#ubuntu-server 2009-12-28
<Psi-Jack-> I'm curious.
<Psi-Jack-> Debian still uses the old ifconfig/route stack for pretty much all network initialization, including in ifup/ifdown.
<Psi-Jack-> Has Ubuntu made any efforts to move this into iproute2 days?
<laen> Zelest: gotta admit that i don't use libvirt, but i haven't found a direct way to do it either.. will let you know if i do :)
<laen> Psi-Jack-: i doubt ifconfig is gonna dissapear cause of iproute2
<Psi-Jack-> Never said that.
<Psi-Jack-> I just wanted to know if Ubuntu's working towards, or already has, started using iproute2 tools over ifconfig/route like most other distributions have already been doing.
<Psi-Jack-> Debian, I already know, is still not using iproute2 unless you use it manually yourself.
<Swapswap> Why does the motd think I need to restart the server?
<jmarsden> Swapswap: motd doesn't, landscape=sysinfo does.  Because you installed an updated package that requires it, possibly an updated kernel.
<Swapswap> Is there a way to figure out what exactly?
<jmarsden> Swapswap: Yes... but you seem to have left... read /var/log/dpkg.log
<tesseracter> ive looked all over the web for my situation, and have not found clear advice, understanding, or steps. the situation is ubuntu-desktop, 2 SSDs in a raid0, ext4. do i need a separate boot partition? can it be raid1? can the filesystem root be in the raid partition?
<bogeyd6> tesseracter, you dont need a separate boot partition, it can be raid 1 if hardware supports it, yes the root partition can be in the raid
<bogeyd6> tesseracter,  i hope that is clear enough
<tesseracter> bogeyd6: my current error when installing ubuntu is something about the boot install of grub failing. i'll see if i can get some more specific details.
<bogeyd6> tesseracter, are you letting ubuntu suggest the partitions or are you trying to make the partitions yourself?
<tesseracter> i made the software raid in palimpsest, then select it in the install - thats the only way that i found to select the raid array.
<bogeyd6> yeah thats the prob bro
<bogeyd6> Let your hardware do the raid
<bogeyd6> ubuntu will see it as a single drive and just make the partitions or accept the default partitions
<jmarsden> bogeyd6: he has 2 (SATA) SSDs, how can "the hardware do the RAID" ?  he lacks a hardware RAID controller.
<bogeyd6> you dont need software raid running on raid hardware
<bogeyd6> jmarsden, most computers, nay servers, have built in hardware raid, as fake as it may be, but you should let the hw do the work when available
<tesseracter> i dont have a hardware raid controller, the mobo has intel matrix raid support, which takes just as much cpu as software raid, and its raid0, so the cpu hit is negligible.
<jmarsden> bogeyd6: No, you should NOT use fakeraid with Linux, in general.  https://help.ubuntu.com/community/FakeRaidHowto -- see that warning!
<bogeyd6> jmarsden, can you be more specific on where the warnings are
<jmarsden> bogeyd6: You should be able to set up a Software RAID1 arrangement using the Ubuntu alternate installer.  See https://help.ubuntu.com/community/Installation/SoftwareRAID
<tesseracter> from what i've read, software raid for a single user system is fine. im not dual booting, so windows doesnt need to understand the setup.
<jmarsden> bogey: Read the page.  It says "FakeRAID is not supported by Ubuntu. Trying to install Ubuntu on such a partition could easily result in the loss of all your data."
<jmarsden> tesseracter: You are correct.  Use https://help.ubuntu.com/community/Installation/SoftwareRAID
<tesseracter> jmarsden: ok, so that page says that the boot partition must be raid1. ive got 2 64gb drives, OCZ recommends 2-4gb unpartitioned for erase blocks, which leaves ~60gb for stuff. how big should a boot partition be?
<jmarsden> tesseracter: 1GB is plenty.
<jmarsden> There are people who use 100MB for /boot
<tesseracter> well, i've had problems and needed to return to previous kernels in the past, so i'll stick with 1gb.
<tesseracter> and im backing everything up on a 2tb drive daily, network weekly, so clearing everything isnt a huge problem.
<bogeyd6> sounds like you got this
<bogeyd6> we got servers at work that load their /var/www/ from a SAN into a ramdisk so they can be super fast
<tesseracter> bogeyd6: i try, but there are a bunch of complications at every turn. i still havent figured out alignment.
<tesseracter> and yeah, im finishing things off with an extra 4gb of ram(8 total) and setting up a tmpfs for /tmp and various caches
<bogeyd6> you got 8gb total ram installed not including swap?
<tesseracter> only 4 right now, 4 in the mail.
<bogeyd6> you going 64bit or pae?
<tesseracter> im 64 bit at the moment. quadcore watercooled, if it matters. modeling workstation.
<tesseracter> the trouble is i spend so much time figuring out how it all works, and i've gotta get stuff done starting tomorrow morning.
<bogeyd6> tesseracter, might i ask the goal you are working towards?
<tesseracter> bogeyd6: im almost there. a comfortable blender workstation.
<tesseracter> and silence is very valuable to me, thats why the ssds and watercooling(looks cool too)
<bogeyd6> graphical?
<tesseracter> blender = 3d modeling, for game models and cutscreens.
<MTecknology> !search pdo
<ubottu> Found:
<MTecknology> hrm... how do I get PDO?
<MTecknology> or enable it..
<jmarsden> MTecknology: I don't understand the question... you browse to it... http://packages.debian.org/PACKAGENAME
<jmarsden> What do you want it to do for you?
<MTecknology> how do I install it
<tesseracter> jmarsden: can you link that page again? the software raid one?
<jmarsden> You can't install a web site...?
<MTecknology> hu?
<jmarsden> tesseracter:  https://help.ubuntu.com/community/Installation/SoftwareRAID
<MTecknology> PDO is an extention of PHP
<jmarsden> MTecknology: pdo is short for packages.debian.org which is a web site...
<jmarsden> Ah, looks like we have a TLA namespace collision !
<MTecknology> oh
<jmarsden> I think ther PHp PDO extension is included in the php5-mysql package, or it used to be...
<MTecknology> I have that installed...
<MTecknology> i   php5-mysql                      - MySQL module for php5
<jmarsden> dpkg -L php5-mysql | grep -i pdo   # suggests there is PDO stuff in there...
<jmarsden> What exactly are you trying to do?
<MTecknology> jmarsden: Install Durpal 7
<FireCrotch> MTecknology: you have to install pdo from pecl :)
<MTecknology> FireCrotch: :(
<FireCrotch> MTecknology: you'll need to have php5-dev installed, as well
<FireCrotch> pecl install pdo && pecl install pdo_mysql
<MTecknology> FireCrotch: what jmarsden just mentioned shows /usr/lib/php5/20060613+lfs/pdo_mysql.so
<MTecknology> and /etc/php5/conf.d/pdo_mysql.ini
<jmarsden> FireCrotch: Are you sure?  PHP PDO was added in Ubuntu Edgy precicely to avoid the need to do that.
<FireCrotch> eh jmarsden is probably right :)
<jmarsden> I'm not a PHP expert, but... seems odd that such support in Ubuntu would have regressed.
<MTecknology> pecl feels like an additional package manager - I don't want to need to go to the dark and ugly days of playing with ruby
<jmarsden> MTecknology: My thoughts too.
<jmarsden> MTecknology: Drupal6 is packaged and easy to install... looks like Drupal7 is shiny and new and not packaged for Lucid yet...
<MTecknology> That .so being there makes me think it is just a matter of enabling it
<MTecknology> I don't use web apps like Drupal from repos; I develope for them so I need things that are up to date
<MTecknology> Drupal7 isn't released yet - I'm just starting to develop with it
<FireCrotch> MTecknology: it *should* be enabled since the pdo_mysql.ini file is there
<FireCrotch> MTecknology: unless your /etc/php5/apache2/conf.d/ doesn't have it?
<jmarsden> MTecknology: Then logically you should package Drupal7, and then install your package(s), right? :)
<jmarsden> MTecknology: On my Karmic box here, installing apache2 and php5-mysql and friends gets me a system where phpinfo() shows:   PDO support enabled
<jmarsden> So I'd say it "just works" here, as far as that very basic check goes.
<MTecknology> jmarsden: D7 should be released before it gets packages IMO
<jmarsden> MTecknology: If you are using something you should package it (even if from a DVCS or whatever) so you know what you installed and where... IMO :)
<MTecknology> It's just a tarball you drop in /var/www
<jmarsden> I package betas and RCs of things all the time for internal/personal/test use.
<MTecknology> I'm not good enough at packaging for that
<FireCrotch> MTecknology: it would be good practice :)
<jmarsden> FireCrotch: That's exactly what I was going to say :)
<FireCrotch> jmarsden: great minds think alike :)
<MTecknology> I may do that eventually; for now I need to have D7 working
<jmarsden> MTecknology: OK, so what exactly is broken?  What fails, what error msgs are you seeing?
<MTecknology> http://staging7.profarius.com/
<MTecknology> I was told this is because it's lacking PDO - I'll try phpinfo()
<MTecknology>  drivers mysql
<MTecknology> interesting
<MTecknology> jmarsden: FireCrotch: thanks... it must be some other error :(
<jmarsden> BTW I just did wget -O - -c http://ftp.drupal.org/files/projects/drupal-7.x-dev.tar.gz | tar -C /var/www -zxf - and it gets me to the installer screen just fine when I browse to it, so yes, it must be something else.
<MTecknology> i got to the installer fine, it's during install that it breaks
<jmarsden> OK, I can try it...
<lwizardl> is there a printable pdf version of https://help.ubuntu.com/9.10/serverguide/C/
<andol> lwizardl: Something like https://help.ubuntu.com/9.10/serverguide/C/serverguide.pdf ?
<lwizardl> awesome thanks :)
<jmarsden> MTecknology: drupal7 installer working fine here except I need to up the default max memory for PHP... doing that now...
<jmarsden> MTecknology: Seems to "just work" here on Karmic 9.10 amd64 once I change that memory limit to 32MB.
<MTecknology> jmarsden: I just wiped all the tables - I'll try again
<MTecknology> jmarsden: working now - thanks
<MTecknology> I don't know what broke :S
<jmarsden> Good.  You're welcome.
<sektorNBA> anyone skilled with squid_ldap_group? I just need to configure it to tell me which group user belongs.
<kwork> does anyone have Dell PowerEdge Expandable Raid controller 5
<RoyK> kwork: do you need one_
<RoyK> ?
<kwork> im wondering how i can monitor it on ubuntu/debian
<RoyK> I think there's a nagios plugin for that
<kwork> nagios is step 2
<RoyK> PERC controller?
<kwork> for starters i would need something from shell
<kwork> yep perc 5/i
<RoyK> try with nagios
<RoyK> it's easy
<RoyK> that is - try the nagios plugin
<RoyK> it's just a script after all
<RoyK> like all nagios plugins
<RoyK> http://exchange.nagios.org/directory/Plugins/Hardware/Server-Hardware/Dell/check_perc/details
<RoyK> for instance
<kwork> hmmmz okey ill look into it thanks for suggestion
<kwork> http://folk.uio.no/trondham/software/check_openmanage.html#dell-openmanage-server-administrator
<kwork> found this thingie, getting the openmanage now, i hope i can alienate it to deb
<Asad2005> I have installed server 910 and used guided use entire disk and set up LVM but reboot after install now give me grub error: no such partition and goes into grub rescue prompt
<Asad2005> ls from the prompt shows (hd0) (hd0,1) then error: out of disk. Any help?
<drbobb> hello, I'm using lvm2 on my server, and I'd like some of the logical volumes to be owned by a user other than root - could someone point me in the right direction on how to achieve this? My guess is it can be done by a suitable udev rule, but my attempts so far aren't working.
<drbobb> oh, ubuntu-server 8.04 LTS, btw
<drbobb> ok it looks like I just solved my problem
<johe|work> hi there, i am using snmpd on several servers, one i found the problem that some of them just listen to 127.0.0.1 and so does not reply to the main server, i cant found the config telling to do so, any idea?
<khannz> hello, community. I need to create a guest account to my ubuntu-server with ssh login enabled & only homedir rw permissions. What should I do? ^_^ yes, i'm newbee )
<j416> should I store my SSL private keys unencrypted for my servers (apache, postfix, dovecot) or is there a better way of avoiding the password prompt?
<bkonkle> Quick question - I upgraded from Jaunty server to Karmic server over the weekend, and now my motd is not displaying upon SSH connect.  The last login displays, but /etc/motd is not displayed.  In /etc/pam.d/login the motd line reads "session    optional   pam_motd.so ", but I'm not sure where else to go to troubleshoot.  Any ideas?
<blistov> anyone heard of any bugs regarding md raid5 arrays coming up degraded as /dev/md_dX,
<blistov> How do I tell a directory to force permissions on new files?
<genii> man umask
<blistov> genii, thanks, but umask doesn't work for subdirs correct?
<uvirtbot> New bug: #501092 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu7 failed to install/upgrade: Unterprozess installiertes pre-removal-Skript mit Signal (Interrupt) get?tet" [Undecided,New] https://launchpad.net/bugs/501092
<ruben23> hi guys
<amitry> Are there any prepackaged Ubuntu 8.04 server images for Eucalyptus?
<uvirtbot> New bug: #501096 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/501096
<mrbrdo> Hey guys does anyone know if it's possible to have a swap partition on a VPS? (fdisk won't work)
<mrbrdo> or a swapfile perhaps, if that's even possible on linux?
<andol> mrbrdo: Regarding the VPS question then that is something which depends on what kind of virtualisering you are dealing with. Yes, you can use swap files in linux.
<uvirtbot> New bug: #404573 in ucf (main) "package update-manager 1:0.93.35 failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1) (dup-of: 269539)" [Undecided,Confirmed] https://launchpad.net/bugs/404573
<mrbrdo> andol: the panel they use was HyperVM... anything else i can check? i tried making a swapfile but when i try to swapon it, i get swapon: /swap: Operation not permitted. I AM root.
<uvirtbot> New bug: #391420 in openldap (main) "package update-manager 1:0.87.31 failed to install/upgrade: ErrorMessage: SystemError in cache.commit(): E:Sub-process /usr/bin/dpkg returned an error code (1)" [Undecided,New] https://launchpad.net/bugs/391420
<andol> mrbrdo: Sounds like a good question to ask support @ your-vps-provider? :)
<mrbrdo> they take longer than you :) but i guess so.
<d35iboy> Hi..when I try to connect to vnc server..it dont accept any connection :(
<d35iboy> I installed vnc4u
<blistov> my server boots from an lvm on top of an md raid5.  grub is able to load the kernel, but the kernel can't seem to figure out how to actually start the md raid5.  anyone know why?
<mrbrdo> how can i set the number of threads/processes that bind9 creates?
<wizardslovak> hello people
<wizardslovak> i am changing my server hardware,
<wizardslovak> is there way to switch my current settings to new server?
<wizardslovak> i heard to .tar my .etc directory and then just transfer it to my new server
<wizardslovak> anyone help?
<pting> i'm setting up cron jobs to rsync from multiple nginx logs from different servers to a single server. is it better to rsync from this single server, or have the multiple webservers rsync to the single server?
<pting> i suppose it'll probably be easier to manage if i had that single server rsync to the multiple webservers
<pting> i do have puppet setup, so deploying changes to that cron job isn't too bad... but i think i'll go with the latter
<jakwgrav> If I start off building a File Server and later decide to use it to host a website, is this recommended or should I build a File/Web Server from the beginning
#ubuntu-server 2009-12-29
<AnirbanHazra> My homedirectory setting in FTP is not getting implemented.All users are getting root access
<jgTN> Is there a big difference between running a Athlon II X2 and Athlon II X4 for a File/Web Server and possibly running one or two VMs for a home server
<uvirtbot> New bug: #501234 in openssh (main) "Open SSH installation failed" [Undecided,New] https://launchpad.net/bugs/501234
<Aison> hello
<Aison> I enabled
<Aison> $ModLoad imudp
<Aison> $UDPServerRun 514
<Aison> in rsyslog.conf
<Aison> but external logs are still not received or logged :(  do I miss something?
<kwork> Aison,  use tcpdump to see if the syslog packets even reach your box
<Aison> kk
<uvirtbot> New bug: #304649 in qemu-kvm (main) "Include pulseaudio driver" [Wishlist,Fix released] https://launchpad.net/bugs/304649
<larsenio> hi everybody
<larsenio> question: i want to mount via fstab an nfs share... but only root can use it. how to mount it for every user using the host user/password?
<pmatulis> larsenio: did you try the 'user' option in fstab?
<Matuku> How do I go about removing a user from a group if that's the only supplemental group they're a member of?
<pmatulis> Matuku: use the 'usermod' command
<Matuku> pmatulis: I tried that but it doesn't like not having anything after the -G option
<pmatulis> Matuku: empty quotes?
<jtaji> Matuku: all users have to be member of at least one group, but it's specified with 'usermod -g GROUP LOGIN'
<jtaji> -g not -G
<jtaji> Matuku: default in Ubuntu is to have a group with the same name as the user
<Matuku> jtaji: It's a supplemental group I'm trying to remove the user from
<Matuku> Ah there we go, empty double-quotes did it
<Matuku> Thanks all!
<jtaji> Matuku: or you can use deluser user group, where group is the group to remove
<uvirtbot> New bug: #501360 in freeradius (main) "[lucid] FTBFS due to missing build-dependency on quilt" [Medium,Triaged] https://launchpad.net/bugs/501360
<beric> Hello. hdparm -t on compaq smartarray raid0 gives onl 19MB/s. it's U320 SCSI. is it a real problem or that hdparm lies ?
<qman__> beric, either is possible, keep in mind that those numbers are after the current system load
<beric> qman__: this is a totally idle server i just installed. only ssh server. it's 9.10 64bit
<beric> Someone reported the same problems at the forums about his HP cciss but he has no conclusions.
<Skaag> I am installing Ubuntu 9.10 Server, and I have 3 physical drives
<Skaag> How do I Raid5 them the easiest way possible?
<Skaag> Software Raid, that is
<atomic__> install mdadm :)
<uvirtbot> New bug: #501376 in mysql-dfsg-5.0 (universe) "E: /var/cache/apt/archives/mysql-server-5.0_5.1.30really5.0.83-0ubuntu3_i386.deb: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/501376
<Skaag> atomic: no way to do it during install?
<atomic__> you can do it during install
<Skaag> ok so that's where I'm at now, with my install
<atomic__> just choose manual partitioning
<Skaag> yah, I'm in manual partitioning right now
<Skaag> I see the 3 drives
<atomic__> you need to partition them identically
<Skaag> so basically I set 3 raid partitions on all 3 of them, that are identical...
<Skaag> What do I do with swap? same swap space on all 3?
<atomic__> you need to set them as "Physical volume for raid"
<atomic__> and dont forget to leave some space for swap
<Skaag> what about the order? is that important?
<atomic__> i always make raid swap as well, dont know why
<atomic__> what order ?
<Skaag> it's probably pretty fast
<Skaag> the order of partitions on each drive
<atomic__> some put swap first
<atomic__> i put it last
<atomic__> are you going to have only /
<atomic__> ?
<Skaag> yes
<Skaag> I don't need something more complex in this specific setup
<Skaag> nobody's going to access this box
<Skaag> so I don't feel the need to limit /home and /var and /boot
<atomic__> i almost never do, its overrated ;)
<Skaag> I do see the importance in it
<Skaag> even just /tmp so you can set important security flags on it
<atomic__> well it certainly has its uses
<Skaag> but not in this specific case, I don't care about that
<atomic__> but nvm
<atomic__> so, partition the disks
<Skaag> so I put a / partition on all 3, make it raid, then swap on all 3
<Skaag> same size for all
<atomic__> type should be physical volume for raid
<atomic__> dont forget to set the bootable flag on all the / partitions
<atomic__> then select configure software raid or what was it called
<atomic__> you can choose raid level, partitions to include
<atomic__> etc etc
<atomic__> you'll find your way around
<atomic__> are the disks brand new?
<Skaag> awesome
<Skaag> yes they are brand new
<Skaag> 1TB each
<atomic__> good
<atomic__> (don't ask why its good)
<atomic__> you'll know when you resort to low-level format
<atomic__> :)
<Skaag> LOL
<Skaag> so how do you do a raid swap?
<Skaag> I make the rest of the space also physical raid?
<atomic__> yeah
<Skaag> figures, ok
<atomic__> rinse, repeat
<atomic__> use as /, use as swap area
<atomic__> done
<Skaag> awesome
<Skaag> very simple
<Skaag> thanks mate
<atomic__> sure man
<falstaff|h> hi
<falstaff|h> I try to send a fax with hylafax
<falstaff|h> when i execute that: sendfax -n -d 1234567 /etc/issue.net
<falstaff|h> i get this:
<falstaff|h> textfmt: No font metric information found for "Courier-Bold".
<falstaff|h> Ubuntu 9.10, 64-Bit, fresh installed...
<falstaff|h> any idea?
<cab938> This the best place to drop virtualization questions?
<cab938> e.g. vmbuilder questions?
<uvirtbot> New bug: #501391 in munin (main) "df Plugin sends Warning Mails for tmpfs Filesystems" [Undecided,New] https://launchpad.net/bugs/501391
<cab938> Is there anyway to set the default networking mode to NAT instead of bridged using ubuntu-vm-builder?
<blistov> I've got 4GB RAM, and 1GB swap.  My system is under very light load (3 small vm's), and is swapping, despite there being over 2GB in cache.
<blistov> Why is cache taking precidence over ... everything lately?
<mcas> hi... is there a new roadmap for lucid? i found only old information at the wiki
<guntbert> !lucid
<ubottu> Lucid Lynx is the codename for Ubuntu 10.04, due April 2010 - Lucid is NOT released and is NOT stable - Discussion and support in #ubuntu+1
<mcas> guntbert: i know about #ubuntu+1 but i meant ubuntu-server specific so i ask here
<blistov> What can cause a system to swap, when there is 3GB of memory free? (4GB available, 2.5GB cache, .5GB free, 1GB swap used and actively swapping)
<Jagged> blistov: top can sort my memory commit
<blistov> Top shows me what I just said :)   4GB avail, 2.5GB in cache, the rest is free.  still swapping.
<blistov> free -m confirms this.
<blistov> I've noticed this on karmic, 2.6.31 with vmware-server 2.02
<Jagged> yeah, and you can sort by program memory usage
<blistov> Jagged, right, but counting it up, still shows less than 1GB used for actual applications.  The rest is all being used by cache.
<blistov> But cache should be flushed, when memory is required.
<blistov> I now have 2.7GB in cache, and no matter what I do, I can't seem to allocate any of it back to usable memory.
<guntbert> blistov: and why do you suppose you system is swapping?
<guntbert> *your
<blistov> No idea.
<blistov> Well, with a GB of RAM free, 2.5 in Cache, there's no reason to swap.
<blistov> I should have 3.5GB of RAM to use before I even think of swapping.
<guntbert> blistov: my question was "what makes you think that your system is swapping" ?
<simplexio> not sure, but i think linux movrs stuff to swap in advance, and if in some case yoy really need swap its much faster
<blistov> guntbert, the swap usage is increasing and decreasing, hard drive is spinning constantly, my system is intermittently un-responsive, and vmstat says its swapping.
<guntbert> blistov: vmstat is new to me - thx - but no answer to your question - sorry
<blistov> :)
<blistov> thanks anyway.
<blistov> I'm starting to think its a bug in the kernel.
<blistov> Haven't found anything reported yet though.
<blistov> But, could be idiot vmware-server forcibly dumping things on cache.
<simplexio> blistov: you could try tune /proc/sys/vm/swappiness etc.. values
<blistov> simplexio, I considered that, but I'd like to know why this is happening stock first.
<blistov> There's no way to justify this much swapping.
<blistov> Its actually favoring swapping over real memory when there is 3GB free.
<beric> Is there a way to tell apt-get to upgrade a specific package ?
<beric> something like apt-get upgrade <packagename>
<jtaji> beric: install, I believe
<richardsith> hello guys, I need help about a Fax Server.Is there someone can help me?
<richardsith> I've configured a Fax Server using Hylafax, IAXModem and GFax for the clients.
<richardsith> If I send the file /etc/issue.net the file goes to destination if I can try to send a pdf file I receive a error of converting.
<richardsith> Has anyone ever configured a Fax Server?
<beric> thanks. that appears to be true though I've seen some ubuntu forum staff says apt-get upgrade
#ubuntu-server 2009-12-30
<PC_Nerd1011> Hi - I had a server installation setup to my laptop (crossover), and my laptop wirelessly to the internet, then bridged the connections....  such that I statically set the sever to 192.168.0.7...   I've since placed it in a seperate subnet, and while the /etc/resolv.conf file states its statically 192.168.1.2, pinging and dns/dhcp works to it... but a nslookup <hostname> of that server resolves to its old IP address...   how c
<PC_Nerd101> Is there any way to test that apt connections are definately connecting to the proxy as specified in /etc/apt/apt.conf.d/01proxy ?...  I have abox running apt-cacher, but I want to make sure that if that box is for whatever reason unavailable, that the updates will fail instead of defaulting to the direct updates....
<pmatulis> PC_Nerd101: sniff the wire while an apt operation is in progress
<PC_Nerd101> hmm ok -   what program would you recomend for packet sniffing?
<JanC> PC_Nerd101: tcpdump, wireshark, ...
<PC_Nerd101> JanC: Thanks :)
<PC_Nerd1011> Should apt-cacher include the headers, eg if I disconnect fromteh internet after running a proxied/cached "aptitude update" - should the next machine be able to get the package information from teh cache without having to send any packets at all to teh internet?
<PC_Nerd1011> Hi - is there a specific tool recomended for execution of commands over multiple ssh connections, similar to tentakel as written about at  http://tinyurl.com/tentakel-tutorial ?
<erichammond> PC_Nerd1011: I'm not sure what's recommended, but I occasionally use clusterssh for interactive control of multiple hosts.  You might also check out dsh.
<uvirtbot> New bug: #501568 in mysql-dfsg-5.0 (universe) "package mysql-server-core-5.0 (not installed) failed to install/upgrade: nicht vollstÃ¤ndig gelesen in buffer_copy (Backend dpkg-deb wÃ¤hrend Â»./usr/sbin/mysqldÂ«)" [Undecided,New] https://launchpad.net/bugs/501568
<PC_Nerd1011> erichammond: Thanks, I'll look into it :)
<jerico> What do you guys think. ext3 or ext4 for a home server?
<Jeeves_> ext4
<Jeeves_> faster
<Jeeves_> and less clueless progs that don't use the fs correct
<jerico> If I was going to setup a partition for only 700MB files should I use standard, largefile, or largefile4
<Jeeves_> I don't think that it matters much
<jerico> alright, thanks Jeeves
<Jeeves_> np!
<uvirtbot> New bug: #362067 in mysql-dfsg-5.0 (universe) "package libdbi-perl 1.607-1 failed to install/upgrade: el paquete libdbi-perl ya est? instalado y configurado" [Undecided,New] https://launchpad.net/bugs/362067
<PC_Nerd1011> What is the best method to image a server installation ( almost duplicate hardware), but to be able to change things like the hostname upon writing the image for each copy ?
<_ruben> i tend to go for unintended (preseeded) installs instead
<_ruben> doing a systemwide find/replace on the hostname is quite doable as well .. it kinda boils down to how much customization you want/need
<PC_Nerd1011> not much - all it requires is to copy the /etc/apt/apt.conf.d/01proxy, authorised ssh keys for a specific user ( which will be the one user on each machine), and the /etc/resolv.conf /etc/hosts and /etc/network/interfaces files - thats it
<PC_Nerd1011> ultimately - I'd like to look at doing a diskless boot from an image, and simply have each physical machine have their static hostname... is that possible?
<_ruben> not if there's more customization needed than just the hostname (like diff ssh keys) .. perhaps ltsp is more suited for this ?
<_ruben> !ltsp
<ubottu> LTSP is the Linux Terminal Server Project, which adds thin-client support to Linux servers. See chapter 3 of the !edubuntuhandbook, http://www.ltsp.org and/or http://en.wikipedia.org/wiki/Linux_Terminal_Server_Project
<PC_Nerd1011> hmm, I'm farely sure I want the seperate machines, copied images with static hostnames...  its for a custom server app...   think "blade servers with dynamic resource allocation" - but through software not hardware, and therefore based on hostname
<_ruben> ah
<PC_Nerd1011> The main thing is that when its installing packages ( eg openssh-server) upon installation, I want it to be using the apt-cacher's proxy setting ....   is there a way to interupt the server's live cd installation in order to add this proxy setting ?
<_ruben> if apt-cacher acts as a "normal" proxy, you should be able to specify that during install time just fine
<_ruben> could even preseed it
<_ruben> i never used apt-cacher or similar, i have a full local mirror (using debmirror, planning to move to plain rsync)
<PC_Nerd1011> Hmm ok - well I"ll have a good read through all the documentation on preseeding etc and decide on teh best method
<PC_Nerd1011> thanks :)
<_ruben> preseeding + local mirror = install "simple" machines in just a few minutes
<_ruben> simple meaning not a lot of (big) packages
<PC_Nerd1011> hmm - I just dont want to have a massive repository mirror that I will rarely/never use. ( ++ the storage required_
<PC_Nerd1011> btw - I've just managed to have only one account, root password not setup and then I've made a mistake in /etc/sudoers - meaning I cant sudo nano /etc/sudoers to fix it...   is there a factory restore for sudoers ?
<_ruben> boot into single user recovery mode, you'll be root, fix /etc/sudoers
<PC_Nerd1011> thats a grub boot menu option isnt it ?
<_ruben> yeah
<uvirtbot> New bug: #501628 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.3 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zur?ck" [Undecided,New] https://launchpad.net/bugs/501628
<erichammond> Is there a PPA with the latest ec2-api-tools package version available?  The one on Karmic does not support registering EBS boot AMIs.
<uvirtbot> New bug: #501648 in krb5 (main) "Strange dependencies in "libkrb5-3" (kerberos) package " [Undecided,New] https://launchpad.net/bugs/501648
<erichammond> Looks like smoser's will do: https://launchpad.net/~smoser/+archive/ppa
<uvirtbot> New bug: #498987 in vlan (main) "vlan" [Undecided,New] https://launchpad.net/bugs/498987
<_ruben> nice bug title :p
<uvirtbot> New bug: #501655 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess installed pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/501655
<sarma> Hi, my ubuntu server was comprimised via apache phpmyadmin. I am trying use  netstat -npcuve but I got a lot of empty but tcpdump shows a lot of connection.
<sarma> Any ideas ?
<sarma> What i am trying to find out which process is doing DDOS.
<Ninjix> sarma: try htop
<sarma> ok
<Ninjix> sarma: investigate what is using cpu
<Ninjix> should be a good tipoff
<sarma> Ninjix, cpu is free
<sarma> Just a sec
<sarma> I have 4 cpus indicators but process i do not see ????
<Ninjix> sort by usage or by mem
<sarma> Cpu 4 says 84.1 usage
<Ninjix> have you restarted your apache2?
<sarma> I unistalated it
<sarma> apt-get remove purge
<sarma> and stop first
<Ninjix> ok.
<sarma> only sshd is active
<Ninjix> is your mysql still running?
<sarma> Nop
<sarma> I have 3 sshd
<Ninjix> what does `netstat -an | grep tcp` look like?
<sarma> normal
<sarma> only my ssh sessions
<sarma> 3
<sarma> sessions and listening tcp6       0      0 :::22                   :::*                    LISTEN
<sarma> One more thing my provider blocked all internet traffic from my server.
<sarma> So maybe this is the reason why nothing shows in netstat
<Ninjix> are those connection attempts in the tcpdump or outbound from your host?
<PJiPhone> Best bet might be to backup data and reinstall from scratch
<PJiPhone> Verify config files ok before migrating
<sarma> http://pastebin.com/m7cb4fe9
<sarma> Here is the tcpdump
<PJiPhone> Bbl
<Ninjix> sarma: what does `netstat -nlp` return currently?
<sarma> http://pastebin.com/m61af2fdc
<sarma> Here it is
<sarma> Nothing
<Ninjix> sarma: looks like your apache was running a worm
<sarma> Looks like
<sarma> Virus
<sarma> Buy ubuntu-servers uses www-data user only
<sarma> How can this spread as root user
<Ninjix> have you looked for new files, yet?
<sarma> Yes i have
<Ninjix> turn up anything?
<sarma> And i found out all of them in tmp and so on.
<sarma> Them
<sarma> bloody thing
<sarma> it i have bash in that folder
<sarma> small bash size
<Ninjix> well, if you are feeling confident enough, you can run `sudo watch -n 1 netstat -nltup` in a separate console
<Ninjix> then re-install apache and look for odd behavior
<Ninjix> the previous malware may have siblings trying to communicate with it on the same IP
<sarma> Next time i will choroot bloody apache
<Ninjix> but best bet is to backup your data after checking it for contamination then reinstall
<sarma> Yes i will do so
<sarma> Tnx man for you help.
<Ninjix> np
<Ninjix> and good luck
<sarma> Any other recomendation how to protect my web server more on ubuntu
<sarma> I regulry do update
<sarma> But look like thats not enough
<Ninjix> set a policy that all admin type web apps get moved to different port than general pub (http 80/443)
<Ninjix> or setup some .htaccess rules that only allow access to admin web apps from localhost
<Ninjix> use ssh port redirection to access your admin apps
<Ninjix> Apache binaries are pretty solid and Debian community does a good job keeping it patched up
<sarma> This was a exploit in Phpmyadmin, the problem is i can not prevent from students from instaling such aplications?
<Ninjix> the PHP, Rails and other code we install in our Apache is an entirely different story.
<Ninjix> ahh... I see
<Ninjix> might want to ask around in one the PHP or LAMP channels
<Ninjix> bet you are not the first sysadmin to face this particular problem
<sarma> Oh tnx very much. I will try my luck with chroot
<DrManhattan> Good afternoon MenZa , good to see you again
<tarski> how easy is it, if i want to download and install the server edition, but I want to use lighttpd instead of apache. is this easy to do? or are things woven together in the distro for apache
<Ninjix> tarski: just install the base system then added the lighttpd packages as needed
<tarski> Ninjix: so when I download && install the cd, I'm given the choice if I want to install apache or not?
<tarski> Ninjix: I mean the server-edition ISO
<Ninjix> tarski: yes
<Ninjix> you will get several configuration options
<tarski> Ninjix: thanks
<Ninjix> you can select all, some or none
<Ninjix> I think you will want to select only the SSH Server option then add what you want by hand post-install
<tarski> Ninjix: ok. sounds good.
<pting> is there a sshfs fstab options such that it'll do a sudo su immediately after mounting? ie... sshfs#myserver: /mnt/blah fuse user,noauto,initcmd='sudo su' 0 0
<ScottK> pting: I don't know the answer to your question, but generally sudo -i would be preferred to sudo su.
<pting> ScottK, thanks for the pointer. i'll remember to use that next time
<uvirtbot> New bug: #501718 in samba (main) "Samba dosn't work if I change the name of computer from intslation to another" [Undecided,New] https://launchpad.net/bugs/501718
<TXX> Hey
<TXX> I got ubuntu server installed with no Desktop envoirment
<TXX> but i want gnome installed but not booted into when i start the system
<TXX> i just want it as an instance to vnc into
<TXX> i started with a simple sudo apt-get install x-window-system-core xserver-xorg gnome-desktop-environment
<TXX> but Package x-window-system-core is a virtual package provided by:
<TXX>   xorg 1:7.4+3ubuntu10
<TXX> You should explicitly select one to install.
<TXX> i get this output
<Ninjix> TXX: maybe you should install desktop and set it to boot into console run level
<TXX> Ninjix, how do i set it to boot into console?
<TXX> cause i just install the ubuntu-desktop package and then set boot to only use console
<TXX> i can just insatll the *
<TXX> evt get logged into the login screen when vncing in to get a option of choosing what DE
<Ninjix> TXX: edit your /etc/default/grub file and set GRUB_CMDLINE_LINUX_DEFAULT=âquiet splash textâ
<TXX> : o
<TXX> Ninjix, you are so lovly i could donate some money to you, but i am broke
<Ninjix> then you are using the correct OS at the right price. :)
<TXX> XD heh yeah i guess so
<Ninjix> make sure you run `sudo update-grub` after editing
<TXX> : o
<TXX> oh shit yeah thanks
<Aison> wtf is going on here
<Aison> i'm running a ubuntu server with samba
<Aison> now I copied 1gb zip file to this samba share
<Aison> after comparing the md5sums they are different
<Aison> so I copied again
<Aison> but then, they are again different
<Aison> well, now after 5 times copy, the md5 sums are equal
<Aison> crazy!
<MTecknology> Aison: samba sucks..
#ubuntu-server 2009-12-31
<orudie> in debian with postfix/dovecot when connected with thunderbird it keeps telling me to confirm the certificate, and is very annoying, is there a way to make the confirmations stop, or perhaps not use mail certificate
<lionel> orudie, which version of Thunderbird are you using?
<lionel> I have heard of such problems with TB 3
<orudie> lionel, 2.x
<lionel> orudie, accepting the certificate should do the job
<orudie> i accepted
<orudie> it keeps popping up
<MTecknology> Could one of you please dig hom-pro.com for me and tell me what the A record is?
<deizel> MTecknology: hom-pro.com.		86400	IN	A	208.107.60.226
<deizel> MTecknology: same result from three isps
<MTecknology> deizel: thanks; I guess my ISP just sucks
<deizel> MTecknology: np, just stick an entry in your host file until it resolves
<MTecknology> deizel: what sucks is that I'm on the same ISP as the customer :P
<deizel> MTecknology: hehe :p
<xperia> hello to all. i have a simple question about write permissions. for some reason i dont have write permissions on my usb disk. till yet i have used sudo but now i neex to execute a programm that prevent to run as root and i need now a solution for write permission on that usb disk. does anybody know how to solve that problem ?
<xperia> the programm that makes problem is bitbake
<xperia> i need a solution for executing programms and have write permission on that usb disk as a user and not as root
<drcode> hi all
<drcode> can I  use linux has terminal server
<drcode> with rdp?
<Alpha61> hello
<Alpha61> how do you configure apt-get to choose the fastest repository server
<Alpha61> i know how to do it on gui on desktop distro
<Alpha61> What is the apt-get command for making it to choose the fastest and closest repository server?
<_ruben> there's no automated way to do so afaik
<_ruben> i preseed the fastest repo in my installs
<_ruben> which is on the local network ;)
<Alpha61> Is there a website containing a list of repository servers
<_ruben> http://www.ubuntu.com/getubuntu/downloadmirrors#mirrors
<Alpha61> I think it's for downloading the ISO images for ubuntu installation
<_ruben> oops, my bad, https://launchpad.net/ubuntu/+archivemirrors
<Alpha62> whoa thank you
<Alpha62> How can I scroll up or down in command line interface?
<Jeeves_> Anyone here knows how long it takes before my ppa-upload shows up in launchpad?
 * Jeeves_ is a newbe on ppa'
<martinjh99> I want to print this page - https://help.ubuntu.com/9.10/serverguide/C/httpd.html - When I do a print previewit runs off the right edge of the page is it a problem with the docs and can I do anything about it?
<lionel> Jeeves_, it depends on buildd activity. It take from minutes to hours
<martinjh99> I want to print this page - https://help.ubuntu.com/9.10/serverguide/C/httpd.html - When I do a print previewit runs off the right edge of the page is it a problem with the docs and can I do anything about it?
<Jeeves_> martinjh99: Can you repeat your question please? I didn't catch it the first two times!
<martinjh99> Sorry! My chat client closed... ;)
<Jeeves_> But, you might want to look at the papersize defined in your printer
<Jeeves_> No clue, otherwise
<Jeeves_> lionel: Thanks, i'll try to be patient than :)
<Jeeves_> lionel: Is there a statuspage somewhere?
<zedalaye> hi
<Jeeves_> hi
<zedalaye> i can't install ubuntu server on a fresh new machine : i burnt the cd, booted on it, but when I reach the installater main screen, the "ENTER" key has no effect : nothing happens, no message, no error, no tip, no clue...
<lionel> zedalaye, which version are you trying to install?
<zedalaye> ubuntu server 9.10
<zedalaye> x64
<Jeeves_> USB or PS2 keyboard?
<zedalaye> usb
<zedalaye> the keyboard works : i can go down on the menu, enter F1/F2..., i even can "boot on primary disk"
<zedalaye> but no installation entry works
<zedalaye> i will try with a ps2 keyboard
<lionel> zedalaye, that's surprising. Can you switch to console 2 once in the installer (Ctrl + Alt + F2)?
<zedalaye> nope
<Jeeves_> Is USB enabled in your bios?
<martinjh99> Another question - Updated from Jaunty Server to Karmic Server using do-release-upgrade and everything seems to be fine except for my apache2 configuration.
<martinjh99> I get a 404 on / - Not found error
<martinjh99> Any ideas to fix it before I re-install?  Or at least a guide to which file to start with...
<lionel> martinjh99, did you check the logs? To know which file apache is trying to display?
<Jeeves_> martinjh99: /etc/apache2/
<Jeeves_> martinjh99: /etc/apache2/sites-enabled
<Jeeves_> martinjh99: No need to re-install anything
<zedalaye> Jeeves_ : that don't work with a PS/2 keyboard
<lionel> zedalaye, it may worth to open a bug and/or join #ubuntu-installer for debugging instructions
<lionel> zedalaye, considering the day, not a lot of people may be around
<martinjh99> Jeeves - just tried accessing server from netbook and nothing is coming up in access.log
<martinjh99> but there are entries in error.log saying it can't find /htdocs so I now know where to look to fix it...
<_ruben> talk about not a lot of ppl being around .. there's about 10 ppl here at work, instead of the usual ~100 :)
<martinjh99> Which config file would Document root be under?
<Jeeves_> martinjh99: I guess you need to set documentroot in /etc/apache2/sites-enabled/000-default
<Jeeves_> (or so)
<Jeeves_> /etc/apache2/sites-enabled/000-default
<zedalaye> I may have found what happens
<martinjh99> http://martinjh.homelinux.com/~martin/000-default - Thats the file that it is linked to
<zedalaye> the MD5 Checksum of the downloaded ISO do not match
<zedalaye> I will check that first
<Jeeves_> martinjh99: DocumentRoot /var/www
<Jeeves_> That line needs fixing
<martinjh99> That's correct.
<Jeeves_> What's correct?
<martinjh99> That Document Root
<martinjh99> That is the coorect document root
<Jeeves_> ok, than you have no issues :)
<martinjh99> I am getting this error when I start Apache: http://martinjh.homelinux.com/~martin/error which may have something to do with it.  Anyone got an example file I can C&P...?
<_ruben> you want VirtualHost, not Host
<Jeeves_> Indeed
<martinjh99> Actually I found a forum post which has the orignal default setting file contents - cut and pasted that in and now fixing up the ServerName problem - Should be fine in a minute or two...
<martinjh99> Fixed!! Thanks guys for the help there!
<martinjh99> How do I get rid of this error? http://martinjh.homelinux.com/~martin/error
<zedalaye> that was my fault : my ISO image was corrupted. I downloaded a fresh new ubuntu server image, verified the checksums before burning and now the installer.... installs like a charm.
<beric> I'm looking for a command line to change the hostname that will also modify /etc/hosts
<beric> and also do any other things I'm currently not aware of that has to do with hostname change
<Jeeves_> beric: Nothing will modify /etc/hosts, except for an editor
<Jeeves_> if you alter /etc/hosts and /etc/hostname
<Jeeves_> and run 'hostname <full hostname>'
<Jeeves_> you should be fine
<xperia> hello to all. i have a question about my 1TB big usbdisk that has only one vfat partition. for some strange reason everytime i do ls on that partition i have to wait nearly 1 to 2 minutes till i get a response or a result. does anybody know if this is normal and if not how to debug this ?
<beric> Jeeves_: thanks. I need automation of this process, It's not a matter of single server.
<zedalaye> can I install a minimalist gnome environment over ubuntu server ?
<xperia> zedalaye: it is possible to install gnome over ubuntu-server but if it is minimal i would not say it
<zedalaye> gnome-core and gdm can be installed for 590Mb, "full" gnome : 1.7Gb
<zedalaye> this is minimalist enough for a first try since xorg has to be installed too
<xperia> yes in this case this is a good size. i have done this alleardy for about 3 years on a ubuntu server and it worked very easy..
<_ruben> beric: then run a systemwide find and replace of the old name with the new name (simple one-liner)
<_ruben> zedalaye: by installing gnome/X, you'll turn your -server into a -desktop, support-wise
<Jeeves_> beric: Look into cfengine
<beric> interesting,  thanks.
<Jeeves_> Or puppet
<Jeeves_> http://launchpadlibrarian.net/37324007/buildlog_ubuntu-karmic-i386.bitcron_2.0-20091230.01_FAILEDTOBUILD.txt.gz
<Jeeves_> Isn't that weird?
<Jeeves_> make: dh_testdir: Command not found
<vieuxmike> hi
<Jeeves_> hi
<vieuxmike> does anybody know how to mount an usb mass storage on an ubutnu-server system ?
<vieuxmike> to automount*
<vieuxmike> i use it as a desktop system
<pmatulis> vieuxmike: see https://help.ubuntu.com/community/Mount/USB
<vieuxmike> mmmh there are the front usb devices that not work...
<_ruben> Jeeves_: (without looking at the url) wrong compat level?
<Jeeves_> _ruben: No, I seem to be missing a Build-Dep
<Jeeves_> I should put that in the control-file right?
<_ruben> yes
<_ruben> and you'd need debhelper as a builddep indeed (possibly even a versioned dependency)
<Jeeves_> Also, how can i build it for all ubuntu versions?
<Jeeves_> Should I use 'all' in changelog, instead of 'karmic'?
<_ruben> Jeeves_: afaik, you'd have to build for each version seperately :(
<_ruben> unless the package is binary compatible on all versions, and you wont be pushing it to any archive to relies on that field
<Jeeves_> It's only shell scripts
<majuk> Can anyone think of a command to adjust the permissions on all subdirectories of /foo/ ?
<majuk> Just the subdirectories, not the files within
<Pici> majuk: find /foo/ -type d -exec chmod ### {} \;
<Pici> Where ### is a valid chmod mask.
<majuk> Pici, Thanks
<joe-mac> anybody have an example of a working raid6 preseed
<Bondi> Is they a default login for the enteprise cloud admin page?
<Bondi> Anybody?
<Bondi> Its dead D:
<uvirtbot> New bug: #501956 in openssh (main) "OpenSSH does not log failed attempts when key authentication is used" [Undecided,New] https://launchpad.net/bugs/501956
<pting> where's the best place to place changes to /proc/sys/net/ipv4/* settings so they're executed upon boot?
<_ruben> pting: /etc/sysctl.conf
<rvn> does ubuntu server automagically configure and provide drivers for hardware like ubuntu desktop does, or do you have to manually analyze and install pieces like wireless networking?
<pting> _ruben, hah, i should have known. thanks
<atomic__> Happy New Year
<MTecknology> If you guys want to have a little fun for newyears; there's ##ubuntu-newyears
#ubuntu-server 2010-01-01
<osmosis> whats been updated on vmbuilder since hardy?  now at karmic?  huge diff?
<osmosis> uhh  virt-install  or  vmbuilder?  The docs reference them both.
<tos> how to i start the mouse deamon for gnome-desktop   ??????????????
<jpds> tos: Try #ubuntu, this place is for server support.
<MTecknology> bug 1
<uvirtbot> Launchpad bug 1 in Ubuntu Jaunty "Microsoft has a majority market share" [Critical,In progress] https://launchpad.net/bugs/1
<sabgenton> hey all
<sabgenton> how do put the iso on to usb
<sabgenton> so i can install from usb
<jmarsden> sabgenton: https://help.ubuntu.com/community/Installation/FromUSBStick
<sabgenton> the usb creator from the desktop iso does not seem to work with it server iso
<sabgenton> jmarsden: is there a usb-creator that works with the server iso?
<jmarsden> I'm not sure... it shouldn't matter.  What error are you getting?  Worst case, try unetbootin instead.
<sabgenton> yeah i'll do that
<sabgenton> just wanted to use the offica
<sabgenton> l
<sabgenton> meah mis as well
<sabgenton> md5 check sums do not match
<sabgenton> there some flags u can use for the cli isn't there?
<sabgenton> the iso checks against the digest md5 so I'm not shure whats not matching
<sabgenton> unless the usb creator only works with the desktop iso not server
<jmarsden> The ubuntu-creator-gtk help says it requires a "Ubuntu Desktop Edition" ...
<jmarsden> Not many people want to boot servers from USB sticks, I suspect... most servers have hard drives they can boot from :)
<sabgenton> jmarsden: not all servers have cd to boot from
<sabgenton> but ok cheers
<jmarsden> sabgenton: If they have a SATA interface on the motherboard you can find a spare SATA CDROM drive and add it temporarily for initial OS installation.
<jmarsden> Or try a USB external CDROm drive, most modern motherboards can boot from those.
<sabgenton> usb stick is more conveniant
<sabgenton> I have no spare  cdrom/dvdrom drive at the moment
<jmarsden> sabgenton: Fair enough.  If you do much server building it might be worth investing in some spare parts... but for now unetbootin should get you going.
<sabgenton> I had a ide to usb cable once I could just atache any external ide drive to the compture via the cable
<sabgenton> and it came with a molex power adapter
<sabgenton> to wall plug
<sabgenton> jmarsden: this was an easy solution http://www.pendrivelinux.com/downloads/u910/USB-Installer-for-Ubuntu-v0.2.exe
<Alpha61> Is Ubuntu Server's out of the box security settings very vulnerable and weak?
<MTecknology> Alpha61: no
<MTecknology> Alpha61: it's actually very secure by default. There's only a few things I change
<Alpha61> Thanks :D
<MTecknology> np
<Alpha61> Working on Wordpress for testing purpose and trying to change the ownership of wp-content folder so the httpd server can read and write in that folder. A link to wordpress only assumes that the server name is www and the group name is www. How about on Ubuntu on out-of-box settings?
<Alpha61> i meant a link on wordpress website. sorry
<MTecknology> www-data:www-data
<Alpha61> I'll try that. Thank you very much Mtech!
<MTecknology> np :)
<MTecknology> sleepy time; 04:17
<MTecknology> Alpha61: good luck
<MTecknology> !info wordpress
<ubottu> wordpress (source: wordpress): weblog manager. In component universe, is optional. Version 2.8.4-1ubuntu1 (karmic), package size 5191 kB, installed size 19040 kB
<MTecknology> Alpha61: You could also try to install it from the repos; I've never done it though.
<Alpha61> I finished installing it
<MTecknology> cool
<Alpha61> and changing the folder ownership worked! Thanks
<MTecknology> :)
<Alpha61> but now uploading theme doesn't work.
<Alpha61> maybe FTP server doesn't run on default on Ubuntu Server?
<MTecknology> chown -R www-data:www-data /var/www/wordpress
<Alpha61> I'm new to Server stuff. I used to mess around with desktops and destroy partition lol) sorry unnecessary info on irc channel
<Alpha61> MTek: I did that
<MTecknology> :P I used to do that a lot as well
<Alpha61> Failed to connect to FTP Server server:21
<MTecknology> oh
<Alpha61> on the wordpress dashboard
<MTecknology> no - no default ftp server
<MTecknology> use rsync or scp
<MTecknology> I have to pass out now....
<MTecknology> g'night
<Alpha61> thanks for helping
<Alpha61> gnight
<clusty> ahoy
<Maleko> how do you resize hd partition through ssh
<bittin_> cfdisk or fdisk
<Maleko> is it safe to use on live partition?
<RoyK> Maleko: mounted?????
<Maleko> RoyK, yes. its a remote server with a single partition only
<RoyK> don't do it
<RoyK> that is, it is possible, and it might perhaps even work
<RoyK> but if it crashes, it crashes big time
<RoyK> MTecknology: that chown command is NOT good
<Maleko> RoyK, http://pastebin.com/d1fbfde62
<Maleko> 3 partitions actually
<RoyK> and what are you trying to do?
<RoyK> looks like a system installed on an 80gig drive, a small /boot partition, 4 gigs swap and the rest for the root
<Maleko> free up some spaces on the largest partition and make a new partition out of it
<RoyK> is sda3 your root?
<RoyK> wtf do you want to split the partition????
<RoyK> if you want something like that, make a subdirectory and bind-mount it somewhere
<Maleko> calm down.
<RoyK> or make a file with dd if=/dev/zero of=somefile bs=1M count=numberofmegs, mkfs on that and mount -o loop
<RoyK> shrinking a filesystem on linux is not trivial
<RoyK> hm
<RoyK> seems i'm wrong
<RoyK> resize2fs can shrink ext[234]
<RoyK> still, I don't see the point unless you want to install another OS on the box
<Maleko> i actually intend to use the partition as a temporary backup space
<RoyK> if so, I'd rather just make a loopback device
<RoyK> or something
<RoyK> if your drive dies, all the partitions die as well
<Maleko> loopback still reside on same partition no?
<Maleko> loopback dev
<RoyK> well, the file on which the loopback device resides obviously resides on a partition, yes
<RoyK> but the chance of a filesystem corruption is _small_
<RoyK> far smaller than the chance of messing up while resizing a partition
<Maleko> but that is troublesome if you were to recover deleted data from the partition, i guess? you might end up overwriting the data itself when you try to write it back
<RoyK> not with loopback
<Maleko> why is that?
<RoyK> use dd to create an empty file, say, 10GB
<RoyK> mkfs on that and mount it -o loop
<RoyK> that file won't be touched by the rest of the fs
<Maleko> ahh..
<RoyK> dd if=/dev/zero of=/path/to/file bs=1M count=10k && mke2fs -Fj /path/to/file && mount -o loop /path/to/file /some/place
<Maleko> i guess i'll go with that idea
<RoyK> add it to the fstab and you're done
<uvirtbot> New bug: #248628 in kvm (main) "Sound dies on amd64 with WinXP guest" [Low,Confirmed] https://launchpad.net/bugs/248628
<Bondi> Is there a default username and password for the Ubuntu Cloud admin page?
<uvirtbot> New bug: #502081 in openvpn (main) "/dev/net/tun does not exist" [Undecided,New] https://launchpad.net/bugs/502081
<dudko> hi. please, I am running LAMP on Ubuntu 9.10 desktop edition and I'd like to acces my localhost via browser with my free DNS adress. Could somebody help me?
<jmarsden> dudko: Install apache2 ; configure your router to port forward port 80 to the Ubuntu machine ; point your "free DNS address" to your public IP address.
<dudko> does it work?
<dudko> http://dudko.gotdns.com/
<jmarsden> dudko: Yes.  I see the standard default "It works" page there.
<dudko> I can't belive, that it was som simple... thank you jmarsden. I disabled firewall for http port in router. And firewall in Ubuntu<
<dudko> ?
<jmarsden> There is no packet filter (firewall) enabled on Ubuntu systems by default.  You can install ufw if you want to add a simple one.
<dudko> gr8. thanks man.
<jmarsden> You're welcome.
<uvirtbot> New bug: #502149 in samba (main) "winbindd service and ntlm_auth" [Undecided,New] https://launchpad.net/bugs/502149
<MTecknology> How can I track down what is causing a lot of messages to be sent from root to root@localhost ?
<MTecknology> Jan  1 11:12:45 obtinio sendmail[8133]: o01BCjlk008133: from=root, size=424, class=0, nrcpts=1, msgid=<201001011112.o01BCjlk008133@server.domain.com>, relay=root@localhost
<ScottK> Mail logs?
<MTecknology> ScottK: thanks.. I shoulda thought to look there
<MTecknology> I guess uptrack thinks it needs to email me.....
<sabgenton> could anybody kindly tell me the boot line for the server live cd?
<MTecknology> sabgenton: hm?
<jmarsden> sabgenton: Do you mean    Boot Options = /cdrom/preseed/ubuntu-server.seed initrd=/install/initrd.gz quiet --
<sabgenton> yeah thats it!
<sabgenton> thanks
<sabgenton> so that what comes up on the boot menu?
<sabgenton> if you choose edit this line
<sabgenton> or whatever
<jmarsden> sabgenton: Yes.
<jmarsden> I just booted in it a virtualbox VM so I could see it.
<jmarsden> It's what is displayed when you use F6 from the installer screen.
<sabgenton> :D
<sabgenton> thx
<jmarsden> You're welcome
<sabgenton>  Boot Options = /cdrom/preseed/ubuntu-server.seed
<sabgenton> jmarsden: is that a line?
<sabgenton> with spaces?
<jmarsden> sabgenton: That is what is displayed on screen.  With spaces.  That does not mean that is exactly what you need to enter in a config file...
<sabgenton> no im try to enter that at boot
<sabgenton> the same way u saw the line
<sabgenton> only my lines differnt
<sabgenton> so want to change it
<sabgenton> its just ubuntu.seed not ubuntu-server.seed
<sabgenton> do you think boot options is the heading then /cdr... is the acutual settings?
<jmarsden> Then either you have a different server ISO (I used ubuntu-9.10-server-amd64.iso) or you are doing something odd.
<jmarsden> Just boot from your CD, hit F6, and edit your line to be the way you want.
<MatBoy> what kind of security emails do you guys receive from websites ?
<sabgenton> basicly I tryed usiing a program to put the iso on usb
#ubuntu-server 2010-01-02
<sabgenton> only prob is the usb is now set up to boot ubuntu desktop
<sabgenton> it did make it for server
<sabgenton> didn't
<jmarsden> sabgenton: Sure, boot from the ISO and see the actual line *your* ISO uses.  Are you 100% sure you are using a server ISO ?
<sabgenton> yeah should be the same one u are using if you have the latest
<sabgenton> 9.10 server something .iso
<sabgenton> I will use your setting from your vm
<sabgenton> that will be the same
<jmarsden> OK.  Mine is the 64bit one, see the "amd64" in its name...
<sabgenton> oh
<sabgenton> i was 32
<sabgenton> ubuntu-9.10-server-i386.iso
<sabgenton> jmarsden: probly the same
<jmarsden> Probably, but if it doesn't work for you, you should probably check using your own CD / ISO
<sabgenton> hmm
<sabgenton> https://help.ubuntu.com/community/UbuntuServerFlashDriveInstaller
<sabgenton> jmarsden: how do you call the bot in this channel
<sabgenton> ! stuff
<sabgenton> k
<jmarsden> !tell sabgenton about ubottu
<ubottu> sabgenton, please see my private message
<sabgenton> ! usb boot
<sabgenton> ! usb
<ubottu> For information about installing Ubuntu from USB flash drives, see https://help.ubuntu.com/community/Installation/FromUSBStick - For a persistent live USB install, see: https://wiki.ubuntu.com/LiveUsbPendrivePersistent
<jmarsden> sabgenton: Rather than use the channel for that, just /msg ubottu and keep your talks with the bot private :)
<sabgenton> ! usb server
<sabgenton> sorry
<sabgenton> not much happing here anyway :)
<jmarsden> True, but it's good to learn the "right habits" anyway...
<sabgenton> any way that link looks got i found
<sabgenton> meah I was being ok
<sabgenton> ok
<sabgenton> how do you add to ubottu
 * sabgenton feels like being helpfull
<jmarsden> sabgenton: I forget the syntax, something like  ubottu: somekeyword is a lot of text goes here describing somekeyword.
<jmarsden> sabgenton: Might be good to update the relevant Wiki pages too, if you are documenting something that has changed or is new.
<sabgenton> if that link i got works I just wanted to make !usb show the  link to usb boot ubuntu server
<sabgenton> jmarsden: do you know how to change a boot line on the desktop boot loader and run it
<sabgenton> it says press tab to change the line so I do
<sabgenton> but when i press enter at the end it doesn't seem to boot
<sabgenton> it
<jmarsden> sabgenton: Changing GRUB lines?  I forget all the editing keys... e for edit, change the line, b for boot ?
<sabgenton> in grub you go out and press b or somting but I can't get the stylish ubuntu menu to take in perameters
<jmarsden> Ah... let me try it in a VM here... :)
<sabgenton> yeaah but it aint normal grub
<sabgenton> jmarsden: this is an ubuntu deskop cd i think
<sabgenton> not server boot menu
<sabgenton> well not that i've seen it
<sabgenton> it might be the same
<jmarsden> OK.  I was going to say, my server VM doesn't present me with a menu... let me try a desktop VM instead...
<sabgenton> thx :D
<sabgenton> mine says "Press ENTER to boot or TAB to edit a menu entry"
<sabgenton> I press tab make an edit
<sabgenton> press enter
<sabgenton> but then it doesn't boot
<sabgenton> and i go back and the boot enter is back to the default
<jmarsden> Are we talking about when you boot from the CD, or when you boot from an installed Ubuntu setup ?
<sabgenton> jmarsden: cd
<sabgenton> I think its the desktop cd
<sabgenton> boot  menu
<jmarsden> Booting from a desktop CD, I can press Enter to select English, then F6 and escape, then edit the parameters and press enter...
<sabgenton> if you got and edit the params again does it change back?
<jmarsden> Pressing enter in that edited command line boots for me...
<sabgenton> to defaults
<jmarsden> As in Enter for Englishm then D6, Escape, edit edit, F6, checj a box or two, escape?  No, it leaves my edits alone.
<sabgenton> ah I have gotten out of the fluffy gag menu
<sabgenton> can press Fx keys to see opitions now
<sabgenton> and type in params and press enter if wish
<sabgenton> it is a fluffyer  boot front than normal that i have
<sabgenton> thx again
<sabgenton> :D
<jmarsden> You're welcome :)
<osmosis_> When Lucid Lynx LTS comes out, will I be able to upgrade right from Hardy Heron LTS, or will I have to go to Intrepid, Jaunty, Karmic, and then Lucid??
<pmatulis> osmosis_: lts-to-lts is a valid upgrade path
<Stylee> hello, I am experimenting with a home based web server. I have registered a domain name. But I am a bit confused with name server. Right now I set it up through zoneedit.com which redirects on my IP. What should I look up for having this name server on my server?
<j416> Stylee: chances are you won't be needing a local DNS. If you do, try googling "bind".
<jmarsden> Stylee: You don't *want* to run a nameserver on your server, unless you actually understand what you are doing... just let zonedit or whoever run DNS for your domain.
<osmosis_> pmatulis, ahhh...it is?!  Great!
<Stylee> j416: thanks I will try jmarsden: well the domain registrar is another company, and I would prefer not to go through zoneedit
<jmarsden> Then you have some learning to do.  Start with the Ubuntu Server Guide chapter on DNS: https://help.ubuntu.com/9.10/serverguide/C/dns.html
<j416> Stylee: also, I would recommend you read about how DNS works - you will realise that you may not need your own name server.
<Stylee> well it is more like a hobby for me, so some learning doesn't hurt :)
<Stylee> j416: but the domain registrar wants at least 2 name server addresses... well I will look it up
<Stylee> thanks
<jmarsden> Stylee: You're welcome, and yes, you need 2 DNS servers for a domain.  If you really really need to do this yourself, you can run a primary on your own server and find a free secondary for the other one, with a little work.
<j416> Stylee: usually, either your registrar or your isp will have a DNS service
<j416> I use one provided for free by my registrar.
<Stylee> I see, and then this sends traffic to your IP?
<jmarsden> Stylee: Where it sends traffic depends on the DNS info configured in the DNS servers, yes.
<j416> Stylee: http://en.wikipedia.org/wiki/Domain_Name_System
<arbir> hello
<arbir> is ubuntu server production ready ? is it being used by many organizations ?
<ScottK> Yes
<arbir> ScottK: i keep reading that Ubuntu locks the version.. what does this mean ?
<ScottK> It means the once we release we don't update that release except in very unusual circumstances.
<ScottK> The idea is to keep things stable once releases are done and only fix severe or security bugs.
<arbir> so if php 5.2 is installed and its stable, then php 5.3 wont be installed , even if its stable ?
<arbir> am i getting it right ?
<arbir> ScottK: :-) are you there ?
<arbir> anybody here ?
<arbir> ScottK: are you around ?
<arbir> hi CutMeOwnThroat
<arbir> good to see you here :-)
<CutMeOwnThroat> just checking if it exists and has people in it
<arbir> hahah hardly
<tos_> hi i have set up a virtual server under ubunti9.10-  running 9.10.. and opened SSH, how can i set the host os to forward SSH requests to the virtual BOX....?
<ScottK> arbir: Yes.
<arbir> ScottK: hi .. i have been trying to read up on the lock version ..
<arbir> ScottK: so, if a package is in stable version , then it wont upgrade to the next stable version ?
<ScottK> arbir: Yes, except for specific fixes for severe bugs or security issues.
<arbir> ScottK: otherwise, is it the same debian packages  ? or ubuntu repackages its down stuff ?
<arbir> ScottK: i remember installing mysql on debian . it prompted me for a mysql root password. does ubuntu do similar things ?
<ScottK> arbir: We generally try to keep things in line with Debian except where we have good reason to deviate.  IIRC yes.
<arbir> ScottK: so, then what am i looking at essentially if i chose one over the other ? just version numbers ? or kernel compiles etc ?
<ScottK> It depends on what you are interested in.  Ubuntu has invested in a number of things that Debian hasn't.  For instance there are quite a number of hardening features that are pretty fully deployed in Ubuntu that Debian is just consider.
<ScottK> Ubuntu has done a lot with making 'cloud' computing easier to use.  Other stuff too.
<arbir> ScottK: hardening features like ?
<ScottK> Let me see if I can find the page ....
<arbir> ScottK: i have been read about the kernel.. and its pretty impressive
<arbir> so ScottK, here is the question. when you pick a LTS version, then how are the packages upgraded if they are locked down ?
<ScottK> Generally they aren't.  The point of LTS is to be stable.  There is also backports for specific packages, but those don't get the same kind of support that the regular release does.
<arbir> ScottK: but in 2 years, php can jump more than 2 versions.. what happens then ?
<arbir> ScottK: apache can jump 2 versions... i am just curious.. how ubuntu manages those.
<ScottK> You can stick with the older version or move to a newer release.
<arbir> ScottK: so, you mean, that, I can just do a dist-upgrade and move to the next set of packages.
<ScottK> Essentially
<arbir> aaah i see :-).. this is very interesting...
<arbir> so if its a security patch for php or apache, then those are made available eh ?
<ScottK> Yes
<ScottK> Hardy was released with: php5 | 5.2.4-2ubuntu5 |         hardy
<ScottK> Currently it has php5 | 5.2.4-2ubuntu5.9 | hardy-updates
<ScottK> So it's been updated 9 times since Hardy (8.04) was released.
<arbir> all those were for some security patches ?
<arbir> hmm.. so, in essence, debian is more like a rolling release model.
<kees> arbir: https://wiki.ubuntu.com/Security/Features
<arbir> alright keex
<kees> (that's the page that takes about a lot of the hardening bits)
<arbir> kees: in terms of the package version numbers, how different is ubuntu from debian ? or we follow similar cycle ?
<kees> arbir: during development, we keep up with Debian.  See https://wiki.ubuntu.com/LucidReleaseSchedule
<arbir> kees: hmm let me see that . .thanks
<kees> basically ubuntu's versions are debian's for as long as possible, but maybe with some ubuntu tweaks, etc, which we send upstream for Debian to include in the next version of the package, etc
<arbir> kees: oh, so , i am not looking at anything much different in terms of package versions :-).
<kees> arbir: usually true, yes.  sometimes things a different, but it's on a case-by-case basis.  versions of things that aren't in Debian will have a NNN-0ubuntu... number (the -0 part meaning "not yet in Debian" as Debian's version would start at -1)
<arbir> kees: by the looks of it, ubuntu is always a notch ahead in terms of version numbers :-)
<arbir> kees: one huge factor for me to decide is, how stable are the dist-upgrades ? desktop, i can fix in 2 days, but server down for 2 days will kill me
<kees> if it carries ubuntu modifications, yes.  it also depends on when you look.  after debianImportFreeze, Ubuntu will start to diverge
 * kees is unclear on the question
<kees> released versions of Ubuntu never change package versions except for security and grave bug fixes.
<kees> dist-upgrade is always stable.
<arbir> kees: suppose, i am on a release which is not going to be supported anymore
<arbir> kees: so if i am upgrading from 9.04 to 9.10, its a small jump.
<arbir> but if i decide to jump from 9.04 to 10.10
<kees> you need to always use update-manager.
<arbir> or 10.4
<kees> moving between releases is not supported by apt or aptitude.
<arbir> kees: aah i see :-).. great!  is update-manager a gui ?
<arbir> or can it be run from console ?
<kees> see http://www.ubuntu.com/getubuntu/upgrading
<kees> non-gui is called "do-release-upgrade"
<arbir> yes, i see it :-). its fantastic
<kees> cool  :)
<arbir> kees: :-), its been very hard for me to decide between debian or ubuntu server for my platform.. but this conversation is opening up so many dark corners
<arbir> i am glad, i am speaking to you
<kees> I am biased, but the security hardening in Ubuntu is a clear win.
<arbir> kees:  say you install mysql on ubuntu-server... now, does it prompt you to enter the root password for mysql ? or it sets it to blank by default ?
<arbir> kees: listening to biased opinions is what gives a strong picture
<kees> iirc, the mysql package by default will prompt on a freshly installed system.
<arbir> if i listen to two extremes, then i understand...
<kees> we would consider it a bug if it left it blank.
<arbir> kees: wow, so, i can see, that ubuntu's packaging system is mostly like debian's...
<arbir> kees: not just the apt, but the way the config files are handled..... etc etc.
<kees> arbir: yes, except where things are changed, Ubuntu is Debian.
<kees> that said, a lot of things are changed.  ;)
<arbir> kees: wonderful..... changes show evolution .
<arbir> kees: so tell me, why would people stick to debian and call it still very secure ?
<arbir> kees: is it cause, security patches are released first for debian ? and then migrated to ubuntu ?
<kees> Debian and Ubuntu have separate security teams.  If a package is in "main" it gets direct attention by the team.  if it's in "universe", Ubuntu will attempt to sync from Debian, take patches from the community, etc.
<kees> generally, high-profile stuff (usually in main) is addressed quickly by all distros.
<arbir> kees: great! its hard to find such crisp answers in any faq... on either of the websites
<kees> and for Ubuntu, with the hardening features, it's usually less urgent to get a fix published.
<kees> probably the weakest area for both Ubuntu and Debian are web apps, especially PHP.
<arbir> kees: i am very impressesd....
<arbir> why are they weak ?
<kees> it's not easy to harden those -- PHP is a mess as a language and most PHP applications are not defensively written.
<kees> that said, I use AppArmor to confine all my virtual hosts, so they can't overflow into other areas of my system.
<kees> that's a feature no in Debian too
<kees> but that requires some configuration like anything else.
<arbir> aah i see. :-)
<arbir> kees: so what do you use ? python? ruby ?
<arbir> kees: or Mono :-)
<kees> the virtual hosts I isolate are all PHP.  python's django is a better framework, IMHO.
<MTecknology> arbir: you don't get any better security answers from one of the #1 security guys in Ubuntu :)
<kees> I don't use ruby or mono on my system, but I'm sure you could find people here that do.
<arbir> i keep wondering, how facebook runs well built on php
<kees> MTecknology: heh.  I do worry about my bias, though.  :P
<arbir> MTecknology: he is a very modest person. :-)
<MTecknology> ya
<MTecknology> iirc; twitter was built on ruby..
<arbir> MTecknology: i have spent all day, trying to compare up debian and ubuntu for a server deployment
<kees> arbir: dunno about facebook -- probably written carefully from the ground up.  is it really php?
<arbir> kees: yes, thats, what i see and read on slashdot.
<arbir> kees: is not the suhosin patch good enough >
<MTecknology> I think php is extremely scalable if you're a 'good' programmer - ie. not many loops when they're not needed
<kees> arbir: well, if it helps, Debian (and Ubuntu) use the suhosin patch
<kees> MTecknology: yeah, it's a very powerful language; it just has a tendency to get misused.  ;)
<arbir> kees: i need to run two servers.. i have freebsd for one... and now i think its going to be ubuntu
<arbir> kees: its the C of the web ? :-D
<kees> arbir: indeed.  :P
<arbir> kees: not to say, that debian is wonderful byitself too!
<kees> well, if facebook is php, they disabled the easter egg.  I still want to do that in Ubuntu...
<kees> adding ?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 to any PHP application will show a jpg.
<arbir> kees: let me check that
<MTecknology> arbir: I think both Debian and Ubuntu are excellent server systems but.... the community is what consistently pushes me away from Debian
<arbir> MTecknology: whats up with the community ?
<MTecknology> arbir: I'd rather not give you more bias; but go into #ubuntu and ask a debian question vs. go into #debian and ask an ubuntu question
<MTecknology> kees: that doesn't happen on my site that's all php..
<MTecknology> http://www.profarius.com/content/home?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
<arbir> its not happening on my free hosting site as well...
<arbir> MTecknology: http://www.srimadbhagavadgita.co.cc/?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
<MTecknology> that sounded exciting though
<arbir> MTecknology: what did sound exciting ?
<MTecknology> the easter egg
<arbir> MTecknology: hhahahah
<arbir> still 4 months to go :--). i cannot wait for summer to get out of this freezing hell
<arbir> its still -20 here
<MTecknology> kees: make it work? I wanna see it
<arbir> MTecknology: i could not make it work on the facebook website
<arbir> MTecknology: it did work on my debian box though.. which i am about to uninstall and put on ubuntu server
<arbir> MTecknology: u talk about community... i had a bad experience at the #httpd channel.
<arbir> MTecknology: it seems admins dont like people asking them difficult questions, or beating them at an argument
<arbir> MTecknology: though i must be truthful here. I dont use Ubuntu for desktops at all...
<MTecknology> depends who you're talking to in there
<MTecknology> the apache devs enjoy it
<MTecknology> !irc
<ubottu> A list of official Ubuntu IRC channels, as well as IRC clients for Ubuntu, can be found at https://help.ubuntu.com/community/InternetRelayChat - For a general list of !freenode channels, see http://freenode.net/faq.shtml#channellist - See also !Guidelines
<arbir> MTecknology: i was pulled into an argument, and when i backed out, i got kicked
<arbir> MTecknology: what do you use for desktop ?
<MTecknology> heh... That would tick me off
<MTecknology> Ubuntu for everything. I use gentoo sometimes. I'm going to try OpenSolaris and Gentoo in a vm. I want to see if I can install Gentoo without any guide
<arbir> MTecknology: i was on ubuntu desktop... and now for the past 2 yrs i am on arch desktop.
<MTecknology> Then I'll probably tyr LFS in a vm
<arbir> MTecknology: and seriously, i found, that updating a ubuntu desktop took me for ever....
<MTecknology> really?
<arbir> MTecknology: even now, when i tried out a version of ubuntu desktop, the notification, that shows up is non-movable..
<arbir> MTecknology: i like my task bar at the bottom.. but the notification keeps popping up in the top :-). i have not yet found a way to move that, or disable that
<arbir> somebody told me, i the ubuntu room, that, its not possible to change that
<arbir> i found that answer weird, cause, the team is super smart with ubuntu, but i could never find a way out of that
<kees> MTecknology: ok: http://www.profarius.com/?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
<arbir> MTecknology: and similarly.. i did not like that, i needed to install evolution . i dont use it... :-). is there a way to get rid of that ?
<MTecknology> I use Ubuntu on my laptop. I installed the CLI version from the Alternate CD. Then trimmed a lot of packages, removed more, then installed just what I want, then removed packages I don't absolutely need.. Then customized the crap out of it. Then did a custom trimmed down kernel
<arbir> MTecknology: hahaha the easter egg is popping
<MTecknology> kees: COOL!
<MTecknology> I like that
<arbir> kees: can u do it at facebook too ?
<arbir> MTecknology: its weird, that works only with a php page...
<arbir> MTecknology: on my local box next to me.. i tried this http://192.168.5.8/php.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 it works..
<arbir> but without the php.php file, nothing shows up
<arbir> MTecknology: which framework do you use for your PHP apps ?
<MTecknology> Drupal
<arbir> MTecknology: thts a cms, right ? can u develop apps with it ?
<MTecknology> ya
<MTecknology> technically, it's a CMF
<arbir> whats a CMF ?
<MTecknology> content management framework
<MTecknology> speaking of communities behind what they offer; I should look into converting from irssi to weechat... If weechat can do the same thing I'm likely converting.
<MTecknology> arbir: as for picking a distro; if you spend time figuring out how to customize the system the way you want you can make anything as fast as something else. It tends to come down to package management and community
<arbir> MTecknology: yes, package management and community i agree
<arbir> MTecknology: i found the bsd comunity very very friendly
<arbir> MTecknology: i found ubuntu people very friendly.. and debian too!
<arbir> MTecknology: some places, u get flamed a lot.. i remember installing gentoo from the stage 1 in 2002.. i got flamed like for ever.. and when i got the system, up, i also got a lot of respect.
<arbir> MTecknology: sometimes, reading the Man page is not as helpful... u need instant info...
<arbir> MTecknology: so much of the info is distrubuted in the man page.. that you just go mad, trying to narrow down to what you want exactly
<MTecknology> I never got along with debian guys; I got a lot of great help learning to use gentoo (that's from stage 3 through)
<MTecknology> ya
<MTecknology> Debian and Irssi folke to me tend to be too much "look at the man you idiot" where the man lacks the answer you need
<arbir> well.. i have been swept here by friendly folks.. i have really enjoyed it.
<arbir> MTecknology: even gentoo servers are extremely fast i heard...
<arbir> MTecknology: just that, compiling kills the life of ur machine :-)
<MTecknology> ya...
<MTecknology> gentoo servers are scattered everywhere in the world
<arbir> MTecknology: and i have an old and faithful freebsd box, for all my devel needs... its really really great!
<arbir> MTecknology: all my php apps, web2py(python apps) and ruby apps are developed here. and then i deploy them to a linux server for testing.
<MTecknology> I never did give freebsd a chance - I should when I have time
<arbir> MTecknology: and now that testing env. is going to be the Ubuntu server
<arbir> MTecknology: you will never feel sorry you tried BSD... you grow to love it..
<MTecknology> I use it as it's what sits underneath pfsense
<arbir> MTecknology: frebsd is what i like. openbsd is good, but run by a dictator.. and i would instal firewalls or dns servers with openbsd.. nothing else
<arbir> MTecknology: but i have been noticing Nexenta.... :-). its like a ubuntu with a solaris kernel.. i will try that out too sometime.. to see its performance
<arbir> MTecknology: u seen nexenta ?
<MTecknology> no
<arbir> nexenta.org
<arbir> the ZFS is a killer..
<MTecknology> ya, I like their moto
<arbir> and its just a ubuntu.. runs apt
<arbir> gets all apps from the gnu userland
<MTecknology> GNU folkes irritate me..
<arbir> just like kffreebsd... the debian's freebsd kernel with gnu userland
<arbir> MTecknology: hahaha.. well we all use software from the gnu userland
<MTecknology> great software; but saying the OS needs to be referred to as GNU/Linux when Linux is the Kernel and GNU just has software
<MTecknology> true; but that's not all we use
<arbir> MTecknology: which web server do you use ?
<MTecknology> apache
<arbir> MTecknology: you will like this http://www.nexenta.org/TAoNM/01/1.html   . its amazing cartoon to explain nexenta... very well made
<arbir> MTecknology: u tried nginx ?
<MTecknology> no
<MTecknology> I've heard of it
<MTecknology> I really should try out some new software.
<MTecknology> I think tomorrow will be a play day for me.... gentoo w/o guide + everything you said
<arbir> MTecknology: i still have to evaluate a few more Oses for business hosting...
<arbir> MTecknology: some clients ask for Redhat , but will settle for CentOS
<arbir> MTecknology: some need specific solutions,, for which, ClearOS is good out of the box.. all things are pre-configured
<MTecknology> I need to figure out how to figure out how much traffic each website is generating.. as in bandwidth usage. The problem is that almost every website I have is running under a couple apache configs
<Hajuu> Hey guys, not sure if this is the best place to ask but I figure someone here might know
<Hajuu> I want something to find me the difference between two directories contents
<Hajuu> like to find all the files that have been modified in two previously identical folders
<Hajuu> recursively
<arbir> MTecknology: nginx is a little different to start of with. but once you like it. its amazing
<arbir> MTecknology: also keep an eye on Cherokee-project.com a superb webserver.. with a small small footprint.
<arbir> Cherokee is still not at production, i feel. i will wait for 1.0 to be out..
<arbir> MTecknology:  nginx has been built by a russian... so its built with all those hackers and crackers in mind
<Hajuu> anyone have any ideas?
<arbir> Hajuu: no idea my friend... sorry
<Hajuu> no problems, thanks
<MTecknology> Hajuu: I'm wondering if rsync could help you....
<Hajuu> I thought that was for getting stuff onto pda's and stuffs
<MTecknology> or from one system to another
<MTecknology> yup - it can help
<MTecknology> rsync -au --dry-run /dir1/ /dir2
<MTecknology> You could replace --dry-run with -n so just have -aun instead
<MTecknology> -n, --dry-run               perform a trial run with no changes made
<Hajuu> hmm
<Hajuu> what does it actually do then
<MTecknology> sync one directory to the other, but instead of running it'll just say what it's going to do
<billybigrigger> man page for rsync will tell you what the -au swtiches do
<arbir> MTecknology: what is this LVM option during my setup ?>
<Hajuu> hmm
<Hajuu> sounds good
<Hajuu> ill check it out, thanks
<MTecknology> !lvm
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<MTecknology> arbir: lvm is great if you have a usse for it and umm... don't.. (thinking back a few hours) uninstall lvm2 from your system
<arbir> MTecknology: i just started the server install. .and i am at the point of partitioning, and its asking me for LVM.
<arbir> MTecknology: i have not clue or exp with LVM.. so i am reading about it
<arbir> MTecknology: i see, this is like creating a ZFS pool. similar concept
<MTecknology> arbir: it's closer to raid; but more flexible
<arbir> MTecknology: i see... ok let me experiment with it.. after all, i am evaluating stuff. before i settle down on a proper testing server.
<MTecknology> arbir: play with it in a vm
<arbir> MTecknology: oh brother.. my desktop is full.. no space for VM.
<MTecknology> arbir: add say 5 drives to the vm
<arbir> MTecknology: i have a discarded pc, its a P-4 / 2.0ghz with 512mb or RAM
<MTecknology> then you can experience the real power of lvm
<arbir> MTecknology: aaah i see.. i think, thats what i will need to do sometime soon..
<MTecknology> raid is good for redundancy when you have mutliple drives of the same size
<arbir> MTecknology: get a bigger HDD.
<arbir> MTecknology: u must try out ZFS... its beyound RAID
<MTecknology> for me, a bigger hd isn't feasible
<MTecknology> zfs is a file system
<MTecknology> zfs would sit on top of lvm
<Hajuu> yeah zfs isnt beyond raid..
<Hajuu> lol
<Hajuu> learn before you speak.
<Hajuu> :/
<MTecknology> !zfs
<ubottu> For information concerning ZFS and Ubuntu, see: https://wiki.ubuntu.com/ZFS
<Hajuu> You have to try ASDLGL1, it's better than ANYTHING!
<arbir> Hajuu: u tried drobo ?
<MTecknology> "ZFS is an open source file system"
<arbir> Hajuu: they use ZFS for their systems... its amazing and even they call it, Beyond Raid
<Hajuu> Great. Way to fall for marketing.
<Hajuu> Marketing is where I tend to get all my information about the world.
<arbir> MTecknology: not licensed under gpl 3 yet.
<MTecknology> arbir: the license doesn't matter; it's a file system
<Hajuu> hahah
<Hajuu> yeah
<Hajuu> jesus
<Hajuu> quit talking like you know.
<arbir> :-) yeah... thats for sure..
<Hajuu> anway thanks for that MTecknology
<Hajuu> good luck in here lol
<MTecknology> Hajuu: did it get you the answer you needed?
<arbir> MTecknology: i was just reading and i mentioned what i saw thre about gpl3.
<PrickelPit> zfs in userspace via fuse, thats ugly :)
<PrickelPit> better mss around with freebsd or solaris to use zfs
<Hajuu> ill be checking it out later, if not ill be back lol
<Hajuu> cheers
<arbir> MTecknology: seems like my fingers and brain are not in sync.
<arbir> MTecknology: i was reading it aloud in my head about the gpl3 and trovaldis's letter.
<arbir> MTecknology: i just typed that in here.
<MTecknology> oh
<MTecknology> zfs doesn't look like anything I'm very interested in
<arbir> MTecknology: why do you say that ?
<MTecknology> I prefer to have the file system do one job only; manage files on the system
<arbir> MTecknology: as long as it keeps ur servers running .. :-0
<arbir> MTecknology: my ubuntu server is installing with LVM. i am going to play around with it.
<MTecknology> for my basic usage; raid to bind drives together; lvm to bin partitions together; ext4 on top ov lvm; system on top of that
<MTecknology> sometimes I'll feel something other than ext4; but that's what I use in general
<MTecknology> once in a while I need to do software raid but I hate that
<tos__> hi... ok, i have a virtualbox setup, running linux, the host is linux.... i want to make it so that if a user logges in to virtualserver1.myhost.com  it will connect them to their virtualbox which is using IP 192.168.122.127
<tos__> how can i do this??
<tos__> can bind9 control forwarding for something like this... ?
<tos__> kind of like apache vhost
<PrickelPit> make a login-script that autom. opens ssh to the vbox after user logged in to the host-machine
<PrickelPit> why using vbox at all? kvm should be the choice.
<tos__> well its virtual manager or whatever
<tos__> what is kvm
<MTecknology> PrickelPit: too bad that's not a choice for many :(
<MTecknology> I'd love to use it
<tos__> the 1 in gnome
<tos__> is wht im using
<MTecknology> !kvm
<ubottu> kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<tos__> so im guessing its apt-get install kvm ?
<MTecknology> both proc and bios need to support it though
<PrickelPit> i played a long time with xen, now for 6 month using kvm and i dont wont anything else :)
<PrickelPit> *want
<tos__> can some1 explain real quick if its possible to have, if i have 5 public ip, and assign each ip to virtualbox... say 2 of the virtualboxes are running httpd.. on port 80.. both be able to lisen and accept connections, all behind a dsl router...? the protocol i have is G.993.2
<jmarsden> tos__: Yes, that should be possible; set each virtualbox instance to use a different static local LAN IP, on a bridged interface, and use port forwarding on the router to redirect port 80 on each of the 5 public IPs to the corresponding local LAn IPs.
<tos__> but my router, 2wire says only 1 ip can be a server.. it makes me do DMZ mode
<tos__> am i screwed with this isp
<tos__> its their equipment
<jmarsden> Your router provides 5 public IPs but can only route/port forward one of them?
<tos__> yep
<tos__> gotta be a way around that
<tos__> :/
<jmarsden> You need to replace it with a router suitable for the kind of Internet connectivity you have (5 IPs).
<tos__> its a dsl/modem router..
<tos__> cant replace it
<tos__> lol
<jmarsden> Put it into bridge mode and put a real router behind it.
<tos__> i probably just need to call them.. that option isnt available either,..
<tos__> thanks for the advice
<jmarsden> Every DSL modem/router I have come across can be put into bridge mode, and we do a lot of those for small businesses... have you read its manual carefully?
<tos__> yes, man its at&t theyve got this thing firmware locked down so you cant use its features
<tos__> they kid-proofed my router
<tos__> no bridge mode etc
<jmarsden> We have at least one client in Northern CA using AT&T DSL and we got it into bridge mode...
<tos__> maybe theyll unlock that feature for me...
<tos__> ill ask
<tos__> thanks
<jmarsden> OK.
<tos__> yep they disabled it...
<tos__> \-->bridge2 is NOT_PROV
<arbir> MTecknology: are you still around ?
<arbir> why is my server kinda choppy ? if i login it takes a while before i get to the prompt... when i type from a remote terminal ( within my LAN), its kinda choppy
<jmarsden> arbir: Sounds like it is busy doing something, or else your network is busy doing stuff... use the usual performance tools to see what is taking up your CPU/disk/network
<arbir> jmarsden: let me check.. and now, i cannot even bind to port 80. my lighty wont start
<jmarsden> arbir: Why mess with that?  Ssh to the machine, sudo top, renice your top, see what is taking CPU... usual performance tools.  web servers are not performance monitoring tools.
<arbir> jmarsden: i just found another issue now. my NIC stopped working in the middle of my ssh session.. seems like i have to restart it from my basement again :-(
<arbir> jmarsden: man... this sucks.. my machine was perfect a while back
<jmarsden> arbir: Then either hardware failed, or you changed something on a perfect machine .. if it was perfect you should have left it alone!
<arbir> jmarsden: it has another OS on it.. and i just installed a fresh ubuntu
<arbir> jmarsden: i have to investigate now... the nic is dying after 10 mins of bootup
<arbir> jmarsden: this has happened the second time.. first time, i thought it was some crappy update
<arbir> now its a real issue
<jmarsden> Time to read your log files, I'd think.
<arbir> jmarsden: yeah.. but right now.. i am off to bed.... too tired.. tomorrow morning with a fresh start
<arbir> jmarsden: thanks a lot
<jmarsden> You're welcome
<orogor_> hihere
<orogor_> i have some issue with dhcp
<orogor_> as soon as there s a dhcp server ont he network the server use it and lose its static adress
<orogor_> iface eth0 inet static
<orogor_> address 192.168.1.10
<orogor_> netmask 255.255.255.0
<orogor_> broadcast 192.168.1.255
<orogor_> auto eth0
<orogor_> i have this in /etc/network/interface , it doesn t seems to help
<orogor_> and i can t completely uninstall dhcp, another interface needs it
<Jare> orogor_: i remember i was having the same problem once and it was because avahi took over the interface configuration. I think i just disabled avahi-daemon
<tos_> if i installed ubuntu without the cloud option
<tos_> how can i get back to the install screen
<tos_> to install cloud
<john_doe> I think pulseaudio is muted. How can I unmute it without graphical interface?
<Thugal> alsamixer from a terminal?
<Tunda> hello
<Tunda> Is there a specific UEC channel
<Tunda> Does UEC require only Intel CPU's that support VT or can AMD CPU's that support AMD-V also be used?
<jpds> Tunda: I thought it ran on KVM or something like that?
<Tunda> jpds: It does use kvm and the module is installed but I cannot attach storage or elastic Ip's without the instance shutting down and then I cannot seem to restart them until after a undefined period of time.  Quite lengthy.  after double checking https://help.ubuntu.com/community/UEC/CDInstall it shows VT extensions or VT 64bit multicore.  So I thought I should ask before banging my head against the wall anyfurther.
<ScottK> If anyone is using Ubuntu packaged spamassassin, odds are it's broken today.  See Bug #502071 for details (testers needed).
<uvirtbot> Launchpad bug 502071 in spamassassin "FH_DATE_PAST_20XX scores on all mails dated 2010 or later" [High,Fix committed] https://launchpad.net/bugs/502071
<uvirtbot> New bug: #502397 in beautifulsoup (main) "can not install python-beautifulsoup " [Undecided,New] https://launchpad.net/bugs/502397
<arbir> hello.
<arbir> how can i disable the extra ttys . i dont need 6 of them. just 2 will suffice. i can comment out the spawn getty line in /etc/init/ttyX.conf , but, is there a proper way to do it from a program ?
<jmarsden> arbir: Editing /etc/init/tty*.conf is the proper way to do it, as far as I know.  But unless you are running on tiny embedded hardware or something, you'll gain almost nothing by doing that.  Have you benchmarked your system with and without those ttys enabled?  Is there a measurable performance difference?
<jetole> hey guys. i have a system thta is showing 3 different network cards all with the same mac address  does anyone know why? also, all 3 are different make
<jetole> additionally, udev is not auto detecting all, only one and it looks like udev is detecting the proper mac
<RoyK> jetole: eeeerm - ifconfig -a is showing them all?
<jetole> RoyK: I found out the issue, it has to do with libdnet/libdumbnet1
<jetole> I have another issue, I suspect, which I am about to verify, seems a I have a reaktek card that seems (still waiting to verify) remember it's changed mac address permentantly
<jetole> nope, not that
<jetole> for some reason it is still pulling up the libdnet address
<PolK_> Salut
<RoyK> jetole: the mac address should be the one onboard
<jetole> RoyK: it wasn't however
<jetole> it was using the decnet/dnet address
<jetole> I yanked the card and replaced it regardless
<jmarsden> Some NICs will let you "permanently" write a changed MAC address into onboard EEPROM ... but that's hard to do without *knowing* you did it.
<jetole> RoyK: http://sourceforge.net/apps/mediawiki/linux-decnet/index.php?title=FAQ4
<jetole> notice the mac in the first question in the isolated box
<jetole> that was the MAC on all cards before I removed libdnet and libdumbnet1
<jetole> but that was still the mac on one card many boots later
<jetole> jmarsden: also, since I know very little about dnet I don't know if it changed the MAC permenantly, all I know is it was installed initially as well as the libndnet-dev to compile... I think it was snort
<jetole> debian/ubuntu have snort from the middle ages in the repos
<jmarsden> jetole: So you have filed a RTP for a newer version of snort, right?
<jmarsden> rmadison shows:  snort | 2.8.4.1-4ubuntu1 | lucid/universe | source, amd64, i386
<jmarsden> Which doesn't seem all that middle-aged to me...
<Doonz> hey guys im trying to reinstall lighttpd through apt-get. I had manually removed /etc/init.d/lighttpd but now when i reinstall lighttpd it doesnt recreate it. could someone copy me the base directory of /etc/init.d/lighttpd
<jetole> jmarsden: you realize lucid is not yet beta
<jmarsden> jetole: Yes.  But you did not specify a version of Ubuntu: <jetole> debian/ubuntu have snort from the middle ages in the repos
<jmarsden> That version is in the repos.
<jetole> fair enough
<ScottK> Doonz: Here's a better idea: install it, then purge it (not remove), then install again.
<jmarsden> Also, <jetole> debian/ubuntu have snort from the middle ages in the repos
<jmarsden> Oops.  Also: snort | 2.8.4.1-3ubuntu1 | karmic/universe | source, amd64, i386
<jmarsden> Karmic has a pretty recent version, it seems.
<jmarsden> And Karmic really is released :)
<jetole> no! Really?
<jmarsden> jetole: So you could (if needed) use those packages as a base for your own updated snort packages, and so contribute the updated ones back to the Ubuntu community.
<jmarsden> This would probably be more productive than complaints about the middle ages.
<jetole> I didn't complain about anything
<jetole> I justified why I compiled snort myself
<Doonz> ScottK: thanx that works
<ScottK> Doonz: When you want to remove config files, purge.  The package system assumes if you manually delete one you REALLY want it gone forever.
<Doonz> but now im trying to follow the guide at http://www.ubuntugeek.com/lighttpd-webserver-setup-with-php5-and-mysql-support.html to enable php
<Doonz> but when i goto my webserver and try to run the php file i get 403 forbidden
<Doonz> what permission should i set to my php file?
 * ScottK has successfully avoided all knowledge of PHP, but recommends you look at the permissions of the php file.
<Doonz> yeah
<Doonz> should it be read  and excute
<ScottK> Owned by?  www-data maybe?
<jmarsden> Doonz: Be aware that the (unofficial) guide you are working from is about 21 months old... details may have changed since it was written.  Only use a guide like that if you actually understand every step it tells you to do.
<Doonz> i dont know anything
<jmarsden> Then don't use random stuff you found by Googling :)
<Doonz> but my www direcatory is owned by www-data, the test.php file has chmod 555 assinged to it. but when i pull it up in the webserver i get 403
<jmarsden> Do you 100% *need* lighttpd rather than Apache?  If not, use the (official) Ubuntu Server Guide and install Apache.
<Doonz> well yeah since the guides i keep finding refer to lighttpf
<Doonz> well yeah since the guides i keep finding refer to lighttpd
<jmarsden> Unless you have almost no RAM or you have a very highly loaded server Apache works fine.
<jmarsden> Why are you reading random guides and not the official one?
<Doonz> why doesnt the official guieds include creating multiple users running their own session of screen with rtorrent running with logging enabled from an irc bot that uses a php script to translate for flexget
<Doonz> sorry but guides are only good if they actually help you
<jmarsden> lighttpd has nothing to do with screen or irc bots.
<jmarsden> If you have specific question, try asking them here.
<Doonz> i did you told me to use another product
<Doonz> typical answer
<jmarsden> I suggested you use the product more people use for a web server than any other.  So that you can get better support from more people.
<jmarsden> If you want to do it all on your own, go for it... the choice is yours.
<jmarsden> How much of "multiple users running their own session of screen with rtorrent running with logging enabled from an irc bot that uses a php script to translate for flexget" have you achieved so far?
<jmarsden> Which part of that do you want help with at the moment?
<jetole> god damn! Sounded like Doonz was way over his head
<RoyK> http://notalwaysright.com/i-deign-that-spain-stays-mainly-in-the-brain
#ubuntu-server 2010-01-03
<tos_> how do i setup ubuntu Cloud!?!?
<jmarsden> tos_: https://help.ubuntu.com/community/UEC
<ubuntuisloved> I was wondering why certain default shell accounts like games, sync, bin, sys, lp all have /bin/sh as there shell ? why wouldn't it be restricted to no login?
<uvirtbot> New bug: #502495 in vm-builder (universe) "Too much image copying when using vmbuilder for EC2" [Undecided,New] https://launchpad.net/bugs/502495
<Xpistos>  is there any reason why I can delete files over sshfs in nautilus, but not un empty folders?
<Guest86031> ok i am trying to find out if install ubuntu server does erase ubuntu desktop
<Guest86031> hello
<jmarsden> Guest86031: install how?  sudo apt-get install ubuntu-server ?    Or boot from a Ubuntu Server CD and go through the installation process?
<Guest86031> either one
<zzz20091>  I am looking for some advice on the best way to setup a server for a group of 5-20 people retirees, geographically dispersed, therefor no local login.  we have an imap server setup using 9.10 server, we want to add shared and personal storage accessible from anywhere.  I had suggested using knowledgetree, but I was wondering if there might be a better solution.
<Guest86031> no this is for a website that soon might have thousands of people
<Guest86031>  jmarsden which is the best way to install the server
<jmarsden> Guest86031: You are expecting thousands of visitors to a web site and don't know how to install the OS yet??  The best way depends on your hardware... if you have a CDROM containing Ubuntu Server, one good way to install it is to boot the server from that CD and follow the installer prompts.
<Guest86031> ok i know how to do that part but will it erase the desktop
<jmarsden> Guest86031: This *will* erase the hard drive(s) on your server if you let it.  It depends how you answer the questions and how the "desktop" was originally installed and partitioned.
<Guest86031> ok so if i choose the other harddrive to install server it will be fine
<jmarsden> How do I know, what "other hard drive"?  You have not said anything about how many drives your server has and how they are configured, so I can't guarantee anything will be fine :)
<Guest86031> 6
<jmarsden> And you partitioned them how?  and installed Ubuntu Desktop how, on which drives?
<Guest86031> c
<Guest86031> the only thing on c is ubuntu desktop
<Guest86031> i formatted all hard drives then installed ubuntu on c drive
<jmarsden> There is no C in Linux devices... /dev/sdc ?
<jmarsden> C: is a Windows thing, not a Linux thing.
<Guest86031> o
<Guest86031> my fault
<Guest86031> well it was the c drive
<Guest86031> lol
<Guest86031> forgive me im a newb
<jmarsden> What device is it now?  Are all these drives just set up as individual drives, or is there any RAID going on?
<Guest86031> good question
<Guest86031> how can i find out
<jmarsden> Newcomers who are expecting thousands of web site visitors "soon" should get paid consulting help ASAP!
<Guest86031> no im not much of a newb just to runnin a web server
<Guest86031> i have 5 website with 300-500 people registered
<jmarsden> mount   # will tell how what is mounted where
<Guest86031> but yahoo is kicking my domains out due to laggin out server
<jmarsden> Guest86031: So you are trying to set up your own server... but still want a Ubuntu desktop install on one of its drives?? What use will the DEsktop install be to you once you boot the server?
<Guest86031> idk
<Guest86031> i dont really need it
<jmarsden> Then why are you trying to keep it?
<Guest86031> i thought i had to have for certain things
<Guest86031> like storage for music files and such for website
<jmarsden> For what?   Why does that need a desktop install on a spare hard drive on your server??
<Guest86031> it dont i see that now
<Guest86031> so i guess ill just install it and erase desktop
<jmarsden> OK, so just back up any data you care about from that installation somewhere safe, and then boot the server machine from the Ubuntu Server CD and let it install
<jmarsden> Yes.
<Guest86031> thanks man
<jmarsden> You're welcome.
<Guest86031> sorry for being a newb
<Guest86031> 1 more
<Guest86031> i can still use ubunto on personal computer under vmware right
<jmarsden> You may want to read http://tldp.org/LDP/intro-linux/html/intro-linux.html to learn more about Linux, BTW
<Guest86031> ok well thanks
<jmarsden> On which personal computer?  The same one you are using as a server?
<Guest86031> no
<jmarsden> Then some other computer is not affected by what you do on the server, so ... yes, you can still run Ubuntu on some other machine under VMware or virtualbox or any other virtualization setup you want to :)
<Guest86031> ok thanks man
<Guest86031> later
<jmarsden> The Ubuntu Server Guide at https://help.ubuntu.com/9.10/serverguide/C/ is also worth reading ... have fun :)
<ScottK> zzz20091: How would you like for these people to be able to access their information?
<zzz20091> ScottK: thats a good question, as most of them are WXP users i had thought samba. But how secure is samba over the internet, and 2nd samba doesn't
<zzz20091> cont - samba isn't a co-operative environment.   looking at desired functions, shared address book -- LDAP?, shared calendar -- ?, personal and shared file storage, a lot of the group travel quite extensively so WEB based access might be a 'good' idea. I am open to almost any suggestions, however I would prefer pre-built solutions as I am not comfortable with source installs.
<ScottK> For shared address book and calendar, Google is hard to beat.
<jla> ScottK: I for one, and there are others in the group, am not very comfortable in putting my data on to a server not in my home country, US privacy and protection laws only apply to US citizens.
<jla> ScottK: One of the reasons for setting up our own servers is that we are mostly affiliated with a political direction which is not particularly fond of the current government!
<ScottK> jla: are you zzz20091?
<jla> yes, why do you ask?
<ScottK> just making sure I'm continuing the same conversation
<jla> I am new to IRC so I am not sure how I should set myself up, I am using pidgin, advise welcome on all subjects.
<ScottK> It's fine, just suprised me when you switched.
<jla> ScottK: sorry I thought the system announced nickname changes?
<ScottK> jla: It does, but I hide them (along with joins/quits) so I can read the backlog better.
<jla> ScottK: usefull
<ScottK> jla: You might consider http://www.mozilla.org/projects/calendar/sunbird/ for calendaring.  I haven't used it myself, but it is packaged.
<jla> ScottK; i have looked at that, but from what I have heard mozzilla is probably going to drop sunbird in favour of lightning, they are trying to look and feel like MS Outlook. i think they would be better going the other way and creating separate mail/calendar/address book apps that co-operate.
<ScottK> Unfortunately cross platform calendaring isn't such a mature area.
<ScottK> Sorry I don't have a lot of great suggestions.  It's not something I've had to worry about in a very long time.
<jla> Not to worry, what is your opinion on Samba across the WEB.
<ScottK> Samba is something I've managed to totally avoid having any experience or opinions on.
<ScottK> Mostly I use sftp.
<ScottK> Actually I think pretty exclusively I use sftp.
<phreezyphreaky> jla, I would not run samba across the web.  If a user needs access to files, I would have them VPN to the network and tunnel samba through that
<jla> phreezyphreaky: I had sorta thought that might be the case. Any ideas as to how many VPNs a server could handle. The internet side is a DSL connection running at about 8M.
<phreezyphreaky> VPN is generally okay for accessing small files.  Big files then to take a long time to open.  If they need to access big files, there are better solutions
<jla> phreezyphreaky: i am all ears
<phreezyphreaky> jla, I usually recommend Windows Terminal Server or Citrix (if it is a big implementation or requires additional features)
<phreezyphreaky> jla, not sure but maybe you can do the same thing with Linux with a X11 server and clients but I'm not really familar with that
<phreezyphreaky> jla, basically the idea here is the server gives each user a "desktop" that they can use to access files or programs on the server.  All that is transmitted between the server and the client are screen updates, keyboard strokes, and mouse movements.
<jla> We would prefer to avoid MS products, and some of these people will be working offline while travelling
<phreezyphreaky> Then the VPN is your best bet with some kind of offline folder sync.  Unfortunately, I'm not too familiar with those options in Linux.  Came from a predominantly Windows background
<jla> phreezyphreaky: same here, corporate world is windows.
<phreezyphreaky> jla, exactly.  And to tell you the truth.. for small networks, I almost always recommend Microsoft.  They are more familiar with it and less training.  Especially for remote access.  That is hard enough with Windows
<phreezyphreaky> What OS is used to access the server?
<ScottK> Mostly Window XP he said earlier.
<ScottK> OTOH, this is for a political group that may have significant security concerns, so an internet facing Windows server may not be the best idea.
<phreezyphreaky> Well an SSL-VPN appliance to handle the VPNs into the network should take care of securely accessing the internal network
<phreezyphreaky> Found this link for syncing files from a Linux server to a Windows client: http://www.trueblade.com/knowledge/using-rsync-and-cygwin-to-sync-files-from-a-linux-server-to-a-windows-notebook-pc
<jla> ScottK: very true, some of us fear there may be a coup etate in the near future. which might make life interesting.
<ScottK> So you also probably want to be thinking about stuff like Tor (which is not packaged by Ubuntu because we couldn't keep the packages up to date enoug)
<ScottK> If you have users that can handle rysync and that will meet your requirements, it's both secure and conservative of bandwidth.
<jla> i think I have heard of TOR and if it the package I am thinking of it may not be enough, but I will take another look
<ScottK> Tor is not sufficient for what you are thinking, but from a security perspective it may be an essential piece of the solution.
<phreezyphreaky> Be careful with Tor.  It is encrypted but only up to when it leaves the Tor network.  It is NOT encrypted from the Tor exit point to the destination.  Also, anybody can be a Tor relay and it's possible for someone to try and hack into your information when it passes through a hacker's Tor relay
<jla> It is the security ? that is most bothersome, when i started this quest it was just an item on the list. however as some of our number are getting worried it has come to the for.
<phreezyphreaky> Tor is best used if you are just trying to disguise your IP
<jla> That maybe an important service/facility
<ScottK> Tor doesn't do anything for security in transit.  It makes it difficult to connect endpoints together.
<jla> for the moment I am going to hope that the ideas generating the security concerns are paranoia, and put them on the back burner. That does not mean that any solution can ignore security just it does not have to rule the roost.
<phreezyphreaky> jla, VPN is the solution for securely access services from the Internet to your internal network.  All companies use it.  Do a little research and you'll see
<jla> phreezyphreaky: VPNs are certainly the answer to secure connectivity. doesn't answer the problem of shared address and calendar. in my initial digging I came across mention of the "hord' as a web based solution, anything known?
<jla> I am being paged by SWMBO, have to go. zzz2002 at gmail dot com
<danielck> posted this in #ubuntu but since I'm running server I think it might be a better idea to post it here...
<danielck> I'm having a Locale problem - /etc/environment and /etc/default/locale show LANG=en_US.UTF-8 but "locale" command gives me an empty LANG= and the rest is just POSIX
<danielck> running Hardy
<eqx311> ;)
<sabgenton> if i put ubuntu-server.seed on the ulternative install verions  will it install the server edition
<sabgenton> exatly
<sabgenton> exactly
<cemc> does rsync provide an xinetd.d/rsync file? I have rsync installed, and I installed xinetd after
<ivoks> ?
<ivoks> rsync has its own init script
<cemc> I mean I want to run rsync from xinetd, and on centos for example there is an /etc/xinetd.d/rsync file
<cemc> which describes the rsync service for xinetd
<ivoks> in ubuntu, by default, rsync is started from init script
<cemc> I know, but I want it from xinetd. I need to write my own file for it then ?
<ivoks> if you want it in xinetd, you can probably just copy the xinet.d/rsync file
<ivoks> from centos
<ivoks> just make sure that paths are correct
<cemc> mhm
<TDJACR> I'm trying to use IPv6 via a tunnel on a server of mine and ufw seems to block all ipv6 connections while allowing ipv4 connections to the same ports
<TDJACR> And ipv6 is enabled in /etc/default/ufw
<blue-frog> trying to chroot sftp on 9.04, am still having a problem of ownership apparently. has anyone some time to spare with me?
<TDJACR> I'm trying to use IPv6 via a tunnel on a server of mine and ufw seems to block all ipv6 connections while allowing ipv4 connections to the same ports
<jpds> TDJACR: /etc/default/ufw
<jpds> TDJACR: IPV6=yes
<TDJACR> Forgot to mention that I did that
<jpds> sudo ufw disable && sudo ufw enable ?
<TDJACR> http://ubuntuforums.org/showthread.php?t=1371345&highlight=ufw+ipv6 might clarify
<TDJACR> jpds: Yes sir
<jpds> TDJACR: is there any information about ufw blocks in /var/log/messages ?
<TDJACR>  /me checks...
<TDJACR> Oops
 * TDJACR checks...
<TDJACR> [UFW BLOCK] IN=eth0 OUT= MAC=fe:fd:61:6b:8a:6f:00:d0:02:20:38:00:08:00 SRC=209.51.161.14 DST=xx.xxx.xxx.xxx LEN=100 TOS=0x00 PREC=0x00 TTL=23 ID=31372 PROTO=41
<TDJACR> That was with the HE tunnel
<TDJACR> jpds: ^
<TDJACR> jpds: http://pastebin.com/d17f0e2d2 <-- UFW block log
<jpds> TDJACR: No idea, sorry.
<TDJACR> jpds: Okay, no problem
<TDJACR> Thanks
<pm> Hey everybody, I have a somewhat unusual problem. I just installed the most recent ubuntu server on an old thinkpad. I need to use a rt2500 PCMCIA wireless card. I do not know how to get it to work. lspci shows the card. I have the server-thinkpad right here with me so I can try some things you suggest. many thanks
<uvirtbot> New bug: #502607 in samba (main) "Cannot Browse to Windows Shared Printer In Lucid" [Undecided,Confirmed] https://launchpad.net/bugs/502607
<pm> Hey, does ubuntu karmic server have pcmcia support built in? I can see a pcmcia card via lspci. does that mean pcmcia support works?
<qman__> pm, if it shows up in lspci, it's working
<qman__> as for whether hot plugging will work, you can't really be sure until you try
<qman__> run 'sudo ifconfig -a'
<qman__> if a card by the name ra0 shows up, it's all working
<pm> qman__, thanks, will try.
<pm> qman__, there's just a wlan0, no ra0.
<pm> lshw -C network tells me the network is disabled but shows a wireless interface with driver=rt2500pci which should be right.
<qman__> pm, looks like it's working to me then, try setting it with iwconfig
<qman__> the driver used to use the ra0 name, but then there was a bug with networkmanager not being able to use them
<qman__> so it would make sense if they changed it to use wlan0
<qman__> I haven't used one in years though
<pm> qman__, iwlist scan says interface doesn't support scanning: network is down
<pm> ifup says it doesn't know the interface
<qman__> try doing 'sudo ifconfig wlan0 up' first
<qman__> then using iwconfig to connect to an access point
<qman__> it's not a permanent solution by any means, but ok for testing
<pm> hey, now iwlist scan gives some results! thanks so far!
<pm> can i somehow automate this 'ifconfig wlan0 up' ?
<qman__> there is some other correct way to set up /etc/network/interfaces for wireless, but I don't know it
<qman__> so that you auto connect to a certain wireless network
<pm> ok, I can google for that
<pm> thanks
<qman__> no problem
<blue-frog_> how to have sftp in debug mode? is it enought to launch sshd in debug mode?
<Mike_lifeguard> I'm trying to check ssh keys on my system with ssh-vulnkey. I have openssh-blacklist and openssh-blacklist-extra installed, but I'm still getting "Unknown (blacklist file not installed)" when running sudo ssh-vulnkey -a. What should I do differently?
<davidtre_> hello all!
<davidtre_> I just have this cleanly installed server with 9.10 after the first update I have  grub-probe: error: no mapping exists for `sil_aiaiafafaccb5', anyone knows this issue ?
#ubuntu-server 2015-12-28
<Bruha> hello
<Bruha> I just installed ubuntu server and am having some problems
<Bruha> anyone around to help?
<Bruha> after installation from a usb stick, I removed the usb stick and restarted.  I only got a blinking cursor and couldn't do anything.
<Bruha> I was going to reinstall and so I put the usb stick back in and booted from it.  Then I got my login prompt and now have a command line
<Bruha> however, I have no clue what to do now
<Bruha> I'm trying to set this machine up to install Plex on and use as a home media server
<Bruha> anyone around?
<Bruha> I just installed plex media server on my ubuntu server.  I'm stuck.  What do I do now?
<f8mf8> Hi need help with ubuntu server  byobu/tmux  issue, here is a screenshot of the issue  http://i.imgur.com/AZDdCnb.png
<f8mf8> no help on #ubuntu, hoping to find some help here
<lordievader> Good morning.
<Alcapote> You have my Hello from the France :)
<NetworkingPro> Hello everyone.
<NetworkingPro> Im trying to create a remote user account so my nagios server can reboot my servers.
<NetworkingPro> Only a reboot.
<NetworkingPro> would this work:  nagrmt ALL=(ALL) NOPASSWD: /sbin/reboot
<NetworkingPro> ?
<ikonia> yes
<ikonia> as you where told a minute ago
<NetworkingPro> ikonia: oh you mean where you said:
<NetworkingPro> "ikonia> something like that"
<NetworkingPro> thanks for the precise answer...
<ikonia> just test it
<ikonia> you want me to check the documentation syntax for you ???
<pmatulis> NetworkingPro: you want to create a user?
<pmatulis> NetworkingPro: if so, check the man page for 'adduser'
<NetworkingPro> pmatulis: actually I was trying to figure out the correct syntax to allow a remote user to issue only a single command without a password.
<NetworkingPro> I have that figured out, now Im pushing it to all my servers via salt.
<NetworkingPro> Thanks for replying though.
<pmatulis> NetworkingPro: nicely done
<jonah> Hi I just wondered if anyone can help me configure my NUT ups - I do have it monitoring and working. But I'm not convinced my server will acutally shutdown before the power runs out! I did a test earlier and watched the power go from 100% down to 1% and my server wasn't looking like it was beginning any sort of shutdown so I quickly put the power back on in a panic! I've read the docs and googled around but still not sure what I'm doing
<jonah> wrong... Anyone help at all?
<jonah> How do I set the server to shutdown nicely on Lowbatt level with Nut?
<jonah> Also I haven't added a master user. I just left the config file as it is. Do I need a Master user or does it just default to work without one?
<ikonia> jonah: isn't this a function of the UPS
<ikonia> it has to call the shutdown command, not the server
<jonah> ikonia: hi yes it is a bit worrying, just trying now by adding in a master user. Just not sure when the shutdown is supposed to start or how to change this...
<ikonia> that would normally be set o the UPS device,
<jonah> ikonia: so I don't set it in nut config files etc?
<seeeb> Hi guys, anyone able to connect using nomachine nxserver in an ubuntu 14 server?
<patdk-wk> yes
<seeeb> great
<seeeb> with gnome?
<seeeb> I've just upgraded a server from 12 to 14.04 and when I connect from my mac I get a black screen
<seeeb> does that sound familiar to you patdk-wk?
<patdk-wk> nope
<patdk-wk> has always worked just fine
<seeeb> puh
<seeeb> and it's gnome patdk-wk?
<patdk-wk> is there another option?
<patdk-wk> I know there are like 3 or 4 different gnome options
<seeeb> if it's all in default it should be gnome
<seeeb> may I ask what version of nx server are you running there?  sudo /usr/NX/bin/nxserver --version
<patdk-wk> thought default was unity and that would be ubuntu desktop, not server
<patdk-wk> NoMachine - Version 4.2.27
<seeeb> ah ok
<seeeb> I'm running 3.5.0-11
<seeeb> that might explain
<seeeb> is that the free edition do you know?
<k2gremlin> If I want a system to reboot say 4 times a day, I would need 4 seperate crontab jobs correct?
<joeb3_> k2gremlin, did you get an answer?
<k2gremlin> joeb3_, well got to thinking.. really only need 1 reboot a day I think. But If I need to bump up too 2 or 4.. do I just add more lines at different times?
<k2gremlin> joeb3_, its my Plex media server.. for some reason it hangs once in a while. In order to get it to play movies again, I have had to restart it
<joeb3_> k2gremlin, one line can specify multiple times.  Look at your /etc/crontab file for the format.  In the hour column you can put 12,16,20.  That will run at 12pm 4pm and 8pm.
<k2gremlin> joeb3_, Ahh! Thanks a bunch :P
<seeeb> guys anyone could install x2go in ubuntu 14? this guide looks great but I can't add the ppa repo https://www.howtoforge.com/how-to-install-x2goserver-on-ubuntu-14.04-as-vnc-alternative
<ikonia> you just need to find a trusted source containing the packages
<seeeb> always find a reference to ppa:x2go/stable http://wiki.x2go.org/doku.php/wiki:repositories:ubuntu
<seeeb> but it says cannot add PPA
<seeeb> any idea about that ikonia?
#ubuntu-server 2015-12-29
<seeeb> I'll addd the sources manually
<seeeb> manually resolved that :)
<dave4925_z> yeah just manually resolve it for each instance
<lordievader> Good morning.
<jaawerth> hi, folks! I've got what I hope is a quick question - on a few of my servers after running processes that /run/user is full, and doesn't seem to ever empty. It doesn't seem to break anything, and I realize /run/user/$id is a SystemD tmpfs thing - but I'm wondering if it not emptying is a problem?
<jaawerth> from what I've been able to find, it's supposed to empty when a user logs out, so presumably it has something to do with ongoing processes that run as specific users
<EmilienM> can I deploy OpenStack mitaka with trusty-proposed repo?
<Walex2> jaawerth: that is not supposed ever to get full... However echk the value of 'echo $TMP' for some of those users.
<jaawerth> Walex2: haha, I think I just figured it out - my fault for leaving a tmux session open, at least one this one machine I'd just been testing it on. Thanks though
<jaawerth> echo $TMP came back empty but I think it just wasn't clearing because I hadn't logged out in a while
<Walex2> jaawerth: perhaps you need a larger allocation to that
<jaawerth> yeah, it's just 100M
<jaawerth> and on that box in particular I do some data-write-intensive stuff
<jaawerth> ah, looks like the shell env var is $XDG_RUNTIME_DIR
<Walex2> jaawerth: gah, the usual XDG crap.
<jvwjgames> Hi guys remember my interface problem on my server
<lordievader> Err, maybe with some more details?
<seeeb> is there a lubuntu channel or related stuff here is okay?
<lordievader> seeeb: There is a Lubuntu channel, yes.
<lordievader> !alis | seeeb
<ubottu> seeeb: alis is a services bot that can help you find channels. Read "/msg alis help list" . For more help or questions relating to alis, please join #freenode. Example usage: /msg alis list #ubuntu or /msg alis list http
<seeeb> cool thanks lordievader
<jaawerth> Walex2: common complaint with SystemD stuff? I've not paid a ton of attention to the controversy over it
<jvwjgames> Hello guys
<pmatulis> hello
<Horler> Hey peeps, what sort of communication should I use to transfer files to my ubuntu server vps?
<ikonia> scp ? sftp ?
<Horler> I've been told that ftp is insecure.
<ikonia> yup
<rattking> rsync over ssh?
<ikonia> depends what you want to do really
<Horler> Plus, I'm a beginner.
<ikonia> nothing wrong with that
<Horler> Well, I manage a game server with friends... so I want people to be just in their own folder to edit/upload scripts of games
<Horler> That's my purpose
<ikonia> Horler: thats something you'll have to plan out
<ikonia> as that could leave your server very open
<Horler> What'd you recommend?
<ikonia> you'd need to secure their users, decide about interactive shells/not, depending on that setup, make sure you use a method that has a client they can all use
<ikonia> you need to put thought into it and plan it
<Horler> to be honest, that went right above my head.
<Horler> We're just two people, any simple ftp for now?
<ikonia> I'd stay away from transfering anything over the internet via ftp
<Horler> all right
<ikonia> (its your call of course)
<Horler> There's this sort of website for some files I want to download
<Horler> when I use windows to go that link, it as usual download the files
<Horler> but in ubuntu when I say wget url
<ikonia> whats the url for one of the files you want
<Horler> wget http://linux.mtasa.com/dl/151/multitheftauto_linux_x64-1.5.1.tar.gz
<ikonia> works fine for me
<Horler> wget this_link_above
<Horler> gives this error :
<Horler> wget: unable to resolve host address 'linux.mtasa.com'
<Horler> weird
<ikonia> your dns isn't working
<ikonia> you need to point your server at working dns servers
<Horler> I bought this VPS from a hosting company
<Horler> how can I do that?
<ikonia> ask them to configure it to point to their DNS servers
<Horler> ah... okay... is there anything that I can do? I need it soon you know
<ikonia> log a call to them
<ikonia> and they should do it quickly
<ikonia> should only take 5 minutes work
<Horler> ah okay ;)
<Horler> next(probably last)
<Horler> I might stick to the vsftpd idea for now
<Horler> Is there any way to lock user to a directory rather than his home directory?
<ikonia> that is probably the most respected ftp server, but it is still a huge risk
<ikonia> vspftd has a chroot home option
<Horler> so that he can't go to his parent?
<ikonia> yes
<Horler> oh
<Horler> i want to lock him to something that is not it's home
<ikonia> you can do that
<ikonia> chroot home allows you to set it where you want
<ikonia> but it would be easier to just change his home dir to where you want to lock him
<Horler> what is the command of that thing?
<ikonia> as if you want to lock him somewhere, whats the point of having his home directory somewhere else
<ikonia> it's not a "command"
<ikonia> it's config option
<ikonia> vsftpd is well documented
<Horler> that vsftpd.conf file?
<ikonia> thats one of the config files
<ikonia> it can be modular
<Horler> is there a guide for it anywhere official?
<Horler> ikonia: I made chroot_local_user=YES
<Horler> so... If i'll create an user now, he'll be restricted in /home/nameofuser?
<ikonia> no
<ikonia> did you read the doc about what you need
<Horler> I did
<ikonia> super
<ikonia> just sort out your auth
<Horler> I now logged in winscp from my new user, it took me to somewhere in etc folder
<Horler> yeah, I can only make files in my home directory once I go there
<Horler> Can I make user to log in only in his home?
<ikonia> thats what you've just done
<Horler> why am I being taken to etc when I First log in?
<ikonia> look at your config
<Horler> nothing there
<ikonia> there will be
<Horler> nope!
<Horler> i just proofread it, nothing
<ikonia> check the home directory of the user and the ftproot
<Horler> nothing...
<ikonia> it won't just dump you into /etc for fun
<Horler> even my root is taking me to etc
<Horler> very weird
<ikonia> so that would suggest something such as the default ftproot
<ikonia> and root should not be able to login
<ikonia> that suggest you have changed your machine from the default config
<Horler> i must re-install it
<bekks> Why?
<bekks> Just because you did not configure WinSCP correctly?
<bekks> In WinSCP, you can setup which folder should be opened upon connecting.
<Horler> Ah bekks... thanks but I'm late now :(
<Horler> but however, the user must open in his home directory, to which I locked him?
<Horler> I don't want him to wander around view files
<bekks> At least it will teach you that reinstalling does not solve problems.
<bekks> If you dont want a user to see other content, you need to create a login chroot/jail.
<Horler> yeah, that, how do I do that?
<bekks> Like this: https://askubuntu.com/questions/93411/simple-easy-way-to-jail-users
<Horler> woah
<Horler> that's too much
<bekks> Thats the EASY way.
<Horler> You sure? Do you have anything else than FTP just to transfer files?
<bekks> Sure.
<bekks> SFTP, implemented by SSH.
<Horler> All right, how do I install it?
<bekks> You already did, since you installed openssh-server.
<Horler> I didnt!
<jelly> who did, then??
<bekks> Horler: Well, then try to explain how you can connect using ssh ...
<Horler> I was using ftp? vsftpd
<bekks> Then you should try.
<bekks> Since you are using a server, openssh-server is installed.
<Horler> oh okay
<Horler> then?
<bekks> Then what?
<bekks> Then you are using SSH. And that implements SFTP.
<Horler> no offence but I'm a total noob
<Horler> so... all right
<Horler> ah man
<bekks> Well, maybe you should take a very close look at https://help.ubuntu.com/lts/serverguide/openssh-server.html understanding what SSH is.
<Horler> i get that now...
<Horler> we just have two things to transfer files? ftp and sftp? that's it?
<bekks> Who is "we"?
<Horler> ubuntu community?
<ikonia> ??
<bekks> That statement makes no sense at all.
<ikonia> if you only have 2 things to move,, just copy them on
<ikonia> forget all this chrooting and stuff
<ikonia> just copy the 2 things into place and be done
<Horler> all right
<bekks> I guess he thinks that "we" only have ftp and sftp for transgerring files.
<bekks> *transferring
<Horler> yep
<Horler> I think that
<bekks> Which is wrong.
<Horler> what else do we have and what 2 things do I need to copy?
<Horler> sorry guys, I just haven't been on ubuntu...
<bekks> Besides FTP and SFTP, there is FTPS, NFS, SMB, CIFS, AFP, and a LOT more.
<Horler> I just have one single purpose... give me friends access to only their own folders... not mess around in other folders...
<rattking> if you will allow the user ssh access I would enable ssh server make them an account and use 'scp file user@host:~/" to write it to their home dir
<bekks> Setup chrooted FTP, as being provided the link before.
<bekks> Which you said is too complicated for you.
<rattking> that way you leverage ssh for encryption and auth, but it has the down side of giving the user a shell on the box
<Horler> bekks: the chroot part is too complicated
<Horler> rattking: I've no clue
<bekks> Horler: Which is a basic requirement as you stated.
<patdk-wk> ftps is so broken
<patdk-wk> no need to give a user a shell
<patdk-wk> just lock the user to sftp
<patdk-wk> scp requires a shell
<patdk-wk> if you really don't want to deal with ssh chroot, and must have chroot, use proftpd sftp
<bekks> vsftpd can chroot users too.
<Horler> bekks: yeah
<Horler> I tried... didn't work
<JanC> openssh+sftp isn't that hard to set up, right?
<bekks> You tried what, and what founded a works council and stopped working with which message?
<bekks> JanC: sudo apt-get install openssh-server :)
<bekks> JanC: aka "yes, easy" :)
<JanC> bekks: it's slightly more work than that for sftp-only + chroot
<JanC> but not really that much
<Horler> all right
<Horler> I'll try openssh-server now
<Horler> it's already to newest version
<bekks> As I said.
<Horler> What should be done now?
<bekks> Connect using SFTP.
<Horler> I must get a sftp client for windows first
<bekks> You have one.
<bekks> WinSCP.
<Horler> winscp yeah, done
<Horler> Oh my god
<Horler> I've been using openssh since the starting! :o
<bekks> Thats what you have been told, yes.
<Horler> all right, but I didn't use all that ssh keys
<Horler> just root, ip, and password
<bekks> All those ssh keys are explained in the article about openssh-server I've been giving you.
<Horler> ssh-copy-id username@remotehost
<Horler> what's this
<Horler> okay
<rattking> that will copy your ssh public key to the server so you can get in without the users password
<Horler> all done as of those keys
<Horler> now what
<Horler> how can I connect without root... ip and password
<bekks> Horler: Connecting without IP?
<bekks> Do you know what an IP is, and what it is used for?
<Horler> yeah yeah
<bekks> I dont think so, honestly.
<Horler> in winscp
<Horler> It must be like root@myip?
<bekks> Without an IP, you cannot connect to an IP.
<Horler> all right I get it!
<Horler> but to generate a ssh key for my computer
<Horler> shouldn't I have ubuntu at my home?
<bekks> You already did all that, since you ran:  1229 233441 < Horler> ssh-copy-id username@remotehost
<bekks> And:
<bekks> 1229 233812 < Horler> all done as of those keys
<Horler> I did that on my ubuntu server
<bekks> Which is pointless.
<Horler> yep
<Horler> I must do it on windows command line
<rattking> ohh yeah ssh-copy-id woudl be used by the client to put their key on the server
<Horler> and then, when I copy my public key, I'll put it on my ovh control panel
<Horler> bekks: seems fine now?
<bekks> No.
<bekks> 1229 235126 < rattking> ohh yeah ssh-copy-id woudl be used by the client to put their key on the server
<bekks> You are trying to do it vice versa.
<Horler> eh
<Horler> I'll make a ssh key from windows and paste it on my vps control panel, is that correct?
<bekks> No.
<Horler> or what
<Horler> all right
<bekks> The VPS control panel is irrelevant.
<Horler> ah
<Horler> Where should I paste it then?
<Horler> authorize_keys?
<bekks> Where should you paste what?
<ikonia> this is getting sily now
<bekks> Horler: Please read https://help.ubuntu.com/community/SSH/OpenSSH/Keys first.
<ikonia> there is no way you should have a server on the internet at this stage of learning
<Horler> all right, will do. thank you so much guys
<latsni> Hi, i have a server, and i want the server to send emails (atm via sendmail) to my email address, i could do it via aliases, but unfortunately my mailserver uses greylisting and the emails of the server are not accepted. could someone give me a hint what i could search for or do, so that sendmail respect the greylisting of my mailserver? (searching the net only show me guides for implementing greylisting ..)
#ubuntu-server 2015-12-30
<Holler> quick question
<Holler> how to make user login DIRECTLY in his home directory and not anywhere else @ ssh
<joeb3_> Holler, http://allanfeid.com/content/creating-chroot-jail-ssh-access
<lordievader> Good morning.
<RoyK> gd mrnng
<lordievader> ;)
<RoyK> gss vwls wll cm ltr
<lordievader> Haven't had enough coffee for that sentence :P
<RoyK> (guess vowels will come later)
<lordievader> Ah, there they are :P
<RoyK> woke up too early - it's a day off before a day off before new year's eve and a weekend
<EmilienM> jamespage: hello, any idea when can I install mitaka on trusty with proposed repo?
<Walex2> EmilienM: don't know, but is that the "4D universe modeler"?
<Walex2> http://4d2u.nao.ac.jp/html/program/mitaka/index_E.html
<jamespage> EmilienM, hopefully by end of next week
<Holler> yeah... i'm back
<Holler> How can I make the user login in his own home directory and not anywhere else? How can I be sure?
<maswan> A login requires more than just the home directory (shell, userspace tools, etc), so no.
<Holler> Can I understand more about shells?
<maswan> Yes.
<maswan> That would be a good starting point.
<Holler> One more thing
<Holler> Ever heard of GADMIN-PROFTPD?
<maswan> Are you talking about ftps for file transfers and not login (i.e. ssh or local)?
<maswan> Then chroot is the thing to setup support for
<Holler> Yeah, there's a problem with gadmin-proftpd, it says no uppercase letters allowed but I don't have any uppercase letters anywhere in settings...
<Holler> weird
<RoyK> just don't use ftp
<Holler> What about doing all that restrictions in openssh? Is it difficult?
<RoyK> Holler: you can setup chroot with openssh, but what's the point? just set the permissions right and the user can't do much anyway
<Holler> Yep, I tried permissions yesterday
<Holler> If you may, I can tell you what went wrong
<RoyK> "tried"?
<Holler> Yep, experimented
<RoyK> chmod go-rwx -R /home
<RoyK> and ta-taa - no users can read any other users' data
<Holler> well that might work but my problem extends more than that, I there are folders other than user's home that I want them to access and not access
<Holler> I must manually do it
<RoyK> Holler: the default system config is rather secure as it is - what sort of other folders?
<Holler> game server files in home
<Holler> I want them to access SOME files, not all
<RoyK> Holler: then set the permissions correctly ;)
<RoyK> Holler: if you chroot the user to $HOME, they won't have any chance of accessing /home/somewhereelse
<RoyK> or *anywhere* else outside $HOME
<Holler> oh no
<Holler> what should I do to make them only access /home/somewhere/thisthing on logging in?
<blizzow> I plugged the second network card on a few servers into a second switch.  The main NIC is 172.16.1.2 and my router is plugged into that switch.  I've tried to configure my second network card as 10.0.0.2 but when I do ifconfig eth1 10.0.0.2 netmask 255.255.255.0, I lose all network connectivity.  How should I configure my second network card to be on a second LAN and not mow my eth0 traffic over?
#ubuntu-server 2015-12-31
<Voyage> Hi
<Voyage> My site was running just fine but now I get this error: http://pastie.org/10662388 how can I trace the reasons?
<lordievader> Good morning
<[Mew2]> Hey guys how do I set up a firewall?
<lordievader> [Mew2]: You put the appropriate rules in iptables?
<[Mew2]> How?
<[Mew2]> Is iptables already installed?
<lordievader> [Mew2]: Yes.
<lordievader> [Mew2]: https://help.ubuntu.com/community/IptablesHowTo
<[Mew2]> Thank you lordievader :)
<dbugger> Hello fellas
<dbugger> I have this server where apparently I cant log in with password, and I am not sure how to change that... This is the sshd_config configuration: http://paste.ubuntu.com/14309778/ Did I miss something?
<AvatarA> did you reload/restart ssh daemon?
<dbugger> AvatarA, yea
<EmilienM> jamespage: ack, thanks
<EmilienM> Walex2: ahah :-) it's just an openstack release
<repozitor> i configured firewall-cmd to allow only ssh, http, https, dns, mdns, openvpn, 10000 ports
<repozitor> but i see other port are open
<repozitor> what is wrong with me?
<repozitor> service firewall-cmd show me this service is running
<teward> repozitor: how are you testing open ports
<repozitor> for example 1080 port is open, but it should be blocked
<teward> remotely with nmap, or locally on the server itself
<repozitor> just telnet myServerIP 1080
<repozitor> also firewall-cmd --list-all-zones show me everything is fine.
<repozitor> any idea?
<repozitor> i mean remotely run telnet, on my computer
<_Brandon_> hi, how can I provide custom mkfs.ext4 parameters during the installation? after the partitioning in the gui it starts copying the file so I don't have time to enter the terminal and do it from there
<patdk-wk> heh? you can drop to terminal at any time
<patdk-wk> make it
<patdk-wk> then go back in and continue
<_Brandon_> yeah but I can't format the root partition while it's copying the file, I need to do it after the partitioning but before the actual installation, but maybe I've figured it out, I rebooted after it started the copy so the partition scheme is already there and I can just use mkfs
<TJ-> You can drop back to the installer menu and use the root shell at any time
<dasjoe> Lower debconf priority so it'll ask more questions
<ben___> Why would apparmor still deny "signal" in this profile? error: http://paste.ubuntu.com/14316057/ profile: http://paste.ubuntu.com/14316098/
<Humming> Hey, in this "Match User falko     ChrootDirectory /home     AllowTCPForwarding no     X11Forwarding no"
<Humming> What does chrootdirectory /home mean?
<tarpman> Humming: it is described in the sshd_config(5) man page (along with everything else in that file)
<grendal_prime> I dowloaded eclipse IDE and am running it right from a folder in my users dir.  I want it to be abailable to everyone on the machine.  Where do i need to install it so that the unity bar will acknowledge it is on the system and all users can then use it?
<grendal_prime> Im assuming in the usr/share dir but i want to make sure.
<tarpman> grendal_prime: probably a better question for #ubuntu than here, but: apt-get install eclipse
<grendal_prime> ya that version of eclipse is very out of date
<grendal_prime> as far as  #ubuntu goes i cant converse there..i got banned from there some time back over something very trivial and have not been back for some time.
<tarpman> grendal_prime: I see. anyway, /usr/share belongs to the package manager, don't put your own stuff there. for eclipse to be known to unity, you need a .desktop file for it (you could try stealing the one from the package), and it should go in /usr/local/share/applications
<grendal_prime> ok so the app should be installed in  /usr/local/share/applications and the .desktop goes where?
<tarpman> other way around
<tarpman> the .desktop goes in /usr/local/share/applications. doesn't matter where the program is, as long as the .desktop points to it
<tarpman> if you're just downloading a tarball from the eclipse web site, I'd personally unpack it in /opt/eclipse or similar
<grendal_prime> ahh got it thanks man... ya that was orginally my plan.../opt/eclipse but it didnt show in unity even after i did that.... Ya  its the desktop type stuf that i dont typically understand I use the unity desktop but know very little about it. Ive built linux servers for over 9 years now...the desktop still eludes me on several fronts.
<grendal_prime> hey this is a bit off topic (but helpfull info....conseqently what i frequently get banned for) but do you use eclipse?
<tarpman> no, I use vim :P
<grendal_prime> ok...well i would highly recommend it ..it for web dev and php type work.  I discoverd a great ssh remote access plug in for it that allows directly connecting via ssh...super easy to do real time edit.
<grendal_prime> ok...well i would highly recommend it ..it for web dev and php type work.  I discoverd a great ssh remote access plug in for it that allows directly connecting via ssh...super easy to do real time edit.1
<grendal_prime> damn it fat fingers i have..
<grendal_prime> peace out and happy new year!
<grendal_prime> hey tarpman my applications dir seems to be in /usr/share/applications
<grendal_prime> this is ubuntu 14.04  did they move it.. or
<tarpman> grendal_prime: things installed by the package manager go in /usr/share. your things do not. your things go in /usr/local/share
<tarpman> grendal_prime: if you don't have a /usr/local/share/applications, you can create it
<grendal_prime> alright...own by root correct?
<tarpman> yeah
<tarpman> grendal_prime: sorry for going on about that, but keeping package manager stuff and your custom stuff separate is pretty important for having a sane system
<grendal_prime> no totally makes sence
<grendal_prime> i just wanted to make sure.
<grendal_prime> ill just steal one from the /usr/share/applicatioins and make changes to it
<grendal_prime> that did the trick..thanks man
<genii> How can I get multiple monitors working without X? Framebuffer?
<danrik> Could somoene help me troubleshoot this one?
<danrik> https://paste.fedoraproject.org/306251/60624214/
<danrik> he following packages have unmet dependencies:
<danrik>  linux-image-extra-3.13.0-58-generic : Depends: linux-image-3.13.0-58-generic but it is not installed
#ubuntu-server 2016-01-01
<jay_> hello everybody
<jay_> i got some general questions about ubuntu-server
<jay_> apt-get update and apt-get upgrade they upgrade the packges right ?
<jay_> hi poeple
<jay_> apt-get update and apt-get upgrade they upgrade the packges right ?
<jay_> how about if i want to upgrade only one package
<jay_> can i do it
<jay_> hi kritz
<jay_> hi seabstien
<jay_> hi semajnz
<jay_> hi bilde2910
<Ben64> jay_: why
<Seveas> jay_: apt-get install package
<Seveas> that'll upgrade it if an upgrade is available.
<jay_> Ben64 its me jeevan @ jay now
<jay_> i just want to know how linux and ubuntu systems work ?
<Ben64> why would you not want all the security updates
<jay_> thats good question, how about if i want to choose one instead of all others
<jay_> actually Ben64
<jay_> the organisation im working
<jay_> they havent upgraded the ubuntu systems
<jay_> the system which im working has two vulnerabilities
<jay_> one is openssl and other proftpd
<jay_> both are scanned by nessus
<jay_> commerical license of nessus
<Ben64> step 1. sudo apt-get update && sudo apt-get dist-upgrade
<jay_> i just one general
<jay_> why does ubuntu releases version 14 and 15
<jay_> when ubuntu is backporting and supporting earlier 12.04
<jay_> i can keep doing apt-get update and apt-get upgrade every few months
<jay_> instead of changing distibution
<Ben64> apt-get dist-upgrade doesn't change distro
<Ben64> there is a new version of ubuntu released every 6 months, every 4 releases one is a Long Term Support (LTS) release. The LTS releases are supported for 5 years, the other releases are supported for 9 months.
<Ben64> the version number, such as 14.04 is the year and month of its release, 14.04 = 2014.04 = April 2014
<jay_> ok
<Ben64> 12.04 and 14.04 are the currently supported LTS releases, 12.04 loses server support in April 2017, it has already lost desktop support. 14.04 is supported until April 2019. The next LTS will be 16.04, coming out this coming April, and it will be supported until April 2021
<Ben64> ooh wait, 12.04 is supported on desktop and server for 5 years
<jay_> yes ok ok
<Ben64> the point is, do the updates already
<jay_> yes i did in the test machines after  you and rww  explaination
<Ben64> yet you keep asking about upgrading just one package
<jay_> sorry if l presummed as stubborn or dumb i will clarify my doubt
<jay_> i did some work in test machines after you left
<jay_> at present in 1 machine
<jay_> i have openssl 1.0.1 14 march 2012 and built on 2014
<jay_> but after doing apt-get upgrade
<jay_> the built on changes 2014 to 2015
<jay_> as you both people said in the morning, as ubuntu backports
<jay_> thats good
<jelly> that means you successfully applied patches and restarted relevant services that use them
<jay_> yes yes
<Ben64> so whats the problem now
<jay_> if i do apt-get changelog openssl before the upgrade and after the upgrade its same page
<jay_> its changelog page of openssl tillnow
<jay_> so that means built on 2014 is same as 2015
<Ben64> ...no
<jay_> i was asking because i need to show some proof to my superior
<jelly> jay_: zless /usr/share/doc/libssl1.0.0/changelog.Debian.gz
<jelly> that's the packaging changelog for the version that's actually installed
<jelly> erm.
<jay_> ok ok i will se
<jay_> jelly and Ben64 do you people know Built on time
<jay_> i mean what is built on means
<Ben64> can you provide context
<jay_> Im sorry Ben64 and jelly i may sound like stupid but i feel im not understanding properly
<jay_> like
<jay_> if u type openssl version -b before upgrade shows built on 2014       after upgrade     openssl version -b shows built 2015
<jay_> im presenting working in patch management for linux server
<Ben64> thats when it was compiled
<jay_> so i'm thinking that compilation date is same as ubuntu backports
<jay_> am i right ?
<Ben64> probably
<jay_> ok
<jay_> since i work in patch management team i need to be techincally good and explainable
<jay_> i dont mean im depending on you
<jay_> but im getting all the facts and understanding i can from people and search engines
<ikonia> jay_: would it not be better to talk to the more experienced people in your team
<ikonia> explain to them where you feel you're not clear on things and ask them to explain and how it falls in lines with the teams polcies/processes
<jay_> what you said is right, its not exactly easy but i will try , they will look for weakness in a person  not honesty
<jay_> i will try
<ikonia> it seems the more logical approach
<jay_> suppose if i didnt perform this patch properly i will be considered as non-competent candidate
<jay_> or not worthy candidate
<jay_> ofcourse logically its true.
<ikonia> talk to the team explain your knowledge gap, ask them to explain and critical how it fits in with the teams process/policies
<jay_> the point we even dont have KT knowledge transfer at all
<jelly> jay_: if your audit people can provide exact CVE numbers for the vulnerabilities their script thinks are present, you can look at the changelog for libssl1.0.0 and see if those are fixed or not.  You can also look up specific CVE numbers on http://people.canonical.com/~ubuntu-security/cve/ and see which versions they were fixed in, if they're fixed.
<jay_> i have all the CVE numbers
<jay_> i will check once again
<jay_> im sorry if u feel irritated by my continous questing , im just not smart enough to understand just in one line
<jelly> eg. http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-3195.html
<jay_> after Ben 64 and RWW explanations i went and did some virtualbox testing for 3 hours
<jay_> at present
<jay_> Ubuntu 12.04 LTS (Precise Pangolin):	released (1.0.1-4ubuntu5.32)      im here
<jay_> my nessus report says
<jay_> to upgrade to 1.0.2e
<jay_> or 1.0.1g or 1.0.1h
<jay_> what do i do
<ikonia> read about back porting
<ikonia> or talk to your team about their policy on back porting
<ikonia> (or accepting back porting)
<jay_> ok
<jay_> kindly check these
<jay_> http://www.tenable.com/plugins/index.php?view=single&id=73412
<jay_> http://www.tenable.com/plugins/index.php?view=single&id=77200
<ikonia> why ?
<jay_> i was stuck here
<ikonia> check them for what ?
<jay_> to show my problem is real
<jay_> tats all
<ikonia> what ?
<ikonia> your problem is your don't understain how to maintain a system and you haven't learnt your teams policies/practices
<ikonia> understand sorry
<jay_> that i agree
<ikonia> ok - so go and deal with that
<jay_> im sorry
<ikonia> no need to be sorry
<Ben64> its not a real problem
<Ben64> CVE-2014-0224 was fixed June 5th 2014
<Ben64> in openssl 1.0.1-4ubuntu5.14
<Ben64> wait, was fixed june 2nd
<jay_> i understand ur point, as i said in the morning the superior is stuck on , that nessus i saying to upgrade to 1.0.1h or later why havent upgraded ?
<ikonia> then talk to him
<jay_> i was thinking from his perspective and i got all doubts linked
<jelly> jay_: default nessus db is full of false positives
<ikonia> it's not our problem to convince your team / set your team's policy
<jay_> software management and security maintenance
<jay_> ohhh
<jay_> i understand its not at all linked to ubuntu people
<jay_> i completely understand
<jelly> they check the version numbers instead of actual vulnerability, and they have no idea what debian or ubuntu have fixed while _keeping_ the upstream version
<jay_> atleast im getting these all knowledge from you all people
<jay_> yes yes you are 100% jelly
<jelly> you need to explain their tools are crap, in an acceptable way
<jay_> what im understanding from 5 hours of activity on this single openssl
 * jelly is jelly that's true
<jay_> yes yes you are 100% jelly right
<jay_> ok
<jay_> thank you everyone
<jay_> thank you jelly Ben64 ikonia
<jay_> generally on ubuntu server we dont compile from source right ? we do all from repositories right
<ikonia> yes
<jay_> ok
<jay_> and i should not PPA to live servers right ?
<jay_> i mean only if i trust them thats different point
<ikonia> it's up to you what you use
<jay_> but generally we dont add PPA unless its needed compulsory
<ikonia> and what is in line with your TEAM POLICY
<ikonia> no
<ikonia> it's up to you what you do
<jay_> hmm
<jay_> ok
<jay_> ubuntu doesnt has PPA offically  right ?
<ikonia> there are PPA's provided by ubuntu projects
<jay_> i mean its collboration right
<jay_> but not official
<ikonia> what ?
<ikonia> there are official ubuntu projects with PPA's
<jay_> any example please
<ikonia> no
<ikonia> look in launchpad
<ikonia> look at the teams that own / maintain the PPA's
<jay_> yes yes i have seen
<jay_> launchpad.net/ubuntu
<jay_> is this official
<jay_> how do i call it official or not i dont know
<ikonia> look at the team that owns it
<jay_> the team is ubuntu members
<ikonia> you've not even linked to a PPA
<jay_> maintainer is ubuntu techinical board
<ikonia> so that is an official ubuntu project account
<jay_> ok ok ok
<jay_> i asked the basic question official or not, because generally in ubuntu site at installation software page it says add PPA  on your own risk.
<ikonia> and thats true no matter who owns/maintains it
<jay_> thats why i felt it may not be official
<jay_> ok ok ok
<jay_> i think im getting confused by myself
<jay_> i guess im speaking with my half knowledge about every topic
<jay_> i need to get more knowledge
<ikonia> just talk to your team
<ikonia> and ask about their policies and practices
<jay_> since you said and recommended i will talk
<jay_> ok general question
<jay_> why a person should not compile from source ?
<ikonia> again - talk to your team
<jay_> is it because its hard to adjust with dependencies
<jay_> ok ok
<ikonia> they can explain why that is bad
<jay_> nothing nothing ok ok ok
<jay_> i have new doubt
<jay_> why Organisation (ubuntu and redhat) does backporting instead of just   adding the new versions in their repositories ?
<Ben64> that was explained to you hours ago
<jay_> i understand that ubuntu is supporting 12.0.4 by helping security updates (backporting)
<jay_> any specific technical and logical reason behind it
<Ben64> reason behind what
<jay_> reason behind : instead of doing the backporting why doesnt organisation just add the new verisions of packages ?
<Ben64> yes, that was explained to you a few times hours ago
<jay_> ok i will check
<jay_> ok thank you all ikonia : Ben64 : jelly i saved the chats for my reference
<jay_> thank you once again and Happy new year to you people. i wil be logging out now
<RoyK> bug 833562 says a bit about bug fixing for ubuntu server ;)
<ubottu> bug 833562 in grub2 (Ubuntu) "grub-update doesn't check for removal of kernels" [Undecided,Invalid] https://launchpad.net/bugs/833562
<RoyK> happy new year :D
<devster31> is there a command I can use to get the ip address from the hostname? grepping /etc/hosts returns multiple results and it would be better to have a command for this...
<devster31> and no, "host" is not a valid command on my box for some reason
<m1dnight_> I have set up a bridge for my kvm hosts but i cant seem to access the internet.
<m1dnight_> I can ping 8.8.8.8 etc though.
<m1dnight_> but dns doesnt work
<volkswagner> Happy New Year!
<volkswagner> I'm running Ubuntu 14.04.2 LTS \n \l as KVM guest. The small root partition is getting full. I'm in a catch 22 with removing old kernels via autoremove and getting apt-get install on track.
<volkswagner> I'm getting disk full error via apt-get install -f, even after removing log files and such to gain double the space reported needed by apt.
<volkswagner> apt-get install -f  "says" > Need to get 0 B/46.4 MB of archives. After this operation, 229 MB of additional disk space will be used. and / has 671M avialable, yet still get disk full error
<volkswagner> Should I start the manual removal of old kernels? Does anyone know why it seems I have enough space to complete the apt-get install task, yet still get disk full error?
<volkswagner> here is full output of apt-get install -f http://pastebin.com/CyFMzcfB
<volkswagner> actually that was not full output, here is the error portion after saying yes install http://pastebin.com/bXyUCpPd
<volkswagner> I only have separate partitions for /srv everything else is mounted at / in an 8gig partition
<jelly> volkswagner: run a "du -x / > du-x-root.$(date -I)"  then look at "sort -n du-x-root.$(date -I) | tail -n 40" for largest contributors.  Consider setting up your systems with LVM, next time.
<jelly> volkswagner: different filesystem types have different sizes of reserved space, with low space conditions what "df" reports may not be exact
<volkswagner> I have used du to clear up space. shouldn't 671M available be enough space to complete apt-get install asking for 229M of disk space?
<jelly> which fs type is it?
<jelly> is it something weird like btrfs?
<volkswagner> EXT4
<jelly> who knows
<volkswagner> Where should I go from here? Should I manually remove old kernels?
<jelly> manually?
<JanC> it needs space for the package, and space for the unpacked files
<jelly> do a dpkg -S /boot/vmlinuz*
<jelly> then apt-get remove linux-image-old-1 linux-image-old-2 ...
<jelly> keep one or two known working versions
<volkswagner> jelly here is output http://pastebin.com/yC4yFfPs
<volkswagner> I will try remove
<jelly> I'm confident you can figure out the package names from that output even without looking at it!
<JanC> autoremove should be able to remove kernels
<volkswagner> jelly I can't use apt-get at all because of partially installed or non fully installed. I keep getting error run "apt-get install -f" which fails with disk space error, hence my catch 22 complaint ;)
<jelly> volkswagner: dpkg --remove ... then
<volkswagner> Janc, yest automove should, but it fails with similar error here http://pastebin.com/YAL3PkSM
<volkswagner> I'll try dpkg
<jelly> 8GiB ought to be quite enough for a server system tho.  Tho we keep /var separate.
<jelly> still, lvm <3 ... keep mount points small initially and grow where needed
<JanC> I assume you cleaned out stuff under /var/cache ?
<volkswagner> Is it possible I need to reboot? I see uname -a is 3.13.0-63-generic, yet dpkg -S /boot/vmlinuz* shows *65-generic and *74-generic
<volkswagner> Here is error I get when trying to use dpkg to remove http://pastebin.com/m2i6s5yq
<volkswagner> Janc
<volkswagner> I do have 86M in /var/cache/apt-xapian-index
<volkswagner> It is likely in the past I ran upgrade without rebooting, which may have included kernel upgrade, but never rebooted
<volkswagner> I'm not sure why I didn't use LVM. I do have it on the KVM hostâ¦ not much use for the guest though
<volkswagner> I think I was concerned about possible overhead, LVM in guest on top of LVM host. This was thought about without any research or confirmation if there is such an overhead issue ;)
<JanC> if you remove linux-image-3.13.0-46-generic you also have to remove its dependents like linux-image-extra-3.13.0-46-generic
<volkswagner> JanC: Thank you, that seems to work!
<volkswagner> I see dpkg also reconfigures Grubâ¦ Let me remove more and see how it goes
<JanC> to remove grub entries for removed kernels
<volkswagner> Yes, the manual method I was thinking of required manually updated grub. I ran it years ago, but couldn't find it today.
<CiPi> Happy New World Order ppl
<volkswagner> JanC: jelly and others, thank youâ¦ Disk space went from 91% full to 51% full. Now apt-get install -f is running! Thank You, Thank You, Thank You!
<volkswagner> I'll be keeping a closer eye on old kernels in the future
<volkswagner> I guess apt-get install will need an output like "will need xxxMB working disk space to complete your request" for guys like me, hahaha
<JanC> that's hard to predict for all sorts of reasons
<volkswagner> JanC: I believe that! I guess lessoned learnedâ¦ "don't think you're smarter than the devs, believe the error despite what you (I) think"
<johnsmith> I'm trying to set a static IP on a secondary NIC on an Ubuntu server (14.04) VM. I've added an entry for eth1 (the second NIC) in /etc/network/interfaces and restarted the networking service. I then ran ifconfig eth1 up. I can see the second interface with I run ifconfig, but it doesn't have an inet addr, bcast or mask even though I set a static IP in /etc/network/interfaces. I'm not sure what I am doing wrong
<ikonia> are you using network manager ?
<johnsmith> command line
<ikonia> thats not what I asked
<johnsmith> I don't understand what you mean by network manager
<ikonia> it's an application used to control the network cards
<johnsmith> then no
<ikonia> then your interfaces file is wrong
<johnsmith> I have: auto eth1 \ iface eth1 inet static \ address 10.1.1.132 \ netmask 255.255.255.0 \ network 10.1.1.0 \ broadcast 10.1.1.255 (\ denoting new line)
<ikonia> something is wrong in it, or it would be working
<ikonia> go through it again,
<johnsmith> I'm using the second interface (eth1) to c reate an internal network on an ESXi host. I've created the vSwitch for the internal network, and assigned the eth1 interface to the internal network vSwitch. As I understand it, I just need to put each gues VM on the same subnet so that they can communicate with eachother via the internal network. Am I missing part of the concept or is this just a configuration error?
<ikonia> that should have nothing to do with the card getting an IP or not
<johnsmith> alright
<johnsmith> thanks
#ubuntu-server 2016-01-02
<gchristensen> Hi, does cloud-init support formatting drives?
<ikonia> I'd be surprised if there isn't a module for it
<ikonia> but I've never seen it
<gchristensen> https://github.com/number5/cloud-init/blob/master/doc/examples/cloud-config-disk-setup.txt#L8-L18 humm
<gchristensen> this seems too common of a task for cloud-init to not be implemented, but who knows. I'll do digging
<sandGorgon> hi guys - what is the recommended  docker storage backend for ubuntu  ? I'm not able to figure out whether I should use devicemapper, aufs, etc ?
<p4rtiz4n> hey guys
<p4rtiz4n> who could give me a hand? :/
<p4rtiz4n> its not gonna be about software but hardware instead, id like to discuss this PM, anybody could help me?
<p4rtiz4n> list
<lordievader> Good morning.
<Walex2> sarnold: Docker seems to work well with BTRFS
<lmw> hi
<lmw> what is the difference of ubuntu server vs debian in server environments?
<rww> not much. mostly the same difference between Ubuntu and Debian in general: more up to date packages sometimes, support from Ubuntu people instead of Debian people, etc.
<rww> we run mixed Debian and Ubuntu servers at work, 99% of the time they function identically
<rww> (we're transitioning from one to the other for non-technical reasons)
<lmw> ok, thank you, rww
#ubuntu-server 2016-01-03
<[Mew2]> hey anyone here?
<joeb3_> [Mew2], just ask. someone will answer.
<[Mew2]> Hey
<[Mew2]> I setup fail2ban and it's not blocking ip's
<[Mew2]> Ssh failed logins specifically is what I'm testing
<[Mew2]> [ssh] = true in the config
 * [Mew2] whistles
<joeb3_> [Mew2], https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-ubuntu-14-04
<joeb3_> I'm checking that.
<[Mew2]> joeb3_ thats the guide i followed, minus the email server parts
<joeb3_> [Mew2], did you try to connect 6 times?  18 passwords?
<joeb3_> [Mew2], also look at /var/log/fail2ban.log.  It should show ssh is enabled, the max retry, and bantime.
<[Mew2]> i connected 10 times
<[Mew2]> can i pastebin this log and my config?
<joeb3_> yes
<joeb3_> [Mew2], http://imagebin.ca/v/2S86T61xuo2K
<[Mew2]> ok so
<[Mew2]> you were able to make a ban
<[Mew2]> using my config? or a diff one
<joeb3_> [Mew2], that was a default install
<[Mew2]> hmm
<joeb3_> are you connecting from a different machine?
<[Mew2]> yes
<[Mew2]> on which connection did it ban u?
<[Mew2]> 7th?
<joeb3_> Yes.  I typed the wrong password 18 times.
<[Mew2]> using putty i hit a wrong username and it disconnects me
<[Mew2]> i do this 10 times
<[Mew2]> and it keeps going, never a ban
<joeb3_> Try a valid username, wrong password.
<[Mew2]> i dont have a password
<[Mew2]> using key auth
<[Mew2]> i tried this with and without the key, never a ban
<JanC> there also is a time limit
<[Mew2]> i did it within about 2 minutes
<[Mew2]> hmm
<joeb3_> [Mew2], what does iptables -S show?
<[Mew2]> let me pastebin it, sec
<joeb3_> Let me try with ufw
<[Mew2]> k
<joeb3_> Still works with ufw.
<[Mew2]> ok
<[Mew2]> maybe im not testing this properly?
<joeb3_> do you see the "authentication failed" messages in /var/log/auth.log?
<joeb3_> it should show the ip address that is connecting.
<[Mew2]> no there is no failed authentication message
<joeb3_> ok, that's where fail2ban looks.
<joeb3_> so now you have to figure out where your ssh is logging.
<TJ-> possibly changeled SyslogFacility or LogLevel in /etc/ssh/sshd_config
<joeb3_> or grep "Failed password" /var/log/*
<[Mew2]> ok now i cant ssh
<[Mew2]> i think it worked
<[Mew2]> how long is the initial ban?
<joeb3_> ten minutes
<[Mew2]> ok
<[Mew2]> i think it worked, ill check in 10 minutes,
<joeb3_> [Mew2], did you find the problem
<[Mew2]> i dont know
<[Mew2]> i tried to ssh in as many times as i could as fast as i could
<[Mew2]> and something must have triggered it
<[Mew2]>  /var/log/fail2ban.log
<[Mew2]> this is where i can verify if it worked?
<joeb3_> yes
<[Mew2]> ok ill check that in a few minutes
<[Mew2]> thank you so much joeb3_ TJ- and JanC :)
<[Mew2]> fail2ban.actions: WARNING [ssh] Ban
<[Mew2]> fail2ban.actions: WARNING [ssh] Unban
<[Mew2]> :-d
<[Mew2]> i am so sorry
<[Mew2]> i dont know what i was doing wrong
<[Mew2]> i guess i wasnt testing it correctly
<[Mew2]> do you guys know if i can use this for other ports then just ssh?
<joeb3_> yes, look at the samples in the config file.
<[Mew2]> so to confirm am i doing this on jail.conf or jail.local
<joeb3_> jail.conf
<[Mew2]> thank you :)
<lordievader> Good morning.
<jelly> [Mew2]: ideally you'd put customizations in jail.local so the default config files are managed transparently on package upgrades
<wrksx> hello there
<wrksx> Is ubuntu server a special distrib?
<wrksx> I'm on "Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-73-generic x86_64)" it's not server, is it?
<sisve> wrksx: "Ubuntu has a server edition that uses the same APT repositories as the Ubuntu Desktop Edition. The differences between them are the absence of an X Window environment in a default installation of the server edition [...]" - https://en.wikipedia.org/wiki/Ubuntu_(operating_system)#Ubuntu_Server
<Sling> yeah apart from the installation procedure and cd/dvd contents there isn't really a difference anymore these days
<Sling> in the past there were server optimized kernels etc
<wrksx> okay. How can I know if I'm on server version or not? I didn't installed the system myself
<Sling> there is no server version
<sisve> For what purpose are you asking?
<Sling> you just have ubuntu
<Sling> what packages you install define whether it's suitable for desktop or server use
<Sling> (or both)
<wrksx> sisve, because I want to know what is "ubuntu server" and if i'm using it or not. But it looks like "ubuntu server" is a virtual distrib, isn't it?
<Sling> wrksx: we've said what the differences are, read up
<sisve> It's just the name of a template of installed packages.
<Sling> it's not a separate distribution
<wrksx> okay I get it thanks
<sisve> I've got virtual machines that are connected to a datacenter-wide public (but internal to the datacenter) network. I'm trying to limit access to my machines on this internal network to my trusted machines. I often create new machines and would prefer to avoid the hazzle of updating iptables rules every time I add another machine. What's the correct way to solve this?
<simosx> wrksx, you can verify if it is not Ubuntu Desktop, by the absense of packages. For example, with "apt-cache policy unity" you can check whether Unity is installed. If it is not, then it's not Ubuntu Desktop.
<Sling> sisve: configuration management like puppet could help there
<Sling> or ansible, chef, etc.
<wrksx> simosx, I guess it's not desktop since it's a cmd line only install
<sisve> I'm looked into ipsec, but it looks like I need to configure for every single connection (5 machines => 5*4=20 connection). This mail got me all warm inside, but it seems outdated by now. https://lwn.net/Articles/184670/
<teward> Sling: not sure that's the question they're asking, since they want to avoid having to do that to update their trusted machnes' iptables
<simosx> wrksx, well, it's possible to configure Ubuntu Desktop to only start the cmd line.
<sisve> teward: Well, perhaps it's just me being totally off in my approach to. But updating iptables means that I would need to touch _all_ machines everytime I add one more machine.
<Sling> sisve: with centralized configuration management you could avoid this
<Sling> it's quite simple to use puppet only for iptables and leave the rest of the system as-is
<teward> ahh, OK, sisve
<Sling> set up one of your systems as puppet master
<teward> then puppet or chef or such are where you want to go :P
<wrksx> simosx, "unity:
<wrksx>   Installed: (none)" =)
<teward> (though, having individual separate subnets, one for 'trusted' one for 'not trusted' is likely a better way to go)
<teward> wrksx: simosx: there's another way to determine
<Sling> yeah the other approach would be overlaying your own network with one or more router-vm's
<teward> wrksx: `apt-cache policy ubuntu-desktop`
<Sling> or rather, getting your own vlan on this network
<wrksx> Installed: (none)
<teward> check for the metapackage, if `ubuntu-desktop` exists then it was installed with the Desktop ISO and has the entire default Desktop suite of applications, however the ultimate point is that Desktop and Server aren't truly specialized on their own
<wrksx> nice channel guys, keep up the good work
<wrksx> bbye
<teward> Sling: that might be the more sensible long term approach for them, because they then don't have to handle firewalling each machine individually
<teward> which, affecting each system, is a headache in the long term and isn't really scalable
<sisve> teward: My virtual hosting solution does not allow me per-customer networking; all machines are connected to the internet and optionally a "private network", but it is only private as in "datacenter-wide". All customers are on the same private network.
<teward> sisve: then your remaining option is Chef / Puppet
<teward> as Sling suggested
<Sling> sisve: give https://forge.puppetlabs.com/puppetlabs/firewall a read
<Sling> and test test test before you roll it out in production
<Sling> nothing worse than making all your servers unavailable because of a puppet firewall messup :)
<sisve> teward, Sling: Sorry, got pinned down by the concept of "reality". I'll read up on Puppet and that guide now.
<teward> Sling: serial consoles are for that reason :P
<RoyK> teward: or network consoles?
<teward> that too :P
<RoyK> teward: a wee bit simpler since most things are networked these days, and it should track mostly everything except nic driver failures
<teward> indeed.
<teward> *sigh* guess it's time to test NGINX 1.9.9 on Xenial before i upload... VMs are annoying >.>
<patdk-lap> http://unix.rulez.org/~calver/pictures/vippy.png
<RoyK> [A
