everything :)
<koolhead17> hello zul
<lynxman> koolhead17: lol :)
<zul> lynxman: werent you merging rabbitmq-server?
<lynxman> zul: it was done a couple weeks ago...
<lynxman> zul: I pumped straight up to 2.6.1
<zul> lynxman: really?
<lynxman> zul: really
<zul> odd
<lynxman> zul: https://launchpad.net/~lynxman/+archive/ppa
<lynxman> zul: with all the standard plugins (
<lynxman> zul: with all the standard plugins (+3 more for the landscape guys)
<zul> okie dokie
<lynxman> zul: and this supports HA replication, which is cool
<zul> lynxman: because precise has 2.5.0 and testing has 2.6.1
<lynxman> zul: my 2.6.1 was before debian's, so might it help to just merge straight from debian (+ our very small delta) and then rebuild the plugins for precise?
<lynxman> zul: I need to push the plugins back to debian at some point as well
<zul> lynxman: thats what i was thinking
<lynxman> zul: will do that then, our delta is just a soft link
<zul> lynxman: if you are busy i can do it
<lynxman> zul: won't say no, I'm finishing this whitepaper... :)
<zul> lynxman: k
<zul> ill get to it next
<lynxman> zul: then rebuilding the plugins is just resending them to the enablement machines, they all work fine
<lynxman> zul: let me know if I can give any support
<Daviey> koolhead17: just dpkg -i *sqlite*.deb  , then run php5, should be enough
<Daviey> you don't need to look at logs
<koolhead17> ok
<koolhead17> i am getting some lovely deps issue while installing the the source pkg php5-sqlite /0\
<koolhead17> Daviey: http://paste.ubuntu.com/718788/
<Daviey> zul: did you see verification-failed for bug 871278 ?
<uvirtbot> Launchpad bug 871278 in nova "Cannot attach volumes to instances if tgt is used" [High,Fix released] https://launchpad.net/bugs/871278
<zul> Daviey: yeah i just havent gotten to it yet
<Daviey> zul: I think it's going to be superseeded by another upload.
<zul> Daviey: yeah i know the fix and will add it
<zul> Daviey: what another upload?
<lynxman> jamespage: ping
<Daviey> zul: yes, one will probably go out today.
<Daviey> (not including this fix)
<zul> Daviey: umm...ok...whats in it? :)
<koolhead17> Daviey: the deps error means i should install the rest to from source :P
<Daviey> uh?
<Daviey> koolhead17: fresh system, sudo apt-get install php5 php5-sqlite3 ; php5 ; (see the error) ; ctrl+c ; sudo dpkg -i *sqlite*.deb ; php5 ; (is the error still there?)
<koolhead17> ooh ok
<jamespage> lynxman: pong
<lynxman> jamespage: pming you
<uvirtbot> New bug: #881423 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/881423
<Daviey> it's sad that i have a command just for marking that bug as a dupe.
<koolhead17> Daviey: http://paste.ubuntu.com/718813/
<koolhead17> seems am still doing sumthing wrong
<Daviey> koolhead17: yes, the thing you are doing wrong is looking at the log :)
<Daviey> Just invoke php5 from the command line with:
<Daviey> dave@voodoo:~$ php5
<koolhead17> :P
<koolhead17> k
<Daviey> Do you see an error?
<koolhead17> Daviey: indeed :(
<Daviey> koolhead17: before the upgrade?
<Daviey> pastebin, dave@voodoo:~$ apt-cache policy php5-sqlite
<koolhead17> Daviey: even after the commands i excuted to install froms ource
<Daviey> koolhead17: why, why, why, are you installing from source?
<koolhead17> ooh :(
<koolhead17> [19:03] <Daviey> koolhead17: fresh system, sudo apt-get install php5 php5-sqlite3 ; php5 ; (see the error) ; ctrl+c ; sudo dpkg -i *sqlite*.deb ; php5 ; (is the error still there?) [19:04] <koolhead17> ooh ok
<Daviey> so which part is install from source?
<koolhead17> Daviey: http://paste.ubuntu.com/718817/  i meant my generated .deb ,sorry>
<Daviey> ah
<Daviey> Hmm
<Daviey> That implies something else is creating the module
<Daviey> koolhead17: try fiddling with debian/modulelist (see the sqlite entry)
<Daviey> i'm not sure if that should be removed, or changed to sqlite3
<koolhead17> Daviey: cool. let me re-run everything then :D
<koolhead17> :P
<koolhead17> from scratch
<koolhead17> Daviey: i told you. ownCloud is one such application which is being affected on oneiric because of it
<koolhead17> :(
<Daviey> koolhead17: sure, but use the minimal test case to fix it :)
<koolhead17> Daviey: yes sir!! :)
<koolhead17> i had removed    line about sqllite  form  "debian/modulelist" and compliled everything after that i hope i was not doing anything wrong there :p
<Daviey> sudo apt-get install php5-sqlite
<Daviey> $ php5
<Daviey> PHP Warning:  PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626/sqlite.so' - /usr/lib/php5/20090626/sqlite.so: cannot open shared object file: No such file or directory in Unknown on line 0
<Daviey> Is the test case. :)
<Ursinha> hello server people
<koolhead17> Daviey: got it. let me handle it now. :)
<Daviey> Ursinha: hey!
<Daviey> Ursinha: How did you get on looking for bitesize bugs?
<Daviey> and targets for precise?
<Ursinha> Daviey, not yet targeted, I'm crafting a list and will show you soon
<Daviey> Ursinha: anything you can show today? :)
<koolhead17> Daviey: is there such list on aluncpad
<koolhead17> *launchpad
<BrixSat> when i make zuxo insmod viawget.ko i get how come? "insmod: error inserting 'viawget.ko': -1 Operation not permitted"
<BrixSat> zuxo = sudo
<Daviey> koolhead17: there will be :)
 * koolhead17 googled to find meaning of bit size bugs. 
<smoser> hallyn, around ?
 * koolhead17 finds his karma going down frequently :(
<hallyn> smoser: yup
<smoser> can you attach a block device to a lxc container ?
<smoser> i'm guessing you can do it by just adding entries in /dev/ for it. right?
<hallyn> sure,the only thing is it doesn't do qemu-nbd style parsing of partitions.
<hallyn> you shouldn't even ahve to add the dev entries if you can specify the device in /var/lib/lxc/container/fstab
<hallyn> The host will then be mounting it for you
<smoser> i dont really want it mounted
<smoser> this question is targetted at 2 similar things
<uvirtbot> New bug: #881446 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/881446
<smoser>  a.) adding "config drive" to openstack lxc
<smoser>  b.) adding ebs disk attachment to openstack lxc
<hallyn> smoser: so you're talking about libvirt-lxc
<smoser> my interest in using this would imply that.
<hallyn> smoser: you might have to do smoething with the devices whitelist
<hallyn> smoser: pls dont' call libvirt-lxc lxc, you may get the wrong answer.
<hallyn> smoser: I *think* libvirt will create devices whitelist entries for all sepecified block devices at startup
<hallyn> but if you want to add it after the fact, you may need to manually add hte whitelist entry.  (not hard)
<hallyn> libvirt doesn't (last I knew) offer a way to do it through virsh
<smoser> ok. but it is something that could be done.
<hallyn> yup
<cjs226> Ubuntu 11.04: I've run "/etc/init.d# update-rc.d myprocess_stop stop 1 0 1 6 ." which adds the appropriate links to /etc/rc0.d rc1.d and rc6.d.  however the scripts are called only until AFTER the first reboot.  any ideas?
<Melior> hey, where do i set time in ubuntu server. my time is 1 day ahead of my normal time.
<davidgiluk_> does anyone happen to know anything about membase?   I've built it on ARM (Oneiric) and it passes the one 2 line example at the bottom or the membase build page - is there any simple test I can do to check it's sane?
<sroecker> Melior: maybe you use ntp to synchronize your time
<uvirtbot> New bug: #881464 in keystone (universe) "[MIR] keystone" [Undecided,Incomplete] https://launchpad.net/bugs/881464
<Melior> sroecker: sure, how?
<Melior> I tried ntpdate ntp.ubuntu.com
<Melior> 25 Oct 17:03:09 ntpdate[5814]: the NTP socket is in use, exiting
<sroecker> Melior: ntpdate ntp.ubuntu.com
<sroecker> oh
<Melior> oh, my laptop is showing the wrong date :O dooh
<zul> lynxman: where is the puppet branch you merged again?
<lynxman> zul:  lp:~lynxman/ubuntu/precise/puppet/update275
<zul> thanks
<lynxman> zul: np :)
<zul> lynxman: ftbfs
<lynxman> zul: *facepalm*
<lynxman> zul: builds in my ppa :/
<lynxman> zul: https://launchpad.net/~lynxman/+archive/ppa <-- it's right there
<zul> http://pastebin.ubuntu.com/718927/
<zul> nm....ill just get it from there
<lynxman> zul: ty :)
<Daviey> Meeting starting in 1 min, in #ubuntu-meeting
<uvirtbot> New bug: #881483 in vsftpd (main) "vsftpd needs dbus to get status informations as user" [Undecided,New] https://launchpad.net/bugs/881483
<uvirtbot> New bug: #881504 in tomcat6 (main) "java.util.MissingResourceException thrown in default setup" [Undecided,New] https://launchpad.net/bugs/881504
<mdeslaur> zul: fyi don't merge puppet 2.7.5, we need 2.7.6 to fix this: http://puppetlabs.com/security/cve/cve-2011-3872/
<uvirtbot> mdeslaur: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3872)
<zul> mdeslaur: oh...ok...i wont then :)
<jdstrand> seriously, dbus support for vsftpd?
<jdstrand> can that just be "Won't Fix"
<jdstrand> :P
<zul> jdstrand: no we must *do* that :)
<jdstrand> one could disable dbus support in vsftpd
<jdstrand> but whatever
<jdstrand> I was just surprised by it
<cjs226> Ubuntu 11.04: I've run "/etc/init.d# update-rc.d myprocess_stop stop 1 0 1 6 ." which adds the appropriate links to /etc/rc0.d rc1.d and rc6.d. Â however the scripts are called only until AFTER the first reboot. Â any ideas?
<RoyK> jdstrand: wtf is dbus?
<jdstrand> RoyK: a message bus that allows applications to communicate with each other. typically used in desktop environments. underneath the hood it almost always uses IPC
<RoyK> why would you want something like that for an FTP server?
<koolhead17> RoyK: hahaha
<uvirtbot> New bug: #881579 in samba (main) "syntax error in /etc/network/if-up.d/samba" [Undecided,New] https://launchpad.net/bugs/881579
<koolhead17> (11:26:36  IST) RoyK: jdstrand: wtf is dbus?
<jdstrand> RoyK: exactly! now you know the source of my shock and horror ;)
<koolhead17> Daviey: around?
<koolhead17> do i need to work on php5-sqlite now instead php5
<koolhead17> as suggested
<Daviey> koolhead17: oi
<Daviey> koolhead17: no, php5-sqlite isn't in later versions of ubuntu
<Daviey> (source package)
<koolhead17> Daviey: i have downloaded the php5-sql pkg and extracting the deb package
<koolhead17> to get sqlite.so
<koolhead17> now i wanted to know where should i move this :)
<Daviey> You shouldn't!
<koolhead17> oops
<Daviey> koolhead17: Keep doing what i suggested..
<Daviey> the 'helpful' suggestion on the bug report is wrong.
<koolhead17> oops. ok.
<koolhead17> checking extraplugin contents
<fuho> Hi, how would I go about anonymizing all my connections I have 2 VPS servers to my disposal. Is VPN enough?
<soren> fuho: Depends on who you're trying to hide from and why.
<fuho> noone in particular, just don't think i want to keep a slime trail behind me whereever I go.
<soren> Without further information, yes, VPN is probably fine.
<fuho> soren: Say I want to download couple thousand images from certain government agancy, and don't want my IP flooding their logs
<soren> Then no.
<soren> They'll just show up as being from your VPS.
<fuho> soren: Thats why I though I could link two VPSes, but then I would have to first gain access to someone elses server I guess, otherwise its always my device at the end.
<soren> Yeah, so you'd be doing something illegal to mask something legal.
<fuho> yeah
<JanC> you can go to a commercial VPN provider...
<fuho> soren: I don't think the fact that something is legal explicitly means you wont be punished for it.
<fuho> JanC: But then they would have my details. I just want my old anonymity back.
<Randolph> hi all
<JanC> what old anonymity?
<soren> fuho: Well, doing something illegal in the process sure makes it easier to justify going after you in the first place.
<Randolph> need help about ufw
<fuho> soren: You are probably right, I think I am just being paranoid.
<Randolph> could anyone help me ?
<Randolph> I enable ufw on ubuntu server 10.04
<soren> fuho: Nothing wrong with that. Just need to direct your paranoia.
<Randolph> that acts as a gateway
<fuho> soren: government and corporations
<Randolph> incoming traffic is allowed
<Randolph> oups
<Randolph> I made a mistake
<Randolph> incoming traffic is denied
<Randolph> outgoing traffic is allowed
<Randolph> but when I try to ping a machine on the wan from the lan , it is impossible
<Randolph> nobody knows about ufw setup on a gateway ?
<pmatulis> Randolph: do you allow in established sessions?  did you ensure the remote end has a route back to you?
<Randolph> there is no problem from wan to lan
<Randolph> <pmatulis>there is no problem from wan to lan
<pmatulis> Randolph: turn off the f/w and test that
<Randolph> I also tried this
<Randolph> <pmatulis>and all is OK when disabling ufw
<Randolph> <pmatulis>ping OK, telnet on port 80 to a machine on the WAN is OK
<pmatulis> Randolph: so you should pastebin your filter rules
<Randolph> <pmatulis>It seems my packets are blocked from eth1 to eth0
<pmatulis> Randolph: so you should pastebin your filter rules
<pmatulis> Randolph: and logging all blocked traffic will help too
<Randolph> <pmatulis>ufw status verbose
<Randolph> Status: active
<Randolph> Logging: on (low)
<Randolph> Default: deny (incoming), allow (outgoing)
<Randolph> New profiles: skip
<Randolph> To                         Action      From
<Randolph> --                         ------      ----
<Randolph> 22/tcp                     ALLOW IN    Anywhere
<Randolph> 53/udp                     ALLOW IN    Anywhere
<Randolph> 80                         ALLOW IN    Anywhere
<Randolph> 443/tcp                    ALLOW IN    Anywhere
<Randolph> 25/tcp                     ALLOW IN    Anywhere
<pmatulis> gah, i said 'pastebin'
<ersi> Randolph: Do you even have forwarding enabled
<Randolph> <pmatulis>yes I enabled it on systctl.conf
<Randolph> <pmatulis>net.ipv4.ip_forward=1
<ersi> Alright. That's good.
<Randolph> pmatulis: it seems my packets are blocked from eth1 to eth0
<pmatulis> Randolph: so you should pastebin your filter rules (output to 'sudo iptables -L -n' should do it)
<Randolph> pmatulis, I tried iptables -L and your command is more human readable
<pmatulis> Randolph: my command is more human readable? huh?
<Randolph> pmatulis, yes
 * koolhead17 never knew pbuilder-dist  command will take some much time on his laptop :(
<TheEvilPhoenix> anyone in here able to help me reduce the amount of memory mysqld uses, and also limit the number of threads it spawns/starts?
<RoyK> let's see... new 24 bay supermicro machine, a couple of 250GB drives for the root, some 18 2TB drives for a nice pool with striped mirrors, some SSDs, what can go wrong?
<RoyK> TheEvilPhoenix: how much does it use?
<RoyK> memory...
<TheEvilPhoenix> RoyK:  sec
<TheEvilPhoenix> 31MB per thread, times 8 threads
<RoyK> no, that's all shared
<RoyK> mostly
<TheEvilPhoenix> its currently using up the most memory (in terms of percentage per process)
<TheEvilPhoenix> well then this is problematic
<TheEvilPhoenix> because the VPS everything's on is running out of memory
<RoyK> how much memory does the VPS have?
<TheEvilPhoenix> 640MB, most if it used (562MB/240MB used)
<RoyK> that's not a lot ...
<TheEvilPhoenix> indeed
<TheEvilPhoenix> 'tis why i'm using nginx-minimal instead of apache or some shit
<TheEvilPhoenix> oops that slipped
<RoyK> TheEvilPhoenix: for a busy DBMS, you might want a bit more memory
<TheEvilPhoenix> its only a Joomla DB
<TheEvilPhoenix> and i think i found another memory hog
 * TheEvilPhoenix points at bind9
<TheEvilPhoenix> oh and teamspeak 3 voice servers
<TheEvilPhoenix> :P
<TheEvilPhoenix> that explains the memory usage
 * TheEvilPhoenix now has freed up >=110MB
<RoyK> teamspeak is evil
<RoyK> better us Mumble
<RoyK> works better and is OSS
<monaDeveloper> Hi I'm trying to update my php.ini file default values max file size uploads
<monaDeveloper> and I save that and restart my apache but always phpinfo() is the same
<kyconquers> I am trying to configure a mail server and currently have postfix with a ldap-table lookup. i tried adding dovecot as a MDA, so that postfix relays the email to dovecot but have run into alot of trouble. is there an advantige to using dove cot as a MDA, or is there a good alternative?
<AndreKR_unreg> Has anyone successfully run an Ubuntu EC2 instance in the EU West availability zone (don't even know if that makes a difference)? I tried several AMIs with several instance types now and couldn't connect to a single one of them.
<kirkland> AndreKR_unreg: I'm sure that utlemming and smoser have
<AndreKR_unreg> I read the name smoser while googling for a solution. ;)
<smw> AndreKR_unreg, I have successfully run it in US-East
<smw> AndreKR_unreg, chmod 600 yourkey.pem; ssh -i yourkey.pem ubuntu@host
<AndreKR_unreg> smw: I can't really imagine that makes a difference, but I will try now... can't believe that none of the official AMIs is working.
<arrrghhh> hey all.  i was told about a plugin for WHS, and was hoping there was something similar for Ubuntu/Linux.  it's called "Lights Out" and it basically suspends/hibernates/powers off the server depending on usage, schedule, etc.
<smw> AndreKR_unreg, have you gotten any EC2 image working?
<adam_g> AndreKR_unreg: which ubuntu release AMIs are are you using?
<AndreKR_unreg> smw: It doesn't even respond to ping. Last line of log: cloud-init boot finished at Tue, 25 Oct 2011 22:40:06 +0000. Up 18.41 seconds
<arrrghhh> the key is it has the ability to wake the server if there's any network traffic, etc...
<arrrghhh> i found powernap, but i'm not sure if i'll be able to wake the server back up
<smw> AndreKR_unreg, amazon blocks pings by default
<AndreKR_unreg> smw: Yes, the Amazon Linux images are working.
<AndreKR_unreg> smw: Ah ok, but I get connection timed out on SSH also.
<smw> AndreKR_unreg, launch this AMI; https://console.aws.amazon.com/ec2/home?region=us-west-1#launchAmi=ami-79772b3c
<smw> AndreKR_unreg, make sure that you put it in a security group that allows TCP on port 22 (ssh)
<AndreKR_unreg> adam_g: I tried ami-cc0e3cb8 (Lucid), ami-0e0f3d7a (Maverick) and ami-61b28015 (Oneiric).
<smoser> AndreKR_unreg, i suspect that you have not set up security groups.
<smw> smoser, he claims amzn linux worked :-\
<AndreKR_unreg> smoser: I have set up the default decurity group with ICMP Port ALL, TCP 0-65535 und UDP 0-65535 allowed.
<smoser> well, we need console output (although i doubt that will work) and then how he is trying to ssh in.
<smoser> ssh -i mykey.pem ubuntu@ec2-host
<uvirtbot> New bug: #881721 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: subprocess new post-removal script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/881721
<smoser> AndreKR_unreg, but, fwiw, thouse amis *do* work, we use that very one (ami-cc0e3cb8) multiple times a day during publish of other builds.
<AndreKR_unreg> smoser: On what instance type do you run it?
<AndreKR_unreg> smw: I launched ami-79772b3c on a t1.micro instance, let's see what happens there. No log yet.
<AndreKR_unreg> smoser: And I launched ami-cc0e3cb8 on an m1.large...
<smw> AndreKR_unreg, can I have the ip?
<AndreKR_unreg> smw: smoser: Here's the log of the EU one: http://pastebin.com/6L23nXpf
<AndreKR_unreg> ec2-46-137-65-115.eu-west-1.compute.amazonaws.com
<smoser> it really seems like you dont have security groups set up correctly.
<smoser> the instance is up andwaiting for you.
 * smw concurs 
<smw> AndreKR_unreg, are you sure it is using the correct security group?
<smw> AndreKR_unreg, are you sure that that security group is setup correctly?
<smoser> http://paste.ubuntu.com/719282/
<smoser> nmap says you're firewalled off.
<smoser> AndreKR_unreg, euca (or ec2-) euca-describe-instances $IID
<smoser> then, get the security group that is listed there and do: euca-describe-group <that-group>
<AndreKR_unreg> smw smoser: Oh wait, I see.
<AndreKR_unreg> Yes, security group was wrong... source was only the other security group, not 0.0.0.0.
<AndreKR_unreg> ubuntu@ip-10-227-98-63:~$ :) I'm a moron. Thanks. :)
<smoser> glad its working, AndreKR_unreg
#ubuntu-server 2011-10-26
 * RoyK installed his home server on broken mirrors and just resynced them on a newly added drive - nice
<RoyK> now, how do I install grub on the new drive?
<RoyK> there are issues in all sorts of software, but it's only in the lands of Oracle and Microsoft where you need a handful of gods or a trillion dollars to fix them.....
 * genii-around shakes his fist in the general direction of Oracle
 * RoyK shakes his fist in the direction of his home server where he just added a new drive to mirror up the root and now it's noisy, the little bugger - damn it's only got like six disks......
<twb> RoyK: go put it in the 19" rack in the basement then
<RoyK> wish I had one
<genii-around> I have like 3 empty server racks, 2 19" one 21" which are rusting away here in my basement
<RoyK> 21"?
<RoyK> never heard of those...
<RoyK> what do you use those for? 19" equipment with sufficient amount of gaffer tape? ;)
<genii-around> RoyK: They used to house Rogers Cable equipment, I sort of inherited them.
<twb> It is the way of things
<genii-around> These particular cabinets housed the battery backup system, 32 huge lead acid buggers
<RoyK> aren't lead batteries the most used even today in UPSes?
<qman__> I don't have a rack either, my stuff is hanging in the floor joyces by various means
<twb> RoyK: yes, because they're stable
<Roasted> anybody ever see Samba do this before? failed negprot: NT_STATUS_IO_TIMEOUT
<twb> Roasted: no,
<twb> Roasted: maybe strace it or something
<Roasted> twb, strace?
<twb> If you don't know what that means, I can't help you
<Roasted> sweet
<Roasted> great attitudes here :D
<Roasted> anybody else ever see that error? I saw it when i ran smbtree. For some reason this laptop was unable to connect to my samba share when it had done so previously the day before without a hitch.
<twb> I am not representative of normal IRC denizens.
<Roasted> that's good. we'd be in trouble if you were.
<Roasted> thanks anyway, I'll keep asking around.
<twb> Roasted: test with smbclient on localhost first
<twb> Otherwise problems could be unrelated to smb, like your cat5 cable is buggered
<Roasted> wireless
<twb> Whatever
<twb> Heh, I had a freakout because my laptop had ifupdown 0.7
<twb> But it's ifupdown 0.7~really0.6...
<Takyoji> Is there a way to write a script that runs when an interface is up?
<twb> Takyoji: /etc/network/if-up.d
<Takyoji> /etc/network/if-up.d/ or?
<Takyoji> ahh alright
<twb> Takyoji: what's your use case?
<Takyoji> Mounting an NFS share
<twb> Because if it's firewall, iptables-persistent package is better
<twb> Or ufw, I guess
<Takyoji> regarding the issue of fstab trying to mount the NFS share before the network is even accessible
<twb> Oh that shit
<twb> One moment
<twb> http://paste.debian.net/139962/
<twb> That last stanza
<twb> At at 10.04, I encountered a cyclic dependency in NFS mounting at boot, and that was the only way to fix it short of replacing mountall and upstart with stuff that actually worked
<twb> And yes, that really does tell mountall to try to finish mount -a every tenth of a second FOREVER
<Demosthenes> anyone else have an issue with initial shell logins taking up to 5 minutes to occur? i suspect its the fancy welcome message (disk status, users, packages, etc)
<twb> Demosthenes: immediately after a reboot?  Yes, remove byobu
<twb> The package responsibel is actually called something like unattended-upgrades-common and has Section: gnome
<twb> If it continues to happen indefinitely, it's a fuckup in your nsswitch.conf settings
<twb> (e.g. the ldap server is unreachable)
<Demosthenes> twb: interesting.
<Demosthenes> generally after reboot and first login per user.
<twb> Yep
<Demosthenes> sometimes even times out and you hve to try again
<twb> Then it's the former
<Demosthenes> thats as annoying as that "command suggestion" thing
<twb> You can stop c-n-f on a per-user basis btw
<twb> http://cyber.com.au/~twb/.shrc
<twb> line 24
<Demosthenes> oh no, whole box. ;]
<twb> in that case just uninstall c-n-f
<c0nv1ct> menu in ubuntu
<c0nv1ct> MT
<c0nv1ct> http://i.imgur.com/1YbXp.jpg <-- meant to paste this... any idea what is causing it? showed up after recent update
<twb> c0nv1ct: are those characters unreadable, or is that an artifact of your photo?
<c0nv1ct> twb: that is exactly how my tty looks at boot
<c0nv1ct> no readable text since grub complaining about fd0
<twb> Does hitting Alt-<left> a dozen times fix it?
<c0nv1ct> every tty is the same garbled font
<twb> OK, then what I would do is go in with a live CD and blacklist the framebuffer, reconfigure console-setup (and rebuild the ramdisk), or disable plymouth
<twb> Probably all of the above
<c0nv1ct> i can ssh in fine, framebuffer seems like the culprit since there is some blankness during boot that would imply that
<twb> Oh, I'm assuming you're on x86 and are OK with ASCII -- if not then that's more effort
<twb> Like if you need to see greek on the tty or something
<twb> Yeah the problem is clearly something funky fb-wise
<twb> I haven't seen those specific symptoms before
<c0nv1ct> dmesg says it is using efifb... pretty sure this old AMD doesnt use EFI
<twb> so blacklist it
<Demosthenes> twb: it was landscape!
<twb> Sigh
<Demosthenes> removed landscape-common, and no more lag
<Demosthenes> at login anyway
<twb> That install option for landscape should say "DO NOT pick this unless you gave Canonical your VISA card" or something
<twb> Since AFAIK it's pointless and harmful unless you actually have a support contract or whatever
<riot_le> hello, i am searching for Help by setting the correct Group-Permissions on a Path, maybe anyone who can help?
<Demosthenes> twb: yeah, seemed advertisy, but i can't begrudge them a little branding.
<twb> Demosthenes: more just that I get called in to clean up when users try to be their own admins, and sometimes they pick that because it sounded neat
<Demosthenes> twb: just frustrating that i read the user profiles, and /etc/bash.bashrc, etc, and none of it clued me in. wasn't til i found the MOTD was where they're written, and somehow autoupdated.
<twb> Which sounds like what happened to you
<Demosthenes> i don't recall asking for it
<twb> Demosthenes: yeah, update-motd and friends.
<Takyoji> riot_le: changing what group a file/folder is owned by, or read/write/execute for a group on a file?
<Demosthenes> i tend to be a package minimalist
<Demosthenes> and i'm not interested in their service
<twb> Demosthenes: the other one that messes with me, is you get an MTA by default *iff* you configure software raid.
<Takyoji> riot_le: If you're changing the group, the syntax is: chgrp (group name) (file name)
<Takyoji> if it's a folder and you want it done recursively, add -R to the command
<twb> Takyoji: -Rh if you're paranoid
<Demosthenes> twb: wild ;]
<twb> Demosthenes: it's because mdadm has Recommends m-t-a so it can send panic mail
<riot_le> @Takyoji: I added a User to a System and gave him the Path as Homepath where he can write. When User X add a File to the Path the File has the Attributes Owner X Group X
<Demosthenes> twb: wise mdadm
<riot_le> but i want that the Group is still y (like any other Files in Folder)
<Demosthenes> twb: of which i appreciate. i'm running raid1 and raid6, and already tested that ;]
<twb> riot_le: you might want setgid on the dir
<Demosthenes> raid1 across a pair of 16GB usb sticks for booting the OS ;]
<twb> Demosthenes: yes, but it's not logical that you get (an unconfigured) MTA iff you configure software raid
<twb> Demosthenes: it violates principle of least surprise
<Demosthenes> yeah, unconfigured is a pita
<Demosthenes> oh thank god someone else knows that principle
<Takyoji> Also, twb, I managed to write a script that works upon the interface going up, for it to wait 3 seconds, and kill mountall.
<twb> OK, to be fair, I *think* during install it prompts you to configure postfix
<Takyoji> so yay, it works
<Takyoji> Yes, it does install postfix as a requirement
<Takyoji> Also, can you check for faulty drives via /proc/mdstat? :P
<twb> Takyoji: you'd just better hope that 3s stays correct everywhere you put it
<Takyoji> I know. :P
<Demosthenes> Takyoji: mdadm monitors and emails...
<twb> Takyoji: e.g. if you also deploy that config on an embedded box and an s/390 or something
<Takyoji> I don't have the emailing function configured at all
<riot_le> @twb how to setgid?
<twb> Takyoji: btw, if you think of a better solution (that works for LTS), do let me know
<Takyoji> alright; I'll keep it in mind.
<twb> riot_le: uh, it's dangerous to tell you without the full explanation of how POSIX DACs work, and I don't have time
<jamespage> morning all
<lynxman> morning o/
<BuenGenio> hello
<BuenGenio> how do I check the current power consumption?
<BuenGenio> in Watts
<twb> BuenGenio: plug in a power meter between mains and your server
<BuenGenio> twb, really?
<twb> Really.
<BuenGenio> you know you can just use the post office to send mail?
<BuenGenio> plus receiving post cards is much nicer
<BuenGenio> why don't you do that?
<twb> Because I have no friends to write.
<BuenGenio> thought so
<twb> If you expect me to build a better solution, then go back in time and deploy it in time to get into the release of Ubuntu you're running, then you're shit outta luck.
<BuenGenio> if you're talking to me, I wasn't expecting /you/ to do anything. not to give smarty-ass answers, anyway.
<twb> BuenGenio: fair enough.
<BuenGenio> I don't know who you are and what ou do, but - shoving a power meter in my rack is not the answer I was looking for.
<twb> it's what I did last week
<BuenGenio> not sure if it's the sentiment I share with your (would-be) friends...
<BuenGenio> hah!
<BuenGenio> maybe I'm a bit stressed (and missing the obvious).
<BuenGenio> I don't know
<twb> Maybe if you have name-brand Sun gear or something, there is a better way, but AFAIK not for fungible whitebox crap
<BuenGenio> maybe I need to see a shronk
<twb> Or obviously if you have a decent UPS already, you can ask it
<c0nv1ct> crap, traded the terminal font problem for a networking problem... the network service is stuck on stop/wait
<BuenGenio> I have PowerBar installed on Windows - that tells me exactly the watts I'm using
<BuenGenio> thought Linux would have figured that out long before that
<twb> Shrug.  Maybe you can ask something in /sys/, but I'm not aware of it
<c0nv1ct> i'm late to this convo, but powertop doesnt work for you?
<twb> c0nv1ct: that shows IRQ wakeups and stuff, not an overall wattage number IIRC
<twb> Current debian sid version doesn't tell me watts on my atom-based netbook, fwiw
<twb> c0nv1ct: what did you do that borked networking?
<c0nv1ct> not sure really, the only change i made was to add a dns record to interfaces, but i removed that line and it still doesnt work
<twb> c0nv1ct: you didn't turn plymouth off or blacklist fb or anything?
<twb> That symptom sounds like you didn't turn plymouth off hard enough or so
<c0nv1ct> to fix the console font i set GRUB_TERMINAL=console in defaults/grub and did update-grub2
<twb> That shouldn't cause that problem
<c0nv1ct> i am seeing plymouth errors though, maybe i need to turn that off harder
<c0nv1ct> whats the hard way to disable plymouth all together?
<twb> Maybe post-lucid, plymouth relies on grub to set up the framebuffer?
<twb> c0nv1ct: by "harder" I meant, like, with extreme prejudice
<twb> Ideally you just uninstall it, but as at lucid a Depends screw up makes that impossible
<ersi> BuenGenio: There's no totally reliable way to determin power usage from software. The closest you get, is by polling ACPI/A battery/UPS. If you want RELIABLE power metering, you should really follow twb's advice of getting a physical power meter.
<c0nv1ct> ugh, why is ubuntu-server messing with framebuffers and crap, i'll just uninstall it and see
<twb> Good luck
<BuenGenio> thx
<twb> BuenGenio: that was actually at c0nv1ct :-)
<BuenGenio> It's just that my data center is 10,000km away
<twb> BuenGenio: I feel you pain, man
<BuenGenio> it's more curiosity really...
<twb> BuenGenio: can you get a colo monkey to put one in for you?
<twb> If it's in a datacenter they might even have that already
<c0nv1ct> yeah, cant remove plymouth... wow
<lynxman> normally datacenters measure consumption per power line
<twb> c0nv1ct: ok, the two main things I've done is to dpkg-divert all the bits of plymouth from /usr/share/initramfs-tools and /etc/init, and to add blacklists for more framebuffers in /etc/modprobe.d/ -- both will require update-initramfs -u -k all, and note that if you cock it up you'll need a live CD or so to get back in to fix it.
<ersi> BuenGenio: I'd hear with your hosting provider, if they possibly could hook you up with some monitoring. But I also, feel your pain about this subject
<twb> lynxman: power line as in per port in the rack's power rail (thus, per device in the rack), or power line as in port in the wall
<lynxman> twb: power line as power strip on the rack
<twb> Right
<lynxman> twb: that's the normal behaviour, so if you have N servers on that power strip you can guesstimate consumption
<ersi> Guesstimation <3
<twb> I ask because I don't wear enough ties to babysit the kind of customers that have colo hosting
<lynxman> twb: If you have some advanced hardware the PSU will also tell you the power consumption, but I've always found those to be innacurate
<lynxman> twb: the best solution that I've found for colo is to buy one of those APC power control strips, the modern ones have also consumption per plug
<Rolpa> hello?
<ersi> Hi.
<Rolpa> I need a little help
<archayl> i have ldap and unix user in duplicate. how to delete user by userid, not by name using terminal, i intend to keep the ldap user.
<c0nv1ct> archayl: you are trying to remove users in bulk from a list of UIDs?
<archayl> c0nv1ct: nope, just around 5.
<c0nv1ct> archayl: ah, then nothing fancy needed, just use /etc/passwd to find the username
<Omega42> hi... are there known problems with ubuntu 11.10 and libvirt hook scripts?
<archayl> c0nv1ct: it's a duplicate username. i have 'john' in both ldap and system with different uid. it represents the same user. i want to retain the one in ldap.
<xranby> Omega42: possibly, do any of these bugs match your issue? https://bugs.launchpad.net/ubuntu/+source/libvirt
<c0nv1ct> archayl: then remove the user with userdel?
<ersi> Rolpa: Ask whatever your wondering (that is related to ubuntu on serers) - and you might get an answer. No guarantees though ;) Don't ask to ask, ask instead
<Rolpa> oh sorry lol
<Rolpa> was afk
<Rolpa> yea
<Rolpa> Im having issues with vsftpd
<Rolpa> I have it installed on my server installation
<Rolpa> but when I try to FTP in with my client. it establishes a connection to the server but says my login is incorrect
<archayl> c0nv1ct: does userdel delete the ldap user too?
<pmorris> Hi, for some reason my server is unable to resolve hostnames since last night and I cannot understand how or why. Besides doing regular apt-get updates nothing has changed. I can "fix" the problem by running dhclient but every time I restart networking I have to do this again
<c0nv1ct> archayl: no
<Rolpa> Ive checked my config repeatedly and I dont see an issue
<Omega42> archayl: i didn't find my problem ther
<Omega42> the problems, i have problems using hook scripts:
<Omega42> qemu hook script: i get the error: "internal error Child process (LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/sbin:/sbin:/bin /etc/libvirt/hooks/qemu VMxy prepare begin -) status unexpected: exit status 1" and my VMs won't satrt, The script is a correct bash script and exits 0
<Omega42> daemon hook script: that's is totally ignored
<Omega42> versions: libvir 0.9.2 / API: QEMU 0.9.2 / Hypervisor: QEMU 0.14.1 (KVM) / ubuntu 11.10
<Omega42> maybe it's a poblem caused by release-upgrades, i alwaysw keep old config files - i'll try with a clean install
<ersi> Rolpa: What kind of configuration do you have? Are you allowing local_enable = YES in your config? Or are you using another authentication method for your users?
<Rolpa> local_enable is enabled
<Rolpa> yea
<Rolpa> its a default setup
<Rolpa> Status:	Connecting to 192.168.1.6:21... Status:	Connection established, waiting for welcome message... Response:	220 (vsFTPd 2.3.2) Command:	USER stefano Response:	331 Please specify the password. Command:	PASS ********* Response:	530 Login incorrect. Error:	Critical error Error:	Could not connect to server Status:	Connecting to 192.168.1.6:21... Status:	Connection established, waiting for welcome message... Response:	220 (vsFT
<Rolpa> thats what I get when I attempt to connect
<archayl> c0nv1ct: thank you very much ;)
<Rolpa> hello?
<Daviey> Anyone keen to land a patch for SRU?
<pmorris> Can someone who understands networking shed any light on why I have to run dhclient but every time I boot or restart networking? Since last night I've been unable to resolve hostnames and since it fails at boot time all my services including SSH fail also
<Daviey> jamespage: Does it make sense to do an update fakesync of geronimo-jms-1.1-spec?
<toobler> Can someone give me a link to configure an SMTP in Ubuntu, it will be very helpful for me. Thanks
<w00> toobler, https://help.ubuntu.com/community/Postfix ?!
<toobler> Thanks
<uvirtbot> New bug: #881903 in lxc (main) "lxc-fedora template is broken" [Undecided,New] https://launchpad.net/bugs/881903
<jamespage> Daviey: looking now
<uvirtbot> New bug: #881906 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/881906
<jamespage> Daviey: yes
<Daviey> cool
<Daviey> zul: I see you last merged ntp, do you want to do so again?
<zul> sure
<Daviey> great
<Daviey> hallyn: Do you think we should sync open-vm-tools?
<Daviey> zul: Were you handling lynxman's puppet merge?
<zul> lynxman: yeah i was told to wait for a newer puppet release though
<lynxman> zul: There's a CVE for 2.7.6 coming through
<Daviey> zul / lynxman: 2.7.6-1 has been in sid since the weekend
<lynxman> zul: thought we could make both? :)
<Daviey> lynxman: ah
<Daviey> Wasn't thatfixed yesterday?
<lynxman> Daviey: mdeslaur was on it for the releases, not for precise though
<zul> mdeslaur	zul: fyi don't merge puppet 2.7.5, we need 2.7.6 to fix this: http://puppetlabs.com/security/cve/cve-2011-3872/
<uvirtbot> zul: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3872)
<Daviey> lynxman: it seems to be fixed in 2.7.6.. no?
<lynxman> Daviey: it is
<lynxman> Daviey: that's what 2.7.6 is for :)
<Daviey> lynxman: so what is blocking?
<zul> testing doesnt have it yet
<lynxman> Daviey: so we can try and merge 2.7.6 straight
<lynxman> Daviey: just my mind I guess :D
<zul> ill do the puppet merge as well
<lynxman> zul: as said, if I can help I'll be glad to :)
<lynxman> zul: as soon as I finish this whitepaper (today)
<jamespage> Daviey: want me to take care of that?
<Daviey> zul: We can still merge/sync from sid
<Daviey> jamespage: wassat?
<zul> can ill take a crack at it then
<jamespage> geronimo-jms-1.1-spec
<Daviey> jamespage: gets it off the list :)
<jamespage> Daviey: coolio
<Daviey> "Add build-dependency on python-support" Thanks Debian... i won't be merging that.
<lynxman> Daviey: lol
<Daviey> hallyn: qemu-kvm, 0.15.1+dfsg-1 - seems all good fixes.. should we grab that?
<Daviey> whois looks like a nice easy merge, anyone want to grab it?
<Daviey> koolhead17: ^^ ? :)
<koolhead17> Daviey: hellos
<koolhead17> Daviey: show me the way O Master!! :)
<koolhead17> Daviey: last night result after removing the sqlite.so http://paste.ubuntu.com/719588/ seems issue still persists
<Daviey> koolhead17: hmm, can i see a debdiff?
<koolhead17> ok 2 mins
<Daviey> debdiff *5.3.8-2ubuntu1.dsc *5.3.8-2ubuntu2.dsc | pastebinit
<koolhead17> hmm
 * koolhead17 starts his virtualbox instance
<koolhead17> Daviey: http://pastebin.com/8WP5guGB
<Daviey> koolhead17: Hmm, perhaps that isn't what creates the conf then.
<koolhead17> Daviey: there is one  more file name modulelist
<koolhead17> it has entry of sqlite insted sqlite3
<koolhead17> Daviey: http://pastebin.com/9zHq9tbz
<Daviey> koolhead17: hmm, might be worth trying that
<koolhead17> Daviey: shall i replace it with sqllite3 or remove the whole entry of sqllit from the file
<koolhead17> ?
<koolhead17> :)
<Daviey> koolhead17: 'try it' :)
<koolhead17> ok am removing sqlite entry from there
<koolhead17> Daviey: one more question i will remove that part and run dch -i  i should remove "precise-i386_result" directory ?
<Daviey> koolhead17: no need to, but can do
<koolhead17> ok removing then running :)
<Daviey> it'll overwrite if it is the same version
<koolhead17> but i think it should create new version 3 as 2 is what will get upgraded :)
<Daviey> koolhead17: you can overwitre the package :)
<Daviey> ubuntu2 is what will get uploaded.
<koolhead17> ok. so am doing notthing. as you said it will be updated.
<koolhead17> another 3 hrs wait
<lynxman> koolhead17: \o/ your first merge :)
<koolhead17> lynxman: hola!! Yeah once the issue gets fixed :D
<andybalong> anybody can help me please ?
<rbasak> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<andybalong> how to open port game online in squid ?
<andybalong> how to set it inside squid
<cwillu_at_work> andybalong, I'm not sure that squid will do that, but I could be mistaken
<cwillu_at_work> and my quick glance at the docs and faq seems to confirm that
<cwillu_at_work> andybalong, squid is a proxy for specific protocols, (i.e., you can think of it as acting like both a web server and client); what you're asking for is more a dumb "shovel everything from this port to this address"
<cwillu_at_work> and of course, having said that, I find a page that seems to describe what you want, but it also seems new and kinda experimental
<cwillu_at_work> but even then, I'm not sure :p
<cwillu_at_work> http://wiki.squid-cache.org/ConfigExamples/MultiplePortsWithWccp2
<cwillu_at_work> (it describes the configuration to set up a normal port forward through the linux kernel's network layer, so I don't think this is a squid thing specifically)
<andybalong> ok, thank you i'll try
<smoser> hallyn, around ?
<smoser> libvirt lxc issue of the day.
<zul> oooh...this shouldnt be pretty :)
<smoser> comon hallyn, stop hiding. i prefixed 'lxc' with libvirt so you wouldn't complain about that.
<hallyn> smoser, oh, hey
<zul> morning btw
<smoser> libvirt lxc dies for me when i try to run a cirrOS container.
<hallyn> what is cirrOS
<smoser> https://launchpad.net/cirros/+download get the lxc.tar.gz and then try to run it (i try with using my lxc-libvirt-root)
<smoser> http://smoser.brickies.net/git/?p=tildabin.git;a=blob_plain;f=lxc-libvirt-root;hb=HEAD
<smoser> it dies with can't mount /dev/pts
<hallyn> oh right
<smoser> hallyn, cirros is my little toy
<hallyn> right :)
<hallyn> zul, good morning :)
<smoser> hallyn, is there some way i can test lxc proper ?
<smoser> run-a-container-in-this-root ./rootd
<smoser> thats what i want
<hallyn> i don't know of a such a script.  You could lxc-create a basic container, then swap out the rootfs
<hallyn> or i can whip up such a script
<hallyn> it hasn't been useful in the past bc rootfs needed tweaking by templates anyway
<smoser> well, hte lxc-create path sure is attractive, doing hundreds of megabytes of disk io and network io in order to create a 15 line config file :)
<hallyn> glad you like it
<hallyn> hold on i'm working on a config
<hallyn> sigh, cloud-init hanging
<smoser> ;)
<hallyn> (for some raason my containers aren't getting a proper resolv.conf from libvirt's dnsmasq)
<hallyn> 20/30, almost there
<hallyn> smoser, well, http://people.canonical.com/~serge/cirroscfg has the config and fstab files you can use
<hallyn> it's hanging for me on the fancy ascii-art logo
<zul> is this on oneiric or pangolin
<hallyn> smoser, wget: can't connect to remote host (169.254.169.254): No route to host
<hallyn> , that host isn't up anyway
<hallyn> zul, oneiric, though with pangolin's libvirt
<zul> hallyn: ah
<hallyn> actually its resolv.conf is fine
<hallyn> smoser's hardcoded host is just bogus :)
<smoser> hallyn, typo? /var/lib/lxc/o1/fstab
<smoser> hard coded path ?
<hallyn> oops, yeah
<hallyn> is that in notes?
<hallyn> obviously we can make this into a trivial script or template
<hallyn> which reminds me,
<hallyn> SpamapS, were you ready to get your euca tarball based lxc template into the lxc package?  :)
<smoser> hallyn, do i need an fstab ?
<hallyn> smoser, if you want proc mounted, i think you do
<hallyn> well, no,
<hallyn> you can put those entries straight into config is uppose
<smoser> into the config ?
<smoser> init mounts /proc
<smoser> and /sys
<smoser> (as it should)
<hallyn> smoser, then you don't need it
<hallyn> so, does it work?
<smoser> not tried yet.
<SpamapS> hallyn: it was pretty simplistic... I wonder if we could just make it the "OVF" template or something.
<hallyn> yuck
<hallyn> no reason we couldn't though
<hallyn> maybe one night next week :)
<hallyn> write it over a pitcher?
<smoser> SpamapS, well the ovf references the full disk image
<smoser> and that is not really suitable for lxc consumption. just due to the partition table.
<SpamapS> smoser: we could loop mount and copy the stuff out of it
<smoser> well thats just silly.
<zul> and a waste
<smoser> theres a partition image that what you want
<smoser> and libvirt newer versions support using the partition image
<SpamapS> Just thinking in terms of integrating a standard
<zul> right that needs to be tested as well again
<smoser> SpamapS, doing it "right" that way would really require supporting a disk that was partitioned with multiple partitions, reading itfs fstab, mounting
<smoser> or...
<smoser> actually, my opininion the better way to do all this is to make a loader that you run, that essentially takes a device node, mounts a root partition in it read-only, and calls /sbin/init
<smoser> and get lxc out of the garbage of thinking it knows anything.
<smoser> things like mounting proc and sys are just silly
<smoser> hallyn, ok. so i booted with your config
<lynxman> zul: I'm all yours, want me to merge 2.7.6 from sid?
<zul> lynxman: sure...i just started to look at it, but it looks like it can be synched
<lynxman> zul: okay, having a lookie then :)
<smoser> hallyn, so where should i put a getty under this lxc-start world?
<hallyn> on tty1
<hallyn> (or tty2..tty4)
<smoser> there is no entry in /dev for tty1
<smoser> just try anyway?
<smoser> in libvirt i get an entry there i think
<smoser> if i just try i get 'can't open /dev/tty'
<smoser> er.. /dev/tty1
<hallyn> smoser, create the device nodes inthe rootfs
<smoser> hallyn, ok. so i mknod /dev/tty1 and then try to run a getty on it and i just dont see anything
<smoser> writing (echo "hello" > /dev/tty1) also does not get anything written to screen.
<hallyn> then do lxc-console -n cirros
<smoser> ah. there we go!
<hallyn> the lxc-start console is probably tty0?
<smoser> :)
<hallyn> so actually if you jsut create tty0 you might get console on lxc-start
<smoser> whats the escape key ?
<jeh> When using a seed file does anyone know how to get past  "do you want to activate serial raid devices"
<smoser> i see no affect of /dev/tty0
<pmatulis> jeh: you probably don't want to have that queston asked at all (whether you see it or not)
<pmatulis> jeh: it sounds like you have fake raid on your m/b
<pmatulis> jeh: do you actually use it?
<hallyn> smoser, dev/console?
<smoser>  /dev/console seems ot have an affect
<smoser> hallyn, how do i detach from an lxc-console
<hallyn> ctrl-a q
<hallyn> do you not launch a getty on /dev/console?
<smoser> i do not.
<smoser> most things do not
<smoser> they launch something on tty1
<smoser> or ttyS0
<smoser> hallyn, you have any idea what is going wrong in libvirt lxc ?
<hallyn> no
<hallyn> what do i do with that script you gave me
<smoser> did you try it? it dies with the pts issue.
<smoser> ./libvirt-lxc-root ./rootdir
<hallyn> odd, that goes through the cloud-init loop much slower than lxc does
<smoser> you get to that loop ?
<smoser> it goes through slower because it has a network.
<hallyn> smoser, yes, adding a consoel entry to inittab gives a console lxc-start window, fwiw.  but presumably you'll want to do 'lxc-start -d -n cirros' anyway, and not use that
<smoser> under lxc the dhcp is not getting a ip address
<hallyn> yes i get that loop in libvirt
<hallyn> and, got a prompt
<smoser> i hate you
<hallyn> now, i'm running 0.9.6
<hallyn> not sure if something else has changed
<hallyn> smoser, i assume you extracted the rootfs as root?
<smoser> hallyn, no. i used the -lxc.tar.gz
<smoser> what did you use ?
<uvirtbot> New bug: #882031 in clamav (main) "SRU tracking bug for clamav 0.97.3" [Undecided,New] https://launchpad.net/bugs/882031
<uvirtbot> New bug: #882028 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/882028
<jeh> pmatuli: correct, it's on the MB, even though it's disabled in the bios it still prompts me for this
<hallyn> smoser, i did sudo tar xvf and pointed your script to the dir
<smoser> which file did you download ?
<hallyn> your lxc.tar.gz
<jeh> pmatulis: I have it, don't use it, and don't want to be prompted for it
<smoser> x86_64 ?
<smoser> strange.
<hallyn> smoser, regarding a new lxc template, yes, what i'd like is to just point the template to an existing, untarrted rootfs
<hallyn> smoser, yes, x86-64
<jeh> pmatulis: I tried "disk-detect     disk-detect/dmraid/enable       boolean false" but that didn't work
<hallyn> i asked about untarring as root bc of course i first tried as me, but couldn't create the devices in it
<pmorris> Since last night I've been unable to resolve hostnames and since it fails at boot time all my services including SSH fail also. Manually running `dhclient` makes hostnames resolve again, but restarting networking (or rebooting) recycles the problem. Any idea why this could have suddenly started happening?
<zoopster> pmorris: something installed/changed/updated prior?
<zoopster> pmorris: any errors in the logs?
<cerberos> how do I find out which debian version ubuntu 10.10 uses? google is not my friend
<_ruben> whatever was in debian testing at that time
<Ursinha> Daviey, hey
<smoser> hallyn, so would you expect a getty on a 'lxc-start -n <name>' output ?
<hallyn> ?
<hallyn> if you add a console entry to /etc/inittab, then you get a getty there
<hallyn> worked for me anyway
<smoser> yes
<smoser> but would you expect one there?
<smoser> adding one gets local echo on it.
<hallyn> oh.  yes.
<hallyn> what do you mean?
<smoser> http://paste.ubuntu.com/719725/
<hallyn> i always just do 'lxc-start -n x' and expect the console there.  but a lot of people prefer to do -d
<hallyn> jikes
<hallyn> i don't recall having that.  lemme retry
<zul> Daviey: ntp uploaded btw
<hallyn> i'll go read up more on augeas while waiting for cloudinit
<smoser> hallyn, you can drop the cloud-init stuff.
<smoser> just edit /var/lib/cloud/config.sh
<smoser> NOCLOUD=1
<smoser> err.. IS_NOCLOUD=1
<hallyn> yeah, i see the echo.
<hallyn> in ubuntu containers we do 'getty  -8 38400'
<hallyn> but -8 is not supported in your getty
<hallyn> odd.
<smoser> i've got lxc in a func now
<smoser> $ sudo lxc-start -n cirros
<smoser> lxc-start: Permission denied - failed to create pty #0
<smoser> lxc-start: failed to create the ttys
<smoser> lxc-start: failed to initialize the container
<hallyn> you've got me in a func
<hallyn> does 'lxc-start -l debug -o outout -n cirros' give any more info?
<hallyn> (in outout)
<smoser> same thing i pasted
<hallyn> no in file outout
<smoser> same thing
<smoser> strace shows: chown("/dev/pts/2", 0, 5)               = -1 EROFS (Read-only file system)
<pmatulis> jeh: so go into your BIOS, remove all traces of fakeraid configuration (remove meta-data from you disks), and then disable fake-raid altogether
<hallyn> smoser, you might want to check dmesg on the host for an oops
<smoser> no.
<smoser> its very clean
<jeh> pmatulis: thanks. The solution was that, and zeroing the MBR
<pmatulis> jeh: good stuff
<smoser> hallyn, ok. so something ended up mounting /dev/pts ro
<smoser> but i have no idea what
<mari00> hi all, i'm struggling with a manual install of tomcat6.
<hallyn> smoser, has it stopped?
<mari00> i want to install it under a user (tomcat6) that uses the nologin script.
<mari00> but i can't quite get it to work.
<hallyn> smoser, i don't know why busybox-getty is doing the echo;
<mari00> anyone here think they could help me?
<hallyn> agetty does not
<Ursinha> Daviey, are you still there? alive?
<RoAkSoAx> Ursinha: he's a vampire... he never dies :)
<Ursinha> RoAkSoAx, :)
<Daviey> Ursinha: hey
<koolhead17> hola RoAkSoAx
<zul> Daviey: when you get a second can you have a look at http://people.canonical.com/~chucks/keystone
<Daviey> zul: debdiff for the lazy? :)
<Daviey> don't worry
<zul> Daviey: aaaaaaaaa
<zul> Daviey: http://people.canonical.com/~chucks/keystone/debdiff
<Daviey> zul: waaaat is this:
<Daviey> -        help="specifies port for Admin API to listen on (default is 5001)")
<Daviey> +        help="specifies port for Admin API to listen on (default is 35357)")
<Daviey> They changed the default port, seriously?
<zul> Daviey: welcome to keystone country....stay for the flavor
<koolhead17> zul: :P
<koolhead17> Daviey: hahahaha
<zul> Daviey: they still havent cut a release but that tarball matches the git tag but its renamed to something sensible
<Daviey> zul: it's really much larger than i expected.
<Daviey> It's a universe package, and still makes sense IMO.
<zul> Daviey: yeah
<Daviey> If keystone is currently as broken as people say
<Daviey> zul:I would raise a discussion with ~ubuntu-mir, and concurrently we need to verify it works before uploading to -proposed i think.
<zul> Daviey: i was going to upload to a ppa and ask people for testing
<Daviey> zul: That is a great idea
<koolhead17> zul: let me know once its done :)
<zul> koolhead17: k
<zul> Daviey: why ubuntu-mir though?
<zul> i would say ubuntu-sru myself
<Daviey> zul: gah, yes.
 * zul gets SpamapS drunk
<zul> anyways i need to find something to eat
<koolhead17> Daviey: no luck even after removing the option :(
<koolhead17> the debdiff http://paste.ubuntu.com/719822/
<Daviey> koolhead17: crikey
<Daviey> koolhead17: wait, you didn't remove the --with-pdo-sqlite thing?
<koolhead17> Daviey: i think i did :(
<koolhead17> lemme check
<koolhead17> Daviey: lemme paste you the source file
<koolhead17> *rules
<koolhead17> Daviey: http://paste.ubuntu.com/719834/
<koolhead17> Daviey: i did mistake actully there is 2ubuntu3.dsc created and i did debdiff with 1 & 2
<koolhead17> http://paste.ubuntu.com/719838/ this has correct debdif :)
<xibalba> hello everyone, i'm trying to use scponlyc and was wondering if i could get some assistance.
<xibalba> here is some output i have on the issue, http://paste.ubuntu.com/719841/
<Daviey> koolhead17: and that didn't fix it?
<RoyK> [offtopic] Anyone that knows C well around? I'm doing a little fork() test here, I see text output is repeated (the Forking n times line) on this fork test if I don't fflush(stdout) - any idea why? http://paste.ubuntu.com/719846/
<koolhead17> Daviey: no. but i am assumung am doing something wrong http://pastebin.com/mzYdG0k8  <-- apt-cache policy
<Daviey> koolhead17: nah, that indicates you have a local package installed
<Daviey> koolhead17: we'll try and track this down tomorrow in a shared screen session?
<RoyK> pastebin.com is rather ugly stuff
<RoyK> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<koolhead17> i my php5_5.3.8-2ubuntu3.dsc  then the packages inside  precise-i386_result should have 3 as extension
<koolhead17>  
<Daviey> ah yes
<Daviey> true
<koolhead17> Daviey: okey. :)
<xibalba> hey fellas, anyone using scponlyc? i think i'm missing something really dumb here
<koolhead17> Daviey: so am doing sumthing wrong sumwer
<koolhead17> :)
<Daviey> koolhead17: probably :)
<koolhead17> Daviey: and the mistake is pbuilder-dist precise i386 build *ubuntu2.dsc  :P
<koolhead17> so another 4 hrs now it seems
<koolhead17> it has to be pbuilder-dist precise i386 build *ubuntu3.dsc IMHO
<koolhead17> :P
<zul> holy crap 4 hours to build php?
<koolhead17> ;-)
<koolhead17> Daviey: shall i redo it all again, i think this is the mistake :)
<lynxman> zul: takes less than openoffice still
<koolhead17> lynxman: hahaha. :P
 * koolhead17 giving it a try
<xibalba> here guys, check this out if you dont mind http://paste.ubuntu.com/719857/
 * koolhead17 takes 15 mins break
<RoyK> koolhead17: hepp! break's over!
 * koolhead17 is back
<koolhead17> RoyK: its always +- 10 mins
<koolhead17> :)
<RoyK> :)
<RoyK> - A DBA walks into a NoSQL bar, but leaves because he can't find a table
<koolhead17> RoyK: hahaha :)
<just-a-visitor> =-O
<koolhead17> Daviey: some success. got a nice error :D http://paste.ubuntu.com/719879/
<koolhead17> just-a-visitor: howdy
<just-a-visitor> koolhead17: Hi! It was a good joke.
<koolhead17> indeed
<koolhead17> RoyK: :)
<Daviey> koolhead17: nice
<koolhead17> Daviey: now wondering what next :)
<koolhead17> ahaha
<xibalba> hmm, do i need to be a +v to talk or something?
<xibalba> or am i not following correct protocol for help
<RoyK> xibalba: on some channels, you need to be identified - /msg nickserv help
<xibalba> oh am i not? let me od that right now, whoops
<xibalba> ok i'm identified now
<RoyK> I've been able to read you fine all the time.....
<xibalba> i'm just looking for a little guidance on scponlyc, the chroot'd scponly shell
 * RoyK has no idea how that works...
<xibalba> drats
<koolhead17> nor even me :(
<xibalba> double drats
<RoyK> 'even' :D
<Daviey> koolhead17: My brain is baked at the moment.
<koolhead17> Daviey: will look into it tomorrow. cheers!! :)
<Daviey> rocking
<xibalba> thanks guys, see ya later
 * RoyK likes backblaze.com - $5 per month for backup of up to âGB
<cemc> o/ I'm using LVM for my KVM guests. if I create a new LV manually (with lvcreate etc), it doesn't show up in virt-manager in the storage pool. is there a way to refresh that list?
<pmatulis> cemc: you should be able to browse to the device
<koolhead17> RoyK: am paying allready a lot to my VPS provider like 125$ monthly
<koolhead17> :P
<RoyK> koolhead17: for what?
<cemc> pmatulis: I don't see it in the list
<koolhead17> hell no  133$ yearly for 512 RAM and 40 GB hdd
<RoyK> koolhead17: HAHA
 * RoyK has some private servers for such use
<koolhead17> RoyK: am running few wordpress blog and galler2 thats it
<koolhead17> :)
<RoyK> erm - not $125 monthly?
<RoyK> $133 a year isn't so bad
<RoyK> koolhead17: do they provide backup on that system as well?
<koolhead17> RoyK: nopes. no guarntee of tht
<RoyK> that sucks rather badly.....
<koolhead17> RoyK: i know
<kirkland> SpamapS: ping
<arrrghhh> hey all.  anyone use/know how to use powernap?
<lifeless> quick, hurry up and sleep!
<arrrghhh> lol basically yes
<arrrghhh> then quick, hurry wake up!
<lifeless> you install it
<arrrghhh> it is installed
<lifeless> thats all thats needed AIUI, it hooks into the existing policies
<lifeless> to turn off cpus when they are idle and htings like that
<arrrghhh> hrm
<kirkland> arrrghhh: serveral of us, yes.  RoAkSoAx is the current maintainer, I'm the original author.  what are you trying to do?
<arrrghhh> well i guess i just wanted to know more about it
<arrrghhh> ideally i'd like it to shutdown/hibernate/suspend when not in use
<arrrghhh> and the tricky part to me seems to be waking it back up...
<arrrghhh> do i have to do anything to configure that?  how does it work?
<kirkland> arrrghhh: there's a good series of articles at http://blog.dustinkirkland.com/search/label/PowerNap
<arrrghhh> excellent
<arrrghhh> thank you
<kirkland> arrrghhh: including several slideshows and presentations
<kirkland> arrrghhh: you can use powerwake (wake-on-lan) to wake it back up
<kirkland> arrrghhh: if you need to wake it remotely
<kirkland> arrrghhh: or just press the power button to wake it locally
<arrrghhh> heh
<arrrghhh> well i was reading something about it detecting traffic?
<arrrghhh> so when it detects a ssh attempt or a upnp attempt, etc it wakes?
<arrrghhh> seems from a shutdown state WoL is the only option.
<kirkland> arrrghhh: RoAkSoAx has been working on an arp monitor, where you'd have one server watching for arp traffic to a bunch of others that might be powernapping;  and when traffic to their addresses shows up, it would powerwake them
<kirkland> arrrghhh: that bit is still proof of concept stage
<kirkland> arrrghhh: currently, though, you can come out of powersave mode on ssh connection attempts, that's trivial
<arrrghhh> hrm ok
<kirkland> arrrghhh: but you can't yet come out of suspend/hibernate/poweroff without a WoL packet first
<arrrghhh> i see
<arrrghhh> i'll do some more reading on powernap.  perhaps there's some other aspects of it that i can use that will help reduce power consumption
<kirkland> arrrghhh: i have used an ssh alias, sshwol, that powerwakes a server, and then sits there in a loop ssh'ing to it until it's back online
<kirkland> arrrghhh: cool, good luck
<arrrghhh> my buddy was talking about some WHS plugin, and made me jealous.  i figured there was some way to do it in linux... :D
<arrrghhh> lights out is the name of the plugin if you're interested
<arrrghhh> seems like it depends on WoL as well tho....
<arrrghhh> and the developer just built some client-based app that sends that magic packet...
<panfist> i'm trying to run an ubuntu server vm on my desktop, but something changed in my environment causing it to be unable to mount a network share and the boot is stuck complaining that mountall terminated with status 32
<panfist> short of pointing the virtual machine to a live rescue disk, is there a hotkey to press to get to rescue mode while it's booting?
<arrrghhh> well if you hit esc to get the grub menu
<arrrghhh> you could try getting into rescue mode...
<panfist> i'm not sure why my other machines show a menu to choose what to boot into but this one does not, it just goes straight through from the virtual bios screen to the boot output
<panfist> even if i hit esc repeatedly while it's booting i can't catch a grub menu
<arrrghhh> hrm
<panfist> this is 10.04 by the way
<arrrghhh> you're sure the VM is configured correctly?
<arrrghhh> ok
<panfist> i'm pretty sure the vm is configured correctly, it's trying to mount an NFS share that's unavailable
<panfist> my coworker is absent and the share is on a machine that's shut down in his locked office
<arrrghhh> the NFS share is dependent on the VM booting?
<arrrghhh> uhhh
<arrrghhh> unless the share is required for your VM to boot
<arrrghhh> i don't see why it would _prevent_ it from booting....
<panfist> it's saying mount error(113): no route to host; refer to mount man page...; mountall: mount /path/to/mountpoint [485] terminated with status 32;
<panfist> and it's just sitting there
<arrrghhh> is the share required for the VM to function?
<panfist> no, the share just has some cgi scripts that the vm crunches, but i don't see how they are crucial to the boot process for the vm
<arrrghhh> hrm
<panfist> if it were ubuntu desktop, it would say something like, "press s to skip or m for manual recovery"
<arrrghhh> this NFS mount is in fstab i presume?
<panfist> yes
<arrrghhh> interesting.
<arrrghhh> well
<arrrghhh> you could point a livecd ISO at it
<arrrghhh> and go the long way, fix the fstab entry
<arrrghhh> i don't know why it would halt on a failed NFS mount....
<arrrghhh> unless it was for something silly like /boot :P
<panfist> yeah, i've done that before, but this isn't the first time it's happened and it's annoying to have to boot a live iso to fix this problem when i should be able to get a proper rescue environment locally if i had grub menu
<arrrghhh> i agree
<arrrghhh> and *normally* you'd just hit esc.
<arrrghhh> that's odd that it isn't working.  i'd blame the VM software.... but i don't know for sure.
<arrrghhh> i'm not an expert on the topic, i've only run ubuntu server in vbox a handful of times.
<arrrghhh> the rest are all physical machines...
<panfist> oh well, thanks, back to the old solution of using a live cd i guess
<panfist> i guess grub must be configured to have a 0 timeout or something and i should be able to change that to another value after i get back in
<arrrghhh> yea but even still
<arrrghhh> with 0 timeout, i thought there was still a (albeit short) period where you can hit esc
<arrrghhh> i might just be blowing smoke tho :P
<panfist> like you said, probably blame it on the vm software
<arrrghhh> the simplest thing i can do now heh
<Bilge> Why might hostname lookup fail every time I restart networking or reboot?
<Bilge> Even though I can run dhclient manually and everything appears to be fine
<xranby> Bilge: have you checked your routing tables?
<xranby> Bilge: perhaps dhclient are somehow not run on bootup for you?
<Bilge> I don't know much about network or the first thing about routing tables
<Bilge> My server is leased from a company
<Bilge> Without changing anything on the box suddenly this problem started ocurring since yesterday
<Bilge> So maybe it's something wrong with their network but I guess not if I can just run dhclient and everything is fine?
<Bilge> Is it _meant_ to be run on startup?
<Bilge> The only strange error I get on boot is this one:
<Bilge> removed hw address from /etc/udev/rules.d/70-persistent-net.rules (eth0)
<Bilge> But network dependent services like SSH have already failed to start before that point
<xranby> Bilge: have you switched network cards?
<Bilge> Not to my knowledge
<Bilge> I would imagine that would result in downtime and I'm not aware of any, as I said, the server is leased from a company and they should inform me if they were to make any changes to the hardware
<Bilge> The only thing that has changed to my knowledge is occasionally running apt-get update
<xranby> because if they had switched network cards then the mac address would change and the new card would get allocated to   eth1 instead of eth0
<xranby> and thus the default network configuration would stop working
<Bilge> Is there some way I could check that?
<xranby> you can run ifconfig
<xranby> it will display the mac address of your network card
<xranby> then you can check the /etc/udev/rules.d/70-persistent-net.rules and check that the same mac adress are used for eth0
<Bilge> There are no entries in that file
<xranby> if they do not match
<xranby> hmm
<Bilge> Just a load of commented out stuff
<xranby> look at the bottom
<xranby> i would have expected you to find something like
<xranby> SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:19:99:6d:80:8f", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
<Bilge> There's nothing in that file at all
<xranby> because the purpose of that file are to make sure that the eth names stays the same for each reboot
<Bilge> If I run grep '^[^#]' on it
<Bilge> i.e. filter all lines starting with #
<Bilge> I get nothing
<xranby> # Entries are automatically added by the 75-persistent-net-generator.rules
<Bilge> That file does not exist
<Bilge> Mine says it is generated by /lib/udev/write_net_rules
<xranby> Bilge: which ubuntu-server release are you running?
<Bilge> The latest LTS
<Bilge> 10.04.3 LTS
<xranby> Bilge: if ifconfig indicate that your network card gets names something else then eth0 then
<xranby> try add a similar line manually
<Bilge> ifconfig doesn't seem to make any reference to ethN
<Bilge> Actually yeah it does
<Bilge> I have eth0, eth0:0, eth0:1 and eth0:2
<Bilge> For my additional IPs
<Bilge> They all have the same HWaddr
<Bilge> They're all set up manually in /etc/network/interfaces
<xranby> if they are setup manually then why use dhcp?
<Bilge> Because running that was the only way I could get it to work
<Bilge> Maybe DHCP is picking up something other than what is configured in that file?
<Bilge> It specifies "network", "broadcast" and "gateway" in there
<Bilge> Maybe they changed without notice?
<xranby> dhcp sets default gateway in the routing tables as well
<xranby> oh right .. you had gateway in there..
<xranby> if you run route
<xranby> you should be able to see a default gw
<xranby> if you can ping 8.8.8.8  (google dns)
<xranby> then you might be simply missing a valid dns config
<xranby> your dns server perhaps have switched ip?
<xranby> Bilge: look inside /etc/resolv.conf
<xranby> and check that the nameserver listed here still work
<xranby> to summarize 1. check that the network card got the right eth number 2. check that it have been assigned an ip using ifconfig 3. check the routing table using route 4. check the dns nameserver in /etc/resolv.conf
<xranby> if all those pass then you should have network acess
<Bilge> Going to be about 15 mins to reboot the kVKM since while trying to get it to print a # character it decided to reboot itself :/
<xranby> all these steps gets set automatically when you run dhclient
<Bilge> ifconfig looks normal
<Bilge> Is there a way to tell if a nameserver is behaving properly?
<Bilge> Like an acid test?
<Bilge> Also how do I use `route`?
<xranby> if ping google.com   pings google then the nameserver test pass
<xranby> you can also use the cooand dig
<xranby> command dig
<xranby> dig google.com
<xranby> will list where it obtained the knowlege about googles ip
<RoyK> dig soa your.tld
<RoyK> dig a
<RoyK> etc
<xranby> you can use dig to test a specific nameserver   dig @nameserver google.com
<xranby> RoyK: simply type route
<xranby> will list active routes
<RoyK> dig soa @hole.somewhere.tld spade.somewhereelse.tld
<RoyK> xranby: ?
<xranby> RoyK: example if your router acts as a nameserver
<xranby> dig @192.168.1.1  google.com
<xranby> then dig will ask the nameserver at 192.168.1.1 where the ip are for google.com
<RoyK> xranby: I know those tools quite well, thanks ;)
<xranby> (21.31.07) Bilge: Is there a way to tell if a nameserver is behaving properly?
<xranby> ok
<RoyK> xranby: RoyK != Bilge
<Bilge> :3
<xranby> .. ah
<xranby> my fault
<pmatulis> Bilge: and that smiley means what exactly?
<Bilge> Kitty
<kirkland> lifeless: have a second to help smoser with a squid question?
<RoyK> what about the squid?
<lifeless> course
<smoser> not a big deal...
<smoser> twice in a row i do: http_proxy=http://nelson:3128/ wget http://smoser.brickies.net/scratch/cirros-0.3.0-i386-disk.vhd
<smoser> both times i see:
<smoser> 1319657440.372  14495 192.168.1.101 TCP_MISS/200 27272579 GET http://smoser.brickies.net/scratch/cirros-0.3.0-i386-disk.vhd - DIRECT/69.163.204.191 text/plain
<smoser> squid.conf at http://paste.ubuntu.com/719984/
<smoser> image is 27272192 (~26M)
<RoyK> smoser: isn't there a max cachable object size default somewhere?
<lifeless> smoser: don't you mean 27272579 ? :)
<lifeless> and yes, your object size cap needs raising
<smoser> i suspected that bug didn't see it explicitly anywhere.
<RoyK> #Default:
<RoyK> # maximum_object_size 4096 KB
<smoser> oh goodness. thats too small. :)
<lifeless> smoser: if you're doing live boots off that you may want to raise maximum_object_size_in_memory too
<maxtmahem> Question: Best practice to put my changes to suoders in a new file in sudoers.d?
<smoser> maxtmahem, yes.
<lifeless> maxtmahem: I wouldn't, because its not sanity checked and you can wedge your system
<lifeless> maxtmahem: I always use visudo
<smoser> lifeless, what is the default value for maximum_object_size ?
<RoyK> smoser: see my comment above
<lifeless> 4M still (though I haven't pulled trunk in a while :P)
<smoser> RoyK, yeah, i saw that, but:
<smoser> my /usr/share/doc/squid/examples/squid.conf says:
<smoser> #Default:
<smoser> # maximum_object_size 20480 KB
<maxtmahem> lifeless: I use visudo -f newfile name, should do it's sanity checking for then right?
<lifeless> maxtmahem: hmm, I'm not sure tbh :)
<smoser> either way, kirkland it would seem to me that if the primary purpose is a deb cache, then you want to bump that a bit in the orchestra config.
<RoyK> smoser: my /etc/squid/squid.conf says 4M
<lifeless> smoser: also - http://redbot.org/?uri=http%3A%2F%2Fsmoser.brickies.net%2Fscratch%2Fcirros-0.3.0-i386-disk.vhd
<RoyK> smoser: anyway - just change it...
<RoyK> lifeless: now that'll be a tough job to cache....
<smoser> lifeless, RoyK htank you.
<kirkland> smoser: yeah, no doubt!
<smoser> i tihnk it must be 20M in the ubuntu build , unless the doc there is wrong.
<lifeless> smoser: 4M
<lifeless> http://bazaar.launchpad.net/~squid/squid/3-trunk/view/head:/src/cf.data.pre#L2897
<Bilge> My nameserver is set to 10.0.2.3 heh
<smoser> but still, 20m wont cache your kernel.
<Bilge> dig fails
<smoser> lifeless, would it not be possible that that is changed in ubuntu build ?
<lifeless> its possible, but I'd hope that the ubuntu/debian maintainer would at least post such a patch upstream
 * RoyK spent a couple of hours yesterday trying to describe to this programmer that his HTTP headers said 'don't cache this', and no, I can't force squid to cache that when the server says no - fscking .net noobs...
<lifeless> and I don't recall discussion about such a patch
<lifeless> RoyK: well, you can force squid to do it, may not be a good idea.
<RoyK> lifeless: heh - how can I do that?
<maxtmahem> lifeless: Well at least I didn't break it doing like that.
<RoyK> I know it's stupid, but it might shut them off if I tell them squid is working, but their site is bogus....
<hallyn> smoser, why for you want to use vpc!
<lifeless> smoser: also you probably want to set a cache ttl on the resource, because its changed recently the default ttl will be fairly short
<smoser> hallyn, vpc is what all the cool kids are using.
<smoser> kvm is so old.
<lifeless> RoyK: refresh_pattern is the primary method to override stuff
<lifeless> RoyK: you may need a custom build because http-rule-breaking-options are off by default
 * hallyn scratches his head
<hallyn> time to retire
<RoyK> lifeless: thanks
<smoser> hallyn i was playing with something from cloudstack and they want a vhd format in.
<kirkland> smoser: i'm making that change now to orchestra
<kirkland> smoser: i wonder what it should be ...
<lifeless> kirkland: what what should be ?
<kirkland> lifeless: the default maximum_object_size in Orchestra's squid
<smoser> lifeless, for a squid proxy who's primay pourpose is to serve debs
<lifeless> do you do net booting ?
<kirkland> lifeless: yes
<smoser> that pastebin i sent is what kirkland has now in orchestra
<lifeless> whats the largest asset you'll be getting - across all of deb/kernel/initramfs
<kirkland> lifeless: hmm, ISOs maybe?
<kirkland> lifeless: i was thinking 200MB or even 1GB
<lifeless> kirkland: if folk are getting those as part of the bootstrap of a cluster, caching would be good ;)
<lifeless> kirkland: so, I suggest you do this:
<kirkland> lifeless: really, it's mostly just deb's
<kirkland> lifeless: so i'd need to find the largest debs we install
<kirkland> lifeless: at least the kernel, for sure
<smoser> openoffice has to win that.
<smoser> had i not rm -Rf'd my local archive recently i could tell you
<lifeless> kirkland: not caching packages/releases/ etc will quite negatively impact your bootstrap performance
<kirkland> i'm going to set it to 750MB, which should cover standard ISOs
<lifeless> kirkland: you should instead purge them when you want to force a change
<kirkland> lifeless: of course
<lifeless> anyhow, to cache big objects do this:
<lifeless> cache_dir aufs /var/spool/squid 40000 16 256
<lifeless> bah
<Bilge> xranby: dig doesn't seem to work no matter what is specified as the name server
<lifeless> cache_dir aufs /var/spool/squid-small 40000 16 256 max-size=40M
<lifeless> cache_dir aufs /var/spool/squid-big 40000 16 256
<lifeless> this will put anything smaller than 40M in the first cache dir until its full, and then overflow into the second
<xranby> Bilge: was the routing table correct?
<lifeless> big things will only go into the second
<kirkland> lifeless: interesting
<lifeless> this stops big things evicting a tonne of old-but-valid debs :)
<kirkland> lifeless: i like it
<lifeless> (they can evict them from the second dir of course)
<lifeless> or you can switch to a different repl algorithm like dual-frequency-size, but two dirs is easier to understand :)
<Bilge> xranby: I don't know
<Bilge> I don't know how to read the output I'm getting
<kirkland> lifeless: can you proof read http://paste.ubuntu.com/720010/
<kirkland> lifeless: just the last 3 lines i changed per this discussion
<lifeless> yeah, that should do
<lifeless> try it :)
<kirkland> lifeless: k ...
<lifeless> I suggest adding a couple of comments
<smoser> kirkland, did you double the size of your cache though?
<smoser> potentially
<lifeless> like 'netbooting isos is better if they get cached' and 'reserve small object space so big objects can't use it all up'
<smoser> lifeless, comments are for weenies
<smoser> :)
<lifeless> smoser: I'm a weeny!
<smoser> oh, and btw, thank you very much for your help.
<kirkland> lifeless: yeah, thanks
<lifeless> anytime
<allegrem_> Hi ! I've a little problem with Samba between a Kubuntu (as a server) and a Windows XP (as a client). My workgroup 'Samba' is shown in the workgroups list on Windows, but when I click on it, an error occurs "Nom du rÃ©seau introuvable" ( ~~ network name not found). Any idea ?
<Bilge> xranby: dhclient changes the routes
<kirkland> lifeless: hmm, not quite there yet, looks like i need to manually create some directories, 2011/10/26 15:04:19| /var/spool/squid/small/00: (2) No such file or directory
<lifeless> kirkland: squid -z of course ;)
<kirkland> lifeless: tried that, not working
<lifeless> kirkland: orly ? pastebin
<lifeless> (you ran it as squid right ?)
<kirkland> lifeless: ah, EACCES          13      /* Permission denied */
<lifeless> :P
<kirkland> lifeless: 'proxy'
<lifeless> 'meh' @ overloaded names
<kirkland> lifeless: bingo
<kirkland> lifeless: smoser: working like a champ
<lifeless> sudo squid -z should have worked too, I think.
<kirkland> lifeless: well, i created those directories, but they were owned by root:root;  changed that to proxy:proxy and squid -z worked fine
<lifeless> kirkland: ok, so you foot-gunned :P
<lifeless> kirkland: never make swap dirs by hand
<kirkland> i'll get the install bits cleaned up in in orchestra and we're good to go
<kirkland> lifeless: :-)
<kirkland> lifeless: sure thing, mate
<smoser> i did the same here.
<RoyK> anyone that knows if it's possible to use squid for both a front and reverse proxy? I have a reverse proxy at work, but since it's mostly idle, it'll be nice to use it as a proxy for the internal clients as well
<smoser> and now i'm getting 403 forbiddenon anythihg through it.
<lifeless> RoyK: yes, setup two listening ports
<lifeless> smoser: thats going to be unrelated
<Bilge> xranby: is it possible to specify the IP for eth0 but still pick up the other setting such as gateway, network and broadcast via dhcp instead?
<lifeless> smoser: if a cache dir can't take an object, the request doesn't barf, it just doesn't cache
<RoyK> lifeless: you mean two squid instances, or just two ports?
<allegrem_> Any idea about Samba ?
<lifeless> RoyK: there are some global things we should make non-global, but its mostly ok
<lifeless> RoyK: http_port 80 accel\nhttp_port 8080
<RoyK> lifeless: thanks
<lifeless> RoyK: you can use myport in acls to differentiate the two
<RoyK> lifeless: but then, using it on port 80 for both uses won't be very easy?
<lifeless> RoyK: not one port, two ports - 80 for your reverse proxy, 8080 for your forward proxy
<RoyK> ok
<lifeless> yes, it requires a little care
<lifeless> I'm not endorsing it :) just answering your question :)
<RoyK> :)
<lifeless> you also need to make sure your cache_peers are properly acled
<lifeless> so that forward requests don't get sent to them
 * RoyK tried to setup the reverse proxy as a VM on hyper-v and hyper-v just cut off the network from it in minutes... hyper-v sucks rather badly at running linux guests :P
<lifeless> oh, and make sure you explicitly prevent the accel port from making direct requests - it must always use a cache peer
<lifeless> otherwise you turn your cache into an open relay
<RoyK> I guess I'll use a separate box, then - makes life easier ....
<lifeless> its harder to mess up:)
<RoyK> yeah
<allegrem_> Hi ! I've a little problem with Samba between a Kubuntu (as a server) and a Windows XP (as a client). My workgroup 'Samba' is shown in the workgroups list on Windows, but when I click on it, an error occurs "Nom du rÃ©seau introuvable" ( ~~ network name not found). Any idea ?
<RoyK> !samba
<ubottu> Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/10.04/serverguide/C/windows-networking.html - Samba can be administered via the web with SWAT.
<allegrem_> ubottu: are you a real bot ?
<ubottu> allegrem_: I am only a bot, please don't think I'm intelligent :)
<allegrem_> awesome !
<RoyK> is there a way to natively share a filesystem with kvm vm?
<adam_g> nfs?
<RoyK> not a unix vm, windows, and preferably without samba
<allegrem_> has anyone ever met the "Can't become connected user!" error with samba ??
<RoyK> trying to work my way around the limitations of backblaze backup
<RoyK> allegrem_: it's probably just a configuration issue.....
<RoyK> allegrem_: so you need to be a bit more specific before someone can help you...
<allegrem_> I think windows is trying to log as guest, but he can't. How could I force him to ask login and passwd ?
<RoyK> in win7?
<allegrem_> I forgot to say that there is an line in my samba logs saying "Can't become connected user!"
<allegrem_> windows xp
<RoyK> it should ask for a username and password
<RoyK> default setup requires you to create an smb user IIRC
<RoyK> man smbpasswd
<allegrem_> I already created two test users (isabelle, carole) on the kubuntu PC, and I run smbpasswd for each of them
<SpamapS> kirkland: pong, sup?
<SpamapS> kirkland: (sorry, sprinting, haven't been watching IRC)
<allegrem_> but the user on the windows xp is "simone". Is it important ?
<RoyK> check the samba logs
<allegrem_> it says "Can't become connected user!"
<RoyK> allegrem_: if you're just on a home network, you might not need authentication
<RoyK> if so, set security = share in smb.conf
<allegrem_> i'm just testing a samba install on my home network, but the goal is to deploy it at my mother's office
<allegrem_> so I do need security = users :p
<RoyK> or user
<RoyK> allegrem_: unless they have a windows server with AD or something, which makes the picture look rather different
<allegrem_> no they haven't
<allegrem_> there are just 3 users to set up, I can do it manually
<RoyK> ok
<RoyK> then security = user should do well
<RoyK> make sure all those users have unix accounts, though
<RoyK> useradd -m thisuser .....
<allegrem_> I'm testing with only two users
<allegrem_> (isabelle, carole)
<allegrem_> I created unix account, set up smbpasswd
<RoyK> try creating user simone
<RoyK> see if that works any better
<RoyK> since that's apparently the user logged into the windoze machine
<maxtmahem> if you have AD you can try out likewise open to add the machine to the domain real easy.
<allegrem_> it still doesn't work :( I'm trying to reboot the windows pc
<tjaalton> kirkland: hey, ideas why 'adduser --encrypt-home foo' leaves the home dir with 500 perms on oneiric?
<kirkland> tjaalton: those perms are correct, when $HOME is not mounted
<kirkland> tjaalton: upon being mounted, they'll be 700
<tjaalton> kirkland: ok, well at least the preseeded installation leaves the ecryptfs setup somehow broken
<kirkland> tjaalton: the 500 is to keep users from inadvertently writing data in clear text into their $HOME when it's unmounted
<kirkland> tjaalton: ie, "leaking" clear text data to disk
<kirkland> tjaalton: hmm, interesting
<kirkland> tjaalton: oh, hmm, i have an idea
<kirkland> tjaalton: so you used literally 'adduser --encrypt-home foo' in the late-command or something?
<kirkland> tjaalton: or did you preseed the user to encrypt-their-home in d-i?
<tjaalton> kirkland: no I preseeded "d-i user-setup/encrypt-home boolean true" like on the doc, wondered why the mount fails and started digging further
<kirkland> tjaalton: interesting
<kirkland> tjaalton: okay, do you have a $HOME/.ecryptfs/wrapped-passphrase file?
<kirkland> tjaalton: can you ls -alF $HOME/.ecryptfs/
<tjaalton> kirkland: nope, don't have that
<kirkland> tjaalton: and pastebin that for me?
<kirkland> tjaalton: ah, that's the problem
<kirkland> tjaalton: hmm, i wonder what went wrong there
<tjaalton> I'll pastebin the snippet from the installation syslog
<tjaalton> http://pastebin.com/LBBLbfnb
<tjaalton> see the error from stty
<kirkland> tjaalton: how odd;  this is 11.10?
<tjaalton> kirkland: yep
<tjaalton> maybe I'll do another run with full debconf debug
<kirkland> tjaalton: and you did preseed your password in as well?
<tjaalton> kirkland: yes. I can login from the vt's just fine
<kirkland> tjaalton: you've already rebooted after the installation, of course?
<tjaalton> kirkland: yep
<kirkland> tjaalton: okay, well, if you don't have that wrapped-passphrase file, you'll never be able to get to your new home/skeleton data in this installation
<kirkland> tjaalton: so you'll need to kill this user, add another one, etc. if you want to manually salvage this installation
<kirkland> tjaalton: i'm trying to track down the bug right now though
<kirkland> tjaalton: can you pastebin ls -alF $HOME/.ecryptfs/ ?
<tjaalton> kirkland: nah it's a throwaway installation, testing stuff to install OOTB all the way
<kirkland> tjaalton: okay
<tjaalton> kirkland: http://paste.ubuntu.com/720118
<kirkland> tjaalton: hmm, yeah, dang, everything else is there except for wrapped-passphrase
<tjaalton> kirkland: ok, so I'll reinstall it with DEBCONF_DEBUG=developer
<kirkland> tjaalton: thank you!
<TheEvilPhoenix> anyone got a spare maverick server they can confirm a bug with?
<kirkland> tjaalton: one more question
<kirkland> tjaalton: have you wiped this install yet?
<tjaalton> btw, rsyslog.d/99-orchestra.conf pushes the installation logging to the server /var/log/syslog as well.. don't think that's intended
<tjaalton> kirkland: partitioning..
<kirkland> tjaalton: :-)
<tjaalton> it takes 10min to install :)
<kirkland> tjaalton: re: rsyslog ... can you find a way to separate out the installation syslogging?
<tjaalton> hmm, could have dropped the desktop task
<kirkland> tjaalton: i couldn't in time to fix it for 11.10
<kirkland> tjaalton: the installation rsyslogging must happen over udp
<TheEvilPhoenix> can anyone confirm this in maverick?  https://bugs.launchpad.net/ubuntu/+source/php5/+bug/882291
<tjaalton> kirkland: haven't looked at that too much, just noticed it by accident :)
<uvirtbot> Launchpad bug 882291 in php5 "Maverick: php5-gd does not place gd.ini in correct location" [Undecided,New]
<kirkland> tjaalton: yeah
<TheEvilPhoenix> i've confirmed it *fixed* in natty and later
<kirkland> tjaalton: could you get a shell on that box during installation, at the very end, before reboot?
<tjaalton> kirkland: it doesn't stop :/
<kirkland> tjaalton: heh :-)
<kirkland> tjaalton: can you get on it now?
<tjaalton> i should comment out the line that does that
<tjaalton> yes it's configuring packages
<kirkland> tjaalton: has the user been created yet?
<tjaalton> but the crypt setup is in the final phase
<kirkland> yeah
<tjaalton> nope
<kirkland> dang
<tjaalton> I'll just reboot and do that
<tjaalton> there, installing without ubuntu-desktop this time
<uvirtbot> New bug: #882291 in php5 (main) "Maverick: php5-gd does not place gd.ini in correct location" [Undecided,New] https://launchpad.net/bugs/882291
<SpamapS> TheEvilPhoenix: marked as fix released, opened a maverick task
<kirkland> tjaalton: okay, i think i have a fix
<tjaalton> kirkland: cool :)
<Daviey> hallyn: the lxc bug, i targetted it because it seemed to be a case of checking and applying the patch.
<SpamapS> TheEvilPhoenix: unlikely it will get fixed in Maverick ... but if it affects lucid.. maybe
<Daviey> hallyn: seems it is now more complicated.
<kirkland> tjaalton: http://paste.ubuntu.com/720131/
<Daviey> hallyn: It would be quite good if we could SRU a fix for Oneiric.
<TheEvilPhoenix> SpamapS:  :)
<kirkland> tjaalton: i think what's happening is that we're landing in the then rather than the else part of that if block
<tjaalton> kirkland: ha, I'll hot patch it in
<kirkland> tjaalton: that would be cool, if you can jam that into the ecryptfs-setup-private in an install and confirm it, i'll commit/upload/release
<TheEvilPhoenix> SpamapS:  i dont have Lucid around atm
<TheEvilPhoenix> got any lucid servers you can test on?
<TheEvilPhoenix> :/
<hallyn> Daviey, uh, i think you caught me weirdly between switching clients from laptop to phone.  I only got the bits that got fwded to my gchat (i.e. 'hallyn:')
<hallyn> Daviey, his template still doesn't give me a container that i can actually start up
<hallyn> so i'm not in a hurry
<kirkland> hallyn: you can forward irc to gchat?
 * kirkland is intrigued
<hallyn> heh, i blogged the script awhile ago
<kirkland> wowsers
<Daviey> hallyn: I started all 3 lines with hallyn:
<tjaalton> kirkland: damn, too slow :)
<hallyn> kirkland, http://s3hh.wordpress.com/2011/04/29/irc-pms-to-google-chat/
<kirkland> tjaalton: quick, ls -alF /dev/shm /target/dev/shm
<hallyn> Daviey, ok then i got them all :)
<allegrem_> ok I finally managed to configure Samba !! Is anyone interested in the solution or can I go to bed ?
<kirkland> neat
<tjaalton> kirkland: empty already
<hallyn> Daviey, you see creating fedora containers as a high importance thing in oneiric?
<kirkland> tjaalton: rebooted?
<hallyn> i mean, i'm happy to spend some time on making it work, but it seems hard to justify
<hallyn> justify the time vs. other obligations, that is
<Daviey> hallyn: Something that should work, it would be good if Ubuntu was a good host for everything :)
<hallyn> yes it would
<tjaalton> kirkland: no, it did the ecryptfs-setup dance already, before I managed to save the file
<kirkland> tjaalton: okay, and /target/$HOME/.ecryptfs/* ?
<kirkland> tjaalton: did wrapped-passphrase make it in there this time
<hallyn> Daviey, there's also an untested prolly broken suse template :)
<tjaalton> kirkland: same as before
<kirkland> tjaalton: okay, mind doing one more install and hotpatching that bit in?
<tjaalton> I'll hack in a hook to stop the installation before finish-install.d/06user-setup
<tjaalton> that should do it
<kirkland> tjaalton: cool
<Daviey> kirkland: fwiw, forwarding irc messages to your phone is a dangerous game.
<kirkland> tjaalton: thanks for your help
<RoyK> damn - setup a winxp VM under KVM on this box just to have a windoze machine available if needed - so far, it's used >3 hours for updating....
<Daviey> kirkland: 3:00am messages without context saying "<smoser> Daviey: It's in a REALLY bad way" .. close to release.. makes you pay attention, even if in bed.
<kirkland> Daviey: LoL
<kirkland> Daviey: good point
<Daviey> I need to backlist smoser for this reason
<RoyK> snf I'm on a 60Mbps link - windows sucks so hard I don't beleive it.....
<kirkland> tjaalton: any luck?
<tjaalton> kirkland: no :/
<tjaalton> I'll check the log
<kirkland> tjaalton: okay, hang on ... don't reboot that installation
<kirkland> tjaalton: okay, i gotta run
<kirkland> tjaalton: please file a bug on this
<Daviey> jamespage: tomorrow, would you be able to sniff bug 881504 please?
<uvirtbot> Launchpad bug 881504 in tomcat6 "java.util.MissingResourceException thrown in default setup" [Medium,New] https://launchpad.net/bugs/881504
<tjaalton> kirkland: sure thing
<kirkland> tjaalton: attach an install's /var/log/syslog, ideally with debconf debugging on
<kirkland> tjaalton: also maybe set -x in the ecryptfs-setup-private
<kirkland> tjaalton: and grab that in the log too
<kirkland> tjaalton: something is going on around the creation of that wrapped-passphrase
<kirkland> tjaalton: we have a bad conditional around that, somewhere
<kirkland> tjaalton: i think the stty error is just noise
<kirkland> tjaalton: as that script is not set -e
<tjaalton> kirkland: yeah, I'll do another installation and attach the logs, thanks
<kirkland> tjaalton: cheers mate
#ubuntu-server 2011-10-27
<TheEvilPhoenix> in /etc/hosts, if I want to define 6 sites to point to 127.0.0.1, can i define the hostnames to bind to that address all on one line rather than have multiple lines containing 127.0.0.1   <host>   ?
<lynxman> TheEvilPhoenix: yeah, just write one hostname after the other separated by a space, should be good
<iggi_> Hello, does anyone know how I can find out what is spawning a perl process? is there logs somewhere?
<xranby> iggi_: try pstree
<xranby> it can give you an indication on which process started the perl process
<qman__> ps ax can give you the command used to invoke it
<uvirtbot> New bug: #882344 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/882344
<iggi_> xranby, It only runs for a split second though
<iggi_> same thing qman__, it runs for 1-2 seconds, enough to show up on top then dissapears
<iggi_> the problem is I run a voice chat server on it, so it runs just enough to cause fragmentation
<xranby> iggi_: try raise the priority on your voice chat program
<xranby> iggi_: renice -n -1 -p chatserverprocessidhere
<iggi_> xranby, It's already at -19
<iggi_> still happens
<Emiliano008> ##opensource-es
<panfist> if there is a network share in my fstab file that's unavailable when my server reboots, the server never finishes booting
<panfist> mountall fails and it just stops the boot sequence
<panfist> is it possible to get it to just skip mounting those drives and move on?
<twb> add noauto to the fstab?
<twb> This must have gotten worse in the latest release, because while *I* encountered in under lucid, nobody else complained until this week
<panfist> this is on lucid hah
<twb> There's also some bullshit undocumented additional option like "bootwait" but it wasn't working for me
<twb> RTFS mountall I think it's mentioned in a C comment
<panfist> noauto would certainly work, but ideally i'd like it to try to mount, but not blow up if its unavailable
<twb> Good luck with that
<uvirtbot> New bug: #882390 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/882390
<air_> howdy.
<air_> my ubuntu 11.10 is spamming the syslog with 'ntop[1238]:   **WARNING** packet truncated'
<air_> It seems it doesn't matter, but anyone have an idea on how to disable the logging?
<air_> it's logging when I stream a movie over NFS.
<twb> air_: stop ntop, then?
<air_> twb: oh. it's too early for me. why didn't I look into that right away.
<air_> twb: thanks, I'll see if it's needed or if I can just shut it down.
<twb> It's not needed
<twb> It's a diagnostic tool
<twb> Probably someone started it and forgot to stop it
<greppy> twb: it can also be a network monitor
<_ruben> ntop usualy is meant to be running 24/7 .. collecting data over time and all that .. whether or not it is needed is up to the admin of the box ;)
<twb> _ruben: oh, OK
<twb> I assumed you only used it when there was a problem
<twb> Like top
<twb> For long-term stats I would be using something rrd-flavoured like collectd, but whatever
<_ruben> ntop is rrd-flavoured
<twb> ooooh
<twb> I must be thinking of something entirely different then
<twb> Probably iftop
<_ruben> ;)
<twb> Yeah, ntop isn't even ncurses based
<_ruben> its web indeed
<twb> web is for little girls
<_ruben> and managers
<twb> Same thing
<twb> They are always coming around to my desk asking me to deploy invisible pink ponies
<_ruben> hehe :)
<twb> Just this very hour, they asked for wordpress
<twb> And I said "no, you can keep using m4 and make.  httpd is not going to be running an embedded interpreter"
<Takyoji> invisible pink unicorn. :P
<twb> Takyoji: it was a melange of that an "I want a pony"
<Takyoji> ahh
<Takyoji> No fire-breathing pony? http://www.youtube.com/watch?v=lqhL-_86LOQ&t=3m32s :P
<twb> NFI, I don't do idiot box
<RudyValencia> How do I setup a local cache to install from (using a PXE server)?
<RudyValencia> er, a local apt cache
<twb> debmirror or apt-mirror
<RudyValencia> but then I have to download a whole repository
<twb> But installs only load the bootloader, kernel and ramdisk via PXE.  The rest comes from HTTP or similar.
<twb> RudyValencia: no, debmirror at least allows you to mirror subsets of the repo
<RudyValencia> Oh? I can just mirror enough of it to install the base client system over the network?
<twb> Should be possible
<twb> debmirror --method rsync --host mirror.internode.on.net --arch amd64 --nosource --diff=none --host ftp.debian-ports.org --root debian --section main --dist unstable,unreleased --limit-priority='required|important|standard' --include=insserv /srv/apt/debian-ports
<twb> That only downloads 220MB, for example
<RudyValencia> but then I have to set up my HTTP server to serve those packages mirrored, don't I?
<twb> Yes, but that's trivial
<RudyValencia> There was one I used to use called "approx"
<twb> apt-get install busybox-static; busybox httpd -p 8080 -d /srv/apt
<twb> approx and other "caching" proxies are flaky crap
<twb> I have had nothing but pain from them
<RudyValencia> but deb-mirror doesn't update the files with new versions, it's only a snapshot of the version in time
<twb> I cannot comment on apt-cacher-ng -- I haven't tried that one
<twb> RudyValencia: uh, just run debmirror again each morning
<RudyValencia> I could probably set up a vhost on my server pointing to the install CD
<twb> If you've already got a CD then don't bother with any of that
<twb> Just export the CD
<RudyValencia> (then all the client needs is an update)
<RudyValencia> Oh, cp /path/to/cd/* /path/to/vhost/ubuntu ?
<RudyValencia> well, cp -a actually
<twb> More like mount /dev/sr0 /mnt/delete-me && busybox httpd -d /mnt/delete-me -p 8080
<twb> Don't see why you'd bother copying stuff
<RudyValencia> I don't want to always keep the CD in the drive because the server would boot off it and that would delay reboots
<RudyValencia> and I already have an HTTP server set up
<twb> Well, whatever
<RudyValencia> (this is my personal fileserver/test Web services server
<twb> It'll be a subdir of the CD tho, something like pool/
<twb> Although last time I looked some of the newer CDs did silly things to save space, so you might not be able to do that anymore, they might not HAVE any .debs in their pool except for a couple of drivers
<twb> server CD is probably still OK, assuming you're doing minimal installs
<RudyValencia> I'm using the LTS version
<RudyValencia> and I am doing desktop installations
<twb> NFI, then
<twb> Desktop installs will need like 400MB of debs
<RudyValencia> hm, is there a way to download that entire set of files
<twb> Assuming you can afford the one-off up-front download, and the ongoing disk space consumption, debmirror is definitely the easiest way to do it IMO
<RudyValencia> I would rather store the files than have to redownload them on every install
<twb> RudyValencia: well, there will be jigdo files somewhere that list what .deb and .udeb files are on the "alternate" CD
<RudyValencia> (only downloading a "delta" to the latest versions)
<twb> You can't have that "delta" business
<RudyValencia> oh
<twb> apt archives aren't set up that way
<RudyValencia> darn
<RudyValencia> hm
<RudyValencia> hm, I'll read up on apt-cacher-ng
<twb> IIRC there is a script that you're supposed to use if you're an ISP and you want to be a direct mirror of cdimage.debian.org, and that might do deltas, but it's not actually maintained as a package in debian, so I've never looked
<RudyValencia> apt-cacher-ng might be a better, more serviceable replacement for approx
<twb> Basically you'd need a smart client that can parse Packages and mv files then talk rsync to the upstream archive to --in-place get them
<twb> Allegedly -ng is better than the other cachers, but just doing a partial mirror is more reliable
<RudyValencia> well, I was thinking of just using the server for the initial install, then dropping a sources.list that connects to an outside APT repository after first boot
<twb> Sure
<RudyValencia> (preferably mirror.anl.gov in the US here as it has the best bandwidth
<RudyValencia> That's what I meant by "delta"
<twb> What I usually do is set up http://apt for the install and leave it as the default mirror, and use a mirror:// entry as a fallback in case the host moves offsite
<twb> It'll noisily, but automatically, fail over to the mirror
<RudyValencia> I keep copies of the ISO on hand
<jamespage> Daviey: looking now
<lynxman> morning o/
<jamespage> morning lynxman
<jamespage> how are you on this fine day?
<lynxman> jamespage: top of the morning ;)
<lynxman> jamespage: enjoying the sunny day, hehe :) you?
<jamespage> lol
<jamespage> I *need* to be in Orlando
<lynxman> jamespage: I reckon it'll be rainy next week :/ although I don't think it's the same kind of rainy
<jamespage> bah
<jamespage> I can do warm rainy
<jamespage> its cold rainy that I don't like
<lynxman> jamespage: I'm okay with cold rainy, windy sideways rainy is a bit annoying though
<jamespage> lynxman: have you tried out mcollective with the activemq packaging that landed last release?
<lynxman> jamespage: I'm on that today
<jamespage> lynxman: good - I'm just looking at the FTBFS on the latest debian version
<lynxman> jamespage: :)
<jamespage> A new version also landed in Debian unstable in the last couple of days
<lynxman> jamespage: interesting :)
<jamespage> lynxman: any use for you - http://packages.debian.org/changelogs/pool/main/a/activemq/current/changelog ?
<lynxman> jamespage: the -4 is acually a good one
<lynxman> jamespage: need to do some heavy testing today though :)
<jamespage> Daviey: that tomcat bug relates to a feature that is not in the version in Lucid
<Aison> quite bad :( after upgrading to oneiric my whole email system is down
<Aison> somehow fetchmail is working, but I don't know if it's a problem of postfix
<Aison> it looks like the mails go to /var/spool/mail
<Aison> but then not to the user maildir
<jamespage> Aison: could you provide a few more details about your email system?
<jamespage> someone might have a similar setup and may be able to help
<Aison> ok, I have got postfix installed with maildir in home Maildir/
<Aison> fetchmail fetches the mails and deliver them to postfix
<Aison> now the problem is, that new mails suddenly go to /var/spool/mail  and /var/mail  instead to /home/[user]/Maildir
<Aison> postconf shows that the config is right: home_mailbox = Maildir/
<afuentes> hi, im thinking about removing consolekit in all my servers... Can this do any damage? i noticed it tries to remove dbus as well. Is not used at all by the server?
<ersi> afuentes: I don't think that is a good idea. If I'm not mistaken, consolekit is used pretty much at a lot of levels you quite possibly don't want to redesign
<afuentes> ersi can you give me an example?
<afuentes> i read this "In short, the goal of ConsoleKit is to give elevated, but controlled, privileges to the person sitting at the physical computer."
<afuentes> i dont know what i want that for
<afuentes> i dont even admin these servers physically
<afuentes> they are virtual machines
<onre> i don't have it installed on my virtual servers.
<ersi> afuentes: Unfortunally not, I would of course do so if I could :)
<ersi> afuentes: Well, hm - does look like you don't need it then.. seems that onre does without it
<afuentes> onre do you have lot of servers?
<afuentes> and services?
<afuentes> just to know how probable is to break something without it
<afuentes> because it removes dbus as well
<lynxman> afuentes: I would not remove it, although if it really bothers you remove it and see if everything keeps working as you expect :)
<lynxman> afuentes: vamos, que pruebes y ya esta, hehe
<afuentes> well, it seems the process of console kit are always busy, and sometimes is mayor load i have on the servers
<afuentes> i goggle a little about it, and i was not able to draw a conclusion
<afuentes> but it does not seem to do anything very useful
<ersi> I'd suggest trying this in a test environment, so that you do not break any production services.
<ersi> Just a friendly cautionary tip
<afuentes> ersi i already did it on test enviroment, nothing seems broken so far, but its hard to tell when you have so many services
<lynxman> hmm maybe also just kill ConsoleKit and see if something breaks, if not you don't really need it
<afuentes> xD
<afuentes> maybe i should make an script that do that on every process and reboot the server when something die, just to clean up
<linocisco> where could I find ubuntu-server training videos for free rather than a few specific I found on youtube??
<soren> Daviey: Where is the packaging branch for openstack stuff for Oneiric?
<koolhead17> hi all
<Daviey> soren: for oneiric?  That has reverted to normal UDD, no?
<Daviey> soren: lp:~openstack-ubuntu-packagers/nova/ubuntu is for essex.
<Daviey> rbasak: How is cobbler looking?
<lynxman> Daviey: small question for you
<lynxman> Daviey: If I read this correctly
<lynxman> Daviey: ruby-stomp | libstomp-ruby1.8 (>= 1.1.5)
<lynxman> Daviey: means ruby-stomp OR libstomp-ruby1.8 right?
<lynxman> Daviey: if we sync from upstream (since we don't have ruby-stomp) this should be okay anyway right? Not enough reason for a merge I reckon
<Daviey> lynxman: If that is the only thing concerning you, i'd like to do a sync regardless to close the delta and then fix anything afterwards.
<lynxman> Daviey: talking about puppet here :)
<lynxman> Daviey: mcollective is next, that won't be that easy
<lynxman> Daviey: puppet 2.7.6 from sid
<Daviey> lynxman: kinda odd that ruby-stomp doesn't exist in Ubuntu, and libstomp-ruby1.8 is universe.
<lynxman> Daviey: a little bit innit
<jpds>  /sbin/init
<soren> Daviey: I don't know, that's why I'm asking :)
<Daviey> kill -9 0
<soren> 0?
<soren> What's pid 0?
<lynxman> soren: the pid that cannot be divided :)
<soren> lynxman: I'm not sure that helps :)
<lynxman> lol
 * patdk-lap wants pid -1
<soren> Daviey: Ok, so just to clarify: lp:ubuntu/oneiric-proposed/nova is where we apply changes we want to eventually land in -proposed (and -updates, of course). And we use LP merge props to get changes on there?
<soren> patdk-lap: Sorry, it's not for sale.
<Ursinha> good morning people
<Daviey> soren: Yes, that is the plan.. If you want to UDD it.. The other option is to just upload to -proposed and let the package importer do it's thang
<Daviey> soren: Ah
<Daviey> soren: This is where UDD ucks.
<Daviey> sucks.
<Daviey> soren: In this instance you want to base on -updates.. as there was a security update which overwrote a verification-failed nova sru, which is currently tip of -proposed.
 * koolhead11 cannot access anything today :(
<koolhead11> zul: hey
<soren> Daviey: That was actually why I wanted to know: So that I could reconcile those branches.
<lynxman> koolhead11: ello koolhead(11|17)
<koolhead11> lynxman: hey there.
<uvirtbot> New bug: #882507 in puppet (main) "Sync puppet 2.7.6-1 (main) from Debian sid (main)" [Undecided,New] https://launchpad.net/bugs/882507
<lynxman> oh oh, I know that bug
<koolhead17> hey Daviey
<Daviey> hey koolhead17
<Daviey> soren: Yeah, TBH, i think the easier way to do this is to just upload and let the package import do it's thang.
<Daviey> UDD fail.
<soren> This time it actually seems pretty easy.
<soren> I do remember these pains from earlier times, though.
<Daviey> :(
<soren> IIRC, there's a flag we can set in debian/source that makes it so that the patches aren't applied, which makes it quite a bit easier to deal with 3.0 (quilt) format packages.
<soren> Daviey: Yeah, debian/source/options: --skip-patches
<Daviey> soren: Yeah, i think that shoudl be system wide TBH
<soren> I'm not sure I agree, but meh.
<Daviey> Reviewing .pc's is awesome.
<soren> zul: Do you not use dch to add changelog entries?
<onre> afuentes, tens of both.
<afuentes> onre, whats both?
<koolhead17> Daviey: am reopening https://bugs.launchpad.net/ubuntu/oneiric/+source/keystone/+bug/878282
<uvirtbot> Launchpad bug 878282 in keystone "keystone database connection error" [Medium,Fix committed]
<onre> tens of servers running tens of services :p consolekit is related to access to physical keyboard + mouse, so you really do not need it on virtual servers.
<koolhead17> i have allready commented on the same. i don`t see it changed
<Daviey> koolhead17: ugh
<Daviey> koolhead17: Is this a fresh install?
<koolhead17> Daviey: i just installed keystone few minutes back . yes
<koolhead17> i even did an apt-get upgrade to see if something has changed/new added
<Daviey> koolhead17: can you apt-cache policy keystone ?
<koolhead17> Daviey: http://paste.ubuntu.com/720583/
<Daviey> koolhead17: you aren't installing the proposed package :)
<Daviey> koolhead17: https://wiki.ubuntu.com/Testing/EnableProposed
<koolhead17> Daviey: oops. k
<uvirtbot> New bug: #878282 in keystone "keystone database connection error" [Medium,Fix committed] https://launchpad.net/bugs/878282
<Daviey> koolhead17: I'd be kinda suprised if it didn't work, http://launchpadlibrarian.net/83391386/keystone_1.0~d4~20110909.1108-0ubuntu3_1.0~d4~20110909.1108-0ubuntu3.1.diff.gz
<znow> ive installed samba on my ubuntu server, but I cannot connect to it with a ftp program, ive set the samba.conf as shown in a tutorial, the ftp program says connection refused by server
<koolhead17> Daviey: i see same old conf file.
<Daviey> koolhead17: That is because you are not testing the -proposed package, but the package currently in the archive with the known isue
<zul> morning
<Daviey> koolhead17: the -proposed upload needs verification before it can be installed by everyone automagically.
<Daviey> znow: erm, samba isn't an ftp server
<koolhead17> Daviey: can you tell me what should i add in my apt-sources.list. to my horror am not able to open wiki.ubuntu.com. we have just moved to new floor with new VLAN and all stuff :(
<znow> Daviey: oh yeah lol.... mixed it up... okay, what do I need to install to get ftp access to my server?
<koolhead17> zul: good morning
<Daviey> koolhead17: can you see pastebin?"
<Daviey> koolhead17: http://pastebin.ubuntu.com/720589/
<Daviey> !ftp | znow
<ubottu> znow: FTP clients: Nautilus (Places -> Connect to server), gFTP, FileZilla (for !GNOME); Konqueror, Kasablanca, KFTPGrabber (for !KDE); FireFTP (for Firefox); ftp, lftp (for !cli) - See also !FTPd
<koolhead17> yes. :)
<Daviey> !ftpd | znow
<ubottu> znow: FTP servers: ftpd, proftpd, pure-ftpd, twoftpd, vsftpd, MuddleFTPd, wzdftpd - Graphical front-ends: PureAdmin, GProftpd (for GNOME), KcmPureftpd (for !KDE) - See also !FTP
<Daviey> ubottu: you suck.
<znow> Daviey: thank you
<Daviey> znow: https://help.ubuntu.com/11.10/serverguide/C/ftp-server.html
<zul> interesting vsftpd is not in that list
<Daviey> 12:36 < ubottu> znow: FTP servers: ftpd, proftpd, pure-ftpd, twoftpd, *vsftpd*, MuddleFTPd,
<lynxman> zul: morning :)
<zul> doh...need more caffine
<lynxman> zul: go get it ;)
<SpamapS> 'morning chaps
<koolhead17> morning SpamapS sir!! :)
<koolhead17> Daviey: am closing it again. :( it  was my mistake :D
<Daviey> koolhead17: don't change the status
<Daviey> hey SpamapS
<koolhead17> Daviey: ok. i left it to in progress. i will comment again and write that i checked it in proposed and it works. i hope that sloves it
<Daviey> koolhead17: great
<koolhead17> Daviey: as zul mentioned yesterday the admin port is changed to "35357" do you want me to file a bug for same and add patch for the same? Because i don`t see the same changed in proposed keystone package.
<Daviey> koolhead17: it's not changed yet :/
<Daviey> zul was kicking off a discussion with ~ubuntu-sru team to see if updating to final is ok.
 * koolhead17 rechecks it
<koolhead17> Daviey: http://paste.ubuntu.com/720613/  i have proposed package installed now. :D
<Daviey> koolhead17: great, now dodn't touch the damn status :)
<Daviey> don't*
<koolhead17> Daviey: sir!! got it :P
<Daviey> ivoks: Do you fancy taking the logwatch merge?
<kirkland> tjaalton: okay, i've triaged that bug, trying to figure out the best way to solve it
<tjaalton> kirkland: cool
<kirkland> tjaalton: thanks for the logs
<kirkland> tjaalton: i'll get you something you can test out shortly
<Daviey> SpamapS: looks like moin needs a merge?
<tjaalton> kirkland: great, thanks
<Daviey> smoser: Are you merging nagios-plugins?
<SpamapS> Daviey: yaaaay :-p
<zul> Daviey: so we have a problem
<zul> with keystone
<zul> the final release added a new python dependency passlib which is not in the archive
<lynxman> *soh*
<lynxman> s/doh/
<Daviey> zul: awesome
<zul> Daviey: so i dont know and dont think you can add new packages after the fact
<Daviey> zul: I'm not aware of any SRU's which have introduced new packages, but i'm not sure it's really any different.
<zul> me either but i dont think it has been done beore
<lynxman> zul: http://bit.ly/pa5ruL
<zul> lynxman: not really :)
<zul> Daviey: so i think we might be stuck
<kirkland> tjaalton: aha
<kirkland> tjaalton: your preseed has your encrypted password
<kirkland> tjaalton: not a cleartext one, right?
<kirkland> Oct 26 22:21:42 frontend: Adding [ID] -> [passwd/user-password-crypted]
<kirkland> tjaalton: this means that ecryptfs does not have access to your cleartext password to wrap your generated mount passphrase
<zul> Daviey: or we check to see how prevalent passlib and remove it
<Daviey> zul: I can't believe keystone didn't declare this.
<tjaalton> kirkland: yes
<kirkland> tjaalton: okay
<Daviey> zul: or, cherrypick part of passlib that is required?
 * Daviey knows nothing abut passlib
<tjaalton> kirkland: was wondering how the preseeding could even work :)
<kirkland> tjaalton: it's going to take a gnarly hack to work around this one :-)
<zul> Daviey: yeah im not entirely surprised either
<kirkland> tjaalton: i can explain it to you, if you're interested
<tjaalton> kirkland: hehe, give it a shot
<kirkland> tjaalton: okay, so in all cases, a mount passphrase is randomly generated
<Daviey> zul: ugh. it's not just one *.py.
<kirkland> tjaalton: in some cases, we know the user's cleartext chosen password
<zul> Daviey: yeah im looking at the git tree
<kirkland> tjaalton: in those nice cases, we immediately wrap the random mount passphrase with the user's chosen passphrase
<soren> Daviey, zul: There's nothing technical that would block adding a new package in -updates. It's all a matter of policy.
<kirkland> tjaalton: but in other cases, we don't know the random mount passphrase
<Daviey> soren: I thought that is what i said? no?
<kirkland> tjaalton: so what we do is write it to /dev/shm/.ecryptfs-XXXXXX
<zul> soren: right
<kirkland> tjaalton: and chown it to the user, permed 4000
<soren> Daviey: Was it? Maybe I missed that.
<kirkland> tjaalton: make that 400
<soren> Daviey: Sorry.
<kirkland> tjaalton: this is a temporary write of a cleartext passphrase
<Daviey> soren: The fact that the SRU policy is currently poorly documented is the issue :)
<kirkland> tjaalton: done to memory, so that it doesn't leak to disk
<kirkland> tjaalton: and for a bit, unix DAC permissions are all that protects it
<kirkland> tjaalton: when the user first logs in, pam_ecryptfs looks for an appropriate file there
<kirkland> tjaalton: owned by the user, perm'd correctly
<kirkland> tjaalton: and if found, we do the passphrase wrapping immediately
<kirkland> tjaalton: /dev/shm doesn't persist across reboots, of course
<soren> Daviey: People adding dependencies to their code *way* past feature freeze is what the issue is.
<soren> *stab*
<kirkland> tjaalton: but we do have a safety net
<Daviey> soren: yeah!
<kirkland> tjaalton: we have a pair of ecryptfs upstart scripts, that copy those passphrase files from /dev/shm to /var/tmp and back to /dev/shm on boot and reboot
<Daviey> soren: did you also see that the default port changed?
<zul> soren: agreed! i want people to burst into flames
<kirkland> tjaalton: however, it doesn't look like that that upstart script is being run on installer shutdown
<kirkland> tjaalton: and hence, your bug
<zul> Daviey: https://github.com/openstack/keystone/commit/011005cdc67dd8176160b74152ba86308921da3f
<kirkland> tjaalton: so, what i need to do is put that generated passphrase in /var/tmp if we're in the installer
<kirkland> tjaalton: and then on first boot, the ecryptfs upstart job will pick it up
<tjaalton> kirkland: alrighty
<soren> Daviey: oh, ffs. No.
<zul> Daviey: problem with backing out that code...i dont know what else would break
<kirkland> tjaalton: does that make sense to you?
<kirkland> :-)
<Daviey> soren: Yeah, between what we have in the archive and their late release, they switched the port.
<Daviey> I feel dirty SRUing that TBH.
<Daviey> ho hum
<soren> Daviey: Change it back.
<Daviey> soren: I dunno, either keep what we have in Oneiric already.. switch to the new port, or expose both.
<tjaalton> kirkland: guess so. there's the short window of some user getting the passphrase between ecryptfs setup and first login though, right? rather theoretical though
<kirkland> tjaalton: not "some user", but rather a "root user"
<tjaalton> kirkland: right, exactly
<kirkland> tjaalton: or a user with physical access to the system (can boot a recovery media)
<tjaalton> kirkland: that
<kirkland> tjaalton: but yes, small window is correct
<zul> Daviey: so what do you think?
<Daviey> zul: try it, certainly a conversation starter :)
<Daviey> zul: get it in Precise first
<zul> Daviey: oh i just uploaded passlib about 20 minutes ago thats what prompted this
<Daviey> zul: ah
<TheEvilPhoenix> is there a command I can use to kill -9 all running processes of a specific user without having to enter a ton of PIDs?
<ivoks> Daviey: sure; i'll take a look at it
<Daviey> ivoks: great
<lynxman> TheEvilPhoenix: ps aux | grep ^username | awk '{print $2}' | xargs kill -9
<ivoks> that reminds me... ne to re-apply for motu
<zul> Daviey: i just want to get a new keystone in precise first
<uvirtbot> New bug: #882579 in libvirt (main) "Some Commands return: "Timed out during operation: cannot acquire state change lock"" [Undecided,New] https://launchpad.net/bugs/882579
<uvirtbot> New bug: #882613 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/882613
<lynxman> zul: how do you feel today? Have space for another sync? :)
<zul> lynxman: sure
<lynxman> zul: #882616 is ready then, if you feel like it :)
<kirkland> tjaalton: okay, cool, i reproduced the problem here, and confirmed the fix, whoop :-)
<kirkland> tjaalton: won't land in 11.10, unfortunately, as it would require an ISO respin
<kirkland> tjaalton: could sru and help with net installs, i suppose
<kirkland> tjaalton: up to you to drive that SRU, if you want it
<kirkland> tjaalton: patch is a trivial, one-liner
<smoser> Daviey, i did not touch nor was planning on touching nagios-plugins. do you need me to ?
<smoser> Daviey, i sru'd a new binary package to lucid
<zul> smoser: so it can be done?
<smoser> well, new binary != new source
<smoser> i pulled grub-legacy-ec2 back to lucid for booting pv-grub.
<zul> smoser: yeah im talking new binary and new source
<smoser> back from maverick.
<Daviey> smoser: Can i take great pleasure in telling you that you are wrong?
<Daviey> https://launchpad.net/ubuntu/+source/nagios-plugins/1.4.15-4ubuntu1
<Daviey> https://launchpad.net/ubuntu/+source/nagios-plugins/1.4.15-4ubuntu2
<Daviey> smoser: I don't /need/ you to, but wanted to check if it was on your list - as touched-it-last?
<smoser> i wasn't planning on it, but i'll do it.
<smoser> since you were so nice about pointing out that i was wrong.
<Daviey> smoser: I took no pleasure.
<zul> sirens and everything
 * zul lunches
<scalability-junk> hey I want to resize /var which is mounted at /dev/vg0 I already extended the lvm with lvextend and I'm not sure now how to extend /var ,without loosing data. any help?
<scalability-junk> thanks
<smoser> Daviey, another opportunity to point out that I was wrong has presented itself very nicely to you on the openstack mailing list.
<smoser> you should revel in that.
<smoser> this doesn't happen very often.
<Daviey> smoser: waaat?
<tjaalton> kirkland: thanks! no need to sru, I'll be soon testing precise anyway :) (and can hack around it in early_command etc)
<kirkland> tjaalton: thx
<DrPoO> Hi, Im running 10.04 LTS and I always get a "System restart required" message when I log in, even after I restart. Any ideas as to where to start dealing with this issue?
<smoser> i was wrong about keystone getting fixed in 11.10, Daviey
<smoser> i even publicly admitted that i was the one who had led the kind fellow astray.
<koolhead17> lynxman: wassup!!
<lynxman> koolhead17: wassuuuup
<koolhead17> lynxman: hehe!! #glance glance
<lynxman> koolhead17: working in glance, having a bud? ;)
<scalability-junk> mhh any idea on how to extend a ext4 partition on lvm? without loosing the data?
<scalability-junk> I can't dismount /var cause it is in use
<koolhead17> lynxman: :D
<koolhead17> now i understood why CIO likes Websense so much.
<lynxman> koolhead17: hehe :)
<zul> smoser: dont worry we still love you
<smoser> thats what i was trying to fix
<smoser> ;)
<lynxman> smoser: you're trying to fix love? you fool
<koolhead17> lynxman: Love is no bug which needs patch!!  //o.0\\
<lynxman> koolhead17: heh :)
 * koolhead17 leaves for home.  laters!! 
<scalability-junk> damn I can't get my ext4 partition to extend. lvm is already extended with lvextend, but resize2fs isn't working as i hoped.
<kirkland> Daviey: is there a uds session around orchestra-enlist?
<scalability-junk> any ideas?
<kirkland> Daviey: playing with cobbler-enlist-udeb, not currently working for me
<kirkland> Daviey: any logs on the cobbler side?
<kirkland> Daviey: the installer's syslog is complaining about the xmlrpc response
<hggdh> kirkland: set COBBLER_ENLIST_DEBUG on the environment -- it should print a bit more of data
<Daviey> kirkland: it's either auth, or you are using a profile which doesn't exist, i would guess
<kirkland> hmm
<scalability-junk> strange when I try to use e2fsck and my partition is mountet it doesn'T work, cause it's not mounted. when I try it when it's not mounted, it tells me it doesn't work cause it's not mounted o0
<Randolph> hi all
<free99> hello everyone, I'm running an apache/php webserver on 11.04... I need to run an action as root when a script is called (specifically, make a directory and then change its permissions)
<free99> but I'm having a problem with sudo in the php script
<onre> ugh
<onre> i would avoid doing that at all costs
<free99> well, I tried to make it secure, I make sure the data is ok in php, and the only script that is run is an SUID that doesn't accept anything but the name of the directory (no slashes or any shellcode)
<ersi> free99: That is, like onre just wrote, a huge security risk. Also, why can't you use PHPs mkdir()?
<free99> I've added apache to sudoers.d to allow it to run only the specific command...
<ersi> You should disable exec() what so ever in PHP in my honest opinion :|
<free99> you mean I can use php to chmod and all that jazz, even though it's got to be in a root-owned directory?
<ersi> No, you're F'ed in that regard
<ersi> Why does it have to be owned by root?
<free99> it's an NFS directory, I don't allow peers to move around beyond their directory
<free99> I know I could do it with a different user I guess
<free99> or, I think it's possible, but I'm not sure
<ersi> Peers?
<ersi> Still, why does it have to be owned by root?
<ersi> Do you allow users to move around beyond their directory, if something is owned by root? :P
<RoyK> http://a5.sphotos.ak.fbcdn.net/hphotos-ak-ash4/310886_10150412723325568_683210567_10574012_2305235_n.jpg
<free99> well, they're home directories to be specific
<ersi> Well, whatever you're trying to do - it sounds like a very bad idea security wise.
<free99> well, it's pretty much an LDAP server, which I'm being forced to use as the NFS server as well, the administration is handled by a PHP ldap system, and I decided I would make the home directories for the users (populate with contents of skel, set ownership, etc)...
<free99> and I had a sudo function within the php to handle that
<free99> it worked fine for a while... but the server's been up for 30 days and suddenly it won't work... permission to chmod and everything is denied
<free99> it can make a directory, as root oddle
<free99> *oddly
<free99> (sigh) what would be the right way to do this?
<free99> what's weird is that if I sudo -u <username> -i, and then 'sudo' the command that I need, it works fine
<free99> but if apache does it, access is denied
<free99> oh, and <username> is the apache username
<uvirtbot> New bug: #882679 in swift "swift-container-sync does not exist" [High,Confirmed] https://launchpad.net/bugs/882679
<free99> let's just keep it simple: why did sudo stop working??
<free99> I ran visudo -c -s and everything checked out ok
<RoAkSoAx> SpamapS: howdy!! if you have a chance, could you rush the orchestra SRU please?
<kirkland> SpamapS: +1 :-)
<free99> please give me a few pointers with my sudo issue... I've disabled "requiretty" and like I said, everything was working until the last couple of days
<genii-around> bad_fetus: Nay
<free99> aha! I thought I'd fixed this issue with apparmor a while back, but it (mysteriously) cropped up again
<free99> that's odd
<adam_g> kirkland: make sure you're using the correct api endpoint url, ie http://some_host/cobbler_api (not cobbler_web)
<SpamapS> RoAkSoAx: ack, will look at it a bit later
<RoAkSoAx> SpamapS: awesome, thanks ;)
<kirkland> adam_g: well, i was just using the ISO feature
<adam_g> kirkland: i haven't tried that yet, but you still need to point it to a cobbler server, no?
<kirkland> adam_g: hmm, i just asks for the ip address
<kirkland> adam_g: hopefully it's adding the right url bits around that?
<kirkland> adam_g: i can test that
<Daviey> zul: How is bug 879853?
<uvirtbot> Launchpad bug 879853 in munin "Munin upload 1.4.6-1ubuntu1 drops fixes / sponsor debdiff instead" [High,Triaged] https://launchpad.net/bugs/879853
<adam_g> kirkland: ohhh. havent tried from ISO. at the command line you specify the full URL
<zul> Daviey: will upload it tonight
<Daviey> kirkland: no, you need a ful url
<kirkland> Daviey: oh -- that's it then
<adam_g> kirkland: btw the cobbler-enlist blueprint i submitted got folded into cobbler next steps
<kirkland> Daviey: that debconf question could be improved
<Daviey> kirkland: it's not safe to be aware if it should be cobbler_api | cobbler_web or even just / ... or :$PORT
<kirkland> adam_g: cool -- url?
<Daviey> adam_g: that might be split up again
<kirkland> Daviey: it'd be nice *just* to give an IP
<Daviey> kirkland: yeah, aware oif that
<kirkland> Daviey: and even nicer for orchestra to avahi-broadcast that it's out there :-)
<kirkland> Daviey: a la UEC like
<Daviey> kirkland: Well yeah, did think about that - but the model is different for security
<adam_g> kirkland: https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-cobbler-enlist
<Daviey> Should orchestra server also publish the credentials over avahi?
<Daviey> ! :)
<kirkland> Daviey: nah, just photos of your mom
<kirkland> Daviey: silly head
<quentusrex> Anyone know why dovecot is started by init and by an upstart job?
<Daviey> :o
<RoAkSoAx> lol
<quentusrex> I keep seeing these lines in my syslog: Oct 27 13:33:50 raven kernel: [513878.916485] init: dovecot main process (21202) terminated with status 89
<RoAkSoAx> Daviey: u getting saturday to orlando?
<RoAkSoAx> jamespage: lynxman u guys too?
<Daviey> RoAkSoAx: yah
<Daviey> RoAkSoAx: saturday evening
<RoAkSoAx> Daviey: im gonna be there too, i'm driving though
<jamespage> RoAkSoAx: yep - me to
<Daviey> RoAkSoAx: ah great, so we have a car for the week? :)
<RoAkSoAx> Daviey: lol ;)
<RoAkSoAx> Daviey: I'll be arriving ~8pm
<RoAkSoAx> but crashing with a friend for the night
<RoAkSoAx> as I'm driving with a community memeber
<jamespage> Daviey: where are you flying from?
<Daviey> Great
<RoAkSoAx> so just give me a shout
<RoAkSoAx> if you guys wanna do soemthign
<Daviey> RoAkSoAx: fancy a drive to Zephyrhills on Sunday? :)
<RoAkSoAx> Daviey: could be.. what's in there?
<RoAkSoAx> lol
<RoAkSoAx> besides the waterlol
<RoAkSoAx> uhmm skydiving, that's what you wanna do Daviey ?
<Daviey> RoAkSoAx: talk tomorrow
<Daviey> <-- pub
<RoAkSoAx> alright
 * RoAkSoAx lunch
<Randolph> whois 91.189.92.166
<Randolph> wrong chan
<Randolph> sorry
<talntid> Anyone have any bash scripts to display HDD usage (percentage), load, uptime, etc, all in one? I know I can write it.. just curious if someone already has something close.
<patdk-lap> mine shows all that info when I login, by default
<talntid> your right...
<talntid> wonder if there is a command to repeat that... :)
<patdk-lap> check in /etc/update-motd.d
<Bilge> My SSH server always terminates with error 255
<Bilge> How can I see why it is dying?
<Takyoji> Somewhere in /var/log
<Takyoji> I'm not sure which log file though; I don't know if it writes to /var/log/error.log
<Takyoji> Erm whoops, that doesn't exist. xP
<Bilge> No such file
<Takyoji> Not sure if it would be reporting it's own errors to /var/log/auth.log
<Takyoji> I can't find really anything else explicitly stated of where it logs to
<kirkland> talntid: it's landscape-sysinfo
<Takyoji> otherwise it's /var/log/syslog
<Takyoji> for errors from the SSH daemon
<allowoverride> hi
#ubuntu-server 2011-10-28
<uvirtbot> New bug: #882878 in openssh (main) "With IPv6 disable openssh will on forward X connections" [Undecided,New] https://launchpad.net/bugs/882878
<allowoverride> hi
<Bilge> Is there some way to reinstall not only an app but all of its dependencies too?
<iclebyte> Bilge, remove the app and use --purge to remove everything
<iclebyte> then install it again
<iclebyte> (with aptitute instead of apt-get)
<iclebyte> infact, i'm wrong. http://askubuntu.com/questions/443/how-to-remove-an-uninstalled-packages-dependencies
<Bilge> I want to just reinstall in place with --reinstall
<Bilge> Not remove first
<iclebyte> do you just want to run the menus to reconfigure the app again?
<SilfenX> I have set up and connected a VPN client session on Ubuntu server but eth0 is used directly to communicate over WAN rather than the ppp0 interface. What am I doing wrong?
<ersi> SilfenX: Routes, man. Routes.
<lxyu> hello, I want to set up two or three servers in different places to improve the visit speed of clients all over the country.
<ersi> Routes are like Spice, essential to networking traveling
<lxyu> but I'm new to this field, and any suggestions on how/where to learn the related things? or any article to read? I just don't even know the keyword to google.
<ersi> lxyu: "Content distribution" "Anycast" "Round robin" are a few keyword that might be worth while
<ersi> lxyu: It's a bit tricky though, if you want it setup properly though.
<lxyu> ersi: to be particular, the problem I'm facing now is how to serve single website across different servers locate in different place.. any recommend book or articles?
<ersi> I'd say you'd have to build up your general experiance in server administration, network management and domain name systems. So, no unfortunally there's no "one shot" book.
<ersi> Like most things fun one would want to do.
<iclebyte> is anyone aware of a server which uses solid state drives?
<ersi> You could add the keywords "Load balancing" as well to the above keyword list by the way
<iclebyte> we have an unsual use case where we have very low disk latency requirements
<lxyu> ersi: ok, I'll google that first
<SilfenX> my routes are http://pastebin.com/SPVMUyKV
<soren> Daviey: Looking at https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-paas-cf-next-steps it says "build cloudfoundry from source"... What's it built from now?
<Daviey> soren: That is something the Systems Integration team have been doing, i've not been too close to it.  I guess from upstream binary :).  lynxman might know more.
<ersi> SilfenX: So you want *all* of your traffic to be routed over ppp0 instead of eth0? (beside the VPN connection traffic of course)
<soren> Daviey: Oh, ok. In fact, I don't even see it in the regular repo's?
<soren> Daviey: Am I not looking hard enough?
<Daviey> soren: it's not in the archive.
<Daviey> (which is why i haven't been too close to it.)
<soren> Is it in the partner archive?
<SilfenX> ersi: yes, all network traffic destined to and from the WAN on the server should use the ppp0 interface - if that makes sense?
<soren> Hm... Nope, not in Partner.
<Daviey> soren: I *think* it's just a juju charm.
<soren> Daviey: Oh, I see. Ok.
<soren> Daviey: I guess I still have a lot to learn about reading press releases that say that something "is now available in Ubuntu". :)
<nigelb> heh
<Daviey> soren: You'll gain experience one day, and be a real asset :)
<soren> We'll see.
<Daviey> heh
<ersi> SilfenX: If I'm not mistaken, I might be (a bit busy) - you should delete the default gateways and have your 192.168.0.0/24 have 192.168.0.1 as it's gateway, and make a default gateway that'll go through dev ppp0
<jamespage> soren, Daviey: I think the cloudfoundry client is in the archive - but not cloudfoundry itself
<soren> jamespage: Yeah, the client is there.
<Daviey> ah
<Daviey> <- NFI
<SilfenX> ersi: Ok. I ve ben reading around and it s getting deep really fast ^^ - I use webmin to set this thing up and heres what it looks like at the moment http://i54.photobucket.com/albums/g98/spiggot_2006/WebminPPTPSetup.jpg
<ersi> SilfenX: Yeah, I get whacked in the head learning routing everyday at my day job :)
<jamespage> Daviey, soren: PPA by the looks of it - ppa:cloudfoundry/ppa
<ersi> SilfenX: Totally know the pain :)
<ersi> SilfenX: Hm, try ticking in "Delete old default route?" to "YES"
<ersi> SilfenX: I have to warn you that doing anything I suggest may cripple the networking on said device, and that you're doing it "on your own risk" etc etc yada yada, JFYI
<ersi> So if it's in a remote location, it might.. be nasty to do. Like adding firewall rules from a remote place.. can quickly turn bad :P
<ersi> Oh, homesrv:10000/.. then it's probably near you :)
<SilfenX> ersi: yes, I have physical access to the machine also so it wont be a disaster - and the instllation CD s are always at hand next to me ^^
<ersi> Great great :)
<Daviey> jamespage: ah!
<koolhead17> hey all
<koolhead17> soren: finally got chance to have word with devcarmer and we have dashboard tag for cactus!! :)
<Daviey> nice
<Daviey> koolhead17: why do we care about cactus?
<lynxman> morning o/
<Daviey> lynxman: afternoon, right?
<koolhead17> hey lynxman
<lynxman> koolhead17: hey ;)
<lynxman> Daviey: hm.. *looks at clock* not yet? :)
<koolhead17> Daviey: because on the doc there been around 20 comments where ppl were pointing out the mistake of missing launchpad path. I just want to correct the path in doc and leave it for peace
<koolhead17> RIP cactus :D
<Daviey> ah!
<koolhead17> we cannot keep cactus documentation with wrong paths/resources :D
<lynxman> soren: We have a cloudfoundry package in a ppa and a juju charm as well
<lynxman> soren: it works quite well I must say
<koolhead17> juju juju juju
 * koolhead17 sings
<koolhead17> Daviey: am still nower with that bug :(
<mika> kirkland: thanks for http://cloud.ubuntu.com/2011/10/getting-started-with-ubuntu-orchestra-servers-in-concert/ - i'm wondering whether it would make any sense to also support FAI, what do you think?
<Daviey> koolhead17: oh dear
<Daviey> mika: We evaulated the different options, and decided that cobbler best matched what we wanted.  Having said that, I certianly would not block better FAI integration.
<mika> Daviey: ok
<koolhead17> jamespage: ping
<jamespage> hey koolhead17
<koolhead17> jamespage: how are you? still occupied? :)
<jamespage> koolhead17: good thanks - always occupied...
<jamespage> did you still need a hand with the dbconfig related package/juju charm issue you had?
<koolhead17> yes sir!!
<koolhead17> you said you had some magic reciepe to handle it. :D
<jamespage> lemme just finish up what I'm working on (should not take to long)
<koolhead17> thanks!!
<SilfenX> ersi: tried deleting old default route - reconnected but no luck
<SilfenX> ersi: I m all good now - made some random clicking in the webmin UI for the PPTP connetion and all of a sudden it wroked \o/
<alex88> hi guys, just upgraded to 11.10, now postfix auth not works, "warning: SASL: Connect to private/auth-client failed: No such file or directory" seems that the file providing auth to postfix isn't there anymore
<SilfenX> ersi: this is the new settings that made it work http://i54.photobucket.com/albums/g98/spiggot_2006/WebminPPTPSetupWorking.jpg
<alex88> it's set in dovecot config, anyone had this problem?
<patdk-lap> hmm, fix your dovecot config?
<SilfenX> oh boy thats what you get for becoming carried away ^^ (account info not deleted)
<ersi> SilfenX: Awesome! :)
<SilfenX> is it correct to assume that if the PPTP connection becomes unresponsive/drops w/e, server will lose connection to the internet and not just default straight out of eth0 to internet ?
<ersi> I'd assume that, yes. But you *could* add another route for fallback
<ersi> that's the beuty with routing
<ersi> You could test by firewalling the vpn connecting :)
<jamespage> alex88: yep - bug 874135
<uvirtbot> Launchpad bug 874135 in dovecot "mail-stack-delivery does not install postfix->dovecot sasl authentication with dovecot 2.x" [High,Fix committed] https://launchpad.net/bugs/874135
<jamespage> I am of course assuming that you are using mail-stack-delivery
<alex88> jamespage: it wasn't available on 11.04 right? cause i've installed and configured postfix+dovecot manually
<jamespage> alex88: mail-stack-delivery was
<jamespage> so sounds like its the same issue; but in you manual configuration
<jamespage> same fix might work :-)
<alex88> update dovecot package?
<SilfenX> ersi: yes - also, a 1 minute cron job which checks ppp0 up/down which performs a reconnect if down?
<alex88> jamespage: should i add oneiric-proposed for now?
<jamespage> alex88: sorry - not clear - unless you are using mail-stack-delivery this won't fix your issue
<ersi> SilfenX: Would be unnecessary if you configure the routing ;)
<alex88> jamespage: so i should install mail-stack-delivery
<jamespage> but its likely the same fix for that configuration will resolve your manual configuration
<alex88> jamespage: it's just a configuration edit? the files that provides auth are missing
<SilfenX> ersi: thanks for feedback! bbl
<jamespage> alex88: the way auth gets configured in dovecot 2.0.x changed
<jamespage> see http://wiki2.dovecot.org/HowTo/PostfixAndDovecotSASL
<ersi> SilfenX: you're welcome!
<jamespage> alex88: mail-stack-delivery installs a specific postfix/dovecot configuration
<alex88> jamespage: oh totally different..ok let me give it a try
<jamespage> koolhead17: the package was moodle right?
<alex88> jamespage: dovecot when upgrading asked me if install the package config, how can i get the package default config? reconfigure?
<koolhead17> jamespage: yes
<alex88> nm got it
<jamespage> alex88: quicker than me - could not remember exactly what dovecot does
<jamespage> koolhead17,  sudo debconf-show moodle | pastebinit -> http://paste.ubuntu.com/721413/
<alex88> jamespage: doveconf -n -c dovecot-1.conf > dovecot-2.conf
<alex88> dovecot utility to convert config
<jamespage> always handy that one
<koolhead17> * moodle/dbconfig-install: false <:D>
<alex88> jamespage: ok, config seems fine now, the problem is that it doesn't create the listener for auth
<jamespage> koolhead17: yeah - I just wanted a dump of options
<jamespage> alex88: what does dovecot -n -c /etc/dovecot/dovecot.conf say?
<alex88> sorry, my fault, it was set executable to /usr/lib/dovecot/dovecot-auth instead of /usr/lib/dovecot/auth
<alex88> seems working now..thank you very much jamespage
<jamespage> alex88, np
<jamespage> koolhead17: just fiddling with debconf options to remind myseld
<koolhead17> jamespage: i wanted to know the same. :P
<koolhead17> http://pastebin.com/pWHNEQWe  This is how the file  /etc/moodle/config.php  looks like.
<jamespage> koolhead17: looking at that package all moodle uses dbconfig for is to setup the user and configure the file
<jamespage> as the mysql juju charm is going to setup the database user for you I think I would disable dbconfig configuration
<jamespage> and template/generate the moodle configuration file mysql once the relation between moodle and mysql/pgsql has been setup
<jamespage> make sense?
<koolhead17> hmm
<koolhead17> jamespage: yes. i think i can create a custom preseed file for moodle and pass [moodle/dbconfig-install: false ] to handle rest by passing other auth & info  via mysql juju charms
<jamespage> koolhead17: yep - you prob need to set the www conf for moodle as well
<jamespage> but thats about it
<koolhead17> cool.
<jamespage> koolhead17: good luck - lemme know how it goes
<SpamapS> koolhead17: still fighting with dbconfig ? ;)
<koolhead17> SpamapS: yes sir. :(
<koolhead17> jamespage: thanks. will keep you posted
<SpamapS> koolhead17: I agree with jamespage that trying to bend dbconfig to your will is quite unnecessary.
<koolhead17> SpamapS: hmm. making it mute will solve everything. all this while i was feeding him values it wanted via preseed.
<koolhead17> *it
<znow> drwxrwxrwx 4 znow znow 4096 2011-10-28 13:27 yc/ - full permissions, but I cannot upload files to this folder? I get permission denied?
<alex88> znow: maybe parent folders denies you access?
<znow> alex88: hhmm yeah could be
<alex88> znow: uploading as www-data?
<znow> alex88: hmm user?
<znow> no
<alex88> znow: you mean uploading via web or how?
<znow> ftp
<znow> drwxr-xr-x 13 root root  4096 2011-10-17 08:26 var
<alex88> mmhh..you can usually access via sheel?
<alex88> *shell
<soren> The ftp server might impose restrictions in addition to DAC.
<znow> I can access with ftp aswell
<znow> but I need my user to be able to upload via ftp to /var/www
<alex88> maybe all file uploads are denied..try upload to /tmp
<znow> alex88: well I need to overwrite an file in /var/www/apps/yc
<alex88> owned by you?
<znow> ofc, its my server
<alex88> i mean the file.. btw you've uploaded the files with fpt before?
<znow> alex88: hmm, it looks like it doesnt allowed me earlier, or now
<alex88> try to upload somewhere else, to see if a ftp problem or a filesystem problem
<znow> sec
<alex88> like /tmp
<znow> same
<znow> Respons:    550 Permission denied.
<alex88> so it's a server problem... proftpd?
<znow> no vsftpd I think
<alex88> check connection banner
<alex88> when client connects
<znow> alex88: how
<znow> in filezilla or?
<alex88> yeah
<alex88> go up in the connection log
<alex88> check what it says after connecting
<znow> alex88: Kommando:    OPTS UTF8 ON
<znow> Respons:    200 Always in UTF8 mode.
<znow> Status:    Tilsluttet
<znow> Status:    Henter mappeliste...
<znow> Kommando:    PWD
<znow> Respons:    257 "/home/znow"
<znow> Status:    Mappeindhold vist
<alex88> before that?
<alex88> it should be something like 220-Welcome to Pure-FTPd
<znow> Respons:    220 (vsFTPd 2.3.2)
<znow> Kommando:    USER znow
<znow> Respons:    331 Please specify the password.
<znow> Kommando:    PASS *******
<znow> Respons:    230 Login successful.
<alex88> sec
<alex88> edit /etc/vsftpd.conf and uncomment line #write_enable=YES then do sudo /etc/init.d/vsftpd start
<alex88> riconnect and try uploading
<hggdh> s/start/restart/
<znow> alex88: im using my user "znow" for ftp access,, so when I do ls -all it should say: drwxrwxrw- 4 znow   root   4096 2011-10-28 13:27 yc yeah? it still says permission denied
<alex88> hggdh: yup, thanks
<alex88> znow: after enabling and restarting vsftpd?
<znow> sec
<alex88> *enabling uploads
<znow> there we go, now it works, thanks man
<alex88> np, glad to help
<znow> alex88: appreciate it! <3
<znow> now, time for soup
<znow> :)
<alex88> have fun :D
<nijaba> smoser, utlemming: just created https://wiki.ubuntu.com/UsingCloudGuestImages to streamline the process of informing cloud providers on how to best use our cloud guest images.  Updates very welcome
<smoser> mfdiff does pull changelog entries
<smoser> for you
<smoser> and picks the bits that are different
<nijaba> smoser: ah cool. Can you update the wiki page?
<smoser> sure.
<nijaba> smoser: will ensure that it is correct, thanks :)
<smoser> but it fails sometimes :-(
<smoser> nijaba, http://paste.ubuntu.com/721693/ is example output. that shows changes from last lucid release to recent daily build
<nijaba> smoser: yep, all that we need is there
<smoser> nijaba, updated.
<nijaba> smoser: cool.  Once we get a better solution for mirrors, we should update this wiki page too :)
<smoser> yeah.
<smoser> that idea for the image-data was from alex
<smoser> bligh
<smoser> and i think it is pretty good really.
<smoser> but requires infrastructure changes to implement.
<nijaba> smoser: I think rackspace cloud already has this possibility for it's managed servers and I remember seing a functionality for this in openstack already
<nijaba> smoser: something like mounting a fake usb disk that contains provider info into the image iirc
<zul> hehe
<zul> smoser loves that idea
<smoser> nijaba, "config-drive" is that, but that doesn't solve this problem.
<smoser> as the config drive is still then really limited to user-data and meta-data
<smoser> or at least it really should have been.
<smoser> its silly/wrong to implement 2 different metadata formats on the same cloud
<nijaba> smoser: ah?  ok...  I thought you could push provider data in there as well
<smoser> you can probably do that, yes. but i'm not sure how welll its formed.
<nijaba> smoser: in any case, that's something to propose on the openstack ml
<smoser> and then we'd need something in cloud-init to acutally read that stuff.
<nijaba> smoser: yeah, another blueprint ;)
<smoser> i had in one of them to support config drive.
<zul> especially when it was vfat?
<mtaylor> SpamapS: ping
<cjs226> if i want to disable upstart shutting down rsyslog can i just comment out the stop line in /etc/init/rsyslog.conf?
<uvirtbot> New bug: #883201 in openssh (main) "Several second hang on ssh login" [Undecided,New] https://launchpad.net/bugs/883201
<tm0> Hi everyone, hoping you can help me. I've made a muck of my var/lib/ folder by messing up MySQL, does anyone have a list of default MySQL files in var/lib?
<tm0> Can anyone please link me to what would be in the basic installation of var/lib ?
<Demosthenes> i appear to be having some form of performance issue, often things seem to "pause" for up to a minute. the only two services on the system are samba and squid. i check dns, thats ok. i'm currently looking to see if i have high i/o waits (iostat -x). any other suggestions?
<chronos> where I can configure default LANG and LC_ALL in ubuntu ?
<Demosthenes> /etc/environment ? /etc/profile? /etc/bash.bashrc ?
<chronos> system wide, something that set before anything
<chronos> environment hm
<chronos> where ubuntu set it  when install?
<Demosthenes> hrm, it appears my raid6 array of 2 TB drives w/ lvm2 & encryption is scoring an average of 13 milliseconds for i/o, which is good. the OS on raid1 usb sticks with lvm2 is scoring 40-50 ms on i/o, but that should be slower...
<chronos> ahhh, /etc/default/locale !
<Demosthenes> cool
<uvirtbot> New bug: #345034 in eucalyptus/1.5 "Further constrain the max memory used per download" [Medium,Fix released] https://launchpad.net/bugs/345034
<uvirtbot> New bug: #345028 in eucalyptus/1.5 "When EBS is enabled, if a prerequisite is not installed, storage should refuse to start" [Medium,Fix released] https://launchpad.net/bugs/345028
<uvirtbot> New bug: #358595 in eucalyptus/1.5 "Introduce more logging to Walrus to show progress during image decryption" [Low,Fix released] https://launchpad.net/bugs/358595
<TheEvilPhoenix> i'm trying to create a CSR for a Maverick server, following this guide: https://help.ubuntu.com/10.10/serverguide/C/certificates-and-security.html.  But I can't get past verification of the private key.  It keeps returning this:  30233:error:0906906F:PEM routines:PEM_ASN1_write_bio:read key:pem_lib.c:334:
<TheEvilPhoenix> anyone able to help?
<Takyoji> Checking
<Takyoji> I'm juggling several things right now; considered the documentation from your certificate signer (just because their documentation usually seems better)
<TheEvilPhoenix> what documentation
<TheEvilPhoenix> the documentation says to generate the CSR
<TheEvilPhoenix> and then submit it to them
<TheEvilPhoenix> the problem is i cant *generate* the CSR because of the aforementioned issue
<TheEvilPhoenix> Takyoji:  i guess my question now becomes...
<TheEvilPhoenix> Takyoji:  can I generate the CSR on another system and use that on the server i need the cert on?
<Takyoji> The process is: you generate a private key, and from that private key you generate a CSR which includes the private key, you give the CSR to the CA, and they sign the public key while associating identification (such as domain, or who the owner is, etc) and from there we call it a certifIcate.
<TheEvilPhoenix> i'm aware
<Takyoji> So to generate the CSR, you need your private key
<TheEvilPhoenix> ...
<Takyoji> The private key isn't specific to a system
<TheEvilPhoenix> ...
<TheEvilPhoenix> let me try this another way
<TheEvilPhoenix> THIS DOCUMENT OUTLINES THE PROCESS OF (A) CREATING A KEY AND (B) USING THAT FOR THE CSR
<TheEvilPhoenix> https://help.ubuntu.com/10.10/serverguide/C/certificates-and-security.html
<TheEvilPhoenix> THAT
<TheEvilPhoenix> i cant GENERATE the key
<Takyoji> ahh
<TheEvilPhoenix> because it generate the aforementioned error line
<TheEvilPhoenix> THEREFORE, either the issue is in PEM...
<TheEvilPhoenix> or in openssl
<TheEvilPhoenix> or i'mi missing certain libs, which makes no sense
<TheEvilPhoenix> this is why i'm here - to diagnose the issue and rectify it
<Takyoji> http://adamyoung.net/OpenSSL-unable-to-write-random-state
<Takyoji> does it also say 'unable to write random state' in the error as well?
<TheEvilPhoenix> this is everything: http://pastebin.com/DgWm7QCY
<Takyoji> Are you using just a-z, A-Z, 0-9 for the password, or are you including special characters?
<TheEvilPhoenix> alphanumeric only, mixed case
<TheEvilPhoenix> no symbols or spaces
<Takyoji> Are you sure you have the password correct? :P
<TheEvilPhoenix> just tried with 12345
<TheEvilPhoenix> and it generates a smiliar
<TheEvilPhoenix> similar*
<Takyoji> http://www.howtoforge.com/forums/showthread.php?t=12237
<TheEvilPhoenix> wait a sec
<TheEvilPhoenix> it just worked with 12345
<TheEvilPhoenix> wtf?
<Takyoji> with generating a private key, and generating the CSR?
<TheEvilPhoenix> private key
<TheEvilPhoenix> i havent hit the CSR part yet
<Takyoji> :P
<Takyoji> It would be nice if OpenSSL would make the errors a little user friendly. :P
<Takyoji> I think there's also a limit to password length as well by the way
<Takyoji> but I'm not sure how long
<Takyoji> 32 character max it sounds like
<TheEvilPhoenix> well it worked
<TheEvilPhoenix> not sure how, but it worked
<TheEvilPhoenix> thanks
<p1ruj3> Can somone please pastebin me the outcome of running this command: lsb_release -a ?  If you are not familiar with what this command does it will display the version details of your ubuntu installation.
<p1ruj3> 10.04 or 11.10 please.
<p1ruj3> my /etc/lsb-release somehow disappeared.... and my other machines are plain ubuntu.. I am sure there is a difference.
<cloakable> p1ruj3: http://pastebin.com/kUqDZSRs
<cloakable> hope that helped
<p1ruj3> cloakable you are running ubuntu-server ?
<cloakable> p1ruj3: yup
<p1ruj3> Just asking because it looks identical to my Straight ubuntu 11.10
<p1ruj3> What is the difference with Ubuntu-server and regular Ubuntu ?
<cloakable> The kernel and the default packages installed.
<p1ruj3> oh
<p1ruj3> so uname -a...
<medberry> probably no difference as far as lsb is concerned.
<cloakable> Yeah
<cloakable> p1ruj3: why?
<cloakable> p1ruj3: Plus, all uname -a will show is the current kernel running... and you can install the desktop kernel on a server, and the server kernel on a desktop.
<p1ruj3> inherited a machine running 10.04, I figured it would show in the lsb-release what it was running...
<cloakable> Ubuntu, basically
<p1ruj3> so how can i tell what is installed on this machine?
<cloakable> Ubuntu!
<cloakable> Or do you mean software wise?
<medberry> dpkg -l
<cloakable> Because the answer there is whatever the previous owner wanted
<cloakable> You can even install ubuntu-desktop on a server system
<medberry> dpkg --get-selections >file
<p1ruj3> okay, so I think that answered my question... just different core set of package for ubuntu-server vs ubuntu..
<p1ruj3> I assumed the kernel would have been compiled a littler lighter...
<cloakable> Why?
<p1ruj3> but i'm more familiar with freebsd so that my explain my extreme ignorance here
<cloakable> There's a -lot- of hardware people install ubuntu server on
<cloakable> Mine is installed on an Intel Atom board, for example.
<p1ruj3> 3.0.0-12-generic #20 Ubuntu SMP is that kernel an ubuntu-server kernel? (11.10 machine) 2.6.32-generic #62 ubuntu SMP is the 10.04
<p1ruj3> sorry i am sure i can research this on my own, just figured it might be simple knowledge to a trained eye...
<maxb> p1ruj3: https://launchpad.net/ubuntu/+source/linux (and scroll down a lot)
<p1ruj3> everything im finding points to just packages...
<maxb> your point?
<maxb> Ubuntu kernels are *in* packages, so that is relevant information
<p1ruj3> maxb you lost me there
<cloakable> p1ruj3: You can install new kernels via apt-get
<maxb> I believe my link answered your question. You seem to be suggesting otherwise. You need to explain what further information you're looking for
<p1ruj3> So my Improper assumption would be the ubuntu-server kernel would have less driver support compiled into it vs the desktop etc...
<cloakable> Yes
<cloakable> server kernel enables stuff like pae
<p1ruj3> maxb it helped.
<p1ruj3> ah yes pae... brings back memories of the p-pro dual 200
<cloakable> p1ruj3: And the kernel on the machine you're on is an 11.10 desktop kernel (no PAE)
<p1ruj3> cloakable can you help me understand "how
<p1ruj3> " you determined that
<cloakable> p1ruj3: if it were server, it would be -generic-pae
<p1ruj3> ok
<p1ruj3> Nice.
<cloakable> p1ruj3: Unless the person installed the -generic kernel on the server
<p1ruj3> so I can just apt-get the generic-pae kernel if I so desired... thats neat...
<cloakable> Yes
<p1ruj3> can I transition to the new kernel without rebooting?
<cloakable> No
<maxb> It's not strictly true to say that generic-pae is the server kernel
<p1ruj3> just out of curiosity can you do so with any flav of linux?
<p1ruj3> maxb I figured that...
<maxb> First, the generic flavour really is pretty generic, and should be fine on servers too
<maxb> generic-pae is available only for the 32-bit x86
<cloakable> true
<maxb> Whereas, Ubuntu also ships a "server" flavour for x86_64
<p1ruj3> maxb you wouldn't have a link handy listing the mainline kernels would you?
<p1ruj3> NM
<p1ruj3> found it
<maxb> Then there's the "virtual" flavour which is just one of the other flavours with less modules included, intended to conserve disk space in virtualized images
<p1ruj3> http://kernel.ubuntu.com/~kernel-ppa/mainline/
<p1ruj3> ack, actually all of those are generic it seems...
<cloakable> Oh wow. It's been a while since I've done a kernel cleanup >.>
 * cloakable uninstalls 700Mb worth of kernels.
<p1ruj3> haha
<p1ruj3> just have two on this one...
<p1ruj3> alight, thank you guys for the education.... feeling more chatty than research'y
<p1ruj3> just about that time to get the magnum pi costume soiled with unsanitary, illegal, and immoral products...
<p1ruj3> sorry max, now looking at your link is making a lot more sense...
<qman__> yeah, wish it was smarter about updating kernels
<qman__> keep the one you're running and the latest, remove the rest
#ubuntu-server 2011-10-29
<aschmitz> Does anyone have experience with Orchestra and OpenStack?
<jMCg> Is there a way to create virtual interfaces for a bridge and assign them IPs with /etc/networ/interfaces?
<Cpt_Othello> Hello, I just tried to install ubuntu-server and when it boots up all I get is "Out of Scan Range". is there anything i can do at this point to get it to work? Any way to at at least get to a terminal of some sort?
<Cpt_Othello> It boots up the BIOS fine but afterwards all I'm getting is a Information Box telling me that it's out of scan range
<jMCg> What kind of scan range? Did it do that before you set it up?
<Cpt_Othello> 46.2KHz / 86Hz, I used to have Cent6 and then windows server 2008 on it before. This is the first time that I've seen it do this.
<jMCg> Ah.
<jMCg> You're talking about a monitor.
<jMCg> I haven't had a monitor attached to a server in 3 years.
<jMCg> I have no idea what you're talking about :-/
<jMCg> (I accidentally killed the sshd and had to go to the DC to fix it.)
<Cpt_Othello> :( ok thanks for trying. Boss wants me to set it up as a streaming media server and wants to be able to remote into it with a gui so I'm just sort of bumbling along as I try to figure this out.
<jMCg> (remote) GUI doesn't need a monitor in my book :)
<Cpt_Othello> I know, I would much rather have it all just command line but he wants a gui so I need to make sure it happens ;(
<Cpt_Othello> actually, i think i just got lost
<jMCg> Cpt_Othello: well you can ssh in?
<jMCg> What's running? Kill off gdm or lightdm and startx, see what happens, watch the logs, etc.
<Cpt_Othello> Sorry, this is basically my first time dealing with servers and am learning everything from scratch as I go so I'll just keep looking things up. The joys of free family labor. Thanks for your help :)
<qman__> Cpt_Othello, probably an issue with your card/monitor and KMS
<qman__> try booting with the nomodeset option
<qman__> there really should be some kind of hotkey for save video mode
<qman__> safe*
<Cpt_Othello> I'm not at the office anymore so I don't have access to the machine atm :( I've also been looking around to find the key to get to some kind of command line boot mode but keep coming up short. Is there some key I can press to get to ubuntu's boot options?
<qman__> hold left shift to get a grub menu
<qman__> during the boot process
<qman__> if grub doesn't display in a working mode you'll have to boot live
<Cpt_Othello> Noted, thanks I'll try that tomorrow
<qman__> or try to modify the boot line blind
<qman__> I've done that kind of thing before too
<Cpt_Othello> boot line blind?
<qman__> do the key presses needed to modify the boot line blindly, as in without a display
<qman__> I can do it with grub1, but I don't know grub2 that well
<Cpt_Othello> I don't think that'll work out too well on my part. I'm probably going to end up trying to ssh into it with a different monitor if anything. Thanks for your help :) going to afk for food
<josePhoenix> Hello all
<josePhoenix> I've got a somewhat odd issue... I'm using unix sockets fairly extensively internally (though there should only be about 40 more in use than on a usual system)
<josePhoenix> actually, this may not be related now that I look at the error.
<josePhoenix> It's trying to open a connection to a PostgreSQL server and saying "could not fork new process for connection: Resource temporarily unavailable
<josePhoenix> One common thread seems to be that people get this error when they run into the process limit
<josePhoenix> ps ax | grep Z doesn't show zombie processes
<josePhoenix> ah, ps -el does show a lot of defunct processes
<josePhoenix> ... which are now gone! o.O
<josePhoenix> They were all named 'fuse'
<josePhoenix> How can I see what depends on fuse? I'm pretty sure I didn't install it on purpose
<qman__> lots of things use it
<qman__> NFS, SSHFS, GVFS and other GUI-mounting systems
<qman__> NFS goes both ways, depending on what you install
<josePhoenix> I'm not using any of the things I saw in the reverse dependencies list (that I know of)
<josePhoenix> Does ubuntu install it by default on servers?
<qman__> I don't think so, but I'm not sure
<qman__> but in order to have fuse processes, you have to be using it with something
<josePhoenix> hmm I guess it'll yell at me if I try to uninstall it
<TheEvilPhoenix> i think those fuse based things require the GUI stuff right?
<qman__> it doesn't run unless something mounts with it
<TheEvilPhoenix> ^
<josePhoenix> TheEvilPhoenix: I don't think they necessarily do
<josePhoenix> But afaik I'm not using any userspace filesystems
<josePhoenix> looks like it installs ntfs-3g by default... but I'm not mounting anything with it o.O
<A_B_> Q: I upgraded a very standard server installation running Samba server with no GUI to 11.10. Now the network doesn't start giving me the error "Unable to connect to system bus: Failed to connect to socket /var/run/dbus/system_bus_socket: connection refused"
<AnGrYfUrBy> hey guys i upgraded to ubuntu 11.10 and it deleted my network adapter
<josePhoenix> Why would I have zombie processes created and reaped 500 at a time?
<josePhoenix> I can't seem to catch them.
<josePhoenix> The one time I saw them in the process table, they were fuse processes
<josePhoenix> I uninstalled fuse, but I think I need to reboot for that to take effect
<qman__> not really
<qman__> only stuff that would remain is that which is loaded in RAM
<qman__> once the processes end, there'd be no way to start new ones because the files aren't thre
<qman__> there*
<josePhoenix> I can't seem to catch the processes though :\
<josePhoenix> So I'm not sure what's starting them
<josePhoenix> Hmm, no processes currently running with fuse in the title
<webPragmatist> anyone know how to replace the comma with foo
<webPragmatist> I have preg_replace('#(.*),(/w+{/if})#', '$1foo$2', '},   {/if}');
<webPragmatist> wonder if /i is a thing
<webPragmatist> nope
<webPragmatist> woops wrong chan
<kthomas1> APC only using 30M of 128M setting,  can't see why.
<pdtpatrick_> Question .. after installing ubuntu-orchestra-server ... what is the address for the web? i didn't get any output saying ur sever is now available at ...
<pdtpatrick_> Nvm figured it out
<kthomas1> ah;  apc 4 accepts 128M etc;  apc 3.x does NOT.
<caeci11ius> trying to connect macos 10.7 to afp / samba shares on an ubuntu 11.10 server, it connects fine provided it doesn't need to authenticate (i.e. as a guest), but won't work when a username/password is required. Any ideas?
<caeci11ius> had it working in the past on 11.04, no luck with 11.10 though
<kthomas1> is the a debugging output mode for the connection?
<kthomas1> ie,  look for the log file
<piegod> Hi, upgraded to 11.10 and now on boot it spends ages doing the Waiting for network configuration thing, and then when i finally get in all the interfaces (which should be static as per /etc/network/interfaces) are down... can anyone tell me what I'm doing wrong? :(
<piegod> i have to bring them up and set their address manually each time, its as though /etc/network/interfaces is completely ignored.
<w00> piegod check this http://uksysadmin.wordpress.com/2011/10/14/upgrade-to-ubuntu-11-10-problem-waiting-for-network-configuration-then-black-screen-solution/
<piegod> could you tinyurl it? cant click links, running irssi in a tty and only have text-based browser w/no mouse :>
<w00> piegod http://goo.gl/W9fd9
<piegod> thanks
<piegod> well, here goes. Will give this a try and see what happens :D
<piegod> Wahay
<piegod> Worked, thanks
<w00> np :)
<w00> Weird that i did an upgrade yesterday and that wasn't needed anymore
<piegod> does this issue present itself on fresh installs?
<w00> Shouldn't
<piegod> might just do a fresh blank install sometime soon then :V
<piegod> anyway, time to move this server back downstairs, thanks again
<Juv1228> hello, im having trouble getting ubuntu server installed to my esxi host
<Juv1228> the install runs fine, but after that when trying to boot into the system i am greeted by the ubuntu logo/load screen thing
<Juv1228> it proceeds to a black screen where it hangs indefinitely
<Juv1228> left it running for a good 20 minutes and it was just flashing its cursor away the whole time
<jasef> O.o is there a GUI system installed on it or is it the normal tty that's crashing?
<Juv1228> jasef, its a bare install, so it should be booting to a term
<Juv1228> no gnome etc
<jasef> Juv1228, :| Dunno what to suggest, if it was a gui, you could try ctrl+alt+f1 or something, but I doubt that'd help on a system that's meant to boot to tty1 anyway
<Juv1228> i dont think its even fully booting
<jasef> Does the same thing happen if you boot into recovery mode?
<Juv1228> hmm. booting in recovery mode drops me into a shell no problem
<jasef> Sorry - this touchpad quits channels on me lol. It clicks when it shouldn't
<Juv1228> heh, keyboards alway have my vote
<jasef> What happens if you boot in recovery mode and then choose to "try to continue normal boot"
<jasef> :P It's the touchpad on my laptop though, I cant replace it with a keyboard.
<Juv1228> thats what i meant, try to continue normal boot works
<Juv1228> boots the system fine
<jasef> :| That's awfully weird.
<Juv1228> just tried again with a normal boot tho. black screen
<jasef> When you get the ubuntu logo up, hit escape and see if any particular error message comes up before it goes to the black screen
<Juv1228> hmm. it seems to be something to do with kernel options
<Juv1228> default options are "quiet splash vt.handoff=7"
<Juv1228> remove all of them and it boots fine
<jasef> O.o that's strange. I guess it's the vt.handoff that's causing the problem, but not sure
<Juv1228> thats a new one for me, never had a problem installing ubuntu to esxi
<Juv1228> seems to be, just tried with only it removed and it boots too
<jasef> Lol, weird, I don't think my server ever had that in it's boot options
<jasef> I'll ssh in and check
<jasef> that took way too long
<jasef> But no, I don't have that in my boot options
<Juv1228> ya, i have no clue
<Juv1228> but removing it worked
 * RoyK added Icinga checks SMART data for all drives and just got the first message "drive is failing" :)
<RoyK> it's nice to see things like that reported _before_ the drive fails.....
<potatoe> Do I really need anything other than netmask and address when defining a static IP in network/interfaces ? It seems to me that broadcast and network can be determined based on the subnet mask and address, and gateway and DNS are only needed if i want a DNS or gateway available to the machine. The netmask should automatically assume the older class a, class b and class c networks, no ?
<RoyK> potatoe: the old class-based networking idea is rather outdated...
<potatoe> ok
<potatoe> what about the network and broadcast lines ? are they necessary ?
<RoyK> dunno if the broadcast is set according to the subnet mask - test it
<RoyK> anyway - it shouldn't matter much - if broadcast is set to 255.255.255.255, it'll still work, but might be non-optimal if you have different IP subnets on the same physical network
<RoyK> but then again, most don't
<potatoe> ok
<potatoe> thx
<geekd> Hello everone, is this the correct place to talk to someone about issues on a server?
<cloakable> geekd: Depends on if it's running Ubuntu Server or not :P
<geekd> it's running Ubuntu server 8.04
<cloakable> Oh wow
<jasef> O.o seriously, geekd, I think you should upgrade to 10.04
<jasef> O-o
<cloakable> Someone forgot to run do-release-upgrade for a few years >.>
<geekd> it's really old equipment
<cloakable> Trust me, 10.04 will still run on it :P
<geekd> No the laptop it is on is a 1991 model 300Mhz with 48Mb and 6GB HDD
<cloakable> Yes
<RoyK> geekd: ask away
<geekd> I tried starting at 10.04 ...too slow, went to 9.94 ...too slow, 8.04 seems to run decent on it
<RoyK> geekd: I use 8.04 on a number of servers myself
<cloakable> Oh wow.
<cloakable> I just finished upgrading my server to 11.10 last night. >.>
<RoyK> 8.04 will be upported until april 2013, so no reason to use anything newer unless you need newer software :P
<geekd> I installed Postfix, and can receive mail just fine, When I send it however, Evolution says it sent but I never get it....
<geekd> What could be an issue to lookat
<RoyK> cloakable: I still have solaris 8 in production at work :P
<jasef> I'm running 10.04 on my server. I can't wait till 12.04 comes out though lol
<cloakable> Heh
<RoyK> jasef: I'd wait until 12.04.1 is released :P
<jasef> RoyK, Lol, most people would. I like cutting edge though
<jasef> My laptop has bleeding edge all the time, running 12.04 desktop atm
<RoyK> geekd: hwat does mailq have to say?
<geekd> Once I get this first real server doing what I want I will prolly put together a real Box for a newer release
<cloakable> jasef: 12.04? So what, pre-alpha? >.>
<geekd> one sec
<jasef> cloakable, basically, yeah.
 * RoyK somewhat prefers servers to be stable :P
<cloakable> jasef: Ow. You may be safer running Debian Sid+Experimental. :P
<RoyK> Sid, the kid that breaks toys :P
<cloakable> Exactly
<geekd> -Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
<geekd> 1472820E2       609 Fri Oct 28 10:06:52  mike@geekdeity.com
<geekd>       (connect to mta6.am0.yahoodns.net[74.6.136.65]:25: Connection timed out)
<geekd>                                          silameth@yahoo.com
<geekd> 932C620D9       607 Fri Oct 28 04:41:23  mike@geekdeity.com
<geekd>       (connect to mta5.am0.yahoodns.net[74.6.140.64]:25: Connection timed out)
<geekd>                                          silameth@yahoo.com
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<jasef> Lol.
<geekd> RoyK is that what you wanted
<RoyK> geekd: it is, but please use a pastebin next time
<geekd> new to IRC
<RoyK> geekd: is this a home server? if so, try setting up a relay host - most ISPs block outgoing SMTP these days because of spammers
<geekd> hmmmmm wonder if that could be it....it is a home server
<RoyK> geekd: run dpkg-reconfigure postfix
<RoyK> geekd: and set it to use your ISPs SMTP host
<geekd> Weeeeeeeell...... Technically it is at a family members house, because they have better internet connection
<geekd> I don't know there ISP's SMTP host
<cloakable> what ISP?
<geekd> I have to ssh to it
<geekd> AT&T
<geekd> They have that new AT&T Fiber connection
<cloakable> geekd: three seconds of googling reveals http://www.dslreports.com/forum/r19926669-Using-ATT-as-smarthost-with-Exchange-2k3
<geekd> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<geekd> http://paste.ubuntu.com/722401/
<geekd> I guess I did that right
<RoyK> geekd: run dpkg-reconfigure postfix
<geekd> RoyK: Anyway that is the message I got
<RoyK> geekd: not dpkg -reconfigure :P
<geekd> oh
<geekd> working on it.... like I said slow
<RoyK> :)
<geekd> now to test .... do I use that smarthost smtp in my evolution?
<cloakable> No, the smtp daemon should use it automatically
<geekd> ok well here goes nothing
<cloakable> I use a smarthost in postfix on my server
<RoyK> geekd: try telnet into the smarthost on port 25
<RoyK> telnet somehost 2
<RoyK> telnet somehost 25
<geekd> could not resolve geekdeity.com/25: name or service not known
<RoyK> geekdeity.com/25 isn't a hostname :P
<RoyK> geekd: and the smarthost is your ISP's SMTP server, not your own box
<geekd> ok at command prompt  mike@www
<geekd> so www is my hostname?
<RoyK> what are you trying to do?
<RoyK> geekd: from the server, try to "telnet name.of.smtp.relay.host 25"
<geekd> telnet my host 25
<geekd> oh
<geekd> one sec it is doing something
<geekd> first line of response is : trying 207.115.36.27...
<geekd> waiting on more
<RoyK> geekd: http://support.netdoor.com/email/smtpauth.php
<RoyK> geekd: a whois lists you as connected from netdoor.com...
<geekd> again my server is on a AT&T connection though I am on netdoor
<RoyK> ok
<RoyK> then check with the ISP which SMTP host to use
<geekd> so I used the smtpauth.sbcglobal.net from the link cloaked sent me
<RoyK> can you telnet into port 25 on that machine?
<RoyK> if not, find another, call support
<geekd> it was unable to resolve: connection timed out
<RoyK> that means it's not your SMTP host
<geekd> hmmmm
<geekd> wait if I can get into the router, would it have the smtp host info in it?
<RoyK> doubt it
<geekd> dang
<RoyK> can't you just call support?
<geekd> so I have to go to the family members house and call their support
<RoyK> it's probably on the ISP's FAQ
<geekd> Don't know if they will give me that since not my account
<geekd> I can try
<RoyK> just lie :)
<RoyK> or even better - tell the truth :P
<geekd> I wouldn't want to cause them to lose their account.
<RoyK> erm - why would they?
<RoyK> it's just a server
<geekd> Letting someone run a server.....I don't know
<RoyK> http://www.iw-webhosting.co.uk/smtp_hosts.htm
<RoyK> geekd: try one of those two - telnet into port 25 on them to see if they're open
<geekd> will do
<geekd> first one no
<geekd> rying second
<RoyK> what's the server's IP?
<RoyK> a whois search can easily lookup whatever ISP it's on
<geekd> 99.25.3.21
<RoyK> or even a reverse dns
<RoyK> 21.3.25.99.in-addr.arpa domain name pointer 99-25-3-21.lightspeed.jcsnms.sbcglobal.net.
<RoyK> try smtp.sbcglobal.net
<geekd> on it
<geekd> don't think it is going to work
<geekd> taking long time
<RoyK> geekd: it should answer immediately if it's open
<RoyK> geekd: again, call support!
<geekd> I guess I will have to
<geekd> thanks for the help... I will let ou know what happens
<RoyK> :)
<geekd> hmmm this site says you can't use ssl
<geekd> how would I remove the ssl from postfix
<RoyK> geekd: postfix won't use ssl by default
<RoyK> the way to check is to test telnetting into port 25
<geekd> oh ok
<RoyK> if that port is blocked, there's no way around it unless the server in question uses another port, such as 587, like some do
<geekd> do I have to reconfigure everytime or can I just try the server ....reconfigureing is getting old
<RoyK> you only have to reconfigure it once
<geekd> rather just try telnetting it
<RoyK> try telnetting first
<RoyK> if it doesn't answer, there's no point of telling postfix to try
<geekd> ok cause I have been reconfigureing very time I got a new server to try
<geekd> now I feel stupid
<RoyK> :)
<RoyK> geekd: messing up is just another step in learning :)
<geekd> Ahhhh while searching for support # it connected
<RoyK> try to send an email manually - type HELO asdf.com <enter> from: asdf@asdf.com<enter> to: your.email@somewhere.com<enter>data<enter>asdf<enter>.<enter>
<RoyK> that's after telnetting into port 25
<geekd> what is the command to mail manually
<qman__> that is the command
<qman__> first you helo, then you mail from:, then rcpt to:
<qman__> data, your message, . to end
<geekd> helo command not found
<qman__> inside the telnet session
<RoyK> erm, 'mail from' and 'rcpt to', yes
 * RoyK is tired
<geekd> getting 501 missing fully quailfied domin name
<geekd> now getting 530 Authenication required
<RoyK> geekd: just try to reconfigure postfix then
<RoyK> oh
<RoyK> bad sign
<RoyK> try to reconfigure postfix anyway
<geekd> ok
<geekd> brb
<geekd> still 530 Authentication required
<jMCg> geekd: what, exactly, does the auth log say? (If you don't know where the auth log is, grep -ri auth /etc/*syslog*)
<geekd> trying to get out of telnet
<geekd> could I email you login and let you look I don't know which part you want.....
<qman__> the escape sequence is ^], which means control+]
<geekd> qman I saw that thanks
<geekd> jMCg here is authlog from today.... http://paste.ubuntu.com/722441/
<ogra_> soren, around ?
<ogra_> did you guys change the handling of dummy ethernet devices in oneiric ?
 * ogra_ just sits next to rccGodFather_ and after upgrading to oneiric his dummy devices stopped working
<geekd> jMCg: did you get it?
<geekd> RoyK: still here?
<geekd> oh no.....
<geekd> RoyK: does this mean I need that family members account login and pw to be able to do this?
<geekd> well gotta make store run....bbl
<TimR> can anybody tell me how to correct internal error of 500 after I did suPHP + userdir?
<rccGodFather_> how to create aliased dummy interfaces in oneric
<RoyK> TimR: your logs may tell you the cause :P
<TimR> i found it its smaller than min_uid
<TimR> that is the issue
<TimR> how do i fix that error
<jMCg> ge.. gone.
<uvirtbot> New bug: #883607 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/883607
<RoyK> I've read it's possible to change from raid5 to raid6, is the other way possible? reducing redundancy to raid5?
<TimR> hi guys have a question how do I limit users disk space in home directory because I only want the user have 100mb
<TimR> i have quota setup
<somnoliento> If I type "lc_all=C df" (or almost any command), I can see its output in english. How come "lc_all=C lpstat -t" still shows it in my locale?
<RoyK> !quota
<RoyK> TimR: google for disk quota
<TimR> ya didnt you see i have quota setup?
<RoyK> it's all in the docs....
<RoyK> man edquota
<josePhoenix> Anyone know why the cron task for php is filling up my process table? http://paste.pocoo.org/show/500216/
<soren> ogra_: "dummy? You mean aliases (like eth0:0)?
#ubuntu-server 2011-10-30
<TimR> is anybody here?
<RoyK> somewhat
<TimR> can anybody tell me how I can make a user go into home/user/public_html when using sftp? Also how can I make sure that user can only see his directory?
<failover> TimR, set his home to /home/user/public_html
<TimR> well see im using webmin to control everything
<failover> dunno webmin, but it should have a way to customize user homedir !
<failover> TimR,  http://library.linode.com/security/sftp-jails
<TimR> well see only group setup I have is users
<TimR> can i change that from filetransfers to users?
<hdale85> For some reason my server is loading extremely slow. Swapped out some ram and the CPU and even grub sits there for a while before it starts booting.
<hdale85> It does eventually boot though, and for some reason its still not mounting my array......
<harold_> oh well still working for now at least lol
<harold_> just annoying that I have to go manually mount that drive everytime I reboot
<rained23> HI I have problems with my apache, I installed it using tasksel for lamp-server . It seems searching a non existent .htaccess
<rained23> (13)Permission denied: /home/user/belajar/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
<awanti> i need u r help to setup local repository in our office. We are recently migrated to Ubuntu 10.04. Currently every pc is updating from internet. (we are having 10 pc's in our office)
<bennym> I want my Ubu Server 10.4.03 machine to act as a router/firewall between the internet on eth2 and the switch (and attatched machines) on eth1. What do I need to look up?
<ElizabethKelley1> Hey im trying to join ##Security on Xchat on windows but it does not add it to my chennel list does any one know why that might be?
<neotyk> Good morning Everyone!
<neotyk> is it possible to install JDK in EC2 while running from Natty image?
<neotyk> my instance hangs when I try to do so
<neotyk> both natty and Oneiric
<neotyk> please advice
<CrazyGir> hello! I have a server randomly rebooting on me, and while I am looking into what is going on, I noticed I have a 'kworker' process eating up quite a lot of resource. how can I find out what this process is doing, and why it is running so much on an otherwise idle server?
<CrazyGir> eg:  183 root      20   0     0    0    0 S   22  0.0 184:07.69 kworker/6:1
<CrazyGir> 27003 root      20   0     0    0    0 D    3  0.0   1:15.80 kworker/u:2
<CrazyGir> is drdb capable of rebooting a server when it should not, if it is misconfigured?
<jMCg> CrazyGir: maybe that's a feature of the cluster to stabelize the system when it's unclear who's the master and who's the slave.
<jMCg> (n.b.: I'm pulling this out of my ass from peripheral experience with Oracle and Sun clusters, I've never worked with drdb)
<CrazyGir> yea, I think you might be right
<CrazyGir> any thoughts on the first question RE kworker
<SockPants> Hi all
<SockPants> quick question: i'm wiping drives real quick, so i'm using dd if=/dev/random of=/dev/xxx. does this command end when it reaches the end of the drive, or does it continue forever?
<User488> hello
<User488> can anyone help me with a bind problem?
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<User488> ok thanks
<User488> when I do nslookup ubuntu.com the query reports server 10.61.3.245 address 10.61.3.245 is ther a way to make bind report server (my server name)
<ljaclark> When I do nslookup ubuntu.com my bind server reports server 10.61.3.245 address 10.61.3.245 is ther a way to make bind report server (server name ) instead of the ip address
<patdk-lap> ljaclark, do you know what nslookup does?
<patdk-lap> it converts name to ip address
<ljaclark> yes. I have asked the question because I have to setup bind for a uni project. The lecturer wants me to have the DNS server show the server name instaed of the ip address. in the first line of the nslookup command
<ljaclark> root@group2:/etc/bind# nslookup www.howtoforge.org
<ljaclark> Server:         10.61.3.245
<ljaclark> Address:        10.61.3.245#53
<ljaclark> Non-authoritative answer:
<ljaclark> Name:   www.howtoforge.org
<ljaclark> Address: 188.40.16.205
<onre> ljaclark, your server does not have proper reverse DNS entry for itself and that's why you see ip address instead of server name.
<ljaclark> Thank you do you know of a guide that can help me as I used the one on the ubuntu forum to setup bind?
<RoyK> any idea how I can check which PCI Express version my mobo supports?
<patdk-lap> get the model number from lshw and check it on their website?
<RoyK> patdk-lap: couldn't find anything there - http://www.asrock.com/mb/overview.asp?Model=M3A%20UCC&cat=Specifications
<RoyK> just says PCI Ex
<patdk-lap> AMD 480X
<patdk-lap> pcie 1.1
<RoyK> thanks
<patdk-lap> annoying when they dont say
<patdk-lap> then you have to check the northbridge chipset against it's manual :)
<thesheff17> anyone know why I get Hash sum mismatch on a local apt-mirror?
<qman__> probably a misconfigured proxy
<qman__> or a problem with that local mirror
<thesheff17> qman__, yea I see a forum post about a wrong security mirror
<thesheff17> ah I know....I had to restore the box...and prob had a different mirror.list
<i3luefire> last night i spent 5 hours trying to install ubuntu-server 11.10 and ended up failing
<i3luefire> right now i am at the installing base system phase on a new start today
<thesheff17> what was the issue you ran into?
<i3luefire> it failed at the software selection step every time and also was unable to install grub
<i3luefire> i have pdfs of all the log files
<i3luefire> i wish they were txt files but i had to pull them up on my phone
<i3luefire> so the only way to save them was pdf
<qman__> for the software selection bit
<qman__> try installing without a network connection
<qman__> sometimes that messes things up
<qman__> for grub, what is your hard drive configuration?
<i3luefire> i was using 1gb ext4 for /boot , 20gb btrfs / , and 3.7tb lvm ext4 /home
<qman__> 3.7tb? what's the physical setup? mdadm, hardware, or fakeraid
<qman__> btrfs could be a problem too, I don't know enough about it
<i3luefire> 1tb sdb1 + 3tb sda1 + 125gb sdc2
<i3luefire> with lvm
<qman__> that's really complex, and probably the reason grub isn't working
<qman__> it has to be able to determine where the system boots to, and install there
<i3luefire> grub should only care about the /boot partition right?
<qman__> no
<qman__> grub cares about all of your hard drives and partitions
<qman__> it has to determine which drive the bios boots, then install the boot record there
<qman__> and then point to /boot from it
<i3luefire> hmm
<i3luefire> http://www.filedropper.com/logs_5
<RoyK> i3luefire: using a pastebin is a bit easier :P
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<i3luefire> RoyK: those pdfs were made last night when i was in ambien land and i thought the only way to get the log files was on my phone
<i3luefire> but thanks
<qman__> in any case
<qman__> while grub supports /boot on lvm, I don't do it, because it's still far from perfect
<qman__> I also disconnect any drives that are not used during the install, and try to make things as simple as is possible for my application
<i3luefire> the boot is not lvm
<i3luefire> the boot is a regular partition
<i3luefire> 1gb
<thesheff17> 1gb for boot?
<qman__> and I don't know about btrfs and lvm
<i3luefire> 1gb for boot
<thesheff17> try smaller
<qman__> better too big than too small
<qman__> no
<qman__> ubuntu is not intelligent about kernel updates and simply doesn't remove old kernels
<qman__> and if /boot fills up you run into problems installing software
<qman__> I usually do 512MB, but 1GB is fine
<thesheff17> qman__, same...
<i3luefire> it looks like from the logs that grub-pc failed to install or something
<thesheff17> I would try ext4 for this partition and see if it works 20gb btrfs /
<i3luefire> who would have thought that a version of bsd (freeNAS) would be easier to install than a version of linux (ubuntu)
<i3luefire> i did ext3 on boot this time and ext4 for root
<thesheff17> same problem?
<i3luefire> boot and root and swap are all simple partitions too
<i3luefire> it is now installing base again
<i3luefire> and the network cable is unplugged
<qman__> well, ubuntu is on the so-called 'bleeding edge'
<i3luefire> lol
<qman__> pushes new software in spite of the problems
<i3luefire> i guess
<qman__> if you want a stable, always easy experience, go with LTS releases or something even more stagnant
<thesheff17> yea I only use LTS for prod
<qman__> and wait until .1
<i3luefire> well my wonderful friend who suggested i use ubuntu server for the easy pkg management of it decided to abandon me during the install last night and he is the one who suggested the 11.10
<qman__> unless you need some of the new features, I'd use 10.04
<thesheff17> i3luefire, what qman__ said :)
<qman__> all my servers are 10.04, except the one still on 8.04
<i3luefire> should i tell it to install security updates automaticlly
<thesheff17> I don't
<qman__> I do
<qman__> personal preference
<i3luefire> this is a home server that will be on the net at all times
<i3luefire> ok
<i3luefire> i am enabling it then
<i3luefire> i have made it passed the places where it failed last night
<RoyK> http://i.imgur.com/thEKg.jpg
<i3luefire> but i changed too many variables so im going back to the start with the fs choice as they were last night and the network unplugged
<qman__> the deal with the network is, it tries to update during the install on the fly, so you don't have to later
<qman__> but sometimes that messes up, and then apt is broken
<qman__> and it can't properly install
<i3luefire> that may have been the entire problem
<i3luefire> judging by the log files
<i3luefire> we shall see
<i3luefire> my friend says "rtfm" so i say to him "there isnt a manual on 11.10 server yet and you are the one who suggested it so you are the fu**ing manual"
<qman__> heh
<qman__> https://help.ubuntu.com/11.10/serverguide/C/  FYI, but yeah
<thesheff17> i3luefire, https://help.ubuntu.com/11.10/serverguide/C/index.html
<thesheff17> hah
<qman__> it's still early, it's probably not complete
<thesheff17> RoyK, wtf is that cable?
<i3luefire> i blame google for my lack of knowledge. lol
<qman__> when we switched to upstart the server guide still had tons of incorrect references to /etc/init.d
<qman__> thesheff17, it's a euro AC outlet to cat5
<thesheff17> haha...that is what I thought....
<thesheff17> does that even work?
<qman__> it blows up whatever's on the cat5 end
<thesheff17> lol
<qman__> not how you do power over ethernet
<i3luefire> thanks for the manual link tho guys
<RoyK> :)
<RoyK> 230VoE
<air_> RoyK: yay, ethernet killer. :)
<i3luefire> fail
<i3luefire> ok. so it must be the partition setup then
<thesheff17> can you purchase that? I would love to send that to some old bosses.
<air_> "here's some extra power for your network"
<thesheff17> I would need 110VoE
<air_> would this do? http://pixdaus.com/pics/HfxKm41AwpIFQRbFXK.jpg
<thesheff17> yes
<thesheff17> i3luefire, I was just reading about btrfs and there is a conversion tool from ext3/4 to btrfs may break your system though
<i3luefire> should i leave the boot at ext3 too?
<i3luefire> instead of ext4
<qman__> shouldn't matter
<qman__> I've done both
<qman__> I'm almost positive it's the btrfs /, or the LVM that grub is choking on
<i3luefire> well its not the lvm because i left that the same
<qman__> btrfs is definitely still unstable, experimental software
<RoyK> i3luefire: I usually use ext2 on /boot
<RoyK> no need for a journal there
<i3luefire> hmm
<RoyK> some distros even mount /boot ro by default
<qman__> it would make sense now with grub2, since you don't manually edit anything there anymore
<i3luefire> well i put it on ext3 bc that is what worked earlier and i had it selected already
<qman__> remount rw and remount ro could be scripted into update-grub
<RoyK> IIRC I saw that on SuSE some 5+ years ago, and by then it was a PITA
<qman__> back with gentoo 2004, the guide said to simply not mount /boot by default
<i3luefire> grub2 is supposed to support btrfs too
<i3luefire> even on the /boot
<i3luefire> but it cant even do it on the root aparently
<RoyK> i3luefire: but btrfs is still missing fsck :P
<i3luefire> tru
<RoyK> something that's been 'in the works' for >2 years
<qman__> well, being able to boot btrfs, and being able to figure out and set it up in the installer are two different things
<lenios> you don't really need fsck though
<RoyK> lenios: when the shit hits the fan, you do
<i3luefire> qman__: tru
<qman__> ubuntu jumped on ext4 by default a bit early too
<qman__> a couple data mangling bugs popped up post release
<qman__> new filesystems are just inherently risky
<RoyK> qman__: ubuntu should be a bit more conservative imho
<i3luefire> but they are so cool tho. lol if they worked... and i guess they do if you know enough about them
<qman__> well, it's two goals of ubuntu at odds
<thesheff17> I do have some prod servers with ReiserFS
<qman__> making it easy for everyone, and providing the latest and greatest
<i3luefire> those 2 goals are at odds for sure
<i3luefire> good thing im not trying zfs or something
<i3luefire> it chomps thru the ram like crazy from my experience with freeNAS
<qman__> I agree that they're just a little too ambitious
<qman__> too many show stopping bugs are in release
<i3luefire> yep the release defaults should work 95% of the time not 60% of the time
<qman__> that's why I stick to LTS and wait for .1 when it's important
<i3luefire> thats why i dont like fedora
<i3luefire> by default it fails on my desktop hardware. ati opensourse drivers are not set up right or something
<qman__> desktops are different, though
<qman__> new features are more important than in servers
<i3luefire> my desktop has ati onboard graphics.(no card)
<i3luefire> and hdmi output
<qman__> so does mine, still dealing with a number of bugs
<qman__> OS drivers have graphical glitches and sometimes hard lock the system, proprietary don't work at all
<i3luefire> isntalling grub failed again at a different step
<i3luefire> but i recovered it
<i3luefire> it just needed me to tell it which drives mbr was available
<qman__> yeah, that's been a problem since forever
<qman__> even with grub1, as long as I can remember
<qman__> once you get more than a couple disks and throw some LVM or raid in, it gets confused
<i3luefire> ok looks like it is booting
<i3luefire> cool
<thesheff17> yea I'm trying 512MB /boot/, 1GB swap, 7GB btrfs /
<thesheff17> w/ ubuntu 11.10
<i3luefire> server login prompt
<i3luefire> thanks everyone
<lenios> do you really need 1GB swap?
<thesheff17> prob not
<i3luefire> the only features i want from btrfs are cow and lzma compression
<thesheff17> I try never to use swap
<lenios> i usually use not more than 128M
<thesheff17> it is just a virtual machine
<thesheff17> yea old habbits of 2*ram size
<i3luefire> i have a 6gb swap for my 4gb ram machine
<qman__> my desktops generally have no swap
<qman__> servers have a little just because
<qman__> but it's really not needed if you put in enough RAM
<qman__> instead of caching my RAM on disk, I cache my disk in RAM
<i3luefire> i still dont understand why most oses dont let you load the entire os files to ram on systems with 8-16gb ram
<thesheff17> is there an easy way I can get a script to just run once the first time the virtual machine boots?
<qman__>  /etc/rc.local
<i3luefire> make the script disable itself as the last step
<qman__> yep
<i3luefire> i have no idea how to do that tho
<i3luefire> lol
<thesheff17> cool
<thesheff17> very easy with python
<qman__> make a script, add it to rc.local, make the script edit rc.local at the end
<qman__> then you don't run into self-manipulation issues
<i3luefire> qman__: yeah
<i3luefire> that sounds like a good solution
<thesheff17> says in cat /etc/rc.local that I can just do chmod +x chmod -x and it will start/stop
<thesheff17> not cat...
<i3luefire> man
<i3luefire> no its time to setup transmission, sab, upnp...
<i3luefire> *now its time
<pukeko> howdy al, i am wanting to migrate the OS (Lucid) of a physical file-server with soft-raid /dev/md0 /dev/md1 etc to a VM on another box -- i was thinking about using Clonezilla but from memory last time i tried to clone partitions of a soft raid i ran into problems ... any advice ?
<qman__> instead of cloning partitions, just copy files
<qman__> then edit fstab and install grub
<qman__> linux is reasonably hardware-agnostic like that
<qman__> as long as it can use all the hardware, and knows where its kernel and partitions are, it's good
<qman__> probably want to rm /etc/udev/rules.d/70-persistent-net while you're at it
<pukeko> qman__: ...thanks.. so  i would need to remove all the mdadm.conf stuff as well change the UUID's in fstab etc ?
<RoyK> qman__: IIRC I had an issue with grub last time I tried to duplicate a setup
<RoyK> pukeko: yes, and the UUID(s) in the grub setup
<RoyK> pukeko: mdadm.conf can be generated quite easily
<RoyK> pukeko: mdadm --detail --scan
<pukeko> Royk: i'm going from soft raid to a VM on a hard-raid
<RoyK> ok, no need for mdadm, then ...
<thesheff17> yea my ubuntu 11.10 using a root file system of btrfs failed
<RoyK> thesheff17: did anyone tell you btrfs is experimental?
<thesheff17> yea I was just testing to see if it failed
<RoyK> worked for me last time I tested it...
<RoyK> but then, its tools make it rather crappy when being used to zfs :P
<guntbert> RoyK: did you succeed with raid6->raid5 ?
<thesheff17> yea I tested it on a virtual machine...it was complaining about unmet dependencies with the linux 3.0 kernel
<RoyK> guntbert: it was just a question - I haven't made the move to raid6 yet
<guntbert> RoyK: I see - just curious myself :)
<RoyK> :)
<RoyK> btw, anyone that knows if it's possible to upgrade the metadata version after creating an md device?
<RoyK> I have v0.9, being the default, on my home sever, and I see now it doesn't support >2TB drives
<patdk-lap> don't think so, to some extent
<patdk-lap> I think the metadata locations changed too much between some versions
<RoyK> patdk-lap: they have, according to the manual, but still, having to recreate your average 10TB md device to use 3TB drives seems a waste
<RoyK> patdk-lap: and with linux md being one of the more flexible raid solutions out there, adding metadata upgrades would be another fine thing...
<qman__> just be aware that raid 6 is _really_ slow
<qman__> was saturating gigabit with raid 5, struggling to do 35MB/s with raid 6, and I have pretty good hardware
<RoyK> wtf?
<RoyK> how's the CPU load?
<RoyK> qman__: there's usually a bottleneck somewhere - either that or latency somewhere
<patdk-lap> qman, what cpu?
<jeeves_moss> how would I go about writing a script to move files one by one from one partition to a temp drive, then back to another directory while preserving the structure, etc?
<RoyK> jeeves_moss: can't you just rsync the bunch?
<jeeves_moss> RoyK,  the "issue" is that I only have a 160Gb "temp" drive. I forgot to turn dedup on when I set up my ZFS drives, so I have to physically move the data off the cluster, then back again.  So, I can't just copy everything to another drive, and back.  The only way I can take advantage of the dedup is to move the data off of the cluster drives, then back
<RoyK> jeeves_moss: thank gods you didn't turn on dedup on ZFS
<RoyK> it's NOT stable
<jeeves_moss> ??
<RoyK> jeeves_moss: I even have a dedicated test machine with some 10TB storage, some SSDs for caching etc, and zfs dedup sucks rather badly
<jeeves_moss> it is on now.  I wanted to run dedup on the data on there right now.  hence the request for ideas!
<RoyK> jeeves_moss: see the mailing lists for more ino
<RoyK> jeeves_moss: see the mailing lists for more info
<jeeves_moss> ahhhh.  I know it's a new FS, so, I'm testing it on a RAIDZ2 pool.
<RoyK> jeeves_moss: how much memory/l2arc do you have on the machine?
<RoyK> jeeves_moss: and what is the pool size?
<jeeves_moss> RoyK, it's got a gb of RAM (this was a temp soulition untill I get my external deticated NAS box), and the pool is 4.8Tb
<RoyK> jeeves_moss: then DO NOT USE DEDUP
<RoyK> jeeves_moss: beleive me on this
<jeeves_moss> RoyK, is it just not the best preformance, or does it eat your data?
<RoyK> jeeves_moss: if you have 2GB RAM per terabyte stored and mostly 128kB records, it might work somewhat ok
<RoyK> jeeves_moss: it'll be dead slow and removing a deduped dataset may take hours or even days
<jeeves_moss> RoyK, the "plan" is to build this into a 2U box with 8 2.6Ghz cores, and 32Gb of RAM, then exapnd out to ~32Tb of storage
<jeeves_moss> RoyK, lol, I don't care if it takes days.  it's taken almost a month to move all the data off of other boxes!
<RoyK> I had a server with dedup at a point and removing a dataset took three days, and during that time, it wasn't available for other use
<RoyK> jeeves_moss: no, it's like it blocks other services
<jeeves_moss> RoyK, how did you dedup the data though?
<jeeves_moss> RoyK, I just enabled it, so I was thinking of moving files one by one off to a temp drive, then back again
<RoyK> jeeves_moss: beleive me - I've done a LOT of testing of dedup, I've read other tests done by people in the opensolaris/openindiana society, and it's not stable, not for production, hardly for testing
<jeeves_moss> lol, fun!
<RoyK> jeeves_moss: beleive me on this - I've spent a long time on this, and ended up buying more drives instead
<patdk-lap> heh, nothing I have ever done could benifit from dedup
<patdk-lap> except work samba shares for their documents
<patdk-lap> but that is small enough it doesn't matter
<jeeves_moss> ahhh, well, the end "goal" of this unit is to be the SAN for a VMWare setup to host a lot of on-line video
<patdk-lap> heh?
<patdk-lap> san ofr vmware or for videos?
<jeeves_moss> patdk-lap, if I could "dedup" my wife's bitching, I'd benifit!
<patdk-lap> seem two different things
<jeeves_moss> patdk-lap, it's house both
<patdk-lap> heh
<patdk-lap> I would do something like I am then
<RoyK> jeeves_moss: just forget about dedup on zfs for now
<patdk-lap> run iscsi/fc/srp/... for vmware using enough space as you need for the vm's
<patdk-lap> and just nfs share the videos
<RoyK> jeeves_moss: or use it if you want to be a crash test dummy of sorts
<patdk-lap> could even do vm's on nfs too, makes is easier to backup and stuff, but alittle more annoying otherwise
<jeeves_moss> patdk-lap, NFS was the plan for the videos.  Haven't decided on the proper way to do the iSCSI
<patdk-lap> how many esx servers?
<patdk-lap> and do you want failover HA?
<RoyK> jeeves_moss: you're not doing zfs fuse on this?
<jeeves_moss> on the NAS box right now. I haven't decided for the production box.
<RoyK> patdk-lap: do you know anything like failover for oi?
<patdk-lap> royk, not really
<patdk-lap> luckily I don't have to have extreemly fast failover, so manual is perferred
<patdk-lap> but for those wanting seemless, clean, auto, nope, don't know anything
 * RoyK just got a message from icinga about a drive failing its SMART tests, and then got another message from a scientist that everything on that server was dead slow - iostat -xdn showed 99% load on that drive alone ... zpool offline ...
<patdk-lap> strange, my oi box is rejecting my ssh connections
<RoyK> what did you do to the poor box?
<patdk-lap> I disconnecting it's IB link :)
<patdk-lap> everything is fine on it, except ssh
<patdk-lap> iscsi, mysql, nfs, samba, all find
<RoyK> why would ssh depend on ib?
<patdk-lap> who said that?
<patdk-lap> oyu asked what I did, I disconnected ib
<patdk-lap> hmm, ssh service keeps going into mantance mode
<RoyK> well, reboot the beast :P
<patdk-lap> guess I'm going have to get a screen/keyboard on it, and check logs
<patdk-lap> fixed ssh
<RoyK> patdk-lap: what was it?
<patdk-lap> bad sshd_config value
<RoyK> lol
<RoyK> so not really related  to IB?
<patdk-lap> na
 * RoyK can only conclude that a backup of 1,5TB over WAN takes its time even with a 60Mbps link
<patdk-lap> yep
<patdk-lap> my friend attempted a 4tb backup over wan, on a 10mbit link
<patdk-lap> he gave up after 3 days
<air_> :)
<patdk-lap> some things, sneakernet is still excellent at, or pidgonnet
<RoyK> patdk-lap: it's only been running for a day or so, and after I offlined that deadish drive, it's running rather quickly
<air_> what's the recommended filesystem to run on ubuntu these days? ext4 is still teh shit and btrfs is not really ready? or?
<air_> I suppose zfs + ubuntu might not be the way to go either. (I'm considering what to use for file storage, software raid)
<air_> today I got 3 drives in software raid-5 running ext4.
<air_> it's only my home server, but I'd prefer not to loose my wedding photos, etc, so at least some parts of the storage should be "safe".
<air_> for now I handle that by rsyncing the important parts to an usb drive every now and then. to give me at least some extra security.
<patdk-lap> is there any other way to be secure?
<patdk-lap> all it takes is one lightening strike, and all your disks are dead
<air_> well. yeah, youre right.
<air_> so I should look into remote syncing my wedding photos somewhere else.
<air_> or use two different usb drives and have one of them offline at all times.
<air_> so, any comments on zfs or btrfs? know issues with running any of them on ubuntu?
<stlsaint> air_: i run it fine (btrfs)
<stlsaint> air_: but thats on my laptop
<qman__> RoyK, Patrickdk, phenom II x4 CPU ~3.2GHz, CPU load is all iowait, have a PCIe x8 card known to be able to saturate all 8 channels, two on a PCI controller I was using before, and two on the onboard
<RoyK> air_: zfs fuse is a no go performance-wise, btrfs is a no go safety-wise, ext4 works well, and with regular scrubbing of the md device, it should be safe enough
<RoyK> qman__: then md must be doing some rather heavy amounts of random i/o
<patdk-lap> qman, odd, you shouldn't have any issues with that
<patdk-lap> unless your doing random writes, and made a large block size
<RoyK> patdk-lap: with md-based raid6?
<patdk-lap> yep
<patdk-lap> he should be able to substain >4GB/sec with his cpu
<qman__> wonder if my filesystem is fragmented
<qman__> using ext3
<RoyK> patdk-lap: you'll need a rather large amount of drives for that...
<qman__> and it was >90% before I added the last four disks
<air_> RoyK: thanks. and in this case, what does regular scrubbing mean? :)
<patdk-lap> royk, therefor raid6 hsouldn't be his issue :)
<qman__> but even before that it was not that great
<patdk-lap> oh, ext* with >85% is slow as hell
<RoyK> air_: echo check >> /sys/block/mdX/md/sync_action
<patdk-lap> it takes longer and longer for it to locate a free block
<patdk-lap> I have had ext3 wait several minutes to locate a free block before, when I was at 99%
<qman__> it's 57% now
<RoyK> patdk-lap: heh - ever tried zfs with 95% full VDEVs?
<patdk-lap> royk, nope, only been to 76% so far :)
<RoyK> at > 90% full VDEVs, ZFS is dead slow
<qman__> when I have some spare cash I'll get more disks and redo it, but until then I can't touch it because I don't have anywhere to back up all my data
<patdk-lap> but if you used a 256k stripe size, raid6 would have to read that 256k from each drive, then write out atleast 3 drives
<patdk-lap> if you only write 4k :(
<qman__> 64k chunk
<patdk-lap> that shouldn't be too bad
<RoyK> qman__: what sort of i/o pattern?
<qman__> well, mostly large files just being placed
<qman__> but I also run torrentflux, so when that's downloading I'd understand
<qman__> but when it's just seeding it doesn't make much sense
<qman__> or not running at all
<RoyK> seeding torrents means large number of random i/o
<patdk-lap> ya, not as bad as downloading, but still lots of random reads
 * RoyK wonders when linux will get something like l2arc
<patdk-lap> thought it did
<patdk-lap> flashcache
<patdk-lap> works for both l2arc and zil
<RoyK> all google can tell me about flashcache is something mysql centric
<patdk-lap> well, it was originally designed to maky facebook mysql faster
<qman__> future plans have the torrents staged on a separate file system, probably a single disk, to alleviate that problem
<patdk-lap> qman, I did that
<patdk-lap> that drive couldn't substain >4MB/sec transfers cause of that
<qman__> maybe a raid 0 then
<qman__> but either way, get them off the main data storage to speed it up
<RoyK> qman__: or a nice set of striped mirrors on zfs :P
<qman__> I also want something with checksums, I've had video files get some corruption a number of times
<qman__> disks are so unreliable these days
<patdk-lap> heh, checksums don't help unreliable disks
<patdk-lap> they can only say, you have an issue
<RoyK> patdk-lap: it helps you detect the problem and with sufficient redundancy, to fix it
<patdk-lap> and disks are suppost to have ecc data, rs code
<qman__> I mean in the filesystem, to detect when a file gets written wrong
<patdk-lap> but seems mostly useless
<RoyK> patdk-lap: they have ECC all the way, but with the amount of data available today, those ECC algorithms, or sizes, aren't good enough
<patdk-lap> https://wiki.archlinux.org/index.php/Flashcache
<patdk-lap> royk, well it more that
<patdk-lap> when they went to 4k disks, they used a crapload less ecc data
<patdk-lap> and also, those sectors are so small, the ecc data is also getting destroyed too
<patdk-lap> the physical size of the sector on disk
<RoyK> thus, use a filesystem with checksumming :P
 * patdk-lap would gladdly replace checksumming with ecc data :)
<patdk-lap> hmm, normal 512bytes sector has 40bytes ecc
<patdk-lap> a 4k sector has 100bytes
<patdk-lap> wish I had the 4k sector with full 320bytes ecc
<patdk-lap> but guess they said, it wasn't needed
<RoyK> seems flashcache isn't in oneiric
<patdk-lap> nope
<RoyK> perhaps in debian sid :P
<RoyK> but sid is the kid that tend to break toys....
#ubuntu-server 2012-10-22
<uvirtbot> New bug: #1067929 in maas (main) "maas-region-celeryd connects to the wrong queue." [Critical,Fix released] https://launchpad.net/bugs/1067929
<uvirtbot> New bug: #1064835 in python-keystoneclient "keystoneclient fails on SSL certificates that work for other services" [Undecided,In progress] https://launchpad.net/bugs/1064835
<uvirtbot> New bug: #1069584 in maas (main) "MaaS only with DHCP managed seems to require DNS too." [Undecided,New] https://launchpad.net/bugs/1069584
<uvirtbot> New bug: #1069603 in maas (main) "MAASAPINotFound: No user data available for this node." [Undecided,New] https://launchpad.net/bugs/1069603
<uvirtbot> New bug: #1069616 in maas (main) "Apache errors..." [Undecided,New] https://launchpad.net/bugs/1069616
<Karl-Arne> Howto setup prive ssl sertificate on virtual name server? Any links to howto's?
<RoyK> HAPPY CAPS LOCK DAY
 * koolhead17 pokes RoyK 
<ewook> *yawn*
<radish> greetings, I want to setup using a two node setup (one controller, one compute node) using ubuntu 12.04, folsom release. The official documentation mentions that the controller node has to use LVM. Is this also true for a setup that would use local hdds on the compute node (no shared storage)?
<RoyK> what controller?
<melmoth> radish, i think you need lvm only on the nodes where you wanna run nova-volumes (or cinder)
 * RoyK uses lvm for most volumes
<melmoth> (and i bet you wanted to ask the question in #openstack :) )
<radish> melmoth: I did =)
<radish> melmoth: so if I use 1 system as the cloud controller and another one as the hypervisor (using local storage), the controller doesn't need lvm as it won't serve volumes?
<melmoth> yep.
<koolhead17> hola melmoth
<melmoth> hola koolhead17
<radish> melmoth: another question if you would be so kind: is it really necessary to setup the controller node to be a ntp-server? wouldn't it feasible to use an internal one?
<melmoth> you can use an internal one
<melmoth> what is important is that all nodes have the same time
<koolhead17> radish: we area ll here to help :)
<melmoth> otherwise, strange thingds may hapen
<koolhead17> melmoth: +1
<melmoth> such as services appearing as XX in nova manage service list and stuff
<koolhead17> or in another words all nodes need to be synced because multiple service needs to communicate with each other
<radish> thank you for your help, guess I'll continue until things screw up =)
<koolhead17> radish: it will badly if time is not synced :)
<radish> koolhead17: we use an internal ntp-server, no worries =)
<koolhead17> radish: point it to that server then
<radish> koolhead17: already implemented by our preseed installation
<koolhead17> radish: COOL
<uvirtbot> New bug: #1069138 in php5 (main) "After upgrading to 12.10 I can't install PHP 5.3" [Undecided,Confirmed] https://launchpad.net/bugs/1069138
<uvirtbot> New bug: #1068433 in munin (main) "Collecting and plotting the uptime is pointless" [Wishlist,Won't fix] https://launchpad.net/bugs/1068433
<uvirtbot> New bug: #1068304 in openssh (main) "ssh not using gnome-ssh-askpass" [Medium,New] https://launchpad.net/bugs/1068304
<radish> melmoth: regarding the openstack packages, should I install suggested packages as well? (we have usually turned off suggested/recommended packages for apt)
<melmoth> unsure
<melmoth> try without, and see if it works ?
<radish> Again a question regarding openstack: I'm trying to grant the admin role to the admin user, however, keystone complains about an ambiguous option: "keystone user-role-add: error: ambiguous option: --user could match --user-id, --user_id" which one should I use?
<uvirtbot> New bug: #1069789 in unixodbc (main) "package unixodbc 2.2.14p2-5ubuntu4 failed to install/upgrade: ErrorMessage: Unterprozess dpkg-deb --control gab den Fehlerwert 2 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/1069789
<radish> melmoth: if I have mistyped the region at the creation of the swift service, how can I change that? adjust the command and run it again, or do it somehow using the id / service id?
<melmoth> dont know. I dont even remember exactly when does one use the region
<radish> melmoth: when you create the services and their endpoints in keystone
<melmoth> ahh. so i guess you may change it with keystone comand itself
<radish> melmoth: so just rerun the same command after adjusting it?
<melmoth> i dont see a kesytone endpoint-edit
<koolhead17> radish: keystone-endpoint --help
<koolhead17> see if it helps
<melmoth> but there s a keystone endpoint-list, ten you can keystone endpoint-delete and recreate it
<radish> melmoth: thanks for that, I did just rerun the old command and will delete the faulty entry later on. If I run a token-get using the admin user, I get the correct data, but also the message "No handlers could be found for logger "keystoneclient.v2_0.client"" Is this to be expected?
<melmoth> i think the no handler error is sort of common
<melmoth> what i tend to do is sudo sed -i "s|log_config.*|log_file = /var/log/keystone/keystone.log|g" \
<melmoth> /etc/keystone/keystone.conf
<melmoth> so i have logs.
<hallyn> zul: around?
<zul> hallyn: kind of
<hallyn> zul: question on openvswitch-datapath-dkms
<zul> hallyn: ok
<hallyn> zul: it was dropped in q, i assume bc the module exists upstream
<zul> hallyn: yeah
<hallyn> probelm is the upstream module doesn't yet do gre tunnels.
<zul> hallyn: oh...also the dkms doesnt build on quantal either
<hallyn> drat :)  my q was going to be which src you recommend i grab (from a juju charm) to build it
<zul> hallyn: i think you would have to heavily patch it in order for it to work
<hallyn> zul: ok, thx.  gotta think about whether that's worth it or not
<radish> melmoth: in the /etc/glance/glance-registry.conf, one has to set config_file, however, the documentation says to use /etc/glance/glance-api-paste.ini, not the default one glance-registry-paste.ini, is this correct?
<melmoth> i dont know
<melmoth>  i dont see this setting here anywhere in /etc/glance
<melmoth> (but i havent finished installing, and am struggling with swift charm)
<melmoth> i always have been confused as to why glance needed 2 paste file anyway
<radish> melmoth: my /var/log/glance/registry.log is spammed with errors about removing dead childs, source is eventlet.wsgi.server. Do I need some kind of wsgi package (none installed currently)?
<melmoth> the whole openstack is a big wsgi.
<melmoth> all of em, keystone, nova, glance... Name it, it s wsgi
<radish> melmoth: seems it's this bug: https://bugs.launchpad.net/glance/+bug/1042823
<uvirtbot> Launchpad bug 1042823 in glance "SIGHUP handling fails with multiprocessing" [Critical,Fix released]
<melmoth> i never hit this one (yet ?)
<radish> melmoth: well, I'm using 2012.2-0ubuntu1~cloud0 which should be fixed, according to the bugreports
<uvirtbot> New bug: #961217 in libvirt (main) "virsh start domain sometimes fail (dup-of: 1055658)" [Medium,Confirmed] https://launchpad.net/bugs/961217
<radish> melmoth: did solve it, the documentation is faulty
<uvirtbot> New bug: #1069850 in maas (main) "import_pxe_files does not include quantal" [Undecided,Confirmed] https://launchpad.net/bugs/1069850
<tboat> hey all, is there a way to allow users to connect to sftp without needing a DSA key? or do they still need to generate a SSH key first?
<andol> tboat: I assume the answer you are looking for isn't to use a RSA key instead? :) Alternatively you should be able to tell you ssh server to also accept password logins
<tboat> i prefer no password logins, for security, so i guess I can't have seperate settings for sftp?  If the answer is just to generate the keys, that is not that big of a deal.
<tboat> my server is a LAN samba file server, and currently sftp/ssh to just me with a key, but wish to allow others access to a certain directory via sftp
<andol> tboat: So, you want to restirct full shell sessions to key auth, but allow sftp for passwords logins? Not sure how much benefit that would be, given that the user then could just as well login with passwords on sftp and use that access to put a new ssh key in place.
<andol> tboat: Alternatively you could have different requires (ssh key vs. passwords) for different users, or only allow certain users to login using sftp.
<RoyK> addisonj: does sshd support that?
<addisonj> ? assuming you meant andol
<tboat> if i restrict them to just sftp, but ssh still uses keys, then the user will still need to generate a key correct? my user is elsewhere, so they would have to generate a key and email it to me, which is fine, but was just looking for an alternate route
<andol> tboat: Whatever you restrict them sftp or not is a separate issue from whatever you allow password logins or not. Or did I missunderstand your question.
<RoyK> addisonj: erm, yes ;)
<tboat> no you did, restricting them to sftp is essentially what i want, but i also need to distinguish the authentication between ssh/sftp, which seems to just not be possible, undertandable as sftp depends on ssh, just looking for a workaround
<andol> tboat: But yeah, if they are going to login using ssh keys they will have to send you their public ssh key in some way. (That is unless you generate the keypair and provide them with the private key, which in almost all cases is a worse idea.)
<sarnold> tboat: I wonder, if you could run two different sshd daemons; run one on say, port 22, that only does sftp. Run another on port 2222 that only does ssh. You'd need to create your own /etc/init.d/ssh copy that starts the other daemon with a different configuration file. (-f)
<axisys> which ubuntu perl package has BER.pm ?
<axisys> libconvert-ber-perl is not it which has /usr/share/perl5/Convert/BER.pm
<sarnold> axisys: libconvert-ber-perl and libsnmp-session-perl
<axisys> sarnold: is there a easy way to find out besides asking here?
<sarnold> axisys: apt-file search BER.pm
<sarnold> apt-file is an immensely useful little tool :)
<axisys> sarnold: thanks a lot
<phear> Anyone in the Lafayette, LA area? I'm looking for dev work
<uvirtbot> New bug: #1069529 in php5 (main) "No graph updates after upgrade to 12.10 because date.timezone not set in php.ini" [Undecided,New] https://launchpad.net/bugs/1069529
<maxmahem> hey question. Trying to upgrade server but out of space on /boot. Turns out I have a lot of old packages there. apt-get purge old-linux-image fails with some errors on unmet dependancies (linux-image-server depends linux-image-3.0.0-26-server)
<maxmahem> thoughts?
<maxmahem> er old kernals there that is.
<uvirtbot> New bug: #1069970 in mysql-dfsg-5.1 (main) "Oracle MySQL October Security Patch" [Undecided,New] https://launchpad.net/bugs/1069970
<jdstrand> mdeslaur: fyi, that is probably a dupe of your bug ^
<mdeslaur> jdstrand: yeah, I'm looking at it now
<jdstrand> cool
<koolhead17> philballew, around
<koolhead17> seems like netflix gone too http://news.ycombinator.com/item?id=4684384
<philballew> koolhead17, lame!
<koolhead17> what happned to the monkey script which they released
<_ruben> ahh bugger, the /boot on mdadm boot issue didn't get resolved afterall .. wonder what made me think it did :/
<philballew> koolhead17, Seems odd if you ask me
<philballew> its middle of the day there
<philballew> there in east cost iirc from last time
<koolhead17> seems like they are turning it off/on on regular basis :P
<philballew> koolhead17, iirc github was down last week or something like that
<koolhead17> ya
<Guest47529> Hi, I have a really strange one I have installed LVM2 but dont have the pvcreate command, why might that be?
<Guest47529> strange, I just removed then installed it and the commands were there
<ninjai> hey all, I'm running kernel 2.6.32-23 on ubuntu server 12.04, but suffering from this bug: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/565288.  Seems I should upgrade my kernel to 2.6.32 or .34, but I can't find the kernel in the apt-cache.  Where can I obtain the kernel?
<uvirtbot> Launchpad bug 565288 in rsyslog "rsyslog fails to read kmsg on 2.6.33 kernels" [Undecided,Fix released]
<blizzow> I installed gcp on my 12.04 server and keep running into this when trying to use it.  http://pastebin.com/nSubWH7X
<blizzow> Anyone have any idea what might cause that problem and what the solution might be?
<diogo_79> hi
<diogo_79> i have an usb modem that is connected to ubuntu server 12.04 but i cannot get it to work, help is need
<diogo_79> the modem is identify has SGS Thomson Microelectronics 56k SoftModem
<diogo_79> in the dev directory the modem is ttyACM0
<diogo_79> i have install minicom to talk to the modem but the port ttyACM0 is not a valid port
<diogo_79> what to do next
<aFeijo> I've got an WORM! How can I find and remove it?
<sarnold> aFeijo: wordpress? :)
<aFeijo> no
<sarnold> some other php application? :)
<aFeijo> I'm using drupal
<aFeijo> sarnold, funny that only php does that :p
<aFeijo> it seems that it is a exacutable named "i", just the letter
<aFeijo> how can I find it? lol
<sarnold> aFeijo: find / -name i -print
<sarnold> though that may take a little while :)
<aFeijo> thanks
<aFeijo> /bin/i
<aFeijo> damn worm
<aFeijo> Opyum Team got me
<aFeijo> how can I remove this Opyum Team ???
<sarnold> aFeijo: safest and most fail-safe way is to re-install
<aFeijo> omg...
<sarnold> aFeijo: you _may_ be able to track down where the specific intrusion took place, find related files, replace them, etc. but rootkits can make it impossible to trust anything on the system
<aFeijo> I see
<aFeijo> thanks for the hints, I'll work on it
<ninjai> hey all, I'm running kernel 2.6.32-23 on ubuntu server 12.04, but suffering from this bug: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/565288.  Seems I should upgrade my kernel to 2.6.32 or .34, but I can't find the kernel in the apt-cache.  Where can I obtain the kernel?
<uvirtbot> Launchpad bug 565288 in rsyslog "rsyslog fails to read kmsg on 2.6.33 kernels" [Undecided,Fix released]
#ubuntu-server 2012-10-23
<uvirtbot> New bug: #1070093 in openldap (main) "package slapd (not installed) failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/1070093
<uvirtbot> New bug: #1070094 in openldap (main) "package slapd (not installed) failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/1070094
<roy_muzz> hi, I have a 64 bit Ubuntu LTS 10.04 headless server that i just upgraded to 12.04. The upgrade did not seem super clean and there was a "failed to read on buffer copy for md5hash: Input/output error" when installing bash-completion. The server is running fine now but I am worried that it wont come back up after a reboot. Any commands that I can run to check whether the machine will come back up? How can I find out whether the install was clean?
<sarnold> roy_muzz: perhaps checking debsums would be a good starting point?
<roy_muzz> thanks sarnold, will do
<roy_muzz> Everything looks ok after a "debsums -a". Is bash-completion an essential package?
<lifeless> nope
<sarnold> roy_muzz: no, you can live quite well without it, though I'm stunned how quickly I got accustomed to having it to complete program arguments...
<roy_muzz> Well, my commands are still being completed. Perhaps they wont be after a reboot.
<roy_muzz> I can gracefully apt-get update and upgrade.. so that is positive
<sarnold> mmm, I've got a vague memory of a good dpkg command to run when you're not entirely certain that things ran to completion before; I _think_ that was dpkg --configure -a -- but _please_ verify that it does something sane before running it. :)
<sarnold> .. a quick skim of dpkg(1) makes me think that dpkg --configure -a should be safe
<roy_muzz> thanks, I ran it and there is no output.... looks fine
<gabrieluk> hi,  how should i install libphp-phpmailer on ubuntu 10.04? ppa?
<uvirtbot> New bug: #1028823 in juju "Juju requires python-apt, but doesn't depend on it" [Medium,Triaged] https://launchpad.net/bugs/1028823
<ScottK> gabrtv: It's in the official archive, no PPA needed.
<uvirtbot> New bug: #967435 in libvirt (main) "Failed to terminate/reboot instane (LXC)" [Low,Expired] https://launchpad.net/bugs/967435
<uvirtbot> New bug: #1068566 in juju "Juju 0.6 incompatible with MAAS in precise" [High,Triaged] https://launchpad.net/bugs/1068566
<uvirtbot> New bug: #1070190 in maas (main) "maas-enlist does not show on latest 12.04.1" [Undecided,New] https://launchpad.net/bugs/1070190
<koolhead17> jamespage: ping
<jamespage> koolhead17, pong
<koolhead17> jamespage: how is hacklathon coming along sir? :)
<koolhead17> jamespage: CRITICAL nova [-] No module named quantum.manager i found soln for this https://bugs.launchpad.net/quantum/+bug/1063689
<uvirtbot> Launchpad bug 1063689 in quantum "CRITICAL nova [-] No module named quantum.manager" [Undecided,Invalid]
<koolhead17> it was my stupid configration
<koolhead17> but i wanted to know is there a way to get floating IP working with quantum any doc/source u can point or have u tested it works with our cloud repo?
<jamespage> koolhead17, OK thanks
<jamespage> koolhead17, which quantum topology are you working with?
<koolhead17> jamespage: let me get the guy in channel
<koolhead17> vivek: can you answer jamespage question please
<koolhead17> vivek: [12:17] <jamespage> koolhead17, which quantum topology are you working with?
<vivek_> Hi
 * koolhead17 is still learning/reading quantum and has not reached so far
<koolhead17> vivek_: can you answer the question jamespage asked
<koolhead17> vivek_: [12:17] <jamespage> koolhead17, which quantum topology are you working with?
<vivek_> per tenant seperate network with floating ips but not using multi tire
<vivek_> http://docs.openstack.org/trunk/openstack-network/admin/content/use_cases_single_router.html
<uvirtbot> New bug: #1068365 in linux (main) "openvswitch gre tunnels not working in quantal" [Critical,Confirmed] https://launchpad.net/bugs/1068365
<radish> good morning
<radish> would http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img be a valid image for the use with openstack/kvm?
<lifeless> should be yes
<jamespage> smb: around?
<smb> jamespage, just about... <warning>first coffee not yet finished</warning>
<jamespage> vivek_, koolhead17: sorry - distracted by something else
<jamespage> http://docs.openstack.org/trunk/openstack-network/admin/content/demo_logical_network_config.html shows how todo this
<jamespage> you can't allocate floating IP's using the nova cli ATM as far as I am aware
<jamespage> and you must create the external network under a different tenant to the private ones
<jamespage> vivek_, koolhead17: also look at this https://github.com/EmilienM/openstack-folsom-guide/blob/master/scripts/quantum-networking.sh
<vivek_> yes i tried  external network for via service , admin and xyz tenant but it is not working
<jamespage> vivek_, OK - so what is not working?
<vivek_> here you can find some information https://answers.launchpad.net/quantum/+question/211395
<jamespage> vivek_, OK - so you just exceeded my working knowledge of quantum :-)
<jamespage> (pretty new for me as well)
<jamespage> vivek_, 12.04 or 12.10?
<vivek_> i am not able to ping instances after assigning them floating ips
<vivek_> while quantum show the ip is attached to the instance
<vivek_> 12.04
<jamespage> vivek_, this is a all in one install?
<vivek_> we have tried two senirio
<vivek_> one all in one the server is having 4 lancards and next one server act as a controller and compute,  second network controller third compute
<vivek_> out one lan card is connected with public switch and rest three is connected with private switch , one port of controller or network node is connected to public switch to create br-ex
<vivek_> and i am creating br-int on eth1
<vivek_> and eth0 is public facing for all servers
<jamespage> smb, so bug 1068365
<uvirtbot> Launchpad bug 1068365 in linux "openvswitch gre tunnels not working in quantal" [Critical,Confirmed] https://launchpad.net/bugs/1068365
<smb> jamespage, yes, tough luck
<jamespage> smb, is it fixable in the kernel or do we have to hit the dkms package until it works?
<jamespage> (its not currently kernel 3.5 compatible...)
<smb> jamespage, It would require to add functionality. How SRUable do you think that is? ;)
<jamespage> smb, I discussed with SpamapS - the consensus was that this is a must
<smb> And it is something that even upstream openvswitch cannot be bothered with, so I really think making the dkms package is a better way to go
<radish> I'm trying to upload an image to glance, however, regarding to the logs I'm not authorized, should I set the admin_token parameter in glance-api-paste.ini and glance-registry-paste.ini as suggested by https://answers.launchpad.net/glance/+question/203405 ?
<jamespage> smb: the dkms package would be isolated so may be a better route
<jamespage> agreed
<jamespage> smb, I'm up to patch 8 from upstream trunk and I think I nearly have it working...
<smb> jamespage, Exactly, and it is in a sense opt-in, so even if it breaks something or has issues it would not affect the normal instlal.
<vivek_> jamespage _, i am using gre and vlan type tunnel
<smb> jamespage, Yeah I guess the network layer around changed sufficiently to make it a pita
<uvirtbot> New bug: #1064638 in maas "Commissioning is failing to set node memory attribute" [Critical,In progress] https://launchpad.net/bugs/1064638
<uvirtbot> New bug: #1066958 in maas "DNS config is invalid after a node gets enlisted." [Critical,Fix committed] https://launchpad.net/bugs/1066958
<uvirtbot> New bug: #1064672 in maas "Node listing page becomes unusable with increased number of nodes" [High,In progress] https://launchpad.net/bugs/1064672
<uvirtbot> New bug: #1067261 in maas "Web reference in UI points to wrong place" [Medium,In progress] https://launchpad.net/bugs/1067261
<Anvar> Hi all, I have a quick question. Does postfix need SASL? (this in use for a local SMTP system to send out emails because I have no SMTP relay available)
<cabbage> Anvar: No. :)
<radish> hi, I have some problems regarding the setup of openstack folsom on ubuntu 12.04.. glance can't authenticate with keystone, see the following pastes: http://paste.ubuntu.com/1299554/ and http://paste.ubuntu.com/1299600/
<kuuhmuhmu> hey i want to start samba as service when start on ubuntu sever ... help me please
<kuuhmuhmu> hey i want to start samba as service when start on ubuntu sever ... help me please
<SpamapS> kuuhmuhmu: sudo apt-get install samba
<kuuhmuhmu> yes i doned
<kuuhmuhmu> but it not start when start : i install ubuntu gui on it
<kuuhmuhmu> it must to start : sudo start samba everytime
<kuuhmuhmu> pleases
<uvirtbot> New bug: #1068036 in postfix (main) "postfix (precise) has lost the ability to lookup aliases in NIS" [High,In progress] https://launchpad.net/bugs/1068036
<lamont> ScottK: ^^
<ScottK> lamont: Yeah.  Fix just landed in precise/quantal-proposed for testing.
<lamont> cool
<ScottK> The bot never explains why it's mentioning a bug.
<Anvar> kuuhmuhmu, do you get an error when starting samba manual?
<Aison> hello
<Aison> is it possible to run a  HP 1/8 G2 Tape Autoloader under ubuntu server?
<fij0_> hello
<fij0_> anyone know any tool to get parallel ssh in ubuntu ?
<koolhead17> fij0_: ?
<fij0_> i have multiples serves, i want to execute the same command in parallel in those multiples servers
<koolhead17> fij0_: i read something called func and salt
<koolhead17> i have no idea there being any command i might b wrong
<Anvar> Aison, yes is possible, see HP website for more info & drivers
<Aison> Anvar, I just found some drivers before, but no idea how to install them. Well, I will try it again :)
<Anvar> fij0_, try webmin, you can cluster your servers and run ssh scripts to your cluster then
<Anvar> Aison, normally you have to build & install them. The readme included normaly provides the installation inscrutions
<Aison> so you think I should download the sources instead of the debian+ubuntu packages?
<Aison> hmm, maybe that's better
<Anvar> webmin provides a handy webbased GUI
<Anvar> #marashino
<koolhead17> zul: around
<zul> koolhead17: kind of
<koolhead17> zul: ok. will poke you later when your completely here :)
<koolhead17> zul: http://docs.openstack.org/trunk/openstack-network/admin/content/install_ubuntu.html  the doc uses testing repo you think it should be moved to cloud repo now?
<zul> koolhead17: yes
<koolhead17> ok. so shall i assign the bug and change the repo path?
<zul> koolhead17: yep
<koolhead17> k
<Aison> damn, a package would like to install sun-java6-jre, but of course this package is not available in precise
<Aison> java is installed
<Aison> but openjdk-6-jre
<Aison> what to do now?
<koolhead17> Aison: i have a secret soln  for that but i need beer in return :P
<Aison> lol :P
<Aison> bad guy ^^
<koolhead17> Aison: :D that i am :D
<koolhead17> Aison: http://www.printandweb.ca/2012/04/manually-install-oracle-jdk-6-for.html
<koolhead17> see if it helps man :)
<Aison> koolhead17, but this does not generate a package so that in my ubuntu server there is a package sun-java6-jre
<Aison> some stupid adaptec driver requires this
<koolhead17> Aison: your stupid driver needs java-6 env
<koolhead17> notthing else i suppose
<koolhead17> to run
<Aison> adaptec-storage-manager-common : Depends: sun-java6-jre but it is not installable
<koolhead17> Aison: i have no idea about the sf but u cannot install java from ubuntu repo anymore
<TLoT> !java | koolhead17
<ubottu> koolhead17: To just use java you need a "Java Runtime Environment" (JRE) and/or a browser plugin. If that is not sufficient you will need a "Java Development Kit" (JDK) aka "Software  Development Kit" (SDK).  Please see https://help.ubuntu.com/community/Java about how to install one of three current implementations.
<TLoT> Aison: if you've got packages dependent on those older packages, you'll run into a few issues there.
<TLoT> Aison: koolhead is right, Java is not installable from the repos anymore.
<TLoT> (sorry koolhead17, misping)
<koolhead17> TLoT: y0
<TLoT> what're they trying to install, koolhead17?
<TLoT> looks/sounds like some GUI utility for a drive or somethihng
<koolhead17> TLoT: i use simple bash script
<TLoT> urgh, they're installing drivers
<Aison> it is some adaptec stuff
<TLoT> Aison: did Adaptec provide a tarball rather than a debian package for it?
<TLoT> you may end up building and installing from source
<Aison> I cannot install the debian package either
<Aison> so I tried this: http://hwraid.le-vert.net/wiki/DebianPackages
<TLoT> and nobody listens.  i'll go back to stabbing php5 for a while
<TLoT> Aison: won't help you, those "repos" are old.
<TLoT> Aison: you will need to install java manually, and then likely build from source, i'll bet
<TLoT> rather than just finding a "package" that'll fix it
<TLoT> Aison: what hardware are you installing drivers for?
<Aison> well, the drivers itself from the kernel are working, but I also need to newest manager software
<Aison> it is for this card: http://www.adaptec.com/de-de/products/controllers/hardware/sas/performance/sas-51245/
<Aison> Adaptec RAID 51245
<TLoT> if you need the manager, build it from source.
<TLoT> as i said, thsoe packages rely on nonexistent packages
<TLoT> so you're pretty much left with just building from source
<Aison> and in a next step I would like to setup the LTO5 drive
<TLoT> Aison: 32bit or 64bit?
<Aison> 64bit
<Aison> just found a howto http://samiux.blogspot.ch/2010/07/howto-adaptec-storage-manager-on-ubuntu.html
<Aison> maybe that works
<TLoT> i dont trust random how-tos :p
<TLoT> http://download.adaptec.com/raid/storage_manager/asm_linux_x64_v7_31_18856.tgz  <-- the tarball
<Aison> thx
<zul> hallyn: ping
<hallyn> yo
<zul> hallyn: so im the middle of testing an lxc patch and moving the packaging to 0.10.2 is that kosher with you?
<zul> for libvirt
<hallyn> zul: +1
<hallyn> for r, or would you sru to q?
<zul> for r
<zul> its a bit biggish for q and not accepted by upstream yet
<hallyn> cool.  do you have any interest in looking at my proposed qemu replacement pkgs for r? :)
<hallyn> yeah go nuts.  i've been very happy with how stable libvirt has been in q, so i fear regressions, but hey maybe it'll stay that way for good now
<zul> hallyn: i do have interest
<hallyn> actually now that the bzr trees seem to be fixed for libvirt, maybe daily builds can be done automatically and we can do daily upstream testing to sniff out bugs
<hallyn> zul:
<hallyn> feh
<hallyn> my sandbox for qemu is ppa:serge-hallyn/crossc
<zul> hallyn: my only concern with daily upstream testing is the amount of patches we are carrying in q
<hallyn> taht reminds me i need to go subscribe slangasek to the qemu blueprint, as i'm hoping to merge the trees (not likely, but i have hope)
<hallyn> yeah, that was painful before too
<hallyn> stgraber: woudl you want to attend the servercloud-r-libvirt blueprint to talk about implementing a lxc2 driver based on your api?  or is it too early for that?  or should we just do it (when ready) without chatting?
<Aison> TLoT, finally it is working now
<Aison> well, next step I need some tape drive software :P
<TLoT> Aison: i assume you did go and build from source :P
<vizzoid> is it possible to use apparmor within a chrooted enviroment such as an ulteo subsystem?
<Aison> TLoT, well, it is just some piece of java software
<TLoT> Aison: true, but the "packages" are broken :P  so there.
<TLoT> Aison: and since those packages arent released *by* adaptec, i would not trust them ever in a million years
<TLoT> put them in the same category of PPA, and then put a higher security threat on there.
<TLoT> !ppa | Aison, just for the record since I mentioned PPAs
<ubottu> Aison, just for the record since I mentioned PPAs: A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<Aison> thx
<uvirtbot> New bug: #1004606 in qemu-kvm (main) "virsh create-snapshot fails to create external snapshot (blockdev-snapshot-sync fails in json monitor)" [Medium,Confirmed] https://launchpad.net/bugs/1004606
<jgcampbell300> so i am thinking of hiring some help on a project I have in mind and im not sure who i can consult with... i am thinking it will involve web data and some form of out put after the data has been anelized
<jgcampbell300> any ideas
<stgraber> hallyn: hmm, I think it's best to play with it on the side for this cycle and start talking with the libvirt-lxc author rather than discuss it at UDS and give the impression that we want to take over that driver entirely
<hallyn> stgraber: well they love their own driver, i don't think we have to worry about that :)  but yeah, basically agreed :)
<hallyn> zul: Daviey: so, should we have canceled this weeks meeting?
<hallyn> or will the copenhagen crew be there?
<zul> hallyn:  no idea
<hallyn> wasting 30 mins of time with the two of us going over an agenda for no reason doesn't seem productive
<hallyn> zul: bug 1069534 , do you know how the 'socket=' ends up in a graphics tag in libvirt xml?
<uvirtbot> Launchpad bug 1069534 in libvirt "libvirt doesn't include *.vnc files with apparmor profiles" [Medium,Incomplete] https://launchpad.net/bugs/1069534
<hallyn> if i'm being a moron and it's a well known way to do it, pls feel free to make fun of me in the bug
<uvirtbot> New bug: #994887 in maas "Nodes listing does not support sorting" [High,In progress] https://launchpad.net/bugs/994887
<zul> hallyn: not off by hand...probably when they use vnc in their xml
<hallyn> zul: i reproduced her exact virt-install command, got the usual tag.
<hallyn> oh, maybe there's some libvirtd.conf option
<hallyn> no obvious one, oh well.
<jamespage> hallyn, around?
<hallyn> jamespage: yup, what's up?
<jamespage> hallyn, so - good spot on the ovs bridging issue
<hallyn> btw, virt-install on ssd with apt-cacher from same ssd, is freaking fast :)
<jamespage> hallyn, sure is!
<hallyn> jamespage: i feel bad that you went and built the pkg :)  thanks for doing that.  do you have it in a ppa?  i coud pull it into my charm as a test if you like
<jamespage> hallyn, I've cherry picked what I think is enough patches from upstream trunk to re-enable the dkms package
<jamespage> it will appear in ppa:james-page/junk ~ 5 hours unless I can find someone to rescore
<jamespage> hallyn: I've tested it using your charms - although I did have issues when the bridge ports where setup using hostnames rather than IP's
 * hallyn makes puppy eyes toward stgraber 
<hallyn> jamespage: yeah hostnames never worked for me
<jamespage> it appears functional - however I've not really been able to validate performance that well
<jamespage> it looks the same-ish as precise
<jamespage> but not as good as the head of upstream trunk
<hallyn> jamespage: i never much worried about perf, didn't think gre could be al lthat fast :)
<jamespage> but that could be where my instances where running
<hallyn> jamespage: should we be engaging lkml about getting gre tunnels working there?
<jamespage> hallyn, I get ~700MBps with 1.4 and ~1GBps on 1.8
<jamespage> over the bridge
<jamespage> tunnel sorry
<hallyn> impressive
<jamespage> we should definately push and upstream snapshot into raring IMHO
<stgraber> jamespage, hallyn: both are building now
<jamespage> stgraber, thanks!
<hallyn> stgraber: thanks! :)
<jamespage> hallyn, I spoke with SpamapS about the SRU as well - its pretty isolated into the dkms package
<jamespage> so we are not likely to regress other bits of openvswitch
<jamespage> so should be OK
<hallyn> do we have a testsuite? :)
<hallyn> koolhead17: say...  why 17?
<koolhead17> hallyn, i need to change that nick sir, i got to www when i was 17 ::P
<hallyn> koolhead17: ah, when i was 17 there was no www yet :)
<hallyn> we gophered, and we LIKED IT
<hallyn> koolhead17: seeing you at uds next week?
<koolhead17> hallyn, yes sir. looking forward for another volleyball match :)
<hallyn> \o/
<hallyn> that's me at the net :)
<hallyn> you know, even though i can barely reach the top
<koolhead17> hallyn, would like to sit and understand LXC as well
<koolhead17> hallyn, :P
<jcastro_> SpamapS: is the mysql session for UDS sorted?
<jcastro_> SpamapS: I see it on thursday morning
<koolhead17> hola jcastro_ :)
<jamespage> hallyn, I'd forgotten about gopher
 * jamespage remembers fondly
<hallyn> koolhead17: i didn't realize you had questions!  by all means we can sit and chat about it :)
<koolhead17> hallyn, cool. Btw jamespage hallyn i started computer with playing LOGO :P
<jamespage> hallyn, we don't have a test suite that exercises the tunnelling
 * jamespage adds that to the list
<koolhead17> and we were not allowed to wear shoes inside computer lab
<koolhead17> Linus was working on kernel somewhere that time :P
<jamespage> koolhead17, I was installing linux from a 6 iso set that I got once every 3 months and building my own kernel...
 * jamespage remembers slackware
<koolhead17> jamespage, i came very late to Linux i think with redhat9
<koolhead17> i guess i installed lots of distro in one week to get audio working
<koolhead17> got introduced to Debian and then Ubuntu :)
<koolhead17> arosales, hey there
<zul> james: iso?! you young'un
<arosales> koolhead17: hello
<koolhead17> zul, you used floppy? :)
<jamespage> zul: I only had to use minix off floppys
<zul> jamespage: hah
<hallyn> i did try to boot my sun 3/160 server off of 3 huge mag tapes, didn't work
<jamespage> zul, hallyn: you guys want todo the irc meeting today? consensus here is to skip this week as not huge amounts to discuss
<zul> jamespage:  skip it
<hallyn> jamespage: agreed
<koolhead17> SpamapS, jcastro_  i need my juju t-shirt this time
<jamespage> hallyn, zul: okay!
<koolhead17> :P
<SpamapS> jcastro_: uh, Thursday morning aint gonna work ;)
<SpamapS> jcastro_: I'll subscribe as essential, that should zap it back to M or Tu
<SpamapS> jcastro_: actually I'm already marked as essential.. so.. hrm
<jcastro_> ok, want me to move it?
<jcastro_> SpamapS: this is why I check. :)
<SpamapS> jcastro_: yeah, if I have too many essential ones, let me know and I'll go through them and remove a few
<jcastro_> I am making it so the cloud and juju community ones don't conflict
<jcastro_> SpamapS: tuesday 1500
<SpamapS> jcastro_: cool that should be good
<uvirtbot> New bug: #1067522 in openssh (main) "openssh-client / ssh does not set IP Type-of-service field" [Medium,Confirmed] https://launchpad.net/bugs/1067522
<zul> SpamapS: galera support?
<SpamapS> zul: YES :)
<zul> SpamapS:  ques que ce?
<SpamapS> zul: http://www.codership.com/wiki/doku.php?id=faq
<zul> SpamapS: bien sur
<SpamapS> zul: de nada
<zul> SpamapS: are people actually using that?
<nishttal2> hi all.. i am running ubuntu server 12.04.. how can i tell it to use the onboard VGA for output and not the external nvidia gtx also installed
<RoyK> nishttal2: usually a BIOS setting - use onboard first or something
<RoyK> nishttal2: also, if you don't need that nvidia card, well, unplug it ;)
<nishttal2> RoyK: bios is fine and uses the onboard vga.. its after the grub menu when ubuntu loads up that i get the blank screen
<nishttal2> RoyK: i need the nvidia card just not for display (for computation)
<RoyK> oh, opencl/cuda?
<nishttal2> RoyK: yeah
<nishttal2> :)
<RoyK> I guess the easiest would be to use it for the console as well as computing - it shouldn't make much difference if the card is used to display ASCII
<RoyK> but then - using the onboard card for the console would probably be best
<nishttal2> RoyK: problem with that is that the KVM in the server room on supports VGA and the GTXs do not have VGA out.. the convertors dont work either
<RoyK> ubuntu uses the framebuffer drivers for the console, so I guess that's where you'll have to dig
<RoyK> nishttal2: https://wiki.ubuntu.com/FrameBuffer#How_to_disable_the_framebuffer
<RoyK> disabling the framebuffer should work
<RoyK> you'll end up with a good old terminal, though, but hopefully you won't need it too often
<koolhead17> Daviey, https://wiki.ubuntu.com/ServerTeam/CloudArchive can i modify it with adding command 4 adding cloud keyring?
<nishttal2> RoyK: yeah i dont anticipate frequent visits to the server room
<RoyK> nishttal2: try to disable the framebuffer first
<RoyK> if it doesn't help, well, perhaps we'll find another way...
<nishttal2> ok trying now
<nishttal2> RoyK: Highlight, again with the use of the arrow keys, the line that say "kernel" and press "e" to edit that line ...
<nishttal2> RoyK: I dont see a line that says kernel
<RoyK> you should be at the end of the line after pressing e
<RoyK> so just type away
<RoyK> perhaps add a space first
<nishttal2> same issue
<nishttal2> let me try the CMOS/BIOS way to disable framebuffer
<RoyK> I somewhat doubt it'll help if the linux kernel detects a new graphics card and uses that instead of the one onboar
<RoyK> I somewhat doubt it'll help if the linux kernel detects a new graphics card and uses that instead of the one onboard
<nishttal2> hmm
<nishttal2> worth a try?
<RoyK> dutr
<RoyK> erm
<RoyK> sure
<RoyK> can't hurt to try
<sarnold> oof. one hopes the kernel would use whichever video card was selected in the bios as the one to power up..
<patdk-wk> hmm, I haven't had any issues
<RoyK> linux doesn't always care much about BIOS settings
<patdk-wk> I boot my laptop randomly with 1 or 2 video cards, it always gets it right
<RoyK> ok
<RoyK> perhaps a driver issue?
<nishttal2> RoyK, i cant even find anything close to frame buffer in the bios.. so much for that try!
<patdk-wk> first off, what motherboard is this?
<sarnold> nishttal2: does the bios give you the option of which card to use? at least mine does...
<RoyK> sarnold: looks like it, since it works until grub is finished...
<nishttal2> sarnold: yeah it does and its set to use Onboard-VGA.. and it uses that to boot up till grub.. after grub i guess ubuntu takes over and uses the nvidia gtx
<RoyK> nishttal2: that's the linux kernel, not "ubuntu", but still I agree
<nishttal2> sarnold: RoyK http://www.youtube.com/watch?v=u-Wqf31DFMA
<hallyn> SpamapS: is 'static-network-up' in lucid?
<hallyn> wondering about bug 850309
<uvirtbot> Launchpad bug 850309 in libvirt "libvirt fails to autostart VM attached to a bridged port" [Undecided,Confirmed] https://launchpad.net/bugs/850309
<sarnold> nishttal2: woo :) video. what an age to be alive.
<sarnold> nishttal2: good luck; I've gotta run. :/
<RoyK> hallyn: I have a few VMs on Lucid with bridged networking...
<nishttal2> sarnold: yeah :)
<RoyK> nishttal2: I'd say file a bug
<hallyn> RoyK: i'm just wondernig whether the 'static-network-up' event was sru'd to lucid.  it came in around oneiric time.
<nishttal2> RoyK: damn!
<RoyK> nishttal2: https://help.ubuntu.com/community/HybridGraphics
<RoyK> might be relevant
<RoyK> but hardly so
<SpamapS> hallyn: no
<SpamapS> hallyn: and you shouldn't be using that event
<SpamapS> hallyn: runlevel [2345] for almost everything
<uvirtbot> New bug: #1070413 in maas (main) "MaaS http config generates warnings about missing /home/maas" [Undecided,New] https://launchpad.net/bugs/1070413
<hallyn> SpamapS: i'm in the middle of typing exactly taht into the bug
<nishttal2> RoyK: wait.. changing the grub setting worked..
<hallyn> SpamapS: but the point remains that we'd need that event for it to work
<nishttal2> RoyK: i added it to the last line.. and it didnt work.. i moved it to the last but one line and it worked
<nishttal2> RoyK: thanks a lot man!!
<hallyn> SpamapS: but ok, if it wont' be fixed in upstart, then i guess it's wontfix in libvirt, and i'll simply offer a script they can add to libvirt-bin.upstart to work around it
<RoyK> nishttal2: ;)
<RoyK> nishttal2: you'll need to make that permanent
<RoyK> nishttal2: what you set on boot only works for that session (until reboot)
<nishttal2> RoyK: yeah.. do you know what file it is in 12.04
<SpamapS> hallyn: for lucid, people have to edit /etc/init/rc-sysinit.conf to delay runlevel 2 until after the appropriate network is up
<nishttal2> i dont see a menu.lst
<RoyK> that's grub1
<RoyK> grub2 works differently
<RoyK> /etc/default/grub
<RoyK> probably
<hallyn> SpamapS: (or libvirt-bin.conf)
<RoyK> then update-grub (iirc)
<patdk-wk> grub2 initializes video, and passes it to linux
<patdk-wk> grub1 uses text console from bios
<RoyK> patdk-wk: thanks
<hallyn> SpamapS: but ok, so it's wontfix for upstart for lucid, thanks
<patdk-wk> GRUB_TERMINAL=console, disables grub video, then also add nomodeset if needed to the kernel
<patdk-wk> what I have to do on my very old system, I use for a firewall at home
<nishttal2> patdk-wk: is this for my issue?
 * RoyK guesses so
<patdk-wk> it's an attempt :)
<SpamapS> hallyn: yes indeed... it wouldn't be kosher to change the default boot sequence for lucid :-/
<RoyK> nishttal2: or just add that option to the grub config
<nishttal2> RoyK: i am confused.. where in grub config
<hallyn> SpamapS: wuss!  :)
<RoyK> 18:52 < nishttal2> RoyK: i added it to the last line.. and it didnt work.. i moved it to the last but one line and it worked
<RoyK> use that in /etc/default/grub
 * SpamapS disappears
<RoyK> and run update-grub
<RoyK> patdk-wk's version will probably do just as well
<RoyK> perhaps less hassle
<nishttal2> RoyK: this is what my /etc/default/grub looks like http://fpaste.org/2icX/
<RoyK> comment out GRUB_TERMINAL=console
<RoyK> for a start
<nishttal2> its already commented.. so uncomment it
<RoyK> yes
<nishttal2> ok and then update_grub
<RoyK> update-grub, yes
<nishttal2> ok rebooting now.... fingers crossed
<nishttal2> IT WORKED!!!!! :)
<RoyK> :)
<nishttal2> RoyK: patdk-wk thank you both.
<RoyK> btw, what are you doing with those GPUs?
<RoyK> AFAICS four of them?
 * RoyK likes SuperMicro btw
<nishttal2> I have 2 GTX 570s, 2 GTX 680s and a bunch of 560s (different machines ofcourse)..
<nishttal2> run realtime analytics on stock market data
<nishttal2> damn.. it seems its stuck at UHCI Host Controller...
<nishttal2> SSH is up
<nishttal2> RoyK: this is SuperMicro
<RoyK> had a rather bad issue at my last job, power were to be shut down for a day or so, so a diesel-based generator was connected to allow us to have the servers running, so poweroff, wait, connect new generators, open fuse, and some 2kV was sent to the UPSes, which paniced and went into pass-through, frying a large number of PSUs and some disks - except all the supermicros, which were happily running
<RoyK> nishttal2: yeah, I saw that from the video ;)
<nishttal2> RoyK: thats comforting to here :)
<nishttal2> hear*
<nishttal2> RoyK: any ideas on why its stuck .. i dont have the login prompt
<RoyK> no idea
<RoyK> try to switch console
<RoyK> alt+f2 or alt+(left|right(
<RoyK> alt+f2 or alt+(left|right)
<nishttal2> tried ctrl alt f1 thru 11
<RoyK> sorry, no idea
<RoyK> does caps lock work?
<RoyK> if it doesn't, perhaps something is fubar with the usb connection
<nishttal2> i tried num lock and that worked
<nishttal2> rebooted so cant check if caps lock was fine
<RoyK> alt+left or right should work
<hallyn> jamespage: all right, deploying my test with your ppa.  <crossing fingers>
<nishttal2> RoyK: i didnt
<nishttal2> it*
<RoyK> no idea, sorry
<RoyK> how did you reboot? ctrl+alt+del?
<nishttal2> RoyK: there must be a way to directly modify the grub entry to say "nomodeset" somwhere.. bcoz that worked
<nishttal2> yes
<RoyK> then keyboard works
<RoyK> but console is fscked up somehow
<patdk-wk> just add nomodeset on the end of the kernel line
<RoyK> mhm
<patdk-wk> add it to the GRUB_CMDLINE_LINUX option in /etc/default/grub
<patdk-wk> and grub will always add it
<nishttal2> patdk-wk: ok cool.. so change line # 12 in http://fpaste.org/2icX/ to look like GRUB_CMDLINE_LINUX="vga=normal nomodeset" ?
<patdk-wk> I guess
<patdk-wk> but line 12 is the one to edit
<patdk-wk> oh? 20 is still commented out?
<nishttal2> patdk-wk: no
<nishttal2> patdk-wk: that was the old post
<patdk-wk> 12 goes on all kernels
<patdk-wk> 11 only goes to non-recovery ones
<nishttal2> patdk-wk: ok.. and update-grub after that?
<patdk-wk> yep
<nishttal2> patdk-wk: rebooting
<nishttal2> patdk-wk: yup that did it.. thanks again
<RoyK> nishttal2: would GPUs really give realtime analysis of stock market that gain compared to CPUs?
<nishttal2> RoyK: oh man.. dont even get me starting
<nishttal2> started*
<RoyK> just curious ;)
<nishttal2> 1 GPU is performing 50 times better than a quad core xeons that i've used in the past
<RoyK> GPUs are fast for very parallel computation
<nishttal2> yeah.. and each stock ticker is independent (well depends on your analytic) so you can do them all in parallel
<RoyK> given the amount of data is low, which I think is the case for your type of data
<RoyK> ic
<nishttal2> its the frequency of data
<nishttal2> 25K ticks/sec
<RoyK> so all you need is a dispatcher that's parallelized to the amount of CPU cores and then dispatch the lot to the GPU?
<nishttal2> brb
<RoyK> perhaps the dispatcher won't need much parallelising, though, since its work is minor...
<nishttal2> RoyK: back
<nishttal2> RoyK: so the architecture would depend on your application ofcourse.. but yeah thats the general idea
<hallyn> jamespage: drat, by default openvswitch.ko (not openvswitch_mod.ko) gets loaded
<hallyn> hm, maybe that's the problem, maybe not.  trying again
<nishttal2> is it safe to install libglut on ubuntu server 12.04
<uvirtbot> New bug: #1069302 in qemu-kvm (main) "kvm client does not start with pci passthrough (amd hd5450)" [Undecided,New] https://launchpad.net/bugs/1069302
<hallyn> jamespage: \o/ new pkg works for m.e  HOWEVER, (we should ask this on #ubuntu-kernel) can we have that pkg disable the openvswitch.ko from linux-image?
<hallyn> jamespage: d'oh, hold on, nm, i see the problem.   <thwap>  i'm an idiot
<zul> hallyn: doh http://pastebin.ubuntu.com/1300923/
<Phibs> my config for a custom apt repo is thus: http://pastie.org/private/60bjfrzhrodww3ej3oekq, it finds the package metadata but 404s trying to install it. Any hints?
<hallyn> zul: why don't you have /var/run/dbus/system-bus-socket?  i have it here...
<zul> hallyn: im nto sure
<zul> hallyn: restarted dbus anyways and it works
<hallyn> zul: hm.
<zul> hallyn: im running raring here so *shrug*
<Case_> I am hoping someone can help me.  I have an Ubuntu Server with Apache.  I have multiple sites on this server and one of them the GET time for just the domain is like 30 seconds.  The others are perfectly fine.  They have the same naming server and the same domain registerar.  Does anyone have any clue what might cause this?
<sarnold> Case_: is that virtual host configured to log hostnames in its logfiles?
<sarnold> (I don't know if that is possible, but DNS lookups are often the cause of 30-second-ish delays in software...)
<Case_> I am not sure, not putty is being well slow to log into it.  Maybe the server is just going :/
<sarnold> heh, perhaps your sshd is configured to log hostnames too? :)
<Case_> I half wonder if someone is just pinging it to death
<uvirtbot> New bug: #1070519 in juju (universe) "zookeeper: WARN  [NIOServerCxn.Factory:0.0.0.0/0.0.0.0:2181:NIOServerCnxn$Factory@247] - Too many connections from /127.0.0.1 - max is 10" [Undecided,New] https://launchpad.net/bugs/1070519
<Horv> Heya! Need som help with troublshooting. Me and a friend (bark) are trying to set up a MAAS and got so far as to the pxe-boot-part. During the pxe-boot we get "connection 1:0 conn error detected (1020)" and googling have led us nowhere.
<Horv> We've tried pxe-boot with 4 different computer setups with the same result.
<Horv> Any idea where to troubleshoot? Or what could be causing the error?
<crono_logical> hi guys, anyone around able to help in this channel? just hosed a ubuntu VM doing apt-get upgrade, it no longer boots with error boot disk not found
<crono_logical> filesystem looks ok and intact, it mounts cleanly when I mount the virtual disk in a different VM
<jamespage> hallyn, the dkms module should override the kernel module
<subman> I have a storage machine at 192.168.2.3 and a machine that I want to backup on 192.168.2.6.  Just looking for clarification on how to use rsync.  On the machine to be backed up, 192.168.2.6, do I use the command:  rsync -azvv -e ssh user@192.168.2.3:/destination_folder /source_folder?
<hallyn> jamespage: it didn't.  but i shouldn't have installed the linux-image-extras or wahtever package
<crono_logical> subman: it should be source then destination, so other way round. if you're not sure, there's the -n switch to see what it would do without changing any data
<subman> crono_logical, thanks.
<crono_logical> subman: I'd also drop the '-e ssh' since I think it defaults to ssh for remote stuff anyway, and also drop -z if you're on local LAN
<crono_logical> the compression would probably make the CPU the bottleneck rather than your network
<subman> crono_logical, yes, I've noticed that.
<Aison> I simply don't know how to use a LTO-5 Tape drive with ubuntu server :(
<Aison> it's a HP Drive connected to an adaptec raid controller
<xnox> Aison: I find bacula documentation and community a good source of help with all things tape
<Aison> xnox, my problem is, that I don't even have got some /dev/st devices
<Aison> the harddisk drives attached to the same raid controller are working
<genii-around> Aison: If the tape drive is last device make sure it doesn't have a conflicting SCSI id number, and that it is terminated
<Aison> genii-around, it is SAS
<genii-around> Aison: Ah, OK
<Aison> with the adaptec special tool "StoreMan" I can see the device
<Aison> but lsscsi no
<genii-around> It must be getting some odd devicename if not /dev/st0
<genii-around> Aison: Is there a /dev/nst#
<Aison> no :(
<Aison> genii-around, hmm, now after reboot I get st0 and st1
<Aison> why two?
<Aison> [6:3:0:0]    tape    HP       Ultrium 5-SCSI   Z58W  /dev/st0  /dev/sg10
<Aison> [6:3:0:1]    tape    HP       Ultrium 5-SCSI   Z58W  /dev/st1  /dev/sg11
<genii-around> Probably has autochanger
<Aison> yes, it is, so one is to control the autochanger?
<genii-around> Believe so, yes. I've not had one like that so can't say for certain however
<genii-around> Mostly I have to use ancient DAT tapes
<crono_logical> oh well, guess it was just faster to rebuild/reinstall the VM from scratch than to fix it :{
<subman> ls
<Psi-Jack> Does anyone here specifically know how Ubuntu's version of mountall actually works in detail? Because it's almost completely undocumented for what it actually does, save for the minimal information in it's --help, but the manpage for mountall isn't even relevant at all to mountall that's actually provided by Ubuntu.
<uvirtbot> New bug: #1066845 in nova "nova-novncproxy is not running" [Undecided,New] https://launchpad.net/bugs/1066845
<Aison> genii-around, funny, now I've got st0, st1 and nst0, nst0a, nst0l, nst0m nst1, nst1a, nst1l, nst1m
<Aison> quite many devices
<hijakk> howdy, I'm working on setting up a MaaS server VM, and am trying to find the instructions for what to do when you don't have control of the DHCP server, can anyone point me that way?
<three18ti> hijakk, install from USB/cd and choose to manually enlist.
<three18ti> but you're gone. so never mind.
#ubuntu-server 2012-10-24
<uvirtbot> New bug: #1070617 in postfix (main) "package postfix 2.9.3-2ubuntu2 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 75" [Undecided,New] https://launchpad.net/bugs/1070617
<NCommander> When using MAAS on a machine with multiple NICs, how can I get both of them to show up in the webUI?
<NCommander> I can only see eth1 and "" (which appears to be lo0)
<sazawal>  The minimode plugin in exaile 0.3.2.2 in Ubuntu 12.10 does not remember its position. Help!
<uvirtbot> New bug: #1070639 in juju (universe) ""juju status" trigger errors within my node logs" [Undecided,New] https://launchpad.net/bugs/1070639
<uvirtbot> New bug: #1022364 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Expired] https://launchpad.net/bugs/1022364
<uvirtbot> New bug: #1029622 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Medium,Expired] https://launchpad.net/bugs/1029622
<stiv2k> anyone here
<stiv2k> so now that ubuntu has dropped non-PAE support, what do non-PAE people have to do?
<SinZ> Non-PAE?
<Gallomimia> hi guys. how's the newest release? I'm holding off on updating for a few more days...
<stiv2k> SinZ, yeah
<stiv2k> non PAE cpu
<SpamapS> stiv2k: You have 4.5 more years with 12.04
<stiv2k> SpamapS , my friend already updated to 12.10
<stiv2k> using a non PAE cpu
<SpamapS> stiv2k: IIRC, do-release-upgrade was supposed to stop that
<stiv2k> SpamapS lol, apparently it didnt
<SpamapS> stiv2k: if he did it with apt-get dist-upgrade .. not much we can do if he failed to read the release notes.
<SpamapS> stiv2k: I suppose he didn't backup the system first either, right?
<greppy> hrm
<greppy> doh, wrong window
<stiv2k> SpamapS, i cant remember which way he did it... but why would ubuntu include more than one way to upgrade?
<SpamapS> stiv2k: there is only one supported way
<stiv2k> that wasnt my question
<stiv2k> if theres only one supported way, why does any other way even exist?
<stiv2k> ya know?
<stiv2k> why would you give the possibility of another method if you arent going to support it
<stiv2k> or maybe giant red boldface text that says USE THE OTHER COMMAND INSTEAD when the user runs it
<SpamapS> stiv2k: because do-release-upgrade depends on the lower level dist-upgrade method.
<stiv2k> oh
<stiv2k> in any case, im pretty sure i sent him this link to follow https://help.ubuntu.com/community/QuantalUpgrades
<stiv2k> which says to run do-release-upgrade
<SpamapS> Yeah so if thats not preventing non-PAE's from upgrading then I'd argue thats a bug
<stiv2k> yes
<stiv2k> i just looked at his bash history
<stiv2k> he used do-release-upgrade
<SpamapS> stiv2k: I just happen to be in the same building with the author of do-release-upgrade .. I'll ask him when I see him.
<stiv2k> SpamapS, do you reckon anyone might make a ppa for non-PAE kernels/
<stiv2k> i cant imagine it would be that hard to make
<SpamapS> stiv2k: I'm not sure. IIRC, it was dropped because its a significantly difficult thing to support
<stiv2k> SpamapS, what building is that? you work at ubuntu corporate office or something? :P
<stiv2k> you mean its harder than just setting some kernel option?
<SpamapS> stiv2k: no, Bella Center in Copenhagen. We are at a pre-UDS meeting.
<SpamapS> stiv2k: yes, the patches that Ubuntu carries don't work with some of the non-PAE kernel bits IIRC
<stiv2k> oh
<stiv2k> is it possible for him to just skip the kernel updates
<stiv2k> right now his machine is running 3.2.0-32-generic #51-Ubuntu SMP
<SpamapS> stiv2k: yeah it should work for most things
<stiv2k> how to skip kernel updates
<koolhead17> philballew, hi
<philballew> koolhead17, sorry for delay
<philballew> got a phone call from the rents
<Sprocks> anyone here set up their own IRC server for ubuntu?
<radish> hi, mysql (5.5.24-0ubuntu0.12.04.1) behaves odd. If I create a new database and user, login with the user afterwards, show privileges doesn't show the database I gave privileges for. Also the user can login without providing a password allthough I did specify one
<acidflash> hello all
<acidflash> i checked the file /sys/block/sde/queue/scheduler and inside it was the following -> noop deadline [cfq]
<acidflash> this means that cfg is the current scheduler?
<uvirtbot> New bug: #1067834 in maas "inconsistent use of reverse DNS for hostname" [Undecided,New] https://launchpad.net/bugs/1067834
<Psi-Jack> What shell interpreter does upstart actually use?
<Psi-Jack> Looks like just sh.
<Psi-Jack> dash, or compatible. :)
<MatBoy> guys, I cannot resolve domainnames, only their subdomains... what can be wrong here ?
<dorftrottel_> not the other way around?
<uvirtbot> New bug: #1070861 in maas (main) "MAAS does not support PDUs or ILOs for server reboot" [Undecided,New] https://launchpad.net/bugs/1070861
<Aison> hello
<Aison> i've got two dns servers and I specified them in network/interfaces with
<Aison> dns-nameservers 2001:1620:f00:81d3::1 2001:1620:f00:81d3::2
<Aison> why is there only the first one later in resolv.conf? nameserver 2001:1620:f00:81d3::1
<uvirtbot> New bug: #1070867 in samba (main) "No "don't know/irrelevant" options when using apport for reporting samba bugs/crashes" [Undecided,New] https://launchpad.net/bugs/1070867
<zul> soren: ping
<zul> hallyn: i think we should have libvirt 1.0 in raring rather than 0.10.2
<hallyn> zul: offhand i think i agree.  well, wahtever the newest release will be around january
<hallyn> but, i've not used anything newer than what we have in q
<zul> hallyn:  right i though 1.0 was suppose to be out at least in november
<hallyn> guess we should look at the timeline before next week.  feh
<hallyn> (feh - bc i'm bearing down for some triaging :)
<zul> hallyn: meh
<hallyn> stgraber: hm, lucid contaienrs aren't working for me on quantal hosts
<stgraber> mountall: Event failed
<stgraber> mount: mount point /dev/shm is a symbolic link to nowhere
<stgraber> mountall: mount /dev/shm [51] terminated with status 32
<stgraber> mountall: Filesystem could not be mounted: /dev/shm
<stgraber> hallyn: ^ ?
<hallyn> oh right.  someone else had reported that last week
<hallyn> gr
<hallyn> oh.  is this bc of devtmpfs?
<hallyn> yes it is
<stgraber> fun
<hallyn> i don't even know what we want to do about this.  i'll just check for (and file) a bug for now i guess.
<hallyn> on the brigh side, since lucid containers require lxcguest from ppa, they're funky anyway
<hallyn> stgraber: was it you who mentioned that last weekthen?
<stgraber> hallyn: this really needs fixing before the SRU lands though
<stgraber> hallyn: nope, wasn't me. Just heard about it now when you mentioned it (and checked against my newly rebuilt containers)
<hallyn> stgraber: good point.
<hallyn> stgraber: any thoughts on the right fix?
<hallyn> maybe the right fix is for my lxcguest to mangle /dev/shm into a symlink
<stgraber> well, /dev/shm is a symlink ;)
<stgraber> mount: mount point /dev/shm is a symbolic link to nowhere
<hallyn> sorry, a dir i meant :)
<uvirtbot> New bug: #1070914 in lxc (universe) "lucid containers don't start on quantal hosts" [High,Triaged] https://launchpad.net/bugs/1070914
<Aison> i've got two dns servers and I specified them in network/interfaces with
<Aison> dns-nameservers 2001:1620:f00:81d3::1 2001:1620:f00:81d3::2
<Aison> why is there only the first one later in resolv.conf? nameserver 2001:1620:f00:81d3::1
<Aison> with ipv4 it works
<stgraber> Aison: how many "nameserver" entries do you get in /etc/resolv.conf?
<Aison> three, two ipv4 and the first of ipv6
<stgraber> right, so that's why
<stgraber> the maximum number of entries in /etc/resolv.conf is 3
<Aison> ok, why?
<stgraber> Aison: because someone once set MAXNS to 3 in resolv.h apparently, so the libc resolver can only understand the first 3 nameserver entries
<stgraber> any extra one would just be ignored
<Aison> quite funny
<fred__> I'm trying MAAS + juju on quantal. As there is no mysql charm for quantal, I cannot deploy in using juju, should I use precise's version?
<genii-around> Would anyone know perhaps offhand the minimum amount of free disk space needed for Lucid->Precise upgrade with do-release-upgrade? The machine is pretty tight right now: /dev/sda1 9.0G 7.6G 882M 90% /    ( although I could bindmount something like /var/cache/apt to the RAID1 which has lots of free room )
<RoyK> genii-around: start with an apt-cache clean
<RoyK> genii-around: it's quite impossible to determine the amount needed for a full upgrade, though
<genii-around> RoyK: That df  is already after an apt-cache clean, actually...
<RoyK> genii-around: that's why I always use LVM even for the root, to allow it to grow if needed
<RoyK> perhaps check /var/log
<RoyK> or do you have databases running under the root partition?
<RoyK> 7,6GiB used for the root on a server is quite a lot
<genii-around> RoyK: Yes, this machine is primarily for the surveillence so it is basically LAMP plus Zoneminder. The camera footage all goes on the RAID1 right now
<RoyK> and you have all databases on the root partition=
<RoyK> ?
<genii-around> Yes
<RoyK> sub-optimal to be diplomatic
<RoyK> the root should be used for root stuff, not variable data
<RoyK> databases are very variable data indeed
<genii-around> I basically wanted to be keep the main disk size down to below 16G so I could dd it off onto a USB stick on occasion
<genii-around> Guess I could add another drive, I have a bunch of old ones around here someplace
<mdeslaur> SpamapS: have you ever gotten a mysql test suite failure in main.trigger-compat ?
<fred__> genii-around: if your raid1 storage is large enough, consider moving your db on it
<RoyK> genii-around: you don't want a database on your root partition. period.
<RoyK> genii-around: and you don't want a database on something that's not redundant
<genii-around> Yes, moving the /var to some subdir on the RAID1 seems to be prudent
<RoyK> genii-around: just move /var to the raidset
<RoyK> genii-around: next time, mirror the root as well, so that when that drive dies, the server doesn't ;)
 * genii-around goes and tinkers
<hallyn> not again
<hallyn> SpamapS: /win 15
<hallyn> well hmm
<hallyn> nm
<subman> I'm trying to setup an rsync cronjob using ssh with keys but I seem to be having a problem.  I've setup the keys and can log into the remote storage machine with no problem.  However I tried to duplicate the cronjob (I assume they are run as user 'root') with sudo and it still asks me for a password.  Did I need to setup the keys with the user 'root'?
<sarnold> sudo will ask you for a password unless you configure it not to
<sarnold> but ..
<sarnold> you may just wish to run the command via whichever user account's crontab is appropriate?
<subman> Yes, sudo did ask me for a password, but I am concerned with the ssh also asking me for a password.  I have already logged into that user account on the remote machine via ssh with no password required now that he keys are setup.
<fred__> subman: you need an ssh-agent running
<sarnold> subman: are the keys password protected? do you have an ssh-agent running to supply them with the passphrase if they are password protected?
<subman> sarnold, No, keys have no passphrase
<sarnold> okay
<subman> Maybe I'm asking this question the wrong way.
<sarnold> maybe a bit too abstract? :)
<sarnold> which user account on which host is running which commands? :)
<subman> Maybe I should ask this question in a forum to explain it in complete detail exactly what I'm trying to do here.
<sarnold> subman: or maybe paste the command you've put into which crontab...
<subman> * 0 * * * rsync -avv --delete /home kitty@192.168.2.3:/home/kitty >> /var/log/rsyncbackup.log
<sarnold> okay :) which crontab is this in?
<subman> I created that with crontab -e as a user on the machine that I want to backup the home directories from.
<sarnold> subman: and does that user account have read access to the entirety of /home ?
<subman> sarnold, Ah, I assume that the cronjobs run as root.  They run as the user that created them?
<subman> No, this user does not have read rights to the whole /home directory.  I should change that.
<sarnold> subman: yeah, each user has their own crontab; that's what you get with crontab -e :)
<subman> Yeah, I'm new at this.
<sarnold> subman: if you want to run it as root, it might be easier to add that line to the /etc/crontab file, or simplify it a little and put it into /etc/cron.daily/ or similar
<sarnold> subman: but make sure the keys are available to root; maybe you'll need to move them to /root/.ssh/
<sarnold> (root _does_ have a 'user crontab file', via crontab -e, but that's .. odd.)
<subman> sarnold, I think I'm understanding it all better now.
<sarnold> subman: cron -is- a bit cumbersome :) but it's grown to be that way by handling a lot of other needs that are hard to handle with other tools...
<subman> I would normally use a GUI tool to do backups, but this is my first install with a non GUI server install.  Time to learn the command line way to do things!
<sarnold> and besides, the gui will probably end up calling rsync in the end anyhow
<sarnold> I've seen plenty of those "products" before...
<subman> Exactly!
<subman> I thought it about time to roll up my sleeves and dive right in.
<subman> Now, if I change the permissions of /home to be 'read' for the user doing the rsync, will that permission carry over to any newly created files not owned by that user?
<sarnold> subman: depending upon the site reliability, you may also like to add --partial to the rsync command line -- that will allow it to re-use the portion of a file that may already exist on the remote end. (ideally this would just be magically correct, but it isn't..)
<sarnold> subman: no; getting read access propagated down a directory hierarchy correctly is pretty complicated
<sarnold> subman: your choices are (a) run a command that forces all the permissions to be "correct" before running it (b) some complicated "BSD groups" behavior (awesome for when you need it, but definitely a new complication) (c) just running the rsync as root.
<subman> I currently run the rsync as root via sudo but his won't work with the user account level cronjob.
<subman> I assume that I must then create the cronjob as root?
<sarnold> subman: that's what I would do
<subman> sarnold, Great, doing that just now.  /etc/crontab.
<subman> and move the keys....
<subman> hmmm, keys still do not work as root
<subman> Got it!
<sarnold> subman: hrm. is /root/.ssh group or world readable?
<subman> It worked.  I had to copy over both files in the .ssh directory
<subman> Sorry, both directories under the .ssh directory of the user
<sarnold> directories under .ssh?
<subman> keys are held in two directories under the .ssh directory.  id_rsa and id_rsa.pub
<uvirtbot> New bug: #1071011 in qemu-kvm (main) "specific device not available in client (passthrough) with high cpu load on host, none in client" [Undecided,New] https://launchpad.net/bugs/1071011
<subman> ls
<subman> (oops)
<sarnold> subman: those ought to just be files
<subman> Yes they are, sorry for the terminology
<subman> Too much learning today!
<sarnold> okay ;)
<sarnold> hehe
<subman> So many new things, but a ton of fun here.
<subman> sarnold, Thanks for your help here, greatly appreciated!
<sarnold> subman: sure, I'm glad you're still having fun :)
<subman> Oh yeah, no problem there.  I'm sure I'll make some huge errors but these are not production machines.
<subman> Just learning machines
<soren> zul: 'sup?
<zul> soren: should i be bringing gloves next week :)
<soren> zul: Of course. Just like any other UDS.
<soren> zul: Oh, *gloves*? Uh, no. Why would you?
<zul> just figure out stuff out
<sazawal> The minimode plugin in exaile 0.3.2.2 cannot remember its position and moves back to top left corner. I have just upgraded to Ubuntu 12.10 and the problem started. There is something I can do in the plugin script at /usr/share/exaile/plugins/minimode. Please help
<sarnold> hrm, seems I saw someone yesterday complaining about that. check launchpad, he or she may have filed a bug?
<sazawal> sarnold, I guess that was me :D
<sarnold> sazawal: oh :)
<sazawal> Well, I should file the bug then.
<sazawal> sarnold, do you use exaile?
<sarnold> sazawal: no, I hadn't heard of it, the funny name stuck out though.. :)
<sazawal> sarnold, haha, no problem. Its a media player
<sarnold> :)
<Aison> is it possible that isc-dhcp-server of ubuntu 12.10 is broken?
<uvirtbot> New bug: #1071053 in postfix (main) "Postfix does or doesn't relay mail from localhost to the internet depending on whether I connect via router or via 3G modem" [Undecided,New] https://launchpad.net/bugs/1071053
#ubuntu-server 2012-10-25
<RedAmber> Hello, I have a problem with trying to install UBUNTU-SERVER-12.04.1-AMD64 on a computer and it hangs at detecting cd rom for something could anyone please help me?
<RedAmber> Hello, I have a problem with trying to install UBUNTU-SERVER-12.04.1-AMD64 on a computer and it hangs at detecting cd rom for something could anyone please help me?
<blkperl> RedAmber: did you verify the integrity of the iso you downloaded?
<RedAmber> Hello, I have a problem with trying to install UBUNTU-SERVER-12.04.1-AMD64 on a computer and it hangs at detecting cd rom for something could anyone please help me?
<RedAmber2> dHello, I have a problem with trying to install UBUNTU-SERVER-12.04.1-AMD64 on a computer and it hangs at detecting cd rom for something could anyone please help me? I CHECKED MD5SUM Is good BOOTING FROM USB
<TheLordOfTime> !crosspost
<ubottu> Please don't ask the same question in multiple Ubuntu channels at the same time. Many helpers are in more than one channel and it's not fair to them or the other people seeking support.
<BlueGuy> Hello, I have a problem with trying to install UBUNTU-SERVER-12.04.1-AMD64 on a computer and it hangs at detecting cd rom for something could anyone please help me? I CHECKED MD5SUM Is good
<BusyBoxes> BlueGuy: You booting from CD?
<BlueGuy> No sir, Usb
<BusyBoxes> BlueGuy: You make sure to configure your usb to boot properly?
<BlueGuy> Maybe, Is there a set of steps you could please give me?
<BusyBoxes> BlueGuy you need to probably create a MBR
<BusyBoxes> BlueGuy: http://www.linuxquestions.org/questions/linux-general-1/how-to-make-a-bootable-usb-flash-drive-manually-859334/
<BusyBoxes> BlueGuy: unetbootin might be a easier approach.
<Guest__> hi
<joosen> hi
<joosen> everybody
<joosen> someone use the ubuntu server, can tell me that what's more stable between centos, freebsd and ubuntu.
<joosen> ?
<joosen> someone help me.
<TheLordOfTime> !patience | joosen
<ubottu> joosen: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<joosen> how can I download the ubuntu server guide pdf file into my notebook, I would like to take it to read anywhere I go?
<SpamapS> mdeslaur: no not that I recall (re test failure in main.trigger-compat)
<owh> joosen: https://help.ubuntu.com/12.10/serverguide/serverguide.pdf
<owh> joosen: https://help.ubuntu.com/12.04/serverguide/serverguide.pdf
<owh> joosen: apt-get install ubuntu-serverguide
<owh> joosen: wget -r https://help.ubuntu.com/12.10/serverguide/
<owh> joosen: Take your pick...
<joosen> thank you so much.
<owh> NP
<joosen> How can I implement the domain controller server with ubuntu?
<owh> The documentation on the EC2FAQ tells me to ask questions here, rather than in ubuntu-virt. I wanted to know if JEOS was still a going concern for installation on AWS. I feel drowned in the options available via the Ubuntu cloud selector. All I want is a minimal Ubuntu install to boot in a micro instance of AWS where I can install nginx and ssh to provide domain redirection services. Anyone got any pointers through the many and varied contradictory documen
<owh> s/domain/url/
<utlemming> owh: when you say you feel drowned, can you clarify?
<utlemming> owh: if you are wanting to run a t1.micro, you're only option is the EBS image.
<utlemming> owh: also, the cloud images that we provide are basic installations with only the basic server bits and ssh installed.
<owh> utlemming: Sorry, ran away for lunch. Drowned, as in, so much choice, so little time. I want an absolute minimal install, think JEOS, that I can install nginx onto.
<owh> utlemming: So, for my minimal work-load, I'm thinking EBS, i386, precise in Singapore?
<utlemming> owh: see http://cloud-images.ubuntu.com/releases/precise/current
<utlemming> owh: those images are minimial insalls with SSH installed -- just enough to get a bare OS up to do stuff with
<sarnold> utlemming: 404
<owh> yeah, 404
<utlemming> owh, sarnold: sorry, http://cloud-images.ubuntu.com/releases/precise/release/
<sarnold> owh: http://cloud-images.ubuntu.com/releases/precise/release/
<owh> sarnold: I'm looking at exactly that :)
<sarnold> why are the ami numbers different for what look to be identical configurations except for the datacenter?
<utlemming> sarnold: that is the way that Amazon works. The AMI is unique per region.
<sarnold> seems needlessly complicated :)
<utlemming> sarnold: for Azure, the "ami" is the same regardless of region.
<sarnold> utlemming: azure provides an equivalent to amis? neat :)
<utlemming> sarnold: well, I would wait to use Azure for production until GA, but yeah, we are providing Azure Ubuntu Cloud Images
<owh> Here: http://cloud-images.ubuntu.com/azure/
<owh> :)
<sarnold> very cool :D
<utlemming> owh: that is the raw VHD file for people to play with. We have the images listed on the portal of Azure.
<utlemming> owh: we will be publishing a new one shortly, fwiw
<owh> Tah. I'm staying with AWS ;)
<owh> utlemming: What's the difference between the micro and small image, other than ebs vs instance store. Is there additional software installed, or is this an AWS constraint?
<utlemming> owh: None -- there is no difference between the images other instance vs ebs. The difference is entirely MS.
<owh> MS?
<utlemming> owh: sorry...I'm a bit jet lagged...I meant AWS
<owh> utlemming: So, could I use an instance store image on a micro instance - that's a mouthfull, hope your jet lagged brain can process that ;)
<utlemming> owh: nope. micro instances are constrainted to using EBS.
<owh> utlemming: Right, so, it's an AWS constraint, now I understand ... I hope.
<utlemming> owh: right
<owh> All good, tah.
<owh> utlemming: And now I can see the wood for the trees. Much obliged.
<utlemming> owh: np, Amazon can be a bit daunting. Another place to get help for specific AWS issues is ##aws (yes two #'s)
<owh> utlemming: Cool, I'll stick that on my list of handy to know.
<philaneous> hi im having trouble updating ubuntu server 12.10
<philaneous> something with the kernel
<owh> philaneous: "something" isn't specific enough to actually provide any helpful advice. The advice would be "fix something", which is likely not what you're looking for.
<philaneous> owh: hi
<philaneous> owh: i do sudo aptitude upgrade
<philaneous> owh: http://pastebin.com/TRPExR7D
<philaneous> owh: thats exactly where im at
<owh> philaneous: Looks line line 6 in that is the cause of your errors. "This kernel does not support a non-PAE CPU."
<philaneous> i unnderstand that
<philaneous> what do i do about it
<philaneous> owh: should i continue using my server like that
<owh> philaneous: I don't know what you do and do not understand or know. You came here, showed us a pastebin and said "somethings broken", I pointed at what was broken. I don't have specific advice on what to do about this, but googling with that error I showed you suggests that you can install a -pae kernel. I don't have the specific name handy.
<owh> philaneous: It looks like Ubuntu dropped support for non PAE hardware, indicating that perhaps you're running an older CPU. If the machine is in production, I'd be staying with 12.04 LTS.
<philaneous> i think i will go back
<philaneous> it was working fine until i upgraded
<philaneous> and it is an older computer
<philaneous> here are the specs
<philaneous> philaneous.com
<philaneous> check it out
<philaneous> i have a php file that shows u
<philaneous> owh: i appreciate your help
<owh> philaneous: Unfortunately I don't have specific help instructions to impart. Downgrading an upgrade is likely going to be painful.
<philaneous> i know
<philaneous> owh: im probably going to have to redo it
<philaneous> owh: start from scratch
<philaneous> owh: again :(
<owh> philaneous: You **MAY** be able to use apt-cache search "-pae"
<philaneous> so type sudo apt-cache search "-pae"
<owh> philaneous: no need for sudo
<jmarsden> owh: I think it is somewhat the opposite -- he need a non-PAE kernel, one that does not need the PAE CPU capability.
<fleish> hi all, I'm trying to install the cloud/uec images using openstack essex. precise & oneiric fired right up. lucid however is failing to get past initramfs b/c it can't find /dev/xvda to mount as root. can anyone help me figure out what's going on?
<philaneous> jmarsden: is right
<philaneous> jmarsden: i do need a kernel that does not require PAE CPU capability
<owh> jmarsden: So, doesn't the package name for a "normal" kernel exclude pae in the name, and a kernel that does not require pae have pae in the name?
<owh> jmarsden: I don't have a 12.10 handy.
<philaneous> fuck i shouldnt have upgraded guys
<owh> philaneous: Magic happens when you're having fun :)
<owh> Hold tight though, you might not have to start again.
<philaneous> i think its creating errors too when im in irc
<jmarsden> owh: That naming convention was the case before PAE became the default, at least.  I suspect 12.10 kernels (which by default need PAE, I think) do not use the "pae" in their names, because there is no official "non-PAE" version of them.
<jmarsden> Assuming the kernel package at http://packages.ubuntu.com/quantal/linux-image-3.5.0-17-generic needs PAE... it doesn't seem to have PAE in its name...
<owh> Yeah, I'm looking too...
<philaneous> thanks guys
<fleish> nobody?
<jmarsden> fleish: It's late in the USA and too early for Western Europe to be awake... you might want to ask again in 2 or 3 hours when the UK-based folks wake up
<owh> philaneous: Looks like your SOOL. Sorry.
<fleish> jmarsden: yeah but then it'll be really late in the USA I'll probably hope to be asleep come 2-3am ;)
<philaneous> owh: fuck
<philaneous> man
<philaneous> ok
<jmarsden> fleish: well, then go to bed now and ask again in 8 hours when you wake up :)
<owh> philaneous: Before you start formatting discs, perhaps you should seek other opinion.
<philaneous> dude
<philaneous> i cant even afford to wipe out my dics
<philaneous> not this is instant
<owh> You *MAY* be able to compile your own kernel, but it's been many years since I last did that.
<jmarsden> philaneous: I think owh is correct, in that there is no official non-PAE kernel being made for Quantal 12.10 that I can see.  You might be able to grab the relevant kernel source packages and hack them a bit and build yourself a new non-PAE kernel build... but you'd need a PAE-capable machine and some knowledge of packaging and building stuff from source to do that.
<philaneous> jmarsden: yeah man
<philaneous> jmarsden: its a very old laptop
<philaneous> stil lrungs
<philaneous> still runs*
<owh> As a server?
<jmarsden> philaneous: Are you saying you have a server that you upgraded... when you had *no* backup of it??  This is #ubuntu-server... so you're running a server, right?
<philaneous> jmarsden: yes
<philaneous> jmarsden: philaneous.com
<philaneous> jmarsden: all specs are in the indec
<philaneous> index**
<jmarsden> So step #1 is going to be to get yourself a backup of the machine in its current state.  Before you do anything at all.
<philaneous> jmarsden: i know
<philaneous> jmarsden: im just going to save all my files
<philaneous> and reformat it
<owh> Uhm, you may be able to install an older kernel.
<philaneous> how
<owh> apt-get install.
<philaneous> hold on
<jmarsden> Wait... it is up now... and says it is running 12.10.  So... I dn't understand...
<philaneous> jmarsden: dude i cant update
<jmarsden> philaneous: Can't update any package at all, or just can't update the kernel?
<philaneous> jmarsden: I think owh is correct, in that there is no official non-PAE kernel being made for Quantal 12.10 that I  can see.  You might be able to grab the relevant kernel source packages and hack them a bit and build yourself a new  non-PAE kernel build... but you'd need a PAE-capable machine and some knowledge of packaging and building stuff from  source to do that.
<philaneous> ooooppps sorry
<philaneous> mistake
<philaneous> jmarsden: so im typing sudo aptitude upgrade
<owh> I'm looking for the package name for the most recent non pae kernel.
<jmarsden> If the machine is up and running, you should be able to update everything except the kernel just fine, and buy yourself some time to research how to build custom non-PAE kernels in a few days or weeks.
<philaneous> jmarsden: lol
<philaneous> jmarsden: thats going to take some time brother
<owh> jmarsden: So, just an apt fix?
<jmarsden> owh: The machine is up... running apparently OK.  So either just update whatever non-kernel packages need updating, or pin the kernel to whatever it is now running...
<philaneous> jmarsden: http://pastebin.com/28fMPkPt
<philaneous> jmarsden: thats after i type sudo aptitude upgrade
<owh> So, I'm guessing sudo aptitude -f upgrade would resolve the problem ---- don't type this until this is confirmed!
<jmarsden> philaneous: That pastebin output shows that trying to upgrade the kernel fails.  So... don't do that.  pin it to whatever version it now runs, and then update/upgrade anything else you need to update on the machine.
<jmarsden> https://help.ubuntu.com/community/PinningHowto
<philaneous> jmarsden: is this pretty much to target individual files
<jmarsden> owh: I'm not sure about what aptitude -f would do, so I'd be a bit hesitant to try it...
<jmarsden> philaneous: Yes, it lets you tell apt "keep this package at this version please"
<owh> jmarsden: I would expect it to remove the attempt to upgrade the kernel. But as you say, I'm not sure either...
<philaneous> jmarsden: so this is just going to upgrade the other programs i need
<jmarsden> philaneous: That would be the idea, yes.
<philaneous> jmarsden: but i have to do soe many things
<philaneous> and they dont recommend it
<philaneous> also
<philaneous> libc6 version  match
<jmarsden> You are a server admin... so you get to learn about a new aspect of apt and dpkg use now... your server is up and running, and noone is asking you to do anything with libc6.
<owh> philaneous: Just so you know, by pinning the kernel, you're just saying, don't touch this kernel package. Your other options are, don't upgrade any packages, re-install, or manually roll-back your server.
<jmarsden> The only packages I am suggesting you pin are the kernel packages.
<philaneous> ok i will consider that
<owh> philaneous: There is nothing inherently bad about pinning. It has implications further down the track.
<owh> philaneous: Some of those implications will bite you later, but the hole you dug yourself into is a deep one. We're just attempting to stop you from drowning.
<philaneous> owh: how am i drowning
<philaneous> owh: its my hard wares fault
<jmarsden> philaneous: It has served you well for several years.  It's not really the fault of the CPU that it doesn't have PAE :)
<owh> philaneous: You know the line you don't cross, look behind you :) -- seriously, this is basically a hardware incompatibility that has bitten you. Making a backup before you do a dist-upgrade, or any upgrade for that matter is a very good idea.
<philaneous> jmarsden: you saw the specs right
<philaneous> owh: i know im going to have to roll back
<philaneous> owh: with 12.04 it ran pretty good
<owh> philaneous: Because rolling back is so painful we're suggesting that pinning the kernel is a less eye poking experience.
<jmarsden> philaneous: Yes.  That's a fairly old machine.  So "its my hard wares fault" is not really correct -- the hardware is working to specification.  It is the server admins "fault" for not making and verifying a backup before doing an OS upgrade on a server :)
<owh> ROTLF
<philaneous> jmarsden: Good point.
<owh> I'm laughing so hard, I cannot even type.
<owh> ROTFLOL
<philaneous> owh: He has a good point.
<owh> I'm not disagreeing here :)
<philaneous> jmarsden: The backup I can still do though, that won't be a problem.
<philaneous> owh: It's not a big deal
<philaneous> owh: It could have been worse.
<jmarsden> OK, so then the solution is probably (a) make and verify backup (b) install 12.04 (c) restore data and relevant config files from backup (d) make anothe rbackup of new setup (e) set up automated regular backups for the future :)
<philaneous> I like 12.04
<philaneous> It ran good with it
<armaan> o/
<armaan> 0/
<owh> philaneous: Yup. You could have ssh-ed into a remote server with a full disc, done an upgrade which was in the process of installing something when your internet connection dropped out causing the server to reboot and wait for you to press a key to continue on the console :)
<owh> philaneous: That in turn required someone to drive to the datacenter in Alaska where they hit a moose and died. So, yes, it could have been worse, but it's not, so don't worry about it.
<philaneous> lmao
<ivoks> http://www.indiegogo.com/cubieboard
<ivoks> rbasak: http://www.indiegogo.com/cubieboard
<ivoks> rbasak: 'what's this?' ?? :p
<owh> !url @ivoks
<owh> Doh
<VinceBrowning> Hello there
<VinceBrowning> ?
<VinceBrowning> Can anyone point me in the direction of how to set up a home/internal DNS server using bind9... with idiot proof steps (as I tend to be quite the idiot these days)
<owh> VinceBrowning: Last I looked, the server guide does that.
<VinceBrowning> Does it? Hmm.. See what I mean about being an idiot?
<VinceBrowning> Ty
<ivoks> https://help.ubuntu.com/community/BIND9ServerHowto
<VinceBrowning> owh and ivoks,Thank you both
<uvirtbot> New bug: #1068383 in maas (main) "package reconfiguration could ask further configuration details" [Medium,Triaged] https://launchpad.net/bugs/1068383
<uvirtbot> New bug: #1068112 in php5 (main) "php5-fpm init script doesn't handle reload correctly" [Undecided,Fix released] https://launchpad.net/bugs/1068112
<uvirtbot> New bug: #1068843 in maas "maas-cluster-controller doesn't have images for provisioning" [Critical,In progress] https://launchpad.net/bugs/1068843
<uvirtbot> New bug: #1070909 in quantum (main) "quantum-plugin-openvswitch-agent install fails due to lack of /etc/quantum" [Undecided,Fix released] https://launchpad.net/bugs/1070909
<vulture> It report the error
<vulture> Configurazione di open-iscsi (2.0.871-0ubuntu4)...
<vulture> update-rc.d: warning: open-iscsi stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (0 6)
<vulture> who can tell me how to modify the configure to save it
<vulture> Thanks
<xsl> hello all, people tell me to have multiple ip on eth0 that eth0:0 is deprecated and i should use ip addr add ( but how do i use /etc/network/interfaces then ?)
<uvirtbot> New bug: #1067877 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Invalid] https://launchpad.net/bugs/1067877
<uvirtbot> New bug: #1071264 in openssh (main) "sshd cannot be remotely restarted from an ssh session" [Undecided,New] https://launchpad.net/bugs/1071264
<bubu\a> hi guys - I setup an http proxy on my ubuntu server install but I need to change the proxy - anyone know where this is written to? can't find in /etc/bash.bashrc or /etc/environment ?
<melmoth>  /etc/apt/apt.conf ?
<bubu\a> is that the only place it gets written for apt?
<bubu\a> it doesnt configure a system wide proxy?
<bubu\a> I can see it in apt.conf but wasn't sure if that was the only place it put in the proxy
<melmoth> the only "system" wide setting i am aware of is with unity network tool gui thingy.
<melmoth> i dont know where it stores stuff, but i would bet for gconf
<bubu\a> its a headless server
<soren> bubu\a: I don't think it gets set globally, but only for apt. I'm not completely sure, though.
<Aison> on ubuntu server 12.10, isc-dhcp-server-ldap is broken
<bubu\a> soren, looks like you are correct!
<koolhead17> soren: hey there
<roddy> What is a good specific source to set up a virtual host using Apache2, PHP, and MySQL on Ubuntu 12.04.  I want to do it from scratch, so that I might have full knowledge of what is going on.
<patdk-wk> the manuals of mysql/php/apache2?
<patdk-wk> using a specific source/tutorial won't teach you anything about what is going on
<roddy> Yeah, I have already started with the Apache2 guide, but I am finding it difficult to get a could overview.  Everything is in bits and pieces and each new bit or piece leads to a lot of other new bits or pieces that require still further query.  As a result, it is difficult to stay focused.
<melmoth> roddy, stay focused on apache, untill you manage to have a virutal domain working.
<melmoth> then play a bit with php, so that you can render page. Then install mysql, play a bit with command line query.
<melmoth> then try to make the same with php. et voila.
<roddy> Actually, I already have pretty good knowledge of PHP.  No other recommendations for Apache2?
<patdk-wk> the issue with php, or cgi's in general, is security
<roddy> Yes, I agree.  The issue is security, but it is also flexibility.  This is the reason I want to know the nuts and bolts and am seeking to avoid any prepared packages.
<roddy> Still, having to know every nut and bolt is very painstaking.  And, it is usually not necessary to know everything.
<patdk-wk> only true till you hit a problem :)
<roddy> Like permissions.
<hallyn> utlemming: i'm confused.  is /dev in ubuntu cloud precise images not yet populated then?
<patdk-wk> permiessions are defently needed
<patdk-wk> depending on what type of hosting your doing
<roddy> What I would like to do is set up to virtual hosts on the same machine on the same LAN.  Use one that is completely permission free and the other that is built for the internet WAN.  The first host would be for experimentation and easy entry and exit.  The second would be for WAN testing, but on my LAN.
<patdk-wk> the worst thing, is using a cgi program on one website, to edit/modify/read another website
<hallyn> stgraber: utlemming: perhaps long term implementing a '-o newinstance' for devtmpfs is worth it in the kernel
<patdk-wk> if all the websites are technically managed/owned by the same person, not a huge deal
<patdk-wk> but different people, it is a big deal
<stgraber> hallyn: +1
<roddy> The machine and LAN are owned by me, but I want to be able to pick up the second virtual host and move it anywhere without a lot of complication.
<patdk-wk> no, it's who owned the virtualhosts that is the issue, normally
<roddy> My problem is that I do not know how or where I will host the content of my second virtual host, and would like to be able to have it hosted anywhere.
<zul> ugh i need tomcat
<CharlieSu> Hi all.  I'm using the internal-sftp of SSHD to run a chroot'ed SFTP server on a box.  Is there a good way to log this SFTP activity?  Not just logins, but file downloads and uploads too?
<soren> zul: I'm so sorry to hear that.
<roddy> Do you know Java?
<blazemore> What's the minimum amount of X-stuff I need to install for "ssh -X host firefox" to work?
<melmoth> an x server and a ssh client ?
<TheLordOfTime> blazemore, on your end you need an x server and an SSH client
<blazemore> so just xserver-xorg is all I need?
<TheLordOfTime> you won't need  more on the remote, if it already has firefox it has GUI stuff
<blazemore> No it doesn't
<blazemore> It's a vanilla Ubuntu server install
<melmoth> you will probably also like a xterm of some sort to be able to run the ssh command in.
<blazemore> No, I want to run X applications remotely, but I don't want a full DE
<melmoth> without one, you ll just have windows you wont be able to ..move, or close.
<melmoth> so it ll work, but ill not be cozy
<TheLordOfTime> what melmoth said
<blazemore> It's fine, I'll deal with that
<blazemore> I just need to run remote GUI apps ocassionally over SSH with X forwarding
<blazemore> so I just need the package xserver-xorg?
<melmoth> and a xterm (i m not sure what would happen if you put the ssh comand in your .Xclient or .xinitrc file)
<blazemore> Oh ffs
<blazemore> Is there a way I can take irssi and put it in a new screen session?
<blazemore> I forgot to run screen before I ran irssi
<TheLordOfTime> blazemore, exit irssi, run screen, then run irssi?
<blazemore> yeah I guess so
<noob2> is there a bug in ubuntu server 12.04 which prevents it from binding ldaps for authentication?  i copied my config exactly from a working redhat server and ubuntu won't bind properly
<noob2> anyone have a working ldaps configuration they'd be willing to share?
<bubu\a> smbmount //10.29.39.23/clientshares /mnt/hd2/clientshares/ -o user=samba,pass=t0r3x,gid=ubuntu,uid=ubuntu - anyone know why this mounts the share to /mnt/hd2/clientshares but as root and not ubuntu...?
<_KaszpiR_> hm I get wrid server freezes
<_KaszpiR_> cannot diagnose it :/
<RoyK> wrid?
<_KaszpiR_> weird
<_KaszpiR_> the machine stopped respoding to anything except ping
<RoyK> _KaszpiR_: nothing in the logs?
<_KaszpiR_> tried to ssh and it showed proer login prompt, entered login and it just froze
<RoyK> _KaszpiR_: configuring serial or network console may help
<RoyK> _KaszpiR_: what you're describing usually means something I/O related is fscked up
<_KaszpiR_> but total freeze?
<_KaszpiR_> I guess zfsonlinux is buggy
<RoyK> usually, if you try to login, and you get login prompt, but it hangs after typing password, I/O is probably hanging
<RoyK> _KaszpiR_: use a serial or network console
<_KaszpiR_> hard reboot
<RoyK> _KaszpiR_: that way you'll get a message if the kernel OOPSes
<RoyK> _KaszpiR_: that obviously helps :P
<RoyK> _KaszpiR_: but if I/O is hanging, it probably won't tell you much from the logs (nowhere to log...)
<_KaszpiR_> well, I've installed X on it,
<RoyK> X hides kernel messages
<_KaszpiR_> and normally kernel panic should show something
<RoyK> a panic, yes, but not an OOPS
<RoyK> which may be what you're getting
<_KaszpiR_> oh
<RoyK> an OOPS is a "panic light"
<RoyK> not bad enough to panic, but quite often serious enough to hang I/O
<_KaszpiR_> eah
 * RoyK would use something based on illumos or freebsd to get ZFS
<RoyK> ZFS is stable on openindiana, smartos, omnios, nexenta and freebsd
<RoyK> choose the OI or Fbsd if you want X
<RoyK> probably fbsd, since OI isn't very frequently updated anymore
<_KaszpiR_> nothing in the logs
<RoyK> _KaszpiR_: no, there usually aren't anything in the logs if the I/O system hangs
<_KaszpiR_> yeah, buffered et
<_KaszpiR_> etc
<RoyK> _KaszpiR_: that's why you should use a network console, or perhaps a serial console if you're old-fashioned
<_KaszpiR_> the only option would be setting up remote syslog
<RoyK> no, not because of buffers, because it just can't write to hung I/O
<RoyK> or network console
<_KaszpiR_> will try netconsole
<RoyK> which is probably the safest
 * RoyK likes serial consoles
<RoyK> but netconsole will undoubably work
<RoyK> still, I would recommend against using zfsonlinux for anything but testing
<_KaszpiR_> well, i keep crap on it
<_KaszpiR_> ;D
<RoyK> sounds like testing ;)
<fleish> hi all, I'm trying to install the cloud/uec images using openstack essex. precise & oneiric fired right up. lucid however is failing to get past initramfs b/c it can't find /dev/xvda to mount as root. can anyone help me figure out what's going on?
<roddy> Is that Menschenfleisch or some other?
<xsl> why should i need on a webserver x11 libs?
<xsl> and xauth
<xsl> is there a tutorial on a cleanup install of a ubuntu server?
<sarnold> xsl: were they brought in for ssh -X forwarding?
<xsl> wel i tought of X forwarding but its a rarely used "feature"
<xsl> and i was trying to purge the install the best i could
<xsl> its like the crda package .. and my server does not use wireless stuff..
<xsl> there are some dependencies and packages that i just dont get it
<uvirtbot> New bug: #922628 in libvirt (main) "virbr0 not created at startup" [Medium,Invalid] https://launchpad.net/bugs/922628
<fleish> hi all, I'm trying to install the cloud/uec images using openstack essex. precise & oneiric fired right up. lucid however is failing to get past initramfs b/c it can't find /dev/xvda to mount as root. can anyone help me figure out what's going on?
<uvirtbot> New bug: #1071504 in lxc (universe) "lxc-start doesn't work ubuntu 12.10 " [Undecided,New] https://launchpad.net/bugs/1071504
<Ryan_Lane> when will updated openstack packages be released?
<Ryan_Lane> it's lagging really, really far behind the openstack point release for essex
<Ryan_Lane> and some of the fixes in that were security ones
<RedAmber> Whilst installing ubuntuserver 12.04.1 64bit, off of usb using xboot, the install works fine until detecting cd-rom devices comes up and detects them and then freezes on puple screen
<d3ngar> Hello there
<d3ngar> I want to install and configure a mailserver on my aaws
<d3ngar> I want to install and configure a mailserver on my aws
<d3ngar> I'm following this guide: https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto
<d3ngar> But I'm stuck on the postfixadmin section
<d3ngar> Do I need to use postfixadmin?
<RedAmber> Whilst installing ubuntuserver 12.04.1 64bit, off of usb using xboot, the install works fine until detecting cd-rom devices comes up and detects them and then freezes on puple screen
<Ryan_Lane> shit, is it in a ppa and not in updates?
<Ryan_Lane> I see newer releases from ubuntu in launchpad, but it isn't in the repo
<Ryan_Lane> god I hate launchpad so, so much. I can't find out where the hell these packages are coming from
<Ryan_Lane> ugh. seems our mirror is broken :(
<uvirtbot> New bug: #1071529 in libapache2-mod-perl2 (main) "Version bump request to 2.0.6+" [Undecided,New] https://launchpad.net/bugs/1071529
<undersun> someone managed to enter my VPS, placed a file http://myunprotectedsite.com/osc.htm and send a lot of emails
<undersun> this site got marked by google as a spam sending site/server
<undersun> got a report from http://www.spamcop.net/
<undersun> what's the best way to approach this?
<d3ngar> Hi there, I'm unable to connect to my mail server.
<d3ngar> I just created it and have been following this guide: https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto
<holstein> undersun: this being, getting unmarked as spam?
<d3ngar> http://pastebin.com/U9yhRmUD
<d3ngar> This is the error message I receive
<dannf> smoser: is the public key used to sign the images on cloud-images.ubuntu.com available in a package somewhere?
#ubuntu-server 2012-10-26
<JanC> dannf: I doubt those are *signed* with the *public* key  ;)
<JanC> but you probably want the 'ubuntu-cloud-keyring' package
<uvirtbot> New bug: #1065511 in cinder "cinder incorrectly creating tgt files in /usr/lib/python2.7/dist-packages/volumes/" [Undecided,New] https://launchpad.net/bugs/1065511
<JanC> undersun: get your mailserver offline, learn how to be a better sysadmin, re-install your VPS from scratch and configure it properly
<dannf> JanC: i checked u-c-k, didn't see that *private* key in the keyring
<n0ts>  hi
<uvirtbot> New bug: #1030610 in qemu-kvm (main) "qemu-kvm depends on undesirable additional packages" [Low,Triaged] https://launchpad.net/bugs/1030610
<uvirtbot> New bug: #1071694 in exim4 (main) "CVE-2012-5671: Heap-buffer overflow in DNS decode logic used for DKIM" [Undecided,New] https://launchpad.net/bugs/1071694
<bubu\a> j #puppet-razor
<uvirtbot> New bug: #1069734 in maas "Filestorage is unique to each appserver instance" [Undecided,Confirmed] https://launchpad.net/bugs/1069734
<radish> hi there, is there an easy way to use local storage for volumes in openstack folsom? local as in the compute node uese its own HDDs
<vhdirk> hi all
<vhdirk> I just installed ubuntu server 12.10 on our new server, but while I can clearly see that my network devices are detected (em1, em2, p2p1, p2p2), /et/udev/rules.d/70-persistent-net.rule is just plain empty
<vhdirk> meaning that, if I run ifconfig, it only returns the loopback device
<hallyn> stgraber: say, does this ring any bells for you?        lxc-start 1351200114.339 ERROR    lxc_conf - Device or resource busy - error unlinking /usr/lib/x86_64-linux-gnu/lxc/dev/console
<hallyn> i seem to rcall someone mentioning that in the last few days...
<hallyn> utlemming: still no /dev in precise ubuntu-cloud
<stgraber> hallyn: I saw the bug, my guess was that it was related to devtmpfs and /dev/console being open on the host
<stgraber> but I only saw it quickly in bugmail and didn't investigate, so jsut a guess really
<hallyn> stgraber: d'oh, right, thanks
<cdoughty> Hi, I'm installing Ubuntu 12.04 server via cobbler 2.2.3 using a seed file and I'm noticing, when trying to use a static IP, that it always uses DHCP unless I put "netcfg/disable_autoconfig=true" in kopts.  My confusion is that Ubuntu just flat out ignores the "netcfg/disable_autoconfig boolean true" in the seed file.
<uvirtbot> New bug: #1071756 in bacula (main) "package bacula-director-mysql 5.2.5-0ubuntu6.2 [modified: usr/share/bacula-director/update_mysql_tables] failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1071756
<shadeslayer> Hi
<shadeslayer> I'm trying to configure 2 static ethernet interfaces, but when I run sudo /etc/init.d/networking restart it gives me : RTNETLINK : File exists
<shadeslayer> and fails to bring up either eth0 or eth1
<shadeslayer> s/either/both/
<shadeslayer> *and fails to bring up both eth0 and eth1
<shadeslayer> I googled it a bit and there's no definitive answer
<lordievader> shadeslayer: I had the same problem on a couple of vm's, what fixed it for me was removing /etc/udev/rules/70-persistent-net.rules
<shadeslayer> aha
<lordievader> shadeslayer: And then a reboot..
<shadeslayer> alright
<shadeslayer> if this works I'll be jumping like a maniac
<lordievader> shadeslayer: Hehehe :)
<shadeslayer> lordievader: doesn't work
<lordievader> shadeslayer: That is too bad.
 * shadeslayer tries something
<cdoughty> so has anyone here installed ubuntu 12.04 server with a seed file from cobbler before and gotten static IPs configured?
<shadeslayer> lordievader: any other ideas?
 * shadeslayer is utterly lost with this error
<lordievader> shadeslayer: Not really, it worked for me, so didn't bother looking for more.
<lordievader> shadeslayer: Sorry.
<shadeslayer> no need to be :)
<xorred> just starting up with a ubuntu 12 vps, used for a webserver...  portscanning it reveals port 53 open, should I close it via iptables? it's not needed externally, right?
<uvirtbot> New bug: #1071772 in bridge-utils (main) "Precise DHCP bridge with bond doesn't come up correctly" [Undecided,New] https://launchpad.net/bugs/1071772
<shadeslayer> lordievader: fixed it
<shadeslayer> stupid virtual networks were causing issues
<shadeslayer> probably misconfigured
<xorred> does anyone know why my ubuntu server says that iptables -t nat -F says "can't initialize table 'nat'"
<xorred> ?
<rbasak> xorred: are you running a custom kernel or something like that? Check /var/log/kern.log
<xorred> rbasak: it's empty
<xorred> I just got this vps from my vps provider, guess the distro is custom since it had apache preinstalled
<xorred> lol, lsmod returns 0
<xorred> is that bad
<shadeslayer> okay, so, my server has 2 ethernet interfaces, I can ping google from one, but not the other
<shadeslayer> I get a Destination not reachable
<shadeslayer> *destination host unreachable
<rbasak> xorred: sounds like your host is providing the kernel and not supplying logs either, and hasn't built the nat module. Is this virtuozzo by any chance?
<rbasak> xorred: I think the short answer is to ask your host :/
<xorred> rbasak: I just installed another kernel - 3.5 lowlatency
<rbasak> xorred: just make sure that you can actually run the kernel you have installed. Depending on the hosting environment you may not have control over it.
<xorred> well so far it's strange. openvz, and rebooting it - halts it
<xorred> weird
<xorred> have to boot up from the control panel manually every time
<xorred> lol wth, uname -a shows 2.6, initrd and vmlinuz point to 3.5! /boot contains only 3.5
<xorred> what the....
<xorred> strange, why is add-apt-repository not present in ubuntu 12.10?
<andol> xorred: Because you don't have the software-properties-common package installed?
<ppetraki> I've got an upstart task that simply won't start. http://pastebin.ubuntu.com/1307508/
<ppetraki> hallyn, ^ ?
<hallyn> ppetraki: anything in /var/log/upstart/ ?
<ppetraki> umm.. yeah, but it doesn't add up as to why it works from shell, and not from upstart
<hallyn> i'm wondering whether the job started, and the script simply had a failure
<ppetraki> hallyn, http://pastebin.ubuntu.com/1307519/
<hallyn> ppetraki: you're aware that upstart scripts run in dash?
<ppetraki> hallyn, no
<hallyn> so what you're sourcing probably isn't proper dash
<ppetraki> hallyn, so how do I source bash?
<hallyn> you don't - can you toss a full script in /bin for it to run?
<hallyn> or convert /var/lib/juju/units/opengrok-2/charm/inc/common to dash
<ppetraki> grr, that just makes more work, the whole idea was to have entry points callable as functions
<ppetraki> I guess I could do the same symlink business with inc/common as is done with the rest of hooks
<hallyn> ppetraki: you could just switch the /bin/sh symlink
<hallyn> no big deal for your juju charm imo
<ppetraki> hallyn, sounds like alternatives magic, got an incantation to do that programatically?
<hallyn> ppetraki: i don't.  and i don't see any /etc/alternatives/sh
<ppetraki> hallyn, I'm just going to create some tiny driver scripts, atleast I understand the problem now
<hallyn> i think a simple 'rm -f /bin/sh; ln -s /bin/bash /bin/sh' in hooks/install is the way to go
<hallyn> ok
<ppetraki> hallyn, that was sneaky http://pastebin.ubuntu.com/1307536/
<uvirtbot> New bug: #1071817 in tomcat7 (main) "Missing org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory" [Undecided,New] https://launchpad.net/bugs/1071817
<demersus> Anyone have time and expertise to help me figure out why my NFS4 mounts don't share the same usernames?
<demersus> I tried following the documentation, but it seems like the id mapping is not mapping correctly
<RoyK> demersus: using kerberos?
<RoyK> demersus: and same UIDs and GIDs on both systems?
<demersus> RoyK,  no I am just using the simple quickstart nfs4 config.  No kerberos, /etc/passwd on both machines
<demersus> No the UIDs, and GIDs are different.  Isn't imapd supposed to support different UIDs?
<RoyK> imapd? or idmapd?
<demersus> RoyK: sorry typo.  idmapd
<RoyK> I'd recommend something of a shared user database
<RoyK> ldap usually works
<RoyK> nis too, although a bit old-style
<RoyK> unix systems generally work *far* better with the same UID/GID on users
<demersus> This is just temporary so I can migrate websites to another server while DNS updates.  I don't want to go through all the trouble of syninc UIDs
<demersus> Maybe I don't understand the use of idmapd.  I thought it was supposed to sync user names instead of UIDs
<RoyK> if it's just moving the data, you could transfer them and run something like "find /path -user <uid> -exec chown <newid> {} \;"
<RoyK> I've only used idmapd for connecting windows/unix
<demersus> Ok.
<demersus> Thanks for your suggestions.  I appreciate the help.
<RoyK> or - change the uid/gid on the new server to the old uid/gid
<RoyK> probably the easiest
<demersus> True.  I was just hoping NFS + idmap would be quicker and easier for the time being. (Lots of vhosts & users)
<demersus> I should have copied the UIDS in the first place.
<RoyK> well, just change them
<RoyK> and chown /home/someuser to that uid
<RoyK> chowning a bunch of files takes far longer
<uvirtbot> New bug: #1071829 in tomcat7 (main) "directories for shared libraries do not match current documentation" [Undecided,New] https://launchpad.net/bugs/1071829
<demersus> Okay.
<RoyK> make that chown -R ...
<demersus> I figured that is what you meant
<demersus> Thanks
<shadeslayer> hi, I was wondering if someone could help me a wee bit in setting up a VM on my server
<shadeslayer> I can't quite figure out how to get my VM a public IP
<shadeslayer> The host has 2 static IP's and I'd like to assign one of them to the VM
<RoyK> shadeslayer: no sure, but I'd use a bridge
<shadeslayer> that's what I'm using :)
<shadeslayer> but for some reason the VM doesn't pick the ip
<RoyK> shadeslayer: that is, configure the primary as a bridge and don't assign that IP to the host
<shadeslayer> oh
<shadeslayer> I'm not sure I want to do that
<shadeslayer> because the primary IP is already for something else
<RoyK> well
<RoyK> what I do on my server is: I have eth0 without an IP address
<RoyK> I have br0 with the host's IP
<RoyK> and then the guests bridge on that with different IP addresses
<RoyK> I think this is the "preferred" setup
<shadeslayer> RoyK: I have this : http://paste.kde.org/582494/
<shadeslayer> where br0 is supposed to be the bridge
<RoyK> you shouldn't set an IP address on the bridge interface
<RoyK> at least not on the same network as the guests
<shadeslayer> so drop 18-22?
<shadeslayer> ( As you can tell, I'm doing this for the first time and I simply followed the KVM networking guide )
<RoyK> set the ip address on br0, not on eth1
<shadeslayer> https://help.ubuntu.com/community/KVM/Networking
<shadeslayer> RoyK: but don't I have to set the static IP on eth1?
<RoyK> you don't need/want an IP address on eth1
<RoyK> it'll be bridged to br0
<shadeslayer> okay
<shadeslayer> and bleh, how do I get rid of this : RTNETLINK answers: File exists
<shadeslayer> Failed to bring up br0.
<RoyK> eth1 is just a bridge point
<RoyK> br0 is using that
<shadeslayer> ( happens once I run :  invoke-rc.d networking restart )
<shadeslayer> okay
<shadeslayer> got it
<RoyK> restart networking or reboot
<RoyK> and if you're using RFC1918 addresses for the guests, keep in mind that they won't be accessible from the internet unless you do some NAT magick
<shadeslayer> uh oh
<shadeslayer> RoyK: okay, what if I want a publically accessibly IP for the VM
<shadeslayer> absolutely no NAT'ing
<RoyK> just don't set any IP address other than the primary on br0
<RoyK> and none on eth1
<RoyK> then tell the vm to use br0 and set the official IP on its interface (eth0)
<RoyK> it'll be bridged through br0 and sent out
<shadeslayer> alrighty
<RoyK> http://paste.ubuntu.com/1307846/
<RoyK> this is the configuration of one of my servers - it runs a few VMs with official IP addresses
<shadeslayer> RoyK: http://paste.kde.org/582512/
<shadeslayer> does that look sane?
<RoyK> no use for netmask or gateway
<RoyK> well
<RoyK> netmask, yes, if it has an ip address, but no gateway
<RoyK> a system has one gateway
<shadeslayer> okay
<RoyK> regardless of interfaces
<RoyK> if you have more gateways, you need OSPF or BGP or something
<RoyK> (or RIP if you're from the ninetees)
<shadeslayer> hah :D
<shadeslayer> no idea what those are but reading up on them :)
<RoyK> you don't need to
<RoyK> both OSPF and BGP will require routing deals with the ISP, so you don't need that
<RoyK> BGP is used between ISPs
<shadeslayer> heh, I'm reading to satisfy my curosity as to what this is :P
<RoyK> :
<RoyK> :)
<RoyK> that's good
<shadeslayer> *curiosity
<RoyK> curiousity is always good
 * shadeslayer notes that he should probably sleep within 30 minutes to catch his flight for UDS
<RoyK> UDS?
<shadeslayer> Ubuntu Developer Summit
<shadeslayer> starts next week
<RoyK> where's that?
<shadeslayer> Copenhagen
<RoyK> too bad my employer sticks to redhat...
<shadeslayer> :D
<shadeslayer> hmph
<shadeslayer> I keep getting this interface called vnet0
<RoyK> that's usual
<RoyK> virtual interface created to interface with vr0
<RoyK> br0
<RoyK> one per vm
<shadeslayer> http://paste.kde.org/582518/
<RoyK> configure the vm to use the IP you want to use
<shadeslayer> okay
<RoyK> and btw, posting official ip addresses isn't dangerous unless you haven't secured the server, but then, if you haven't secured the server, it's out bad anyway
<shadeslayer> :)
<shadeslayer> ok, still doesn't connect to the internet
<shadeslayer> can't ping the vm, can't ping from the vm
<RoyK> pastebin the config from both host and guest
<RoyK> ifconfig from both should do
<shadeslayer> hmm .. VM doesn't have pastebinit/internet
<shadeslayer> will take a screenshot :)
<RoyK> ok
<shadeslayer> RoyK: VM : http://i.imgur.com/moyEN.png
<RoyK> I guess the host setup is prominent
<shadeslayer> vm http://paste.ubuntu.com/1307888/
<shadeslayer> erm
<shadeslayer> host ^
<RoyK> same IP on host br0 and guest
<RoyK> guess the host will reply, then
<RoyK> try to remove the ip address on br0
<shadeslayer> okay
<shadeslayer> Missing required variable: address
<shadeslayer> Missing required configuration variables for interface br0/inet.
<RoyK> sec
<shadeslayer> sure
<RoyK> iface eth1 inet manual
<RoyK> make that br0
 * shadeslayer tries
<shadeslayer> mmm ... rebooting VM
<shadeslayer> nop
<moonpup> anyone know if it's possible to disable scp within ssh?
<moonpup> i know how to disable sftp, but would like to nix scp as well
<Carleeno> Hi, all! I run a small biz and wanting to set up a ubuntu server to handle webhosting, SOGo (and it's dependencies), ftp, samba (for active dir and file sharing), and quickbooks db. any problems with running all of those services from one machine? Or will I need to split any of them up?
<Carleeno> I know it's not exactly a tech question, but does anybody see any issues with running the following services all from one machine? SOGo, postgreSQL, OpenLDAP, postfix, Cyrus IMAP, as well as Samba (for Active Dir and file sharing), web hosting and ftp hosting, and Quickbooks DB? I vaguely recall that there might be a problem with using samba for AD along with sogo and openLDAP on the same box. I'm asking because I'm about to b
<patdk-lap> you can run as much stuff on one box as you want
<patdk-lap> the only issue you will have is if things require certain ports
<patdk-lap> but normally, you should split them up for security, flexability, or just general update/upgrade mainance ease
<Carleeno> Thanks patdk-lap, I'll keep that in mind
<wash> Hello - it was suggested to me at Linuxcon by an Ubuntu developer that ubuntu has a system called juju that might fit my needs for cluster provisioning. Are there any juju developers/users around? I wasn't able to find the sort of details that I was looking for on the juju website
<wash> I'm looking specifically to deploy minimal Debian or Ubuntu system images to an HPC cluster that I run at my university. The cluster has 7 different classes of compute nodes, and I need to be able to manage 4 different system images.
<wash> I need something that supports PXE booting, but must be able to install the system image to a hard drive as I cannot have the OS image living in memory.
<redamber> When installing Server 12.10 I get an error after detecting the cd-rom, this is the error "ERROR MOUNTING CD-Rom"
<trisec> nabbend
<cromag> evening
<cromag> is ubuntu server release upgraded the same way as the desktop version ?
<RoyK> it is
<cromag> clear and nice.
<cromag> thanks :)
<RoyK> but most of us that run server releases stick to LTS
<resno> LTS!
<RoyK> !lts
<ubottu> LTS means Long Term Support. LTS versions of Ubuntu will be supported for 3 years on the desktop, and 5 years on the server; with the exception of 12.04 (Precise Pangolin), which will be supported for 5 years on the desktop. The current LTS version of Ubuntu is !Precise (Precise Pangolin 12.04)
<cromag> i see.
<cromag> i'll stick around for at bit.
<uvirtbot> New bug: #1071910 in lxc (universe) "lxc stop will hang forever" [Undecided,New] https://launchpad.net/bugs/1071910
#ubuntu-server 2012-10-27
<overrider> i have about 10 machines running the same version of ubuntu 10.04LTS, quite easy to administer; now i am replacing one of them with new hardware. Put 12.04LTS on it, or stick with 10.04LTS for its quite nice to have all machines sort of in sync configuration wise...?
<overrider> ah well
<hallyn> stgraber: hey, was playing with lp:~serge-hallyn/ubuntu/quantal/lxc/lxc-qp, which has a patch to look for 'lxc.autodev = 1', and if that's found create a bare /dev.  Basically works, except the list of devices is not complete - upstart is failing
 * hallyn out
<stgraber> hallyn: ok. Another way of doing it would be to iterate through the host's /dev and copy any entry that matches what we have in the device cgroup config
<stgraber> that should be the providing everything the container needs without copying all of /dev in the process
<stgraber> not sure how easy it'd be to implement this though
 * stgraber -> out
<hallyn> stgraber: i take that back - the container is booting fine.  i just lose track of the consoles.  will have to figure out why later
<Aison> this bug is really bad :(  https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1071928
<uvirtbot> Launchpad bug 1071928 in isc-dhcp "isc-dhcp-server-ldap (4.2.4-1ubuntu10.1) is not capable of ldap" [Undecided,New]
<Aison> my whole dhcp is no longer working :(
<hackeron> hey, I have an issue with ubuntu 12.04 running under xen - when I try to start rsyslogd, it just hangs and doesn't respond to anything except kill -9 - I tried to run it in debug mode with rsyslogd -f /etc/rsyslog.conf -c5 -dn -- it then starts logging just fine, but if I remove the -d option, it freezes again :/ - any ideas how to debug or what could be causing this?
<koolhead17> party time!!!
<uvirtbot> New bug: #1072084 in exim4 (main) "package exim4-config 4.76-3ubuntu3.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1072084
<uvirtbot> New bug: #1072085 in exim4 (main) "attempt to execute non-executable temporary file during package installation" [Undecided,New] https://launchpad.net/bugs/1072085
<storrgie> I'm running a couple 12.04 servers and I noted recently that my Linode (which is 12.04) is on kernel 3.5.2 where as the ones I manage and let update from official sources are on 3.2.0. Am I not updating properly?
<patdk-lap> storrgie, linode and other vps providers are not real servers
<patdk-lap> therefor you can't depend on anything matching or working the same
<maxb> They're not *physical* servers. They're quite real in the sense that they will serve things
<IanWizard-Cloud> I'm trying to setup Dovecot, and I've gone through, and gotten it all setup, and when I start it, it doesn't open any ports.  No errors, nothing in logs, it just says that it started.  It is running, but doesn't open any ports.
<guntbert> IanWizard-Cloud: was there a tutorial you followed? did you seehttps://help.ubuntu.com/12.04/serverguide/dovecot-server.html ?
<guntbert> oops https://help.ubuntu.com/12.04/serverguide/dovecot-server.html
<RoyK> !dovecot
<ubottu> IMAP and POP are protocols for fetching email. The officially-supported server in Ubuntu is Dovecot (packages "dovecot-imapd" for IMAP, and "dovecot-pop3d" for POP) - See also !MailServer for information on the SMTP protocol
<RoyK> !email-server
<RoyK> !mail-server
<RoyK> !dovecot-imapd
<guntbert> !mailserver
<ubottu> Ubuntu supports the Simple Mail Transfer Protocol (SMTP) and provides mail server software of many kinds. You can install a basic email handling configuration with the "Mail server" task during installation, or with the "tasksel" command. See also https://help.ubuntu.com/community/MailServer and https://help.ubuntu.com/12.04/serverguide/C/email-services.html
<guntbert> RoyK: thats exactly where I already pointed him to :)
<IanWizard-Cloud> guntbert: I followed the guide on the dovecot wiki.  I'll go through this though.  I like to think I'm competent enough to get it working, but I'm being proven wrong quickly :P
<guntbert> IanWizard-Cloud: I didn't doubt your competence :) - but its easier if we have a common page to check against - and the one from server guide always worked for me
<IanWizard-Cloud> guntbert: would you believe, I only had the core installed, not the actual imap / pop daemons?
 * IanWizard-Cloud <ashamed>
<IanWizard-Cloud> ugh, I feel so stupid.  Anyway, thanks guntbert :)
<guntbert> IanWizard-Cloud: no worries - thats what guides are for :) - glad you got it working!
<Guest51565> does anybody know how to configure lamp
<[conrad]> Guest51565: http://ubuntuserverguide.com/2012/05/how-to-install-lamp-server-in-ubuntu-server-12-04-lts.html , http://www.howtoforge.com/installing-apache2-with-php5-and-mysql-support-on-ubuntu-12.04-lts-lamp
<Guest51565> does that say how to use it to
<[conrad]> Guest51565: You'd have to better define "how to use it" for me to provide a better response, but ultimately full coverage of all the functionality for the respective software is available in their online docs.
<maxb> LAMP is so many things that asking how to configure 'it' is a question that cannot be answered in anything should of a book
<Guest51565> im talking about the languages does it walk you through where they should be installed
<[conrad]> Guest51565: Not quite sure I follow. The links ( especially the second ) literally provide step-by-step instructions for the installation.
<IanWizard-Cloud> maxb: it varies by "language".  You can usually just install them from the repos and be fine.  I'm sure both links above cover that.
<Guest51565> what about the directories does it define where you put the distinct  files
<maxb> Guest51565: You seem to be approaching this with some odd preconceptions, on Ubuntu most software is packaged and you don't need to think about where to put files when installing it
<Guest51565> no not when installing it i mean when thr packages are installed like where to put the files to display a page on html or php
<Zanzacar> does anyone know how to access a svn repository from outside your home network? I tried #svn but didn't get a response
<Zanzacar> been looking around online and haven't found anything specifically
<cocoa117>  how do u make ubuntu go to sleep when idled?
<maxb> Zanzacar: It's really really easy if you already have a ssh server running/accessible - do you?
<uvirtbot> New bug: #1072221 in elinks (universe) "ELinks built without lua support" [Undecided,New] https://launchpad.net/bugs/1072221
<Zanzacar> maxb: yes I do
<Zanzacar> maxb:  I wanted to use netbeans to access everything so I managed to do the http version via netbeans but I need to figure it out for connections outside my home
#ubuntu-server 2012-10-28
<Zanzacar> can anyone help me out setting up access to my WebDav svn from outside my house?
<Zanzacar> I have it working within my home but now I want to have access outside my home
<LordOfTime> portforwarding :P
<Zanzacar> look into that but just ended up with apache serving the page instead of subversion
<Zanzacar> I am not sure how to portward to the subversion directory
<fleish> you probably need to configure apache to serve webdav if I understand right
<Zanzacar> fleish: I think your right
<fleish> (bow)
<uvirtbot> New bug: #1072313 in clamav (main) "package clamav-milter 0.97.3+dfsg-2.1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1072313
<koolhead17> hey all
<Zanzacar> Where would someone recommend I get a small server from? I want full access to it to do whatever I would like without any restrictions. Any thoughts?
<Frostbyte> a little help here? I face an issue similar (if not exactly) to this: http://askubuntu.com/questions/192684/postfix-dovecot-not-receiving-mail-in-vmail-directory
<Frostbyte> used that guide (skipping SASL/Clamav/Spamassasin, to keep it simple): http://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/
<SpamapS> Zanzacar: you can get a free server for a year from Amazon EC2
<SpamapS> Zanzacar: http://aws.amazon.com/free/
<Frostbyte> anyone?
<patdk-lap> yuk
<uvirtbot> New bug: #1072373 in mysql-5.5 (main) "package mysql-server-5.5 (not installed) failed to install/upgrade: ErrorMessage: corrupted filesystem tarfile - corrupted package archive" [Undecided,Invalid] https://launchpad.net/bugs/1072373
<Zanzacar> SpamapS: I did use that for a  year and my account is up now. I guess I could create another amazon account and have another micro but I just figured its about time I pay
<SpamapS> Zanzacar: $17/month too much to pay?
<patdk-lap> hmm? you can get it for $3 a month
<Zanzacar> SpamapS: I guess not. I never really figured out exactly how much it would be becuase it seems like there is a lot of hidden prices or something
<Zanzacar> I never looked into it that much
<Gallomimia> Zanzacar: i just found one for under 4 bucks
<Zanzacar> where?
<Gallomimia> cinfu.com
<Gallomimia> beware: unlimited bandwidth implies your fellow customers will be ramming it hard and you'll be contesting for the pipe
<Zanzacar> gotcha i dont need much just want some place to host a site, maybe subversion etc
<Gallomimia> yeah should be great for that
<vezq> anyone running openstack?
<Gallomimia> okay so how are people finding the ubuntu-server release 12.10 ?
<Gallomimia> i'm planning to upgrade tomorrow during ....
<Gallomimia> well the opposite of peak time
<vezq> why 12.10? personally trying to stick with LTS if possible
<RoyK> vezq++
<RoyK> using   something not LTS is for fun
<RoyK> if you want things to work stably, stick to LTS
<Gallomimia> hmm
<Gallomimia> alright riddle me this
<Gallomimia> why do they release a non-LTS version of server?
<vezq> I seem them as testing versions for new features
<Gallomimia> full release i guess is way better than beta
<Gallomimia> but... not for production. okay
<Gallomimia> i typically wait for a week or two for release upgrades anyway
<Gallomimia> so... apt-get dist-upgrade is still a good thing, but not do-release-upgrade you recommend?
<vezq> not saying non-LTS version are bad...but also LTS versions have 5y support
<Gallomimia> it's a game server on a VPS. how bad could it be?
<vezq> probably just fine for that
<vezq> dist-upgrade has worked nicely so far
<uvirtbot> New bug: #1068158 in mysql-5.5 (main) "mysql 5.5.28, 5.1.66 security update tracking bug" [Undecided,Confirmed] https://launchpad.net/bugs/1068158
<shadeslayer> anyone around to help me figure out how to set a public IP on a guest VM ?
<lifeless> smoser: in ec2, ubuntu cloud images - do they boot and use APIPA to talk to the metadata service, and *then* reassign ip addresses?
<lifeless> smoser: or do they come up with DHCP + a default route that lets them talk to the metadata service ?
<Gallomimia> shadeslayer: what are you doing? you are going to add an IP to a vm you control? on a physical machine you don't?
<uvirtbot> New bug: #1072427 in php5 (main) "package php5-gd 5.4.6-1ubuntu1 failed to install/upgrade: Unterprozess installiertes pre-removal-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/1072427
<Gallomimia> shadeslayer: still alive? try this: http://www.nfoservers.com/forums/viewtopic.php?f=68&t=5418
#ubuntu-server 2013-10-21
<twb> I'm rescuing a legacy 8.04 server, building a new array for it to live on.  Anybody remember if 2.6.24 supports mdadm --metadata=1.2 ?
<twb> git indicates mdadm metadata was versioned as at 2.6.12 (as far back as git goes), but I can't see where support for 1.x was added
<rostam> PLEASE HELP: I need your help please. I have created automated ubuntu installed via dvd.  For that I have created preseed file and kickstart file. Now  I want to do the automated ubuntu install via usb stick.   All the instructions so far I have found out seems usb installer which I think is different than automating installations. PLEASE HELP
<twb> rostam: using d-i or ubiquity?
<rostam> twb: I have done that, I have already created automated installation, the media however is dvd, I copied the same image to usb and it did not work?
<twb> Which are you using?  Are you using d-i?  Or are you using ubiquity?
<rostam> I am using d-i
<twb> OK.  Are you using preseed, or kickstart?  You mentioned both.
<rostam> twb: it is combination of both, I do have kickstart file and also preseed file. I can use paste bin if you want to look at the files?
<twb> OK, I do not know about kickstart.
<twb> What I mainly know is from the Debian Installation Guide (apt-get install installation-guide-amd64).
<twb> All you have to do is add preseed=<location> to the boot options, where <location> is somewhere the installer can reach -- e.g. if it is a netinst installer, it can't be on a USB disk
<twb> You can also pull apart the initrd and put it in there.
<twb> Now, you said you're writing an existing DVD onto a USB key.  Because ISO 9660 is not a writable filesystem, you'll have to either remaster it or fiddle around if you want the preseed=<location> option to be present by default, without you having to retype it each time
<rostam> twb: thank, but let me ask you this, The iso image burned on DVD which works for me, if I copied to usb as it is that should work or I need to do some extra activity to work on usb?
<twb> I don't know if current Ubuntu server install .iso is made using isohybrid.
<twb> If it is, you can write it directly to the USB key (e.g. dd if=foo.iso of=/dev/sdz) and it'll boot.
<twb> If not, it is more fiddly.
<twb> ISOs built using isolinux >= 4 can use isohybrid
<rostam> twb: oh okay thank you,  okay so where could I go check for isolinux version please?
<twb> Not sure how to detect it
<twb> Easiest would be to just try writing the ISO to a USB key and see if it's bootable
<rostam> twb: you have almost answered all my question, specially the isohybrid which I was not aware of that. thank you so much.
<twb> rostam: but if it's isohybrid, it'll boot of USB but you won't have a preseed file on the same USB key, so you still need to deal with that
<twb> # dd bs=512 count=1 < /srv/iso/cdimage.debian.org/cdimage/release/current-live/amd64/iso-hybrid/debian-live-7.0.0-amd64-rescue.iso  | file -
<twb> /dev/stdin: x86 boot sector; partition 1: ID=0x17, active, starthead 2, startsector 64, 1388480 sectors, code offset 0xed
<twb> ...that's how you tell if it's already run through isohybrid
<rostam> twb: thank you thank you thank you.
<rostam> I was lost completety
<twb> What I mostly do is grab the netboot d-i kernel and ramdisk, and put them on a TFTP server, and do the whole install off PXE boot
<twb> But for that you really want a local apt mirror to make it nice and fast
<twb> I think you can even apt-get install that stuff nowadays...
<twb> Hm, in debian there is stuff like this: debian-installer-7.0-netboot-amd64 -- I don't have a recent ubuntu server to compare
<twb> http://cyber.com.au/~twb/snarf/netboot is the crappy script I'm running on my 10.04 netboot server -- it has the URLs for the boot stuff.
<rostam> great that is great reference for me to start with.
<twb> Strongly recommend you refer to installation-guide-amd64 docs also, that's where I learned most of this
<twb> (appendices of that doc)
<rostam> ok will do that
<twb> If you're still stuck tomorrow, pm me directly -- I don't normally hang out here.
<rostam> twb: sure will do that thank you again. I have been stuck on this for last a few days. thank you
<foo357_> Hello. I've got an ubuntu machine acting as a server for a web application (apache + tomcat, and postgresql backend)
<foo357_> Yesterday the machine was updated, and the following packages were upgraded:  dpkg dpkg-dev libdpkg-perl libdrm-intel1 libdrm-nouveau1a  libdrm-radeon1 libdrm2 libglib2.0-0 libicu48 liblockfile-bin  liblockfile1 linux-firmware procps python-software-properties
<foo357_> Now the web application is acting sluggishly
<foo357_> CPU usage is minimal. Memory usage is ok I believe, there's a java process taking up 50% of the memory.
<twb> Does it normally take up 50%?
<twb> If you don't have performance monitoring already set up, it'll be harder to know what is unusual
<twb> Also desirable to find a quantitative metric, so you know when it's really fixed.  Confirm that the symptoms first appeared after upgrade -- might not be correlated.
<foo357_> twb: I don't think java's memory grab is of any concern, that's how it ususally behaves, isn't it?
<twb> Check iostat, check for procs in D state, check logs for anything unusual/interesting.
<twb> foo357_: I think so, yes, but I boycott java wherever possible
<twb> Could also take some tcpdumps between user and app, and between internal components (e.g. pg and app) to see if there are obvious latency problems and if so, where they are.  (tcpdump -s0 -wfoo.pcap, then wireshark -rfoo.pcap on a GUI system, Stats menu, also change the time column to be seconds-since-last-packet, I forget how.)
<twb> Worth pinging app's devs if they have app-specific diagnosis hints, esp. if there is long turnaround time to get a response from them
<foo357_> twb: hm, it seemed like the issue originated from the underlying network and some performance issue there. Ah, well, not my department :)
<vk01_> The dns-nameservers variable in /etc/network/interfaces appears to be working inconsistently. I've checked the documentation at https://help.ubuntu.com/12.04/serverguide/network-configuration.html -- Is there anything else I should keep in mind when running multiple bridge interfaces?
<_ruben> define "inconsistently"
<_ruben> vk01_: ^^
<vk01_> @_ruben --- had to reboot the server last Saturday. Interfaces came up as planned
<vk01_> Forced to do a reboot today --- cat /etc/resolv.conf defined no DNS servers
<vk01_> It should be enough to define dns-nameservers under just br0, don't have to define it under br1 as well right?
<vk01_> *"Interfaces came up as planned" --- meant that DNS servers showed up when I did cat /etc/resolv.conf
<_ruben> Once should be sufficient indeed. Not working with bridges myself though, so not sure if there's any caveats involving those
<vk01_> Do you use static IP addresses with 12.04 server or newer?
<_ruben> Could try moving the dns-nameservers line to the definition of lo
<_ruben> Yes
<vk01_> I'll give that a shot, thanks. Wondering if it's worth removing resolvconf and doing it the old way
<_ruben> I've pondered that as well in the past. Then again, the dns-nameservers always worked for me. Just needed to get used to putting it into /e/n/interfaces :)
<_ruben> But like I said, no bridges here, do use a lot of bonding/vlan tagging/bare interfaces tho
<gdos> http://pastebin.com/d2GsbqWN - seems i can't remove a package. since this package is broke i can't seem to install, update, or upgrade other packages.
<plod> hey anybody got a similir problem to me, (saucy, phpmyadmin) the current server dropdown is not changing the servers unless i first click on a link in the main pane
<gdos> http://pastebin.com/d2GsbqWN - seems i can't remove a package. since this package is broke i can't seem to install, update, or upgrade other packages.
<aaronds> Hi, what should I do if I have a command looking in the wrong place for an executable? (/usr/local/bin instead of /usr/bin)
<rtdos> so i've installed both dhelp and dwww on my webserver but get the following *SIMILAR* errors in both (as well as my own webpages):   The requested URL /cgi-bin/dwww/usr/share/doc/ was not found on this server.
<mbnoimi> What's the best and easy way to mange LDAP users? I tried to install phpLDAPadmin as mentioned in https://help.ubuntu.com/community/InstallingphpLDAPadmin but I failed to configure it
<rtdos> so i've installed both dhelp and dwww on my webserver but get the following *SIMILAR* errors in both (as well as my own webpages):   The requested URL /cgi-bin/dwww/usr/share/doc/ was not found on this server.
<sarnold> rtdos: anything in the logs?
<rtdos> sarnold: how would i view the logs?
<sarnold> rtdos: check /var/log/, most services log to files in there.
<rtdos> ok gimme a sec.
<rtdos> ok, sarnold, here is the paste of /var/log/apache2/access.log: http://pastebin.ubuntu.com/6278330/
<rtdos> andol, sarnold, here is the paste of /var/log/apache2/error.log: http://pastebin.ubuntu.com/6278339/
<rtdos> ersi, sorry andol: that was a typo.
<rtdos> damn spelling checker.
<jiboumans> In varnish 3, how do I tell the difference between a backend actually giving me a 503 response, and the backend being too slow to answer, and hitting varnish' timeout for the backend?
<jiboumans> (in vcl specifically, not varnishlog)
<rtdos> so i've installed both dhelp and dwww on my webserver but get the following *SIMILAR* errors in both (as well as my own webpages):   The requested URL /cgi-bin/dwww/usr/share/doc/ was not found on this server.
<Lownin> I have a really simple mysql backup script that works when I invoke it manually, but cron isn't executing it.  I don't see anything in the syslog about it. the script is here http://pastebin.com/ce4GJJXC The permissions on it are -rwxr-xr-x.  Can anyone help me figure out why it's not working?
<raub> Lownin: is that the cron file?
<Lownin> raub: no it's a script I put in cron.daily
<raub> Lownin: how about starting a bit more humble?
<raub> Create a cron.hourly file that does notthing but echo something to a /tmp/file
<raub> Lownin: I myself usually create something in cron.d
<Lownin> I can do that.
<raub> So I can set the time I want it to run
<Lownin> raub: this is a pretty venella install of ubuntu server 12.04
<raub> I have not had much luck with cron.daily :)
<raub> so I just use cron.d
<raub> i.e. if i were in your shoes I would move your file to /usr/local/bin/take-a-dump
<raub> and then create /etc/cron.d/take-a-dump, which looks like this
<raub> 15 3 * * * root  /usr/local/bin/take-a-dump
<raub> once that works, add the opton to send stder to syslog/whever
<raub> Lownin: that is IMHO. /etc/cron.d/take-a-dump does not even need to be executable
<rtdos> so i've installed both dhelp and dwww on my webserver but get the following *SIMILAR* errors in both (as well as my own webpages):   The requested URL /cgi-bin/dwww/usr/share/doc/ was not found on this server.
<raub> rtdos: you know for sure you want to have that dir, right
<rtdos> raub: i do.
<rtdos> at least i think i do.
<rtdos> i do have it in /usr/share/doc
<raub> Kinda odd it is in cgi-bin
<rtdos> raub: i used the default settings for dhelp/dwww as well as for apache2
<rtdos> it's almost as if apache2 is messed up.
<raub> rtdos: I've never used dhelp/dwww, but do know apache has config files in /etc/apache2/sites-enabled telling where things are supposed to be
<rtdos> raub: ok. hold on. i'll double check.
<raub> rtdos: the message seems to indicate it is trying to find a dir in the wrong location
<rtdos> raub: the only file there is 000-default.conf
<raub> is it pointing to the right locations?
<rtdos> raub: to /var/www correct?
<rtdos> which means i would have to link /usr/share/doc to /var/www then?
<raub> It depends on what rwww/dehlp wants. Docs better help
<raub> Maybe
<rtdos> ok. seeing if either have man pages.
<raub> rtdos: you now know what the problem is. Might be able to find in the installation docs for thos eprograms what it wants
<rtdos> raub: looking at dwww.conf now
<raub> Oct 8, 2013 15:03 from Capa
<raub> It's mostly the gas-wasting light trucks and SUVs that use the oil ... 30% goes
<raub> into truck/SUV tanks.
<raub> They average 19mpg according to http://en.wikipedia.org/wiki/Criticism_of_sport
<raub> _utility_vehicles#Fuel_economy
<raub> Cars are the next largest consumers of oil at 28%.
<raub> Then large trucks 20%.
<raub> Aircarft 9%
<raub> Boats 4%
<raub> Trains and buses 3%
<raub> Military 3%
<raub> [Planes Trains And Automobiles> msg #105690 (78 remaining)] Read cmd ->
<raub> Sorry for that
<raub> wrong screen tab
<rtdos> hahahaha...
<rtdos> raub: in the config file for dwww it looks like /cgi-bin/dwww/doc/HTML is commented out. i un-commented that line. how do i re-start apache2?
<hitsujiTMO> rtdos: sudo service apache2 restart
<hitsujiTMO> rtdos: or: sudo service apache2 reload     to just reload configs
<rtdos> hitsujiTMO: thanks.  'restart' also reload configs as well, correct?
<hitsujiTMO> yes
<hitsujiTMO> it just doesn't bring the daemon to a halt
<hitsujiTMO> it just doesn't bring the daemon to a halt if you just reload
<rtdos> oh, ok.
<rtdos> this is the message i get now: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
<rtdos> i thought i had it set to my servers name. that is set in apache2.conf correct?
<hitsujiTMO> rtdos, you can set it anywhere as long as it's global ...
<hitsujiTMO> you can also ignore the error if you wish
<rtdos> hitsujiTMO: ok. doesn't look like it worked. neither dhelp nor dwww are loading anything from /usr/share/doc/HTML in the browser.
<hitsujiTMO> rtdos are there any errors in the global log in /var/log/apache2/error.log ?
<rtdos> though typing my host or localhost - http://localhost - works fine.
<hitsujiTMO> can you post your virtualhost config?
<rtdos> hisujiTMO: here is the output of /var/log/apache2/error.log - http://pastebin.ubuntu.com/6279342/ - where would i find the virtualhost config?
<hitsujiTMO> /etc/apache2/sites-available    should be the non ssl one
<hitsujiTMO> hmm indeed no errors
<hitsujiTMO> where is the directives for /usr/share/doc/HTML declared?
<rtdos> hitsujiTMO: i'm not sure where the directies for /usr/share/doc/HTML are declared but here is the output for /etc/apache2/sites-available - http://pastebin.ubuntu.com/6279369/
<rostam> HI all, for ubuntu 12.04 update 3 I get the following error:  lib32gcc1: Depends libc6-i386 (>= 2.11) but it is not going to be installed
<hitsujiTMO> rtdos whats the output of: ls -l /var/www
<raub> rtdos: http://manpages.ubuntu.com/manpages/jaunty/man8/dwww.8.html
<raub> i think that might be helpful
<hitsujiTMO> rtdos can you post: /etc/dwww/apache.conf
<raub> hitsujiTMO: kinda silly they are running a separate apache
<hitsujiTMO> raud: maybe not, could be a global directive
<raub> hitsujiTMO: you have a point there
<rtdos> hitsujiTMO: the output of ls -l /var/www is - total 8
<rtdos> drwxr-xr-x 4 root root 4096 Oct 21 15:11 dwww
<rtdos> -rw-r--r-- 1 root root  177 Oct 20 22:31 index.html
<rtdos> sorry, i should've used pastebin for that.
<sarnold> two lines is usually fine..
<hitsujiTMO> rtdos whats happening for http://localhost/dwww   ?
<rtdos> hitsujiTMO: there is no /etc/dwww/apache.conf but when i type http://localhost/dwww it loads fine except when i try view a document in /usr/share/doc(/HTML) folders.
<sarnold> RoyK: hey, you use zfs right? have you written anything about your experiences using it? I've gone through a pile of the official docs and would like the perspective of a user now.. :)
<gdos> hitsujiTMO: even running dpkg-reconfigure on dhelp and dwww didn't work.
<gdos> hitsujiTMO: i think i know what the problem is. in /usr/lib/cgi-bin both dwww and dhelp are symbolic links to files and not directories. how can i fix this?
<hitsujiTMO> they should be symlinks to files. they are executables
<gdos> hitsujiTMO: but why would i get this error: "The requested URL /cgi-bin/dwww/usr/share/doc/ was not found on this server." - wouldn't that indicate that a /usr/share/doc is not symbolic linked to /usr/lib/cgi-bin ?
<gdos> this is the URL that is returned from dwww when i attempt to click on the 4th menu option at the top: http://localhost/cgi-bin/dwww/usr/share/doc/?type=dir
<hitsujiTMO> gdos: cgi-bin/dwww is the executive usr/share/doc/?type=dir would be params ... could be a rewrite issue.
<hitsujiTMO> dgos: ls -l /etc/apache2
<gdos> hitsujiTMO: http://pastebin.ubuntu.com/6279905/
<hitsujiTMO> ls -l /etc/apache2/conf.d
<hitsujiTMO> ls -l /etc/apache2/conf-available
<gdos> hitsujiTMO: here is the output of /etc/apache2/conf-available/serve-cgi-bin.conf file: http://pastebin.ubuntu.com/6279937/
<gdos> hitsujiTMO: here is the output of ls -l /etc/apache2/conf.d: http://pastebin.ubuntu.com/6279943/
<gdos> hitsujiTMO: here is the output of ls -l /etc/apache2/conf-available: http://pastebin.ubuntu.com/6279947/
<hitsujiTMO> gdos can you post your apache2.conf from /etc/apache2
#ubuntu-server 2013-10-22
<gdos> hitsujiTMO: (sorry had dinner) here ya go - http://pastebin.ubuntu.com/6280144/
<hitsujiTMO> hmm, so conf.d is ignored
<hitsujiTMO> gdos: can you paste /etc/apache2/conf-available/dwww.conf   and /etc/apache2/conf-available/dhelp.conf   and the output of: ls -l /etc/apache2/conf-enabled
<gdos> hitsujiTMO: (sorry had dinner) here ya go - http://pastebin.ubuntu.com/6280144/
<gdos> i'm thinking this broken package is causing my apache2 headaches - http://pastebin.ubuntu.com/6280144/ - how do i remove it?
<soahccc> Is it possible to get an unused device in /proc/mdstat? I've installed a fresh copy, installed mdadm and there is no raid and no unused device :(
<RoyK> sarnold: haven't written much, but I can answer if you have questions
<Gletob>  I'm trying to set up a basic samba print server and need to add the drivers.  When I use the command "net rpc rights grant Everyone SePrintOperatorPrivilege -U root" I get: Could not connect to server 127.0.0.1 Connection failed: NT_STATUS_ACCESS_DENIED
<babinlonston> Hi all How to setup a VPN server ?
<jkitchen> babinlonston: https://help.ubuntu.com/community/OpenVPN
<jkitchen> it's a good number of steps, but it's pretty straightforward
<mac_nibblet> Does anyone know how a crontab can be executed 10 minutes late ?
<babinlonston> jkitchen: configured there are some issue troubleshooting it i used this like to setup it https://www.digitalocean.com/community/articles/how-to-setup-your-own-vpn-with-pptp
<jkitchen> mac_nibblet: if the clock changes, cron tries to be smart and catch anything it missed
<mac_nibblet> jkitchen: it has not changed
<mac_nibblet> i scheduled something for 19:54 it was executed 20:06
<jkitchen> by what clock did you record that it ran at 20:06?
<mac_nibblet> The records where updated in mysql at that time
<mac_nibblet> on the same machine
<mac_nibblet> so it's not a clock missmatch
<jkitchen> is it possible that something held up the mysql update?
<mac_nibblet> jkitchen: nopp
<jkitchen> weird
<jkitchen> you said the records were updated in mysql at that time, how were you checking this?
<mac_nibblet> CLI
<jkitchen> just up-entering on a query until it gave you the updated record?
<jkitchen> what does syslog say regarding this cron job?
<mac_nibblet> let me check
<jkitchen> babinlonston: let me try to understand. You used https://www.digitalocean.com/community/articles/how-to-setup-your-own-vpn-with-pptp to set up a vpn and you're having trouble?
<mac_nibblet> jkitchen: interesting....
<jkitchen> if that's the case, then I'm sorry, I've only ever worked with openvpn on the server end of things (and to be honest, I don't see why I would want to use anything different :)
<mac_nibblet> jkitchen: the command is being run at 19:54:01
<jkitchen> mac_nibblet: it's possible there's some caching going on? you should also see when the cron started and when it stopped
<mac_nibblet> jkitchen: http://caps.pmg.se/caps/e8122b.png
<jkitchen> (by looking at the cron:session entries in /var/log/auth.log, that is)
<mac_nibblet> oh
<mac_nibblet> :p
<jkitchen> why would you screenshot text? :)
<mac_nibblet> uh, it's not a screenshot ^_^
<mac_nibblet> well it is, but gtkgrab
<jkitchen> mac_nibblet: screenshot of text :)
<jkitchen> anywho
<jkitchen> look in auth.log to see when that cron started, and when it stopped
<mac_nibblet> jkitchen: http://caps.pmg.se/caps/e34cd6.png
<mac_nibblet> that does not make any sense
<mac_nibblet> because the crontab took around 7 seconds to complete
<jkitchen> I'm guessing caching on the mysql server.
<jkitchen> or that your clocks are off by about 10 minutes :)
<jkitchen> anywho, good luck! I must acquire sleep.
<littlebit> hello people, when you are in a hotel or in an airport, there is always a wifi hotspot that offers you to gain access to the internet, but only when you pay a fee, you will be given a username and password in order to gain access to the internet. Is there a similar solution in ubuntu?
<tarvid> how do I get a remote server to use static dns addresses without ifdown ifup?
<buscon> hi
<buscon> i'm trying to install samba4 on the latest ubuntu server 3.10
<buscon> 13.10 i mean
<buscon> but i get an error
<hitsujiTMO> whats the error buscon?
<buscon> hitsujiTMO: just a second, maybe i've found the error
<buscon> :)
<soahccc> Is it possible to get an unused device in /proc/mdstat? I've installed a fresh copy, installed mdadm and there is no raid and no unused device :(
<irv> how easy is it to expand an encrypted partition?
<irv> i've managed to fill mine up so i'd like to expand it quite a bit
<irv> i've already expanded the VHDx
<Gletob> Whenever I try to run "sudo net rpc rights grant Everyone SePrintOperatorPrivilege" I get: "Could not connect to server 127.0.0.1
<Gletob> Connection failed: NT_STATUS_ACCESS_DENIED
<Gletob> "
<Gletob> I'm trying to set up printer drivers with Samba
<sarnold> RoyK: cool, thanks :) I'm thinking of buying a handful of 3tb drives and wondering if you'd recommend a raidz1 or raidz2 configuration for commodity consumer hardware or mirrors of raidz1 or raidz1s of mirrors or ... there's just so many different ways to get there. :)
<sarnold> RoyK: I'm thinking it'd be nice to keep it under $1000 for the storage and it'd be nice to have enough space to not think about it for a few years :)
<sarnold> RoyK: I was thinking of using a 500-gig ssd for slog and l2arc, would that be overkill or underkill? :)
<jdstrand> adam_g: fyi, I am doing raring cinder, keystone and nova security updates
<jdstrand> adam_g: cinder is a no change rebuild for -security over what was there before, so you don't have to do anything for your proposed package
<jdstrand> adam_g: nova is to fix bug #1212179 which is in your proposed update already
<uvirtbot> Launchpad bug 1212179 in nova/folsom "[OSSA 2013-024] nova should check the is_public of flavor when creating an instance" [Critical,Fix committed] https://launchpad.net/bugs/1212179
<jdstrand> adam_g: keystone is to fix bug #1179955 (part of your update) and bug #1202952 (doesn't seem to be part of your update)
<uvirtbot> Launchpad bug 1179955 in keystone/folsom "Disabling a tenant would not disable a user token" [High,Fix committed] https://launchpad.net/bugs/1179955
<uvirtbot> Launchpad bug 1202952 in keystone/folsom "[OSSA 2013-025] PKI tokens are never revoked using memcache token backend (CVE-2013-4294)" [High,Fix committed] https://launchpad.net/bugs/1202952
<ivoks> CVE-2013-4428
<uvirtbot> ivoks: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4428)
<ivoks> \o/
<jdstrand> adam_g: also, I'm fixing glance bug #1235378, which is part of your proposed update as well
<uvirtbot> Launchpad bug 1235378 in glance/folsom "[OSSA 2013-027] 'image_download' role in v2 causes traceback" [Undecided,Fix committed] https://launchpad.net/bugs/1235378
<sarnold> ivoks: looks like uvirtbot queries something like launchpad or NVD or MITRE for cve information; the ubuntu UCT database or the debian CVE database may have newer information, as they do in this case.
<sarnold> ivoks: see e.g. http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4428.html or https://security-tracker.debian.org/tracker/CVE-2013-4428
<uvirtbot> sarnold: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4428)
<uvirtbot> sarnold: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4428)
<sarnold> quiet you silly bot
<TheLordOfTime> heh
<lotia> hi all. When using software raid, is it possibly to define a scheduler for the 'mdX' device or only on the underlying disk?
<Daniel12> Hey, Propably a newbie question, but it was hard for me to find an answer to this online: Do apache2 logfiles really show the full traffic stats? Let's say I have a 1GB file, as soon as someone starts the download it shows 1GB traffic, right? If yes, is there a tool to measure the real traffic?
<sarnold> Daniel12: this looks useful: http://httpd.apache.org/docs/2.2/mod/mod_logio.html
<sarnold> (change the 2.2 in the url to reflect whatever version you have available, apache is good about making urls work as you expect :)
<Daniel12> sarnold: great! Thank you! Will look into this.
<sarnold> Daniel12: thanks for asking the question, I've never looked into it before, but you made me wonder. hehe. :)
<patdk-wk> heh?
<patdk-wk> apache doesn't log how much was downloaded, till the download completes and is over
<patdk-wk> and that download size does not include headers by default
<Daniel12> patdk-wk: oh. So an aborted download will show the (real) traffic it caused?
<patdk-wk> as long as real, doesn't mean, http headers, yes
<Daniel12> patdk-wk: thanks!
<sarnold> patdk-wk: that's what made me wonder -- surely apache wouldn't wait to log until the request was over, what if you had a few hundred thousand connections drawing a byte per second or something? the log files would never report anything... so of course it'd log immediately..
<patdk-wk> it never logs immediantly :)
<sarnold> .. but then I figured admins would need -some- way to realize that no one ever finishes downloading their 50megabyte background image, but how would they.... -> MUST GO FIND OUT :) hehe
<sarnold> no?
<patdk-wk> I have log entries happen a good day later
<patdk-wk> only way to know is by loading the status pages
<sarnold> "status pages"?
<RoyK> sarnold: ping
<nsh001> Hello all,I need some help,I was installed ubuntu server 13.10 and default installed LAMP pkg,when i was installed phpmyadmin,and login it ,The phpmyadmin tell me it need mcrypt,how to make it?thanks
<MavKen> apt-get install php5-mcrypt
<nsh001> the system auto installed it
<nsh001> but php.ini is auto config
<nsh001> i can't find the php5-mcrypt path
<nsh001> php.ini mcrypt.modes_dir= and mcrypt.algorithms_dir= I don't know the path
<TheLordOfTime> nsh001: did you install php5-mcrypt?
<TheLordOfTime> whoopsies, yes, you did
<nsh001> Mavken Thanks for you
<nsh001> @TheLordOfTime php5-mcrypt is auto installed
<TheLordOfTime> nsh001: if you're looking for the mcrypt configuration it gets installed to /etc/php5/conf.d/mcrypt.ini
<MavKen> nsh001, no prob...sorry...in another chat, having some network issues
<TheLordOfTime> (just an FYI)
<TheLordOfTime> nsh001: the .so for it is somewhere in /usr/lib/php5/ but i'd need to dig around in the 13.10 packages
<TheLordOfTime> nsh001: i'd say refer to the mcrypt.ini file it might already have those?
<TheLordOfTime> nsh001: also, known issue with php5, sometimes those plugins don't refresh after install, so doing a restart of your php5 instance might not hurt
<nsh001> i finding it
<nsh001> TheLordOfTime thanks for help and sorry for my english
<TheLordOfTime> your english is fine compared to some of the people i've worked with :)
<nsh001> let's me try
<TheLordOfTime> (not joking, it's actually pretty decent)
<nsh001> TheLordOfTime thanks for you,I can't find it.I need to sleep my time zone is +8 4:26am see you next time
<nsh001> Have a good time for all!bye
<TheLordOfTime> see ya
<TheLordOfTime> ooo too late :/
<TheLordOfTime> oh well, was on the phone :/
<sarnold> RoyK: pong :)
<sarnold> RoyK: a few more questions :D do you use de-dup ever? do you use copies=2 ever? do you pick-and-choose which datasets you use compression on? which compression algorithm?
<RoyK> I've used dedup, but without sufficient memory
<RoyK> dedup is *very* memory hungry
<RoyK> I haven't been using zfs in prod for a couple of years, but back then I used lzjb compression by default
<RoyK> some datasets gzip, some without
<RoyK> jz4 is probably what I'd used as default today
<RoyK> I haven't used copies=2 for anything except testing so far
<Beatstreet> how come no ~/.bash_profile in ubuntu?
<RoyK> sarnold: before choosing zfs, keep in mind that it's not as flexible as mdraid
<RoyK> you can't just add a drive to a raidzN set and have the raidzN grow with another drive
<RoyK> Beatstreet: .bashrc
<Beatstreet> same thing?
<RoyK> Beatstreet: it's run on login
<sarnold> RoyK: oh, you moved away from zfs?
<RoyK> so is .profile
<RoyK> sarnold: I switched jobs
<sarnold> RoyK: oh!
<RoyK> sarnold: had some 350TiB on zfs in the last job
<sarnold> RoyK: congratulations :) how far out of date am I? hehe
<Beatstreet> RoyK - I dont see a .profile
<RoyK> sarnold: only 15 months ;)
<sarnold> RoyK: hunh :)
<RoyK> sarnold: working for hioa.no now
<RoyK> Beatstreet: just add it to .bashrc
<RoyK> will work
<Beatstreet> add what?
<sarnold> RoyK: ah, I thought you used zfs for hioa .. (not that I ever could have recalled the name..)
<RoyK> Beatstreet: whatever you want it to run at login
<RoyK> sarnold: no, I used to work for nilu.no and they have a few zfs installs
<sarnold> oooo
<sarnold> RoyK: would mdraid let you just add another drive and have it grow?
<RoyK> sarnold: yes
<sarnold> RoyK: the ability to grow over time is one of the reasons why I've considered a handful of mirrored drives instead of raidz levels..
<sarnold> obviously I need to re-read more about mdraid :) I just liked how simple zfs looked.
<sarnold> RoyK: what filesystems do you use now?
<RoyK> sarnold: you can add raidz or mirror VDEVs in zfs too
<RoyK> sarnold: but it won't rebalance the data across the drives, so writes won't be as quick as you'd want them (and reads, perhaps to a less extent)
<RoyK> sarnold: mostly ext4/xfs on a dell equallogic nas - *not* my choice
<RoyK> but then - it mostly work
<sarnold> RoyK: I've thought I owed xfs a look too... there's a general "eww" factor to nearly everything oracle-related, but zfs just looked so simple. :) hehe
<sarnold> RoyK: did you use different 'pool' styles on a single machine for different datasets? or is it best to just pick a level of redundancy and speed you're willing to live with and use that for everything?
<RoyK> sarnold: zfs isn't very simple, really, but if you plan it well, it's very good indeed
<RoyK> sarnold: but I chose not to use zfs for my home server - just using mdraid now
<sarnold> RoyK: did you rely much on the smb exports or nfs exports?
<RoyK> and some filesystem on top of that
<RoyK> mostly using samba/netatalk
<sarnold> RoyK: do you miss the resilvering?
<RoyK> no
<RoyK> but I miss real scrubbing ;)
<RoyK> checksumming would be nice
<sarnold> yeah, the checksumming feels pretty awesome
<RoyK> it's got a cost too, though
<sarnold> oh?
<RoyK> zfs will never be as fast as ext4 or xfs on mdraid
<sarnold> I figured CPUs were quick enough these days..
<RoyK> it adds a tiny bit of latency
<RoyK> so effectively, it's slower
<RoyK> imho it's fast enought, though
<RoyK> usually, for a home server, the network's the bottleneck anyway :P
<MavKen> any of you running ubuntu server on digitalocean?
<sarnold> yeah, as I expect mine will be. cheapo-switches...
<sarnold> RoyK: all the guides suggest weekly scrubbing.. will that run a risk of driving hardware to premature extinction?
<sarnold> RoyK: would you recommend an ssd slog or just let the slog happen on the spindles?
<RoyK> sarnold: not really a danger
<RoyK> sarnold: slog or not (or l2arc or not) depends on i/o use pattern
<RoyK> for general purpose (your movies, porn, pics blah) slog/l2arc won't be worth much
<RoyK> for virtualization slog should be considered
<RoyK> et cetera et cetera
<sarnold> RoyK: aha, I was thinking a giant pile of the thing would go towards having a local ubuntu archive for the times I want to grep -r the world :)
<sarnold> RoyK: and I figured l2arc wouldn't help there much, aside from unpack-then-grep, but that might happen better on local machine memory..
<sarnold> RoyK: did you do much ARC tuning to make more memory available to applications?
<sarnold> RoyK: does the arc duplicate efforts of the linux caching mechanisms?
<sarnold> RoyK: ooh ooh is the atime handling affected by the linux relatime mount option?
<RoyK> sarnold: if you want to grep -r whatever's there, perhaps solr would be better? ;)
<RoyK> sarnold: not really any ARC tuning - I was running this on openindiana (now not very active, illomos-based opensolaris fork)
<sarnold> RoyK: maybe? :) as it is I don't have a copy of it anyhow.. the debian codesearch is awesome though, it covers 90% of my questions easily...
<sarnold> RoyK: oh, I thought you used the zfs-on-linux... boy learning a lot today :) hehe
<RoyK> sarnold: otherwise - try #zfsonlinux - I've been running zfs on linux too, but not in large scale production
<RoyK> (not production at all)
<sarnold> RoyK: thanks for answering my pile of questions! :D
<RoyK> :)
<philip550c> Does anyone know what all is needed to create a classroom style domain controller? Essentially I would like to have a group of desktops where a user can sit down at any computer and login and have access to all their files and settings. Unlike a thin client I would like to leverage the power of the desktop not the server and remote connection needs to be available as well. I think this can be done with samba/ldap but I w
<philip550c> ould also like to pxe boot the os. So that I can just plug in a new computer and boot from ethernet and its ready to go. Remote connections should not be pxe booted however but something similar to rdp would be nice. thank you
<philip550c> also single sign on to all the services available to that user account would be needed as well. So all the user has to do is signin to ubuntu and thats it
<sarnold> philip550c: I don't know if anything is ready-made for your situation.. investigate LTSP and MAAS. MAAS is mostly intended for server uses, but might be applicable to your case..
<philip550c> im messing with MAAS right now but it seems to be more about provisioning, I see that I can make it provision desktops but it doesnt act as a domain controller. Thanks for the suggestion, Ill look into ltsp more, I thought that was for thin clients but I might not have understood that correctly
<sarnold> no, you'd need to go to the effort of configuring samba or whatever for that end of things yourself
<sarnold> if you combine juju with maas, you just might be able to do something like "juju deploy -n 20 terminals"  -- the end result _might_ be awesome :D but it'd probably be a fair amount of work on your part to get there.
<philip550c> im experimenting with maas/juju and servers, ill see what I can do with it for desktops
<sarnold> cool! if you don't mind, please report back, this sounds fun. :)
<philip550c> yeah, I will. Are you always on here? this is actually my first time messing with irc. Are some of you on here all day everyday?
<philip550c> i run my own xmpp server but i see that irc has a different use case now
<sarnold> philip550c: I'd wager 80-90% of the people here just leave an irc client connected all the time. /lastlog -hilight is just too useful..
<TheLordOfTime> sarnold: or they're on bouncers, i know for a fact that's what i do :P
<philip550c> ok how does /lastlog -hilight work? I just entered it and nothing happened as far as I can tell. Sorry irc newb
<philip550c> oh i see nm
<sarnold> philip550c: hrm, in most clients it'll select just the bits of conversation aimed at you, referencing you, or mentioning any of the words that you might have put highlights / alerts on...
<sarnold> (and /lastlog -clear ought to get rid of it)
<philip550c> ok thanks
<sarnold> TheLordOfTime: hunh, I figured you for a screen+irssi user :)
<TheLordOfTime> heh
<TheLordOfTime> sarnold: need the bouncer so i can access IRC from the phone
<philip550c> so is it proper etiquette to address people by username before speaking?
<sarnold> TheLordOfTime: ah, makes sense...
<TheLordOfTime> can't ssh+screen+irssi from that very well ;)
<TheLordOfTime> sarnold: even then, i have the ZNC actively save the logfiles so I never actually miss anything, even if my buffer playback doesn't show everything
<sarnold> philip550c: it's more important the busier a channel is. when it's mostly quiet it doesn't matter much, but if it is quiet enough that your other party has wandered off, then the nicknames are useful again. :) hehe
<TheLordOfTime> like here, it's not super useful to always highlight someone's name, but when it's a tad busier it never hurts to identify who you're tlaking to :)
<sarnold> exactly
<TheLordOfTime> i usually always identify who at the first line in a string of lines.
<TheLordOfTime> now, #ubuntu, on the other hand, you prepend your destination's name on everything because that moves that much more rapidly
<philip550c> thanks guys
<philip550c> my project is actually more in depth than what I explained before but if I can pull it all off ill report back to here so you can hear about it
<sarnold> philip550c: cool! thanks. :D
<rbasak> jamespage: please can you subscribe ~ubuntu-server to php-json?
<jamespage> rbasak,
<jamespage> yes
<jamespage> rbasak, done
<rbasak> Thank you!
<oscalation> hey, i just installed userver on a vm and forgot my username to login with, what are my options?
<sarnold> oscalation: if you can boot with "single" on the kernel command line (grub or whatever..) you can get a root prompt pretty easy, that you can then use to inspect the system to find username, authorized_keys, password hashes, etc
<oscalation> sarnold, luckely i got it by guessing
<oscalation> thank you for the suggestion
<MavKen> what is the easiest way to get php mail working without having a full blown mail server?
<MavKen> it is used for sending out e-mail confirms and password resets
<sarnold> MavKen: I think PHP PEAR offers an inprocess mail() mechanism that doesn't rely on local host MTA support...
<MavKen> ok thanks, will check it out
#ubuntu-server 2013-10-23
<MavKen> is it possible to create a php registration form that would work with openldap?
<sarnold> MavKen: looks like there's some kind of openldap integration with php...
<sarnold> http://php.net/manual/en/function.ldap-connect.php
<MavKen> ive seen that... i see that it is possible for a login system to connect to ldap... i am just not finding a way to create a registration form.  this is for a niche social media site.... im wondering if it would be best just to use php/mysql login system
<sarnold> MavKen: how about this? http://www.php.net/manual/en/function.ldap-add.php
<sarnold> MavKen: traditional databases might be easier, but beware of the risk of copy-and-pasting together something horrible. A lot of php-mysql applications are security disasters and the 'easier to read' ones are quite often the worst examples to learn from.
<MavKen> thanks, i will need to read that a few times.  i was thinking about purchasing  http://codecanyon.net/item/php-login-user-management/49008?WT.ac=category_item&WT.seg_1=category_item&WT.z_author=jigowatt
<MavKen> i have never used openldap, so i would need to get it installed
<MavKen> before i start learning either way, just want to know which method would be best to use
<gdos> according to dwww man page - http://manpages.ubuntu.com/manpages/hardy/man8/dwww.8.html - there is supposed to be a 'apache2.conf' file in '/etc/dwww' and symbolically linked from /etc/apache*/conf.d/dwww but there is neither a file or a symbolically linked file in /etc/dwww NOR /etc/apache2/conf.d - HELP?
<gdos> ... forgot to mention that '/var/lib/dwww' appears empty.
<AtuM> Hello. I've been using openvswitch and virsh/virt-manager on 13.04. Now that openvswitch-brcompat is dumped, i am forced to configure the network by hand using "virsh edit" or something along this path.. is there a way to get brcompat back to life on 13.10 ?
<AtuM> or is there a better way of doing this that I'm not aware of?
<viper2k> hi
<AtuM> viper2k, hi
<sgran> AtuM: don't you want to just define a network using the openvswitch bridge?
<AtuM> sgran, I have done so... I wish i could define it within the libvirt, so I can use virt-manager to create virtual machines and have it recognize that I use ovs bridge..
<sgran> no, that's what I mean
<sgran> http://libvirt.org/formatnetwork.html
<AtuM> sgran, I'm afraid libvirt only uses brctl to manage the bridge.. as I use ovs, it cannot connect the virtual machine to that kind of bridge. it knows nothing about ovs switch
<AtuM> with openvswitch-brcompat, there was a compatibility layer so that libvirt could configure ovs bridge using brctl command.. now this is gone
<sgran> even with virtualporttype = openvswitch?
<AtuM> sgran, this is the only sollution type I know of.. but I have to configure each virtual machine by hand: http://www.siliconloons.com/?p=277
<AtuM> I would expect I can define ovs as the default bridge to be used in libvirt.. perhaps I don't know how to do it
<sgran> https://www.redhat.com/archives/libvirt-users/2013-April/msg00057.html
<sgran> it seems others are having trouble, but that might get you closer
<sgran> it seems you can define a network of type openvswitch, at least
<AtuM> sgran, I will look into it. I should have no problems since i only use real bridge.. hopefully it works and I can then post the config on my blog
<sgran> http://www.siliconloons.com/?p=305
<sgran> that looks like it should do it
<AtuM> sgran, I've seen this already.. but it includes vlan config.. I will try to filter that out
<sgran> just don't use <vlan trunk='yes'> at a guess
<AtuM> and I don't need the portgroup either..
<AtuM> sgran, thanks for helping me set this up.. it works perfectly
<AtuM> no need for brcompat anymore.. great stuff
<sgran> great
<buscon> hi
<buscon> I installed samba4 on ubuntu-server 10.13, removed bind but it looks like not working
<buscon> when i install samba i get a lot of
<buscon> Error loading module '/usr/lib/i386-linux-gnu/samba//vfs/acl_xattr.so'
<Ben64> there is no 10.13
<buscon> ups, sorry, 13.10 i meant :)
<buscon> when i try to start samba4 with
<buscon> service samba4 start
<buscon> i get a
<buscon> samba4 stop/waiting
<AtuM> buscon, from what I remember, one needs to configure samba4 first.. it won't just run.. but I've done this on fedora a year ago from source..  look at the manual from samba's web page.. their step-by-step how-to's are great
<buscon> AtuM: ok, now I got it running, but i cannot log in with a user
<buscon> i've used a lot samba in the past, samba4 looks like wierdier
<AtuM> buscon, samba4 is a more complex solution.. it actually builds its own AD, it creates its own DNS zone and so on.. it's pretty straight forward to set up and later administer with windows's administrative tools.. it's a lot harder job doing so in command line
<buscon> anyway, i created a user (samba) and i cannot log in
<buscon> ah, that's why
<AtuM> as I've said.. it's a different approach.. it uses domain logons and sets up its own AD
<AtuM> with samba3 you either set up domain or not.. with samba4 AD is set up by default.. the only other option is to join it to an existing domain
<AtuM> more on that in #samba
<buscon> ok, i'll try to look for samba4 tutorial for users
<buscon> https://wiki.samba.org/index.php/Adding_users_with_samba_tool
<buscon> thx :)
<AtuM> honestly, I see this for the first time.. I have only tested the thing some time ago.. i have no practical use for it yet.. it's very unlikely that it will ever catch up with win2012
<vila> stgraber: ping, issue with lxc when trying to create a trusty container on a trusty host, didrocks reverted lxc to  1.0.0~alpha1-0ubuntu11 but the issue remains
<pii3> Hi i have 160GB LVM partition on ubuntu 12.04, i need to add another 100GB , How can i increase diskspace without lossing data ?
<patdk-wk> lvresize
<stgraber> vila: can you share some more details?
<vila> stgraber: on a trusty host, with lxc-1.0.0~alpha1-0ubuntu11 (see didrocks for another failure that caused the downgrade from 1.0.0~alpha2-0ubuntu3), otto creates its usual setup and then do an lxc-start (to boot from an iso), lxc-start returns 255 almost immediately
<vila> stgraber: it's on qa-intel-4000 if you want a closer look
<vila> errr, did these lists of names really go there ?
 * vila sacrifices a goat just in case
<vila> stgraber: did you get my answer (wondering after that weird behavior...)
<thejoecarroll> how would one go about creating a restricted user for vulnerability scan purposes that only meets the following minimum requirements: able to execute uname and dpkg read /etc/debian_version (but nothing more)?
<gdos> anyone here use dhelp and or dwww? (online, browser-based help systems for viewing man pages)  - according to dwww man page - http://manpages.ubuntu.com/manpages/hardy/man8/dwww.8.html - there is supposed to be a 'apache2.conf' file in '/etc/dwww' and symbolically linked from /etc/apache*/conf.d/dwww but there is neither a file or a symbolically linked file in /etc/dwww NOR /etc/apache2/conf.d and /var/lib/dwww appears empty. suggest
<gdos> ions?
<stgraber> vila: yep, will look in a bit
<vila> stgraber: ack, waiting for your ping somewhere. #distro ?
<gdos> anyone here use dhelp and or dwww? (online, browser-based help systems for viewing man pages)  - according to dwww man page - http://manpages.ubuntu.com/manpages/hardy/man8/dwww.8.html - there is supposed to be a 'apache2.conf' file in '/etc/dwww' and symbolically linked from /etc/apache*/conf.d/dwww but there is neither a file or a symbolically linked file in /etc/dwww NOR /etc/apache2/conf.d and /v
<gdos> ar/lib/dwww appears empty. HELP?
<thegoat> ok, so i am thinking about spinning up an ubuntu server, and it says 13.10 is supported for 9 months, what happens after that 9 months
<genii> thegoat: After End of Life, the distribution is no longer available for download, it's repositories are frozen and archived, and no support is given.
<thegoat> genii: do they eventually roll those features, pkg version, etc into an LTS?
<genii> thegoat: LTS versions are every two years and supported for 5. So 10.04, 12.04 are LTS and so will be 14.04 ( in 6 months). The changes made on the interim releases ( the ones between LTS) are usually incorporated into the next LTS
<thegoat> i see...i will probably go with LTS then.  just wanted to see what the real benefits of the non LTS where.  long term support is more important to me
<genii> thegoat: With server versions, most upgrade from LTS directly to next LTS
<thegoat> genii: cool, thanks for the input
<genii> thegoat: You're welcome!
<genii> gdos: Conceivably the application is in some half-state where it was installed then deinstalled, and /var/lib/status says "Status: deinstall ok config-files" meaning if it gets reinstalled that it's config files are already there and not to install them. This usually happens when you uninstall a package then manually remove it's config files, but it can also happen in other ways. The best method to rectify is to uninstall it, then edit the status
<genii>  file with admin rights and remove the entire stanza pertaining to it. Then reinstall it.
<gdos> genii anything that pertains to dwww / dhelp ?
<gdos> genii: is there a way to use locate to purge any files associated with dhelp and or dwww ?
<gdos> genii: where would the status file be located?
<genii> gdos: The status file has "stanzas" , which is basically a paragraph with information about a package that is on the system, or has been on the system. It's located in /var/lib/dpkg/ directory and called status. You need to remove the entire stanza ( or section, paragraph, etc) pertaining to the status of dwww package.
<gdos> genii: ok looking now.
<gdos> genii: in /var/lib/dpkg i have status and status-old & statoverride and statoverride-old
<gdos> genii: there is no paragraph or stanza pertaining to dwww or dhelp
<genii> gdos: Then odds are it's not installed.
<genii> gdos: What says result of: apt-cache policy dwww
<gdos> when i ran 'sudo apt-get purge dwww' i get the following message: W: Duplicate sources.list entry http://us.archive.ubuntu.com/ubuntu/ saucy/main amd64 Packages (/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_saucy_main_binary-amd64_Packages)
<genii> gdos: That means you have the same line twice in your sources.list file
<genii> Work requires me, back in 12-15 minutes
<gdos> the results of 'apt-cache policy dwww' are dwww: Installed: (none) Candidate: 1.12.0 Version table: 1.12.0 0 500 http://us.archive.ubuntu.com/ubuntu/ saucy/universe amd64 Packages
<genii> gdos: So there is no entry in the status file because you have not installed it yet :)
<gdos> genii: sorry, thats after purge.
<genii> gdos: What says result of: grep -n dwww /var/lib/dpkg/status
<gdos> 32415:Suggests: dhelp | dwww | doc-central | yelp | khelpcenter4, rarian-compat 32421: other packages such as dwww, dhelp, doc-central, and rarian-compat 42165:Replaces: dwww (<= 1.6.10) 50907:Suggests: dwww, menu, deborphan, apt-xapian-index, tasksel, software-properties-gtk 50921:  * Browse all available documentation related to a package (dwww is required)
<gdos> genii: i am thinking there might be a bug in dwww version 1.12.0 (i previously had 1.11.8 installed)
<genii> gdos: From here seems like some deeper issue you're having in dpkg not updating files.
<genii> gdos: You should probably find and remove the duplicate sources.list file, and do a sudo apt-get update
<genii> gdos: Can you pastebin the contents of your /etc/apt/sources.list please
<gdos> genii: http://pastebin.ubuntu.com/6289888/
<genii> gdos: Remove line 44
<gdos> done.
<gdos> genii: file (sources.list) is closed but i when i run 'sudo apt-get update' i get this error: E: Could not get lock /var/lib/apt/lists/lock - open (11: Resource temporarily unavailable) E: Unable to lock directory /var/lib/apt/lists/
<genii> gdos: I would now: sudo rm /var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_saucy_main_binary-amd64_Packages   &&  sudo apt-get update
<genii> gdos: Perhaps give it a minute first, then try again.
<gdos> *BRB* gonna reboot.
<genii>  It makes it somewhat more difficult to assist when users decide to improvise instructions ....
<gdos> genii: ok rebooted and 'sudo apt-get update' worked fine. now running 'sudo rm /var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_saucy_main_binary-amd64_Packages   &&  sudo apt-get update'
<genii> gdos: Should be able after that to install dwww and have the conf files where they're supposed to be.
<gdos> genii: will try it now.
<gdos> genii: dwww is indexing now.
<genii> Good.
<sgran>       
<Angelita> hi!
<Angelita> i have problem with ubuntu server
<Angelita> i want to install asterisk for my server ubuntu 12.04
<Angelita> please help me with this
<gdos> genii: i'm still getting the following errors when browsing dwww:  The requested URL /cgi-bin/dwww/usr/share/doc/ was not found on this server.   The requested URL /cgi-bin/info2www was not found on this server. (etc)
<genii> gdos: About dwww I don't know anything specifically since I've never used it. You'd have to find someone to help you more specifically with it's config.
<genii> !info asteirsk
<ubottu> Package asteirsk does not exist in saucy
<genii> !info asterisk
<ubottu> asterisk (source: asterisk): Open Source Private Branch Exchange (PBX). In component universe, is optional. Version 1:1.8.13.1~dfsg-3ubuntu3 (saucy), package size 1137 kB, installed size 3881 kB
<gdos> !info dwww
<ubottu> dwww (source: dwww): Read all on-line documentation with a WWW browser. In component universe, is optional. Version 1.12.0 (saucy), package size 111 kB, installed size 460 kB
<genii> !info asterisk precise
<ubottu> asterisk (source: asterisk): Open Source Private Branch Exchange (PBX). In component universe, is optional. Version 1:1.8.10.1~dfsg-1ubuntu1 (precise), package size 1075 kB, installed size 3688 kB
<Angelita> genii:  fine! do you speak spanish o only english=?
<genii> Angelita: English, some German and French
<genii> No Spanish
<gdos> genii: is it possible to install an older version of dwww (or anyother package)?
<Angelita> genii: Deutsch
<Angelita> jejej no!
<Angelita> english
<Angelita> i have 1 server dell but i want install asterisk
<Angelita> the server is ubuntu 12.04  64 bits
<Angelita> yesterday I can install asterisk but  failed the test
<Angelita> so I to need reinstall all the server dell
<Angelita> now I want to install asterisk but of form correct and good
<genii> gdos: syntax is: sudo apt-get install packagename=versionnumber
<genii> Angelita: Unfortunately I do not have enough time right now to assist properly with your issue, apologies.
<gdos> so 'sudo apt-get install dwww=1.11.8' ?
<genii> gdos: Yep.
<genii> Angelita: You can try to seek support also in the channel #asterisk
<Angelita> ok thanks
<gdos> genii: says not available. how do i report a bug? after reading man page for dwww there supposedly is supposed to be a file ' /etc/dwww/apache.conf' but its not there.
<genii> gdos: ubuntu-bug dwww
<TheLordOfTime> genii: what said "not available"
<TheLordOfTime> apt?
<TheLordOfTime> erm
<genii> thegoat: a previous version of dwww
<TheLordOfTime> gdos: ^
<TheLordOfTime> genii: but what triggered that warning, apt-get?
<thegoat> ?
<TheLordOfTime> or was it some other error?  (i came in late)
<TheLordOfTime> thegoat: mishighlight i think
<genii> thegoat: tab fail, apologies
<TheLordOfTime> you and i both have names that start with "the" so tabcomplete broke
<genii> TheLordOfTime: dwww package for them does not have conf files. apt-get reports no earlier version when specified with apt-get install dwww=1.11.8 ( the prior one). So the bug is not apt-get but with dwww for missing conf files
<TheLordOfTime> genii: indeed, they need to file the bug against dwww.  But it may already hage a bug on it, lemme scan the bugs...
<TheLordOfTime> genii: is he using Saucy or one of the other releases
<TheLordOfTime> because bugs can be filtered accordingly :P
<TheLordOfTime> !info dwww
<ubottu> dwww (source: dwww): Read all on-line documentation with a WWW browser. In component universe, is optional. Version 1.12.0 (saucy), package size 111 kB, installed size 460 kB
<TheLordOfTime> there's the source name...
 * TheLordOfTime digs around on Launchpad
<TheLordOfTime> yep there's no bugs about it, he should file one, although it'd probably end up upstreamed to Debian too...
<gdos> oh hey TheLordOfTime
<gdos> just got done filing a bug report.
<gdos> looks like its affecting dhelp and doc-central as well (both which are similar to dwww)
<gdos> TheLordOfTime: yes, I am using saucy.
<gdos> genii:bug report filed against dwww. but am now wondering if its an apache2 issue? i can't even get doc-central or dhelp to work (which are similar to dwww)
<gdos> dhelp views the index.html file directly in '/usr/share/doc/HTML' but won't call it / load it though i can view that file manually if i type 'file:///usr/share/doc/HTML/index.html'
<gdos> this is the URL that dhelp loads: http://localhost/doc/HTML/index.html
<SpamapS> Ng: ugh, terminator is doing this dimming/brightening thing in 13.10 ... make it stop.
<Ng> SpamapS: a) not the maintainer anymore, b) in inactive terms? there should be a preference for that
<SpamapS> ah probably something I didn't use before that changed defaults
<SpamapS> "Unfocused terminal font brightness"
<SpamapS> global setting
 * SpamapS obliterates the new default of 0.8
<Ng> SpamapS: possibly. There's also a hilarious bug where the slider used to set a value between 0.0 and 1.0 used to be able to return a value outside that range if you dragged the mouse pointer further (wtf gtk), but the latest version should fix that and clamp pre-existing values, instead of wrapping them and producing super weird results ;/
<SpamapS> GTK: making WTF since 1998
<mdeslaur> hehe
<Dry_Lips> Hi, I ran <netstat -anltp | grep "LISTEN"> and I wonder what port 53, and 953 might be used for... http://pastebin.com/Py1mZpa6
<shauno> Dry_Lips: most likely bind (named), but if you elevate netstat with sudo, the -p option you're using should resolve pid+name, which will give you a solid answer
<Dry_Lips> shauno: Ok, thanks, I ran sudo, but I simply get "named" as the name of the service... Bind isn't installed, but could it be that it keeps listening on port 53 even if I removed it? http://pastebin.com/ZfbdUdgg
<Dry_Lips> I checked, and there is a bind directory under /etc
<shauno> what do you get if you cat /proc/348/cmdline  ?  (348 being the pid that shows up in your paste as 348/named)
<shauno> eg, mine comes back with /usr/sbin/named-ubind  which is a pretty conclusive hint.  but you may have another nameserver, I'm not sure which others use the rdnc control port (953)
<Dry_Lips> Yeah, I also get /usr/sbin/named-ubind ...
<shauno> that's almost certainly what's running then.  how did you remove it?
<Dry_Lips> probably apt-get remove
<Dry_Lips> or purge
<shauno> it was mostly the package name I was wondering; whether you got something that's related to bind, but didn't remove bind itself
<Dry_Lips> when I run <dpkg -s bind>, I get "Package `bind' is not installed and no info is available."
<shauno> how about bind9  ?
<Dry_Lips> ouch,
<Dry_Lips> I thought I had removed it, bind9 is here
<Dry_Lips> :-/
<Dry_Lips> But anyways, thanks shauno, I guess that solves it... lol
<Dry_Lips> Yep, only port 80 and my ssh open now
<shauno> dpkg -S is handy one to keep up your sleeve too; dpkg -S /usr/sbin/named will tell you which package it came from, rather than guessing the name
<Dry_Lips> yeah, that's what I should have done... :D But basically the problem was that that I forgot that it was called bind9, lol
<justizin> anyone else have tons of recurrant instances of mounting /dev/shm ? I find that this line is added to /etc/fstab no matter how many times I remove it: tmpfs /dev/shm tmpfs defaults,ro,noexec,nosuid 0 0
<justizin> afaict you can mount /dev/shm as tmpfs over and over and over and over, and this is happening on all of my 12.04 LTS boxen
<justizin> er, it actually shows up as mounted at /run/shm, which /dev/shm is simply a symlink to
<hallyn> stgraber: aaah.  i see.  i wasn't crazy.  package updates are slow on btrfs bc of fsync - my host is 3.2, 3.5 supposedlys speeds it up.
<hallyn> darn
<rampageRipper> hi world,have anyone saved this page: books4electricians.blogspot.com?
<Pici> rampageRipper: What does that have to do with Ubuntu?
 * hallyn gets to know eatmydata
<Pici> rampageRipper: Please stop pasting your site in our channels for no reason.
<rampageRipper> just asking
<rampageRipper> it's not my site
<tinman> what options are available if i want to monitor network traffic? (KB usage.) my network consists of linux/windows PCs and android devices.
<tinman> and 2 routers
<jrwren> ntop
<tinman> thanx
<sarnold> tinman: 'ifconfig' shows rx and tx bytes on different interfaces, if you can run 'ifconfig' on your routers, that might give you easier access to the data you want.
#ubuntu-server 2013-10-24
<ivoks> adam_g: can we have this merged? https://code.launchpad.net/~ivoks/ubuntu-reports/private-ppa
<ivoks> adam_g: https://code.launchpad.net/~ivoks/ubuntu-reports/private-ppa/+merge/181778
<roaksoax> nnnn//win 14
<ivoks> nice
<newbie07> flash-plugin-10.2.0-Meego Release.rpm does anybody have this file?
<larsemil> Looking for guidance. Need to invest in UPS for ~4-5 servers. How to calculate W and VA for them?
<larsemil> and with dual power supplies, does both go into ups?
<babinlonston> Did the OpenLDAP and LDAP or Different ?
<mac_nibblet> Anyone that can help me to setup a record in bind9 that will redirect all traffic to *.a to a certain ip ?
<holojorge> http://en.wikipedia.org/wiki/Wildcard_DNS_record
<marijnh> hi there
<marijnh> I'm new to Ubuntu switching from Debian
<marijnh> I've got a question regarding supported php versions
<marijnh> is it possible to install php 5.4 on 13.10?
<hitsujiTMO> marijnh: you can build it yourself
<marijnh> ok, but there are no pre-build packages
<hitsujiTMO> unlikely, unless you can pind a ppa
<marijnh> ppa?
<hitsujiTMO> !ppa | marijnh
<ubottu> marijnh: A Personal Package Archive (PPA) can provide alternate software not normally available in the offical Ubuntu repositories - Looking for a PPA? See https://launchpad.net/ubuntu/+ppas - WARNING: PPAs are unsupported third-party packages, and you use them at your own risk. See also !addppa and !ppa-purge
<marijnh> Haha,
<marijnh> ok, thanks for you help :-)
<marijnh> I'll build it myself in that case
<hitsujiTMO> ppas are quite easy to use
<marijnh> Yeah, but I need to build some custom extensions anyway
<marijnh> so than I might as well build PHP myself as well
<marijnh> Hey guys
<marijnh> and girls of course :blush:
<marijnh> I keep getting errors related to LOCALE not set
<marijnh> I've tried quite some solutions that are posted online but none of them seem to work.
<marijnh> Do I need to reboot before locale-gen takes effect?
<MavKen> is there something you can add in a terminal string to automatically say yes to any prompt when using apt-get install or apt-get upgrade?
<genii> MavKen: sudo apt-get install -y packagename    ... use at own risk
<genii> Works also with upgrade and dist-upgrade
<MavKen> ah thanks
<Pici> MavKen: Keep in mind if that apt-get asks to remove half the packages to satisfy some dependency that your package wants, it will do it.
<MavKen> hmm...i understand the use at your own risk now
<jrwren> this does not work for me. is it supposed to in 12.04.2 ? http://techxana.blogspot.com/2012/09/ubuntu-12-dhclient-logging-options.html
<paco11> hello guys!
<paco11> i'm searching how can i activate core dump file on ubuntu 10.04 y 12.04. thanks very much!
<rbasak> paco11: I think you just "ulimit -c unlimited"
<paco11> rbasak: yes, i set it like that but i don't see anything on /var/crash
<jrwren> it will write a core file to the cwd of the process
<paco11> i'm testing openldap from source and i see many binary files like "core.xxxx" on "/home/test/openldap-OPENLDAP_REL_ENG_2_4-f9e417a/tests/"
<BlueBee> Hey I am having the worst time trying to set up a postfix mailserver. I have been working on it for two days and still can't get it to send or receive mail. what are some common issues?
<sarnold> BlueBee: mail is complicated; focus on one thing at a time. first, make sure dns works. then tackle sending or receiving or imap or whatever seems to be broken one component at a time. keep a keen eye on the log files. Try communicating with multiple servers, anti-spam measures these days can be brutal to setup
<patdk-wk> your first mail server, should take you a good week
<patdk-wk> if you know exactly what your doing, a mail server can easily still take >1day to do
<BlueBee> Thanks for the help. Should I go back, delete everything and start from scratch just working on postfix and Dovecot until that works right then do the other things
<patdk-wk> there is no way to answer that, dunno what your issues are
<sarnold> BlueBee: if you think that would increase your understanding of the moving pieces, or allow you to better document what you needed to configure, sure
<sarnold> but don't do it just for me :) hehe
<patdk-wk> do it for the kids!
<sarnold> won't somebody please think of the children!
<BlueBee> This is my first mail server on ubuntu. sounds like i shouldn't get frustrated after only two days. I am getting error 29985 when I look in the mail.log. is there anywhere that explains what each error number means?
<patdk-wk> that isn't an error
<patdk-wk> that is a failure to be able to read the error
<BlueBee> good to know. it also says tht the mail transport is unavailable.
<patdk-wk> post whole lines
<patdk-wk> really, post a whole transaction, to a pastebin
<BlueBee> Oct 24 13:10:06 user-server postfix/error[29988]: 81F271E219B: to=<example@example.com>, relay=none, delay=1091, delays=1091/0.01/0/0.11, dsn=4.3.0, status=deferred (mail transport unavailable)
<BlueBee> I changed the username and email but this is the line
<sarnold> BlueBee: the [29988] in this case is just the process id that logged the error :)
<patdk-wk> well, I can say, it's really screwed up
<patdk-wk> and it's really screwed up, cause you selected the wrong option, when ubuntu asked you, how will email be used on this server
<patdk-wk> so you need to go and fix it all, or maybe do a dpkg-reconfigure
<BlueBee> I selected internet site
<BlueBee> thats what the guide sugested
<BlueBee> what setting should it be instead of internet site?
<patdk-wk> dunno, what are the options?
<sarnold> last time I did it I think it had "no configuration", "local only", "smart host", and "internet site". but that was a few releases back...
<BlueBee> ya its no configuration, internet site, internet with smarthost, satellite system, local only
<patdk-wk> internet site should do it
<patdk-wk> but it sounds like you selected local
<patdk-wk> I always do no config
<patdk-wk> but postfix/error is not a normal postfix thing
<patdk-wk> something configured it to run the error program
<patdk-wk> look in main.cf and master.cf
<BlueBee> I am pretty sure I selected internet site, but Fill run the config again make sure I select it
<patdk-wk> it likely says, default_transport=error
<BlueBee> can't seem to find it. I think I am going to uninstall all packages and start back at square one so I can really understand each part. thanks for your help
<BlueBee> one last question "mydestination =" in main.cf shoud I put www.example.com example.com or the IP address
<BlueBee> same with myhostname should I put www.example.com or example.com
<patdk-wk> BlueBee, no way to answer that, I don't know how you want to use this mailserver
<BlueBee> I have a domain and I would like any emails sent to user@example.com to arrive at this mailserver
<tejas> I am unable to connect with monit in my web web browser at localhost:2812  please help
<tejas> can someone suggest best web based monitoring tool for ubuntu server ..coz i think webmin is insecure
<bazhang> https://help.ubuntu.com/community/Zentyal
<tejas> thanks bazhang ..
<patdk-wk> aren't they all insecure?
<reece> Hello!
<FilipNils> hi!
<reece> Familiar with AppArmor?
<reece> No one?
<bazhang> https://help.ubuntu.com/community/AppArmor  reece
<bazhang> augh
<TheLordOfTime> heh
<TheLordOfTime> 5 seconds too slow xD
<bazhang> need to switch my irc client to nanoseconds
<TheLordOfTime> bazhang, actually people just need more patience
<bazhang> TheLordOfTime, 90 seconds seems standard these days, between post/quit or post/crosspost
<TheLordOfTime> bazhang, then there's people who amsg every channel then idoru gets annoyed at them xD
<bazhang> yep good old idoru
<jpds> reece: Hello.
<jpds> 20:46:27 [!] reece [~reece@67-0-214-53.albq.qwest.net] has quit [Client Quit]
<jpds> 20:46:33 < bazhang> https://help.ubuntu.com/community/AppArmor  reece
<reece> Hi
<reece> jpds
<TheLordOfTime> reece, you left 5 seconds too early, bazhang gave you a link there to the AppArmor community help docs
<TheLordOfTime> which are here: https://help.ubuntu.com/community/AppArmor
<reece> Thanks, but I've become very familiar with that. My issue is with denying capabilities
<reece> I've copied and renamed python and applied a pretty strict profile to it and everything works great.
<reece> Except, it has privileges to kill and ptrace for some reason.
<jdstrand> reece: those aren't mediated yet
<jdstrand> you get normal kernel protections (ie, can't send a signal to a process owned by another user)
<jdstrand> the yama LSM is in ubuntu though, so ptrace should be limited only to children
<jdstrand> not sure what yama does with ptrace if you're root otoh
<reece> Okay, that makes sense. Could I deny my python access to say the ioctl header file?
<jdstrand> https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace
<jdstrand> root is allowed
<jdstrand> and ptracing children is allowed
<jdstrand> reece: sure-- file denials are no problem
<jdstrand> btw, ptrace, signal and other forms of ipc will be mediated in apparmor v3, scheduled for ubuntu 14.04
#ubuntu-server 2013-10-25
<babinlonston> using ubuntu 12.04 settingup a apache with ssl and facing error  , error.log http://paste.ubuntu.com/6298975/
<jkitchen> babinlonston: looks to me like one of your key files has more than one key in it.
<babinlonston> oh ok let me check
<sarnold> babinlonston: check for multiple SSLCertificateFile or SSLCertificateKeyFile settings?
<babinlonston> in the virtual host file ?
<babinlonston> this is the error getting while apache2 restart http://paste.ubuntu.com/6298995/
<sarnold> babinlonston: are you postive that your version of apache2 supports e.g. SNI? http://en.wikipedia.org/wiki/Server_Name_Indication
<babinlonston> sarnold:  its fixed as you both said there was 2 ssl entry
<babinlonston> jkitchen: its fixed there was double ssl entry
<babinlonston> thanks mates
<sarnold> woo! :)
<jkitchen> rawr.
<stephenh> why does ubuntu udev rules ignore vmware network interfaces by default?   can't understand why this would be default behaviour
<ikonia> what do you mean ignore them ?
<stephenh> persistent udev rules aren't created for vmware NICs by default
<stephenh> seems to be an out the box feature
<ikonia> just to clarify do you mean interfaces persented by vmware, or using the vmware nic driver
<stephenh> the only thing i could think of is canonical thinks there's more chance of people cloning a VM then adding two network interfaces
<stephenh> which is bizarre
<stephenh> either or really..
<ikonia> I've never noticed that, what vmware platform are you running on
<stephenh> grep -A1 VMWare /lib/udev/rules.d/75-persistent-net-generator.rules
<stephenh> there is a rule there to ignore those MACs
<stephenh> precise on esx 5.1
<ikonia> oh, so it's actually set to ignore them by choice
<stephenh> yeah
<ikonia> ah, I see what you mean
<ikonia> does seem odd
<ikonia> unless they are catering for home users more and expeting them to mess around more
<stephenh> it's all dandy to clone a vm, happy days, but add a second NIC and then reboot the box... in for good times :)
<ikonia> (which is stupid)
<stephenh> that's fair enough, but this comes from the server ISO
<stephenh> yeah, quite bizarre.. was wondering if anyone had any insight as to why
<ikonia> I'd be interested in knowing
<stephenh> only thought is so people don't get confused as to why network devices don't work when cloning an existing vm... but that shouldn't trump keeping order of multiple NICs after a reboot
<BlueBee> hey guys i am trying to set up postfix and i can't get post fix to listen on my localhost when I use telnet localhost 25. I should be seeing 220 mailtest ESMTP Postfix (Debian/GNU) but I don't and telnet quickly says conneciton closed by foreign host
<BlueBee> any ideas?
<mardraum> is it running? check mail.log for errors you made in configs?
<BlueBee> Oct 25 08:45:07 mark-server postfix/smtpd[16789]: fatal: no SASL authentication mechanisms
<BlueBee> this is the only error that I keep getting
<mardraum> "fatal"
<mardraum> doesn't sound good, does it?
<mardraum> did you pinch a config from elsewhere?
<BlueBee> haha no it doesn't sound good. no I edited my own config
<mardraum> do a "postfix check"
<BlueBee> I havn't heard of that how do I run it?
<mardraum> type it into a root shell, or sudo to it.
<mardraum> I suggest you reverse what you did to your config, and then learn and understand each thing
<mardraum> one of them is preventing postfix from starting.
<BlueBee> I sent it but it just executed and moved on nothing happen
<BlueBee> ok Fill take another look over my config
<mardraum> check the mail.log now
<BlueBee> Fill start over with my config file. thanks for the help.
<mardraum> "will" ?
<BlueBee> yep I will start over.
<mardraum> just interested how you came to type "Fill" twice when you meant "will"
<BlueBee> hahaha I was wondering that too. f and w arn't even close. I don't know
<BlueBee> mardraum - if your wondering its up and running. I purged postfix then installed and reconfigered main.cf. thanks again for the help
<mardraum> cool
<LargePrime> HEYo!
<LargePrime> i just updated my 12.04 and i guess that did mysql to 5.5.  now things will not connect to my db.  help please.
<maxb> LargePrime: You've not really given people enough information to try to help you. You'll need to do some more investigation and come back with things like specific symptoms and error messages if you want to enable anyone to help
<LargePrime> it turns out the 5.5 mysql upgrade changed the file perms so that one cannot read the mysqlsockets file
<LargePrime> you have to put them back, move the sockets file, or go to tcp
<Underbyte> quick question: what packages does ubuntu server install if you select 'Virtual Machine Host' in the Software Selection dialog during installation?
<jrwren> i'm using uwsgi 1.0.3-debian which comes with 12.04.2. Is there a way to ask it to log stacktraces? tracebacker was not added until 1.3
<gchristensen> Hi, I'm PXE-booting with a preseed file and its ending up failing saying it can't install linux-server and there are missing dependencies. When I move to console 4, I see linux-headers-servers depensd on linuk-headers-3.2.0-55-gfeneric but is not going to be installed, linux-image-server depends linux-firmware but it is not going to be installed. try apt-get -f install
<qassoom> Hello there
<qassoom> I need some help
<guntbert> qassoom: with what?
<qassoom> I installed LXC for virtualization on my Ubuntu Server
<qassoom> my p5p1 and p6p1 NIC disapeared
<qassoom> replaced by lxcbr0 and virbr0
<qassoom> my server is disconnected now from the internet
<qassoom> How can I restore the connection to the internet now?
<qassoom> Anyone got an idea???????
<guntbert> qassoom: I never saw a NIC p5p1 - whats that machine?
<qassoom> a network port to be more specific
<qassoom> instead of eth0 and eth1
<qassoom> they were replaced after I upgraded the kernel
<qassoom> all was fine
<qassoom> until I installed LXC
<qassoom> https://help.ubuntu.com/lts/serverguide/lxc.html
<guntbert> qassoom: strange - I still am wondering about that device - did you install some "other" kernel?
<qassoom> My server is a homebrew server with 8 SATA and an Intel i3 processor along with 32GB of RAM
<qassoom> I installed Ubuntu Server 12.10 on it a while ago
<qassoom> Works mainly as an FTP server
<qassoom> FYI http://askubuntu.com/questions/312776/network-interface-onboard-wired-is-showed-p5p1-instead-eth0
<guntbert> qassoom: when I installed LXC a lxcbr0 got created, but did not replce anything
<qassoom> Not sure what caused this, maybe my linux-backports was removed maybe?
<qassoom> What did it add to you?
<guntbert> qassoom: hmm, thx for the link, I didn't know that - maybe you *could* try the "workaround" from the answer - just for a test
<qassoom> I am going to try that some other time
<qassoom> Will get back here if the case persists
<guntbert> Good luck!
<izanagisan> hi all. I'm trying to restrict FTP access for a user to a certain folder. I installed vsftpd, and put parameters in its configuration file
<izanagisan> chroot_local_user=NO
<izanagisan> chroot_list_enable=YES
<izanagisan> chroot_list_file=/etc/vsftpd/chroot.list
<izanagisan> in the list I added the user I want torestrict's name
<izanagisan> and then ran $ sudo usermod -d /path/to/homedir theusersname
<izanagisan> but STILL when I connect through SFTP I see the whole / filesystem
<izanagisan> can anyone help me with this?
<shodan45> how can you tell whether you need to reboot after an upgrade? for example, the recent initramfs-tools stuff
<genii> Usually if kernels or grub was changed
<izanagisan> ah, it's because SFTP is really SSH + FTP
<izanagisan> question is, can I chroot the user on SFTP? or disable SFTP?
<jrwren> is this really a tar.gz file, or is it named incorrectly? https://cloud-images.ubuntu.com/releases/saucy/release/ubuntu-13.10-server-cloudimg-amd64.tar.gz
<jrwren> oh, it is. but 7zip on windows can't extract it. how annoying
<sarnold> jrwren: looks like it to me, 'file' reported "gzip compressed data, from Unix"  -- and gzip -cd filename > foo  ; file foo reports that it is a tar archive...
<jrwren> sarnold: yup, it is fine. i did it on a linux system and it works fine. On a different windows computer, 7zip couldn't untar it. I blame windows :)
<sarnold> jrwren: I'm surprised, I thought the whole point of 7zip was that it supported everything. go figure. :)
<jrwren> sarnold: maybe because its an old 9.22 beta?
<jrwren> whoa, what is ubuntu-core? http://cdimage.ubuntu.com/ubuntu-core/releases/13.10/release/
<sarnold> jrwren: just a tarball of very nearly base installation: https://wiki.ubuntu.com/Core
<jrwren> awesome. its tiny. might be what I want.
#ubuntu-server 2013-10-26
<Geek23> I am having some trouble figuring out how to add a PCI wireless card to my Ubuntu server box.  Can anyone help me?
<sarnold> hey Geek23 :) irc tends to work best if you just ask whatever question's on your mind first :) it saves some back-and-forth and if it's offtopic you'll be redirected anyway :D
<Geek23> OK.  Thanks.
<hitsujiTMO> Geek23: once its in the machine start off posting the output of: lspci
<sarnold> (to a pastebin, please; the pastebinit package can make that very easy :)
<Geek23> OK.  Let me get the pastebin package
<Geek23> What is the apt-get package for pastebin?  May I ask?
<sarnold> Geek23: pastebinit
<hitsujiTMO> pastebinit
<Geek23> INstalling.
<Geek23> Thanks
<Geek23> Ok.  The url is paste.ubuntu.com/6303782
<hitsujiTMO> Geek23: what version of ubuntu?
<Geek23> Server 12.04
<Geek23> I have figured out that the only thing that the card is disabled.
<hitsujiTMO> can you also post: lspci -k
<sarnold> oh nice, I've not seen -k output before, thanks hitsujiTMO :)
<Geek23> https://paste.ubuntu.com/6303786/
<Geek23> Very nice.  Never seen that.
<Geek23> @hitsujiTMO
<hitsujiTMO> tis a very hand switch ... lsusb -t     also adds kernel module for usb devices
<hitsujiTMO> geek32, seems it might be using the wrong driver
<Geek23> Oh.
<Geek23> BTW, this is 32-bit server.
<Geek23> So how do I change the driver?  I am a bit new to the whole driver game.
<hitsujiTMO> geek32: can you start with: sudo modprobe -r rt2800pci
<hitsujiTMO> then try: sudo modprobe rt3562sta
<Geek23> OK.  Done.
<Geek23> Here I am getting:
<hitsujiTMO> not sure if your kernel has the driver built in or not, so that line might fail
<Geek23> FATAL: Module rt3562sta not found.
<Geek23> I assume that means I need to install the driver.
<Geek23> :)
<hitsujiTMO> Geek23: you'll need to down load the module and build it: http://www.mediatek.com/_en/07_downloads/01-1_windowsDetail.php?sn=5019
<hitsujiTMO> Geek23: i'm testing out the build here on 13.10 to see if it will actually build ... seems a bit old
<hitsujiTMO> Geek23: build fails on 13.10:(
<Geek23> Well, I am on 12.04 so crossing my fingers.
<hitsujiTMO> Geek23: testing out another driver
<Geek23> I am downloading the driver directly from the EdiMax website.
<Geek23> Going to test it too.
<Geek23> @hitsujiTMO Any luck with the other drivers.  Both drivers failed to make on 12.04
<hitsujiTMO> Geek23: fraid not ... going to try and check if its built into a later kernel
<Geek23> https://launchpad.net/~someitalian123/+archive/rt3562sta?field.series_filter=precise
<Geek23> Does that look legit?
<Geek23> To you that is?
<Geek23> @hitsujiTMO
<hitsujiTMO> Geek23: seems thats build for a 2.6 kernel
<hitsujiTMO> Geek23: defo not in a later kernel ... seem you need to be on a 2.6 to get it working
<Geek23> OK.  So what is the simplest way to install a 2.6 kernel.
<Geek23> Another thing I have never had to do.
<sarnold> that sounds like more trouble than it should be worth. but if you really want to try it, there are lucid packages for the 2.6 kernel here: https://launchpad.net/ubuntu/lucid/+source/linux
<Geek23> This is an old machine anyway.  :)
<sarnold> aha :)
<Geek23> Why not have a little fun.
<Geek23> Thanks for all of the help!
<Geek23> Time to go get dinner. :)
<biblesomethingst> https://www.facebook.com/sadbiblestory
<err-or_> hi, i'd like to use drbd and heartbeat for my server. my question is: if i have a service (SOGo) depending on 2 services (apache2, mysql) how do i configure heartbeats haresource file? one line per mountpint and adding all services depending on that one?
<Intelftw> Hello, does anyone know if registered ecc ram works in unbuffered ecc motherboard?
<bekks> Intelftw: Yes. No.
<Intelftw> How's that? :D The ram is "MEMORY IBM 4GB PC3-10600R DDR3 - 1333 MHz ECC 2Rx4 CL9 FRU 49Y1445". Would it work in http://www.supermicro.com/products/motherboard/xeon/c202_c204/x9scl-f.cfm ?
<bekks> reg ecc doesnt work in unreg boards, and vice versa.
<Intelftw> I see. Thanks
<ankrj> Hello everyone, apart from the information put up on 'get involved', I'd like to get started with Bug Traiging for Ubuntu Server.
<ankrj> Anyone here, who could point me in the general direction?
<ankrj> can anyone tell me how I can apply for the Ubuntu Server membership on Launchpad?
<lfuser-145> hello guys
<lfuser-145> could someone help me please
<lfuser-145> plese help me
<err-or_> anything wrong?
<lfuser-145> hello err-or
<lfuser-145> can you help me with my clearos standalone fileserver
<lfuser-145> someone
<lfuser-145> Hello
<lfuser-145> please someone help me
<sh1ny> afaik, this is ubuntu-server channel :/
<sh1ny> not clearos channel
<lfuser-145> but i cant see clearos channel
<lfuser-145> is anybody here knows clearos
<lfuser-145> can you help me with my clearos standalone fileserver
<Lownin> I have a drupal installation on a VPS.  The drupal "files" directory will outgrow the storage on the VPS. I have a server at home with a lot of storage.  It's just a personal website so not looking for enterprise level solutions.  What I want to do is map the VPS' files directory to my home server.  I actually already have with sshfs, but in order to improve performance and to go easier on my home internet connection
<Lownin> , I want the VPS to maintain a local cache of a certain size so commonly accessed files are pulled from the VPS' local storage.  What's the best way to do this?
<wagonboi> I have a KVM VPS with 256 mb RAM, and no swap. Should I add swap? How much? Memory usage is around 75% most of the time.
<ersi> wagonboi: might be good to have some leverage (ie. swap) - but you'll see terrible/horrible performance if it ever starts swapping most likely.
<wagonboi> ersi, what would be the best thing to do? Upgrade my RAM?
<hitsujiTMO> wagonboi: if your hitting 75% then it would be a good idea to upgrade the ram. if you hit 100% your system would crash
<wagonboi> The main culprit is Mysql. I tried replacing my.cnf with my-small.cnf and ended up crashing Mysql. I had to purge and everything. Would adding a .cnf file to /etc/mysql/conf.d/ be safer?
<wagonboi> Stop Mysql service, add tunedMysql.cnf to conf.d directory, then start Mysql
<ersi> wagonboi: Used RAM isn't wasted RAM though.
<hitsujiTMO> wagonboi: simply put, if mysql needs that much ram, then you're better off leaving it have it.
<wagonboi> it's just a vanilla Wordpress install. No visitors to the site yet, nor any posts. This is ridiculous
<ersi> wagonboi: But if you consider running more things, or expanding the use of the MySQL daemon - it might be worth expanding the RAM allocation :)
<ersi> wagonboi: I'd suggest looking into some Wordpress caching plugins.
<wagonboi> good idea :)
<jkitchen> or maybe use a static site generator like octopress rather than wordpress
<ersi> Maybe look into vanish/memcached as well
<ersi> the WP caching plugins can turn it almost completely to a static site though
<jkitchen> sure
<jkitchen> but there's still php under the hood.
<ersi> I'd also investigate the plugins you have, because 90% of the WP plugins are.. of somewhat lesser quality :) There's some quite good ones, but most are.. sub-standard
 * jkitchen shudders
<ersi> I've seen horrible code practioned in many languages
<jkitchen> yea
<wagonboi> No plugins are installed. But I will look into WP caching, and how to config Nginx for it
<jkitchen> but php itself is pretty awful :)
<wagonboi> the PHP process is behaving (so far) ;)
<jkitchen> just make sure to change your admin user's username for wordpress
<jkitchen> and if possible, maybe even restrict access to admin bits to your IP address
<ersi> jkitchen: that's completely irrelevant for this discussion though, I'd leave it at "static is faster". Bashing languages is quite useless.
<wagonboi> What do you mean? From the default "admin"?
<ersi> In most cases at least.
<jkitchen> wagonboi: yes. change the username
<ersi> that might actually be a good idea, indeed
<jkitchen> it's not just a good idea, it really should be mandatory.
<wagonboi> Yes, I did that. I thought about changing wp-login.php to something else but people said that it would break logout links, so..
<jkitchen> wagonboi: there are ways to do it which don't break anything but they're non-trivial, to be certain
<jkitchen> but that also is just obfuscation
<jkitchen> restricting access to the script entirely is a better approach as it can't be bypassed
<wagonboi> How, with .htaccess?
<jkitchen> yea, but you mentioned nginx which doesn't have .htaccess
<jkitchen> or at least it didn't last I knew, things may have changed
<jkitchen> if it's only you using the site, make it so only you have access. this really applies to any services on a machine
<wagonboi> http://winginx.com/htaccess   I think there is an equivalent of .htacess for Nginx
<jkitchen> changing ssh port is a good idea, and will stop at least your sshd from being ddosed by brute force attacks (something whchi happened frequently at dreamhost and was really really irritatingly annoying)
<jkitchen> but it's not real security, anyone targeting you will find that port immediately
#ubuntu-server 2013-10-27
<jkitchen> wagonboi: I think that goes into your main nginx config though. there's no concept of AllowOverride in nginx, iirc
<jkitchen> dunno, I'm sure it's not difficult at any rate :)
<ersi> Turning off password as well as root login, and only allowing public-key login with SSH is a good idea.
<jkitchen> yup
<jkitchen> worst comes to worse you can always get in via your provider's serial/vnc/whatever console
<jkitchen> if your provider doesn't have that you should find a better provider :)
<wagonboi> They offer it. It is Ramnode, and strangely they haven't been metering my bandwith. I'm supposed to have 1000gb and it's stuck at 18k
<wagonboi> Not that I'm complaining :)
<jkitchen> they may only query X amount of times per month.
<wagonboi> ah, that makes sense. I use to use WeLoveServers and they refreshed the meter as soon as I refreshed the page
<jkitchen> ah
<jkitchen> things like that can start to get really expensive in terms of page load
<rostam> HI does anyone know what type of interface ax0 is, i.e. ifconfig ax0 ? thx
<jkitchen> rostam: dmesg | grep -C 5 ax0
<jkitchen> rostam: quick google search though looks like it's a packet radio interface?
<rostam> jkitchen, thanks, It is funny that interface exist on my system and have no idea why...
<jkitchen> dmesg will tell you why
<jkitchen> where are you seeing this interface anyways? in "ip a" output? or /etc/network/interfaces, or?
<Lownin> is nfs robust over an internet connection?
<jkitchen> nfs is sensitive to latency
<jkitchen> very sensitive to latency.
<jkitchen> so, while it may function, I wouldn't expect any sort of performance out of it.
<Lownin> I need a remote filesystem with local caching that culls when it grows to a certain number that is happy to live on an internet connection.
<jkitchen> culls when it grows to a certain number?
<jkitchen> could you elaborate a bit on that requirement?
<jkitchen> you could use something like s3 or webdav with a local varnish server for caching, perhaps. but that's not going to give you posix semantics, of course.
<Lownin> jkitchen: VPS has limited storage.  I have a server at my house with a lot of storage.  I'd like the VPS to have a directory mounted on the home server, but with local caching of common and recent files so performance is usually good and my internet connection is hit less hard. It's just a personal web app so it doesn't need to be amazing performance all the time.
<jkitchen> there is unlikely anything which will meet your requirements
<jkitchen> but presumably the files you're talking about are being served up via http?
<jkitchen> you could run varnish on your vps and have it talking back to your server at home
<jkitchen> it'll keep a local cache
<Lownin> nfs has cachefilesd
<Lownin> davfs2 has a problematic caching component.
<jkitchen> ok
<Lownin> I'm unfamiliar with varnish.  That sounds like the files would all still need to exist on the VPS.  The //main// problem is that the VPS has limited storage.
<jkitchen> nope
<jkitchen> varnish is exactly an http cache
<jkitchen> so if these files only need to be cached and accessible to http clients, it's pretty much exactly what you're looking for.
<jkitchen> but if they also need to be accessible to local vfs clients, it's not
<Lownin> its a drupal install, and I'm looking to remote store *with local cache* its "files" directory.  Wouldn't such an implementation confuse drupal?
<jkitchen> probably
<jkitchen> but there may be plugins for drupal for storing files in, say, ec2
<jkitchen> I know there are for other web frameworks
<jkitchen> s/ec2/s3/
<Lownin> there are.  I already have the home server though and don't want to pay for ec2.
<jkitchen> I know we use one for our rails app
<jkitchen> you miss my point
<jkitchen> my point is that if there's a plugin for s3, it can probably be adapted to use, say, a webdav backend
<jkitchen> and you have a webdav server at home that drupal can write to
<jkitchen> via the plugin
<jkitchen> varnish serves it up to clients
<jkitchen> and locally caches
<jkitchen> you might be able to get away with it with nfs, but I wouldn't bank on it
<jkitchen> varnish will also handle the situation of the backend being inaccessible in a predictable fashion
<jkitchen> files it has cached which are still valid will be served, no problem
<jkitchen> files which aren't cached will simply error
<jkitchen> probably with a 503 until it can confirm that the file does or does not exist on the backend
<jkitchen> whereas nfs may just hang
<Lownin> you know, I was looking at implementing nginx anyway. Maybe I could use Varnish instead and see if I can't do what you're suggesting.   It sounds elegant.
<jkitchen> well, varnish is just a cache
<jkitchen> it's not a webserver itself
<jkitchen> you can use it in front of a webserver, but you still need a webserver
<jkitchen> you would more than likely in this case want to use it *behind* your nginx
<jkitchen> and have nginx proxy requests to /files to it
<Lownin> I could do that too
<jkitchen> so it would be like nginx -> varnish -> http-at-home
<jkitchen> plugin for drupal takes uploads and shoves them to home server
<jkitchen> maybe even is smart and preloads varnish
<Lownin> hmm... okay, trying to wrap my head around how this is organized
<Lownin> so...
<jkitchen> also, varnish is by no means tho only thing that does this
<jkitchen> it's just the one I've seen used the most lately
<Lownin> so the means to get files from drupal to the home server is completely separate from varnish, correct?
<jkitchen> correct
<jkitchen> you can use the same endpoint on the home server (assuming webdav)
<Lownin> well, neat!  I am already doing that with sshfs.
<jkitchen> cool
<jkitchen> I would not use sshfs though
<Lownin> So I could then expose the same directory in webdav
<jkitchen> yea
<Lownin> why not?
<jkitchen> because sshfs is a posix layer
<jkitchen> meaning transient connectivity issues can cause weird problems
<jkitchen> whereas webdav is just an http request
<jkitchen> so you'd use webdav to write the file from drupal
<Lownin> you're right.
<Lownin> hopefully I can figure out how to do that. I'm not savey enough to modify an s3 module I think.
<Lownin> or is s3 just webdav?
<jkitchen> s3 is not webdav
<jkitchen> one sec
<jkitchen> I'm seeing if there's already some stuff available
<Lownin> Thanks. I'm looking too.
<jkitchen> webdav may also not be the way to go
<jkitchen> it's just what I would probably use if I had to do it right this second
<jkitchen> webdav is easy to set up and there are plenty of clients for it
<jkitchen> I take it this is what you're using for s3? https://drupal.org/project/amazons3_cors
<Lownin> I'm not using s3.
<jkitchen> (note, I have nearly 0 experience with drupal, so I'm just flailing)
<jkitchen> ahh ok
<jkitchen> you might *start* by using your already-in-place sshfs thing
<jkitchen> to get you going, proof of concept the varnish setup and such
<jkitchen> baby steps sort of thing y'know :)
<Lownin> I might end up doing that but I suspect drupal using a remote file store instead of a local one is not an uncommon config.
<jkitchen> https://drupal.org/project/amazons3
<jkitchen> that actually looks more like the thing to look at
<jkitchen> for an example
<jkitchen> just replace http calls to s3 with wedbav calls to your home server
<Lownin> yes was looking at that
<Lownin> I'm not comfortable editing the module.
<jkitchen> also: you'llwant to make sure you properly secure the webdav server at home
<jkitchen> use authentication and probably ssl
<Lownin> yes.  I've set up webdav with certs and authentication before.
<jkitchen> even if it's just self-signed ssl
<jkitchen> ahh ok
<jkitchen> I don't mean to patronize :)
<Lownin> Nah, you're fine.  You don't know what I know already.  Better to be safe.
<jkitchen> you might pop into a drupal channel or mailing list and see if someone has done a webdav version of that s3 plugin
<jkitchen> hell, maybe there's even an ftp version
<jkitchen> whoknows?!
<jkitchen> webdav just felt like the right choice :D
<Lownin> I hate ftp.  cleartext passwords?
<jkitchen> can use ssl on control connection!
<jkitchen> ;)
<Lownin> if the module supports it
<jkitchen> anywho, hopefully that will get you going
<Lownin> I think it will.  thanks!
<jkitchen> like I said, you might ust start by layering in the varnish part
<Lownin> I need to read up on varnish. I don't know anything about it really.
<jkitchen> since you already have a transport mechanism for writes
<jkitchen> via sshfs
<Lownin> hmm.
<jkitchen> and that may end up being an acceptable solution for you, in which case boom.
<jkitchen> you're golden
<Lownin> what if I upload the file manually and post a link? https://drupal.org/project/remote_file_source
<jkitchen> I'm a fan of keeping file uploads in-app
 * Lownin nods
<jkitchen> and letting the app deal with putting the file in the right place and generating the proper url to reference it
<jkitchen> otherwise yea, you could do that and not even need a plugin
<jkitchen> and have varnish cache it
<jkitchen> you'll also probably want to monitor the cache
<jkitchen> make sure your miss rate isn't too high, you're not expiring things too quick, you're not evicting to oearly, etc
<jkitchen> like ify ou get a surge in traffic to some large files and it starts kicking out commonly-accessed assets, that's not good :)
<jkitchen> maybe at that point you need to invest in a bit larger disk for the cache
<Lownin> yeah.
<jkitchen> because you're trading the expense of disk on your vps for the limited bandwidth of your home internet connection
<jkitchen> so you want to minimize what has to be pulled out of that home connection
<Lownin> exactly.
<jkitchen> there's a break even point, and that may move
<jkitchen> and monitoring things will let you know when you need to change ti
<jkitchen> also, and this may not even be a consideration, but most VPS providers I've seen measure bandwidth usage by adding both inbound and outbound
<jkitchen> so if you have a lot of cache misses you may be effectively doubling the bandwidth consumption for that file
<jkitchen> so keep *that* in mind, too :)
<Lownin> hmm
<Lownin> reading a bit about how varnish works...
<Lownin> I'd like some of these files to only be accessible to users who are authenticated in drupal and have had the files shared with them.
<Lownin> making the file somewhat non-static.
<jkitchen> you might be able to get away with that via X-Sendfile
<Lownin> it appears varnish only works in the context of anonymous page views
<Lownin> googling.
<jkitchen> I don't know if the X-Sendfile header generally allows for an http source
<jkitchen> I know apache's X-Sendfile is specifying a file on disk
<jkitchen> looks like lighty can do it: http://blog.lighttpd.net/articles/2006/07/22/mod_proxy_core-got-x-sendfile-support/
<jkitchen> ahh, maybe not, bummer.
<jkitchen> feature request!
<jkitchen> allow X-Sendfile headers to provide a url which will be requested via the various proxy mechanisms
<Lownin> I found this- https://drupal.org/project/storage_api
<Lownin> Prevents files being served to users who are not authorised.
<Lownin> Depending on the service, this can have significant performance implications.
<Lownin> Even without this enabled, URLs will only be generated for files that the user has permission to access.
<Lownin> I've just installed it and am playing with it. it appears to allow the generation of static links but with url generation only avalible to users who have permission to the view file. it can also do "access control" but states "
<Lownin> whoops
<Lownin> sorry weird irc client
<Lownin> anyway
<jkitchen> FTP - files are uploaded to a directory via FTP. A URL prefix can be defined for serving.
<Lownin> I assume they're talking about things like varnish ;)
<Lownin> so I may persue this route
<Lownin> security through obscurity may be good enough for this application.
<jkitchen> that seems to be where you would want to shim in webdav support
<jkitchen> replace the ftp uploading bit with webdav upload
<jkitchen> anywho
<jkitchen> good luck :)
<Lownin> thanks so much for taking time to help me.
<jkitchen> I'm a bit jealous, actually, this sounds like it could be a fun project.
 * Lownin smiles
<Lownin> Yeah I'm having a lot of fun with it so far.
<jkitchen> a little more complicated than I'd generally have done, I'd probably just throw it on S3 and call it good.
<jkitchen> but that's the lazy route :)
<Lownin> I'd love to use s3
<Lownin> I'm broke
<jkitchen> yea
<jkitchen> I hear you
<Lownin> wait...
<Lownin> okay
<Lownin> still there jkitchen?
<jkitchen> yup
<Lownin> FTP, uploads to homeserver
<Lownin> cool.
<Lownin> but the url now has to be homeserver/stuff
<Lownin> how does varnish intercept that? It can't
<jkitchen> it can't
<jkitchen> does it actually have to be homeserver?
<jkitchen> or can it be yourserver/otherstuff?
<Lownin> no but I don't understand how varnish knows to go to my homeserver for stuff.
<jkitchen> oh
<jkitchen> you tell varnish to use your homeserver for its origin
<jkitchen> and then point clients at the varnish
<Lownin> is the "origin" any of the config options referenced here? https://www.digitalocean.com/community/articles/how-to-install-and-configure-varnish-with-apache-on-ubuntu-12-04--3
<jkitchen> https://www.varnish-cache.org/docs/3.0/tutorial/backend_servers.html
<Lownin> oh perfect.  thank you!
<jkitchen> disclaimer: I haven't personally ever actually even looked at a varnish config.
<jkitchen> heh
<jkitchen> another team at $OLDJOB used it extensively
<jkitchen> but it's a pretty simple program, really
<Lownin> gah
<Lownin> hmm
<Lownin> thought
<Lownin> cached pages ala the ones server by varnish will mess with piwik javascript, won't it?
<jkitchen> Lownin: I would put varnish in front of your home server for now and proxy back to it for certain urls via your primary webserver
<jkitchen> so like, in apache you might to ProxyPass /uploads/ http://localhost:8002/
<jkitchen> and varnish listening on port 8002 caching things from your home server
<jkitchen> rather than putting it in front of the entire app
<jkitchen> eventually maybe having varnish live in front of the entire app, but that's once you're more familiar with varnish and such.
<Lownin> clients would then pull data on 8002 for things in /uploads?
<Lownin> clientside?
<jkitchen> they could, and it would seem that ftp plugin would support that and that would be valid
<jkitchen> or you could have it transparently done through nginx
<jkitchen> which is what I would do, personally
<jkitchen> through nginx/whatever web server you're using
<jkitchen> the ProxyPass example I mentioned above would be for apache, but nginx can do the same thing
<jkitchen> syntax may be different but it's the same concept
<Lownin> I'm on apache at the moment.  was only looking at nginx
<Lownin> I don't want clients to connect on anything other than 80/443 anyway
<jkitchen> then yea, look at apache's mod_proxy and the ProxyPass directive
<jkitchen> it's pretty straightforward
<eagles0513875> hey guys i am setting up apache2-mpm-event + php-fpm and mod fastcgi on kubuntu 13.10 for website development and testing on my localhost yet i am getting errors forbidden You don't have permission to access /php5-fcgi/index.php on this server.
<eagles0513875> any help would be greatly appreciated
<chz|bacon> evening all
<cipherboy> Would anyone be willing to help with a network adapter question? Running 13.10 Desktop, 3.11.0-12-generic on a new HP/AMD64 desktop. 13.04 used to work, but now ifconfig does not show any usage metrics on my eth0 device. Ifconfig: http://paste.ubuntu.com/6312474/    Adapters: http://paste.ubuntu.com/6312520/  Nothing in dmesg relating to the adapter
<Unkn0wn> I'm configuring apache, but the vhosts give me a headache
<Unkn0wn> For some reason, it just doesn't pick the right vhost. /var/www/vhosts/domain.com/httpdocs is my document root, but if I go to domain.com, there is no index.html
<Unkn0wn> But it is there
<Unkn0wn> I 3 double checked my vhost file for domain.com, so I think this is an DNS issue
<Unkn0wn> Any ideas?
<pmatulis_> Unkn0wn: check your logs
<Unkn0wn> Figured out already... Wrong IP in the DNS
<Unkn0wn> 65 instead of 56...
<Beatstreet> If I want to roll back to openjdk-6-jre do I have to uninstall openjdk-7-jre or just install 6 right over 7?
<eagles0513875> Beatstreet: you can install 6 and 7 along side each other
<eagles0513875> hey all i am unable to get apache 2.4 to work and display a site for me on localhost any help would be greatly appreciated to help me whats missing
<eagles0513875> i am using an apache2-mpm-event + phpfpm and mod fastcgi
<Sazpaimon_> does anyone know the performance difference between raid10 over mdadm versus lvm?
<Sazpaimon_> and does grub2 support booting either without a seperate /boot partition?
<Gaming4JC> Hello all, I am trying to connect to a NFS server as a client on Ubuntu server 12.04, but I'm getting this error: mount -t nfs 127.0.0.1:/z/test ~/mnt mount.nfs: rpc.statd is not running but is required for remote locking. mount.nfs: Either use '-o nolock' to keep locks local, or start statd.
<Gaming4JC> it seems to be related to rpcbind. The problem is rpcbind package is in conflict with nfs-common, so both cannot be installed together.
<Gaming4JC> and -o nolock simply results in...
<Gaming4JC> mount.nfs: No such device
<Beatstreet> is there a way to update openssl on 10.10 ?
<point> Hello, is there anyone I can talk to about an issue I'm having with ubuntu server?
<Gaming4JC> there's a few people here, but I think most are away from keyboard :/
<Gaming4JC> !ask | point
<ubottu> point: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Gaming4JC> :)
<point> Ok i will just ask the question hold on
<singularity9> Hey guys, i'm having some issues with setting up a cron job. This is the first time I do this, I want to run a script every 2 minutes. So I am typing: */2 * * * * myuser /opt/plexWatch/plexWatch.pl
<singularity9> this however returns: -bash: */2: No such file or directory
<singularity9> and I am within the /etc/ folder
<singularity9> where crontab is
<point> So I recently set up a server with an old computer in my home. I can control it through SSH on my laptop. I can put files on it and stuff so in that regard everything is working perfectly.  Only recently after a couple of days where everything worked as expected, the screen I have connected to the server gave me a continuous error message: "hub 1-0:1.0: unable to enumerate USB device on port 1" . This error message is only displayed on
<point> the screen that is connected to the server. When using SSH it's not displayed. I would find this problem not so important if everything else worked fine, but that is not the case anymore. I have 3 problems with this. 1st I can't turn off the server remotely anymore (sudo shutdown -h now) 2nd I can't turn on the server remotely anymore by using WOL (I was able to do this). 3rd (smaller issue) when I want to input commands into the server
<point> on the server itself (not using SSH) my commands work, but aren't readable because the error message keeps popping up. The third issue could be fixed by turning of the error message itself, but I figured by solving it entirely by just fixing the issue. I have looked for a couple for two days now for a fix, but nothing really came up. I only have a keyboard connected by USB to the server, but even when unplugged and restarting the server,
<point> it still shows the error message. Anyone know how I can fix this?
<singularity9> In addition, if I put it to run every minute, so I type: * * * * * singularity9 /opt/plexWatch/plexWatch.pl
<singularity9> it returns: No support for device type: power_supply
<singularity9> O_o
<singularity9> first time i tried using cron it said it needed 'acpi' â¦ so i installed that
<singularity9> if I run "/opt/plexWatch/plexWatch.pl" it works as expected..
<Gaming4JC> point: what version of ubuntu do you have? It seems newer linux kernel fixed that issue
<point> 12.04.03 LTS
<point> 12.04.3*
<Gaming4JC> hmm definately shouldn't be happening then. :(
<Gaming4JC> singularity9: cron can be a pain sometimes, you might want to try watch inside of a screen (messy but eh) :/
<naz> Hey all, newb here I wanto host a website from home using php etc, I've tried winserv 03 and its a damn headache decided I should try out ubuntu server
<naz> I'm wondering how hard it's going to be to setup an ubuntu-server, config a webserver that can host php, and mysql databases etc
<naz> Hey all, wanting to setup a server from home to host a website with php scripts, maybe later on mysql databases and other website things. I have an old machine Pentium 4 2.80ghz 32bit, 3 GB Ram
<naz> I'm wondering if I can use the latest ubuntu server or will i need to use a later version and if I do will it be safe and secure?
<bekks> naz: You should use 12.04 LTS.
<point> So I recently set up a server with an old computer in my home. I can control it through SSH on my laptop. I can put files on it and stuff so in that regard everything is working perfectly.  Only recently after a couple of days where everything worked as expected, the screen I have connected to the server gave me a continuous error message: "hub 1-0:1.0: unable to enumerate USB device on port 1" . This error message is only displayed on
<point> the screen that is connected to the server. When using SSH it's not displayed. I would find this problem not so important if everything else worked fine, but that is not the case anymore. I have 3 problems with this. 1st I can't turn off the server remotely anymore (sudo shutdown -h now) 2nd I can't turn on the server remotely anymore by using WOL (I was able to do this). 3rd (smaller issue) when I want to input commands into the server
<point> on the server itself (not using SSH) my commands work, but aren't readable because the error message keeps popping up. The third issue could be fixed by turning of the error message itself, but I figured by solving it entirely by just fixing the issue. I have looked for a couple for two days now for a fix, but nothing really came up. I only have a keyboard connected by USB to the server, but even when unplugged and restarting the server,
<point> it still shows the error message. Anyone know how I can fix this? (I asked this question a couple of hours ago but to no avail :( hoping anyone that logged in now will be able to help me)
<naz> thanks bekks, was worried since the machine is so old it might run slow but I will give it a try :)
<bekks> Well, it will run slow, but you should use a LTS release for a server at least.
<rbasak> jdstrand: please could you comment on bug 1245251? The reporter claims this is a regression.
<uvirtbot> Launchpad bug 1245251 in libvirt "Apparmor blocks usb devices in libvirt in Saucy" [Undecided,New] https://launchpad.net/bugs/1245251
<point> Ok so I reported this problem 2 times before but I'm going to give you a small recap because something interesting just happened.
<point> So my server gives me the error "hub 1-0:1.0: unable to enumerate USB device on port 1"
<point> But it stopped now
<point> I typed in lsusb to give me an overview of all usb devices
<point> and now it shows a device it didn't show when I had the error
<point> Silicon 10 Technology Corp. Flash Card Reader
<point> So I'm going to try to unplug this thing tomorrow
<point> but does anyone have any idea what could have triggered the stop of this error?
<point> just curious
<point> But it will probably just work when I have unplugged the card reader so it doesn't really mather
<Beatstreet> is there a way to update openssl on 10.10 ?
<Patrickdk> 10.10? that hasn't been supported for a long time
<qman__> 10.10 was end of life in april 2012
<qman__> the good news is that upgrading to a supported release is relatively easy
<qman__> the bad news is you'd have to do three upgrades to reach a supported release
#ubuntu-server 2014-10-20
<Laogeodritt> ruben23: as in you're looking for files starting with "IN"?
<Laogeodritt> ruben23: if yes, `find /directory/to/search -name IN\* -print` would work. You can look into other options for find (and ways to pipe the output to other commands) if you need to do operations on the files found
<Abhijit> this is my pressed raid configuration http://paste.fedoraproject.org/143429/78657714/  failed to write metadata /dev/sda error creating array /dev/md1 whats wrong? help
<Abhijit> using ubuntu 14.04 server iso.
<lordievader> Good morning.
<ochoroch> lordievader: fyi, my SSH Login issues was not fixed by updating the kernel ...
<ochoroch> lordievader: Good Morning..
<lordievader> ochoroch: Hmm, that is too bad.
<ochoroch> yep ... my boss forces me to find a solution even if it means reinstall using CentOS 7.... :-( ...
<Abhijit> reinstalll the boss.
<ochoroch> Abhijit: we did recently ...
<Abhijit> oh!
<lordievader> rm -rf <boss>
 * ochoroch investigating ... 
<Abhijit> this is my pressed raid configuration http://paste.fedoraproject.org/143429/78657714/  failed to write metadata /dev/sda error creating array /dev/md1 whats wrong? for two disks with 750gb each
<Abhijit> on ubuntu 14.404 server iso
<ochoroch> lordievader: is there a chance that a "busy" mysql prevent any login ....?
<ochoroch> after the weekend even apache died ...
<lordievader> ochoroch: Seems unlikely.
<lordievader> ochoroch: Have you checked your harware? Is it in okay condition?
<ochoroch> lordievader: asked the HyperV admin several times ... "Its new, it works and all lights are green" ....
<ochoroch> :-/
<ochoroch> lordievader: i'll try to run a apache benchmark against the server to get this issue in minutes ...
<ochoroch> ... instaed of hours
<Abhijit_> how to force ubuntu preseed to follow d-i passwd/make-user boolean false? its ignoring that line and asking me to type non root username and password?
<Abhijit> no one uses preseed ? :-(
<lordievader> ochoroch: That lights are green is no diagnostic...
<ochoroch> lordievader: i know .. this is what they say ... :-( ..
<ochoroch> one thing i just noticed: mysql tells me some tables are crashed, before i reboot ...
<ochoroch> crashed tables disapear after the reboot ...
<lordievader> ochoroch: Ask them nicely again, show them you have problem and would like to rule out hardware issues.
<ochoroch> lordievader: ok ...
<ochoroch> lordievader: asked as friendly as a german could be.... ;-) ... waiting for response ...
<lordievader> Hehe
<ochoroch> lordievader:  ab -n 50000 -c 100 http://domain.org/ .... <- tried to get the error when getting some load on that maschine ... but this did not change a thing ...
<ochoroch> are these messages normal for MySQL ? http://paste.ubuntu.com/8600572/
<lordievader> ochoroch: I'm not familiar with the command ab.
<ochoroch> -n is Users .... -c is requests per user iirc ....
<ochoroch> ab is Apache Benchmark ...
<lordievader> Interesting.
<ochoroch> lordievader: Windows admin said, Hardware is fine! ...
<lordievader> Did he check?
<ochoroch> HE said he checked ... today, and the day the hardware arrive ...
<ochoroch> THe Hardware is fairly new, 6 Month ...
<ochoroch> lordievader: only thing i can do is "Trust the Windows admin" ....
<lordievader> If it would be a Linux admin I might trust him... but Windows :P
<ochoroch> me either ....
<ochoroch> time told me win and Linux does not fit together ...
<cyber_dweller> do host in group in dhcpd.conf are considered known hosts? or i should host them also outside the group to make them known?
<yocapybara> hi guys I'm trying to remove ubuntu-desktop from a machine leaving it with just ubuntu-server.  I've tried tasksel but I just get aptitude failed (100), even after running apt-get update prior.  Any tips on how to completely remove the GUI without breaking the machine?  I'm on 14.04.1
<sarnold_> yocapybara: start with apt-get purge ubuntu-desktop unity xorg
<sarnold_> yocapybara: it'll complain about packages that depend upon those. add those to the command line and re-run.
<yocapybara> sarnold_: thanks ok and I just rinse and repeat that until it stops complaining?
<sarnold_> yocapybara: yeah, or you have no computer left :) hehe
<yocapybara> sarnold_: :)
<jargon> anybody know how to configure active directory with pam and kerberos? i can kinit on the server, but cannot ssh to it with an existing AD account. auth.log says http://dpaste.com/36FVM6A
<patdk-wk> why bother posting a log with a bunch of errors and warnings that tell you exactly what to do to fix them?
<learning> I am trying to compile stunnel 5.06 but getting this error in "make" step: stunnel-5.06/src/options.c:2123: undefined reference to `SSLv2_client_method'
<learning> Any idea how to fix this?
<sarnold_> learning: try changing that to SSLv23 ....
<learning> sarnold_: how to do that?
<learning> during ./configure step?
<sarnold_> learning: dunno, it might require patching if they didn't expose it easily..
<learning> btw, are there any alternative to stunnel?
<sarnold_> learning: ssh tunnels, socat, setting up a vpn, setting up ipsec
<learning> sarnold_: How about autossh?
<sarnold_> learning: sounds nice..
<linuxtech> I was about to fix a bug and debian/patches/series is non existent.  Does this mean that the other patches, including a CVE are not applied to build, and thus the all Ubuntu users?
<rbasak> linuxtech: there are some older patch mechanisms that might be in use there. In older times, debian/rules applied and unapplied the patches manually.
<linuxtech> So I should check the rules and make sure my patch goes in there also, or use quilt as usual?
<rbasak> Figure out what the packaging is doing, and fit in with that.
<teward> rbasak: ping, got a couple minutes?
<rbasak> teward: not many, but shoot.
<teward> rbasak: incoming PM, then
<linuxtech> OK, Thanks, I'll email you later about it since you triaged the bug I am working on.
<rostam> HI I am using ubuntu 14.04,  I see these messages on my log files, which seems cron job but not sure what command it runs:  CRON[23114]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)      thanks
<sarnold_> rostam: apt-file search debian-sa1  shows it comes from sysstat
<jrwren> rostam: its in /etc/cron.d/sysstat which sets a custom PATH
<rostam> sarnold,  jrwren  thank you so much
<learning> hey guys, when I run stunnel, I get this error: [!] error queue: 2606A074: error:2606A074:engine routines:ENGINE_by_id:no such engine [!] ENGINE_by_id: 260B606D: error:260B606D:engine routines:DYNAMIC_LOAD:init failed [!] Line 18: "engine = capi": Failed to open the engine
<learning> How to fix this?
<mfisch> hey zul, just finished talking to the keystone guys and you need to up the dep of python-keystoneclient to 0.10.1 for keystone
<zul> mfisch: oh?
<mfisch> yeah 0.10.1 is in the UCA anyway so anyone using it may be ok
#ubuntu-server 2014-10-21
<DenBeiren> hi,.. still someone awake :-)
<DenBeiren> iâm having problems purging old kernels
<DenBeiren> anyone able to help out?
<WJB> May I ask a crontab ? on here?
<ochoroch> Good Morning ... i'm still havin problems running Ubuntu 14.04 on HyperV (2012 R2). It becomes unavailable after some time (6-10 hours). i have setup a cronjob so see if mysql comes up again ... http://paste.ubuntu.com/8611033/
<ochoroch> but i'm now more worried about the last line
<ochoroch> "HV_FCOPY: open /dev/vmbus/hv_fcopy failed;" <- is this causing the server being unavailable, (no ssh, no apache)....
<lordievader> Good morning.
<RSchilder> Hellp ! I'm wondering if there Is someone who can help me? I'm trying to compile to PHp 4.5.33 in Ubuntu 14.04. Everything works till make-intall then I got the error: I got the error: cp: cannot stat 'sapi/cli/php.1' : No such file or directory. Make: *** [install-cli] error 1
<RSchilder> I'm sorry PHP 5.4.33
<_ruben> I'm still at a complete loss as how to get a properly functioning cluster using pacemaker/corosync (or any alternatives for that matter) .. none of the howtos I've found sofar match what's available on 14.04
<thejoecarroll> anyone here using etckeeper with git on any of their servers?
<coreycb> zul, jamespage: 2014.1.3 has been released to -updates
<zul> coreycb: cool i know :)
<jamespage> coreycb, I saw it flush through to the CA staging area as well - zul - there are xen and libvirt updates which ftbfs as well right now
<zul> jamespage:  ill get that today
<jamespage> zul, awesome
<coreycb> jamespage, ah good, the movement to the CA is at least semi-automatic
<coreycb> zul, thanks
<zul> jamespage/coreycb: xen and libvirt updated
<coreycb> zul, thanks
<ruben23> hi guys i have install ubuntu sererv 14.0 LTS ---> is it possible to chnage my default web directory..? how to do it..?
<smoser> smb, hey. https://bugs.launchpad.net/cloud-init/+bug/1377308
<uvirtbot> Launchpad bug 1377308 in cloud-init "booting cloud image without initramfs broken" [High,Triaged]
<smoser> you have any ideas what would do that ? essentially, boot without initramfs hangs on ppc64el and arm. see comment 3 for the cause of the regression.
<smoser> i tried diffing kernel configs http://paste.ubuntu.com/8616137/
<smoser> but there is a lot of stuff.
<smb> smoser, not right away. give a minute to read through stuff
<smoser> i was hoping for CONFIG_DEVTMPFS is not set
<smoser> but did not get so lucky.
<genii> ruben23: Change the DocumentRoot in whatever sites you have enabled in /etc/apache2/sites-enabled/
<smb> smoser, was 3.13.0-30 actually the last good kernel? As for bad you have a 3.13.0-36 version
<smoser> no. its not kernel related.
<smoser> its cloud-init's botched expectation
<smoser> on intel, somehow /run ends up getting mounted correctly.
<smoser> where on ppc64 and arm it doesnt. and thus blocks boot
 * genii ponders /run versus /var/run
<lordievader> genii: Isn't one a symlink to the other?
<genii> Supposed to be, AFAIK
<smb> smoser, Have you tried adding a "debug" to the kernel command line and maybe initcall_debug as a second step. MAybe that shows more clearly where it stops
<smoser> debug or --debug
<smb> smb, The only next thing in the current logs is probably a message caused by the udev failsave gfx device script.  "debug" makes the kernel more verbose
<smb> smoser, So actually, do you say it probably never worked on arm64/ppc64el without initrd?
<smb> If so that might be some module (maybe framebuffer) that is in the initrd for those arches...
<smoser> probably.
<smoser> smb, really. you think fb module could cause that ?
<smb> smoser, wild guess. mostly because of the "* Stopping Send an event to indicate plymouth is up" as the first event later than those in the bad case.
<smoser> smb, just attached full '--debug' logs.
<smb> smoser, But "initcall_debug" maybe shows better what is going on
<smoser> you want initcall_debug also ?
<smoser> is that upstart or kernel ?
<smb> smoser, I did not want --debug in the first place :-P
<smoser> alright . debug initcall_debug coming
<smb> smoser, But give me a sec, maybe upstart debug is doing  enough
<smb> smoser, Erm.... that looks like it was with initrd (or at least came up)
<smoser> ?
<smoser> why do you say that ?
<smoser> the kvm line is there. you can see '-append' is honored (ie, it came from qemu loading kernel)
<smb> smoser, Because if you could give me the log with --debug from a start that hangs it would be simpler to figure out what the last thing started was
<smoser> smb, i gave you that, no?
<mdeslaur> hallyn: any progress on getting the qemu and libvirt SRUs accepted?
<mdeslaur> hallyn: I'm waiting for security updates
<smoser> https://bugs.launchpad.net/cloud-init/+bug/1377308
<uvirtbot> Launchpad bug 1377308 in cloud-init "booting cloud image without initramfs broken" [High,Triaged]
<smoser> i have a suspicion
<smb> smoser, meh, my fault you gave me amd64 and ppc64el and I looked at amd64 thinking it to be arm64
<smoser> ah.
<smoser> yeah, those strings are way to similar.
<smoser> i think this is it:
<smoser> [    0.258368] init: plymouth-upstart-bridge main process (76) terminated with status 1
<smoser> [    0.258506] init: plymouth-upstart-bridge main process ended, respawning
<smoser> https://bugs.launchpad.net/ubuntu/+source/plymouth/+bug/1370913
<uvirtbot> Launchpad bug 1370913 in plymouth "init: plymouth-upstart-bridge respawning too fast, stopped (dup-of: 1309617)" [Undecided,New]
<uvirtbot> Launchpad bug 1309617 in plymouth "plymouth-upstart-bridge main process (189) terminated with status 1 at boot" [Medium,Confirmed]
<smoser> and this smells related.
<smb> smoser, apparently that happens more often than not. may mean nothing
<smoser> https://bugs.launchpad.net/ubuntu/+source/plymouth/+bug/1370913
<smoser> see comment 17 at https://bugs.launchpad.net/ubuntu/+source/plymouth/+bug/1160079
<uvirtbot> Launchpad bug 1160079 in plymouth "plymouth aborts in cloud images" [Medium,Fix released]
<hallyn> mdeslaur: i'll takea  look in a bit and see if i can push it along
<smb> smoser, So maybe it is in some way related to something about console. As it is working with initrd this sounds something is in there that makes it work. Though I am not that familiar with those two arches
<smb> I 'll ask around
<mdeslaur> thanks hallyn
<mgw> I have a question on how packaging is commonly handled with regard to repositories -- e.g., if I want to maintain a package (for several OS releases) for a git project that has no /debian dir... what is the normal way to set up my own repo?
<mgw> Is there an ubuntu or debian packaging channel?
<RoyK> "unexpectedly shrunk window" <-- anyone that knows how I can stop the kernel from logging this?
<dine909> do i have to source /etc/fstab.d/*.conf in /etc/fstab for it to work?
<sarnold_> hah, never seen that before..
<sarnold_> I suspect it should work without any modifications to /etc/fstab
<dine909> hmm
<dine909> not so
<dine909> http://askubuntu.com/questions/168290/why-cant-mount-read-files-in-etc-fstab-d
<dine909> not sure what this means:
<dine909> 	â¢	The feature has been added in the latest util-linux 2.21 (the https://www.kernel.org/pub/linux/utils/util-linux/v2.21/v2.21-ReleaseNotes say "Use filter arg of scandir* to pickup /etc/fstab.d/*.fstab files")
<dine909> just tried a file called /etc/fstab.d/data.fstab
<dine909> ah
<dine909> right under it
<dine909> "The /etc/fstab.d support has been reverted from mount(8) after upstream http://marc.info/?l=util-linux-ng&m=132740311801201&w=2"
<dine909> thought it was too good to be true
<sarnold_> interesting
<dine909> i'll do it in upstart i guess
<dine909> same post roughs out a way to mount from a fragment of an fstab
<dine909> i'm generally liking the .d of things lately
<sarnold_> it took me a while to come around to it
<sarnold_> when it was xinet.d I hated it, I really liked inetd :)
<dine909> makes so much more sense from a packaging aspect
<qman__> Makes upgrades a lot easier
<qman__> Package maintainer can change his files without affecting mine
<dine909> being able to sneak an interface.d file in is so much nicer than having scripts to mangle interfaces file
<dine909> has anyone found a nice way to clean up a package repo from old packages
<raijin> hello, I have two libc6's installed and it is causing dep issues
<bekks> How did you manage to install two of them?
<raijin> bekks: it came like this
<raijin> bekks: it seems to be actually some name issue
<bekks> raijin: Can you be way more precise please? :)
<raijin> bekks: http://paste.ubuntu.com/8618614/
<bekks> raijin: Can you pastebin "apt-cache policy libc6" too, please?
<raijin> http://paste.ubuntu.com/8618628/
<raijin> ok
<bekks> raijin: Can you pastebin "apt-cache policy libc6" too, please?
<raijin> bekks: http://paste.ubuntu.com/8618643/
<bekks> raijin: That looks like an odd package source.
<raijin> it is correct, I was having resolution issues as well
<dasjoe> It's (one of) us.archive.ubuntu.com's IP address(es)
<raijin> s/was/am
<raijin> my vps was corrupted and I am attempting to configure the new one, and it came with all these issues
<bekks> raijin: Can you pastebin a "sudo apt-get update && sudo apt-get dist-upgrade" then?
<raijin> I will try it
<raijin> same error
<bekks> Whats the output of the commands asked?
<Alina-malina> how to know what OS is running on current machine, i am in ssh, but i dont know what it is running, because apt-get doesnt work for me:-/
<Alina-malina> no nano as well :-/
<teward> Alina-malina: lsb_release -a
<teward> maybe?
<Alina-malina> no that doenst work as well :-/
<raijin> bekks: i posted the pastebin
<sarnold_> Alina-malina: cat /etc/*release*
<Alina-malina> oh super
<Alina-malina> it is centOS
<Alina-malina> :-/
<Alina-malina> how i do the stuff there eh
<bekks> raijin: The last pastebin isnt showing the commands I gave you.
<raijin> yes it is
<sarnold_> Alina-malina: iirc, yum install <foo>
<raijin> bekks: http://paste.ubuntu.com/8618643/
<teward> sarnold_: you're right but the package names vary substantially
<raijin> oh
<Alina-malina> what is iirc ? do i need to add thate everytime?
<teward> !centos | Alina-malina
<Alina-malina> and there is no nano:(
<Alina-malina> oh
<Alina-malina> sorry
<sarnold_> Alina-malina: sorry, "if I recall correctly"
<raijin> bekks: you want the dist-upgrade results?
<teward> Alina-malina: `iirc` is "I I Recall Correctly"
<teward> or "If I Remember Correctly"
<teward> booo ubottu
<bekks> raijin: I want the output of: "sudo apt-get update && sudo apt-get dist-upgrade"
<Alina-malina> oh:)
<Alina-malina> hehe
<Alina-malina> alreayd:))
<Alina-malina> alright
<Alina-malina> *
<raijin> bekks: sorry , here it is http://paste.ubuntu.com/8618794/
<teward> sarnold_: quick question - is there any harm in running `do-release-upgrade -s` to see what breaks and stuff?
<teward> durig the upgrade process, that is
<teward> (LTS-to-LTS, that is)
<sarnold_> teward: sorry, no idea, never tried it..
 * teward shrugs
<teward> meh, i'll backup my home dir... i'm going to need a new hard drive first...
<teward> hmm
<teward> (this is on my server :P)
<keithzg> Hmphh. Gmail's thoroughly unhelpful refusal to connect to my SMTP server continues to annoy me. "We are having trouble authenticating with your other mail service" explains nothing, especially since STARTTLS connections from desktop clients work fine. Sigh.
<smoser> jdstrand, i think you can just answer.
<smoser> i'm looking to do a sru to trusty of curtin
<smoser> curtin is at 0.1.0~bzr190-0ubuntu1 in utopic
<smoser> and want to bring the same (0.1.0~bzr190) to trusty
<smoser> trusty is now at 0.1.0~bzr126-0ubuntu1
<smoser> what version string should i use for trusty-prposed upload ?
<smoser> 0.1.0~bzr190-0ubuntu1~14.04 ?
<dine909> i run ubuntu machines in exhibition / kiosk type scenarios, where process monitoring is key - i'm looking for a monitoring agent and server - any i should avoid or marry?
<dine909> apart from opennms which should be taken out back and shot
<sauce> hey, i have ubuntu server 12.04. I am missing /usr/bin/Mail.  so i tried to apt-get install update-alternatives, but the package doesn't exist. anyone know what i'm talkin about?
<dine909> sauce, try "sudo apt-get install mailutils"
<sauce> dine909 sorry for the confusion, /usr/bin/mail is installed. I am missing the /usr/bin/Mail (upper M)
<dine909> not sure what package that might be, definitely not a standard ubuntu package
<sauce> opsview requires that path. no idea why. there is some historical reason for it
<sauce> even opsview's apt packages from their repo
<dine909> try running it under strace
<dine909> see if you can work out exactly why it needs it and then symlink in the required file
<dine909> or make a decision based on the strace output
<dine909> pastebin it
<Kawaiola> Hey All, can I use any desktop distro as a desktop environment for ubuntu server?
#ubuntu-server 2014-10-22
<ruben23> hi guys...i have  external HDD plug to my ubuntu server and wanted to copy the file on it any idea what nexts to be done..? after pluggin in...?
<namredips> Trying to get a preseed working for a multi-nic machine, but even with d-i netcfg/choose_interface select auto, installer is asking for primary nic. This is with 14.04.1 LTS, any thoughts?
<lordievader> Good morning.
<ochoroch> lordievader: Good Morning ...
<ochoroch> lordievader: another day another restart ;-) .... still the same issue ...
<lordievader> Hey ochoroch, how are you?
<ochoroch> Not to bad despite the Server situation which cant be fixed ....
<ochoroch> at least not by me :-/ ....
<ochoroch> lordievader: and how about you? all good?
<lordievader> ochoroch: Apart from a hardware issue I can't think of anything that can be the cause.
<lordievader> ochoroch: I'm doing good :)
<ochoroch> good :-)
<ochoroch> lordievader: Hardware is fine said the admin
<mdeslaur> hallyn: thanks for the libvirt and qemu update
<mdeslaur> updates
<hallyn> np
<fridaynext> hdparm -y spins down my hard drives - how do I spin them back up?
<elliotd123> iputils ping seems to report the wrong IP address for replies sometimes. I didn't notice this in the past, so I wonder if it's something newer? I'm using 14.04.1
<elliotd123> If a host is down, and the last hop router is reporting host unreachable, then the host comes up, the replies appear to be coming from that last-hop router, not the host you are pinging, which is incorrect
<elliotd123> (until you cancel and start the ping again, then it's correct)
<jsonperl> Hello I'm having some system issues and digging into sysstat output
<jsonperl> http://pastie.org/9668119
<jsonperl> performance gets quite bad as faults spike
<rostam> HI I am using ubuntu 14.04, In /etc/fstab I have this entry:/dev/mapper/goofy-root /               ext4    discard,noatime,commit=600,errors=remount-ro 0     My question is what the commit=600 means, is it 10 minutes?
<sarnold_> good question; mount(8) only mentions commit= as an option for ext3, not ext4
<rostam> sarnold, thank you
#ubuntu-server 2014-10-23
<carneous> anyone using nfs with 14.10? mine is hanging and a friend reports on a different distro his was problematic until he went kernel 3.16.3 -> 3.16.4
<carneous> oh, and oops in kern.log with traces to nfs functions
<kewl_> we're using 3.13.0-37-generic and are having a real issue with network activity spiking around 4 PM every day. Not sure if it is a NFS issue. We're having lots of failed connection attempts from various low port numbers ... something seems to be scanning across them trying to send messages. Stack trace of 100% kworker process here: http://pastebin.com/umm58ZSW
<kewl_> All of this failed connection activity is loopback, I forgot to mention.
<carneous> same issue 3.16.6 mainline :/
<carneous> working fine again 3.14.22 mainline
<lordievader> Good morning.
<cyber_dweller> why does isc-dhcp drops messages to syslog even after :programname,isequal,"dhcpd" /var/log/dhcpd
<cyber_dweller> why does isc-dhcp drops messages to syslog even after i've redirected it in rsyslog with,  :programname,isequal,"dhcpd" /var/log/dhcpd
<cyber_dweller> rsyslog creates /var/log/dhcpd and writes to it, message still apears in syslog
<cyber_dweller> why does isc-dhcp writes messages to syslog even after i've redirected it in rsyslog with,  ":programname,isequal,"dhcpd" /var/log/dhcpd",  rsyslog creates /var/log/dhcpd and writes to it, message still apears in syslog, what is happening, is it a bug in rsyslog?
<ochoroch> lordievader: daily update: Moved 1 VM from HyperV to Virtualbox, issue gone / VM is working.
<ochoroch> Conclusion: HyperV is SHIT! ....
<lordievader> Heh, what do you know... Nice though.
<ochoroch> Basically, HyperVs backups kills Ubuntu <-- needs more testing but i'm szre ...
<ochoroch> sure..
<lordievader> ochoroch: If it needs more testing you are not sure ;)
<ochoroch> lordievader: true ...
<ochoroch> at least im sure its running well on Virtualbox ...
<Aison0> i upgrade from precise to trusty and now apache2 is no longer working. I already change to Require all granted
<Aison0> but the problem looks more fundamental. VirtualHosts are no longer recognized at all
<Aison0> eg. go to www.alvhaus.ch
<Aison0> then it shows the default site instead of the right page
<sarnold_> Aison0: a lot changed between apache 2.2 and apache 2.4. your best bet is to read the logs, read the docs, read the logs, read the docs, etc :)
<Aison0> sarnold_, there is NOTHING in the logs :)
<Aison0> when I access the server, I don't s see something in error.log
<sarnold_> Aison0: ah :) that complicates things significantly
<kpettit> Goodmoring.  Any suggestion for a good external backup service that works well with Ubuntu that's fairly cheap for backup in the TB range?
<ochoroch> kpettit: you want a backup server, not a backup Software?
<kpettit> Yeah.  Trying to find cheap external backup kind of storage.  I'm looking at crashplan, spideroak and rsync.net
<sarnold_> kpettit: also check out tarsnap and doing your own amazon glacier thing
<kpettit> I'm trying to find the magic combo of cost effective, works on Linux/Windows/Mac, etc, etc
<ochoroch> kpettit: ok ... if you have your own Hardware to do Backups on you can use BackupPC ... which i like to use for doing backups ...
<lordievader> Dirvish \o/
<kpettit> I've got rackspace cloud and their added storage isn't too much.  I'm just lazy and want something that's easy to scale that I don't have to mess with much
<igalic> hello happy people o/~
<igalic> i'm having issues
<igalic> with preseed, in particular: i'm pointing it to a mirror / directory that my isp runs, and it's unable to find a Release file.
<igalic> brain fart: i inserted ubuntu instead of trusty -- in the wrong kind of places....
<sarnold_> woo :)
<igalic> still thining this is true, though: https://twitter.com/hirojin/status/525283520475070465
<sarnold_> .. mostly because the great a'tuin doesn't yet know about maas or juju
<igalic> juju feels icky.
<igalic> current status: it does everything up to the point where it's supposed to install our package list. that fails because of reasons. reason being that it doesn't /actually/ setup any of our extra repos (apt.puppetlabs.com and our internal repo)
<cemc_> hi. I've isntalled 14.04.1 server in a VM in virtualbox, had two ethernet devices (eth0, eth1). networking worked just fine. after that, I copied the system to a physical machine, with 3 NICs. on ubuntu they don't show up as eth0,1,2 and I don't have the file 70-persistent-net.rules as before on 12.04 or 10.04. how can I generate that file?
<rbasak> cemc_: that might be some interaction with biosdevname, if that helps your searching.
<sarnold_> cemc_: mine says in part /lib/udev/write_net_rules and persistent-net-generator.rules
<sarnold_> biosdevname will probably wreck the eth0/1/2 that you're used to but it might bring benefits that justify it..
<kewl_> we're using 3.13.0-37-generic and are having a real issue with network activity spiking around 4 PM every day. Not sure if it is a NFS issue. We're having lots of failed connection attempts from various low port numbers ... something seems to be scanning across them trying to send messages. Stack trace of 100% kworker process here: http://pastebin.com/umm58ZSW
<kewl_> All of this failed connection activity is loopback, I forgot to mention.
<kewl_> UPDATE: This activity is a set of failed TURN requests.
<cemc_> sarnold_, rbasak my first confusion is, why is there no 70-persistent-net.rules file at all ?
<sarnold_> cemc_: no idea
<rbasak> cemc_: I don't know. I wonder if it's suppressed if biosdevname is in use (which is BIOS-dependent)
<igalic> of course. they have to be ordered. i always forget about that. apt-setup/local0/* that is.
<Azaril> hey
<Azaril> is there a reason precise nginx package doesn't allow nginx-extras?
<igalic> joy. can't install linux-tools, because they depend on linux-image-extra, which apparently has a postinstall script that depends on upstart running...
<teward> Azaril: yeah, it's old
<Azaril> o
<Azaril> ok
<teward> Azaril: closer to Trusty release, Debian updated the `nginx` metapackage to depend on any of the variants
<Azaril> is there a way i can override that
<teward> Azaril: `sudo apt-get install nginx-extras nginx-common`
<Azaril> without rebuilding the nginx package
<Azaril> ok
<Azaril> i get that
<teward> Azaril: you don't need the `nginx` package, it's just a metapackage that points at the other nginx packages
<Azaril> but my puppet module doesnt like it
<teward> then puppet is evil.
<Azaril> haha
<teward> Azaril: alternative: use the PPA
<cemc_> sarnold_, rbasak found it, thanks http://ubuntuforums.org/showthread.php?t=2219332
<teward> hate to recommend it but...
<Azaril> no its just i dont want to have rewrite it to fix what ever config some previous sysadmin did :P
<teward> ooooo so you inherited junk
<Azaril> sooo much junk
<teward> (sorry i'm a little annoyed at the world today, forgive me for being a bit harsher than normal)
<Azaril> haha
<Azaril> you dont have to deal with these servers mate :P
<teward> Azaril: short of manual removal of `nginx` and instead `sudo apt-get install nginx-extras nginx-common` or using an updated package like in the https://launchpad.net/~nginx/+archive/ubuntu/stable (NGINX Stable PPA)...
<teward> i don't see how you can solve that.
<Azaril> ive spent the past 3 months trying to fix these servers and i am still constantly surpised that half this stuff works
<teward> !info nginx precise
<teward> booo ubottu
<Azaril> for my custom compiled modules i fixed it myself
<ubottu> nginx (source: nginx): small, but very powerful and efficient web server and mail proxy. In component universe, is optional. Version 1.1.19-1ubuntu0.6 (precise), package size 5 kB, installed size 85 kB
<sarnold_> cemc_: I'm still confused :)
<teward> urgh, 1.1.19...
<Azaril> ok
<Azaril> yeah i know
<Azaril> so old
<teward> Azaril: yeah that's almost ancient
<Azaril> sadly my xen server version doesnt support trusty
<Azaril> who uses xen server anyway right?
<cemc_> sarnold_: :)
<igalic> hrm... still trying to install linux-image-extra... so it's not my fault :|
<igalic> wtf. https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1317602
<uvirtbot> Launchpad bug 1317602 in linux "package linux-image-3.13.0-24-generic 3.13.0-24.46 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Medium,Confirmed]
<igalic> (none of those workarounds make any sense)
<rberg> doesnt support? thats odd, what needs to be supported? make fstab use xvda and make getty spawn a login on hvc0 then allow root login on hvc0.. what else?
<namredips> So I have been trying to get an unattended pxe boot deployment to work for a while, but I canât seem to the installer to auto select the network interface. Any ideas?
<namredips> Have this in the preseed: d-i netcfg/choose_interface select auto
<rbasak> namredips: are you trying to preseed network interface selection? If so, how are you fetching the preseed? Over the network?
<namredips> rbasak: yeaâ¦ via cobbler
<rbasak> namredips: to fix that chicken-and-egg problem, preseeds can also be specified via the kernel command line. I don't remember the exact syntax though.
<namredips> hmmm
<namredips> rbasak: obvious, but very pertinant thoughtâ¦
<namredips> rbasak: I recently moved from MAAS to cobbler, didnât even thing about that. Since I suspsect MAAS handled it all without me knowing
<namredips> rbasak: thanks!
<namredips> rbasak: gives me at least a direction to look
<rbasak> No problem.
<namredips> rbasak: that did it, its always the obvious ones that kill so much of my time :)
<jamespage> zul, smoser, hallyn_, beisner, coreycb, kickinz1, gnuoy, matsubara, rharper, lutostag, roaksoax: nice work guys!
<jamespage> anyone I missed?
<jamespage> dosaboy, you to!
 * smoser was wondering last night if it'd be possible to get a "contributors" list.
<smoser> jamespage, you missed rbasak
<rharper> jamespage: awesome, great job too
<smoser> woud'nt be too hard to pull utopic-changes
<dosaboy> jamespage: tanks!
<dosaboy> jamespage: likewise!
<coreycb> jamespage, great job!
<mediahome> hello
<mediahome> i'm quite new on ubuntu server but will learn
<mediahome> i have some questions maybe somebody could give me answers
<sarnold_> welcome mediahome; if you haven't seen this yet, you might like to start here :) https://help.ubuntu.com/14.04/serverguide/
<sarnold_> mediahome: sure..
<mediahome> yes
<mediahome> read a lot
<mediahome> done a lot
<mediahome> but its time for some good answers
<sarnold_> :)
<mediahome> will use 14.04 for home server
<mediahome> tv server
<mediahome> media server
<mediahome> tv server every thing is cool
<mediahome> media server not really
<mediahome> samba in console is to heavy at the moment
<mediahome> so i found swat
<mediahome> but dont know if its really good
<mediahome> doesn't kill the system like webmin
<mediahome> and so on
<mediahome> so do the prof server guys use swat
<mediahome> or not
<mediahome> i can't believe that bigger networks will be managed only by the console
<mediahome> :-)
<sarnold_> do not expose swat to untrusted network input; the samba team dropped it due to security concerns
<mediahome> yes i read that
<sarnold_> things get easier with terminal-based administration, it's easier to script around operations done hundreds or thousands of times..
<mediahome> but for an new linux guy it might be heavy
<mediahome> so there other options to manage ?
<sarnold_> samba especially, the SMB protocols are horrible
<mediahome> :-)
<mediahome> why horrible
 * lordievader mumbels something with windows...
<sarnold_> mediahome: it's got multiple security models, none of which are great, and none of which really integrate well with linux.
<sarnold_> mediahome: a few minutes reading https://www.samba.org/samba/docs/man/manpages/smb.conf.5.html   oughtto convince you that it's miserable..
<mediahome> ok so there are other options?
<sarnold_> nfs works alright if you've got nothing but unix-ish machines :)
<kpettit> mediahome: depends on what your sharing with.  I like plex.  So I run the plex media server on Ubuntu and share with my Roku, TV and mobiles.  Works great
<mediahome> clients are windows machines
<mediahome> so nfs not an option
<kpettit> what types of files are you sharing?  Normal office docs or mainly movies/audio kind of thing?
<mediahome> movies audio
<mediahome> pictures
<kpettit> plex is a good media only server.
<mediahome> does plex do transcoding ?
<kpettit> If you want simple you can also just use SSH and on windows get a SSHFS client that basically lets you may a Linux server you can ssh into as a drive letter
<kpettit> yes it does
<mediahome> ok not really like transcoding :-)
<kpettit> what version of windows?
<mediahome> 8.1
<mediahome> windows 7
<kpettit> Windows 7 and older you can use this to map any computer you can SSH into as a drive letter https://code.google.com/p/win-sshfs/
<kpettit> But it doesn't work well if at all on Windows 8.  There are other commercial ones that let you map stuff though.
<kpettit> Really SMB should be the easiest way to go.  But if you can't use that for whatever reason just using SSH is another option, or like I mentioned plex media server.
<mediahome> maybe i should read more and get smb to work :-)
<kpettit> smb for windows on a home work is a no brainer best solution.  If your not used to the CLI stuff it can be painful.
<kpettit> If you want a GUI to configure samba you can look at something called webmin which is a web GUI for tons of Linux stuff.
<kpettit> Or you can just drudge your way through figuring it out.
<Pici> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<jrwren> mediahome: i use samba, it works great. Its easy to configure once you learn it. Just edit the smb.conf file. It is not hard.
<kpettit> Yeah I wouldn't use webmin for everything but for basic stuff like samba it's ok.  It's always better if you can learn the CLI
<mediahome> read a lot about webmin
<mediahome> but nothing really good
<jrwren> mediahome: I've used ubuntu with samba as a home file server for XBMC to play media for 7+years. It works very well.
<kpettit> mediahome: Then your best choice is to start experimenting with Samba and give it a whirl.
<mediahome> ok so i have to do what has to be done and get my lazy ass to get it work
<kpettit> haha, you got it.
<mediahome> thanks a lot
<jamespage> sarnold, jdstrand: thanks for those MIR reviews today btw - much appreciated
<sarnold_> jamespage: you're welcome :)
<sarnold_> jamespage: sorry for the last-minute crossing the finish line results.. last few weeks have been hectic..
<beisner> jamespage, thank you for the great work as well!
<jamespage> oh forgot rbasak :-)
<kpettit> mediahome: I just setup smb in about 5min.  If you've install samba installed you can use something like the following as a place to get you started http://pastebin.com/APjKaXxJ
<mediahome> thanks
<mediahome> will check it
<kpettit> No problem that example will give you a all access share
<kpettit> just change the path under allaccess to go to what you want to share.
<kpettit> restart samba then you should be good to go.  I just tested that on a couple windows machines here and it worked great.  So that should do the trick for ya
<jdstrand> jamespage: you're welcome. sorry for the delay. 99.9% of the thanks should go to sarnold_ though :)
<mediahome> ok i will get it :-)
<hardwire> Anybody else having issues installing 14.04 via UEFI?
<hardwire> looks like it's trying to boot files that don't exist.. and when I attempt to load vmlinuz grub can't match the magic.
<RoyK> just tried a couple of times worked
<hardwire> might just be this laptop. Debian UEFI install works fine.
<hardwire> But it seems like it's looking for stuff that doesn't exist.. had to capture video of it and slow it down so I could read it
<Guest91863> Does anyone here use postfix or emix in a production environment or is dealing with spam and ensuring your outgoing mail isn't flagged as spam not worth the trouble?
<Guest91863> Will EC2 instances or Azure instances running postfix or emix be flagged as spam?
<ruben23> hi guys im copying a huge file between two ubuntu server that is remote from each other but reachable - file size (14845841920) any fastest way i can do this and wont timeout..?
<alreece45> ruben23: I'd consider rsync. However FTP could be faster. Manual Compression may help. And using some sort of physical mover of information (a carrier pidgeon, a human, a bear) could prove very quick, depending on the distance
#ubuntu-server 2014-10-24
<bekks> ruben23: zsync
<ruben23> bekks:  how to do this..?
<alreece45> zsync = rsync over http? wouldn't rsync's specialized protocol be a bit faster?
<mwhudson> zsync/rsync only help if you have most of the data on both ends already surely
<alreece45> bekks: Network Bandwidth, Latency/Distance, Disk Bandwidth/IOPs, CPU(s), and File Content (Sparse? Compressable?) all affect which method will be fastest for your particular use case. Best to start copying with something (probably rsync) until you find something faster.
<ruben23> guys if im doing this ---> tar -cvjf htr-vm.vdi.bz2 /media/htr-external  then my ssh termianl which i did execute this timeout does the process ends..?
<sithik> Hey guys, trying to wrap my head around what exactly I'm looking to do and how to go about doing it. Essentially I'm looking to have two webservers using the same data/synced data. Am I essentially just needing to have BOTH machines be gluster/NFS clients AND servers? I mean, technically I can have one gluster/nfs server, and just have the webservers be clients, reading from the networked
<sithik> mount but I'm fairly certain having webservers reading and compiling files over a network mountpoint would be fairly silly?
<ochoroch> lordievader:
<ochoroch> Daily report: HyperV Backups kills the running Ubuntu VM ... Workaround: Disable VSS Backup on HyperV ....
 * ochoroch is happy now ...
<ochoroch> For the future: /me runs when catching sight of Windows/MS Software ...
<Kartagis> hi
<Kartagis> we have got a VPS running Ubuntu Server, and mysql doesn't start on boot even though upstart links exist. how come?
<lordievader> Good morning.
<ggco> bom dia
<sander^work> Can I use the same initrd.img for diffrent kernel versions.. as long as the hardware is the same?
<sithik> anyone here familiar with glusterfs?
<khax> alina-malina
<zul> coreycb: 1.2.2-0ubuntu13.1.6~cloud0 has been uploaded
<coreycb> zul, what pkg ?
<Alina-malina> khax, khax
<dw1> how can I determine what caused my LVSs to be flagged for check at next reboot?
<dw1> they seem fine.
<dw1> perhaps its an automated check scheduled - how do I view that :/
<dw1> fstab has 0 2 at the end but i never noticed the message before :/
<dw1> in motd
<tych0> rbasak: have you seen this? http://paste.ubuntu.com/8657319/
<tych0> fresh upgrade to utopic
<jamespage> smoser: around?
<rbasak> tych0: no, not seen it before. Is it reproducible?
<tych0> i guess upgrade trusty => utopic and run :)
<smoser> jamespage, here. whats up?
<tych0> perms are
<tych0> -rw-r--r-- 1 libvirt-qemu kvm  827M Oct 24 10:17 x-uvt-b64-Y29tLnVidW50dS5jbG91ZDpzZXJ2ZXI6MTQuMTA6YW1kNjQgMjAxNDEwMjIuMw\=\=
<jamespage> smoser, are you aware of anything in maas 1.7 + associated curtin which would cause umask to behave oddly?
<jamespage> specifically in python
<jamespage> https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1382632
<uvirtbot> Launchpad bug 1382632 in horizon "Insecure key file permissions" [Undecided,Confirmed]
<jamespage> for context
<jamespage> I can reproduce under maas 1.5 on trusty
<jamespage> the reported has this with maas 1.7 on trusty
<gioele> hello, could anyone that uses unattended-upgrades send me one or two examples of the email it generates?
<jamespage> smoser, that should have been I can't repro under maas 1.5
<smoser> jamespage, did curtin change in those 2 cases?
<smoser> https://bugs.launchpad.net/ubuntu/+source/iputils/+bug/1313550 comes to mind.
<uvirtbot> Launchpad bug 1313550 in maas "ping does not work as a normal user on trusty tarball cloud images." [High,Confirmed]
<jamespage> smoser, yeah
<jamespage> smoser, I'm not sure tbh
<jamespage> but that's the only diff I've been able to spot so far
<smoser> where did you get 1.5 and 1.7 ?
<TheEagerPadawan> hi guys, i'm wondering where i can find tutorials regarding server configuration
<sarnold> TheEagerPadawan: tada :) https://help.ubuntu.com/14.04/serverguide/
<TheEagerPadawan> sarnold: anything more in depth?
<sarnold> TheEagerPadawan: the world of manpages :)
<smoser> jamespage, do you have a system that demonstrates this behavior ?
<jamespage> smoser, nope - Tribaal
<jamespage> might have
<linocisco> hi all
<linocisco> I have no public static IP. I want to setup webserver and publish website so that I can access anywhere from web. How could I do ? any step by step guides?
<sarnold> linocisco: investigate dynamic dns services
<linocisco> sarnold, Do I need to buy domain name? The idea is I have QNAP which NAS device that can run many linux based server roles .Web, Proxy, CMS, many ++. I want one inventory application on that to be accessible from web. What do I need?
<sarnold> linocisco: most dynamic dns services let you pick a name in their domain
<sarnold> e.g. linocisco.dyndns.com or something similar; there are many services, some are doubtless better than others. I haven't used any, so can't recommend any specific one.
<dasjoe> I like to use http://freedns.afraid.org/
<sarnold> dasjoe: wow, cool.
<linocisco> sarnold, If I have got that Dynamic DNS service, what else I should configure?
<sarnold> linocisco: I suggest using two; sometimes one goes down..
<linocisco> sarnold, If I have got that Dynamic DNS service, what else I should configure without buying static IP?
<sarnold> linocisco: ensure you don't allow password-based connections on ssh. use ufw to only allow the specific ports you want.
<linocisco> sarnold, thanks
<linocisco> has anybody used GLPI and OCS-NG together?
<bananapie> other than firewall ( iptables ), is there anything that would prevent a specific udp stream from leaving my server ? I see the stream in tcpdump but I don't see it at the remote server. Most udp streams go through without issue. ( One of the remote servers in testing is on the same ethernet switch. Another one is half a dozen hops away on the open net ).
<bananapie> If I have the rule 'iptables -A OUTPUT  -m state --state INVALID -j DROP', if a packet is matched, I should see it counted in iptables --list -v -n right ?
<K4k> Anyone here familiar with postfix virtual domains? I'm trying to figure out why, with two different domains configured for postfix, I can send to domain A with "smtpd_tls_security_level = encrypt" but not to domain B. To send to both domains I have to configure "smtpd_tls_security_level = may". I assume this option makes tls encrypted connections optional but why would I need this turned off for the
<K4k> virtual domain B and not for A?
<RoyK> K4k: try #postfix
<bitfury> Hey guys, how do I change the time in ubuntu to 12 hour?
<JanC> 12 hour?
<JanC> you mean am/pm notation?
<JanC> or what?
<bekks> JanC: Yes.
<JanC> that depends on your locale
<JanC> same as in other linux/unix OS
<rww> you could make a custom locale, but that's a bit headachy
#ubuntu-server 2014-10-25
<tds5016> hi all. I'm running the following script (provisioning a vagrant install) https://dpaste.de/pFv8 and it appears the repo actually points to an old file, and not the current deb.
<tds5016> Can someone tell me how I'd either fix that or if there's a better way to isntall cassandra?
<m_anish> Hi. So I have a question. I have two machines with 14.04 server installed, and on both those... load avgs have been linearly increasing over time the past night. I observed them go past 1, 2, 4... and now they are 20+ ... Yet, the cpu usage is barely 2-3% and iotop doesn't show much activity. There's plenty of free RAM and the system in general seems responsive.
<m_anish> How should I diagnose the problem.
<mardraum> m_anish: what do you see in the "top" utility?
<m_anish> mardraum, http://fpaste.org/145061/20019314/ nothing unusual i think
<mardraum> how many cpus do you have? press "1" in top to show each one, and maybe "H" to show all threads
<mardraum> but yeah, I can't explain that at all
<m_anish> I have a dual core.
<m_anish> mardraum, did that.. doesn't help explain the mystery much
<m_anish> :/
<sheptard> I just updated to 14.10 via do-release-upgrade -d (from 14.04.1) and I didn't seem to get the new 3.16 kernel, I'm still on 3.13
<sheptard> no trace of a 3.16 kernel in /boot
<sheptard> apt-get upgrade says nothing to do
<m_anish> mardraum, huh it fixed itself... looking into the logs! (btw, I have some munin graphs if they'd help too ... looking at those too)
<m_anish> thx anyways
<Sachiru> Upgrading from 14.04 to 14.10, now my password isn't accepted. What gives?
<crocket> Can I install xubuntu desktop in ubuntu server installer?
<lordievader> Good morning.
<lordievader> crocket: I thought the Ubuntu server installer showed tasksel, so yes.
<crocket> lordievader, Why didn't it install xubuntu-desktop, then?
<crocket> "tasksel tasksel/first multiselect xubuntu-desktop" didn't install xubuntu-desktop in preseed.
<crocket> It installed xubuntu-desktop on netboot installer.
<lordievader> Hmm, perhaps it is not available in there, can't remember.
<crocket> Doh
<amarcolino> Hi thought I should ask my question here since it is more server related, I have two identical seagate ST350063A hdd, which have a vanilla install of ubuntu 14 lts configured with LVM. I am currently facing buffer i/o error on the disk connected as sda, it also heats up mmore than it should. However, it seems that if I shutdown and restart it boots perfectly fine until at some point, which I haven't pinpointed it goes back
<amarcolino>  to outputing the buffer i/o error... sector/logical block
<amarcolino> Just wondering whether there is a way for me to resolve this issue or use the disk until I can buy replacements?
<dasjoe> amarcolino: I'd check that disk's smart info, "smartctl -a /dev/sda"
<amarcolino> smartctl -Health gave me imminent failure wihtin 24hours -_-", what surprises me is that before this I was usig 12.4lts without a problem and I always do vanilla installs after formating the disks also the second hd identical is fine
<mardraum> disks can fail at any time, and sometimes if you never updated and rebooted the old install, it will run ok until it stops and starts
<amarcolino> thanks ive decided to just reformat the disks (again) and use the one that still works as the primary within a single lvm,  I'll keep the one giving errors around as sdb that way it wont affect the system even if it actually fails (just want to keep an eye on it) and I'll add a 125GB just in case I need a bit more space
<Techathy> Iâm trying to get a samba AD DC up & running with bind9 but Iâve hit a problm with apparmour. Iâve added the line â/var/lib/samba/private/dns/** rkw,â in /etc/apparmor.d/usr.sbin.named & rebooted the whole system.
<Techathy> However when I look in the logs I see âkernel: [  583.945027] type=1400 audit(1414252367.849:25): apparmor="DENIED" operation="open" profile="/usr/sbin/named" name="/dev/urandom" pid=2430 comm="named" requested_mask="wc" denied_mask="wc" fsuid=106 ouid=0â
<Techathy> any hints as to whatâs going on?
<TribalT> Hey guys. When running /etc/init.d/ssh start|stop|status I don't get any output, and the ssh service doesn't start|stop. I can use service ssh start, however I need a command for Monit.
<TribalT> (sorry, Ubuntu 14.04.1)
#ubuntu-server 2014-10-26
<lordievader> Good morning.
<Guyag> Somehow, my ubuntu server seems to have stopped accepting my key for authentication, despite me having no recollection of amending my authorized_keys file. Is there any way to check what the server sends as a challenge (i.e. can I check what public key it has on record for me?)
<lordievader> Guyag: Start ssh with the -v flag.
<rbasak> Guyag: I think it works the other way round. The client sends what it has, and the server says whether it is acceptable.
<Guyag> Mhmm, that's what it seems like rbasak
<lordievader> Hence the ssh -v, then you can see what is actually goin on.
<Guyag> debug2: we sent a publickey packet, wait for reply
<Guyag> that'll do it
<lordievader> Guyag: Could you pastebin the full output?
<dine909> how can i get a gpg-agent to run on a server, with no grpahical or user input?
<dine909> so i can script git-buildpackage with no intervention
<Joe_Spencer_> hi
<lordievader> o/
<Joe_Spencer_> i need help with isc-dhcp-server i can start and stop but system recognise its down
<Joe_Spencer_> its a fresh install with 14.10
<Joe_Spencer_> with 14.04 there were no problem
<Joe_Spencer_> then i cannot start stop from webmin
<Joe_Spencer_> can somebody help?
<dine909> try: sudo cat /var/log/upstart/isc-dhcp-server.log
<dine909> or
<dine909> tail /var/log/syslog
<lordievader> !webmin | Joe_Spencer_
<ubottu> Joe_Spencer_: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<dine909> also, look at using dnsmasq instead
<dine909> instead of isc-dhcp-server
<Joe_Spencer_> so i misconfigured first from webmin, but now its corrected
<Joe_Spencer_> here is my configuration
<Joe_Spencer_> http://pastebin.com/D6WUxb0f
<Joe_Spencer_> and the log error code is
<Joe_Spencer_> http://pastebin.com/rWNQT6Sw
<Joe_Spencer_> then system alive writes service down, but dhcp server alive and giving ip adress, and webmin see dhcp server not running
<Joe_Spencer_> so i try to start
<Joe_Spencer_> then it writes: start: Job is already running: isc-dhcp-server. is it a webmin bug?
<lordievader> Joe_Spencer_: Did you see the webmin factiod? This is probably one of its quirks.
<Joe_Spencer_> now i can say, dhcp server works well, and every pc gets his ip :)
<Joe_Spencer_> now i trying to find the bug
<lordievader> Joe_Spencer_: Read the factoid...
<lordievader> !webmin | Joe_Spencer_
<ubottu> Joe_Spencer_: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<Joe_Spencer_> wow and do you know ehy not?
<Joe_Spencer_> why
<lordievader> Joe_Spencer_: Says so in the factiod. Furthermore I have no experience with Webmin.
<cfhowlett> webmin has been downvoted for about 2 years now iirc
<lordievader> It ain't in the repo's either.
#ubuntu-server 2015-10-19
<TylerGets> What should be my first step in diagnosing why I cant ssh into my server? All other services are working fine..
<pmatulis> TylerGets: check /var/log/auth.log of the server you're trying to log into
<lordievader> Good morning.
<atralheaven_> I have problem with openvpn, I can't connect to it, is there anyone experienced with openvpn to help me? everything was ok I didn't change anything but I can't connect anymore
<thebwt> you're positive it's still listening on whatever port it's running on (mine runs on 443)
<thebwt> if you do 'sudo netstat -ntpl' . openvpn-openss should appear under 'program name'
<thebwt> oh, they're gone...
<atralheaven_> thebwt: are you speaking to me? I use 443 too
<thebwt> ah, perfect! do you see the service listening on port 443?
<thebwt> we need to see if it just died randomly, or if it was an update or something
<thebwt> or a server reboot
<thebwt> those are the normal ways that could cut off
<lordievader> Check the 1194 udp port too (or what ever it was).
<atralheaven_> with netstat -ntpl command? no there is just python and sshd
<thebwt> and you did it with sudo right?
<thebwt> ah yea, you got that output
<atralheaven_> well I was root user
<thebwt> ah gotcha
<thebwt> and you've already restarted the openvpnas service?
<atralheaven_> yes, several times...
<thebwt> mine outputs to '/var/log/openvpnas.log'
<atralheaven_> also the vps
<thebwt> do you have anything in that log?
<atralheaven_> I disabled ufw
<thebwt> the fact that there isn't an openvon-openss on netstat tells me it's not starting up
<atralheaven_> I don't have that file
<thebwt> do this: "ps aux | grep openvpn"
<thebwt> one of those should be the full line of the command, it should have a --logfile flag
<thebwt> and for that matter, also a --pidfile , stop the service and make sure that pidfile doesn't exist
<atralheaven_> this is output
<atralheaven_> http://pastebin.com/A9hf2Ypp
<atralheaven_> I didn't find logfile
<atralheaven_> but there is  pid
<atralheaven_> let me stop it first..
<thebwt> hmm, different type of install, then stop the service and see if that pid still exsists
<thebwt> (it shouldn't)
<atralheaven_> its gone,
<atralheaven_> root      8850  0.0  0.0  11740   924 pts/1    S+   13:38   0:00 grep --color=auto openvpn
<atralheaven_> its the only line
<thebwt> no
<thebwt> the actual file
<thebwt> @ /run/openvpn/server.pid
<atralheaven_> btw I followed this instruction: https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04
<thebwt> hmm
<thebwt> fun
<atralheaven_> /run/openvpn/ is empty
<thebwt> I'm not sure how to help much more, try to find out how to insert the --logfile flag into the startup (init script?).
<thebwt> you need that log
<atralheaven_> and openvpn service is stoped
<atralheaven_> internet without openvpn is useless here :(
<atralheaven_> everything is censored
<lordievader> Run the openvpn server manually, that will likely tell you why it crashes (if it does).
<thebwt> ^ true
<thebwt> (and if that doesn't work, if you're just trying to do web traffic, have you looked into ssh+socks5 ? it's way easier
<smoser> med_, i'm looking at week old scrollbacks and see your question about 2 boot volumes.
<smoser> i would suspect that vda woudl get booted most or all of the time.
<smoser> the bios probably reliably loads the grub from the "first" drive.
<smoser> but then the grub there (in a ubuntu cloud image scenario) will find a kernel and initramfs and a kernel command line like 'root=LABEL=cloudimg-rootfs'
<smoser> and if 2 devices have LABEL=cloudimg-rootfs, then you are not guaranteed reliable behavior.
<smoser> https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/665235
<ubottu> Launchpad bug 665235 in cloud-init (Ubuntu) "grub-legacy-ec2: attaching a volume to maverick instance may boot off it" [Wishlist,Won't fix]
<smoser> this could potentially be fixed by using LABEL=uuid
<smoser> err.. UUID=uuid
<smoser> but that doesn't guarantee anything in the face of duplicate uuid, which you would have in a snaphost case.
<bittin> http://open-zfs.org/wiki/Main_Page ZFS Devsummit :)
<atralheaven_> thebwt: hello...?
<thebwt> howdy
<atralheaven_> thebwt: sorry my internet was disconnected
<atralheaven_> do you remember me? I had problem with openvpn
<thebwt> I do, are you just trying to pass web traffic through?
<atralheaven_> thebwt: yes, to pass the censorship
<thebwt> you know you could just use an ssh tunnel with a socks proxy to do that right?
<thebwt> and you wouldn't have to manage this whole openvpn service
<atralheaven_> the block it
<atralheaven_> and on my phone I can't use it
<atralheaven_> they can't block openvpn easily
<thebwt> because you reached the extent of my openvpn knowledge
<thebwt> ah hotcha
<thebwt> gotcha*
<thebwt> hence the https/443
<atralheaven_> unless they use DPI
<atralheaven_> yes
<atralheaven_> openvpn was not on netstat list, what does that mean exactly?
<atralheaven_> if they use DPI, I will use obfsproxy or something like this, and they can do nothing about it!
<jwitk0> Hey All,  I'm having some issues with LACP on ubuntu server, problem described here http://serverfault.com/questions/541917/lacp-with-2-nics-working-when-either-one-is-down-not-when-both-are-up
<jwitk0> has anyone ever seen this before?
<thebwt> atralheaven_: it means that the program isn't bound to that port, possibly because it's failing to start
<jwitko> I'm actually trying on ubuntu 14.04 at this point
<atralheaven_> thebwt: how can I start it manually, to check if the problem is because of that? I tried restarting the service, rebooting, it didn't help
<atralheaven_> thebwt: can it be because no one is connected to it?
<thebwt> I'm not positive, look at the init script for it in /etc/inti.d/openvpnsomethinsomethingstometing
<thebwt> I doubt it
<atralheaven_> I have /etc/inti.d/openvpn file
<thebwt> yup dig through that ,that has the commands the system uses to start it)
<thebwt> .*
<atralheaven_> its a long file with alot of options, I think it write configs to server.conf file, maybe
<atralheaven_> is "/etc/init.d/openvpn start" different from "service openvpn start"?
<atralheaven_> thebwt: status says that: * VPN 'server' is running
<atralheaven_> if no one is connected to openvpn, should it be listed on output of netstat -ntpl?
<thebwt> yes, it's the thing that waits for people to connect
<lordievader> atralheaven_: /usr/bin/openvpn --config $CONFIG_DIR/$NAME.conf
<atralheaven_> lordievader: may you explain more?
<lordievader> atralheaven_: That is what I got from the init file.
<lordievader> I.e. that is what upstary/sysv-init runs.
<atralheaven_> lordievader: how can I make sure its running?
<atralheaven_> lordievader: "service openvpn status" says its running
<atralheaven_> but its not listed on netstat
<lordievader> atralheaven_: Does ps list it?
<atralheaven_> no :|
<atralheaven_> lordievader: what is ps?
<lordievader> atralheaven_: ps - report a snapshot of the current processes. See 'man ps'.
<atralheaven_> lordievader: what should I do?
<atralheaven_> lordievader: why shouldn't it be running now?
<lordievader> atralheaven_: 'ps aux|grep openvpn' does that return anything?
<atralheaven_> yes
<atralheaven_> when I stop openvpn service, its the output:
<atralheaven_> root     13514  0.0  0.0  11740   924 pts/2    S+   20:49   0:00 grep --color=auto openvpn
<atralheaven_> when its running, its more
<lordievader> Okay, so it does run. Check it's log why it ain't claiming the ports.
<atralheaven_> where is the log file? I couldn't find it
<lordievader> http://askubuntu.com/questions/276664/where-are-the-openvpn-connection-logs-and-configuration-files
<atralheaven_> what should I be looking for in the logs?
<lordievader> atralheaven_: Why it ain't claiming the ports. Read them and see what it is and is not doing.
<atralheaven_> I don't have "/var/log/openvpn.log" file, and "grep VPN /var/log/syslog" just says that openvpn ... built on .....
<lordievader> http://ubuntuforums.org/showthread.php?t=2198079
<atralheaven_> lordievader: I've set verb to 6, im going to check again...
<atralheaven_> lordievader: I found this: TLS key negotiation failed to occur within 60 seconds (check your network connectivi$
<atralheaven_> lordievader: TLS Error: TLS handshake failed
<lordievader> That is rather unlikely the reason for him not listening to the ports.
<lordievader> Are you sure you have a server configuration?
<atralheaven_> what do you mean?
<atralheaven_> server.conf file?
<lordievader> atralheaven_: I don't think a server should try and setup an ssl connection. That'll come when a client tries to connect.
<lordievader> Hence the TLS handshake stikes me as odd for a server.
<atralheaven_> I use port 443 for openvpn
<lordievader> That is not what I am saying... Could you pastebin your server config?
<atralheaven_> and openvpn uses easy-rsa for making  keys
<atralheaven_> sure
<atralheaven_> lordievader: http://pastebin.com/qDAiHxgY
<atralheaven_> what is strange for me is why it was working fine, and stopped working when I didn't do anything
<lordievader> Updates?
<lordievader> Something must have changed.
<lordievader> The config you gave works fine.
<lordievader> You should have seen a connection in the logs.
<lordievader> Wasn't there some country firewall there?
<lordievader> If so you might want to make it connect over tcp:80 instead of udp:1194/
<atralheaven_> it may be because of country firewalling
<atralheaven_> I used port 443 for it
<atralheaven_> but there can be DPI
<atralheaven_> that's why I wanted you to check if it connects
<atralheaven_> and sent you the .ovpn file
<lordievader> DPI doesn't really come in to play, they read garbage.
<lordievader> Anyhow openvpn really communicates over udp:1194.
<atralheaven_> what do you mean?
<atralheaven_> they can block 119
<atralheaven_> 4 easily
<lordievader> atralheaven_: Precisely the point ;)
<lordievader> Hence the advice to use a common port like tcp:80 ;)
<atralheaven_> ok so I changed it to 443
<lordievader> How?
<atralheaven_> on the config file
<atralheaven_> and user file too
<atralheaven_> but if they use DPI, it wont work anymore
<lordievader> DPI has nothing to do with this.
<atralheaven_> so I wanted someone from another country to check if he can connect to it
<lordievader> The packet contents is encrypted.
<atralheaven_> thats why tor team made obfsproxy
<atralheaven_> because of DPI
<atralheaven_> lordievader: I have to go soon, what do you suggest to do?
<lordievader> Are vpn's illegal there?
<atralheaven_> yes
<atralheaven_> where I live
<lordievader> Then I cannot give any advice. Read the guidelines.
<atralheaven_> vpn is illegal where I live, not where you live!
<atralheaven_> I use vpn to bypass censorship
<lordievader> True, but if I help you in doing something illegal I am still an acomplice.
<atralheaven_> but where you live, in your law, its not illegal
<lordievader> Search the web, figure this one out on your own. There are plenty of resources on this.
<atralheaven_> for us its illegal but only on paper.... every person use something to change her/his ip, internet is useless without it!
<lordievader> Anyhow you have ssh, use that as a proxy.
<atralheaven_> I don't understand why you are worry about it? I should be worry not you
<atralheaven_> yes I can, but only on my laptop
<atralheaven_> and they have blocked it before, I don't know it works now or not
<lordievader> I have agreed to the CoC, hence I cannot help you in doing something illegal. That it ain't illegal here doesn't matter, that it is illegal there does.
<atralheaven_> you can't help me doing something illegal in which law?
<atralheaven_> law of where?
<lordievader> The Code of Conduct ain't a law.
<atralheaven_> I don't understand :| where I live, we have countless stupid laws that are only on paper, many people don't even know they exist, internet without a vpn/proxy is useless here, you can do nothing with it...
<atralheaven_> it shouldn't be illegal on this channel too
<atralheaven_> but its ok...
<atralheaven_> I will do something myself :|
<atralheaven_> thanks
#ubuntu-server 2015-10-20
<arrrghhh> hello all.  just installed mythtv again, and I'm having an issue with the service - the program says start/running when I start it from the service, but it immediately stops.  What logs can I look at?  /var/log/messages doesn't have anything, and /var/log/mythtv doesn't have any logs for the backend
<arrrghhh> oh there's a /var/log/upstart folder... hm
<arrrghhh> that was the ticket
<lordievader> Good morning.
<rbasak> kirkland: do you think bug 1505473 needs an SRU to Trusty?
<ubottu> bug 1505473 in pollen (Ubuntu Trusty) "pollen does not start on boot" [High,Triaged] https://launchpad.net/bugs/1505473
<kirkland> rbasak: I don't think so
<kirkland> rbasak: as far as I'm aware, there's only one pollen server in production in the world, and they use the ppa:trusty/ppa :-)
<kirkland> rbasak: so I'd say don't worry about it unless canonical IS asks you to
<rbasak> kirkland: ah OK, thanks. I got confused between pollen and pollinate.
<przemytriel> Hello guys any monitoring tool for nagios? like nagstamon?
<bekks> przemytriel: NAgios IS the monitoring tool :P
<rbasak> Who watches the watchers? :-)
<bekks> The congress ;)
<lordievader> Your users?
<przemytriel> bekks:  :)
<arrrghhh> Hello all.  Seem to be having a logging issue, my auth.log is 0b, my syslog is 0b, kern.log 0b... found https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1059854 and tried changing the rsyslog line from reload to restart, didn't seem to help
<ubottu> Launchpad bug 940030 in rsyslog (Ubuntu) "duplicate for #1059854 rsyslog stops working after logrotate until restarted" [Critical,Confirmed]
<lordievader> Are you using 15.04?
<arrrghhh> lordievader, 14.04.3
<lordievader> Hmm, rsyslog is configured to output logs to there?
<lordievader> Comment #9 on the bug report doesn't work for you?
<arrrghhh> and tried changing the rsyslog line from reload to restart, didn't seem to help
<arrrghhh> and yes looking at 50-default.conf in /etc/rsyslog.d/ seems to be correct
<arrrghhh> lordievader, evidently I don't look at my logs frequently haha.  Seems this issue started around August 10 2014, which I believe is around when I upgraded to 14.04 (it was running 12.04)
<lordievader> arrrghhh: bug 940030 reports a different workaround.
<ubottu> bug 940030 in rsyslog (Ubuntu) "rsyslog stops working after logrotate until restarted" [Critical,Confirmed] https://launchpad.net/bugs/940030
<arrrghhh> lordievader, all of these bugs seem to indicate a reboot of the system would resolve it
<arrrghhh> I just rebooted to resolve an issue with mythtv logs, and I'm still not getting the auth.log/kern.log/syslog/etc
<arrrghhh> just changed that tho, restarted rsyslog and still nothing
<arrrghhh> files have not been touched
<lordievader> arrrghhh: No, they suggest a restart of the rsyslog service.
<arrrghhh> that does not work either... I've restarted rsyslog a few times now.  Everytime I adjust that config file
<arrrghhh> hm.  looking at permissions this might be the issue... root/root is the owner
<arrrghhh> dmesg is root/adm
<lordievader> arrrghhh: Run rsyslog manually instead of as a daemon.
<arrrghhh> lordievader, sudo rsyslogd?
<lordievader> Look in the upstart file, I have no idea.
<arrrghhh> lordievader, it still runs as a daemon...
<lordievader> arrrghhh: How did you start it?
<arrrghhh> sudo rsyslogd
<arrrghhh> start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $RSYSLOGD_OPTIONS
<arrrghhh> $DAEMON = /usr/sbin/rsyslogd
<lordievader> arrrghhh: Check the manpage of rsyslogd.
<bittin> https://air.mozilla.org/release-engineering-at-facebook/
<arrrghhh> so I ran rsyslogd -d which spat a ton of info into the console... but I'm not seeing any errors
<arrrghhh> it doesn't seem to run continuously tho... I'm not sure if that's normal or not
<arrrghhh> so I'm still not getting anything in auth.log, syslog etc...
#ubuntu-server 2015-10-21
<lordievader> Good morning
<sliddis> If I change an option in a DHCP-server (eg dns server), and a client has a lease. After half the lease-time the client will ask if it still can use it's address, right? Would the client also apply the new DNS servers from DHCP at the same time? Or does the client have to release and renew completely to receive the new DNS?
<rbasak> I think the renewal will cause it to pick up the new DNS servers (through DHCP options present in the renewed lease) but I'm not absolutely sure.
<rbasak> The client doesn't *have* to renew at half the lease time. Technically it could wait all the way to the end.
<bekks> sliddis: No, it just asks wether the lease is still valid.
<bekks> sliddis: For applying new options, you need to request a new IP address.
<sliddis> bekks: are you sure? If the client asks if the lease is valid, the server never sends options?
<bekks> I am pretty sure of it, yes.
<rbasak> In that case a smart DHCP server should refuse the renewal and force the client to take an entirely new lease.
<rbasak> No idea whether that happens or not though,.
<sliddis> It seems though like the clients have recieved the new dns server. I dont get any firewall hits on the old dns server. Although not verified.
<sliddis> I am using a mikrotik routerOS as dns-server
<sliddis> I am using a mikrotik routerOS as dhcp-server*
<sliddis> not dns -_-
<chRi____> Hi all! That's my first activity here so please be kind ;)
<chRi____> I'm normaly doing webdevelopment, but since a lot of my colleagues don't bother, I also administer most of the webservers and I'm loving the out-of-the-box configuration that ubuntus vanilla lamp-stack offers...
<chRi____> But now I have a strange problem:
<chRi____> I installed a Ubuntu Server 14.04.3 LTS as a virtual machine inside a KVM/libvirt infrastructure.
<chRi____> My Images are qcow2 and I enabled LVM for my ext4 fs.
<chRi____> Strange thing and I'm not sure if it is really Ubuntu related, you guys have to decide:
<chRi____> I (re-)installed a php application via composer several times and had the strange result, that all the executable bits where removed from scripts that need to be run right after the php-apps installation. What might be the problem?
<chRi____> The git-repo that gets cloned via a packagist-link, has the executable bits, but the decompressed files don't... Any Ideas?
<chRi____> I'm able to run other scripts, so at least I assume, there is no "noexec" mount flag set or so...
<chRi____> I would be really glad if someone could help or has also experienced such behaviour in the past!
<chRi____> Best Regards,
<chRi____> Christian
<bekks> git doesnt keep track of executable permissions, since thats irrelevant for a RCS.
<rbasak> Yes it does.
<rbasak> $ git diff
<rbasak> diff --git a/foo b/foo
<rbasak> old mode 100644
<rbasak> new mode 100755
<rbasak> It's only the executable bit mind. I had actually set foo to 0700 in that example.
<bekks> Then how does it handle permissions for two different client OS?
<rbasak> No idea. All I'm saying is that it does track the executable bit (but not whether it's assigned to user, group or other - it seems to just be one bit)
<bekks> ah ok.
<chRi____> @rbasak: that's what I also exprienced until yesterday
<chRi____> excutable bit was still there
<rbasak> chRi____: I don't know what composer is.
<rbasak> chRi____: but your problem lies in the area of how you deploy it
<chRi____> its a package manager for php
<rbasak> You are welcome to try here but you might find more people are likely to know the answer in a PHP related channel or something.
<rbasak> It doesn't sound like your problem is Ubuntu-specific.
<chRi____> You maybe right... But I'm asking here, because I have an Arch Workstation at home and the the same composer-based installation leaves the executable bits intact
<chRi____> And I can't remember that I had this problem before, when I used 14.04.1 LTS or so...
<rbasak> There could be a bug in Ubuntu then, or a bug in composer in how it handles an Ubuntu system.
<rbasak> Somebody who knows composer will need to pin it down.
<rbasak> Is composer packaged in Ubuntu or are you installing it from an external source?
<chRi____> since it really is just an php application archive it's installed via curl and you can than install it "globally" by simlinking the composer.phar
<chRi____> I will try to get in  touch with the composer-minds!
<chRi____> thanks!
<alximych> hi! I intstalled fail2ban and each time I start the service I receive an email notification that fail2ban was started. I have already tried to create a senamail.local, mail.local, sendmail-common.local, etc. files and override actionstart = (nothing), but I still get notifications. How do I disable service started/stopped mail notifications?
<smo80> hi
<smo80> i have a new fujitsu primergy tx 1330 m1 server... with damn hardware raid controller.... first i made a software thru ubuntu installer, no problems but when i reboot i don t have anything to choose in the bios to boot on, so i created a raid array thru the raid controller interface on boot... it add an raid arrray"
<smo80> option to the bios
<smo80> but once i return to ubuntu installer i can t make the partitions as i want... i m trying lvm, i can create my group and logical volumes but don t know what to choose at the grub-install , /dev/????
<smo80> i tried /dev/sda, /dev/mapper/md126 and others it always fail
<alximych> *solved my issue by creating 9 .local files...
<pmatulis> morning
<smoser> hey. an someone who has a "fresh"-ish ubuntu run 'echo $TERM' from a gnome-terminal ?
<smoser> i'm pretty sure i've not touched that, but one can never be sure.
<rbasak> smoser: xterm on gnome-terminal on a system that booted Vivid but is actually now running Wily (not rebooted yet).
<rbasak> Though it's not really a fresh machine. Upgraded for many years. I don't recall ever touching terminal stuff though.
<smoser> and ?
<rbasak> "xterm"
<fishcooker> i have 2 dns cache, 1 server take so long to resolve yahoo.co.uk, but the another one take short time to resolve, how to inspect the case?
<soc42> hi
<soc42> i want to configure xdebug settings on ubuntu 12.04, but can't find the right .ini file to change these settings
<soc42> the .ini-files i found only containt the path to the xdebug.so module, but no xdebug config options... ?
<soc42> as i am doing a $> php -i the current xdebug settings appear, but where the heck are they set?
<soc42> i checked all files, which appear for $> php --ini
<Odd_Bloke> smoser: Argh, just upgraded to wily and now I'm hitting https://bugs.launchpad.net/ubuntu/+source/gnome-terminal/+bug/1463072
<ubottu> Launchpad bug 1463072 in gnome-terminal (Ubuntu) "highlighting on left mouse double click ends at :" [Medium,Invalid]
<smoser> :)
<Odd_Bloke> smoser: I'd be tempted to say that we should be doing something to make this less painful for our users.
<Odd_Bloke> Though as I am one of those users, I am somewhat biased. :p
<Odd_Bloke> In fact, I might just stop using gnome-terminal.
<rbasak> hallyn_: need any help with bug 1490110?
<ubottu> bug 1490110 in lxc (Ubuntu) "package lxc 1.1.3-0ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 100" [Medium,Confirmed] https://launchpad.net/bugs/1490110
<hallyn_> rbasak: yes i do.  got any idea what's going on there?
<rbasak> hallyn_: no idea, I've not looked apart from confirming the reproducer. I can start digging though I only have 45 minutes left today. I can carry on looking tomorrow.
<arrrghhh> Hey all.  Still having issues with syslog, kern.log, auth.log etc being completely empty and untouched files.  I found a bug which looks like it's related, but the 'fix' didn't work for me.  https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1059854
<ubottu> Launchpad bug 940030 in rsyslog (Ubuntu) "duplicate for #1059854 rsyslog stops working after logrotate until restarted" [Critical,Confirmed]
<Overand> Is there any reason I should or shouldn't use ext2/3/4 for /boot?
<Overand> (Do we need /boot anymore? I'm looking at using LVM, so, mayube?)
<jpds> Overand: No, grub can do LVM
<Overand> Also, thoughts on using XFS vs EXT4?  This is 14.04
<jpds> Overand: You only need a /boot when you do encrypted /
<jpds> Overand: XFS is useful for lots of small files I think
<Overand> 75% of my systems are 14.04 with ext4, ~5% are 12.04, and ~15% are CentOS 7 with XFS
<hallyn_> rbasak: it kinda rings a bell of when i converted libvirtd to systemd,
<jpds> Overand: For /boot, you could probably just do ext4
<Overand> (I more meant xfs for / or /var maybe, but I don't really care one wya or another)
<hallyn_> so system was systemd, but no systme job so sysvinit job was running.  on upgrade, systemd lost track of the sysvinit job.
<hallyn_> but, that cant be the case really...
<Overand> Just building out a new template, wondering what the best-practices are these days.  Defaults on Ubuntu have been EXT4 so I've been using EXT4, likewise XFS on CentOS 7
<RoyK> jpds: XFS historically was rather bad on lots of small files, but I think most of that has been fixed now
<Overand> I'll probably stick with ext4, but I suppose I'll want to enable xattrs unless there's some raeson not to
<RoyK> jpds: Apart from that, the only reason I'd recommend ext4 over xfs is if you ever would want to shrink the filesystem
<RoyK> Overand: I don't know any reason not to use xattr - it's been stable for years
<RoyK> the main reason redhat switched to XFS was for big-ish data - ext4 isn't very good on large filesystems when you have to do an fsck
<Overand> These will probably just be fairly bog-standard LAMP servers usually
<RoyK> I had to fsck a 9TiB fs some weeks back, and it took ~8 hours
<Overand> At least so it seems based on our trajectory
<Overand> RoyK: Yeah, I ahve a fairly large ext4 volume at home.  RAID 6 setup with 5 2TB SATA disks
<Overand> like 85% of the array is sliced up as raid 6, actually, the rest is RAID 10 and raid 1
 * Overand really wishes everyone ever involved in ZFS could get into a room and sign a licensing change
<jpds> Overand: Probably easier to use btrfs
<RoyK> Overand: hehe - you can use zfsonlinux, though
<RoyK> jpds: really?
<RoyK> jpds: last I checked, raid[56] on btrfs was still experimentally
<jpds> RoyK: I read these days that it performs better than zfs
<jpds> RoyK: Yeah, the raid[56] part is the only flaky bit
<RoyK> I'm not sure
<jpds> http://www.diva-portal.org/smash/get/diva2:822493/FULLTEXT01.pdf
<arrrghhh> although bug 1059854 doesn't really match up with my issue... rebooting the server/rsyslog service I still do not get any logging...
<ubottu> bug 940030 in rsyslog (Ubuntu) "duplicate for #1059854 rsyslog stops working after logrotate until restarted" [Critical,Confirmed] https://launchpad.net/bugs/940030
<Overand> the raid5/6 part is the paort i want
<Overand> well, raid 6/7
<Overand> (coupled with the checksumming features and such)
<Overand> god there are so many friggin' filesystems out there
<quantic> "raid 7" interesting.
<Overand> https://en.wikipedia.org/wiki/List_of_file_systems#Disk_file_systems
<Overand> quantic: raid 6 isn't going to be that useful for long
<Overand> they need to start naming them differently though
<Overand> it should be raid 6+1 or somesuch
<Overand> http://www.zdnet.com/article/why-raid-6-stops-working-in-2019/
<quantic> yeah, raid 7 doesn't actually exist.
<quantic> Except for one proprietary thing from one company.
<jpds> RAID10 is what seems to be suggested these days
<quantic> RAID10 for active data, RAID6 for archive data.
<quantic> RAID6 can be used for active data if it's bulk, non-write-heavy data like a fileserver.
<quantic> But if you want to know what pain is, run a database server off of RAID6. :P
<RoyK> jpds: depending on use
<RoyK> quantic: depends on the database - a typical LAMP server's database can reside happily on r6
<RoyK> quantic: it all depends on how much iops you need
<quantic> RoyK: I think that that's kinda obvious... or I wouldn't have mentioned write-heaviness as a decision point.
<RoyK> quantic: most people don't databases that demanding
<quantic> RoyK: That's true. Sorry, I'm used to high-demand databases. Enterprise environments and that.
<RoyK> quantic: I'm managing some database servers at work (college with 25k students and 2k employees) and we don't have much that requires r10, even if we use it for them
<quantic> RoyK: By high-demand I mean write-heavy as HELL.
<quantic> RoyK: What's the read-write load of your database? Just curious.
<RoyK> quantic: I haven't really checked - sar -b reports 10:1 write/read on the postgres thing, and something 3:1 write/read on the mysql thing
<RoyK> wait - that's bytes
<RoyK> a lot more writes according to sar's tps data
<qman__> I've been using ZFS on Linux for over a year now, there were some bumps in the beginning but it's been pretty stable since
<qman__> And those bumps were stuff like manually adding a boot wait so it'd assemble properly
<RoyK> qman__: tbh, I haven't seen any issues at all after my PSU was replaced with something big enough to handle all the drives :)
<qman__> And tweaking the arc size
<arrrghhh> so... any ideas on my logging issue?  nothing is getting to syslog, auth.log, kern.log... they are 0b files which haven't been touched in a while.
<RoyK> arrrghhh: lsof -p `pidof rsyslogd`
<RoyK> arrrghhh: perhaps it's not been properly reloaded after logs were rotated
<arrrghhh> yea I found a bug which suggested changing 'reload' to 'restart'... but that didn't make a difference in my case
<RoyK> arrrghhh: a killall -1 rsyslogd should make it reload its config, close its open files and reopen them
<arrrghhh> wow that lsof command put out a lot.  let me redirect to a file
<RoyK> paste it to pastebinit ;)
<RoyK> that is
<arrrghhh> oh.  9662: command not found
<arrrghhh> lsof: status error on 9662: No such file or directory
<RoyK> lsof -p `pidof rsyslogd` | pastebinit
<RoyK> did you forget -p ?
<arrrghhh> derp I did -l
<arrrghhh> what is wrong with me today...
<arrrghhh> http://paste.ubuntu.com/12886930/
<arrrghhh> w/sudo http://paste.ubuntu.com/12886934/
<arrrghhh> hm.  doesn't seem to be interacting with any of the /var/log 'system' files.
<arrrghhh> mythtv is logging properly tho, I can confirm that
<RoyK> arrrghhh: did you do something interesting to the rsyslog config?
<arrrghhh> RoyK, well I did make a change after I noticed the issue based on that bug 1059854
<ubottu> bug 940030 in rsyslog (Ubuntu) "duplicate for #1059854 rsyslog stops working after logrotate until restarted" [Critical,Confirmed] https://launchpad.net/bugs/940030
<arrrghhh> hm I didn't try this "create 640 syslog adm" to /etc/logrotate.d/rsyslog
<arrrghhh> I swapped "reload" with "restart"... I think there was a different bug I was looking at yesterday
<RoyK> arrrghhh: which version of ubuntu is this?
<arrrghhh> 14.04
<RoyK> never seen that issue...
<arrrghhh> evidently I haven't looked at system logs in a while, it almost appears this has been an issue since the upgrade
<arrrghhh> I went from 12.04 to 14.04 last summer
<RoyK> arrrghhh: please pastebin /etc/rsyslog.conf and the files under /etc/rsyslog.d
<arrrghhh> http://paste.ubuntu.com/12886986/
<marka13> Does anyone know if Landscape/Autopilot have their own channel?
<arrrghhh> http://paste.ubuntu.com/12886992/
<arrrghhh> http://paste.ubuntu.com/12886994/
<arrrghhh> http://paste.ubuntu.com/12886996/
<arrrghhh> http://paste.ubuntu.com/12886998/
<RoyK> arrrghhh: try to stop rsyslogd and start it manually with -d
<arrrghhh> hm stopping the service and the process is still running... kill -9 tiem
<arrrghhh> marka13, I just searched, there is #ubuntu-autopilot
<arrrghhh> RoyK, http://paste.ubuntu.com/12887022/
<RoyK> arrrghhh: check lsof again
<arrrghhh> hm looks about the same...
<arrrghhh> http://paste.ubuntu.com/12887042/
<RoyK> can you try to move the mythtv file aside and restart rsyslogd?
<arrrghhh> interesting that rsyslog is still running but it stopped putting text into the terminal...
<arrrghhh> RoyK, so mv /var/log/mythtv/mythbackend.log 'somewhere else'?
<RoyK> arrrghhh: /root or something
<RoyK> erm
<RoyK> no
<RoyK> not the log
<arrrghhh> /tmp?
<RoyK> the one in /etc/rsyslog.d/
<arrrghhh> oh 10-4
<RoyK> arrrghhh: don't use /tmp, some distros wipe that from time to time or even use tmpfs, so never store anything valueable there
<arrrghhh> alright put it in ~
<RoyK> (which probably is /root)
<RoyK> make sure the process is dead before you try to start things again
<arrrghhh> http://paste.ubuntu.com/12887066/ startup
<arrrghhh> yea I kill -9'd it
<arrrghhh> lsof http://paste.ubuntu.com/12887068/
<RoyK> run 'logger "what's happening to my system???"'
<arrrghhh> syslog is still 0b
<arrrghhh> I assume that should insert to syslog?
<RoyK> it should indeed
<RoyK> Oct 21 19:20:46 roysk roysk: what's happening to my system???
<arrrghhh> ya empty... looking at perms, is this correct?
<arrrghhh> -rw-r-----  1 root      adm       0 Aug  8  2014 syslog
<arrrghhh> shouldn't it be syslog adm?
<RoyK> it's root:adm here
<arrrghhh> hm.  File hasn't been touched since 8/2014 :/
<RoyK> remove the log files and try to restart rsyslogd again
<arrrghhh> k
<RoyK> (or move them away)
<arrrghhh> yay lsof shows it's accessing them
<RoyK> perhaps time for a little fsck ;)
<arrrghhh> and it appears to have a non-zero size
<arrrghhh> ehm
<arrrghhh> it shows syslog:adm now... probably because of that change I made
<arrrghhh> -rw-r-----  1 syslog    adm     397 Oct 21 11:23 syslog
<arrrghhh> Oct 21 11:23:28 nas rsyslogd-2039: Could no open output pipe '/dev/xconsole': No such file or directory [try http://www.rsyslog.com/e/2039 ]
<arrrghhh> that may be an issue....
<arrrghhh> but auth.log is working, kern.log
<arrrghhh> what else did I delete other than syslog
<arrrghhh> well those are the main ones I care about.  odd issue... thanks RoyK !
<RoyK> arrrghhh: I suspect an old logrotate config may change the user to root after its run
<arrrghhh> https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/940030 << per that bug I changed /etc/logrotate.d/rsyslog
<ubottu> Launchpad bug 940030 in rsyslog (Ubuntu) "rsyslog stops working after logrotate until restarted" [Critical,Confirmed]
<arrrghhh> I added create 640 syslog adm
<RoyK> arrrghhh: ok
<RoyK> arrrghhh: at least now you know where the error was - if it happens again, please call
<arrrghhh> :) thanks!!!
<RoyK> np :)
<marka13> does landscape/autopilot have their own channel?
<arrrghhh> marka13, I just searched, there is #ubuntu-autopilot
<arrrghhh> (fyi I said that almost an hour ago :P)
<marka13> sorry didn't see it
<arrrghhh> np, I did ping you hoping you would
<arrrghhh> it was mixed in with my troubleshooting mess
<marka13> ya saw that
<marka13> and I've been in TS hell myself  ;-)
<atralheaven_> Hello, I need someone outside of china, to test my openvpn connection. I can't connect to it I want to know if it is because of country firewalling
<rbasak> I'd ask someone you know personally! Do you really want some stranger connecting to your VPN? Similarly, I don't want to connect to some stranger's VPN, as a malicious one could do weird things to my system.
<jpds> atralheaven_: You know that the great firewall doesn't block SSH at all?
<atralheaven_> rbasak: I just want to see if it connects, and the ip is right, you don't need to browse with it! and I will revoke the certs so its not a problem
<atralheaven_> jpds: Im using it now, but I need openvpn, it was working.... now it doesn't
<jpds> atralheaven_: Why do you need openvpn when you have working ssh?
<atralheaven_> jpds: openvpn is faster and works easily everywhere.
<atralheaven_> may just someone help me to test it :(
<atralheaven_> is it something risky?
<rbasak> atralheaven_: an OpenVPN server can send arbitrary routes that the client will put into its routing table, for a start.
<rbasak> It might be possible to disable that at the client end, but I wouldn't recommend that anyone connect to an untrusted OpenVPN server for security reasons.
<atralheaven_> rbasak: what about testing on a vm?
<rbasak> Also the server might be able to route via a client, too.
<rbasak> So nobody can be sure that you aren't intending to use the client's Internet connection for nefarious purposes.
<rbasak> That applies to a VM, too.
<atralheaven_> rbasak: what about connecting just for a second? to see it connects, and doesn't fail
<rbasak> Ask someone you trust.
<rbasak> (and who trusts you)
<atralheaven_> if I had someone outside of here who could help me I wouldn't come here :|
<rbasak> Buy some instance time on EC2 or something.
<atralheaven_> if I run ssh socks on my system, and then connect to openvpn, if the problem be from the country firewalling, should I be able to connect?
<atralheaven_> for using openvpn with obfsproxy, do I need 2 servers? I have one vps
<ponyofdeath> anyone have any ideas why using ssh -f -N -D 8080 to set up a tsocks proxy times out after tyring to use it?
<ponyofdeath> i have tsocks and the tunnel set up
#ubuntu-server 2015-10-22
<MACscr> whats the proper way to limit the number of kernels installed on my ubuntu servers? I only want to keep the newest one and whatever is installed
<MACscr> bikeshed seems cool, but for a small server, it it installs way to many packages
<pmatulis> MACscr: cron-triggered shell script?
<sarnold> I thuoght apt had some clever setting about that
<MACscr> i know yum does, but doesnt seem like apt does
<pmatulis> MACscr: http://askubuntu.com/questions/563483/why-doesnt-apt-get-autoremove-remove-my-old-kernels perhaps?
<MACscr> pmatulis: oh there are tons of ways to do it, but im quite surprised there isnt an official way that doesnt require scripting
<sarnold> pmatulis: YES!
<sarnold> pmatulis: now why isn't that in the first three pages of google results? heh
<RoyK> MACscr: wht the newest kernel?
<MACscr> RoyK: not sure. why does it matter?
<RoyK> MACscr: the older ones work well too ;)
<MACscr> and?
<MACscr> i have limited space for the OS storage
<MACscr> so want to keep things as minimal as possible
<RoyK> a new kernel woon't help that
<MACscr> still not sure what that has to do with my question
<k2gremlin> Hello all, quick and easy question for you guys. I am trying to setup a br0 interface. I have installed bridge-utils and configured in my /etc/network/interface file. When I try to do ifup br0 it tells me cannot find device br0. Thoughts?
<ianorlin> k2gremlin: did you reload the config file?
<lordievader> MACscr: Apt should only keep the current and current -1 kernels when running apt-get autoremove.
<qman__> MACscr, lordievader: it should, but often doesn't, I'm not sure exactly why. I solved the problem for me by writing a script which removes all but the currently running and most recent kernels, and put it in cron.weekly. https://deadface.org/index.php?p=kernelkeeper
<qman__> it's also variant aware, so if you ahve more than one kernel variant (such as -generic and -rt) it manages both variants separately
<MACscr> it does seem to work sometimes and other times it doesnt. its weird
<lordievader> qman__: Nice ;)
<adun153> Anybody here experienced with LVM in DRBD?
<adun153> In DRBD, If I re-create an internal MD, will it delete the data?
<atralheaven_> how can I create a user that can do nothing, and access to nothing, only for using ssh socks proxy?
<atralheaven_> I mean ssh -D port user@ip
<jonah> Hi I just wanted a bit of advice. Upto now I've always rented servers from a datacentre, but I now want to have a pysical office server. I've started building it and have ordered most of the parts BUT before I start installing ubuntu server I just wanted to check about the best options for disk/raid setups. I've read it is good to keep the OS on a seperate disk and then have a raid for the data?
<jonah> But the server I'm building is mainly going to be for websites, cloud login storage and basically just a LAMP
<jonah> so I ordered an SSD to put ubuntu on and then 4 x 5.25" drives for the raid
<rbasak> Why do you want RAID?
<jonah> will this work, or is it just as well to stick everything on one raid?
<rbasak> For reliability or performance or something else?
<jonah> rbasak: well I already have a big enough backup drive to backup the raid, so I just wanted the speed and the potential to hotswap and expand/repair if a drive goes down
<rbasak> So all of the above :)
<jonah> rbasak: haha yeah
<jonah> rbasak: but before I put the disks in the server case, I'm wondering if I should just install ubuntu on the raid and then install lamp as normal and leave it that way. Is there an advantage of having the extra SSD drive there? I've read a lot of conflicting things and also don't know how I'd actually get it to work right and set it up
<rbasak> My home server runs on two disks with RAID-1 and LVM on top of that.
<rbasak> I have no need for an SSD on my server. Cache suffices for me.
<rbasak> You could look into bcache but we don't have installer support for that yet. Depends on how much you're prepared to do manually, skill level, etc.
<jonah> so do you think I'm best just leaving that SSD out of there or is there a way I can use it to improve performance. I suppose I thought the OS would be faster and the boot/reboot fast etc.
<jonah> I don't have that much skills with linux, I use it as a desktop daily and also do a few ssh into data centre and copy the odd thing etc but not too sure about raids, fdisks, partitions, caches and the like
<rbasak> If you have enough RAM then you won't get much of an OS speedup with an SSD, except when doing things that you haven't done in a while (presumably non-workload things).
<rbasak> Boot will be faster but does that really matter on a server?
<rbasak> I'd stick to what the installer lets you set up. Keep it simple. The closer your configuration is to others, the less likely you are to be on your own for any problems.
<shauno> I think one thing to remember putting the OS on a separate disk, is that you've chosen raid for reliability, and then introduced another disk as a single-point-of-failure anyway.  murphy says the non-raid disk will be the one that goes.
<jonah> ok great thanks, so i just put the normal drives in (leave out the ssd) and just use what ubuntu installer offers me and it will set up the software raid and install all the defaults?
<jonah> then I just back up the whole raid to my backup drive?
<rbasak> I'd say so, yes. Though I haven't used the installer in a while so I can't really help with that part.
<rbasak> I would definitely have RAID-1 at a minimum for a server nowadays though. Disks are guaranteed to fail eventually and it's a very easy way to get continuity.
<jonah> baffle: ok thanks I'll opt for just the raid in that case, I was going to use raid 5 as most lamp servers I think use that, will that be ok?
<jonah> rbasak: sorry sent the last reply to baffle by mistake! oops
<rbasak> RAID-5 does what it says on the tin. It's just a cost/risk thing.
<rbasak> But understand that your disks will fail eventually. If they're both from the same batch and have had a similar workload (eg. by being part of a RAID) then they are likely to fail at around the same time.
<rbasak> I've seen disks fail during RAID-1 and RAID-5 reconstruction.
<rbasak> I do not put disks from the same batch into a RAID.
<rbasak> (well 1 or 5)
<rbasak> IMHO buying five of one SKU all at once and putting them into a RAID-5 is pointless. Might as well just have a RAID-0 for all the good it does.
<Walex2> rbasak: that's a bit excessive...
<rbasak> Walex2: which bit?
<Walex2> rbasak: anyhow I have seen commercial storate systems with hundreds of identical drives with virtually consecutive serial numbers...
<Walex2> rbasak: the "five of one SKU ... just have a  RAID-0 for all the good it does
<rbasak> Maybe those storage systems are doing more to handle concurrent failures?
<rbasak> In a previous job we won business due to concurrent RAID disk failures by previous suppliers not doing this.
<rbasak> It was a reasonably regular thing, in that I've seen it multiple times.
<rbasak> With both commodity SATA and expensive "server grade" SCSI drives.
<rbasak> Or perhaps they didn't wait for drives to fail before replacing them? I don't know.
<Walex2> rbasak: I agree that is a bad idea, but concurrent failures can wait years to happen even among hundreds of drives.
<Walex2> rbasak: I agree that is a bad idea, but concurrent failures can wait years to happen even among hundreds of identical drives.
<rbasak> Walex2: depends on how the drives are used, and whether they're from the same batch!
<rbasak> Walex2: having the same usage pattern and the same environmental conditions from the same batch will make it more likely that they will fail close together in time, clearly.
<rbasak> As I say, I have seen it happen multiple times.
<rbasak> So for a small business buying one server, it makes sense to avoid that risk because there's virtually no cost to doing so.
<rbasak> If OTOH you are backblaze or someone similar, then clearly you can't achieve that. But your usage patterns are probably different enough that the risk is lower anyway.
<rbasak> And in any case, you probably aren't using a minimum level of redundancy like RAID-5 that is more at risk.
<Walex2> rbasak: your level of optimism is astounding... :-)
<Walex2> rbasak: imagine rows and rows of racks with identical drivess with nearly consecutive serial numbers arranged in 16-wide RAID5s "because it optimizes the space".
<jpds> Walex2: Dude, build a Ceph cluster at that point
<RoyK> Walex2: I remember an email on some zfs mailing list some 4-5 years back. someone had built a raidz1 (similar safety as with raid5) with 30 drives and some drives were failing...
<Walex2> RoyK: I collect emails like that. The 32-wide RAID5 was particularly amusing, but a 30-wide RAIDZ1 is good too :-).
<Walex2> http://www.sabi.co.uk/blog/14-two.html#141019 for the 32-wide RAID5
<jonah> sorry to pipe back in but say I use the Raid 5 and have 4 hard drives. My system is running nice but then one fails, how do i hotswap in a new drive and rebuild the array? Won't ubuntu just see a new drive, not a replacement for the failed one if I just whip it out and stick a new one in?
<RoyK> Walex2: this guy had even added three spares
<Walex2> jonah: depends on what the RAID system is. Most require you to explicitly label a drive as a spare before it will be added into a RAID.
<RoyK> jonah: mdadm --add /dev/md0 /dev/newdisk
<jonah> Walex2: well i mean just a standard ubuntu server install running on software raid5
<RoyK> jonah: that adds a disk to the raid and unless you grow it, that disk is flagged a spare and will work like one
<jonah> RoyK: I see Roy, so you'd power off and take out the dead one, then power back up with the new one added in it's bay then run that command?
<RoyK> jonah: then just mdadm --remove the failed drive, unplug it, install a new one and mdadm --add it
<RoyK> jonah: if you don't have hotpluggable disks, yes, but both SATA and SAS should handle hotplug
<RoyK> it's part of the specification
<jonah> RoyK: ah so with mine being sata 3 i can just hotswap with it all still turned on
<RoyK> should work
<jonah> RoyK: so I'd just find the dead one, pull it out and put the new one in and run mdadm
<RoyK> you should probably mdadm --remove the dead one first, then mdadm --add the new one
<RoyK> jonah: are you using partitions? if so, you'll need to create those first, obviously
<jonah> RoyK: haha I know it sounds silly but how do you know which is the dead one
<RoyK> hehe
<rbasak> /proc/mdstat will tell you what the system considers to be alive or dead
<rbasak> (or hot spare)
<RoyK> jonah: try smartctl -i /dev/nameofdisk
<rbasak> etc
<RoyK> jonah: that should give you the make and serial number
<RoyK> jonah: otherwise, it should be in /dev/disk/by-id
<rbasak> RoyK: assuming that the disk isn't timing out on commands :)
<rbasak> (I agree, but you might want to know your mapping in advance if that might be a problem)
<RoyK> rbasak: yeah, but the data in /dev/disk/by-uuid should stick
<jonah> RoyK: well my plan was to just partition 4 drives all with 10% swap partition and the rest free. then set up the raid on the ubuntu server installer. So if I add a label name to them all when I partition them I'll know which has died if one fails?
<RoyK> jonah: I'd recommend using a pair of smallish (2,5" perhaps) drives for the root and the rest for data with LVM on top
<jonah> RoyK: ah I see so I just have the serials numbers of each drive on the front of them so I can see when I open the bays up to swap them out
<RoyK> better poweroff first, so you don't unplug something in use
<jonah> RoyK: well the plan is to just have a big lamp server and then run owncloud and some other cms stuff on there. Do I need the LVM and different drives/partitions or can I just have the bog standard raid5 and just install?
<RoyK> jonah: I always use LVM - it doesn't hurt and it's more flexible
<RoyK> jonah: but really - if you have a couple of old drives, use them as a mirror for the root, don't mix root and data
<RoyK> jonah: some even use USB sticks for the root - it's not much in use anyway
<jonah> RoyK: ah this is interesting as when I first came into this chat my initial question was whether I should have an SSD for the OS (or two I suppose if mirrored) and then a seperate raid array for the data.
<lordievader> LVM ftw :D
<jonah> RoyK: but I wasn't sure how complex or necessary this was to setup up. Especially if I'm backing everything up anyway
<RoyK> jonah: I helped a friend of mine to setup her home server, and we chose a smallish ssd and an old laptop HDD for the root, the HDD set to write-mostly
<RoyK> jonah: that gives you the read speed of an SSD and HDD write speed
<RoyK> which is quite handy :)
<jonah> RoyK: sounds good, but I'm thinking more of the overall lamp with webmim virtualmim and all the rest of it installed. There is a bit of a mixture of data and config/os - not sure how I could separate it or benefit. For example if the OS drive failed and I had to reinstall, would the data stuff work correctly with it still. Sounds like a minefield.
<RoyK> don't use webmin
<RoyK> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<RoyK> jonah: with a mirror of an ssd and a hdd, you can handle a disk failure
<RoyK> jonah: and no, it's not a minefield, mixing root and data is, though
<jonah> RoyK: Blimey RoyK - I'm used to cpanel currently but thought webmin was the best open source had to offer if I don't want to pay?
<RoyK> jonah: use the commandline :P
<disposable> i'm trying to install 14.04 on hp microserver (n54l). i have a problem with the installer though. as soon as the purple ncurses based interface starts, my usb keyboard stops working. does anybody know a workaround? (it works fine with centos installer and omnios (solaris)) and yes, i have tried a different usb keyboard. same story. i'm installing from a usb2 drive onto a usb3(in usb2 port) drive,
<disposable>  in case that matters. google shows many people with the problem but no solution.
<RoyK> jonah: it's not that hard, and once you've learned it, you'll never look back
<jonah> RoyK: yes fair enough. The thing that scares me I suppose is the security, I can probably follow some guides and get something working but if it's served to the outside world hackers could well have a field day. I've just had a cpanel hacked recently and that had all the modsecuirty addons and a firewall running and cloudflare etc - so doing it commandline is really honourable and I'd love that but the last thing I need is a hackfest!
<RoyK> jonah: just choose good passwords, like http://xkcd.com/936/, setup ufw to block anything you don't want to be open (it's simple, really) and use SSL/TLS whenever possible
<RoyK> don't allow ssh login with passwords, only keys, or at least only keys with root (which I think is default now)
<rbasak> Also, install and use unattended-upgrades, and pay close attention to anything you don't install from the archive (or even from the archive and in universe).
<rbasak> Which also means: be biased against any technology not in the archive. Ask why it isn't packaged as part of Ubuntu.
<RoyK> jonah: it will *not* be any more secure if you trust som flashy GUI to do the job
<RoyK> jonah: and at the end, you'll even end up with more linux knowledge, which won't hurt :)
<jonah> RoyK: you've talked me into it!
<RoyK> jonah: :)
<fx159> hello, is there anything I can do to debug reboot problems? my server gets stuck after displaying "all processes ended after 2 seconds", I'm using 14.04.3
<sarnold> fx159: try fiddling with shutdown -H, shutdown -P, shutdown -r, I've heard some systems handle some of those poorly
<RoyK> fx159: how do you reboot the server? have you checked the logs?
<fx159> RoyK: I enter reboot into the console
<RoyK> fx159: should work
<RoyK> fx159: if you have another linux machine around, try setting up rsyslog to log to that machine as well to see if you get anything useful out of the logs
<fx159> RoyK: also nothing obvious in the syslog
<fx159> RoyK: I have a serial console to the machine... it just sits there after "all processes ended after 2 seconds", no further output, also no errors before
<RoyK> no idea, sorry
<fx159> too bad, well I can live with it... machine is online 24/7 anyways
<TJ-> fx159: it's usually a firmware ACPI bug; there are some workarounds, such as matching the expected OSI string with a kernel command-line entry of the form "acpi_osi=Windows XXXX" where XXXX is some Windows version string present in the ACPI DSDT (the most recent Windows version usually). "sudo strings /sys/firmware/acpi/tables/DSDT | grep -i windows" might help you find those strings
<sarnold> TJ-: good idea
<fx159> TJ-: I know it worked with earlier versions of 14.04, before rebooting it displayed a message saying something like "rebooting system now", that message no longer appears, still a firmware bug?
<TJ-> fx159: maybe a regression in the kernel
<sarnold> fx159: there's a 'fwts' package that's supposed to help test firmwares; I haven't used it myself so I can't really say if it is appropriate for end users or just hardware distributors, but it may useful too
<sarnold> fx159: ooh, interesting. if you're up for testing the 14.04.2 and 14.04.1 kernels, that might be worthwhile. granted, it'd take some time, but it'd make a bug report more interesting :)
<fx159> sarnold: oh well, already tested a lot of the 3.19 kernels for another bug report, not again hehe
<sarnold> fx159: hehehe
<sarnold> there are more fun ways to spend your time, that's for certain.
<fx159> https://bugs.launchpad.net/bugs/1504909 any ideas regarding this bug? hehe
<ubottu> Launchpad bug 1504909 in linux (Ubuntu) "blk_update_request: I/O error when accessing a disk that is spun down" [Medium,Incomplete]
<sarnold> fx159: argh. that looks -really- annoying
<sarnold> fx159: does a scrub repair it?
<fx159> sarnold: scrub fixes the errors, yes
<fx159> sarnold: but I'd prefer spin down to work without data corruption ;)
<sarnold> fx159: yes :)
<sarnold> especially since scrubs aren't exactly fast
<fx159> sarnold: 600M/s is kinda fast, but scanning the pool still takes about 3 hours :/
<fx159> sarnold: I'm considering going back to the 14.04.2 kernel
<sarnold> fx159: There's a few approaches that might be worthwhile, but none of them are fun. maybe try 14.04.1's kernel, see how well that works; try to reproduce on a single drive without zfs; try replacing the controller with something else (funny, I'd heard really good things about the m1015, but perhaps not many people spin them down..)
<fx159> sarnold: spindown is something that also worked with earlier verions :(
<sarnold> fx159: have you asked around #zfsonlinux or filed github issues there? those guys are helpful and might know something that I don't..
<fx159> sarnold: yes I did, initally there was also a zfsonlinux bug... but that got fixed...
<sarnold> fx159: heh
<fx159> sarnold: https://github.com/zfsonlinux/zfs/issues/3785
<sarnold> fx159: doing the full bisection is probably the best bet, though that might be dozens of compiles and reboots..
<fx159> sarnold: too bad, I don't have that much spare at the moment...
<fx159> *time
<fx159> sarnold: I believe it has something to do with zfs... error occurs with 3.16 as well now, wtf?
<fx159> sarnold: I'm 100% it never appeared with 3.16 before ._.
<sarnold> fx159: interesting. did you upgrade pool or dataset features? if not you could try an older zfs...
<sarnold> bisecting zfs/spl may be easier than the kernel :)
<fx159> sarnold: upgraded the pool :-(
<sarnold> :(
<fx159> sarnold: I always wanted to try out FreeNAS... hm... whatever
<fx159> sarnold: no more spin down or reboots for me, for now hehe
<sarnold> fx159: did you notice any decent power savings or noise savings when spinning down the disks?
<fx159> sarnold: noise is not a concern, power draw with spinning disks is about 90 - 100W, with spun down disks something like 45W, so yes, there is potential
<sarnold> fx159: wow. thanks. I'm sooner or later going to be putting together my own smallish zfs system and was curious about power draw, heat, and noise from all those drives..
<fx159> sarnold: I'm using a supermicro 4U server case, 8 bay hot swap in the front, heat is no problem, noise...well... there are system that are quieter, power draw is quite good as you see :)
<sarnold> fx159: hehe, yeah, server gear is never going to be -quiet- but it still seems surprising to me that there's not much in the middle ground of ~dozen drives systems for home use. it's all "look! four drives in this nas!" or "this chassis holds 24 drives" :)
<fx159> sarnold: Yea, four is just not enough, and 24 is overkill...
<dasjoe> sarnold: is http://cdimage.ubuntu.com/releases/wily/release/ supposed to contain just powerpc and ppc64el images?
<sarnold> dasjoe: hah, good question
<dasjoe> sarnold: same for vivid. trusty has some weird images I don't recognize, too: "64-bit Mac (AMD64) desktop image"
<OerHeks> dasjoe, use the server and install the desktop you want
<sarnold> OerHeks: those -are- the server images, and it's only two oddball arches :)
<sarnold> dasjoe: I've poked infinity in #ubuntu-devel, he seems most likely to know what's going on..
<sarnold> off to lunch..
<dasjoe> OerHeks: thanks, but that's not what I'm after :) I just noticed cdimages does not contain images for any arch I use
<tarpman> dasjoe: are you looking for http://releases.ubuntu.com/wily/
<OerHeks> images like logos / artwork ?
<Obelus> Probably disc images...
<shauno> dasjoe: it seems to be intentional.  the front page of http://releases.ubuntu.com has an explanation.  in all honestly, I'm surprised the root of cdimage. doesn't
<dasjoe> shauno: thanks, just found that explanation, too
<OerHeks> oh the regular versions http://releases.ubuntu.com/15.10/ , i was lost in powerpc
<dasjoe> I finally found what I was looking for in the first place, the netboot minimal ISOs: http://cdimage.ubuntu.com/netboot/
<Obelus> Ah netboot.
<rattking> hello, does anyone know if the grub2 password behavior was suppose to change between precise and trusty? I just upgraded a test node to trusty and its asking for a PW to boot when it use to require a PW to edit or access  grub's cli
<rattking> ohh yes there was a change in behavior there, and its documented :)
<Wicaeed> how long does it take to sync a single image with uvt-simplestreams-libvirt? I'm running the command to sync a single image yet I'm not seeing any noticeable network activity
<Wicaeed> I see it taking a boatload of CPU though
<atralheaven_> Hello, what tool do you suggest for downloading torrents on vps?
<bittin> rtorrent
<keithzg> atralheaven_: Yeah, bittin's suggestion of rtorrent is probably the best one. Although, I remember some time ago having to go with ctorrent instead because of dependencies. That was a while ago and it was on an OpenBSD VPS, though.
<atralheaven_> I think I've used it before...
<atralheaven_> im installing it
<atralheaven_> how can I add a user that can only use ssh socks proxy? nothing more, only ssh socks proxy, is it possible?
<atralheaven_> the user shouldn't be able to run any command
#ubuntu-server 2015-10-23
<MACscr> why does it seem like sometimes after kernel/grub updates that the default kernel selection no longer works and i have to press enter? sucks for remote systems
<TJ-> That happens if the GRUB 'recordfail' flag is set due to an unclean OS shutdown
<MACscr> TJ-: thanks, i will check
<qman__> You can disable that functionality in he grub configuration
<qman__> It's a relatively new feature that's a pain in the rear
<TJ-> recordfail has been around many years :)
<MACscr> odd, all the suggestions im finding are old and seem like hacks
<roseysdad> i need help
<adun153> roseysdad: Just ask, people will answer if they are active and have a helpful answer.
<ksx4system> does it make sense to run mail server on VPS with just 256M of ram? 14.04 LTS 32-bit, postfix+dovecot+something to filter spam
<sarnold> maybe if it's ssd backed or osmethinng...
<sarnold> otherwise feels a bit itght
<roseysdad> how can i see what services are running in systemd?
<ksx4system> sarnold, pure SSD
<ksx4system> and super low volume (never over 50 mails a day, 99% of them under 10 kilobytes)
<adun153> ksx4system: It might work, but  I'm still pretty nervous about that, especially if it is to be used for something in production/mission-critical.
<ksx4system> adun153, what exactly is that *insanely* resource hungry? the spam filtering part?
<ksx4system> (of course I'm going to run postfix/dovecot combo operating without SQL database)
<adun153> Ubuntu has never exactly been a "lean" distro, if you know what I mean.
<adun153> You can probably run it, but it might have to swap quite a bit, I thin.
<adun153> *think.
<ksx4system> adun153, if you take some time it can be as light as properly tuned Debian :)
<ksx4system> but Ubuntu has longer support cycles (5 years for LTS)
<ksx4system> what about 512M? would it help?
<adun153> ksx4system: I'd be a lot more comfortable with  512.
<ksx4system> this is insane
<adun153> ksx4system: But it seems like you have the time, you can set up the 256 instance, try it out, see if your hypothesis is correct.
<adun153> You asked us for our opinions, you got it from sarnold and myself. Eventually, it's entirely up to you. :)
<ksx4system> adun153, well I have around 3 months until date I have to move
<ksx4system> so I can do some proper testing :)
<adun153> Sounds good.
<ksx4system> webmail is not an issue (hardcore tuned lighttpd + minimal php5 + squirrelmail) I think
<ksx4system> this should eat at most 20M
<ksx4system> if not less...
<ksx4system> what about backup MX? do I need a big (256-512M) VPS too?
<adun153> If just running Postfix, I think 256 should be fine.
<ksx4system> will 128 do?
<ksx4system> (yes, I always try to squeeze stuff as much as possible)
<adun153> 128? I don't know. Leaning towards "no".
<ksx4system> challenge accepted lol
<adun153> lol
<adun153> good luck
<ksx4system> thanks :)
<ksx4system> (I was actually surprised that mail server needs anything over 64M)
<lordievader> Good morning.
<mripguru> hey guys - anyone here successfully install Ubuntu 12.04 or 14.04 (either LTS) successfully on a Dell C6100 blade server? It will just not install - and the installer is quite slow when it does try and work.
<lordievader> mripguru: "It will just not install", do you get errors or something?
<mripguru> lordievader: nope - but, most of the operations, etc. take on average a year and a day -- and when it did install earlier on (another blade in the same cluster) - it would boot to a black screen
<mripguru> so no - it doesn't technically error
<lordievader> mripguru: Hmm, the installer does run?
<mripguru> but it doesn't work - either.
<mripguru> lordievader: it looks like it's going to install successfully - but, usually just hangs up for awhile
<mripguru> like the partitioning stage
<lordievader> From the limited shell the installer gives you I'd test the disks and the overall performance of the machine.
<mripguru> can take 20-30 min
<lordievader> Since what you describe make me think that there is some trouble accessing the disks.
<mripguru> bad disks?
<lordievader> mripguru: Could be, like I said, test them ;)
<mripguru> yup - let's see what another node does
<lordievader> ? Why?
<lordievader> Test where the problem lies not somewhere else.
<kichko> Hey does anybody here tried the openstack-installer on ubuntu server...I'm behind a proxy and the creating of the container works but the initialization of the container fails...I'm 100% sure that there has to be some additional proxy-setting that I might have missed
<mripguru> lordievader: I want to see if another node has the same behavior
<mripguru> for comparison.
<kichko> the command.log says  error.py:35] showing error view for: Top-level container OS did not initialize correctly.
<kichko> while initializing it seems like that the deb repositories are not available but I check them manually they are up.
<mripguru> lordievader: I think you may be onto something - but, I don't think it's the actual disks.
<lordievader> mripguru: What did you find?
<mripguru> lordievader: just for the hell of it - I'm installing XenServer - which does not support FakeRAID
<mripguru> and it seems to be installing just fine.
<lordievader> mripguru: Why not start with some basic dd tests to check the disk speeds?
<mripguru> so looks like the issue may actually be in the FakeRAID
<mripguru> lordievader: can do that - but, I know the disks are fine (more or less)
<lordievader> Oh that can be, but perhaps there is something blocking Ubuntu from achieving the full disk speed (then you know why it is so slow ;) )
<mripguru> lordievader: sounds like I should try turning off the FakeRAID and just building a true software RAID setup?
<mripguru> (after running some disk tests)
<lordievader> That is not what I am saying, I am saying you need to form a hypothesis then gather some data to see if it is correct.
<lordievader> Only then you can think of a solution.
<lordievader> Just doing things without reason is rather futile.
<mripguru> lordievader: agreed
<mripguru> lordievader: at this point - all roads lead either to the FakeRAID or the disks themselves - need to isolate each
<lordievader> mripguru: Exactly ;)
<mripguru> lordievader: I suspect part of the slowness may actually be the fact that I'm trying to install over IPMI/DRAC
<lordievader> SOL IPMI?
<mripguru> lordievader: no - some bastardized version of Supermicro IPMI
<lordievader> SOL = Serial Over Lan ;)
<mripguru> not serial
<mripguru> full graphical UI
<lordievader> Hmm.. Not sure. What kind of speeds does dd show?
<dannysmc95> Hello, I am having some trouble with mysql? I can't seem to connect to it from my client on my computer, I use the IP and the 3306 port and it just errors, it says communication link failure (I am using DBBeaver), any help would be awesome, it says in the /var/log/mysql/error.log that it is ready to be connected to... but nothing? its enabled in my firewall so what can I do?
<bekks> dannysmc95: Is your mysql server listening on a port or a socket?
<dannysmc95> bekks how would I find out?
<bekks> By looking at your config file.
<dannysmc95> [mysqld] ?
<dannysmc95> bekks: it says socket = /var.run.mysqld.sock and port = 3306 under that
<bekks> dannysmc95: But there is no IP address configured to listen on?
<dannysmc95> It uses bind-address = 127.0.0.1
<bekks> So it is listening on localhost Port 3306
<bekks> Is 127.0.0.1 the IP you are trying to connect to?
<dannysmc95> No I am external so using the servers IP
<bekks> Your mysql server isnt listening on that IP.
<dannysmc95> Okay but if I remove that IP would it not stop localhost access?
<dannysmc95> ?
<bekks> 0.0.0.0 will make it listen on all address, a.b.c.d (your external IP) will make it listen on that IP only, 127.0.0.1 makes it listen on localhost only.
<dannysmc95> Okay so I should set bind-address to 0.0.0.0
<bekks> Only if you need to access it from localhost, too.
<dannysmc95> Yeah I would do, so I can use php?
<bekks> you can use php using the socket, too.
<bekks> But 0.0.0.0 should be fine.
<dannysmc95> bekks: access denied?
<bekks> dannysmc95: Is that a question?
<dannysmc95> bekks: yeah its the correct user and password...?
<bekks> Did you restart the mysql server after changing the config?
<dannysmc95> yeah
<bekks> Then your credentials arent correct.
<dannysmc95> It works via CLI
<dannysmc95> same password and same user, works my doing mysql -u <user> -p and then typing password?
<bekks> Nope.
<bekks> mysql -u user -p password -h host
<dannysmc95> Eh? I am saying when connected to SSH to my server it works by doing the command above and works fine? but when I am trying to connect from a client on my pc here it doesn;t? do I need to allow the host?
<lordievader> Sounds like a firewall is doing its job. You don't want you sql server exposed to the internet.
<bekks> So if it works on your host, thats fine. Now you need to configure your server to allow connections from your client.
<dannysmc95> bekks: how exactly do I do that? I am very new to having a server?
<bekks> dannysmc95: I dont know how/what you did on your server to inhibit connections from your client.
<dannysmc95> bekks: neither do I...
<dannysmc95> I did the grant all on command in mysql via ssh but it says 0 rows affected?
<dannysmc95> GOT IT
<dannysmc95> Thanks for the walkthrough, I needed to permit my host name
<dannysmc95> allow*
<Mooslapke> Anyone can help me with git? I am trying to let other people connect to my server securely
<Mooslapke> I think best with keys?
<Odd_Bloke> xnox: A friend from uni just messaged me with a question about OpenERP. /o\
<mripguru> ERP :P
<xnox> Odd_Bloke: =))))))))))
<xnox> ccccccegjekvhffrubfiujluhejujredutkbfbfbdrvi
<xnox> sigh
 * mripguru hates being the local 'IT guy'
<xnox> Odd_Bloke: did you say: Oh dooo ask someone else?
<xnox> =)
<xnox> https://www.odoo.com/
<Odd_Bloke> xnox: <3
<Odd_Bloke> mripguru: In their defence, I (and xnox) did work for a company that developed OpenERP plugins about 5 years ago.
<xnox> gosh, has it been that long already?!
<mripguru> that's not a defense - that's an excuse.
<Odd_Bloke> xnox: Maybe... 4?
<Odd_Bloke> *checks CV*
<xnox> Odd_Bloke: i bet tinyerp modules are still valid in odoo
<xnox> Odd_Bloke: i started in 2011 i think, and you must have been there before.
<Odd_Bloke> xnox: I can only assume you're trying to make me angry. :p
<xnox> so in february it will be 5 years for me.
<Odd_Bloke> xnox: I left July 2011, I think.
<thresh> hi. anyone using packer to provision ubuntu 15.10 machines?
<RoyK> are you using 15.10 on servers?
<thresh> I'm trying to provision a server machine, yes.
<RoyK> I hope this is not for production - it was released yesterday...
<thresh> indeed :-)
<RoyK> and isn't LTS
<RoyK> and ...
<RoyK> oh well
<thresh> This is for a buildbot / build farm.  We're providing nginx.org packages built for different OSes.
<RoyK> ic
<teward|live> thresh: let me guess - the nginx.org repo?  ;)
<thresh> :P
<thresh> yes
 * teward|live whistles nonchalantly then throws the idea of sbuild out there
<thresh> teward|live: last time I checked it could not build stuff on centos and sles :-)
<teward|live> thresh: no, it can't, i meant specifically for your Ubuntu/Debian builds
<teward|live> thresh: granted, though, if you're doing builds on individual 'machines', even virtual, i
<teward|live> i'm left scratching my head as to why
<teward|live> but that's my opinion :)
<thresh> the idea is to have prebuilt images for all OSes we support and do builds in a clean env every time
<teward|live> (that's what sbuild does *cough cough*
<teward|live> )
<thresh> and on the real kernel
<teward|live> ah
<teward|live> 'kay then :)
 * teward|live silently disappears back into the shadows
<thresh> anyhow, there is a problem with packer and ubuntu 15.10 (while the exactly same config works for 15.04), so I'm kinda puzzled here.
<thresh> uh, looks like whenever I launch ubuntu 15.10 server cd install, providing options in the console UI (clicking escape, escape, enter from main grub UI) with "boot: " gets me back to grub...
<thresh> nice, and 15.04 does exactly the right thing when I type in "/install/vmlinuz  auto initrd=/install/initrd.gz" -- it tries to boot up the installer..
<thresh> can anyone confirm that?
<thresh> that's using http://releases.ubuntu.com/15.10/ubuntu-15.10-server-amd64.iso
<RoyK> thresh: sounds like grub wasn't installed correctly
<thresh> RoyK: "installed" on a CD you mean?
<thresh> this is when I boot the CD up.
<RoyK> oh
<RoyK> no, haven't seen that
<RoyK> thresh: actually, I don't think I've _ever_ seen that from a cd boot, but then, I've only used linux for 20 years or so ;)
<thresh> well me neither and that's what's happening with 15.10 server isos (both i386 and amd64)
<RoyK> thresh: I'm install 15.10 in a VM as we speak
<thresh> RoyK: can you try this: https://gist.github.com/thresheek/82a67847b5308be5b9df ?
<thresh> those the instructions to reproduce what I have
<RoyK> thresh: why do you try to leave the installer in the installer?
<thresh> RoyK: I want to provide a preseed configuration file.
<TJ-> thresh: can you edit the existing command-line using F6, where a preseed is already listed?
<thresh> TJ-: that works even if I remove all the parameters except "initrd=/install/initrd.gz" there and hit enter there.
<TJ-> thresh: I see the same thing here in a VM; what is weird is "boot: xxxxx" then Enter shows "Loading image...". I cannot find where it gets the word 'image' from; the linux.c32 code uses "Loading %s\n", kernel_name which should show xxxxx
<TJ-> thresh: also, if i repeat it several times iso/syslinux reports "Out of memory" apparently indicating it does manage to load the kernel image into RAM (using  1GB VM)
<thresh> interesting. :/
<vertago1_> Samba user authentication seems to be broken after upgrading to 15.10
<RoyK> vertago1_: what sort of authentication are you using?
<jonah_> hi can anyone please help. I'm trying to setup ubuntu 14.04 with a raid 10 using the ubuntu installer - so far i've just made a right mess of it each attempt! I followed the UrbanPenguin youtube video but he only does raid one and he uses an older version of ubuntu too so the guide just hasn't worked for me
<jonah_> any help really appreciated.
<jonah_> got a bootable usb with ubuntu server 14.04.3 on
<jonah_> and also got a bootable gparted usb
<jonah_> I'd hoped between the two it would work
<lownin> I'm running ubuntu server 15.04 on my home server.  After doing apt-get dist-upgrade, this happens when I try to boot - http://imgur.com/a/20zFG
<lownin> It seems to be failing to boot with Ubuntu Kernel 3.19.0-31 and if I interupt grub during boot and select 3.19.0.15, my system boots just fine without the above errors.  Anyone have any ideas where I should even start with this?  Thanks!
<sarnold> jonah_: there's some information on the installer's raid stuff here https://help.ubuntu.com/14.04/serverguide/advanced-installation.html
<jonah_> sarnold: thanks this looks very similar to the youtube I followed. both mention the option of Primary drives being selectable but I had no option for Primary in 14.04...
<jonah_> sarnold: i'll try follow the guide you've linked and just see if it is any different or works better than the youtube one. I get all the system installed etc but it just fails at the end and can't install grub, also I don't know what path i'm supposed to enter for grub...
<jonah_> sarnold: the other problem I had when partitioning with the installer live usb is it wouldn't let me set the partitions as 'bootable' when I pressed enter to change it to bootable nothing happens. very weird
<sarnold> lownin: you might try #ubuntu-kernel, or file a bug against the 'linux' package
<sarnold> lownin: that second photo showing  failing to bring the cpus online is really something else..
<lownin> sarnold: thanks, I'll repost in #ubuntu-kernel
<lownin> sarnold: I agree.
<sarnold> jonah_: iirc you're only allowed four primary partitions with old-style formatting, not sure about the new GPT format..
<jonah_> sarnold: i only have four drives, so i'd just made 4 swaps partitions (1 on each drive) and 4 root partitions. then just installed at that but it didn't like it!
<patdk-wk> the question is, how should you use those 4 :)
<patdk-wk> raid0? raid1?
<patdk-wk> jonah_, did you use mbr or gpt?
<patdk-wk> gpt requires you make additional boot areas for grub
<lownin> sarnold: #ubuntu-kernel isn't very active, is it?
<sarnold> lownin: it may not be, I have to admit I've never used it.. but the topic looks kept up to date...
<lownin> sarnold: I was reading through their channel logs, and there are entire days where no one says anything.
<sarnold> must be nice :) haha
<lownin> =p
<jonah_> patdk-wk: sorry trying to do raid10
<jonah_> just trying now with a 3rd raid volume which I've got a efi boot area set for each sda3 sdb3 sdc3 sdd3 etc...
<jonah_> no idea if that will work!
<jonah_> but at least it gives that a B for bootable label...
<maserati> I'm having issues updating my server, not sure what to do - http://dpaste.com/0JFQG68   if anyone has time to take a look, ty
<jge> hey guys, could someone confirm if ubuntu supports automatic daylight savings time when using NTPD?
<thresh> ntpd is unrelated to daylight savings.  you need to have proper TZ file installed.
<jrwren> jge: i can confirm.
<sarnold> maserati: try again after an apt-get update?
<maserati> sarnold: i did =[  same result
<jge> jrwren: thanks
<sarnold> maserati: hmm, I wonder if something changed that might require apt-get dist-upgrade?
<sarnold> maserati: it's been ages since I've seen this kind of thing.. If it were mine, I think I'd delete the package lists and packages from /var/cache/apt/ and maybe clear any apt proxies you might be using, too, re-do the apt-get update, then try the apt-get upgrade again
<sarnold> maserati: another approach is to try to apt-get purge those two packages, making sure you don't actually delete the installed kernel packages, then try re-installing them..
<maserati> sarnold: Just tried option 1 there, same thing. trying option 2
<bernierunns> Anyone want to help a guy figure out what the errors I am getting mean?
<teward> bernierunns: it always helps to just state what problems you're seeing and wait for someone to help
<teward> rather than just ask if anyone wants to help
<NegativeFlare_> heh
<bernierunns> ok Errors were encountered while processing:
<bernierunns>  linux-image-generic-lts-utopic
<bernierunns> among five other errors
<bernierunns> What can I do about missing partition tables? I get an error when I boot the server that I have missing partition tables and it then asks to skip the mount or fix manually.
<bernierunns> I just skip it because i have no idea how to fix this issue.
<rattking> if the partition table is suppose to be missing then you should remove that entry from /etc/fstab.. this will remove that prompt
<bernierunns> OK, how do i display drive info so I can see whats going on with my drives? I'm fairly new to command line stuff.
<rattking> 'blkid' 'cat /proc/partitions' and 'df' will give some ideas
<bernierunns> ok, I'm checking that out now
<rattking> but it should have complained about the missing device at boot
<bernierunns> Could it be that I don't have an external drive configured to mount at boot?
<thresh> huh, https://bugs.launchpad.net/ubuntu/+source/debian-installer/+bug/1505839
<ubottu> Launchpad bug 1505839 in debian-installer (Ubuntu) "Unable to install from text mode interface" [Undecided,Confirmed]
<rattking> its more likely there is a external drive configured to mount at boot that is either not attached or has been formatted so the UUID doesnt match whats in /etc/fstab
<bernierunns> OK, that makes sense, I can edit that info in vi right?
<rattking> yes, with sudo or as root
#ubuntu-server 2015-10-24
<R2D2Warrior> Hello, i am getting a connection reset error when trying to connect to my apache server (running on an ubuntu machine next to me) from outside my of LAN but works fine locally. port 80 is open and dns is set up and working. netstat lists apache as tcp6 on port 80. i've researched this a ton with no luck. what else can i try?
<patdk-lap> what does open mean?
<patdk-lap> if it's reset it is not open
<R2D2Warrior> forwarded in my router's control panel to the ubuntu pc
<patdk-lap> what does tcpdump show on your machine?
<R2D2Warrior> reset?
<patdk-lap> you are the one that said connection reset
<patdk-lap> connection reset != open
<R2D2Warrior> oh really? odd
<R2D2Warrior> sorry, how do i use tcpdump?
<R2D2Warrior> still new, long time windows user
<sarnold> R2D2Warrior: are you trying to forward tcp6 port 80 to tcp6 80? or tcp 80 to tcp6 80?
<R2D2Warrior> i didn't forward anything with tcp6
<patdk-lap> most likely it's the dual bind ipv6 port 80 he sees
<patdk-lap> not ipv6 specific
<R2D2Warrior> yes that's what i read
<sarnold> ahh
<lordievader> Good morning.
<jonah> Hi I wondered if anyone could please advise. I've been in and out of here a few times as I've just built my own server. I'm looking at using it as LAMP apache server mainly to host a few sites, set up some user accounts for them to host a few and also run owncloud. Currently I managed to set up ubuntu 14.04.3 with a RAID10 across 4 x 1tb hard drives. But I couldn't include grub in the raid so that had to be on its own partition on each drive.
<jonah>  This boots fine, but I've not really partitioned anything as I would like to for security. I also have a spare SSD which I could use (maybe for Grub?) or could get another SSD later and somehow then add a RAID1 over the two. I just need advice on how to partition everything properly and partition sizes. I though maybe re-do the raid10 as just the /home and put everything else on the SSD with automatic guided partitioning from the installer.
<jonah> Or should I do something else? Anyone that can please help, I've read all sorts but in the end you just get more confused and unsure!!
<lordievader> jonah: The way you partition your disks really depend on what you want to do with them. This is one of the reasons I like LVM so much it gives you the flexibility to start out with some kind of configuration that may change a lot in the future. Normal partitions are rather static in comparison.
<jonah> ok, so from the ubuntu installer would I just partition the SSD for grub (with bootable flag), do a 1 big massive RAID10 across the other discs then click to install LVM? Is it safe in terms of drive failure and also security for a web server?
<lordievader> I'd let lvm do the raid stuff too. How does security come into play with raid setups?\
<bekks> Wouldnt you need a dedicated log volume for persistent mirroring via LVM?
<lordievader> It creates a metadata volume for your raid, if that is what you mean.
<bekks> Yeah.
<lordievader> For my raid1 over two disks I get two _image volumes and two _meta images. These are normally hidden, but they are there.
<jonah> thanks but I'm not really sure on LVM... Do I just choose it at install instead of raid then and it can set up raid still or do I still have to make the raid arrays and partitions first?
<lordievader> jonah: https://wiki.gentoo.org/wiki/LVM If you skip the Gentoo specifics it is great documentation, for Ubuntu too.
<mripguru_> lordievader :)
<jonah> lordievader: thanks but although LVM sounds very good for future adjustments to parition sizes etc, I'm still not sure what my initial steps should be with the drives I have to get ubuntu server running. From the installer what do I need to partition, raid or make bootable etc. Or can I just add LVM to what I have already running with my raid10 setup?
<lordievader> jonah: The way I have it for my raid drives is two partitions on the drives. The first /boot (raid1 using mdadm), the second is the pv for lvm.
<subvhome> hello allâ¦ I'm having a bit of a problem with my ubuntu server and IPTABLES. so my server is public facing with 2 network cards. one for LAN and one for WAN. I configured my WAN with 2 IP's lets just say they are 67.1.1.1 and 67.1.1.2 â¦ both are pingable from the internet and I have port 22 open .. this being done via IPTABLES. What I am trying to achieve is when 67.1.1.2:3001 gets accessed from the WAN side, traffic should
<subvhome> translate to 10.0.0.231:3001 on my LAN side.  I must say that I did not create this server and who ever set it up has been using webmin for tweaking IPTABLES.. so I have been just making manual changes to the IPTABLES rules file located /etc/iptables.up.rules since webmin interface confuses me.
<lordievader> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<lordievader> subvhome: See ^. How are your nat tables configured?
<subvhome> i agree.. so lets just leave it out of the equation..
<subvhome> accept all and postrouting i have masquerade from my wan iface.. please excuse if i sound like i don't know what I am talking about.. this happens to be true :)
<subvhome> http://pastebin.com/tF74v9nb
<lordievader> subvhome: So you are missing the forward rule for 10.0.0.231:3001.
<subvhome> from inside mynetwork if i telnet 10.0.0.231:3001 the connection is created.. when i tried the forwarding rule and attempt to connect to 67.1.1.2:3001 I get a timeout..
<lordievader> For example I have "-A PREROUTING -i br-ext -p tcp -m tcp --dport 443 -j DNAT --to-destination 10.0.1.21:443" to forward traffic from the 443 port.
<subvhome> let me show you what i have tried so far
<subvhome> let me play with that
<subvhome> this would go right in between line 35 and 36 right?
<subvhome> in my paste
<subvhome> im sorry
<subvhome> above 7
<subvhome> ?
<lordievader> subvhome: Your prerouting table is empty, it will be the first rule in that table.
<subvhome> I don't have a prerouting table.. do i create one?
<subvhome> i just have nat mangle and filterâ¦
<lordievader> subvhome: It should be there. 'sudo iptables -t nat -vnL'.
<subvhome> oh you mean my prerouting chain is empty
<subvhome> in my nat table
<subvhome> ok i think i understand let me try it
<subvhome> ok.. so i see it when i run -t nat -vnL
<subvhome> .. but when i try to telnet the connection is dropped immediately
<subvhome> is because I have that rule for established or related connections?
<lordievader> You don't seem to allow the forwarding of the 3001 syn packet.
<lordievader> Also is ipv4 forwarding enabled?
<subvhome> yes ipv4 forwarding is enabled
<subvhome> check this paste.. its all my rules outputted by iptables -vnL command for both filters and nat
<subvhome> http://pastebin.com/xShjYGhN
<subvhome> just realized something.. i don't have eth0 let me make that change
<lordievader> You have three interfaces? eth0, em1, p255p1?
<lordievader> Ah...
<subvhome> ok.. so now it doesn't refuse the connection.. but just sites there timeing out.
<subvhome> whats this syn packet you mentioned.. i was playing around with DNAT and SNAT
<subvhome> but got really confused.
<subvhome> i don't see anything in the logs either.
<`jpg> Hey guys, I am experiencing some problems building AMIs based on the ubuntu cloud-image AMIs.
<lordievader> subvhome: Tcp dump on the endpoint, do you see an incoming connection?
<`jpg> Basically I use packer to run a shell script to configure apt and install the vivid kernel etc.
<`jpg> However I am running into this: https://github.com/flynn/flynn/issues/1829
<subvhome> lordievader: what would be the syntax of that command?
<`jpg> I have no clue how I end up with a situation where thermald is not installable given the script configures the main repository correctly.
<lordievader> subvhome: tcpdump -i <some interface> 'tcp && port <some port>'
<`jpg> Does anyone know if there is anything beyond cloud-init that could be interfering with apt? Or have a link to the tools/etc that build the cloud-image AMIs?
<subvhome> i get listening on em1.. link type and cap size
<lordievader> subvhome: Do you see incoming connections?
<subvhome> i ran sudo tcpdump -i em1 'tcp && port 3001'
<subvhome> well thats the thing.. on the destination device.. its really dumb and I can't see if its has any connections on it. i would normally test by telneting to the port from within the local network.
<subvhome> now i figure if i don't get the same results from outside my network.. then the connections are not being established.
<subvhome> its some sort of handscanner
<lordievader> Ah, I see how that makes things difficult...
<subvhome> yea â¦ but shouldn't it.. in theory.. that if i can establish a connection via telnet within the network.. a working iptables rule would allow the same type of results from the outside?
<lordievader> subvhome: Yes, if the firewall/nat is configured correctly.
<TJ-> subvhome: sounds like the device doesn't have a default route set, so only 'knows' the local network
<TJ-> subvhome: If it is behind a NAT/router then it ought to be fine though
<subvhome> ok.. so we had a sonicwall handling this and it was working a few months ago.
<subvhome> and not long before i took overâ¦ the sonicwall died and someone created this server to handle dhcp and to act as a firewall
<subvhome> which i like the idea over a sonicwall but it did work..
<subvhome> i just need to create the rule that if hit a virtual interface ip (67.1.1.2) on port 3001 it will direct the traffic to 10.255.230.231:3001
<subvhome> thats a real lan ip.. and a fake public ip :)
<subvhome> now aside from it having webmin installedâ¦ the server runs great and i have been able to do great things with it.. but this one has me stumped.
<subvhome> and i don't like to use the webmin interfaceâ¦  so i try to just manage the rules manually
<TJ-> subvhome: test if the device has a default route (create a temporary private subnet) and see if it can reply to that. If not, then the device has no default route, in which case you'll have to NAT in front of it
<subvhome> the original ip was 67.1.1.1 and it is pingable from the outside world.. pinging it right now and also ssh into it right now. 67.1.1.2 is also live pingable and accessible via ssh. there are no routes setup on this current configuration.. which is what i am trying to do..
<subvhome> i think lordievader was on the right track with me.. what did you mean i didn't have 3001 syn packets?
<lordievader> Well your forward table didn't say much about connection to 10.255.230.231, so I wondered if that table didn't simply drop the packets.
<subvhome> http://pastebin.com/xShjYGhN from this paste.. i don't have anything in FORWARD regarding that.. so what should be in there
<subvhome> all i have is that it will allow connections back once they are established or related
<subvhome> which is how it should be right?
<lordievader> The easiest would be to modify rule 2 to allow all, not just RELATED and ESTABLISHED. Then later secure this more...
<subvhome> if I allow all doesn't that leave me wide open?
<subvhome> it worked
<subvhome> but i don't like the idea of it allowing all connections..  how can i leave rule 2.. but add another rule to just accept connections coming in on 67.1.1.2:3001
<subvhome> to 10.255.230.231:3001
<lordievader> Sure.
<TJ-> Ahhh, I hadn't seen that info earlier
<TJ-> Trying to multitask this and making 70+ apple pies :D
<subvhome> ok.. so im trying to add a rule in the forwardâ¦ to allow this connection and still keep my network safe
<subvhome> its not working
<lordievader> subvhome: How are you testing this exactly?
<subvhome> with telnet from outside the network.. when i remove the established and relative states.. the connection is established
<lordievader> What EST,REL states, the one in the forward table?
<subvhome> http://pastebin.com/FWK3EqM8
<subvhome> this is what im trying to play with
<subvhome> lordievader: yes.. when i remove EST and REL in forward chainâ¦ the connection is established.
<lordievader> Hmm, that is odd. I'd add a couple of log rules to see what is being dropped.
<subvhome> im going to take a bit of a break.. and regroup my brain. thanks a lot bro
<subvhome> whats up #ubuntu-server
<patdk-lap> hopefully everyones servers
<subvhome> lordievader: i don't know what happenedâ¦ it stopped working..
<subvhome> lordievader: i guess nothing happened.. i can't even telnet into the device from my lan.. Maybe I DoS'd it lol
<lordievader> subvhome: Restart the device?
<subvhome> yea.. i gotta call someone in cali for that.. no big deal. I guess learning the fundamentals of establishing a link to the device was learned. I'm going to setup an ftp server on machine and attempt to do the same thing.
<subvhome> my goal now will be not to have my FORWARD chain so unprotected
<lordievader> Err, ftp?
<lordievader> Don't use ftp...
<subvhome> lordievader: i figured that you mean there are too many ports involved lol..brb
<lordievader> No... ftp is old, insecure, crap and shouldn't be used.
<lordievader> Ftps is slighly better, but from what I hear, hell to set up. sftp is a lot better. But I'd go with scp over (s)ftp(s) any day.
<RoyK> lordievader: ftps doesn't work with nat, though
<lordievader> Another reason not to use it ;)
<RoyK> lordievader: and scp is like sftp
<RoyK> or rsync over ssh
<lordievader> I know ;)
<RoyK> ftp hands over ports and ip addresses in L7, so if it's encrypted, the NAT router can't figure out which ports to open
<Delemas> Just upgraded a server to 15.10. Anyone else having their Apache2 webservers ONLY listen on tcp6 after upgrade?
<Delemas> Nevermind. Somehow ssl_module wasn't being loaded after upgrade.
<subvhome> having a hard time with this.. so i setup a webserver and I am able to access it from a specific public IP and forwards to a specific server hosting the http site.. but only if I allow all forwarding packets from WAN to LAN in my IPTABLESâ¦ i want to still be able to only allow EST and REL connections in my forwarding chain â¦ how can i do thisâ¦  here are my iptables -vnL outputs and my rules (I've masked my IP)
<subvhome> http://pastebin.com/3R7UfEfE
<subvhome> in the FORWARD chain, i want to not have to remove REL and EST
<subvhome> lordievader: I want to thank you.. you have given me a lot of insight and I actually managed to accomplish something I have been trying to figure out for about a week. I feel like removing the REL and EST states leaves my system vulernable.
<Seveas> subvhome: you don't have to remove the related/established rules, but you will have to add a port 800 rule
<Seveas> 8000*
<Seveas> something like iptables -A FORWARD -o p255p1 -i em1 -p tcp --dport 8000 -j ACCEPT
<Seveas> the input chain is not used for that traffic, as you can see by that counter being 0
<subvhome> thanks for that.. i will look into it...
<subvhome> Seveas: brilliant
#ubuntu-server 2015-10-25
<k2gremlin> Hello all. Looking for some help with OpenVPN. Server is Ubuntu and client is Windows. I have been able to get the remote client to "connect" but even when it is connected, I am unable to ping anything on the server lan. I am not even able to ping the private server IP. thoughts?
<lordievader> Good morning.
<soydemadrid> hi can anyone please help. I've got ubuntu-server running with webmin on top. i set the php date.timezone and it was working but then when I installed suphp, now when I try to install a cms on a virtual server it gives me the error that the date.timezone needs setting. But i've checked the php.ini file and it is set. Can anyone please help fix this?
<jonah> Hi can anyone please help. I'm running Ubuntu Server with Webmin on top. I'm trying to install modx in a virtual server I've made but always just get the error: "To use PHP 5.3.0+, you must set the date.timezone setting in your php.ini. Please do set it to a proper timezone before proceeding."
<jonah> I've added time zones in all the php.ini files I can find
<jonah> also added it in .htaccess
<jonah> it still won't work!
<RoyK> !webmin | jonah
<ubottu> jonah: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<RoyK> jonah: use the commandline - takes a little while to get used to, but then you even get to learn things, which rarely hurts
<tsimonq2> +1
#ubuntu-server 2016-10-24
<lordievader> Good morning
<rbasak> cpaelzer: thank you for responding to the qemu machine type question.
<rbasak> cpaelzer: on prompting the user on upgrade, the problem is that if every package did that (eg. MySQL has much of the same "must inform the user or it can't work" type issues) then the upgrade UX would be terrible, or the user wouldn't see anything.
<rbasak> It's a shame we have no mechanism to tell the user anything.
<rbasak> Eg. there could be some kind of "upgrade report" that every maintainer script that had difficulties could report to.
<rbasak> So the user would be able to effectively have a custom set of notes based on the user's own upgrade.
<rbasak> And would only need to be prompted once, at the end.
<rbasak> But unfortunately we have no mechanism for this.
<cpaelzer> rbasak: yeah that is too sad, I remember the same on other cases
<cpaelzer> rbasak: but I kind of already planned for a fallback
<cpaelzer> rbasak: that would be to make the libvirt returned error message way more readable and pointing to the case
<cpaelzer> rbasak: that would (hopefully) at once beat it into virsh, virt-manager, and all other consuming tools
<cpaelzer> rbasak: but that is all theoretical until I tried to look deeper at that area of code
<rbasak> cpaelzer: I like that idea.
<cpaelzer> rbasak: if everything fails I at least can write ton's of helping stuff into the serverguide
<cpaelzer> rbasak: that is very much empty in regard to any of the topic
<rbasak> +1
<nymony_> Hi Guys, i thought it was possbile to masquerade subdomains on the mail gateway by using: "masquerade_domains = foo.example.com example.com". But i still see my originating server in the headers. Can anyone help me ? (Version 2.11)
<nymony_> Using postfix btw
<jhenke> Hi, can someone from the server team maybe look into bug 1636124? Right now the apache and mod_ssl do not offer TLSv1 and TLSv1.1, so a lot of older clients cannot connect to my server (including my wife's android phone)
<ubottu> bug 1636124 in openssl (Ubuntu) "openssl lacks support for TLSv1 and TLSv1.1" [Undecided,New] https://launchpad.net/bugs/1636124
<sb_9> test message
<cpaelzer> jhenke: Hi, I just looked at your bug - I think the test you did to check if tlsv1 is supported was incomplete
<cpaelzer> jhenke: that said your overall web stack might still disable it somewhere
<cpaelzer> jhenke: you can use the test I provided in the bug update to verify if you can connect with all three versions to your webserver
<cpaelzer> jhenke: that at least would give you a local test and by that take all other parts out of consideration
<huwjr> heya
<huwjr> have just had a 16.04 server run out of disk space with 30gb free? anything iâm missing lol?
<Pici> huwjr: is df saying that the space is still used?
<huwjr> sorry - wrong disk, 13 was free
<huwjr> : /dev/sda1        48G   32G   13G  72% /
<huwjr> 72% used and PHP sessions were unable to save
<huwjr> am i missing some limitation of /var?
<Pici> Probably not... but if some file was still being used by something, and then  you deleted it, it may not have actually been freed on disk. I had a similar problem recently on another server I manage.
<huwjr> hmm
<huwjr> so you think i freed some space but didnât release it so it was âlockedâ
<huwjr> so the df -kh was reporting the incorrect usage?
<Pici> Yep.
<huwjr> entirely possibleâ¦ would a restart resolve that?
<Pici> I ended up restarting the process that had a hold on the file.
<huwjr> as i did one and still had the issue..
<huwjr> bit worrying lol
<huwjr> iâve got ~15gb of php sessions, so iâm able to clear a bunch of those short termâ¦ but as a server restart didnât âfixâ the issue iâm not entirely sure it is the above at all
<huwjr> Pici: is there anything I can do to check real disk usage vs what is present d to me?
<nmollerup> huwjr: if restart doesnt release the diskspace you may have a corrupted filesystem, you should force a fsck on it
<ppetraki> can someone help me out with vmware + juju? it doesn't want to find my datacenter, http://pastebin.ubuntu.com/23374442/. I'm following these docs:https://jujucharms.com/docs/2.0/help-vmware
<zul> wh00t....autopkgtest for oslo.db to run against a real mysql database
<FManTropyx> "*** System restart required ***" wat do
<WeAreScrewed2016> restart ?
<FManTropyx> I guess that'd be one option...
<WeAreScrewed2016> or dont
<WeAreScrewed2016> thats two
<FManTropyx> I'll decide later
<jhenke> cpaelzer I tried your test and the problem is still that there are no ciphers for TLSv1 and TLSv1.1
<jhenke> I have posted the details to the bug including the list of ciphers as configured for the site
<jhenke> It should include plenty of ciphers for TLSv1 but it does not seem to be possible for client to negotiate those
<jhenke> the stack is completely default besides my site configuration, apache2, libssl and mod_ssl are from the default Ubuntu repo
<jhenke> so for me everythings points to a configuration problem with the libssl, which prevents more ciphers from being offered on the handshake
<foo> Eh, must be something I'm missing here... I created dsa key, set it up to identify in ssh_config, added the .pub version to .ssh/authorized_keys on remote host... still asks me for a password. Did I miss something? (I also see the identity is passed when I ssh from my local system to remote server), I also tried with ssh-copy-id
<foo> Fresh ubuntu install
<jhenke> foo what does ssh says if you use the -v option? (or even -vv)
<jhenke> it should display every step of the connection setup
<jhenke> at some point it should offer the key to the server
<foo> jhenke: thank you, https://bpaste.net/show/861623efd3d3 - jazz-key is the one I set up
<jhenke> what are the permissions on the ~/.ssh folder and it's content on the server?
<tarpman> foo: what is the server side running? distro version / openssh version
<jhenke> the folder should be owned by the user and have 700 permission set
<foo> jhenke: drwxrwxr-x 2 dev dev 4096 Oct 24 18:43 .ssh and -rw-rw-r-- 1 dev dev 599 Oct 24 18:43 .ssh/authorized_keys
<tarpman> foo: openssh 7.0 and later disables DSA by default; see https://www.openssh.com/legacy.html and please migrate to RSA
<tarpman> ... but it seems jhenke has the right answer this time :)
<jhenke> foo ~/.ssh must have 700 permission set, otherwise openssh will ignore it
<foo> jhenke: I will set that, but I did use dsa
<jhenke> also better set 600 permission on all files inside
<foo> I thought dsa was more secure than rsa
<jhenke> foo better use ed25519
<foo> jhenke: is ed25519 an encryption alg like rsa / dsa? geez I'm so rusty.
<foo> I haven't done this in over 5 years, heh.
<jhenke> it is an elliptic curve algorithm proposed by Bernstein
<jhenke> contrary to other curves it's paramters seem less lickly to be choosen by the NSA or similar
<jhenke> so you get the speed of ECC with a resinable level of trust
<foo> thank you jhenke
<foo> Switching from dsa to rsa worked, now to use ed25519
<foo> There must have been some security vulnerability, or something, with dsa I missed
<tomreyn> jhenke: just to be sure: you're not possibly fighting with the changed meaning of the mod_ssl SSLProtocol options? https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslprotocol
<WeAreScrewed2016> https://gist.githubusercontent.com/arisada/2a0e9948fff455e757a533ff67e9f871/raw/cbd5027c696cb421100ab72847106267b00600d1/lnx-blaster2.sh
<WeAreScrewed2016> ouch
<jhenke> tomreyn in what sense changed? anyway I tried both "all" and listing all 3 TLS versions explicitelly
<jhenke> none actually changed anything
<tomreyn> how it changed is documented at th elink i posted. but if you did this, that's not your issue.
<tomreyn> "[all] a shortcut for ``+SSLv3 +TLSv1'' or - when using OpenSSL 1.0.1 and later - ``+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2'', respectively (except for OpenSSL versions compiled with the ``no-ssl3'' configuration option, where all does not include +SSLv3)."
<WeAreScrewed2016> can someone verify this on a test system:  https://gist.githubusercontent.com/arisada/2a0e9948fff455e757a533ff67e9f871/raw/cbd5027c696cb421100ab72847106267b00600d1/lnx-blaster2.sh
<jhenke> tomreyn okay, I just did not see a change there, as I expected it to be like that, but yes, it made no difference, even more the funny thing is, that TLSv1.2 works, just not TLSv1 and TLSv1.1
<tomreyn> WeAreScrewed2016: why dont you?
<WeAreScrewed2016> sigh, I tested on my vm......seems to drop to a root shell, but broken one
<WeAreScrewed2016> of course I am not asking anyone to test it on a prod system...shesh
<tomreyn> i very much doubt it'd behave differntly on bare metal
<LostSoul> Hi
<LostSoul> I have problem
<LostSoul> My mysql patition is full (100%)
<LostSoul> How can I get free space?
<LostSoul> Delete and optimize do not work
<bekks> you have an issue with your keyboard too, issueing enter every few words.
<bekks> You need to either expand you "mysql partition" or move your mysql data files to some places with more free space.
<RoyK> bekks: probably not. people tend to do that if they're a bit stressed ;)
<bekks> i
<bekks> do understand
<bekks> that
<bekks> but
<bekks> its not
<bekks> helpful.
<bekks>  :P
<RoyK> doesn't help if you replicate it ;)
<bekks> ;)
<RoyK> LostSoul: pastebin stuff like output of 'df -h' and 'lsblk' and 'vgs', 'lvs' and 'pvs' and we may be able to help you
<LostSoul> RoyK: Thank you and sorry for spam bekks
<cncr04s> I need some sort of software that will take a bunch of source directories (in this case mounted drives) and provide an interface that will make all the files/folders inside seem in one location. I have a 10 dries, and I have to split all my files around all the drives. I can't find anything, I keep ending up checking all the drives untill I find the folder to put my files in or get the
<cncr04s> files I need. Anyone know of anything. I'd end up having to code something if this isnt readily available, prolly using fuse lib. I think unRAID has something similar to what I speak of, but I'm using ubuntu of course.
<tomreyn> cncr04s: why dont you just copy all of those files ontp one disk in the same directory? lack of space?
<cncr04s> lack of space
<tomreyn> cncr04s: so you want use RAID
<cncr04s> diffrerent drive sizes
<tomreyn> does not matter
<tomreyn> i'm talking software raid
<cncr04s> drives are not ment to be in a raid
<tomreyn> why not?
<cncr04s> they park and spin down when not in use
<tomreyn> so will drives in a raid unless data on them is accessed (which is more likely with parity datam, but you don't need to have that).
<tomreyn> so you're concerned about power consumption there?
<tomreyn> or heat?
<tomreyn> or disk lifetime?
<cncr04s> concerned with one dieing, losing all data instead of just the drive that died
<tomreyn> you have the same issue now, don't you
<tomreyn> with a mirror raid, you can even loose drives and keep the data
<cncr04s> I don't have enough drives for mirror, plus dfferent sizes
<tomreyn> so without mirroring them, you still don't increase the probability of data loss compared to your current setup.
<tomreyn> (and, as i also pointe dout before, different disk sizes are not an issue)
<tomreyn> cncr04s: another option is for you to create a new directory on any of these file systems on these disks where you create (and later destroy, if the target goes away) symbolic links to all the files on all the directories of the other drives. i am not aware of a software which does this. and it's a rather expenbsive solution since you will need to write and regularly run an indexer so that your 'index' (those symbolic links) remain current.
<LostSoul> RoyK: Thank you man, you saved my a** again :)
<cncr04s> Folders are unque on the second level, generally, so I could possibly do that
<RoyK> LostSoul: want to wire me some money? ;)
<LostSoul> Hahaha RoyK :P
<LostSoul> If I only earn nice $$$ ;)
<LostSoul> I don't earn in $ nor in pounds :P
#ubuntu-server 2016-10-25
<foo> Can 16.04 use upstart if I install it?
<RoyK> foo: why would you want upstart?
<foo> RoyK: Thank you. Trying to set up nginx + upstart + python script. I had this working in 14.04, but 16.04 seems different somewhere. I use upstart to start my init script that launches gunicorn for my app
<foo> RoyK: I'm open to another way, this is just how I did it initially, so I just start/stop my app with start / stop myapp
<RoyK> foo: Xenial uses systemd, get used to t
<RoyK> foo: Xenial uses systemd, get used to it
<foo> RoyK: alrighty, I'll remove upstart. Thanks
<UbuntuDude> Couple of months ago someone here gave a good info and url I added it to my bookmarks ... BUT I've forgot the whole thing :(
<UbuntuDude> I think it was about images for ubuntu server distro(s) that optimized and ready for production ... the topic I was asking about back then about programs to control linux web server like cpanle
<UbuntuDude> I remember finding ubuntu server iso image by amazon
<RoyK> UbuntuDude: I'd recommend using an official image, not something on amazon unless you're using them as your VPS provider
<UbuntuDude> RoyK: I'm just learning linux server
<UbuntuDude> but I forgot what was the images they told me about here ...
<RoyK> UbuntuDude: use the images from ubuntu.com - nothing else - the others may have been tapered with
<fishcooker> i tried to remove old kernel when /boot 100%(scarse disk) hit... yes it's only 200MB with automatic security update without kernel blacklist but i've got https://bpaste.net/show/a957a4d9e824 when try the old one to release some space to upgrade to the latest kernel
<fishcooker> is there any to remove the old kernel manually
<sbeattie> fishcooker: apt-get purge linux-image-3.13.0-48-generic linux-headers-3.13.0-48
<RoyK> fishcooker: rhel/centos has this feature of just keeping the last few kernels - not sure if that exists on debian/ubuntu
<markc> hi, is there any way to get dpkg-reconfigure to acknowlege altered debconf settings so I can script re-setting a fresh server install?
<markc> for the life of me I cannot get any variation of debconf-set-selections to change, for instance, the timezone for tzdata
<markc> it may be that debconf only works on initial install of a package but in the case of tzdata it's not possible to remove it then reinstall it just so it picks up new debconf settings
<markc> it used to work with 100% with wily
<theGoat> anyone here handy with syslog-ng?
<ikonia> you'll do better to just ask the real question
<theGoat> i am trying to spin up TLS, from the docs i have been reading, i have the certificates in place, and the config done correctly, but when i do a netstat -nl i don't see it listening on the IP and port i have chosen.  nothing in the logs.  not sure where to go from here
<ikonia> is it listening on the port would be the first check
<ikonia> can you atually connect to "something" listening on the port
<ikonia> what does the startup of it look like
<ikonia> what happens if you manually start it with the same argumennts in the foreground
<theGoat> yeah i have tried to telnet on the port, and won't connect.  when started it in the forground, i don't see anything related to TLS in there
<ikonia> forget tls for the minute
<ikonia> it's not even starting up
<theGoat> yes, and it's listening fine, and receiving events
<ikonia> you need to look at why it's not starting up
<ikonia> netstat's not showing it as listening
<ikonia> and you can't connec to it
<theGoat> netstat is showing on port 514, but not 1514 which i have defined for TLS
<ikonia> ahh, so it is runing on 514, ok
<ikonia> sorry, I thought you where saying it's not running at all
<ikonia> break the tls config on purpose, see if it complains
<ikonia> that should give you an idea if it's trying to process it or not
<ikonia> up the debug level too,
<theGoat> when i initally configured it, i had the paths to the certs wrong, and it still came up without barking
<theGoat> i installed it with apt-get....wondering if i should build it from scratch
<ikonia> why would you build it from scratch ?
<ikonia> what's that going to acomplish ?
<RoyK> theGoat: using letsencrypt?
<theGoat> no.
<RoyK> theGoat: where did you get the certificates?
<theGoat> ikonia:  i thought it may be possible the version was missing something for TLS support.
<theGoat> RoyK:  from our own internal CA
<RoyK> ok
<ikonia> theGoat: you should be able to see what it's linked against to see if it supports TLS
<ikonia> I'd be surprised if it didn't
<theGoat> RoyK:  we don't want to use self signed certs
<RoyK> letsencrypt != self-signed :P
<theGoat> ikonia:  how do i check that?
<ikonia> look at the package dpeends
<ikonia> depends
<theGoat> 3.5.6-2.1 - syslog-ng-core (2 3.5.6) syslog-ng-mod-sql (0 (null)) syslog-ng-mod-mongodb (0 (null)) syslog-ng-mod-json (0 (null)) syslog-ng-mod-smtp (0 (null)) syslog-ng-mod-amqp (0 (null)) syslog-ng-mod-geoip (0 (null)) syslog-ng-mod-redis (0 (null)) syslog-ng-mod-stomp (0 (null))
<theGoat> Provides:
<theGoat> 3.5.6-2.1 -
<ikonia> theGoat: ldd the binary
<theGoat> http://pastebin.com/caaaqHum
<RoyK> no openssl/tls there
<ikonia> is there an optional depdency for it
<theGoat> i didn't see one.  i just built it from src, and it says it's in there now
<ikonia> that doesn't seem a good approach to me
<ikonia> the package was rsyslog-gnutls
<ikonia> oops, thats the old one
<ikonia> is syslog-ng the default in ubuntu
<theGoat> ikonia: no rsyslog is
<ikonia> good, thought I was losing my mind a bit on that then
<rbasak> powersj: FYI, I triaged bug 1635491. I can reproduce it in Yakkety and in Debian, so I sent it up.
<ubottu> bug 1635491 in samba (Ubuntu) "nmbd hangs on service start if only the loopback interface is configured" [High,Triaged] https://launchpad.net/bugs/1635491
<powersj> rbasak: thanks for following up on that one!
<powersj> rbasak: bug 1636583 I'll build package after I go eat
<ubottu> bug 1636583 in debootstrap (Ubuntu) "SRU: Add zesty series link" [High,In progress] https://launchpad.net/bugs/1636583
<ktosiek> hi! What's up with the last USN? I can't find any specifics, and the description sounds like an RCE
<ktosiek> I'm talking about this one: https://www.ubuntu.com/usn/usn-3114-1/
<teward> ktosiek: priv. escalation
<teward> "The system could be made to run programs as an administrator."
<teward> ktosiek: one-liner summary in here: http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1247.html
<teward> with a little more data.
<ktosiek> ohhh
<ktosiek> that's not so bad ^_^
<ktosiek> teward: thank you very much, I was panicking a bit
<teward> ktosiek: never hurts to ask.  That said, the USN has a link to the CVE tracker data too
<teward> under the References section
<teward> for the future, in case you want to check other ones for more info and such :)
<ktosiek> yeah, it was broken the last I checked :-P
<teward> it probably hadn't been updated yet (not "broken", just "out of sync")
<ktosiek> wait, no
<ktosiek> that one to mitre.org is OK, but useless (reserved CVE). I might have missed the description under the ~ubuntu-security link
<ktosiek> still, thanks for pointing that out, and I'll pay more attention to the ~ubuntu-security pages
<teward> yep *goes back to lurking*
#ubuntu-server 2016-10-26
<Sircle> I plugged nvs quadro 420 and 450 http://www.nvidia.com/object/product_quadro_nvs_420_us.html and http://www.nvidia.com/object/product_quadro_nvs_450_us.html and I saw only 2 out of 4 LCDs were shown as connected in xrandr -q. Other 2 as disconneced. I plugged that on an other machine having windows, I got all 4 working. A) any clues why? B) whats the minimum most costly card with 3-4 display at a
<Sircle> time (for multiseat) is 100% supported by ubuntu?
<basilAB> I have a trusty host (14.04.5 with 3.13.0-100-generic kernel) and trying to do a 'apt-get dist-upgrade'. But it is not picking the latest kernel '4.4.0-45.66~14.04.1' even though it is available in the repo.
<sonu_nk> Hi i am new to Ubuntu.. if i have plain cloud ubuntu .. then we need to run a domain on that.. for this we need to setup a host ?
<puR0> hi all
<linux_g10> hey
<jgknight> Does anyone have any experience with storing/saving vrf & route table config on Ubuntu? my current problem is once I reboot, it all goes away. Not sure where the best place to put it is, I'm assuming in /etc/network/interfaces
<jgknight> referring to this type of setup https://www.kernel.org/doc/Documentation/networking/vrf.txt
<jgknight> seems like they create a vrf.conf and reference that somewhere. at that point i might as well just write a bash script that redoes all of my commands.. :/
<Pinkamena_D> I have logged onto many other companies servers which allow logging in with SSH using active directory credentials. I would like to set this up myself with ubuntu server 14.04 and a windows server 2012 active directory controller. What is the name of the technology or software that I would look into to accomplish this?
<cpaelzer> Pinkamena_D: you likely look for samba/kerberos/pam as the top level tech to be used
<cpaelzer> Pinkamena_D: start maybe here https://help.ubuntu.com/lts/serverguide/sssd-ad.html#sssd-ad-kerberos https://help.ubuntu.com/community/ADAuthentication https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto
<rattking> Hello folk, does anyone know what the status of CVE-2016-1247 for precise is?  ~ubuntu-security still says needed
<rattking> *folks
<rbasak> https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1247.html
<rattking> so needed :)
<rbasak> That's as much status as the server team has access to. You could try asking the security team in #ubuntu-hardened for more.
<rattking> ok thanks for the info
<Pinkamena_D> cpaelzer: trying to set up SSSD, I can do the search with $ ldapsearch successfully but specifying ldap_default_bind_dn and ldap_default_authtok the same in sssd.conf yields "invalid credentials" in the debug log.
<cpaelzer> Pinkamena_D: sorry I stay away from ADS since 2001, but hopefully someone else can help you with experience on that
<Pinkamena_D> cpaelzer: OK, sorry to specify your name in the reply.
<cpaelzer> Pinkamena_D: no reason to excuse at all - just wanted to explain instead of dropping dead on the chan :-)
<theGoat> i have updated one of my ubuntu boxes to 16.04.  now i can't mount dmg files from my mac.  all i see in the kernel logs is lockd: cannot monitor <client>  not sure if i need to make changes on one of the sides.  client side is OS X 10.11
<ameurux> gooday
<ameurux> anyone installed samba on 16.10?
<ameurux> hello
<theGoat> i am an all nfs shop, sorry
<ameurux> hello
<ameurux> anyone here?
<theGoat> you may want to try #ubuntu
<ameurux> yeah
<ameurux> but people I found are not that good
<ameurux> just like forums
<theGoat> what is your question?  it's been a while since i have touched samba
<ameurux> on any ubuntu 16.10   I think samba is broken
<theGoat> what's it doing?
<ameurux> hold on a sec I paste
<ameurux> http://paste.ubuntu.com/23383642/
<theGoat> unfortunately i am not versed in systemd.  i was having an nfs issue today, and reverting back to upstart solved my issue.
<theGoat> nmbd: No local IPv4 non-loopback interfaces available, waiting for interface ..."
<theGoat> what's ifconfig say
<ameurux> ok
<ameurux> just a min
<theGoat> http://linuxadmin.melberi.com/2015/04/nmbd-no-local-ipv4-non-loopback.html
<ameurux> http://paste.ubuntu.com/23384523/
<theGoat> check your samba conf make sure the eno1 and lo interfaces are specified.
<ameurux> ok I will
<ameurux> theGoat   hello you there?
<theGoat> hey what's up
<ameurux> thank you Sir
<ameurux> the problem is
<theGoat> so it's workingnow?
<ameurux> I have 3g dongle
<theGoat> ok?
<ameurux> when I disconnect it and use LAN with IPV4, the install went fine
<ameurux> yes it worked
<theGoat> ah ok
<ameurux> than you again
<theGoat> not a problem
<brandor5> Hello everyone: I'm trying to use autopilot to install openstack... after pluggin in my maas info and hitting continue i get the following error: "error: flag provided but not defined: --up-tools"
<brandor5> anyone have any ideas whats going on?
<brandor5> anyone?
<Pici> brandor5: you may have better luck asking in #openstack
<brandor5> Pici: ok, thanks :)
<CodeMouse92> Any recommendations for a cPanel alternative on Ubuntu 16.04?
<LeMike> hello. would this be the right place to discuss a cluster? I have a website, that is meant for multiple countries within europe. I would say one server and multiple domains is enough for seo/google etc. But the website has performance issues, so I need more power there. I could install another server located in france while the master is somewhere else. What about the mirror then? And the sql slave?
<LeMike> How slow will they be?
<LeMike> damn this is a huge topic for me
<RoyK> LeMike: depends on the type of server - if it's just static stuff, multiple dns entries should do, but they won't be able to share dyamic content. if it's a single site thing, use a proxy like varnish and a common database beween them
<RoyK> LeMike: scalability has a ton of variables
<LeMike> yee, thanks RoyK . It is a Magento system and by now I think one server in the US and one in europe (worst I can imagine, what the customer wants) is really a bad thing. I think I want it like this: .com goes to server 1, .org goes to server 2. both are failover for each another. Now I need a scenario for the sql part.
<LeMike> I would like to cluster it by table names because it has prefixes for the .com site and another prefix for the .org site. Would this be good? I would love to have something like master-slave but lower the latency between those two, RoyK .
<LeMike> My fear is that such logic wont help because the master is always asked which db-server shall be used :/ or isn't it like that?
<station> is it reliable long term to runn the OS from an usb 3 stick???
<station> im not shoure but im remember something like there is some flash mem type I have to look for
<LeMike> hm. on the other hand I wonder if two thin nginx proxy would do the trick. load balacing between two servers with a classic master-slave config... this sounds better
#ubuntu-server 2016-10-27
<echosystm> does anyone know of a backup service that supports s3?
<echosystm> ugh
<echosystm> supports rsync, not s3
<echosystm> i'm looking for an alternative to s3 that supports rsync
<echosystm> i have a lot of large files, so backups must be differential
<echosystm> s3sync doesn't support that
<sonu_nk> hi when i logged in my server via ssh root@myip and password enter. it is showing me root@ubuntu
<sonu_nk> it should not root@myip ?
<hateball> It shows you what is defined in .bashrc
<hateball> which is usually $user@$hostname
<sonu_nk> hateball,  i just purchased plain cloud and i m just want to run my domain on it. wht should i do to install host and lamp ?
<sonu_nk> i think after this i can run my domain on it ?
<hateball> A regular server install will show you tasksel where you can pick e.g LAMP to be installed
<sonu_nk> https://pastebin.ubuntu.com/23387165/ here why i found in hostname and host file hateball
<hateball> Also if you can ssh in as root, that's not a standard Ubuntu install
<sonu_nk> *why = what
<hateball> No idea about such VPS installs
<sonu_nk> i can remove and install plain
<WebHostingFree> hi all
<WebHostingFree> help install web server kubuntu
<hateball> !lamp | WebHostingFree
<ubottu> WebHostingFree: LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process.
<WebHostingFree> doman name help pls
<kicksled> sonu_nk: looks like you use linode? linode has some good tutorials on how to set up lamp and other stuff.
<circ-user-U5rlD> Ahoy
<circ-user-U5rlD> Is anybody good with Grub?
<circ-user-U5rlD> Got an issue, Grub Loading. server in bootloop
<circ-user-U5rlD> http://paste.ubuntu.com/23387463/
<sonu_nk> hi how to install phpmyadmin on ubuntu 16 ?
<sonu_nk> or its same as for ubuntu 14
<sonu_nk> ?
<Fiskfishdan> apt-get install phpmyadmin ?
<sonu_nk> Fiskfishdan, i did this but now i cant see my phpmyadmin when i am trying myip/phpmyadmin
<sonu_nk> why ?
<kicksled> sonu_nk: I would follow a good tutorial setting things up. I assume you already have a LAMP-stack set up? One of many good tutorials on installing and securing phpmyadmin - https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-on-ubuntu-16-04
<jamespage> ddellav, where are we with verification of https://bugs.launchpad.net/ubuntu/+source/neutron-fwaas/+bug/1619452
<ubottu> Launchpad bug 1619452 in Ubuntu Cloud Archive liberty "[SRU] liberty point releases" [Undecided,Fix committed]
<jamespage> that's been in proposed for 2 weeks or so now
<ddellav> jamespage i'm pretty sure the verification is done but i'll double check before updating the bug.
<jamespage> ddellav, ack
<roaksoax> berglh: /win 15
<roaksoax> err
<roaksoax> sorry
<hallyn> cpaelzer: are *you* going to be at lpc?
<cpaelzer> hallyn: no unfortunately not
<cpaelzer> hallyn: just was at dpdk userspace and soon team sprint - need to be at home as well :-)
<cpaelzer> hallyn: I should try to be there next time - if not for anything else - just to have a chance to link more with you for libvirt/qemu
<hallyn> cpaelzer: oh, too bad.  yeah, next time.
<jerichowasahoax> Is there a way to check when was the last time I ran "apt upgrade" (or "apt update")?
<jerichowasahoax> A human readable format would be preferred, but I'm capable of converting UNIX timestamps should that prove necessary
<sarnold> jerichowasahoax: /var/log/dpkg.log may show the last time packages were installed; the timestamps in /var/lib/apt/lists should suggest the last apt update
<pmatulis> also parse sudo in auth.log
<berglh> roaksoax: /action is winning at irssi
#ubuntu-server 2016-10-28
<fishcooker> how to know/check that the repo is synced?
<caliculk> Hey, I am getting a TON of messages being flooded in syslog. It appears to be something related to this: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1402039 but I don't recall ever setting that flag. So, where can I modify this, to fix it?
<ubottu> Launchpad bug 1402039 in systemd (Ubuntu) "systemd spams kernel log with debug kernel cmdline option" [Medium,Opinion]
<caliculk> Either way, systemd is really verbose in syslog and other things.
<cpaelzer> rbasak: do you think uvtool should destroy the pool on purge?
<cpaelzer> rbasak: I've had several cases now where I couldn't cleanly install because the configure failed
<cpaelzer> rbasak: reason the old pool was still around as inactive definitio
<cpaelzer> rbasak: I admit - I kind of f$%& up the system with my conf, but I wonder if at least on purge it should rip away the pool and its definiton?
<sonunk> https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-on-ubuntu-16-04 with this tutrial in installed phpmyadmin but it not working on my end.. means when i m running it myip/phpmyadmin its showing 404
<rbasak> cpaelzer: it's supposed to: http://paste.ubuntu.com/23391960/
<temhaa> hello
<cpaelzer> rbasak: hmm, thanks for the info - I'll take a deeper look at that next time I run into it then
<temhaa> I faced disk problem. Actualy My disk seemed full. I want to check but I dont know should I start from where..
<temhaa> First: I checkt disk usage: https://paste.debian.net/890547/
<temhaa> After than I used du command under root directory
<temhaa> https://paste.debian.net/890548/
<temhaa> Used disk size seems 27GB when I use df command but If I check du command under root directory total seems 6.7 GB. Where are differences
<cpaelzer> temhaa: http://sysunconfig.net/aixtips/df_du_diff_out.txt
<cpaelzer> temhaa: are you actually having out of space issues or only wondering about the difference?
<rbasak> It seems like he has rather a big difference.
<rbasak> Deleted files still in use perhaps? Or does he have dotfiles in / that aren't picked up by *?
<temhaa> cpaelzer: Actualy I wonder what is reason of my disk fullness
<cpaelzer> temhaa: than rbasak had good suggestions
<temhaa> cpaelzer: Sometimes my root partition usage seems %100 . How should I proceed? When I face this problem
<cpaelzer> temhaa: like files deleted but still held open
<cpaelzer> temhaa: those for example you can get a status with "lsof | grep deleted"
<cpaelzer> not so sure no non picked up files
<cpaelzer> add sudo to the lsof to get them all
<rbasak> du -hs /
<temhaa> cpaelzer: ok got it. I saw lots of outputs when I run "lsof | grep deleted "
<rbasak> or "set -s dotglob" IIRC
<cpaelzer> temhaa: yeah you have to filter out all the virtual oes like /dev and so, but that could help to spot the issue
<cpaelzer> also sometimes people are actually out of inodes "df -i" can help there
<cpaelzer> I quickly checked and found another suggestion being files hidden behind mounts
<temhaa> rbasak: I tried du -sh / but I see 6.7 gb I guess It is true what cpaelzer said
<cpaelzer> so if you have /root/foo/10G file
<cpaelzer> but /root/foo as MP the tools won't pick ut up
 * rbasak wonders if a bind mount of / to somewhere else should show that
<temhaa> cpaelzer: rbasak I am using logstash in docker. It's writing file I sometimes remove output log that is created by logstash inside of docker. But docker doesnt leave
<temhaa> cpaelzer: My problem seems like that: https://forums.docker.com/t/dockers-log-rotation-doesnt-release-space-after-deleting-container-logs/20506
<rbasak> Sounds like a bug in Docker.
<rbasak> Maybe try the latest upstream Docker to see if it is fixed there?
<rbasak> Otherwise, you'd probably get better help in a suitable docker forum rather than this channel.
<slabgrha> Hi!  I'm using the Ubuntu 14.40 base AMI and I'm having an odd issue.  During the initial setup, I'm trying to execute "apt-get install -y python-boto" in a userdata script.  That is failing to execute, as it cannot find the "python-boto" package.  However, if i just run the instance, hop on and do an "install -y python-boto" it installs fine.
<slabgrha> putting "apt-cache search boto" in userdata shows that it cannot find it
<nacc> slabgrha: do you ensure you've done an `apt updated` first?
<slabgrha> yeah
<slabgrha> apt-get update and upgrade
<slabgrha> I'm going to cat sources.list during the boot to see what's there
<slabgrha> "deb http://us-west-2.ec2.archive.ubuntu.com/ubuntu/ trusty main restricted" is present
<slabgrha> the base AMI being used is - ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-20161020
<slabgrha> i was able to add netcat w/o an issue
<slabgrha> hmm
<slabgrha> i'll try 20161010
<slabgrha> nope.. but falling back to 20160919 worked!
<slabgrha> "    base_ubuntu: Setting up awscli (1.2.9-2) ..."
<slabgrha> nacc: ^
<nacc> slabgrha: interesting
<nacc> jgrimm: who should we refer the above to?
<jgrimm> rcj ^^
<nacc> jgrimm: thanks :)
<slabgrha> what other info would be helpful?
<slabgrha> aaannnd now that's not working
<slabgrha> sigh
<slabgrha> i'm getting ready to blame aws
<slabgrha> :)
<rcj> slabgrha, the prior ami isn't working now?
<slabgrha> i know this sounds lame, but it worked once
<slabgrha> i'm going to try a different region
<rcj> slabgrha, You're putting the package install in a user-data script? (http://cloudinit.readthedocs.io/en/latest/topics/format.html#user-data-script)
<rcj> slabgrha, Could you also try installing the package in cloud config to see if that is failing in the same way for you? http://cloudinit.readthedocs.io/en/latest/topics/examples.html#install-arbitrary-packages
<rcj> slabgrha, I'll also fire up instances now but I'm asking in case I can't recreate it.
<slabgrha> i'm actually building this out with packer ...
<slabgrha> shell provisioner
<slabgrha> http://paste.ubuntu.com/23393499/
<slabgrha> "    base_ubuntu: E: Unable to locate package awscli"
<rcj> slabgrha, can you grab /var/lib/cloud/instance/user-data.txt from that instance so I can see how packer is constructing this?
<slabgrha> i'll try to cat that during provisioning
<rcj> slabgrha, thank you
<rcj> slabgrha, I'm launching in a few different ways to recreate as well.
<slabgrha> i believe the user-data.txt file is empty
<slabgrha> it's ssh-ing into the instance as the 'ubuntu' user and executing the commands directly
<rcj> ah
<slabgrha> i'll capture the shell script it's executing
<slabgrha> eh.. not very interesting - http://paste.ubuntu.com/23393566/
<slabgrha> that's the first script
<rcj> slabgrha, You can ssh into the instance after it has run or no?
<slabgrha> i'll see if i can get it to sleep or something
<slabgrha> it's a temporary instance that is spun up to build the AMI
<slabgrha> lol "    base_ubuntu: Setting up awscli (1.2.9-2) ..."
<rcj> If you add a sleep at the end so you can ssh in, then you might add "| tee --append /root/provision.log" to each of those commands to get the output laid down in the instance
<slabgrha> its's dodgy
<rcj> It certainly sounds like a timing issue.  I'm wondering if there is a race with cloud-init finishing before packer is ssh'ing in to do this.
<rcj> Add "cat /etc/apt/sources.list | tee --append /root/provision.log" as the first command.  It's possible that cloud-init hasn't yet set up the archive sources and you're racing with that.
<slabgrha> yeah, i'm going to reach out to hashcorp as well
<rcj> slabgrha, and you get get ssh output with PACKER_LOG=1 in the environment which you might already be aware of (from https://www.packer.io/docs/other/debugging.html)
<slabgrha> aah
<rcj> and there's the issue you're having
<rcj> https://www.packer.io/docs/other/debugging.html#issues-installing-ubuntu-packages
<rcj> It is a race with cloud-init finishing
<slabgrha> ding!
<slabgrha> I'll give that a wack.  Thank you so much.
<rcj> np
<nacc> rcj: thanks for the help!
<rcj> Honestly, you should use that whether or not you're installing packages.  It would not serve you well to change /etc/apt/sources.list (or something else that cloud-init will touch) before it is complete as it will overwrite it.
<rcj> slabgrha, ^
<rcj> nacc, np
<slabgrha> yeah.  i've run into cloud-init timing issues with other things ... I'm glad to see it's at least consistent. ;)
<eu__> Hi all. I have installed Ubuntu Mate 16.10, AppArmor 2.10.95-4ubuntu5.1, QEMU emulator version 2.6.1, libvirtd (libvirt) 2.1.0. I'm create shared directory with virt-manager and successfully mount it inside guest. But i cannot nor write nor `ls' inside it. How to fix it?
#ubuntu-server 2016-10-30
<gasconheart> I run Ubuntu Server on a regular PC, I've been running it for months or perhaps more than one year. Recently it crashed seemingly on its own, twice, one 24h after the other
<gasconheart> it crashed and froze, it went unresponsive, I had to take this photograph: http://www.gasconheart.cu.cc/crashscreenshot/
<gasconheart> I need some help understanding those messages; thank you very much
<ikonia> gasconheart: so thats a kernel panic
<ikonia> thats the stack trace from the panic, the bit on screen is showing the filesystem details in memory
<taliptako> Hello
<taliptako> why shouldnt i manage my server from root account ?
<RoyK> well, obviously, you can
<RoyK> but it's more common to use sudo these days to allow for logging who did what
<RoyK> also, allowing ssh logins to root, especially with password authentication isn't really a good idea - should work well with keys, though
<taliptako> actually i just have LEMP stack on my Ubuntu 16.04 server and i intalled those software as a root
<ikonia> "E" ?
<taliptako> now i had little problem about file permissions
<ikonia> if you installed them using the package manager, the permisions should be fine out of the box
<taliptako> i wonder if this cause because i installed all softwares as a root account
<ikonia> taliptako: did you install using the ubuntu package manager ?
<taliptako> of course i installed with apt
<ikonia> then the only way to use that is with root privileges
<ikonia> so how can that be the problem ?
<taliptako> but maybe its different to do things from root account or with sudo
<taliptako> i dont know
<ikonia> no, it's not
<ikonia> what is the "E" in lemp ?
<taliptako> hmm i have interesting problem
<taliptako> let me explain maybe you can guess :)
<ikonia> no
<ikonia> just tell me
<ikonia> I'm not playing a game, I'm trying to understand your setup
<ikonia> what does the "E" in lemp stack reference
<taliptako> i have website and i'm using php and visitors uploading images okey and i save them to uploads/ folder i create a folder for all images for example /dog/1.jpg also i create conversions folder in dog folder  /dog/conversions/230x300px.jpg(example)
<ikonia> ok - so you're not answering my question
<taliptako> i resize images and putting them to conversions folder and i resize them with php-gd library of course
<ikonia> I'm afraid I can't help you
<taliptako> conversions folder owned by root
<taliptako> just conversions folder all my others folders files doesnt have this problem but images resized with php-gd owned by root
<taliptako> and when i try to delete them its causing the permission denied problem
<taliptako> Nginx - php - mysql ikonia
<ikonia> so you actually don't understand what you're saying then
<ikonia> LAMP = Linux Apache PHP Mysql
<ikonia> LEMP = Linux ??? Mysql Php
<ikonia> so what's the E ?
<taliptako> https://lemp.io/
<taliptako> look here
<ikonia> no
<ikonia> just answer the question
<ikonia> actually, I can't be bothered
<ikonia> good look sorting yourself out
<taliptako> We go with LEMP due to the pronunciation for Nginx: Engine-X (en-juhn-ecks). Think of how in English, the article an is used instead of a for hour even though it begins with a consonant.
<RoyK> ikonia: E for Evangelist :D
<ikonia> ha
<RoyK> taliptako: that should be LNMP, though, since nginx is spelt with an n...
<RoyK> and btw, don't use mysql if you can use postgresql :P
<taliptako> i dont care
<taliptako> if its lemp or lnmp :)
<RoyK> hm - windows, iis, mysql and php, that should be like wimp, right? ;)
<gasconheart> ikonia: thanks for your reply
<ikonia> gasconheart: no problem
<gasconheart> (I'm looking after a kid over here)
<gasconheart> ikonia: some guy here suggested it might be related to the dirty cow vulnerability
<ikonia> gasconheart: not sure how they could make ANY guess based on that single bit of output of a stack trace
<gasconheart> is there anything that might point to dirty cow?
<gasconheart> oh
<gasconheart> I check my logs all the time, almost paranoidly, I found no strange logins
<gasconheart> I am close to 100% positive it was not a hacking attempt; does anything in that screenshot suggest otherwise? thanks
<taliptako> soo guys there is no difference using sudo or directly writing commands as a root ?
<taliptako> for sure ?
<andol> taliptako: You usually end having different environment variables set, which might affect how the commands run.
<ikonia> gasconheart: that screenshot suggests nothing
<bor691> hello, i'm having trouble changing /etc/sshd_config (it doesn't affect anything even after reboot) on ubuntu server 14.04. i check the value with sshd -T after modifying the file but still shows the old value...
<ikonia> bor691: what value are you changing
<bor691> i intended to do a reverse tunnel that binds to non-local interface , some questions in serverfault and askubuntu suggested changing gatewayports
<bor691> but after that didn't work i tried setting passwordauthentication no
<bor691> just to test if it changes , but it didn't , sshd -T shows no and i can still login via password, even after restarting the service and rebooting the server
<bor691> is there a way to get address of the loaded config file ? is it possible that i'm chainging the wrong file ? (i was modifying /etc/ssh/ssh_config , and verified that the file is saved with the new value)
<ikonia> bor691: you need sshd_config
<ikonia> ssh_config is the client
<bor691> now i feel like an idiot :| tnx
<ikonia> no problem, easy to miss it, nothing silly about it
<al_nz1> Anyone here using Nagios?
<al_nz1> I want pretty graphcs
<al_nz1> network graphs :-)
<spammy> al_nz1:  I use icinga
<spammy> a fork of nagios
<al_nz1> Hi spammy. I only went with nagios because it seems widely known
<al_nz1> and I hoped well supported
<al_nz1> bit of a steep learning curve so far
<spammy> icinga is in Ubuntu's repo
<spammy> works like nagios
<spammy> well supported
<al_nz1> ok. I will take a look
<spammy> I've also been playing with Zabbix, it seems a bit easier than Nagios/Icinga
<spammy> you can add hosts etc. in gui
<spammy> which is nice
<al_nz1> yeah - that would be nice
<spammy> there's a PPA for Zabbix
<al_nz1> easy is better at this point
<al_nz1> is it in repo?
<spammy> in a PPA repo....hang on, I'll look it up
<spammy> whoops....my bad, not a PPA but a zabbix official repo
<spammy> https://www.zabbix.com/documentation/3.2/manual/installation/install_from_packages/repository_installation
<spammy> Ubuntu steps to install repo are at the end
<spammy> then follow these instructions...
<spammy> https://www.zabbix.com/documentation/3.2/manual/installation/install_from_packages/server_installation_with_mysql
<spammy> or the postgres one, depending on which db flavor you want
<al_nz1> ok
<al_nz1> ta
<al_nz1> why the heck do I not have a httpd.conf on apache2
<al_nz1> find / -name httpd.conf is empty
<Pici> al_nz1: its /etc/apache2/apache2.conf conf for whatever reason
<al_nz1> ok
<al_nz1> just found that in google
<al_nz1> ta
<al_nz1> I am getting Forbidden: You don't have permission to access /nagiosgraph/cgi-bin/show.cgi on this server.
<al_nz1> How do I resolve this on ubuntu16 / apache2
<tsimonq2> al_nz1: 16.04 or 16.10?
<al_nz1> tsimonq2: 16.04
<al_nz1> but I have restarted the installation of nagios from scratch
<al_nz1> you still about tsimonq2
#ubuntu-server 2017-10-23
<lordievader> Good morning
<cpaelzer> good morning lordievader
<lordievader> Hey cpaelzer , how are you doing?
<cpaelzer> pretty well for a monday
<necrophcodr> I've got a server where my users do not have a /run/user/$UID directory
<necrophcodr> Does that need manual creation now?
<andreas> ...and here it goes :) http://reqorts.qa.ubuntu.com/reports/ubuntu-server/merges.html
<cpaelzer> andreas: well no BB yet to start right?
<andreas> cpaelzer: right, I was just curious about what was piling up
<andreas> since I got some emails about bugs being fixed in debian
<cpaelzer> as usual, everything :-)
<cpaelzer> honestly early in the cycle we likely pick the few extra complex ones we know to do the transitions right
<cpaelzer> those that "just" need a bump will come trice or only later
<cpaelzer> (opinion)
<necrophcodr> Is it possible to tell dpkg not to run any of the {pre,post}inst scripts?
<necrophcodr> That is, when installing packages using apt
<cpaelzer> necrophcodr: I don't know a good way to globally disable them, but you could modify (exit 0 in line 1) them in /var/lib/dpkg/info as needed
<cpaelzer> for dpkg install that should be fine, as it only unpacks them again if not there (so I thought)
<necrophcodr> cpaelzer: are all package scripts in /var/lib/dpkg/info before packages are downloaded and installed?
<cpaelzer> not sure if apt refreshes the files in any case
<cpaelzer> necrophcodr: no they are part of the download
<cpaelzer> necrophcodr: you could run apt until it fails
<cpaelzer> necrophcodr: then modify the file as needed
<cpaelzer> necrophcodr: and then dpkg install those that you modified
<cpaelzer> to continue with apt afterwards
<necrophcodr> it doesn't have to be a good way either, i'm okay with hacky bullshit. i guess i'll have to do multi stage, so one downloading the packages and "fixing" the scripts, and one actually installing it
<necrophcodr> unless the downloading of it doesn't install the script which is probably the case
<cpaelzer> necrophcodr: apt is meant to do all-in-one nicely, maybe not the thing for your special case
<cpaelzer> necrophcodr: but dpkg being the lower level tool certainly can help you
<cpaelzer> necrophcodr: you can even set up --pre-invoke=command and such to do (whatever you need to do) regularly
<MacroMan> Can I get a sanity check? These UFW rules should block port 3000 right?: https://paste.ngx.cc/504bdbc1f51f1495
<TJ-> MacroMan: the default deny on INPUT will
<MacroMan> Weird. I'm running grafana and I can access the mini-http server over port 3000, when clearly I shouldn't be able to
<MacroMan> Are there any other ways through the firewall that aren't covered by my ufw status output?
<TJ-> MacroMan: is UFW appling those rules to *all* interfaces? I prefer using iptables/ip6tables to inspect rules rather than some reduced front-end
<MacroMan> TJ-: I only have one interface on this machine
<TJ-> MacroMaare the connections coming in over IPv4 or IPv6?
<TJ-> Where are testing it *from*? not the same machine?
<rh10> guys, which way better to send email notify using smtp AUTH and TLS through external mail service? i need it for script's notifications.
<rh10> from scripts actually
<Seveas> rh10: local exim with a smarthost transport that's configured properly.
<rh10> Seveas, thanks but dont suitable in my case. already use mail server for another purposes.
<sdeziel> rh10: a sendmail provider like msmtp-mta or ssmtp would do then
<Seveas> rh10: well, then configure that mailserver to do the relaying properly :)
<sdeziel> rh10: with those, you configure your relay host, username/password and that's it
<sdeziel> it's similar to running exim or postfix minus the permanently running daemons
<rh10> sdeziel, got it. seems exactly what i need https://wiki.archlinux.org/index.php/Msmtp
<rh10> sdeziel, thanks!
<sdeziel> rh10: np
<sdeziel> rh10: one word of caution though, if msmtp/ssmtp cannot relay your email right away, this email will be lost for good (no delivery retry). With msmtp, I think you get an error code on submission failure at least. That's why exim/postfix have daemons running
<rh10> sdeziel, got it, thanks for warning
<rh10> sdeziel, maybe is it real to handle, was mail send correctly, in script itself? like exit status of command or so on?
<sdeziel> the sendmail command should return non 0 on relaying failure
<rh10> sdeziel, nope. i mean in msmtp
<rh10> to prevent lost of letters
<rh10> smth like that
<sdeziel> rh10: well, many MTA provide a sendmail command implementation for compat with existing software. Installing msmtp-mta will povide you msmtp's sendmail compat shim
<rh10> sdeziel, got it, thanks!
<sdeziel> rh10: that said, with msmtp (or it's sendmail compat shim), you will only know if the email was relayed (return 0) or not (non 0)
<rh10> sdeziel, got it
<andreas> hi, can someone please accept the trusty nomination I just made in this bug: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1719671
<ubottu> Launchpad bug 1719671 in ubuntu-advantage-tools (Ubuntu Zesty) "[SRU] include recent version containing fips and livepatch" [Undecided,New]
<sarnold> andreas: done
<andreas> thanks
<gunix> any way to download a ca cert so that curl doesn't need --insecure flag any more? https://bpaste.net/show/b9dd27607487
<gunix> curl is run from a python framework and i am trying to bypass that error at linux level, making it somehow ignore the cert
<sarnold> gunix: --cacert if there's a single CA you want to trust; --capath if there's several
<gunix> sarnold: will --cacert accept the cert per user or per system?
<sarnold> gunix: I don't understand.. what do you mean?
<gunix> sarnold: if i run with user david "curl --cacert link", and after that run with user martin "curl link", will it also work for martin?
<sarnold> gunix: note that both --cacert and --capath take an argument that is a pathname to a certificate or a directory of hashed certificates
<sarnold> gunix: so if martin and david want to trust the same certificate, they both need read access to the file
<gunix> sarnold: do you have some examples with this? like a blog or something?
<sarnold> gunix: no, but the curl manpage has good details
<gunix> sarnold: is there public log to this chat?
<sarnold> gunix: yes https://irclogs.ubuntu.com/2017/
<gunix> sarnold: oh, only from yesterday. got it. thank you
<gunix> hmm it's from today too
<sarnold> gunix: logs are written every half hour or hour or something
<andreas> nacc: I believe I'm done with the ubuntu-advantage sru bug and it's ready for sponsoring
<andreas> https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1719671
<ubottu> Launchpad bug 1719671 in ubuntu-advantage-tools (Ubuntu Zesty) "[SRU] include recent version containing fips and livepatch" [Undecided,In progress]
<nacc> andreas: thank you for letting me know, i'll take a look shortly
<andreas> nacc: the bug description is huge I'm afraid. I kept the same structure that joy started and added livepatch. Since it's for 3 releases of ubuntu, it got big
<nacc> np, i've been reading the updates as they come inn
<andreas> nacc: the more interesting bits are in the beginning, and at the very end (other info, regression potential)
<nacc> andreas: ok
<jge> hey all, curious any of you here ever configured a reverse proxy to talk to backend over SSL ? so Client > (HTTPS) > Reverse proxy > (HTTPS) > Backend Server
<jge> using apache
<jge> as the reverse proxy
<jge> is this all that will suffice for the config: https://paste.ee/p/LqHSo
<jge> ^^ does not include first leg https connections from clients
<sarnold> jge: I think I hear of more people using nginx as a proxy/frontend, so if this doesn't work out keep in mind that you've got options
<sarnold> haproxy links against libssl, it might do the job too
<jge> that's true sarnold, thank you
<drab> sarnold: ftr I ended up ditching everything and figuring out a reasonable way to put nfs in a container
<drab> that samba setup was a never ending world of pain even after I figured out all the pam cifs stuff
<sarnold> drab: damn :/ what a journey
<drab> it boggles my mind how complicated it is the whole password management business... need to add new schemas to ldap, change the way you manage pwds... really not worth it unless you have to and need to support MS stuff
<sarnold> drab: what's the config like now?
<drab> sarnold: well I don't think I could have known until I tried... even with all the upfront research it wasn't obvious
<sarnold> right
<drab> sarnold: privileged container on a locked down host with zvol formatted as ext4
<drab> this allows the use of quota and all other things without having to touch the host and it's all considered relatively safe
<sarnold> drab: aha
<drab> I still have the problem I wanted to avoid of getting a container to muck with the host's kernel, but that could not be avoided at this point
<drab> since samba was not an option and neither is nfs userspace
<drab> but truth to be told it's mostly the clients that have had bad times with nfs on some accasions so we should be ok and it's still all relatively containerized and isolated from the host
<drab> plus that system offers no services other than nfs, so no logins or shells on it from anybody except IT team
<drab> so I'm ok to live with that
<drab> brb
#ubuntu-server 2017-10-24
<cpaelzer> good morning
<lordievader> Good morning
<sonu_nk> i have a linode server . installed ubuntu 14 .. can i upgrade it to ubutnu 16 without remove any ubuntu 14 setting website and other data ?
<rh10> guys, how can i send beep sound from script? for localhost using
<rh10> i need notify sound when script is done
<rh10> got it. now im using paplay from pulseaudio
<rh10> paplay /path/to/file
<rh10> but! it doesnt play sound when  it runs from cron
<rh10> all path absolute
<rh10> i tried run from user cron, from /etc/crontab - with username added
<FMan1988> maybe it does not have permission to access the file
<rh10> FMan1988, i checked it. all correctly
<rh10> plays normal when i run manually, and dont play when it runs from cron
<rh10> * when i run script manually within paplay run
<jamespage> coreycb: gosh - tl;dr - don't change /usr/bin/python - it breaks stuff
<jamespage> I must have triaged 6 bugs related to users switching that link to python3 today
<coreycb> jamespage: oh no
<jamespage> coreycb: yeah the debpython module that gets called from maintainer scripts for python modules is py2 only @16.04
<jamespage> if you see a bug with an unable to import from ConfigParser,its this type of problem
<jamespage> typically on a package install
<coreycb> jamespage: ok good to know, thanks
<albech> is it possible to roll back one upgrade? The latest postfix upgrade totally hosed my system.
<Bert_2> Hi guys, can I allow-hotplug vlan interfaces such as "eth0.20"?
<smoser> albech: you can probably:
<smoser>  apt-get install postfix=3.1.0-3
<smoser> albech: could you please file a bug describing your regression though?
<albech> smoser: was 3.1.0-3 the previous version?
<albech> smoser: looks like it will lead to some dependency issues with postfix-mysql and possibly others..
<albech> smoser: at least i can receive mails at the moment, they just arent passing through rspamd :(
<sdeziel> albech: yes 3.1.0-3 is the previous version
<sdeziel> albech: during the upgrade, did you get a prompt about a changed master.cf file?
<smoser> albech: yes, it was the previous version.
<albech> sdeziel: nope it said it would keep the old version
<smoser> nacc: when your'e in... i had a question on https://bugs.launchpad.net/maas/+bug/1444992
<ubottu> Launchpad bug 1444992 in MAAS "fastpath install duplicates iSCSI initiator names, blocking iSCSI HW" [High,Triaged]
<albech> getting lots of these (for every mail connection): https://pastebin.com/Aav8gwyu
<sdeziel> albech: can you compare the current master.cf and main.cf with those from before the upgrade?
<albech> sdeziel: they werent changed
<sdeziel> I don't know how it could have break your rspamd integration then, sorry
<albech> sdeziel: not even sure what that SMFIC_OPTNEG means
<albech> but its a real issue. letting roughly 1000 spam/minute through atm :/
<sdeziel> albech: it seems to be how postfix negotiates feature support with the rspamd milter
<albech> maybe a little less 900ish
<sdeziel> albech: could you try a manual connection yourself: nc -zv localhost 11332
<sdeziel> cause the connection timeout is weird
<albech> Connection to localhost 11332 port [tcp/*] succeeded!
<sdeziel> albech: try to check if the chroot version has the same localhost: grep localhost /var/spool/postfix/etc/hosts
<sdeziel> albech: then try connecting with IPv4 then IPv6: nc -zv4 or nc -zv6
<sdeziel> albech: anything useful logged in /var/log/mail.err ?
<albech> mail.err has another error related to the upgrade i guess: Oct 24 16:21:09 maia dovecot: imap-login: Error: SSL: Stacked error: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46
<sdeziel> OK, that's unrelated
<albech> looks fine https://pastebin.com/HkvnUqbh
<sdeziel> albech: I never used rspamd but I'd check it's logs and maybe restart it?
<albech> tried all.. logs dont show anything. i have even turned on verbose logging for the milter plugin
<albech> nc connects fine with both v4 and v6
<sdeziel> albech: I'd try to tcpdump lo and see the milter dialogue between postfix and TCP/11332
<albech> did that also, but its above my skill level to read the output
<albech> sdeziel: maybe too verbose.. let me know: https://pastebin.com/KecaXqEK
<albech> i could be wrong, but these are all ipv6 requests?
<sdeziel> looks like it
<albech> wondering why.. never told it to use ipv6
<sdeziel> IPv6 is used by default when available
<sdeziel> albech: did you try rolling back to 3.1.0-3 as suggested? You can do so for all the postfix-* packages
<albech> sdeziel: no, cause they started some dependency issues with postfix-mysql and possibly other packages.
<albech> sdeziel: think its worth a try?
<sdeziel> I'd try it if I was hammered by 900 spams/minutes :)
<albech> i prefer the spam over a non functional system. tried getting into dependency hell before. i was just stupid not doing a snapshot before the upgrade.. note to self :/
<albech> how could i grab the right version of postfix-mysql along with the 3.1.0-3?
<albech> think i figured that out ;)
<sdeziel> apt-get install postfix{,-mysql}=3.1.0-3
<albech> sdeziel: got that
<nacc> smoser: pong
<albech> sdeziel: after the downgrade the problem is still there. the pastebin is the upgrade done that caused the issue in the first place. Wondering which other packages could cause it. https://pastebin.com/p45YnyRa
<sdeziel> albech: rspamd:amd64 (1.6.4-1~xenial, 1.6.5-1~xenial) expected?
<albech> sdeziel: hmm yes i think so ;)
<albech> sdeziel: not sure why it shouldnt be
<sdeziel> albech: your milter communication is broken so it's either the initiator (postfix) or the responder (rspamd)
<albech> sdeziel: aye
<albech> could try to downgrade the rspamd then
<smoser> nacc: hm... so what happened there... we just re-generate that id every boot ?
<nacc> smoser: it should regenerate on first boot
<albech> sdeziel: how can i tell what the previous version was?
<smoser> what stops it from happening every boot ?
<sdeziel> albech: apt-get install rpamd:amd64=1.6.4-1~xenial (see the /var/log/apt/history.log you pasted)
<nacc> smoser: /etc/init.d/iscsid itself (which calls /lib/open-iscsi/startup-checks.sh)
<nacc> smoser: and overwrites GenerateName=yes with a real id
<sdeziel> albech: is it working better now?
<smoser> nacc: ok. i trust. wasnt clear in my memory.
<albech> sdeziel: E: Version '1.6.4-1~xenial' for 'rspamd' was not found
<albech> trying to get the old version
<sdeziel> albech: maybe the old package is still available in the PPA, please paste "apt-cache policy rspamd"
<nacc> smoser: so, in theory, if you d/l the image and examine it without running it, it should have GenerateName=yes in it. But if you launch an image, when iscsid starts it will generated a new IntiatorName value and store it there. That image will keep that for its life. If you snapshot it and launch it again from there, it should keep it too. But if you spawn a new one from the cloud image, it should get
<nacc> a new Name
<nacc> smoser: that was our test in devel, and what looks to be the result in xenial
<albech> sdeziel: doesnt look like it: https://pastebin.com/WZ0KfMiU
<sdeziel> albech: check in /var/cache/apt/archives
<albech> sdeziel: no only rspamd_1.6.5-1~xenial_amd64.deb
<sdeziel> albech: they've made many milter related changes according to https://github.com/vstakhov/rspamd/releases/tag/1.6.5 so it really looks like a regression
<albech> sdeziel: :(
<sdeziel> albech: with 1.6.4 but looks similar https://github.com/vstakhov/rspamd/issues/1869
<sdeziel> albech: at this point I think you should hop in #rspamd
<albech> sdeziel: i am trying.. thanks for your help.. appreciate it
<sdeziel> np
<rbasak> nacc: can you happen to think of a good example package for considering the commit graph change?
<teward> i owe the server team an apology today.
<teward> there was an emergency that took my attention - a close friend of mine got in a car wreck and i needed to make sure they were okay.  (I was at the hospital all morning...)
<teward> my apologies for not being here or letting anyone know, i only found out about the accident this morning so...
<dpb1> ugh
<dpb1> I'm sorry teward, best wishes to your friend
<teward> dpb1: tell me about it
<teward> dpb1: they're a bit screwed up right now, and not entirely there in the head right now due to the morphine, but they're alive.
<dpb1> :/
<teward> broken bones, lots of cuts and bruises, and a major concussion
<dpb1> yuck, lucky to be alive indeed!  sounds like a major accident!
<teward> i'd have let someone know but i kinda left everything at my apartment when I bolted out the door this morning...
<teward> ... ended up leaving all of my devices at home.
<teward> dpb1: sedan vs. truck.  yeah pretty major.
<teward> they were in the sedan
<dpb1> teward: no worries at all.  an irc meeting is very insignificant
<powersj> teward: no apology needed
<powersj> teward: I did put you down again for next week, so let me know if I should change that
<teward> powersj: you can leave me listed there for now.  i'll try and let you know if I can't make it.
<rbasak> teward: :-(
<rbasak> Best wishes to your friend, and no apology needed :)
<sudormrf> question about MDADM. I have a 4 bay case with 4 drives. I am going to set up RAID10, but I have data on one of the drives. What I want to do is this: create an array out of 2 disks, copy the data over to that array, then add 2 more disks to it resulting in RAID10. Is this possible to do without a 5th drive to first copy the data to?
<sudormrf> I believe it should be
<teward> sudormrf: to do the RAID array will nuke the disk data.  you'll need to back up the data you want to keep first, if I'm not mistaken.
<sudormrf> teward: to get it to a RAID10 state, you mean. correct?
<teward> sudormrf: is it currently RAIDed?
<sudormrf> negative
<sudormrf> JBOD right now
<teward> sudormrf: in *theory*, maybe.  But I'm not as well versed in RAID10; in theory you can create the array with the other disks, and leave it in a degraded state by marking the first disk as missing, then copy the data onto the array, then extend the array onto the original first disk.  But, I can't guarantee you wont lose data this way either
<teward> so you should probably do a backup first.
<sudormrf> hmmm
<nacc> rbasak: off the top of my head -- no, but anything that successfully imports should work fine. ipsec-tools might be reasonably quick
<dpb1> sudormrf: I think the general advice is to rebuild from scratch as raid10 and copy your data.  But, It does appear to be possible to go from raid0 to raid10 now.  So, I suspect you could do as you are expecting.  I would build a VM and try it out first.
<sdeziel> sudormrf: you should be able to create your array in degraded mode (with one drive missing)
<sudormrf> sdeziel: hmm. ok.
<sudormrf> dpb1: I will give it a go.
<sdeziel> sudormrf: so if you put all your data on one drive, create the RAID10 with the other 3 drives you should then be able to copy the data to the RAID then recycle the single drive by joining it into the array
<sudormrf> I've only built em from scratch before, so this is a bit of uncharted territory for me
<sudormrf> rad
<teward> quick check with the server team:
<teward> with the upcoming cycle approaching LTS, should I be focusing on nginx mainline in B-series, like we did for Xenial with a post-release targeted update to the stable version
<teward> if there's no objections :p
<sdeziel> sudosmurf: I just tested this with loop devices and it works well :)
<sudosmurf> sdeziel: build array in degraded status?
<sudosmurf> so you just give it 3 device names instead of 4?
<sdeziel> sudosmurf: yes, built it with: mdadm --create /dev/md3 --run --level=10 --chunk=4 --raid-devices=4 /dev/loop{0,1,2} missing
<sdeziel> sudosmurf: then later on, I added loop3 to the mix
<sudosmurf> rad. what are loop devices, BTW?
<Walex> sdeziel: building RAID5 and especially RAID6 sets in degraded status is recommended as it can be much faster
<Walex> sdeziel: in the case of RAID5 it is actually sort of automatic
<sdeziel> Walex: hmm, didn't know that, thx
<sudosmurf> Walex: good info :). In this case the array is going to be RAID10.
<sdeziel> sudosmurf: loop devices are devices backed by files to simulate a disk. In other words, I didn't want to test with 4 physical disks so I used plain files instead
<sudosmurf> oh neat
<sudosmurf> TIL :D
<JanC> "recommended" depends on how you consider the risks of running without redundancy for as long as it takes to sync the redundant disk...
<JanC> sdeziel: you can also use in-memory block devices for testing instead
<sdeziel> JanC: interesting TIL about the brd module
<albech> been having some problems after an upgrade and notice that the following packages has been kept back: python-cryptography python-openssl python-requests python-urllib3 python3-requests python3-urllib3. Could it possibly be related to this? Can i force the install of these packages?
<sdeziel> albech: it would be pretty surprising if those were involved with the milter problem that you faced earlier
<sarnold> something like apt-get install python-cryptography python-openssl python-requests     ought to explain -why- they were held
<albech> sdeziel: dont know how much of rspamd is written in python.
<sdeziel> albech: any success in rolling back rspamd itself?
<albech> sdeziel: none
<albech> sdeziel: #rspamd is pretty quiet about the issue.. i cannot be the only one facing it
<albech> sdeziel: its a pretty standard build i have.
<sdeziel> albech: can you paste "apt-cache show rpamd"
<albech> sdeziel: but at least you gave me some good tips on the trouble shooting which i have forwarded to the channel.
<albech> https://pastebin.com/dr7iyw3n
<sdeziel> albech: this rspamd package not being provided by Ubuntu/Canonical means that you depend on rspamd upstream to help you with it
<albech> sdeziel: aye
<sdeziel> albech: none of the dependencies are related to python
<albech> sdeziel: dont think its in the ubuntu repo at all
<sdeziel> albech: it's not indeed
<sdeziel> albech: libicu55 was updated yesterday (security), so could be a regression in there, dunno
<albech> sdeziel: ok. i will pass that on to #rspamd for troubleshooting.. thanks
<sdeziel> albech: that said, my money would be on a regression with rspamd's new version
<albech> sdeziel: 8:15:03 PM - cebka: albech: I doubt it is related to 1.6.5
<albech> sdeziel: guess he should say that ;)
<albech> sdeziel: not much help from #rspamd except: 9:36:57 PM - cebka: IDK 9:37:05 PM - cebka: your system is definitely fucked up.
<sdeziel> albech: that's a helpful remark ;)
<albech> sdeziel: very constructive ;)
<albech> sdeziel: when trying to access rspamd's webinterface i am getting the following: https://paste.ubuntu.com/25812383/
<albech> sdeziel: so its not only the milter
<albech> sdeziel: i cannot read much from that tcpdump
<sdeziel> albech: looks like your GET goes unreplied
<albech> sdeziel: but at least it tells me that one more of the rspamd components arent working as expected.
<sdeziel> albech: you could strace the rspamd process and see what it's doing
<albech> sdeziel: let me try
<sdeziel> albech: but before doing that, have you been able to get some help to access rspamd's logs?
<albech> sdeziel: still only very little in the logs and #rspamd said it was expected stuff.
<sdeziel> albech: this is IMHO off topic since rspamd isn't even shipped in Ubuntu so to not annoy folks in here, I propose we move to a private conversation
<albech> sdeziel: fair enough, sorry to the #
#ubuntu-server 2017-10-25
<kklimonda> are there any http://cloud-images.ubuntu.com mirrors on the US west coast? I'm seeing transfer speeds of 200-300KB/s using the main location
<lordievader> Good morning
<albech> is there anything like selinux on ubuntu installed by default that could prevent connections to localhost services?
<lordievader> Apparmor
<albech> lordievader: can it be completely disabled for troubleshooting?
<lordievader> No idea, sorry. My knowledge beyond the name is severely limited.
<rbasak> albech: yes
<rbasak> albech: https://help.ubuntu.com/community/AppArmor
<rbasak> Complain mode is sufficient for troubleshooting (then it won't actually block stuff)
<Odd_Bloke> kklimonda: I don't believe that there are, I'm afraid. :(
<rbasak> nacc: what does it mean for importer.py:_update_devel_branches to be called with spi=None?
<nacc> rbasak: i believe it is only used by --fixup-devel
<nacc> rbasak: which can be dropped when we reimport
<rbasak> nacc: I don't understand what _update_devel_branches is defined to do. I mean it obviously updates the devel branches, but under what circumstances does it do what?
<rbasak> nacc: I'm here because I'd like to see what happens if the devel branches are also hard reset instead of extra merge commits added.
<nacc> rbasak: can we chat in the standup? or just after onn irc? nneed to make coffee
<rbasak> Sure
<rbasak> I'm having dinner straight after the standup but can reappear after that.
 * genii 's ears perk up at the mention of coffee, goes to make a pot
<nacc> genii: :)
<nacc> rbasak: thakns
<keithzg> Huh, well that's weird, I updated a fileserver that hasn't been touched in a while and now resolv.conf isn't listing anything
<keithzg> (updated and rebooted, I should say)
<keithzg> I swear, resolvconf is more trouble than its worth :P
<sionronin> keithzg, yep pretty sure resolv.conf gets reloaded after each reboot
<sionronin> that or dhcp or some other service writes on reboot
<sarnold> I think we're ditching resolvconf for future releases, no?
<keithzg> sarnold: Oh, is it going to be handled by some systemd component or such? (Hopefully better than time is :/)
<keithzg> sionronin: Oh yeah, definitely. Just normally it writes out some values, rather than merely the header which states that it was written out, hah, which isn't terribly helpful then
 * keithzg is gonna reboot the server once people are home for the day and see if it happens again, then investigate further if so
<keithzg> Boy, I do love unattended-upgrades, it really does make a sysadmin's life a lot easier :)
<notdaniel> i hope that was sarcasm
<dpb1> keithzg: :)
<keithzg> It legitimately wasn't sarcasm!
<keithzg> I can always disable unattended-upgrades if I want to, but I tend to at *least* put it to install security updates automatically.
<notdaniel> i'm sure it is a great thing most of the time
<notdaniel> it however was the bane of my existence for a while on aws
<keithzg> fair enough
<keithzg> I'll admit I don't have it enabled on my one EC2 instance
<keithzg> All the little KVM guests at work, though, it just makes 'em hassle free
#ubuntu-server 2017-10-26
<drab> the only thing that bugs me about unattended upgrades is when the job is running at the same time I need to run ansible and any apt related task fails because of the lock
<drab> that's quite annoying, then I have to wait for it to finish
<drab> I'll probably remove it once I have ansible running nightly
<nacc> drab: yeah that can get frustrating :)
<lordievader> Good morning
<dduvnjak> is there any way to simulate a dpkg lock on /var/lib/dpkg/lock? something like run an apt-get command that will wait and leave the file locked
<friendlyguy> morning! i am wondering where to install grub in a software raid 1
<friendlyguy> i am currently in the setup wizzard and just got asked where to install grub... and to be honest... i dont know :)
<friendlyguy> one of the member disks... feels wrong
<lordievader> Is it hardware raid or software?
<friendlyguy> software
<friendlyguy> and giving both devices to the wizzard results in a error
<lordievader> Then all the members of the raid.
<lordievader> Yeah, the installer is not very intelligent. You probably want to select one and do the rest manually.
<friendlyguy> i tried to enter /dev/sda together with /dev/sdb but this results in a fatal error
<friendlyguy> ah, ok
<friendlyguy> even choosing a single one doesnt work
<friendlyguy> and also not via the shell
<friendlyguy> grub-installer fails
<friendlyguy> /dev/sda/proc not a directory
<friendlyguy> ah, i think i need the --root-directory option
<friendlyguy> not available
<friendlyguy> grrrreat :)
<friendlyguy> what to do now?
<ikonia> what exactly are you trying to do
<ikonia> as things like /dev/sda/proc make no sense
<friendlyguy> yup, but this is what grub-installer gives when i run "grub-installer /dev/sda"
<friendlyguy> same for sdb
<friendlyguy> it seems like i cant install grub
<friendlyguy> i am still in the setup wizzard of ubuntu
<friendlyguy> i tried to install grub to one of the two member disks of a software raid1
<friendlyguy> (i also tried to install it to both with "grub-installer /dev/sda /dev/sdb")
<friendlyguy> but nothing seems to work
<friendlyguy> also selecting the disks in the ncurses gui (the wizzard is a ncurses gui, right?) does not work
<friendlyguy> i also read: https://help.ubuntu.com/community/Installation/SoftwareRAID
<friendlyguy> but the command "grub-install" isnt available during install
<ikonia> why are you trying to install grub
<ikonia> what is the actual problem here ?
<friendlyguy> i want the system to be able to boot?
<ikonia> why is it not booting
<friendlyguy> its a fresh system
<ikonia> right, why is it not booting
<friendlyguy> i suppose it wont without grub
<friendlyguy> i am still in the installer, so i didnt actually try
<ikonia> the installer will install grub
<friendlyguy> where?
<friendlyguy> how?
<ikonia> why are you manually installing grub
<ikonia> the installer installs grub and configures it as part of the install
<ikonia> just follow the installer and when it reboots at the end, grub is there
<friendlyguy> because selecting one of the two member disks of the software raid1 does not work
<ikonia> define doesn't work
<friendlyguy> "install the grub bootloader on a hard disk" -> install grub to the mbr? - yes -> device for bootloader installation: - /dev/sda -> force grub installation to the efi removable media path?" - no -> "executing "grub-install /dev/sda" failed". this is a fatal error
<friendlyguy> sda as well as sdb are member of a software raid1 (mdadm, not some pseudo hardware raid stuff)
<friendlyguy> (nor real hardware raid)
<ikonia> are you selecting sda/sdb for the grub install, or is the installer suggesting them
<friendlyguy> i am selecting
<ikonia> does it not offer the meta device
<friendlyguy> nope
<ikonia> so what does it offer
<friendlyguy> sda sdb and my flashdrive
<friendlyguy> (flashdrive==install stick)
<ikonia> so is sda %100 the hard disk and not been reordered to be the hard disk
<ikonia> to be the Usb disk sorry
<friendlyguy> yes it is
<ikonia> it is the hard disk ?
<friendlyguy> shows the type (samsung-ssd) next to it
<ikonia> (just to clarify)
<ikonia> ok
<ikonia> you'll need to get the logs of what it thinks is failing
<ikonia> as the raid device actually started
<friendlyguy> where can i get them?
<ikonia> sorry, my typing is shocking
<ikonia> is the raid device actually started
<friendlyguy> i guess
<friendlyguy> system setup went fine
<friendlyguy> i have lvm on top of the raid, this worked fine as well
<friendlyguy> maybe my first try with /dev/sda as well as /dev/sdb fucked it up
<ikonia> so can you see the meta device running currentyly
<ikonia> friendlyguy: please don';t swear, there is no need for it
<ikonia> a failed grub install will not break anything
<ikonia> so I doubt that has caused you a problem
<friendlyguy> okay
<friendlyguy> how can i verify if its running correctly?
<ikonia> look at the status of the meta devices
<friendlyguy> /proc/mdstat shows md0 as active with sda as well as sdb
<friendlyguy> ah, sda1 and sdb1
<ikonia> ok, so thats good, so if you apply to md0 it should filter to sda and sdb
<ikonia> however if it's not offering you that option thats a problem
<ikonia> manually applying to /dev/sda and /dev/sdb should work fine too
<friendlyguy> like grub-installer /dev/md0?
<ikonia> friendlyguy: well no, you shouldn't really do that, the installer should offer it
<friendlyguy> ok, and if it doenst? :)
<friendlyguy> applying to sda and sdb doenst work either
<ikonia> thats why I said you need to understand why the application to /dev/sda and /dev/sdb is not working
<ikonia> what's causing that problem
<friendlyguy> if i run grub-installer /dev/sda (or sdb) it fives /dev/sda/proc not a directory
<ikonia> you shouldn't be manually running that
<friendlyguy> okay, what should i do
<ikonia> I'd be keen to see why the autoamted install to /dev/sda is failing
<friendlyguy> where can i find the corresponding log?
<ikonia> there should be logs in the sessions /var/log directory
<ikonia> is /proc mounted in your installer environment
<friendlyguy> it is
<friendlyguy> ok, from syslog
<friendlyguy> there are several entries for grub-installer
<friendlyguy> file descriptor [3,4,5,6] leaked on vgs invocation
<friendlyguy> also /run/lvm/lvmetad.socket: connect failed: no such file or directory
<ikonia> the lvm stuff shouldn't matter
<friendlyguy> ah, found something about gpt
<lordievader> What did you find?
<friendlyguy> "this
<friendlyguy> this gpt partition label contains no bios boot partition, embedding wont be possible
<lordievader> Ah, yes. That is true. Did you partition the disks yourself?
<friendlyguy> error: embedding is not possible, but this is required for raid and lvm install
<friendlyguy> yes
<lordievader> And you didn't create the bios boot partition?
<friendlyguy> nope
<lordievader> That is why the grub install fails.
<friendlyguy> i didnt aim to use uefi
<friendlyguy> i was planning on legacy boot
<lordievader> Yes, uefi requires an esp partition. Bios on gpt requires a partition to be marked as bios_boot.
<friendlyguy> so i MUST use uefi?
<friendlyguy> ... well then, start over again
<lordievader> No, read what I am saying.
<lordievader> You can use bios with gpt, but you need to make an additional boot partition and give it the bios_boot flag.
<friendlyguy> hi there, back again
<friendlyguy> my desktop just died
<friendlyguy> :(
<friendlyguy> its one of those days...
<friendlyguy> about gpt... why is gpt used anyway?
<friendlyguy> i have 2 120gb ssds in this server
<friendlyguy> and i dont want to use uefi boot
<friendlyguy> however, it seems like i cant get a mbr partition table from the partmanager
<lordievader> Gpt is newer and for uefi mandatory.
<lordievader> It also has two backups wheras mbr only has one.
<friendlyguy> ok, i was planning on a raid1 with lvm on top and 2 lvs: root and swap
<friendlyguy> what i didnt get: can i create the additional partition within lvm or does it have to be on a "lower" level?
<lordievader> Lvm creates block devices essentially, what you do with them is up to you.
<friendlyguy> yeah, but about grub and the "missing" partition
<lordievader> Oh, in your partition table you want something like: 1. 200Mb /boot. 2. x Gb mdraid
<friendlyguy> :) thanks
<friendlyguy> okay, now i have 2 disks(sda and sdb) and i created 1 partition on each of those, its 200mb /boot and both have a boot flag and are formatted fat32
<friendlyguy> i then created the raid1 with the free space on sda and sdb
<friendlyguy> is that how it should be?
<albech> anyone know where to place own filters for fail2ban, so they are not overwritten.
<friendlyguy> (just to verify)
<lordievader> friendlyguy: Oh, wait I'm making an error.
<lordievader> You want 1. bios_grub 2mb, 2. /boot and 3. mdraid.
<friendlyguy> i am wondering about /boot
<friendlyguy> shouldnt that be on raid?
<friendlyguy> to be honest, the complete layout is unclear to me
<friendlyguy> can someone show me some docu how i have to partition that?
<friendlyguy> because having boot NOT on raid1 will result in one of the member disks being unable to boot
<friendlyguy> i am pretty sure on that
<friendlyguy> in the meantime ill try to have those bios_grub partitions as well as the raid, but no seperate boot#
<friendlyguy> try and error ftw
<freakyy> what's the best tol to make backups?
<freakyy> *tool
<andol> It all depends.
<freakyy> i own a root server, and i want to backup onto my 1TB Backupspace server ;D
<andol> Do you want to push or pull? Which of the servers do you trust more? How much data do you have which needs to be backed up?
<freakyy> i have around 300GB per full backup. i need space for 2 i think? backups should be encrypted. i think i want to push. the backup server has no pull capabilities ;D
<andol> http://duplicity.nongnu.org/ might not be a bad choice then.
<freakyy> andol ok so can i just use duply? :D
<andol> No idea, I have never used it.
<freakyy> ok thanks :)
<friendlyguy> erm... i just installed mariadb-server, but i didnt get asked for a root-pw... is this "normal"?
<rbasak> friendlyguy: yes Unix authentication is used by default now for localhost connections
<friendlyguy> ah, thanks :)
<friendlyguy> i kept wondering about that
<ZenThief> I'm learning Ansible and remotely created a non-root user on ubuntu. I see examples deleting root password afterwards. Why would I want to do this?
<ZenThief> Just a question for anyone here. I'm new to IRC. Can you see my messages? Please confirm.
<nacc> ZenThief: yes
<nacc> ZenThief: there is a test channel for such things
<ZenThief> Thanks nacc, I'll search for it.
<rbasak> nacc: sorry, my marking of Triaged for bug 1727590 was perhaps premature.
<ubottu> bug 1727590 in usd-importer "'git ubuntu build-source -v --sign --for-merge' uses Debian instead of Ubuntu containers" [High,Triaged] https://launchpad.net/bugs/1727590
<shadoxx> Is this a good question to ask a question about an MaaS issue I'm currently having?
<shadoxx> err, good place.
<dpb1> there is a #maas channel, I think
<shadoxx> So there is. Thanks dpb1 !
<adac> my freshly installed ubuntu from iso is stuck with /dev/sda1 clean message
<adac> installed it from iso onto KVM machine
<adac> any ideas what might cause that?
<shadoxx> adac: trying hitting enter on the kvm keyboard a bunch of times
<adac> shadoxx, tried that, does not help :/
<TJ-> adac: fo you mean KVM as in Keyboard/Video/Mouse or as in Kernel Virtual Machine?
<shadoxx> Well, I'm all out of ideas. I'm battling a similiar issue. Pretty sure it's interrupt related, since generated interuppts causes it to contiue
<shadoxx> Figured it's probably getting hung up on the entropy generator
<shadoxx> but that's just a guess
<adac> TJ-, shadoxx I'm using virt-manager and there i can enter the console
<adac> But enter does not help :/
<TJ-> Does booting with "debug" or "systemd_loglevel=debug" help with more info?
<TJ-> adac: how about the "Ctrl+Alt+F1 through F7 combinations to switch ttys ?
<adac> TJ-, hmm that combination does put my host into that mode not the KVM machine unfortunately
<adac> :/
<kklimonda> are there statistics on how much space does each  release take, split by components?
<adac> TJ-, I can send a key via menu in the virt-manager
<adac> now I can login
<dpb1> kklimonda: https://wiki.ubuntu.com/Mirrors
<dpb1> kklimonda: that's the closest I know of
<kklimonda> dpb1: well, the 1.1TB is probably right, but that's whole archive - the 4.4GB for xenial sounds like size of CD/DVDs and not archive - e.g. xenial universe is >50GB for amd64
<dpb1> kklimonda: also, look at this and all the links off.
<dpb1> https://insights.ubuntu.com/2017/08/31/running-an-ubuntu-mirror-with-juju/
<dpb1> I'm not sure you'll get specifically the per-component break down you are interested, but you can probably get close.
<kklimonda> thanks, I'll take a look
<nacc> rbasak: do we wannt to resolve upload tags vs. hash in dsc and how both relate to the importer before 1.0?
<xnox> rbasak, i'm not sure if you are the right person to ping, the new git-ubuntu stuff, could it please setup by default .dput.cf to upload things to "ppa" and launchpad over sftp?
<nacc> xnox: i'll file htat as a bug
<xnox> meaning method=sftp login=lp_account_id
<nacc> xnox: as of right now, we don't wrap dput
<xnox> because e.g. even slangasek doesn't have it =/
<nacc> xnox: it's on the future roadmap, though
<nacc> :)
<xnox> nacc, ack, will you one the bug, or shall i? and where is the bug tracker?
<nacc> xnox: filinng it now: https://bugs.launchpad.net/usd-importer/+filebug
<xnox> tah
<nacc> xnox: LP: #1727883
<ubottu> Launchpad bug 1727883 in usd-importer "dput wrapping should use specific options" [Undecided,New] https://launchpad.net/bugs/1727883
<nacc> xnox: feel free to flesh it out more, but i think i got the gist
#ubuntu-server 2017-10-27
<drab> that issue of boot being stuck on /dev/sda1 is an annoying one that bit me in the past
<drab> and it's not KVM specific
<drab> it happens on baremetal too for me
<drab> and indeed it's just a vt problem, hit alt-f1 and you have the login prompt, so nothing is actually stuck
<drab> can't figure out even what promt that is, becaue I can't back to it with any of the F keys
<dpb1> drab: do you have a picture/video of the issue?
<rbasak> xnox: why sftp?
<xnox> rbasak, because it is encrypted, unlike annonymous ftp. And people should not be uploading security/embargoed/nda packages over unencrypted (default) channels.
<rbasak> Is that the only encrypted channel available? Is HTTPS available, for example?
<rbasak> nacc: I think that's in our roadmap?
<rbasak> (yes)
<friendlyguy> hi there! i am wondering which is the right config file for mariadb on 16.04.3
<friendlyguy> there is conf.d as well as mariadb.conf.d
<friendlyguy> is it mariadb.conf.d/50-server.cnf ?
<rbasak> Frickelpit: mariadb.conf.d for MariaDB-specific configuration. In case you have a MySQL client installed as well, for example.
<rbasak> Though that combination will likely break things, separating the configuration allows you to switch more easily.
<Frickelpit> rbasak: no, i use postgresql but thanks for the hint ;)
<rbasak> Oh I'm sorry.
<rbasak> That was for friendlyguy, who has left. Autocomplete failure.
<Frickelpit> np :)
<tomreyn> of course he left -you didnt repsond within 60s!
<tomreyn> ok 120
<rbasak> Never mind. I'm only the Debian MySQL maintainer who wrote the MySQL/MariaDB configuration file management mechanism for Debian and Ubuntu :)
<adac> Guys, how do I completely clean iptables (iptables-persistent)?
<sdeziel> adac: if you want to stop applying any firewall rules, purging the iptables-persistent package and rebooting should do what you want
<adac> sdeziel, ok Trying to purge it then, thanks
<sdeziel> adac: hmm, there is an easier way: service netfilter-persistent stop
<sdeziel> (or iptables-persistent)
<adac> sdeziel, what happesn when I restart service iptables-persistent start again?
<sdeziel> adac: it will bring the old rules back
<sdeziel> adac: stopping the service purges the currently loaded rules and ACCEPT everything
<adac> sdeziel, hmm I see. Yeah I woulld like to have a command where I can erase these old rules from iptables-persstent
<sdeziel> adac: like erase and start fresh or erase and get rid of iptables?
<adac> sdeziel, like completey wipe out all rules
<sdeziel> adac: OK then stop the service and purge the package
<adac> sdeziel, kk Will do that. thank you!
<sdeziel> np
<nacc> rbasak: i meant it is in 'future', which to me is still nebulous :)
<rbasak> nacc: we could move it to 1.0 I suppose. I think we should do it soon, but whether it should be 1.0 or a 1.1 is debatable I think.
<nacc> rbasak: yeah, it feels like the importer is the only 1.0 goal -- everythig else (cli changes, etc, which are independent of the hashes) are now get done whenever, but not blocking 1.0
<nacc> rbasak: or were we talking about different "it"s?
<rbasak> nacc: I agree
<rbasak> nacc: https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+ref/commit-graph-v2
<rbasak> nacc: you want a resubmit MP for that?
<nacc> rbasak: i think that would be good, as it will trigger a jenkins ru
<rbasak> OK I'll do it now.
<nacc> rbasak: you may eed to rebase onto latest master?
<nacc> *rebase
<nacc> that doesn't affect the jenkins run, but will affect the meaing of the result and the actual merge :)
<rbasak> Oh
<rbasak> I did the MP already.
<nacc> rbasak: it's ok
<rbasak> I can rebase and force push. Will that work?
<rbasak> https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/332925
<nacc> rbasak: yep
<nacc> rbasak: it might lead to two jenkins jobs, but that's ok
<rbasak> OK rebased and pushed. I had a few merge conflicts but I think I resolved them correctly.
<nacc> rbasak: thanks
<andreas> is it common to have fakeroot in the build-depends bit of d/control?
<andreas> I have debhelper already, and everything else I need, but dpkg-buildpackage is complaining that fakeroot isn't installed
<andreas> I thougnt it would be installed indirectly, but maybe I have been installing devscripts too often
<andreas> this is on zesty
<nacc> andreas: dpkg-dev recommends fakeroot
<andreas> I have it, but didn't have fakeroot
<andreas> debhelper pulled in dpkg-dev
<nacc> andreas: i believe you can pass -r to tell it to use something other than fakeroot
<nacc> which is why it's a recommends and not a depends
<andreas> so every source package out there that does not have fakeroot in the build-depends list can only be built with a -r parameter?
<andreas> or maybe our builders install recommends by default?
<nacc> andreas: dunno
<hallyn> rharper: around?
<hallyn> is 'qemu-nbd -c' supposed to be reliable, i.e. not return until /dev/nbd0 is really available?
<rharper> hallyn:
<rharper> it's not
<rharper> we had a bug in mount-image-callback related to that
<rharper> some race between the kernel and the dm layer IIRC
<rharper> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1628336
<ubottu> Launchpad bug 1628336 in linux (Ubuntu Yakkety) "mount-image-callback cannot mount partitioned disk image" [Medium,Fix released]
<rharper> some folks use udevadm settle inbetween qemu-nbd -c and whatever else they want to run
<rharper> hallyn:
<hallyn> rharper: is udevadm settle reliable for that?
<hallyn> if so, excellent
<rharper> I think the blkdev reread in the bug is better
<hallyn> looking,
<rharper> udevadm settle just pokes to see if any events need processing, where as the reread is more likely what's needed
<hallyn> rharper: so with that you think it woudl be reliable?  Debating whether to spend the time doing loopback with offset mounts...
<hallyn> if nbd will ever fail then it's worth it, ...
<rharper> why not kpartx ?
<hallyn> well i dunno,
<rharper> you need nbd to do format to block device, then you need the kernel to probe for partitiions etc, and the kpartx will map the partitions to md (doing the offsets for you)
<rharper> s/do format/translate format
<rharper> have you looked at mount-image-callback ?
<rharper> in cloud-image-utils
<hallyn> hm.
<rharper> it's most certainly going to be what you want
<rharper> lets you mount up images, and chroot to run stuff in them, it supporst bind mounting system mount points inside and copying in/setup/cleanup resolv.conf so you can apt-update, etc
<hallyn> i have LVM lvs on partition 2...
<hallyn> if blockdev --rereadpt /dev/nbd0 is going to work...
<rharper> should be fine, kpartx will do the right thing;  do your qemu-nbd, then kpartx -l /dev/nbd0; it'll show you the mounts it'll make
<rharper> pretty sure m-i-c handles lvm inside as well
<rharper> well, maybe just the kpartx; I can't say I've tried m-i-c with lvms inside; but kpartx will work for you (instead of your doing the offset mount yourself)
<hallyn> a veritable menu of options :)
<hallyn> so kpartx should end up faster than using nbd i assume
<sdeziel> hallyn: "kpartx -s" will wait for the partitions to be created before returning
<rharper> well, you need qemu-nbd if you have non-raw
<rharper> if you have a raw then just kpartx
<rharper> if you have qcow2 or vmdk or someother non-raw format that needs translated then you need qemu-nbd
<hallyn> just raw
<hallyn> thanks rharper and sdeziel !
<sdeziel> np
<hallyn> (actually i'll probably switch to qcow2 anyway to not have to worry about maintaining sparse file)
<rharper> no!!!
<hallyn> i half expected that reaction
<rharper> do you want your data or not?
<hallyn> well , you know ,
<hallyn> kinda
<rharper> =)
<sdeziel> qcow2 eats data?
<rharper> it's complicated but qcow2 is not a simple format;  years ago we pushed on a simpler format that just did cow and a few other things
<sdeziel> qed?
<rharper> the metadata modification was large overhead to the format for high performance io; subsequently upstream qcow2 maintainers did a ton of work to clean up and improve performance which has made a huge diff
<rharper> yea, qed
<rharper> that pushed the buttons to get qcow2 into shape
<hallyn> but did qed ever get var enough to be usable?
<rharper> absolutely
<rharper> it was raw + cow
<hallyn> right i thought qed pushed qcow2 to be usable, and now qcow2 was acceptable
<rharper> the format is still complicated
<hallyn> ok
<sdeziel> thx for the info. Personally I only use zvols or LVs
<hallyn> well raw makes it easier to twiddle teh data later so i'll heed yoru warning and stick with that anyway
<rharper> you can look at the internal coroutines needed to handle metadata writes;  I'm an always raw person
<hallyn> just trying to decide whether to try figuring out how to use kpartx for this
<rharper> kpartx -va /path/to/raw; mount /dev/mapper/loopNp3 /foo
<hallyn> or just use blockdev which is working .
<rharper> umount /dev/mapper/loopNp3 ; kpartx -vd /path/to/raw
<hallyn> that sounds ideal
<rharper> I think for lvms you get different names under mapper
<rharper> but you'll see it
<rharper> kpartx -l /path/to/raw will show you what it'll add without doing it
<hallyn> ideally i'd have an easily parsable output line to tell me which loop device to use;
<hallyn> but i'll play with it.
<hallyn> thanks again!
<rharper> it does
<hallyn> it looks like it gives a lot of output, but i shoudl be able to do | grep loop | head -1 | awk ...
<rharper> http://paste.ubuntu.com/25832415/
<rharper> that's some bash I had when parsing the output for picking out partitions
<hallyn> fmt is new to me
<hallyn> nice
<hallyn> rharper: but you're doing udevadm settle there?
<sdeziel> hallyn: I'm pretty sure you can skip that by using kpartx -vas
<hallyn> yeah the manpage sure suggests so :)  thx
<rharper> yeah, old code; could/should have used -s
<DaddyEric> hey got a quick question, i installed ubuntu server minimum server for vmware
<DaddyEric> i cannot seem to get a #!/bin/bash script working
<DaddyEric> and yes in the bash script it has sudo before the commands
<DaddyEric> has anyone had this problem before, and yes i did search
<sarnold> what errors are you getting?
<nacc> DaddyEric: your statements don't seem to go together (logically, to me)
<DaddyEric> sudo: unable to execute ./multicraft-setup.sh: No such file or directory
<DaddyEric> Hangup
<nacc> DaddyEric: care to pastebin the script?
<nacc> DaddyEric: and presuambly the directory you are running it in's `ls -ahl`, if you are using relative executionn in your script
<DaddyEric> https://hastebin.com/gutecaheza.txt
<DaddyEric> yes it in fact is
<nacc> DaddyEric: is this ... a hack to not use ansible or any number of other system management tools?
<nacc> DaddyEric: 1) you are using /bin/sh, not /bin/bash
<DaddyEric> yes i changed that
<DaddyEric> and it still does not work
<nacc> DaddyEric: 2) i see no mention of multicraft-setup.sh
<sarnold> not you're not using /bin/sh but bin/sh
<nacc> sarnold: ha! :)
<DaddyEric> i know that i tried both
<sarnold> try changing #!bin/sh to #!/bin/sh
<rsx> DaddyEric: dos it have execution flag? i.e. chmod +x
<DaddyEric> i would not be here if it didnt
<nacc> DaddyEric: ok, no need to be short, you came here for help :)
<sarnold> DaddyEric: line 78 looks suspect
<nacc> DaddyEric: can you pastebin the exact command you ran and the exact output
<sarnold> DaddyEric: change the 'sudo cd' to 'cd
<nacc> DaddyEric: also line 73
<sarnold> DaddyEric: line 73 too
<nacc> I feel like this script seems pretty .. bad
 * sarnold ^5s nacc 
<nacc> way too much sudo
<sarnold> aye
<DaddyEric> i do that in case the user perms does not have permission for that directory
<sarnold> it's better to just make the user run sudo ./script
<DaddyEric> yes and i have tried all of that
<nacc> DaddyEric: still no invocation or exact output
<DaddyEric> i would not be here asking for help if i did not know how to do that
<DaddyEric> i try sudo ./multicraft-setup.sh
<nacc> DaddyEric: also, consider using #!/bin/bash -x (or calling it with /bin/bash -x /path/to/script) so we can see what lie it's failig at
<DaddyEric> and i get the bad filename
<sarnold> nacc: good idea
<nacc> DaddyEric: `ls -ahl .`
<nacc> DaddyEric: it does't say 'bad filename', it was tryign to run bin/sh before, probably
<nacc> DaddyEric: show us the *current* script and the exact execution output
<DaddyEric>  it does not do the apt commands before it
<nacc> DaddyEric: what?
<nacc> DaddyEric: give the output requested.
<DaddyEric> https://hastebin.com/wavebahuxo.txt
<sarnold> $'update\r'
<nacc> DaddyEric: and the exact script /home/dtsmc/multicraft-setup.sh
<DaddyEric> why is it doing that?
<DaddyEric> i already pasted that
<nacc> DaddyEric: no, you did not
<nacc> uless you left it at bin/sh
<DaddyEric> https://hastebin.com/icupabakoh.txt
<sarnold> you didn't happen to write this thing on a windows machine did you?
<nacc> DaddyEric: seriously.
<nacc> DaddyEric: ow it says #!bin/bash
<nacc> DaddyEric: which is wrog
<nacc> *wrong
<DaddyEric> it is copied exactly from a working script
<nacc> DaddyEric: that script was wrong too
<DaddyEric> and yes i used notepad++ to write it
<nacc> DaddyEric: i don't really care if it worked
<nacc> DaddyEric: well don't do that
<nacc> DaddyEric: `file /home/dtsmc/multicraft-setup.sh`
<nacc> DaddyEric: it's probably got embedded windows line endings
<DaddyEric> multicraft-setup.sh: ASCII text, with CRLF line terminators
<DaddyEric> how do i remove them?
<DaddyEric> convert to asni right?
<nacc> dos2unix, iirc
<nacc> DaddyEric: and fix the shebang to be the correct path
<DaddyEric> multicraft-setup.sh: Bourne-Again shell script, ASCII text executable
<DaddyEric> thats the output from file
<nacc> DaddyEric: oh, now provide the output from -x again
<DaddyEric> there we go simple fix
<DaddyEric> its working now
<nacc> DaddyEric: ok
<DaddyEric> GRUB_CMDLINE_LINUX="consoleblank=0"
<DaddyEric> is that correct for disabling the console blanking
#ubuntu-server 2017-10-28
<drab> anybody has a working installation of influxdb + snmp reporting from switches on an ubuntu server? does it work?
<drab> I've seen some howtos here and there but nothing entirely coherent and I'm wondering if there are any specific gotchas I should be aware of
<dpb1> drab: for the influxdb piece, yes: https://jujucharms.com/influxdb/4 it works well -- for feeding snmp data into it, I haven't used it for that, but that would be just an application of it, my google search would be as good as yours.
<Tobias92> The recent update of Postfix to version 3.1.0-3 (last Wednesday) removed /usr/lib/postfix/dict_tcp.so. This is not documented in the changelog, and my mailserver needs this module to interact with postsrsd. Are TCP maps now built in? I don't want to risk outage by restarting the daemon... (I was redirected here from #ubuntu)
<rbasak> Tobias92: which package version exactly? 3.1.0-3 was published in the Trusty release pocket on 2016-04-13, so there's no recent update there.
<Tobias92> rbasak, 3.1.0-3ubuntu0.1 according to apt-cache policy
<rbasak> There have been other updates, which is why you need to tell us the exact version
<rbasak> OK
<rbasak> Tobias92: it looks like dict_tcp.so shipped in the postfix in Trusty, but has never shipped in the postfix in Xenial AFAICT.
<Tobias92> Ah, I see, so the one I had must have been left over.
<rbasak> So it seems to me that nothing has changed around this in the update. If you had it before, perhaps it wasn't from that package.
<Tobias92> The reason I noticed the change is that the reference disappeared from /etc/postfix/dynamicmaps.cf
<Tobias92> This is strange, though, because Xenial includes postsrsd, which relies on this particular functionality of postfix.
<rbasak> I don't know anything about this particular lookup type, sorry. If you conclude that there's a bug, please file one and let me know and I'll look into it.
<Tobias92> I'll investigate some more first; thanks!
<Tobias92> rbasak, turned out this looup was integrated into libpostfix-utils, so there was no cause for concern :)
<DVA5912> Is there a new way of using network interfaces with ubuntu now? Im used to the old 14 style. Where i could just add it into the /etc/network/interfaces config file and it would bring up. However doing that now seems to break already existing interfaces.
<tomreyn> for several releases, there has been network-manager in addition to the classic configuration via /etc/network/interfaces. netwokr-manager won't handle NICs if there is /etc/network/interfaces
<tomreyn> also, NIC naming have changed in current releases
<DVA5912> tomreyn: Saw that! :), Ok so network-manager is with this - now i know where to look. Thanks!
<tomreyn> welcome :)
<DVA5912> Server 17.04... That doesnt use the network-manager service does it? Everything im reading is all saying to set the connection configuration in the /etc/network/interfaces file. I did that before and it killed the prior established connection
<DVA5912> Is it using network-manager GUI versions? That i cant access because im using console?
<DVA5912> btw - im refferencing: https://www.linuxhint.com/change-from-dhcp-to-static-ip-address-ubuntu/
<tomreyn> DVA5912: there are nmcli and some text graphics based UI for network manager
<tomreyn> nmtui
<tomreyn> DVA5912: i do not know for sure whether 17.04 server uses network manager by default, but i would assume it does.
<tomreyn> i only use LTS releases on servers do i'm not into this one.
<tomreyn> s/ do / so /
<teward> greetings Server peoples.
<DVA5912> Luckly - this isnt production :) Taking my time to learn this before i push it out. Looks like it doesnt use Network-Manager, its not even installed. So i dont know whats allowing it to set a network connection.
<teward> rbasak: dpb1: powersj: and others who care: 18.04 is destined to be LTS right?  If that's the case, would any of you mind if I jumped to NGINX Mainline with intentions to bump it back to Stable come April?
<teward> like we did for the 16.04 cycle
<DVA5912> I think the best thing for me right now tomreyn is to define a whole interfaces file. That way i can feel like i have a little control left :)
<tomreyn> DVA5912: so "nmcli" (command, package) is not installed? or is it?
<tomreyn> if installed, run "nmcli c" and "nmcli n"
<tomreyn> but the static configuration via /etc/network/interfaces is, of course, an option
<tomreyn> i'll bbl
<drab> thanks dpb1
<drab> dpb1: any chance you looked at ELK too for time series? I'm probably going to need ELK fro logs and would love to avoid having to run both
<drab> but everything I read says ELK doesn't really fit the timeseries nature of many metrics
<drab> despite the new timelion interface
<drab> so influx is still the right thing to go with
<arunpyasi> Hello everyone, I am having an issue ! I have a disk mounted and running and i have vsftpd running as ftp. Here, I have the link of the HDD under the folder where the ftp home is, when I try to login ftp, I get stuck at Retrieving directory listing.... How do I fix it ?
<arunpyasi> Hello !
<arunpyasi> anyone around ?
<drab> arunpyasi: have you checked the logs? /var/log/syslog
<drab> also vsftpd has its own auth iirc, haven't used ftp in like decades... any reason you can't use ssh and sftp?
<drab> other than for nostalgia sake and reviving the 80s, there seems to be no reason today to run ftp
<drab> but I like retro so you know...
<arunpyasi> drab, I found that when I turn off nginx, I get to make sftp and ftp working... Yeah, ssh is working fine but not sftp.
<arunpyasi> drab, so, can it be cause its using Disk I/O intensely that the ftp/sftp didn't get chance to work ?
<drab> arunpyasi: seems unlikely, should only be taking long[er], but it may be hitting a timeout, altho then you should see an error, not just hanging
<drab> I don't understand the comment about sftp
<arunpyasi> drab, yes but it also hangs for sftp
<drab> look at top, you should see a process maybe in D state, waiting for I/O
<drab> or just look at top at the wa%
#ubuntu-server 2017-10-29
<chesty> hi, I added a file /etc/sysctl.d/99-custom.conf with the lines net.netfilter.nf_conntrack_max = 524288 and net.nf_conntrack_max = 524288 and it works, if I run systemctl restart systemd-sysctl.service, but...
<chesty> those files don't get set after a reboot, I think it's a timing issue systemd-sysctl might get started before some network code
<chesty> this is xenial
<chesty> is anyone familiar with this and know what the correct solution is?
<chesty> I spent 30 minutes reading some google results, I'm not the first person to ask this, but I didn't find the answer. I did learn more on how systemd.network works and I've fixed it my way.
#ubuntu-server 2018-10-22
<teward> RoyK: running memtest86 right now, but I don't think there'll be anything failing, this thing's passed memtest in the past
<teward> memtest86+ *
<RoyK> good
<teward> RoyK: so far, 41% of the tests are done, and it's passing them all.  I'm fairly sure it's not a memory or CPU problem, this happened on an 18.04 plain install too, kernels updated and then *wham* dead with panics on boot
<teward> maybe i need to go yell at #ubuntu-kernel...
<teward> (memtest also takes some time when the system as 24GB of RAM :| )
<RoyK> teward: make sure you have netconsole running in case something happens
<teward> RoyK: again, how do I enable netconsole when I can't even get into the system with any boot process?
<teward> the unanswered question from before there remains
<teward> literally the moment after Grub the system panics
<teward> not enough time to get in to do anything
<teward> same from LiveUSB
<teward> RoyK: yeah, 100% memtest pass.  so unless you know how to enable netconsole before the system boots...
<teward> ah there it is
<teward> hmm i'll work on this tomrrow after work
<teward> tired now :p
<RoyK> teward: you'll need to reboot
<teward> well that's a given
<teward> but i'll deal with this tomorrow, CBA to set up a syslog receiver at the moment
<teward> (and i'm dead tired and have to be up early so... bed time.)
<RoyK> the only issue is that syslog won't send a panic
<Checkmate> i've this problem with mod_evasive
<Checkmate> everything work fine but if i refresh the url page i can see it and the forbidden message disappear
<Checkmate> i've tryed mod_qos and mod_evasive nothing work good
<tomreyn> Checkmate: mod_evasive can work ok if properly tuned. but it's kind of a last resort measure, it's much better to optimize the application / service configuration to cause less load (improve application source code, use caching, replace outdated software components by newer ones). alternatively, you can increase system resources and use load balancing, too.
<Checkmate> @tomreyn i'm trying to stop multiple POST request
<Checkmate> i've tryed all kind of things but seems not working
<tomreyn> Checkmate: you said so some hours ago. if you're looking for assitence with this you'll need to provide details (but there may be better places to ask this, such as in #httpd if you use apache httpd, as 'mod_evasive' suggests)
<tomreyn> there is also mod_security which can be an option if you cannot modify the application source.
<Checkmate> MaxKeepAliveRequests not work with me too
<tomreyn> Checkmate: maybe sztart by discussing the web application and versio which is under attack, the ubuntu version and web server you run there.
<tomreyn> then discuss the path to the file which is being attacked, and how you can tell (logs). you can rewrite any ip addresses by 127.0.x.1 where you replace x by a different number (1-255) for every new ip address.
<Checkmate> @tomreyn i'm under the latest version of Ubuntu getting attack at index.php
<Checkmate> multiple post request
<tomreyn> Checkmate: and index.php is part of which standard web application, or is it custom code? what do these requests look like?
<tomreyn> the latest released version of ubuntu is 18.10. are you sure that'S the one you run? "lsb_release -ds" will tell.
<Checkmate> @tomreyn yes apache2
<tomreyn> this doesn't answer an of the questions i asked :)
<Checkmate> ubuntu are you sure = yes  which standard web application = apache2
<Checkmate> maybe i'm losing time here
<tomreyn> apache2 is the package name of the Apache HTTPd web server, version 2.x. "index.php" suggests this is PHP code. this PHP code will be part of a web application such as workpress, drupal, typo3, or something you wrote yourself. i'm asking which one it is.
<tomreyn> maybe i'm losing time here
<Checkmate> yeah my bad its personnel php encoding
<tomreyn> then my bet is that this application cariies out too many tasks before authentication is required, allowing anyone to keep the server busy.
<tomreyn> you shoould change it so that those actions which cause increased server load are only available after authentication, or for a given set of source ip addresses.
<Checkmate> i dont wanna use a database
<Checkmate> i want to limit connection request for each ip
<tomreyn> if you can share the source code, feel free to do so, i can take a quick look later, but this only makes sense if you can also provide more information on the POST requests which are sent. you can capture them using tcpdump, a proxy server, mod_dumpio (but be casreful there since it will drive up server load further).
<lordievader> good morning
<muhaha> Is possible to download signing key from keyserver with curl ?  instead of this apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367 ?
<TJ-> muhaha: it should be possible with gpg, using its --dry-run option *or* by setting an empty or null keyring so it doesn't write the retreived key into the trust store
<muhaha> TJ-: like this? gpg --dry-run --keyserver keyserver.ubuntu.com --recv 93C4A3FD7BB9C367
<muhaha> I can not pass internet proxy. It has some kind of useragent whitelisting... curl user agent works, thats why I need to download it with curl directly...
<muhaha> *trough
<TJ-> muhaha: try using hkps://keyserver.ubuntu.com (uses TLS)
<Skuggen> muhaha: Have you tried adding --keyserver-options http_proxy=$value?
<muhaha> yes, it does not work
<Skuggen> Ah
<muhaha> like I said, I need to pass curl user agent to access internet
<lucylu> Hi guys.. I installed a second WP site on my ubuntu server. On the second site I was able to get the WP install screen and istall it. However when I went to change the theme the site disconnected and I cant connect to it : ERR_conn_timed_out .. Any way to check how to debug this?
<tomreyn> lucylu: see #ubuntu
<tomreyn> muhaha: curl 'https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x93C4A3FD7BB9C367'
<tomreyn> you may need to strip the surrounding html
<cqs> hello, I'd like to ask whether there is some known issue while installing postgresql db on ubuntu server
<cqs> it just hangs when setting up alternatives..
<cqs> it's basically a clean installation
<cqs> 18.04
<cpaelzer> cqs: I'd not know of one
<cqs> sheet
<cpaelzer> I have seen an issue that sounds similar, but it was "update alternative ... already owned by <pkg>"
<cpaelzer> and said pkg was not in the archive
<cqs> update-alternatives: using /usr/share/postgresql/10/man/man1/postmaster.1.gz to provide /usr/share/man/man1/postmaster.1.gz (postmaster.1.gz) in auto mode
<cqs> this is where it ends up
<cpaelzer> ok, you have a different file at least
<cpaelzer> maybe it makes sense for this one (other than the bug I checked a while ago)
<cqs> i see
 * cpaelzer is checking ...
<ahasenack> good morning
<cpaelzer> hi ahasenack
<ahasenack> hi cpaelzer
<cpaelzer> have you seen above already (before I check too deep and you just know it) ^^
<cqs> thanks for you time
<cpaelzer> cqs: I'm pretty sure you are "after" that update alternatives
<cqs> r*
<cqs> yes i am
<cpaelzer> what is an "ps axlf" showing you
<cpaelzer> maybe pastebinit ?
<cqs> sure
<cpaelzer> just retried postgresql on fresh bionic and cosmic - works as expected
<cqs> https://paste.gnome.org/p8dcex7uf
<cpaelzer> is that the systemctl start hanging ?
<cpaelzer> hmm
<cqs> hard to tell u
<cpaelzer> yeah looks that way, and that would be the last command of configure_version in /usr/share/postgresql-common/maintscripts-functions
<cpaelzer> cqs: what is "systemctl status postgresql.service" showing you atm?
<cqs> loaded and active
<cqs> looks normal
<cpaelzer> cqs: how long is that hanging already?
<cqs> all looks fine, it's just apt stayed locked
<cqs> 16mins
<xnox> I have questions about git-ubuntu.... sometimes the merge proposals diffs look odd in launchpad, is that normal?
<ahasenack> xnox: we recon it's a but in python-git
<RoyK> cqs: can you connect to the db with 'psql' with user postgres?
<xnox> ok
<xnox> second question - there is nowhere one should push things? one should just dput & close MP right?
<xnox> there is no automagic marking things as merged?
<cpaelzer> xnox: there is, if you follow the tagging procedure that we do
<cpaelzer> xnox: but I'm not sure if this is reasonable for everyone
<xnox> hmmmm
<cpaelzer> xnox: that would also retain your git commit history on the import
<xnox> i thought i tagged stuff, but all pushes from me were declined.....
<cpaelzer> and the importer sees your dput being published, realizes it is the same and then closes things
<xnox> and if i can't push things back to origin.... where does one supposed to push?
<xnox> are there docs, i did not find/read?
<cpaelzer> xnox: the repo "pkg" that is set up by default is the target
<cpaelzer> but push access to that is rather restricted
<cqs> RoyK: yes i can connect to psql
<cpaelzer> especially as we long term don't want to require manual tagging anyways
<cpaelzer> we want the importer to find approved MPs and use those
<cpaelzer> xnox: it would be in (outdated I think) https://wiki.ubuntu.com/UbuntuDevelopment/Merging/GitWorkflow#Detailed_workflow
<xnox> cpaelzer, tah, i'll read up on that, and will try to use that again.
<cpaelzer> xnox: I'd ask you to get in touch with rbasak - I think we need to decide what we should do until the intended future workflow (with just approved MPs) can happen
<cpaelzer> he is coordinating the related efforts
<cpaelzer> cqs: so it seems all is fine, but the systemctl start did not return and due to that blocks
<cpaelzer> I unfortunately have no former case like this to base the next steps on :-/
<cqs> so shall i just kill that stuck process and unlock apt?
<cpaelzer> I guess, so - that will most likely make it fail
<cpaelzer> you might apt install --reinstall afterwards just to be sure
<cqs> ok
<cqs> it wants to run 'sudo dpkg --configure -a' again but i guess it will hang again
<cpaelzer> try it
<cqs> btw i was installing postgresql-contrib in one shot
<cqs> maybe this one is the guilty one
<cqs>   Package postgresql-10 which provides postgresql-contrib-10 is not configured yet.
<rbasak> xnox: since Launchpad publications are the single source of truth for Ubuntu, we can't allow uploaders to push things to origin since those might mismatch Launchpad publications, and the git view is supposed to be an exact reflection of what Launchpad published. So only the importer pushes after verifying correctness. But then uploaders need to supply rich history to the importer somehow. We don't
<rbasak> have a good workflow for this yet. As a stop gap we push "upload tags" but right now they have to be processed manually.
<rbasak> When Launchpad per-ref ACL support arrives, we will be able to give uploaders access to push upload tags directly (but that'll still be a stop-gap)
<rbasak> Before then, if you want rich history preserved, ping someone in ~usd-import-team to do it.
<xnox> ah i see, push a tag, rather than push branch refs.
<xnox> fair enough.
<xnox> to be fair, i don't mind either way, just didn't know what i should be doing today.
<rbasak> The importer will only adopt tag if the upload matches in Lanchpad.
<xnox> and if i did `something wrong, by not pushing something somewhere`
<rbasak> It's fine to dput without using git. The importer will cope by synthesizing a commit, which will effectively be the squashing of your commits.
<cpaelzer> cqs: apt install postgresql postgresql-contrib does not fail for me either
<cqs> the only thing that comes to my mind is that i didnt have locales properly set, so it defaulted to som utf8
<cqs> but that's all
<cqs> some*
<rbasak> xnox: that was becoming an FAQ, so here you go: https://askubuntu.com/q/1086094/7808
<xnox> heh
<mad_moses> Hi, can I use NFSv4 securely in the internet? (Enabling encryption?)
<Ussat> I would NEVER mount a NFS over the net unless it was over a VPN
<Ussat> and then only as a last resort
<mad_moses> Ussat: okay, just read that NFSv4 also supports encryption. So I thought it might be safe
<sdeziel> mad_moses: you could look at SSHFS maybe
<mad_moses> sdeziel: sshfs is doing strange things. I mounted a server folder and try to work remotely with my pycharm on my python project but git and pycharm are doing strange things (refereshing every second)
<ahasenack> cpaelzer: if you do a "lxc launch ubuntu-daily:trusty trusty-foo", and then enter that container and run "hostname -f", do you get trusty-foo.lxd?
<RoyK> mad_moses: nfs4 uses kerberos for authentication, but sends the data in cleartext
<RoyK> mad_moses: that is - nfs4 may use sec=sys and then only checks the client's ip address
<cpaelzer> ahasenack: seeing the quesiton just now
<cpaelzer> just a sec
<ahasenack> no rush
<cpaelzer> ahasenack: yes I see the same
<ahasenack> ok, thx
<mad_moses> RoyK: okay, vpn is the answer ...
<mfo> xnox, hey :) so, i noticed there are some regressions in systemd rdeps in pending-sru page.  i gone through them, and apparently none are related to the LP/patch I submitted (LP 1795658), but wondering if you'd like me to review any of them.
<ubottu> Launchpad bug 1795658 in systemd (Ubuntu Xenial) "xenial systemd reports 'inactive' instead of 'failed' for service units that repeatedly failed to restart / failed permanently" [Medium,Fix committed] https://launchpad.net/bugs/1795658
<xnox> mfo, well, your patch is not the only thing in that upload.
<xnox> there are 6 bug fixes.
<xnox> as you can see on the pending-sru page
<mfo> xnox, yes, I see. that's why I'm asking :)  i could not track the test errors to _that_ part of the upload, but you know, maybe there are symptoms that are not that clearly linked.
<mfo> i offered checking some of them in case you were suspicious they were not from the other uploads either.
<mfo> xnox, well, and sorry to bother, but I just wanted to offer help in case that helped. no worries :)  if you find something for me about that, please just let me know and I'll take a look.
<xnox> mfo, i've hit retry on all of the regressions, to see if any of the flaky ones would clear.
<xnox> mfo, and then i'd be writting up to release team for things that are clearly broken.
<mfo> xnox, ok. iirc there are a few ones after "rebooting" in autopkgtest, which seems like a couldn't connect post-reboot type of error, not really pkg code itself.
<mfo> xnox, thanks!
<xnox> mfo, well, or a VM failing to boot with new systemd =/
<mfo> xnox, oh, indeed. hopefully not the case!
<Checkmate> guys my ip server down after typing this command iptables -L -n
<Checkmate> whats i do now ?
<tomreyn> what is an ip server?
<Checkmate> vps
<tomreyn> use your out of bound access to flush iptables, or if you have none, power cycle it.
<Checkmate> @tomreyn my vps down its like all opened ports closed do i need to restart server?
<TJ-> "iptables -Ln" isn't going to add a rule, it just lists with numerics
<tomreyn> yes it should not cause this, but apparently somehow Checkmate was working on iptables and locked themselves out.
<Checkmate> well i put this command and same time the vps down
<TJ-> Checkmate: did you issue any commands before that one?
<tomreyn> Checkmate: if you have no other way to access the system, such as through a virtual serial console or KVM your VPS host provides through e.g. their web panel, you will need to have them power cycle it (maybe also through a self service web panel).
<Checkmate> @tomreyn yes iptables -F
<TJ-> Checkmate: -F flushes the tables; if the default policy is DROP then you've cut yourself off
<Checkmate> damn what i need to do now @TJ-
<Checkmate> i have a web shell access please provide me how to get my vps server back
<TJ-> Checkmate: tomreyn has told you twice; reboot the server and hope there are saved rules in place to open ports. Otherwise use your host's out-of-band console access to fix it
<tomreyn> you need to undo what you did last, or reboot which will undo non permanent configuration changes
<Checkmate> @tomreyn after restarting everything work fine thx
<tomreyn> good. keep the web shell open while you work on iptables, make sure you know how to undo changes before you make them
<Checkmate> @tomreyn do u know how to clear all banned ip fail2ban service
<mason> Checkmate: man fail2ban-client - there's probably some sleek way to do it all at once, but this will let you do it granularly.
<tomreyn> Checkmate: not of the top of my head, no
<Checkmate> i see something about removing fail2ban.sqlite3 its safe?
<tomreyn> sqlite is a flat file database, often used for storing configurations. removing this is probably not what you want.
<RoyK> Checkmate: if the server goes down with an iptables command, contact the people you got it from - it shouldn't panic or shut down for something like this
<RoyK> Checkmate: where do you have this VPS?
<RoyK> tomreyn: serial consoles are a bit hard to work out on virtual machines ;)
<tomreyn> RoyK: why so?
<tomreyn> both KVM + Xen support (virtual) serial consoles just fine.
<teward> RoyK: so it did a full blown panic immediately when attempting to boot
<RoyK> because there's no serial port, for starters, at least if you rent a VM from some company abroad
<teward> on my HP Z400 workstation
<teward> i'll have to picture the screen when I get the data up to share the panic error
<RoyK> netconsole should work, though
<tomreyn> RoyK: you'll just need to add the virtualized equivalent of a serial console switch
<RoyK> but then again - if a VM panics just after iptables -Ln, something is very, very wrong
<RoyK> tomreyn: something you can't do if someone else controls the hypervisor
<tomreyn> RoyK: right
<mason> I'm curious how libvirtd presents microcode to VMs. Which is to say, with Ubuntu 18.04, my qemu-kvm VMs show vulnerable to Spectre 3a and 4 where the host does not. Guests tried include Ubuntu 16.04, RHEL 7.5, Debian 9.5.
<JanC> I doubt showing microcode to VMs makes any sense at all
<mason> JanC: The facility has to be there in the CPU presented, no?
<JanC> no
<mason> Okay, could you explain how it's supposed to work, then?
<ahasenack> mason: can you setting up the cpu in the vm to be a copy of the host?
<ChmEarl> mason, qemu-system-x86_64 -cpu ?  , then try some CPUID/CPU combinations
<ahasenack> I don't know how to do it with virsh, but in virt-manager you have a dropdown menu in the cpu tab
<mason> I've tried a couple CPU combinations, all with IBRS.
<JanC> how microcode & all those controller CPUs work isn't really documented
<JanC> so there really isn't any way you could implement them virtually
<mason> Well. Microcode application, right. But the guests themselves should believe they've got the correct facilities, as I understand it.
<JanC> so, did you test if those guests are actually vulnerable?
<mason> JanC: Yes. That's why I'm asking.
<JanC> I mean, did you test if they are actually vulnerable, or did you just test a kernel flag or something?
<mason> JanC: I ran https://github.com/speed47/spectre-meltdown-checker which I believe looks at more than flags. I'm open to suggestions for testing with PoC somehow.
<ahasenack> rbasak: still around?
<mason> If it's a false positive, that's fine.
<mason> I'll migrate the guests to a RHEL hypervisor and test there too I guess, for comparison.
<tyhicks> mason: hi - variant 4 mitigations are only enabled when there's a seccomp filter in place for the process in question or the process has opted into mitigation by making a certain prctl(2) systemcall
<tyhicks> mason: this is documented in the Mitigations section of https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Variant4
<tyhicks> mason: as far as variant 3a goes, that's something that is entirely mitigated in microcode
<mason> tyhicks: Thank you. Odd that the spectre-meltdown-checker script doesn't set this. I'll have to read what they're doing.
<tyhicks> mason: VMs don't load microcode - it is something that the host is in charge of
<mason> tyhicks: That seems fine, but I thought the CPU then presented would have all the bits needed for the kernels to mitigate things. I'm clearly a bit confused.
<tyhicks> mason: there's a lot of different ways that your virtual CPUs can be configured, you'd need to paste the contents of /proc/cpuinfo for me to start understanding what's going on inside your vm
<mason> tyhicks: kk, coming up
<ahasenack> rbasak: n/m, filed a bug :)
<tyhicks> mason: going back to variant 4... you can use the ssbd-exec tool that I wrote to enable mitigations and then run the checker script (replace the grep command in the second example with the checker script): https://github.com/tyhicks/ssbd-tools#using-ssbd-exec
<mason> tyhicks: https://bpaste.net/show/e19b21dd662e - the first one is https://bpaste.net/show/e5b63791427f on the host, and the second is https://bpaste.net/show/154b82e83888 on the host
<mason> tyhicks: ty, will try that
<tyhicks> mason: I'm starting to get cloudy on the details but the kernel reports a bogus microcode revision inside of VMs (which is why you see 0x1 reported as the microcode revision in the cpuinfo pasts)... I wonder if the checker script is relying on that revision to be correct...
 * tyhicks checks the source
<JanC> mason: microcode is never enough to prevent all spectre-style vulnerabilities AFAIK
<mason> There's one of the more recent ones that requires guest cooperation, yeah.
<mason> I want want the fence to be as high as possible.
<JanC> or if it would be enough, it would likely slow down the CPU to the point where you could be using your smartphone instead of that high end Xeon  :P
<mason> tyhicks: # ./ssbd-exec -- ~/spectre-meltdown-checker.sh
<mason> ERROR: Speculation cannot be controlled via prctl
<mason> tyhicks: That's on the second system from that initial bpaste, which has a Skylake Xeon box as a host that shows all green with the script.
<tyhicks> mason: the correct command is: $ ./ssbd-exec -p disable -- ~/spectre-meltdown-checker.sh
<tyhicks> (but I think you're going to hit the same error)
<mason> ah, trying again
<mason> Close: https://bpaste.net/show/4efbd9fc3bd8
<tyhicks> mason: what kernel version are you running? (cat /proc/version_signature)
<mason> tyhicks: Host or guest?
<mason> tyhicks: I'll give you both.
<tyhicks> both
<mason> tyhicks: 3.10.0-862.14.4.el7.x86_64 (RHEL 7.5, guest) seems not to offer this. The host is 4.15.0-36.39-generic.
<tyhicks> mason: did you run ssbd-exec in the guest or host?
<mason> guest
<mason> I didn't bother running it on the host, because the host makes the script happy.
<tyhicks> mason: oh, RHEL must not have backported the fix
<tyhicks> mason: err, they must not have backported the prctl portion of the fix
<mason> tyhicks: I'll try again on an Ubuntu guest.
<JanC> there is a big spread between fixing those vulnerabilities entirely and keeping your CPU performant  :)
<JanC> I suppose at some point there will have to be host & guest profiles where admins will have to make their choices...
<tyhicks> mason: that checker script has become pretty complex - I can't say for sure but I'm pretty confident that the variant 3a failure is a false positive most likely caused by the microcode revision being obscured inside of the VM
<mason> tyhicks: I'll look around for other ways to test - a PoC would be the best way I imagine.
<JanC> testing 8.04 guest on 8.04 host would probably be a good test too
<mason> tyhicks: Thank you very much for your time. Also JanC and ahasenack
<ahasenack> welcome
<mason> JanC: Oddly, I don't actually have an 18.04 guest, only hypervisors. I'll have to spin one up.
#ubuntu-server 2018-10-23
<jamie12> anyone know how to enable numa when not on by default? I'm running a thread ripper 2950x on desktop because it's well... a desktop but it's technically epyc
<lordievader> Does the thread ripper itself have multiple numa nodes, or do you have multiple installed in your machine?
<lotus|NUC> jamie12: ^
<jamie12> lordievader it's multidie
<lordievader> jamie12: https://serverfault.com/questions/877018/ryzen-threadripper-cpu-does-not-report-multiple-numa-nodes
<jamie12> I might have found the solution... Asus removed it from BIOS and only changable in ryzen master
<jamie12> ugh booting Windows and enabling it to see what happens
<jamie1> lordievader: so.... you need windows to enable numa XD
<lordievader> Interesting.
<jamie1> lordievader: basically amd asked asus to remove the bios setting so people would use ryzen master utility to enable or dissable it
<lordievader> And there is no similar utility on Linux, I suppose?
<jamie1> no, sadly there isnt
<lotus|NUC> or run that ulitity from wine?
<jamie1> doesnt work that way, it needs access to core os due to os communication with uefi
<lordievader> Someone tries that here, via wine: https://www.reddit.com/r/Amd/comments/5zaypz/any_word_on_a_linux_version_of_ryzen_master/?st=jnlcp0te&sh=ab9426a0
<jamie1> also the main reason is most of the sensors dont even work on linux yet for x399
<jamie1> so that would be needed even start with
<lotus|NUC> https://linuxconfig.org/how-to-overclock-your-amd-ryzen-cpu-on-linux
<jamie1> after that we may see ryzen master on linux but that is still questionable due to oems never like to help linux
<lotus|NUC> also interesting jamie1 https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=051f3ca02e46432c0965e8948f00c07d8a2f09c0
<lotus|NUC> !info numactl | jamie1
<ubottu> jamie1: numactl (source: numactl): NUMA scheduling and memory placement tool. In component main, is optional. Version 2.0.11-2.1 (bionic), package size 32 kB, installed size 116 kB (Only available for linux-any)
<jamie1> lotus|NUC: thats what i use to make sure numa is running right
<BlackDex> hello there
<BlackDex> i'm having some issues with lvm
<BlackDex> getting the message that "Device /dev/sdb1 not found (or ignored by filtering)."
<BlackDex> there is no filter
<BlackDex> the disk is an RAID-1 of 2 SSD's
<BlackDex> i can partition the disk without any issues
<BlackDex> lsblk shows that the partition is there
<BlackDex> but the strange thing is that it also shows something called mpath
<BlackDex> i don't know if that is something wich is causes issues here.
<BlackDex> Someone have an idea?
<BlackDex> disks are wiped with dd, but beginning and ending of the disks.
<BlackDex> s/but/both/
<lordievader> BlackDex: What is the output of `sudo pvscan`?
<ahasenack> good morning
<rbasak> ahasenack: what would you like me to do about this build-source regression?
<rbasak> I can revert the MP that broke it.
<rbasak> Or if you want to try to tackle the implementation of -S within the build command and remove build-source, I'd be happy with that too.
<rbasak> Or I can leave it for now for someone to fix later?
<ahasenack> well, I use build-source extensively, and that broke my workflow
<ahasenack> maybe wait to see if smoser has an insight later today?
<ahasenack> if not, I'd revert it
<ahasenack> unless that would reintroduce a bug that is more serious
<rbasak> OK. I'll revert after smoser has a chance to respond - unless he has an alternate plan.
<elfranne> anyone know a modern apt repo (create your own repo) ? the ones i can find are unmaintained ...
<avu> elfranne: reprepro still seems to be active
<elfranne> this is what i was looking for: https://www.aptly.info/ found it months ago but forgot the name
<elfranne> but thanks avu
<joakim_> Hi got a issue with my ubuntu/netplan, the problem is that after i restarted the (remotely ovh hosted) server all my ip configs disappered when i try to do any netplan command i get that "netplan: fatal error: cannot bind to port 2983, is another daemon running?, exiting." same issue is descriped here https://ubuntuforums.org/showthread.php?t=2400673 but no answers, how do i debug this?
<sarnold> joakim_: you've probably confused the netplan calendaring tool with netplan the network configuration tool
<sarnold> joakim_: install netplan.io not netplan
<joakim_> sarnold thx, but could you please explain that a bit more?......   ah thx :)
<sarnold> joakim_: when netplan.io was named we forget to check if the name was already used...
<sarnold> (not the first time :)
<sarnold> joakim_: apt-get install netplan.io netplan-   should probably get you most of the way to a fix
<joakim_> sarnold :/ that what happens i'll try, but what i wundering about is why have it been working for month and then just stopped, i never installed netplan.io manually or remember removing it
<sarnold> joakim_: hrm :(
<sarnold> maybe my guess is wrong ..
<sarnold> try the apt-get command and see what falls out
<joakim_> and doint a apt search netplan.io dons't show it as installed on ubuntu 18.04
<joakim_> (have 3 servers + 1 workstation
<joakim_> sarnold however your suggestion worked
<cyphermox> joakim_: so, OVH system that got deployed by them?
<joakim_> cyphermox ?
<cyphermox> you are doing this on a system in OVH, right?
<cyphermox> was it deployed / installed by them or did you do it yourself?
<tomreyn> joakim_: ^
<Epx998> cosmic was released? :D
<tomreyn> good morning, nvidia.
<Epx998> buh
<tomreyn> < not affiliated with anything, i'm allowed to say this. :-P
<Epx998> lol
<Epx998> neh'veed'de'uh
<Epx998> vmware not digging the display after network preseed on a netboot
<tomreyn> on 18.10 server live installer?
<Epx998> 18.10 server iso
<tomreyn> which one?
<Epx998> http://cdimage.ubuntu.com/ubuntu/releases/18.10/release/ubuntu-18.10-server-amd64.iso that one
<Epx998> well no wait sorry im jumoing around
<tomreyn> i think commonly mini.iso is used with pxe.
<Epx998> i grabbed http://archive.ubuntu.com/ubuntu/ubuntu/dists/cosmic/main/installer-amd64/current/images/netboot/netboot.tar.gz - let me check md5sum to make sure i got the right one
<Epx998> ill grab the ones off the mini iso too and see
<Epx998> nope
<Epx998> hmm
<tomreyn> so netboot.tar.gz contains the kernel and initrd for booting. the pxe server would tell the booting 'client' where to load them from, using tftp. once those are loaded, the 'client' would load the installer files from the tftp server, too. what exactly that is depends on what you put on the tftp server.
<tomreyn> usually somewhere below /var/lib/tftpboot
<tomreyn> commonly, the /var/lib/tftpboot/pxelinux.cfg/default file on the tftp server would instruct the 'client' what to download (and then load the userspace) from where.
<Epx998> i need the right kernel video= option - so far nothing is working past the network preseed
<tomreyn> i'm not into vmware, so not sure.
<Epx998> its trying different overrides until i get one that weorks
<tomreyn> does 18.04 work with this setup? it should be pretty much the same.
<tomreyn> vmware recommends to use vmxnet3 instead of e1000e virtual nics with 18.04 (they dont support 18.10 yet)
<tomreyn> maybe the issue is that you have nvidia hardware passed through to this vm? their graphics card drivers are sadly proprietary and thus, for many years now, often don't work flawlessy and out of the box on linux.
<Epx998> there are no gpu's in the chassis other that the onboard server chip
<Epx998> Getting a kernel panic tho
<tomreyn> https://wiki.archlinux.org/index.php/kernel_mode_setting#Forcing_modes discusses what can be used for video= (if you really need to)
<tomreyn> vga=791 helped me boot 18.04 on virtualbox when they didn't support this version, yet. i didnt get a panic though, just a black screen.
<Epx998> prob not even a video issue
<Epx998> headache is its in a different DC, so I need to deploy cosmic to another DC to test baremetal
<Epx998> ok its my kickstart'=
<Epx998> or at least i thought it was
<teward> RoyK: what're the chances my setting up netconsole will detect the panic and give me any kind of useful information?
<teward> assuming, of cours,e you can edit the boot cmd of the live images to do that.
<RoyK> teward: netconsole will probably tell the receiver end what the panic is all about, if there is one
<RoyK> teward: did you try ctrl+alt+f1 ?
<teward> RoyK: again, dies and goes nonresponsive at boot, will try again, if i can't get details i'll failover to netconsole, and if that fails too then I'll ahve to see if I can get the normal 18.04 system to boot then extract logs at the filesystme level from a 16.04 instance.
<teward> 16.04 live desktop instance*
<teward> RoyK: call trace looks like it dies at the kernel loading level long before it even starts the full boot process :|
<sarnold> the last time I tried netconsole I didn't actually get anytthing useful out of it. if you're similarly unlucky, maybe the kernel crashdumps would be more productive. (I've never used those, but afaik we still have them :)
<teward> sarnold: this assumes I can get them
<teward> does the kernel always crashdump on panics?
<sarnold> teward: excellent question :)
<teward> RoyK: ctrl+alt+f1 doesn't seem to help :|
<teward> because it's not even getting that far
<teward> hmm, I wonder... *downloads an older 18.04 installer disk from his local mirror to test*
<RoyK> teward: what about the "magic sysrq" stuff I posted?
<RoyK> teward: just do-release-upgrade - it'll take you to 18.04
<teward> didnt see it probably got eaten by my internet
<teward> RoyK: um...
<teward> it was 18.04
<teward> to begin with
<RoyK> I thought you wrot 16.04
<teward> can't upgrade to what it already is :p
<teward> RoyK: no, that's my fallback plan
<RoyK> ok
<teward> because that's my emergency recovery USB stick for my laptop that boots the desktop ISO with persistence and my recovery toolkuts
 * RoyK uses debian when striving for stable systems
<teward> ahah!
<teward> the 4.15 kernels explodify here
<teward> but not the 4.13 that was 'older'
<teward> iiiinteresting
<teward> NO IDEA how to debug that one.
<teward> better question is why it's using 4.15 :|
<teward> (this was an upgrade to a newer release so the old kernels must've been around)
<RoyK> no idea - try to use another kernel, hten
<RoyK> *then*
#ubuntu-server 2018-10-24
<teward> RoyK: i think i found the problem... this workstation has an nvidia card in it and has drivers installed for the ability to utilize the GPU for some data processing.  I think that Failed to Build and caused the issues.
<teward> or that the version of the kernel or something exploded it, it *looks* like it's OK now but not sure...
<teward> we'll see if this fixes it *yanks out the graphics driver while in the older kernel*
<RoyK> teward: hehe
<teward> aaaaand it still explodes.  I'll just say "Screw It" and nuke it and put 16.04 on it, then containerize the 18.04 instances (or Virtualize them in my VMware cluster instead, depending on what resources I need)
<Repox> Hello. Unfortunately, I'm in need of installing a very old version of PHP, a large site that currently uses PHP 5.1 and the size of the system makes it almost an impossible task to update. Is it possible, in any way, to install that old a version of PHP?
<kstenerud> repox: You could try creating an lxd or docker container that's based off an older version of the OS which has packages for that version od PHP
<zzarr> Hello!
<zzarr> I'm responsible for a server that keeps crashing about 30-40mins every night or so, is there a way to monitor the status of the machine in order to see if it's a hw issue or something else?
<zzarr> I should say it's a VM the company rent from another company so I don't have access to any BIOS or such
<mfo> xnox, hi. re: systemd in xenial-proposed. i see you verified the pending LP bugs, cool.  anything else i should be doing other than leaving you alone and waiting (hm, and because it's sytemd, the #days in proposed criterion is like, more than the usual 7 days?)  thanks :)
<ahasenack> good morning
<ahasenack> kstenerud: I see you grabbed the fetchmail bug, correct?
<kstenerud> ahasenack: yes, but I'm hitting a git ubuntu build bug
<ahasenack> which one? :)
<kstenerud> 10/24/2018 05:29:23 - ERROR:stderr: awk: error while loading shared libraries: libreadline.so.6: cannot open shared object file: No such file or directory
<kstenerud>   awk: error while loading shared libraries: libreadline.so.6: cannot open shared object file: No such file or directory
<kstenerud>  
<ahasenack> ok
<ahasenack> I did some snap reverts to fix that
<ahasenack> let me show you what I'm running
<ahasenack> core        16-2.35.5             5742  beta      canonicalâ  core
<ahasenack> git-ubuntu  0.7.4+git107.2aadcff  438   edge      canonicalâ  classic
<rbasak> That should have been fixed in edge a while ago.
<rbasak> (edge git-ubuntu with any core snap)
<ahasenack> kstenerud: can you try the above revisions
<ahasenack> ?
<kstenerud> umm not sure how to do that. There's nothing to revert to
<ahasenack> kstenerud: check the revisions first, use snap list --all
<kstenerud> git-ubuntu  0.7.4+git16.0a79cbc  391   stable    canonicalâ  classic
<kstenerud> that's all there is
<ahasenack> kstenerud: switch to the edge channel for git-ubuntu
<rbasak> Switch to edge and that should be sufficient I think.
<rbasak> Except for this new build-source regression :-/
<kstenerud> how do I do that?
 * rbasak should fix that
<rbasak> kstenerud: snap refresh --classic --edge git-ubuntu
<ahasenack> kstenerud: check arguments for snap refresh
<rbasak> (with sudo probably)
<ahasenack> ^that
<ahasenack> rbasak: no ping from smoser yet?
<rbasak> No. I'll revert.
<ahasenack> kstenerud: if you get git-ubuntu r439, there is another bug, you have to revert to r438 then. I ssume that is still available in the store, and not just locally
<kstenerud> ahasenack: I can only revert to 439
<ahasenack> kstenerud: have you tried snap revert --revision=438 git-ubuntu ?
<rbasak> I've pushed the revert and fired off a build. I should be able to fix edge in about half an hour if the build succeeds.
<kstenerud> cannot find revision 438
<ahasenack> kstenerud: ok :(
<ahasenack> kstenerud: I guess use the traditional way for now. Create the container, scp the git tree there, and build there
<kstenerud> ok
<ahasenack> or sbuild, or any other of the common tools to build packages in a pristine environment
<ahasenack> kstenerud: did you reproduce the fetchmail ssl problem with gmail?
<kstenerud> yup
<ahasenack> cool
<kstenerud> ahasenack: git ubuntu build and build-source both fail. Is there another way to build?
<ahasenack> kstenerud: create a container, scp/rsync the git tree there, cd into it, run "sudo apt-get build-dep ./" to install build dependencies, and then run "dpkg-buildpackage -us -uc -S" for source, and sans the -S for binaries
<ahasenack> -us -uc is to not debsign it,  you can omit those if you want to sign
<kstenerud> bleh
<kstenerud> builddeps:./ : Depends: libgssglue-dev but it is not installable
<ahasenack> did you run apt-get update?
<kstenerud> oh right
<kstenerud> hmm
<kstenerud> dpkg-source: error: can't build with source format '3.0 (quilt)': no upstream tarball found at ../fetchmail_6.3.26.orig.tar.{bz2,gz,lzma,xz}
<SJr> Uh... I noticed this morning that MySQL was dead in the water. Before it shutdown systemd in journalctl says "Starting Daily apt download activities", then "Stopping MySQL Community Server"... Then mysql shutsdown then systemd says "Stopped MySQL Community Server" and then it says reloading a bunch of times, does it and is complete.
<SJr> What is the best way to turn that off? Do I just kill app-daily.timer, app-daily-upgrade.timer?
<wr> made a NTP server config https://paste.ee/p/glq8t#9epWVpo4XpxTPHodZQSQqoghZwOLePeo is this accurate?
<ahasenack> kstenerud: you can fetch the upstream tarball via git ubuntu: git ubuntu export-orig
<ahasenack> or install ubuntu-dev-tools and use "pull-lp-source -d <package> <ubuntu-release>"
<ahasenack> that will download the source package which will contain the orig tarball, and -d is to not extract it
<ahasenack> SJr: that's from unattended-upgrades, a package
<ahasenack> SJr: it has config options in /etc/apt/apt.conf.d/*
<ahasenack> SJr: you can blacklist packages there, for example, and adjust many other settings
<ahasenack> SJr: or remove it entirely if you prefer, of course
<rbasak> SJr: that was a MySQL security update. You should probably be updating these. If there was a problem with the update, let's fix that :)
 * RoyK thought mysql was replaced by mariadb
<compdoc> i though only maria could use mariadb
<ahasenack> rbasak: my samba bionic sru upload was correctly rejected because it missed this: https://pastebin.ubuntu.com/p/VBS6vz7Jtv/
<ahasenack> rbasak: can I just fix, push the tag and upload again, or do we want to review this change?
<ahasenack> "Rejected by Brian Murray: No Launchpad-Bugs-Fixed in the changelog / .changes file."
<ahasenack> it's correct in cosmic
<rbasak> ahasenack: I don't think I need to review that. I think self-approving that kind of thing is fine.
<ahasenack> rbasak: ok, I'll update the upload tag as well
<ahasenack> rbasak: is the snap published yet?
<rbasak> I'd left Jenkins running. Let me see if I can upload it now.
<rbasak> It's ready, publishing now.
<ahasenack> kstenerud: ^that snap should work wrt build{,-source}
<ahasenack> r440 I suppose
<rbasak> Uploaded, just waiting for the store now. It's usually a minute or two.
<rbasak> Yeah I see it'll be r440 if it is approved
<rbasak> RoyK: nope.
<rbasak> RoyK: both are packaged and available in Ubuntu.
<rbasak> MySQL is in main.
<rbasak> MariaDB is in universe. It gets looked after by a volunteer.
<rbasak> ahasenack: kstenerud: fixed git-ubuntu published in edge.
<ahasenack> nice
<rbasak> I shouldn't have hesitated yesterday to revert. Sorry.
<ahasenack> Download snap "git-ubuntu" (440) from channel "edge"                                                                                                                                                              -
<ahasenack> Download snap "git-ubuntu" (440) from channel "edge"                                                                                                                                                              -
<ahasenack> Download snap "git-ubuntu" (440) from channel "edge"
<ahasenack> ops, sorry
<ahasenack> copy & paste of terminal lines that have progress status is bound to be a mistake
<SJr> rbasak, how would I fix that, submit a bug to the package maintainer?
<rbasak> SJr: start by identifying whether it's a problem on your local system first please.
<rbasak> (I am the maintainer)
<SJr> Ah well I'm not sure rbasak, just to make sure, I'm using MySQL Community 5.7.24 (not Maria DB, which is the default in Ubuntu). I don't see anything in the logs, other than systemd shutting it down. I don't see any attempt at starting it back up.
<SJr> The only log entry in the mysql unit is that systemd is stopping it, apt-daily doesn't mention anything. The apt log, just says mysql-server and mysql-server-core were changed.
<SJr> It started right back up, when started mysql up without incident, and the shutdown was clean.
<rbasak> SJr: MariaDB is not the default on Ubuntu.
<SJr> I found a stack overflow post about this with no real answer.
<SJr> https://askubuntu.com/questions/1037285/starting-daily-apt-upgrade-and-clean-activities-stopping-mysql-service
<rbasak> SJr: you could try downgrading and then trying an upgrade manually to get an idea of what might be going wrong. Or indeed just "apt-get install --reinstall mysql-server-5.7" might reveal any problems.
<rbasak> The upgrade absolutely will stop and start the service. That part is expected.
<rbasak> You shouldn't need to manually restart it though.
<SJr> Yeah that part I expect to, but the stack over flow post is complaining about it not being restarted.
<SJr> Hrm running that apt command says "AUtomatic maintenance of MySQL server daemon disabled. Packaging maintainer scripts detected a case that it does not know how to handle and cannot continue configuring MySQL. Automatic management of your MySQL installation has been disabled to allow other packaging tasks to complete, For more details, see /etc/mysql/FROZEN"
<SJr> "In this particular case, an incompatible downgrade attempt has been detected. This can be resolved in one of two ways..."
<rbasak> Ah
<SJr> I'm not sure what it is detecting, apt says: "Unpacking mysql-server-5.7 (5.7.24-0ubuntu0.18.04.1) over (5.7.24-0ubuntu0.18.04.1) ..."
<rbasak> That's your problem. It's not a bug in the package - your system has a broken installation caused by switching from MariaDB to MySQL.
<SJr> I dunno if I would say it's a bug in the package per say, but this is less than ideal. Basically a working mysql installation will get stopped without incident, and then upgraded, and then just not restarted for reasons that have no visibility in the system logs and aren't apparent looking at that folder.
<SJr> This kind of failure, should not upgrade the package and just leave it stopped.
<rbasak> I agree it's not ideal.
<rbasak> We started doing it this way because we didn't think the situation was enough to warrant breaking users systems by failing the maintainer script.
<rbasak> The intention was to leave the system alone rather than mess with it.
<rbasak> Shutting down the daemon first is obviously not desireable.
<SJr> The error reporting is not great either, the status of the mariadb packages was rc (removed but config files present), I have purged those packages, and yet it still won't install.
<SJr> Is it time to bust out strace to see what it's looking at
<rbasak> It's because your database in /var/lib/mysql isn't clean. It's likely been modified by MariaDB (internal schema upgrade to MariaDB-specific things) in a way that MySQL can't necessarily understand.
<SJr> Yet mysql has run without issue for months
<rbasak> You should treat your databases as corrupt and recover them as if MySQL encounters something that MariaDB did you might get undefined behaviour.
<rbasak> Depends on what queries you run.
<rbasak> Or a future security update might cause it to fail, etc.
<rbasak> You might even be getting bad query results without realising.
<SJr> How many heuristics are there that you are checking? This seems unlikely, I'm 80% confident I completely nuked this directory during the switch.
<rbasak> You definitely didn't, because it's the mismatching /var/lib/mysql/*.flag files that are stopping the maintainer scripts from touching it.
<rbasak> That's the only heuristic.
<SJr> There are no files in there.
<SJr> with *.flag
<rbasak> Oh
<rbasak> Then you need to remove /etc/mysql/FROZEN
<SJr> There is an old directory called /var/lib/mysql-5.7 that might be left over garbage.
<rbasak> Mismatching *.flag enters the frozen state. You have to remove FROZEN to get out of it. This is documented in the message.
<rbasak> I don't believe the packaging will touch that.
<rbasak> I forgot about the latching behaviour, so I was wrong about "definitely" above, sorry.
<SJr> Oh so yes, FROZEN is very old actually.
<rbasak> Once you've removed FROZEN, I'd run the reinstall again just to check that the maintainer scripts will no longer complain. Note that they'll try to touch the database for the first time in a while, so depending on the previous state you may get an attempted schema upgrade etc, so watch out for your data (have backups etc).
<SJr> Is there anything to write a bug report about or improve it? For instance actually log something in systemd? Not do unattended upgrades if you are frozen?
<SJr> The stack overflow post number one suggestion is to disable automatic updates.
<SJr> :)
<rbasak> I think there are improvements that can be made, yes, so please feel free to file a bug.
<rbasak> I think the essence is that once in frozen mode, after a reboot the daemon may still start, and upgrading will stop it.
<rbasak> And secondarily that it didn't log the message where you expected to find it.
<SJr> So the bug gets filed on launchpad against the mysql-server-5.7 package?
<rbasak> Yes, thanks!
<rbasak> Please could you also explain in your report where exactly you looked for the logs (ie. where you expected to find the note)?
<rbasak> That'll help inform where to put things.
<rbasak> For example using logger to dump to syslog (which should end up in the systemd journal I think) that we refused to start the daemon should be really easy to do, if that would have worked for you.
<SJr> Yeah also for your edification you should know that much of my config is actually managed by ansible with explicit stops and starts of services around installation and upgrades.
<SJr> I remember maria having some weird issue that I didn't want to deal with and then being in hell for an hour while I switched.
<rbasak> In that case consider using mysql-server-core-5.7 only, without mysql-server-5.7.
<rbasak> That'll give you full control. You'll get the binaries only.
<rbasak> (though in case of security update you'll have to take care of restarting the service yourself)
<rbasak> I don't understand how you got MariaDB accidentally. It's not the default.
<rbasak> Though also, if you're using ansible, then redeploy your server when you make a major change, please!
<SJr> I didn't accidentally get it, I thought I should get with the times and use it, so I tried it and there was some small problem I didn't want to deal with.
<rbasak> Oh, I see, thanks.
<SJr> It's a good tip knowing about mysql-server-core-5.7, because yeah I found ansible is really going against the grain with a lot of ubuntu and interacts weirdly.
<rbasak> MySQL development is still active, FWIW. The next Ubuntu release may have MySQL 8.0 if all goes well.
<SJr> Interesting, well in 5 years when I upgrade this server off 18.04 I can finally partake :)
<SJr> Is there a reason launchpad doesn't let me select mysql-server-5.7 as a bug and only mysql-5.7?
<rbasak> Oh, sorry, yes.
<teward> SJr: because mysql-server-5.7 is a binary package created from the mysql-5.7 source package
<teward> ^ that's why
<rbasak> Right :)
<teward> so filing against mysql-5.7 on Launchpad is the correct thing to do.
<teward> *hands rbasak the "You forgot to mention that" card*
<SJr> Thank you rbasak, and teward, I would not have figured this out at all without your help :)
<rbasak> Not just that but I confirmed the wrong thing earlier. It even felt wrong to me at the time but I couldn't figure out why, so I concluded it was right :-/
<rbasak> SJr: you're welcome. Thank you for the report. It will help us improve things for all users.
<nacc> mdeslaur: you might also want to chime in on https://answers.launchpad.net/ubuntu/+source/php7.0/+question/675535, if you have a moment
<mdeslaur> nacc: ack, done
<nacc> mdeslaur: thanks!
<Epx998> any one else reporting issues with cosmic in vmware?
<tomreyn> Epx998: someone else had trouble with it in #ubuntu today.
<tomreyn> vmware workstation though, but i guess it boils down to the same thing regarding vmware tools?
<SJr> Bug submitted, rbasak: https://bugs.launchpad.net/ubuntu/+source/mysql-5.7/+bug/1799763
<ubottu> Launchpad bug 1799763 in mysql-5.7 (Ubuntu) "Frozen MySQL-Server does everything fine except security updates don't restart" [Undecided,New]
<sarnold> heh, love the launchpad id :)
<Epx998> tomreyn: not sure, i cannot get thru the install.  Though I have esxi on a desktop upstairs and had no issue.  baremetal on another chassis and vmwar+dell resulted in failed deployments
<rbasak> SJr: thanks!
<rbasak> SJr: what a short IRC nick you have! :)
<SJr> Too short for freenode?
<rbasak> Too short for your Launchpad ID :)
<munsking_> does anyone here use the nextcloud snap? i can't figure out how to change the https port
<munsking_> on ubuntu server 18.04.1
<munsking_> this is also the first time i've used snaps
<nacc> munsking_: `snap info nextcloud` -> contact: https://github.com/nextcloud/nextcloud-snap
<nacc> you'd want to file an issue there, or look through their docs, etc.
<sarnold> "If you'd like to change the HTTP port (say, to port 81), run:"
<sarnold> neat
<sarnold> next line in the README includes https port :)
<munsking_> nacc: thanks a ton, that's exactly the info i need, my own fault for not looking at github
<sarnold> nacc: does that also include where to file bugs?
<nacc> sarnold: i assume so, based upon it being the contact line
<nacc> there are a ton of issues filed :)
<munsking_> 20 different guides and not a single one mentioned it
<nacc> munsking_: `snap info...` is the first place i'd go to for any given snap
<sarnold> nacc: thanks, i've just seen a fair number of complaints about snaps just filed on any old random package on launchpad and wondered where to send people
<nacc> sarnold: yeah, it's a per-snap thing
<tomreyn> https://docs.snapcraft.io/configuration-in-snaps/510
<tomreyn> munsking_
<nacc> yep, that's what's referred to on github as well
<munsking_> yea, i'm sorry, i should have RTFM, i usually do...
<tomreyn> looks like it's documented then.
<munsking_> thanks a ton though, all of you
<nacc> munsking_: not a problem! snaps are not obvious until you are used to them :)
<munsking_> how do snaps update? are they "included" with apt update/upgrade ? or does it have its own manager?
<nacc> munsking_: their own manager, they updated on a periodic timer
<nacc> munsking_: iirc, it's a systemd timer, and it fires in some semi-random offset N times a day, where N might be 4 ?
<nacc> I can't recall for sure
<nacc> munsking_: you might want to ask that in #snappy
<munsking_> nacc: oookay, automatic or does it require user input? if it's automatic it sounds a bit too windows-y
<munsking_> nacc: alright, i'll have a look
<nacc> munsking_: automatic fully
<munsking_> ouch
<nacc> munsking_: with snaps, you are trusting the upstream to know when you need updates
<nacc> (at least, that's how i see it)
<nacc> it looks like it's part of the snapd systemd service
<munsking_> nacc: this might have been a mistake, windows broke all my trust for auto updates, maybe snaps can restore some of it
<nacc> munsking_: tbc, snaps are more confined than windows updates. They aren't OS updates, but applications.
<sdeziel> aren't snap shipping a full OS (16.04?) too?
<munsking_> nacc: true true, but still, configs might break, or defaults might be the opposite of what i need, and this nextcloud is live and public, not just some internal thing.
<munsking_> i'll check if i can disable or delay it or something
<munsking_> or maybe it just works
<munsking_> ok the https stuff worked :D thanks!
<nacc_> munsking_: well, that's what CI is for upstream. Again it's a trust model :)
<nacc_> sdeziel: you mean the core snap? yes, but that's only used by other snaps
<sdeziel> nacc_: hmm, I though that each snap bundled one which would have explained why vlc's snap weights 555M
<sdeziel> nacc_: I can't read, vlc's snap weigths 204M, still a bit high for just a media player, I always though there was more to it
<munsking_> nacc_: i'm forced to be a windows admin at work, i assume you can guess where my trust is ;) to be fair, in the ~6 years i've been linux (main OS at home, several webservers) my trust in linux has never been broken (only the trust in my own abilities lol)
<Epx998> is it possible to rebuild the squashfs and kernel with the vmtools already added?
<nacc_> Epx998: anything is possible :)
<nacc_> sdeziel: it depends on the type of snap, tbc
<nacc_> sdeziel: vlc is confined, so it relies on the core snap for the base OS interface
<sdeziel> nacc_: I came to the conclusion I should read more on snaps :)
<nacc_> sdeziel: the reason for the bloat is all of the dependencies are shipped in the snap
<nacc_> sdeziel: yeah, it's a very different way to do things, tbh
<plm> Hi all
<plm> $ sudo losetup -P /dev/loop0 rootfs.img
<plm> losetup: rootfs.img: failed to set up loop device: Device or resource busy
<plm> Anyone know why this error? I just boot my ubuntu host and try that.
<plm> A information. Yesterday I updated my ubuntu host 16.4
<TJ-> plm: something already on loop0 ("losetup -a" )
<plm> TJ-: $ losetup -a
<plm> /dev/loop0: []: (/var/lib/snapd/snaps/pycharm-community_85.snap)
<plm> /dev/loop1: []: (/var/lib/snapd/snaps/core_5662.snap)
<TJ-> plm: use "losetup --show --find --partscan rootfs.img" and it'll pick a free loop for you
<genii> Or possibly rootfs.img is in use
<plm> TJ-: with "losetup --show --find --partscan rootfs.img" works =D
<TJ-> plm: you can reduce those options to "--show -f -P"
<plm> TJ-: right =D
<plm> TJ-: $ sudo losetup --show --find --partscan rootfs.img
<plm> /dev/loop2
<plm> TJ-: now I just use '/dev/loop2' on my mounts/umount options,right?
<TJ-> plm: well, if there are partitions, no. You'd use /dev/loop2pX where X is the partition number
<TJ-> plm: If I recall correctly the partition nodes are under /dev/mapper/
<plm> TJ-: I just substitute loop0 by loop2:
<plm> $ cat mount.sh
<plm> sudo losetup -P /dev/loop2 rootfs.img; sudo mount /dev/loop2p1 /target; sudo mount --bind /etc/resolv.conf /target/etc/resolv.conf; sudo mount --bind /proc/ /target/proc/; sudo chroot /target /bin/bash
<plm> $ cat umount.sh
<plm> sudo umount /target/proc; sudo umount /target/etc/resolv.conf; sudo umount /target; sudo losetup -d /dev/loop2
<plm> TJ-: ^
<plm> and that works
<plm> TJ-: are there a way to change name of bash$ when go to chroot? Becouse I always do 'df -h' to know if I'm in a chrooted or not. Any idea?
<sarnold> the ubuntu default PS1 value knows how to show you schroot names: $ echo $PS1
<sarnold> \[\e]0;\u@\h: \w\a\]${debian_chroot:+($debian_chroot)}\u@\h:\w\$
<sarnold> but if you don't use schroot then I think it won't help much
<sarnold> anyway you can fiddle with PS1 as you need
<plm> Hi all
<dxc> hi guys, I'm trying to remove the livepatch notification from my 18.04 LTS Server MOTD
<dxc> I've already edited /etc/default/motd-news and set enabled=0
<dxc> is there anything else I should do?
<dxc> I've removed the script from /etc/update-motd.d/ too
<teward> RoyK: sarnold: turns out (thanks to #ubuntu-kernel for helping!) it was traced to a firmware/microcode problen
<teward> updated the BIOS in my Z400 workstation and the kernel started working
<dxc> anyone have any idea about my issue? :o
<dxc> tried restarting and that didn't do it
<dxc> Â¯\(Âº_o)/Â¯
<nacc_> dxc: you only want to not display the livepatch info?
<dxc> Correct.
<dxc> * Canonical Livepatch is available for installation. < that wohle bit
<dxc> I did it on some other machines
<dxc> But I can't remember how I did it, and I can't find the guide online that I followed
<dxc> so I tried bruteforcing it...which didn't seem to work :p
<nacc_> i think setting it to enabled=0 was incorrect, that would disable all of the updates, aiui; but it sounds like you are saying that it still is displayin the info
<dxc> https://patdavid.net/2018/08/ubuntu-ssh-ads-motd/
<nacc_> dxc: right, that would remove all of it, which isn't what you said you wanted to do, but let's move past that
<dxc> in my motd, I see the welcome message, the documentation links, the sysinfo, then the livepatch crap, then the packages that can be updated/security updates
<dxc> I want to remove the livepatch stuff, I've already nuked the news part
<dxc> basically, this is how it looks now
<dxc> https://paste.ubuntu.com/p/Yf9scTbm3R/
<dxc> https://paste.ubuntu.com/p/ZsqVDKRsf2/ this is how I want it to look
<nacc_> dxc: i don't know, it seems like removing that /etc/update-motd.d/ file would have been sufficient
<dxc> yeah.
<dxc> I tried setting it to -x first
<dxc> didn't work
<dxc> removed it
<dxc> rebooted
<dxc> etc
<dxc> :D
<nacc_> dxc: is there anything odd about your config? those files all result in generated content in /run/motd.dynamic  aiui
<dxc> not really, no..
<dxc> I mean, its a bog-standard DO droplet
<dxc> using it as a mailserver
<dxc> ...
<dxc> omfg
<dxc> :|
<dxc> I fixed it
<dxc> lmao
<dxc> I was chmod'ing the wrong file :V
<dxc> it works now, I'm an idiot, is it friday yet
<dxc> thanks nacc_ o/
#ubuntu-server 2018-10-25
<mason> ping sbeattie - PM?
<mason> unping
<ahasenack> good morning
<ahasenack> kstenerud: try the server-next tag
<ahasenack> kstenerud: https://bugs.launchpad.net/ubuntu/+bugs?field.tag=server-next
<ahasenack> kstenerud: and bite-size
<ahasenack> kstenerud: https://bugs.launchpad.net/ubuntu/+bugs?field.tag=bitesize
<ahasenack> not all are server, though, that query needs to be refined
<kstenerud> ok
<ahasenack> use advanced search
<ahasenack> kstenerud: https://bugs.launchpad.net/ubuntu/+source/fetchmail/+bug/1798786 should not be fix committed
<ubottu> Launchpad bug 1798786 in fetchmail (Ubuntu) "can't retrieve gmail emails. fetchmail: OU=No SNI provided; please fix your client./CN=invalid2.invalid" [High,Fix committed]
<ahasenack> kstenerud: I'm going to add a cosmic task, and we will leave the main task for tracking the progress in the development release of ubuntu once it opens
<ahasenack> kstenerud: are other releases also affected?
<ahasenack> looks like bionic is, that's where the bug was reported
<kstenerud> I think all previous versions will be affected
<kstenerud> it wasn't filling out a name field, but server side wasn't checking either before
<ahasenack> can you check please and let me know? Then I can add or not more tasks if needed
<kstenerud> ok
<kstenerud> ahaseanck: trusty and xenial work fine
<ahasenack> kstenerud: good, thanks for checking
<kstenerud> ahasenack: I'm still not clear on what fields are used when in the dep-3 header. They mostly seem to be duplicates of each other
<ahasenack> kstenerud: yeah, there can be some confusion, and on top of that you will have reviewers with different opinions
<ahasenack> kstenerud: I can see the intention of applied-upstream, but if the patch origin is upstream already, then it's redundant in my opinion.
<ahasenack> kstenerud: if the patch is *not* from upstream, but applied upstream, then why wouldn't the origin not be upstream already? Maybe if they were different authors
<kstenerud> What is the Origin field for? I see options for upstream, backport, vendor, other, but no description of what any of those mean
<ahasenack> upstream is the software author
<ahasenack> like samba.org for samba packages, openldap.org for openldap, and so on
<ahasenack> backport is if you had to change the patch to fit the particular ubuntu package you are patching
<ahasenack> and vendor is if it came from redhat, debian, suse, intel, etc. Not upstream, but other distributors of the software. I rarely use that one
<ahasenack> because eventually it gets landed upstream
<ahasenack> note also that the presence of one field may make another one optional
<kstenerud> So origin will be one of those 4 words, a comma, and then a url?
<ahasenack> like author vs origin
<ahasenack> yes, word, comma, url
<kstenerud> What does it mean when a patch is forwarded?
<ahasenack> if you created the fix, for example, if you forwarded it upstream or not
<ahasenack> i.e., if you let upstream know about the fix
<ahasenack> sometimes a fix only makes sense for ubuntu, for example, in which case Forwarded would be "not-needed" or "no"
<kstenerud> so "forwarded" and "bug" serve the same purpose?
<ahasenack> there are many ways to forward a patch
<ahasenack> sometimes upstream doesn't have a bugtracker, so you forward by email
<ahasenack> like via a mailing list
<kstenerud> So if you needed to send via email what do you put in?
<rbasak> If you got the patch from upstream, then I think just "Origin: upstream, ..." is sufficient.
<rbasak> Forwarded is useful for if you wrote the patch and sent it somewhere but hasn't been upstreamed (or if a contributor wrote the patch and the same applies)
<ahasenack> kstenerud: I had to do that once, and it wasn't clear either since it's so rare. I think I just put the words "Emailed Foo Bar <foobar>"
<rbasak> (plus Bug, Bug-*, Last-Update, etc)
<kstenerud> rbasak: So Forwarded has allowed values URL or no
<kstenerud> or not-needed
<ahasenack> Forwarded: <URL|no|not-needed, useless if you have a Bug field, optional>
<ahasenack> it helps to have a saved-up dep3 template
<kstenerud> yes I'm looking at the template
<ahasenack> so it says URL in there :)
<ahasenack> ah, you were making a statement, not a question
<ahasenack> n/m
<kstenerud> Yes, but if you wrote a patch that hasn't been upstreamed, there wouldn't be a URL to put in...
<rbasak> I think you can put whatever you like in Forwarded, except that anything apart from "no" and "not-needed" means "yes" so there are only two ways of saying no.
<ahasenack> kstenerud: the url could be to the mailing list archive showing you emailed the list with the patch
<rbasak> "The field is really required only if the patch is vendor specific..." -- there you are :)
<rbasak> Otherwise you'd have an Origin header.
<kstenerud> So for an Ubuntu maintainer, does this make sense? https://pastebin.ubuntu.com/p/Wjx2y34Cst/
<kstenerud> I want to update my document so I can remember
<ahasenack> kstenerud: bug-<vendor> can also be Bug-Debian, Bug-Fedora, etc
<kstenerud> Would we put Bug-Debian? Wouldn't that be for a debian maintainer?
<ahasenack> Bug-Debian is super common
<smoser> ahasenack: ?
<ahasenack> the point of dep-3 headers is to record patch history
<ahasenack> smoser: yes?
<smoser> i m issed a ping way up
<ahasenack> then it's gone :)
<kstenerud> oh so that means that there's a debian bug report?
<smoser> what was it?
<ahasenack> smoser: maybe about the git-ubuntu build{,-source} breakage? We had to revert your branch
<ahasenack> kstenerud: yes
<smoser> i think that was it, but what was wrong?
<ahasenack> kstenerud: if you use dep3changelog to construct the d/changelog message from a patch, it will also record in the d/changelog message the debian "Closes: #nnnn" string
<ahasenack> kstenerud: sometimes debian grabs our fixes, and that string tells them that this particular ubuntu upload is also fixing a debian bug
<ahasenack> smoser: #1799300
<ahasenack> kstenerud: doesn't mean you have to go hunting and searching vendors' bug reports, but sometimes that is recorded in the launchpad bug already
<kstenerud> ahasenack: dep3changelog is similar to git-ubuntu.reconstruct-changelog?
<ahasenack> kstenerud: yes, but it also checks the syntax of the dep3 header for you, like if you missed a mandatory one
<ahasenack> or just have an invalid syntax
<sam_w> hi all, a preseed issue: I am loading a preseed config via https which causes certificate verification errors as the busybox installer environment seems to be missing any ca certs. I am aware of the debian-installer/allow_unauthenticated_ssl=true option, but this didn't seem to work as a boot parameter
<rbasak> sam_w: how are you booting the installer?
<sam_w> are you aware of any way to either d-i preseed/include an http file from a preseed file included in the boot image, or manually add ca certificates to the install environment?
<rbasak> sam_w: I ask because the usual ways of doing that aren't secure so https brings little benefit.
<sam_w> rbasak: usb flash drive
<rbasak> Then you have a reasonable question :)
<rbasak> I understand the question, but I don't know the answer, sorry.
<rbasak> Are you sure the boot parameter syntax is correct?
<rbasak> I was under the impression that any preseed option could be a boot parameter. If not, perhaps that one should be added to the list.
<sam_w> rbasak: fairly sure. That was what I was wondering, if it was any or there was some mapping or explicit passthrough
<sam_w> from grub.cfg: `linux	/install/vmlinuz noprompt auto=true priority=critical console-setup/ask_detect=false netcfg/choose_interface=auto locale=en_GB debian-installer/allow_unauthenticated_ssl=true url=<snip> quiet ---`
<rbasak> sam_w: seems reasonable to me. The next thing to do is to dive into the code I suppose.
<rbasak> sam_w: I'd check first that the key/value is correct, but you obviously can't do that using a regular preseed!
<sam_w> the only other thing would be: if it was possible to have a preseed file on the iso with that option, and then include one via https
<sam_w> but the impression I got from the docs was that preseed/include only works for the same scheme that the file it is in comes from
<kstenerud> ahasenack: I was unable to reproduce the fetchmail bug on bionic
<ahasenack> kstenerud: but that's where it was reported
<ahasenack> kstenerud: and bionic and cosmic have the same exact versions
<ahasenack>  fetchmail | 6.3.26-3build1 | bionic  | source, amd64, arm64, armhf, i386, ppc64el, s390x
<ahasenack>  fetchmail | 6.3.26-3build1 | cosmic  | source, amd64, arm64, armhf, i386, ppc64el, s390x
<ahasenack> you must be using the fixed package by mistake
<kstenerud> I'll do a fresh install and see
<kstenerud> Nope... Won't trigger on bionic, but triggers on cosmic
<ahasenack> is it up-to-date?
<ahasenack> apt dist-upgrade wise
<kstenerud> yup
<kstenerud> and both report the same version of fetchmail
<ahasenack> what remains is the ssl version
<kstenerud> I basically lxc launch ubuntu:cosmic or ubuntu:bionic and then https://pastebin.ubuntu.com/p/G9xHNGtQ9c/
<ahasenack> kstenerud: oh, wait, the reporter was using 18.10, not 18.04
<ahasenack> InstallationMedia: Ubuntu 18.04 LTS <-- he originally installed 18.04, but is now on 18.10
<kstenerud> ok
<ahasenack> still weird though
<ahasenack> maybe bionic doesn't support that tls version that this triggers?
<ahasenack> what was it, tls 1.2?
<kstenerud> maybe. Google only does this weird stuff if you ask for TLS 1.3
<ahasenack> can you check the ssl or gnutls library fetchmail is linked to in both cosmic and bionic? use ldd
<kstenerud> what args do I use?
<ahasenack> ldd <binary>
<kstenerud> they're both the same
<ahasenack> your test forces the tls version?
<kstenerud> --sslproto TLS1.2+
<kstenerud> that's as high as it goes in both versions
<kstenerud> bionic succeeds, cosmic fails
<kstenerud> fetchmail -d0 -vk --sslcertck --sslproto TLS1.2+ pop.gmail.com
<smoser> i cant rbasak ping
<smoser> so what do you want me to do. fix is this:
<smoser>  http://paste.ubuntu.com/p/Vf2RfST58Q/
<rbasak> That's fine if it works.
<smoser> so just rebase my old branch?
<rbasak> Yeah, on origin/master please. Then we can do another CI run and ahasenack can test his use cases from it too, and if all happy we can merge.
<smoser> k
<ahasenack> kstenerud: there is an openssl difference between bionic and cosmic
<ahasenack> kstenerud: bionic has openssl 1.1.0, cosmic has openssl 1.1.1
<ahasenack> ubuntu@bionic-fetchmail:~$ dpkg -S /usr/lib/x86_64-linux-gnu/libssl.so.1.1
<ahasenack> libssl1.1:amd64: /usr/lib/x86_64-linux-gnu/libssl.so.1.1
<ahasenack> ubuntu@bionic-fetchmail:~$ dpkg-query -W libssl1.1
<ahasenack> libssl1.1:amd64	1.1.0g-2ubuntu4.1
<sdeziel> I think that openssl 1.1.1 on cosmic has support for tls 1.3
<ahasenack> it's not just that, I think some default might have changed
<ahasenack> I can reproduce the error on cosmic with just this: openssl s_client -connect pop.gmail.com:995 -noservername
<ahasenack> with -tls1_3 it doesn't finish the handshake
<kstenerud> According to upstream reports it's due to Google's bizarre behavior of passing back a self-signed cert in some circumstances
<kstenerud> such as the SNI missing in a 1.3 connection
<kstenerud> it downgrades to 1.2+, but also sends back a completely different cert
<ahasenack> another thing I'm thinking is that openssl 1.1.0 is setting a default sni, if none is given
<ahasenack> there is no -noservername in openssl 1.1.0's s_client command
<ahasenack> fetchmail's --sslproto TLS1.2+ means 1.2 *or* newer, not > 1.2
<ahasenack> doesn't mean it's negotiating 1.3
<ahasenack> and the output of openssl's s_client -tls1_3 suggests that 1.3 is not supported
<kstenerud> yeah, not sure what it's actually doing under the hood. That's just the chatter from the upstream bug reports
<ahasenack> that being said, using --sslproto TLS1.2 (which asks for 1.2 exactly) works
<smoser> qhttps://code.launchpad.net/~smoser/usd-importer/+git/usd-importer/+merge/357826
<ahasenack> so ok, let's leave bionic out of it
<smoser> ahasenack, rbasak
<rbasak> Thanks!
<smoser> you can test ust by adding 'usd-importer/bin' to your PATH and running 'git-ubuntu build'
<rbasak> ahasenack: once CI has passed, would you mind grabbing the built snap from CI and testing it please?
<ahasenack> kstenerud: set the bionic task to invalid and add a comment about these tests you did, saying you couldn't reproduce it there or something lke that, even if the code is affected
<rbasak> Or that.
<ahasenack> yes
<sdeziel> tcpdump would tell you if SNI is used
<ahasenack> kstenerud: it might boil down to just the fact that openssl 1.1.1 is the one implementing tls 1.3, and 1.1.0 isn't
<ahasenack> hence, bionic not affected
<Kabriel> is there a way to setup my ubuntu server to be a middle man for ubuntu updates, such that other machines I have query that server and if the update is not already cached, it retrieves it, otherwise it uses the cached version.
<xnox> Kabriel, you can setup transparent squid proxy; and install a client machines to query local net providers over avahi first....
<xnox> Kabriel, https://packages.ubuntu.com/search?suite=default&section=all&arch=any&keywords=squid-deb-proxy&searchon=names
<xnox> squid-deb-proxy & squid-deb-proxy-client
<Kabriel> Thanks for the hint. This seems like a good tutorial: https://fabianlee.org/2018/02/08/ubuntu-a-centralized-apt-package-cache-using-squid-deb-proxy/
<Kabriel> It lead me to apt-cacher-ng, which also looks interesting.
<UberPope> Hiya folks! I'm on my first attempt to install Ubuntu Server on a refurb. T410
<UberPope> The goal is to have a prototype to offer to local clients: Office server, ERP, File server, Ecommerce+WooCommerce, integrated with the ERP on the LAN.
<xnox> Kabriel, yeah, apt-cacher-ng is the other one.
<xnox> Kabriel, there is also a cloud-mirror proxy, as a juju charm, which is deployed typically in cloud-regions. But it's slightly more heavier to use.
<xnox> Kabriel, that one rsyncs dists/, and caches or proxies for the pool/
<xnox> Kabriel, or you can run a local ubuntu mirror using ubumirror scripts.... and just point all your clients to your mirror.
<xnox> Kabriel, there are many options =)
<Kabriel> I have a small setup -- 10 machines all running 16LTS (1 server, rest desktops). Cloud system doesn't sound right, or the mirror. I like the caching idea.
<Kabriel> Any experince with squid vs cacher-ng
<Kabriel> ?
<sdeziel> Kabriel: I've been a happy user of apt-cacher-ng for many years
<kstenerud> wow weird... sudo in cosmic always respects -p '', even if I copy the sudo from bionic (which doesn't respect -p '')
<kstenerud> so there's some environmental issue maybe...
<ahasenack> kstenerud: could be PAM-related, and default config related
<ahasenack> kstenerud: the sudo manpage mentions an option about prompt overriding in /etc/sudoers
<kstenerud> yeah, already looked in that, and sudoers.d. didn't see anything different
<ahasenack> rbasak: dwnloading that snap from jenkins:
<ahasenack> git-ubuntu_0+git.30720a7_amd64.snap                    2%[++                                                                                                                    ]   2.53M  63.6KB/s    eta 28m 3s
<ahasenack> :(
<kstenerud> wow...
<mybalzitch> zoom zoom
<kstenerud> hmm ok timebox up for sudo. The only ways it's supposed to override the prompt is if passprompt_override is set in sudoers (it isn't), or SUDO_PROMPT env is set (it isn't). It's not a problem with the binary because taking the bionic binary and running it from a cosmic machine works perfectly :/
<ahasenack> +1
<rawco> hi all
<rawco> howâs peopleâs day going
<ahasenack> it's good here
<ahasenack> thanks
<rawco> so, iâm trying to expand my main partition, for some reason the ubuntu installer created a 4G partition
<rawco> and it keeps getting filled
<rawco> https://pastebin.com/keXBG0b1
<rawco> thereâs a bunch of available space on that sdi drive
<ahasenack> did you use lvm?
<rawco> yes
<ahasenack> yeah, known bug :/
<rawco> yeah, i did have some problems when installing, had to test a couple of installer isos
<ahasenack> https://bugs.launchpad.net/subiquity/+bug/1785321
<ubottu> Launchpad bug 1785321 in subiquity "LVM Entire Disk option does not use entire disk" [Undecided,New]
<rawco> yep, das it
<rawco> so, i was wondering if i can do the expanding of the volume online
<rawco> with growpart and resize2fs
<rbasak> See comment 2 there in that bug
<rbasak> lvresize has a --resizefs option
<rbasak> Saves a call to resize2fs, though that's more useful when shrinking rather than expanding
<rawco> rbasak: thanks, iâll read over the bug page
<rbasak> You can increase ext4 size online, so it should be straightforward. Note that shrinking can only be done offline, which is more of a pain for a root filesystem.
<jelly> not using the space is a lot better bug than debian's default of "using everything, the whole VG, for last created LV and filesystem, leaving no space at all for snapshots or resizing"
<rawco> rbasak: all done: /dev/mapper/ubuntu--vg-ubuntu--lv  108G  3.3G  100G   4% /
<rawco> thankâs to everyone :D
<jelly> looking at that bug report, this is in fact exactly how I'd want the "use entire disk for LVM" to work in Debian ;-)
<lotus|NUC> rawco: can you still recall wich iso you used for install?
<rawco> lotus|NUC: sorry, i donât really remember what iso i used
<rawco> i think i had to use the 18.04 iso, because 18.04.1 iso was not working with my hardware setup
<rawco> it was a couple of months ago, sorry :(
<rawco> i thought it was me and not the iso lol
<rawco> so i just ignored
<lotus|NUC> rawco: yeah might be relevant info for the channel here
<rawco> i will lurk more here, since yaâll are awesome
<lotus|NUC> i have a gf already :p
<rbasak> ahasenack: I can grab historical git-ubuntu snap binaries for you if it would help
<ahasenack> rbasak: do you still have 439 installed? Should be trivial to reproduce the bug. kstenerud or do you have it perhaps?
<rbasak> I'm on 440
<jelly> ahasenack, the mind boggles, why is this a bug!  This is precisely how "use whole disk for LVM" ought to work -- PV indeed uses whole disk (apart from /boot partition)
<rbasak> I might be able to revert.
<ahasenack> jelly: it was unexpected, or at least not clear enough that this would happen. Some people were surprised to get "disk full errors" after installing a few more packages
<ahasenack> at least expanding is easier than shrinking
<jelly> it's a lot better than what d-i does.  expanding is a fully online process.  shrinking of xfs is impossible, shrinking of ext4 is offline (and unoptimized, up to 4 times slower than copying, reformatting and copying back the data if there's more than 25-50% space used)
<rbasak> ahasenack: http://people.canonical.com/~rbasak/VAGSRAriUyDDlqsLunShJTe7503Uw4GF_439.snap.zsync and http://people.canonical.com/~rbasak/VAGSRAriUyDDlqsLunShJTe7503Uw4GF_439.snap
<jelly> no functional change seems required, just document things and maybe put up a notification
<rawco> what do yaâll use for monitoring your servers
<rawco> ELK stack?
<ahasenack> kstenerud: remember to create a card for fetchmail, if you haven't already (I didn't find it after a quick look)
<ahasenack> depends on how many servers, and if you have a raspberry pi3 or a 16Gb machine for monitoring :)
<ahasenack> elk is heavy
<rawco> i have a nice hp proliant server with sas drives and bells+whistles
<rawco> all the gigs
<ahasenack> grafana is pretty for the graphs
<ahasenack> negios (or its replacement, forgot the name) is good for alerts
<nacc_> ahasenack: icinga
<ahasenack> that one
<nacc_> (icinga2 i think technically)
<sarnold> there's too many choices
<sarnold> if there were one that sucked but it was the only one available, it'd still be the obvious choice
<sarnold> but there's dozens :)
<rawco> well, what do you use sarnold
<ahasenack> I use munin on a small server, but I'm not very happy with it. I think that machine can take more. It only has 3Gb of ram and runs zfs, and that's stretching it already according to docs, but real world usage shows it has some memory free
<ahasenack> Mem:          3.2Gi       2.1Gi       166Mi       2.0Mi       913Mi       890Mi
<sarnold> rawco: I'm currently suffering from analysis paralysis -- where I use nothing because I can't decide what to do :(
<rawco> sarnold: thatâs my current mood lmao
<rawco> weâre already paying for connectwise, but itâs trash for monitoring
<teward> sarnold: Landscape.  *shot*
<teward> (just kidding)
<teward> sarnold: analysis paralysis is bad.  :P
<sarnold> teward: tell me about it..
<rawco> dehumanizing, i would say
<rawco> i wanna surveil this goddam servers
<rawco> 24/7
<sdeziel> Nagios3 serves us well but we don't have a huge park (~200 machines with 2k service checks)
<sdeziel> the webUI makes your eyes bleed so we use check-mk-multisite instead
<sdeziel> munin is for collecting performance data (no alerting capabilities that I'm aware). For perf data and some alerting netdata is pretty nice and comes with a nice webUI
<rawco> sdeziel: that makes sense, monitoring != performance data
<rawco> i wonder is thereâs anything out there that does everything + looks nice
<sdeziel> rawco: well, with nagios3 we also collect perf_data for quick graphs
<rawco> splunk ony collects logs/files and graphs them , right?
<rawco> no actual âmonitoring"
<shubjero> rawco: zabbix, elk, grafana
<rawco> thanks shubjero
<waveform> actually munin does have some rudimentary alert facilities but they're not configured by default (or rather, they're configured to report via nagios by default on ubuntu - but they can be configured to report directly via e-mail)
<waveform> here we go: https://munin.readthedocs.io/en/latest/tutorial/alert.html
<sdeziel> good to know, thanks waveform
<shubjero> rawco: zabbix for active monitoring of hardware and os metrics. ELK for massive log aggregation. Grafana helps fill some gaps with zabbix for us
<shubjero> rawco: so on any server we monitor we would have a zabbix-agent and a filebeat client running
#ubuntu-server 2018-10-26
<sofia07> I installed ubuntu server 18.04.1 and is so strange I want to install virt-manager and I cannot see it... can anyone tell me how to get the rigth repos ?
<sofia07> I would assume that is in the default rep
<sarnold> sofia07: virt-manager is in universe.. one moment..
<sarnold> sofia07: in your /etc/apt/sources.list file, the bionic, bionic-updates, bionic-security lines, add 'universe' after 'main'
<sofia07> sarnold, thanks, I thought is in main
<sofia07> strangely, on the new server installed I do not remember asking me wheather I should install other repos
<sarnold> sofia07: I think it used to be, iirc we moved it to universe to make it easier to do wholesale version upgrades..
<sofia07> thanks again, I forgot to look at /etc/apt/sources.list - but that is what you said
<sofia07> one more question - is there a comparison of netplan vs /etc/network/interfaces ? I see it as new feature, I am still not quite clear what is the advantage ?
<lotuspsychje> !netplan | sofia07
<ubottu> sofia07: Netplan is a network configuration abstraction renderer which uses YAML descriptions of a network to work with either a NetworkManager or Systemd-networkd "renderer". More information at https://netplan.io/
<lotuspsychje> sofia07: some users we see purge netplan and proceed with the previous networking, the users choice really
<sarnold> sofia07: from my perspective, netplan is a lot more declarative.. ifupdown *looked* declarative but it was more or less just scripts.. and if you edited those config files before "undoing" changes correctly, you were *never* going to get your correct state back..
<sarnold> sofia07: I think there were benefits of going to systemd-networkd for management but .. so. many. files. so. verbose. oh. my.
<sofia07> sarnold, I agree, it is all becoming too stuffy, we are going to use netplan, but it was much simple to know /etc/network/interfaces ...
<sarnold> sofia07: yeah, I had mixed feelings about losing /etc/network/interfaces
<sarnold> It *looked* simple, and if you got it right on the first try, it kinda was simple :)
<lotuspsychje> in my feeling netplan looks pretty stable
<sofia07> well, it would be interesting to see a review of current options and tools in networking
<sofia07> it would have been cool to have similar concepts in all linux distros, and with unix too (freebsd in particularly)
<sofia07> anyhow, I will  try now to make a bridge - have a small server with few virtual machines
<sarnold> I think there's reasonable shot for netplan.io to become that mechanism -- it looks tolerable enough to write new "renderers" for different backends, and as more distros are likely to eventually pick up systemd-networkd, even without new renderers it might get more and more useful
<sarnold> and I think I heard netplan integrates well enough with cloud-init, which is another cross-distro mechanism for setting up machines..
<sofia07> it looks interesting, now I am more cool of learning a bit more, instead of just making it work :)
<sofia07> thanks
<sarnold> sofia07: as it stands the majority of the netplan docs are on https://netplan.io/ -- be sure to hit the 'report a bug on this site' for any comments, suggestions, bugs, etc :)
<lordievader> Good morning
<sofia07> OK, there is a problem with this netplan, anything I do, even from one NIC (I want to create a bridge), both NICs are messed up... is there a working sample of netplan config bridge for ubuntu 18.04 server (I want to use the bridge for virtual machines on kvm
<sofia07> what is the best command to restart the networking so the /etc/netplan/50whatevf.yaml is utilized ? I just change it  and systemctl restart networking does not do it
<ahasenack> good morning
<cyphermox> sofia07: sudo netplan apply
<cyphermox> sofia07: as for an example of bridge, that would be here: https://netplan.io/examples#bridging
<cyphermox> but I use bridges for VMs too, I'm able to answer questions
<sdeziel> cyphermox: I'll take that opportunity to ask you if one can create a bridge with no physical device enslaved now with netplan?
<cyphermox> sdeziel: should be, yes
<sdeziel> cyphermox: cool, for some reason it didn't work in my previous testing
<sdeziel> but that was some time ago
<cyphermox> sdeziel: I added that this cycle
<cyphermox> a few months ago, I think, but this cycle :)
<sdeziel> cyphermox: so Cosmic and forward? Or will that be backported to Bionic?
<cyphermox> it will
<cyphermox> the SRU is in -proposed, I'm not done checking the various features
<sdeziel> thanks that will be handy here
<sofia07> cypermox, sorry I pasted two files - one which has the two NICS working , other with attempt to make one NIC bridge - the second is not working
<sofia07> netplan initial - working - no bridge https://paste.debian.net/1049120
<sofia07> netplan with a simple attempt to make a bridge and use one card - this config does not work https://paste.debian.net/1049121
<compdoc> the bridges are for kvm?
<cyphermox> compdoc: not there yet
<cyphermox> sofia07: there is a typo in interfaces: enp36a0 instead of s0
<compdoc> i had to create bridges for kvm in 18.04. thought i could do it all with netplan, but kvm didnt like it
<cyphermox> compdoc: for that i wrote a blog post
<compdoc> I figured it out
<cyphermox> it's more than just vm but http://blog.cyphermox.net/2018/05/building-local-testing-lab-with-ubuntu_16.html
<compdoc> i now use netplan for the interfaces, and /etc/network/interfaces for the bridges
<cyphermox> ok
<compdoc> I figure kvm will change to work with netplan someday
<sofia07> cyphermox, thanks - I am looking at your configs, the NICs names are OK on mine -  anyhow, if I do /etc/network/interfaces netplan is ignored ?
<sofia07> because I know how interfaces work, and can make it in a sec, I use kvm too
<sofia07> how can I disable netplan and use only /etc/network/interfaces ?
<mason> sofia07: Install ifupdown, remove /etc/netplan/*.yaml
<sofia07> thanks..
<mason> sofia07: Depending on your use case, I'm finding that netplan is just a higher-ceremony /etc/network/interfaces. Might be worth poking at it before giving up on it.
<mason> sofia07: There are other good ones, but the first article I read on it: https://webby.land/2018/04/27/bridging-under-ubuntu-18-04/
<blackflow> NIHplan is actually abstraction, not just higher-ceremony interfaces. 15th standard designed for one ring to rule them all.
<blackflow> it literally serves no other purpose but...... to be "One config to rule them all and in YAML bind them".
<cyphermox> blackflow: thanks for your constructive criticism.
<blackflow> you're welcome.
<mason> cyphermox: Apologies for not getting my suggestion/issue in yet, but I still plan to do it. Life has just been crazy.
<cyphermox> mason: np
<mason> (Which see, it seems that some of the structure is default and unchanging, and hence can be assumed to let people have far simpler/easier to remember syntax/files.)
<mason> (For the folks who didn't see my initial yapping.)
<mason> s/assumed to/assumed, so as to/
<sofia07> since yaml seems to need things place correctly (tab etc), it is very confusing, the generated netplan/50..yaml file for the server has different look than the one at netplan... other tutorials yet other, and so far, any change I made, rendered the network useless - I wish I could just to one NIC at the time too - anyhow, /etc/network/interfaces is straight forward or maybe not... is was just working for years  :)
<mason> sofia07: There are variations that are legal/valid. Different ways to represent lists and stuff. I haven't gotten it all down as yet.
<mason> I share your love of ifupdown, mind you, but I've gotten over my initial reaction to netplan.
<cyphermox> it's a lot like python, really
<cyphermox> sofia07: fwiw, aside from the typo your config looks valid for br0
<sofia07> that ads so much confusion, I look at few tutorials, and NONE has similar structure (yes, the structure might be there, but subtle changes matter, and I do not know which one matter and which not) - I am saying that this is unforgiving (that how it look to me)
<cyphermox> sofia07: do you have examples of the tutorials? I could go have a look
<sofia07> cyphermox, thanks, it seem that that server gets out in internet through external wan, when the configuration is apply both lan and wan stop working
<cyphermox> this week I've been working on improving the error messages a lot, it should be easier to figure out when this are wrong (ie. tabs)
<cyphermox> sofia07: it might stop working for just a bit, or permanently?
<sofia07> well first the ones I pasted are generated by ubuntu 18.04 server at installation - they are different than the examples at neplan.io
<sofia07> cyphermox, no, permanently
<cyphermox> that's odd
<cyphermox> there wasn't much functional difference between the two configs you pasted
<sofia07> I am certainly missing something
<cyphermox> which one is wan?
<cyphermox> enp6s0?
<sofia07> cyphermox, yes, indeed, I just move the dhcp Lan NIC from bottom to top - under interfaces and added a bridge for the wan one - and mention which wan should I use
<cyphermox> sofia07: as long as you know which is which, that's what is important :)
<cyphermox> so; you might want to add "critical: true" on the interface
<cyphermox> that tells systemd not to release / renew the DHCP address when it restarts.
<sofia07> enp36s0: is the wan one
<cyphermox> ah, so not dhcp
<sofia07> yes
<cyphermox> is that at home? some consumer hardware doesn't like changing mac address, which would happen when you move the address from enp36s0 to br0.
<sofia07> I tried either, again, maybe I miss an indentation or something
<sofia07> no
<sofia07> It is connected to a modem in bridge mode
<sofia07> so the external ip should be not hindered by the mac address
<cyphermox> modems do sometimes care
<cyphermox> (I know mine does)
<cyphermox> the machine connected to it needs to be a mac that it recognizes, so I need to power it off, remove the battery, and start it over again when I change what is connected to it
<cyphermox> anyway -- your config in https://paste.debian.net/1049121 is valid, aside from the fact that in br0, interfaces:  is set to the wrong name
<cyphermox> enp36a0 vs. enp36s0
<sofia07> there are two NICs - enp6s0 and enp36s0  (this are what I get when I do ip addr)
<cyphermox> yes
<cyphermox> sofia07: did you fix the typo?
<sofia07> what is enp36a0 ?
<cyphermox> an error, I assume
<cyphermox> that's what I see in your pastebin
<sofia07> oh - you right - let me see with the correct name - gosh
<cyphermox> I apologize for insisting on that, maybe you already fixed it
<sofia07> no, I did not notice it
<cyphermox> that would quite obviously make the bridge not work ;)
<sofia07> yes, but what is interesting why lan card would not work too = anyhow let me fix it
<TJ-> sofia07: it helps to compare the generated files under /run/... when things don't work as expected
<cyphermox> sofia07: for the lan card, my guess is it's that DHCP takes a while to catch up
<cyphermox> (hence adding "critical: true" might help)
<TJ-> cyphermox: does the empty "adresses: []" affect anything?
<cyphermox> TJ-: no
<cyphermox> it's extra, but it won't break dhcp
<sofia07> Thanks a bunch cyphermox ! it worked, I misstype the NIC, unbeleivable
<cyphermox> sofia07: np
<sofia07> so now I need to do some oether things for kvm to recognize the bridge ?
<cyphermox> I am a little surprised though, netplan should have told you there was a typo
<cyphermox> Error in network definition toto///etc/netplan/f.yaml line 11 column 25: br0: interface enp36a0 is not defined
<cyphermox> ^ this is the error it should have shown
<sofia07> when I did netplan apply ?
<cyphermox> yep
<sofia07> yes, that would be wonderful
<cyphermox> oh
<cyphermox> it didn't
<sofia07> Maybe I missed it, unfortunately I need to go, I was tethered to this machine physically :)
<cyphermox> sofia07: thanks, made me find a bug here
<sofia07> but, I will try quickly to make the lan work to
<cyphermox> ok
<sofia07> I do not remember saying anything, I could test it in a sec
<sofia07> wait a sec, let me change and see if it messages
<cyphermox> oh, I'm not using the right config, that's why
<sofia07> it is messaging, perhaps I was through ssh before in the machine, but at the machine I got the error mentioning it
<sofia07> I have to experiment a bit more with this, what I found odd, that it should still let the LAN NIC work and reroute the trafic to outside world through that,
<sofia07> anyhow, what do I need to do so kvm see the NIC ?
<sofia07> the bridge
<cyphermox> https://paste.ubuntu.com/p/ykqgfNFpxn/
<sofia07> can I do # do disable the line
<cyphermox> yes
<sofia07> cyphermox, thanks a bunch - both, my br0 and br1 work now - and I added the br0.xml and br1.xml to /etc/libvirt/qemu/networks
<sofia07> Thank you
<sofia07> It was really helpful and kind of you
<cyphermox> sofia07: np
<DammitJim> I know support for tomcat6 is basically done
<DammitJim> but is there a way to install it on ubuntu 16?
<DammitJim> through a repo?
<Epx998> I found -> https://askubuntu.com/questions/812566/how-to-install-tomcat6-in-ubuntu-16-04-using-apt-get-install
<tomreyn> this does exactly not do it with apt, and so the software would not get updates / security patches
<tomreyn> 16.04 offers tomcat 7 (in universe). there may be PPAs providing tomcat6 builds for 16.04, but it seems unlikely those would get patches either. and ppa's are not supported here.
<tomreyn> DammitJim: ^
<rawco> hi everyone
<rawco> i hope everyoneâs weekend is cool
<rawco> iâm going to DC
<Epx998> No!
<rawco> so, my weekend will be hell
<rawco> business trip
<Epx998> I am solo taking my 2 year old twins to a aquarium... thats hell
<Epx998> hell'a fun
<rawco> https://www.target.com/p/go-by-goldbug-monkey-baby-harness/-/A-75456038
<rawco> get a pair of those
<rawco> i have one that i put on my girlfriend
<Epx998> i have that actually, we got the one with the puppy
<rawco> nice, youâre a prepared parent :D
<Epx998> they just unsnap it and run off
#ubuntu-server 2018-10-27
<trippeh>                                       
<trippeh> err.
<RoyK>  
<rawco> VA - Blue Note 75th Anniv. MQS Collection (2014) [FLAC] {24-192} <â good stuff
